[Linux-cluster] A fencing mechanism for Xen (or KVM) guests

[Fabio M. Di Nitto]

On 11/17/2010 09:36 PM, Andrew Gideon wrote:
> 
> I found myself unhappy with what I located for fencing of Xen guests, so
> I put together a new mechanism.  Would this be of interest to anyone
> else?
> 
> The node on which fence_node is called uses SSH to connect to the list
> of hypervisors.  The connection is key based, which limits the nodes to
> execution of the specific fencing command and also lets a given node
> fence only a guest that's in a specific list.  This prevents a node of
> one cluster from fencing a node of another even if they reside on the
> same set of hypervisors.
> 
> The fencing script issues the fence command (via SSH) to each
> hypervisor.  Success of the command requires either (1) a guest of the
> specified name is found and destroyed o at least one hypervisor or (2)
> every hypervisor has been visited and reported that there is no such
> guest running.
> 
> #2 was an interesting choice, BTW, on which I'd welcome feedback.  The
> alternative would have been to presume that an unreachable hypervisor
> was down.  That didn't seem like the best choice to me, but I'm curious
> what others might think.

We have already several mechanism in place to achieve the same but if
you can post your fence_agent, we can be more productive and see what's
missing from the current methods, or eventually include it in RHCS.

Marek is the fence agent maintainer (in CC).

Lon wrote both fence_xvm(d) and fence_virt(d) (in CC).

Federico wrote a VM tracking system to handle similar situation (in CC).

Fabio