[Linux-cluster] A fencing mechanism for Xen (or KVM) guests
Fabio M. Di Nitto
fdinitto at redhat.com
Fri Nov 19 18:41:40 UTC 2010
On 11/17/2010 09:36 PM, Andrew Gideon wrote:
>
> I found myself unhappy with what I located for fencing of Xen guests, so
> I put together a new mechanism. Would this be of interest to anyone
> else?
>
> The node on which fence_node is called uses SSH to connect to the list
> of hypervisors. The connection is key based, which limits the nodes to
> execution of the specific fencing command and also lets a given node
> fence only a guest that's in a specific list. This prevents a node of
> one cluster from fencing a node of another even if they reside on the
> same set of hypervisors.
>
> The fencing script issues the fence command (via SSH) to each
> hypervisor. Success of the command requires either (1) a guest of the
> specified name is found and destroyed o at least one hypervisor or (2)
> every hypervisor has been visited and reported that there is no such
> guest running.
>
> #2 was an interesting choice, BTW, on which I'd welcome feedback. The
> alternative would have been to presume that an unreachable hypervisor
> was down. That didn't seem like the best choice to me, but I'm curious
> what others might think.
We have already several mechanism in place to achieve the same but if
you can post your fence_agent, we can be more productive and see what's
missing from the current methods, or eventually include it in RHCS.
Marek is the fence agent maintainer (in CC).
Lon wrote both fence_xvm(d) and fence_virt(d) (in CC).
Federico wrote a VM tracking system to handle similar situation (in CC).
Fabio
More information about the Linux-cluster
mailing list