Github user remibergsma commented on the pull request:
https://github.com/apache/cloudstack/pull/1568#issuecomment-222315777
Hi @dsclose The passwd server should not run on the backup router, the same
counts for dnsmasq. Cloud-init will get the passwd from the server it got the
ip address from (on the direct ip, not the vip) so it is not needed.
It's a nice idea to have "redundancy" here but it will lead to unexpected
problems. Imagine a VM starting and getting the passwd from the master, which
marks it as sent. Then the VM restarts and a failover had taken place. Now it
gets the same password from the new master (old backup, which has not been
marked as retrieved). If a user had changed the password manually, it is now
being reset to the previous one. We had this going in in production for a while
and it confuses users a lot. Keep it simple, run on the master only.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
