Florent DUTHEIL a écrit :
Lars Marowsky-Bree a écrit :
On 2008-06-09T16:25:25, Florent DUTHEIL
<[EMAIL PROTECTED]> wrote:
One can see clearly in logs (when it comes to mount the first
"bind/ro" ressource:
Filesystem[2688][2718]: 2008/06/09_16:10:08 INFO: Running start for
/mnt/filer1/drivers on /var/ftp/labtech/labtech_drivers
Filesystem[2688][2719]: 2008/06/09_16:10:08 ERROR: DANGER! on
/mnt/filer1/drivers is NOT cluster-aware!
Filesystem[2688][2720]: 2008/06/09_16:10:08 ERROR: DO NOT RUN IT AS
A CLONE!
Filesystem[2688][2721]: 2008/06/09_16:10:08 ERROR: Politely refusing
to proceed to avoid data corruption.
Well, I think that's fairly explicit. ;-) It tries to guard against
errors - such as users accidentially trying to clone an ext3 mount.
Do I havet to "hack" the FS agent code to make him ignore every FS
ressources that have the "bind" option?
I suppose I would have to modify this statement:
[snip]
Yes, you'll need to detect bind mounts here and permit them.
In my view, cloned "binded" FS ressources (let call it the "B" FS
ressource) should always be allowed. Because the original FS ressource
(let call it the "A" FS ressource) that is re-mounted as binded is
already protected against unauthorized FS resource cloning.
For example, in the case of an ext3 ressource (A), this ext3 FS won't
be cloned (FS agent protection) so there won't be any HB/cluster
breakage problem if the cloned "binded" remonted FS ressource (B) is
allowed.
Indeed B can always be mounted on a Linux system but simply won't show
files from A. It's up to the cluster designer to set constraints or
groups to make B be mounted only if A actually is.
If I'm not wrong, I really think that the FS agent protection against
cluster unaware FS should be disabled upstream for "binded" FS
ressources.
Please feel free to argue and tell me if I'm wrong :)
Ok, so that works now when modified the agent
/usr/lib/ocf/resource.d/heartbeat/Filesystem (added the "grep" to the
statement, line 796)
case $FSTYPE in
ocfs2) ocfs2_init
;;
nfs) : # this is kind of safe too
;;
*) if [ -n "$OCF_RESKEY_CRM_meta_clone" ] && echo
"$OCF_RESKEY_options" | grep -v -q bind ; then
ocf_log err "DANGER! $FSTYPE on $DEVICE is NOT
cluster-aware!"
ocf_log err "DO NOT RUN IT AS A CLONE!"
ocf_log err "Politely refusing to proceed to avoid data
corruption."
exit $OCF_ERR_GENERIC
fi
;;
esac
I'm still convinced this (or something less "dirty hack looking" :))
should be modified in the upstream agent version.
Regards,
Florent.
-- Disclaimer ------------------------------------
Ce message ainsi que les eventuelles pieces jointes constituent une
correspondance privee et confidentielle a l'attention exclusive du destinataire
designe ci-dessus. Si vous n'etes pas le destinataire du present message ou une
personne susceptible de pouvoir le lui delivrer, il vous est signifie que toute
divulgation, distribution ou copie de cette transmission est strictement
interdite. Si vous avez recu ce message par erreur, nous vous remercions d'en
informer l'expediteur par telephone ou de lui retourner le present message,
puis d'effacer immediatement ce message de votre systeme.
***
This e-mail and any attachments is a confidential correspondence intended only
for use of the individual or entity named above. If you are not the intended
recipient or the agent responsible for delivering the message to the intended
recipient, you are hereby notified that any disclosure, distribution or copying
of this communication is strictly prohibited. If you have received this
communication in error, please notify the sender by phone or by replying this
message, and then delete this message from your system.
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
