[Linux-cluster] A fencing mechanism for Xen (or KVM) guests

[Andrew Gideon]

I found myself unhappy with what I located for fencing of Xen guests, so
I put together a new mechanism.  Would this be of interest to anyone
else?

The node on which fence_node is called uses SSH to connect to the list
of hypervisors.  The connection is key based, which limits the nodes to
execution of the specific fencing command and also lets a given node
fence only a guest that's in a specific list.  This prevents a node of
one cluster from fencing a node of another even if they reside on the
same set of hypervisors.

The fencing script issues the fence command (via SSH) to each
hypervisor.  Success of the command requires either (1) a guest of the
specified name is found and destroyed o at least one hypervisor or (2)
every hypervisor has been visited and reported that there is no such
guest running.

#2 was an interesting choice, BTW, on which I'd welcome feedback.  The
alternative would have been to presume that an unreachable hypervisor
was down.  That didn't seem like the best choice to me, but I'm curious
what others might think.

Thanks...

	Andrew