On 19 Feb 2014, at 11:20 am, JR <[email protected]> wrote:

> Hi Andrew,
> 
> Yes, this is for an ha cluster made of instances running in openstack.
> 
> I'm testing running a two node gfs2 (or perhaps ocfs2) cluster using
> VMs. If I can get it all working and it's stable there are reasons why
> running it as VMs would be handy (obviously).  However, if there are
> issues that derive from the node's virtualness, I have the option to run
> these services on the physical hosts.
> 
> For this testing, I've used the private IP of each node that nova
> provided when the nodes were booted.  In my particular environment, I
> automatically bring up nodes with names which identify their functions;
> chef recipes then run and can search for the IP of the other partner
> when configuring linux-ha

Right, but how do you tell the surviving node about the IP of the new node?
I assume you're using udpu not multicast?

> (this is theoretical as I'm doing everything
> by hand now; I can see that getting this right in recipes might be
> non-trivial).
> 
> As for authentication: fence_openstack runs as root on the openstack
> physical host(s);

You're ssh'ing from an instance to a physical openstack host... thats... 
interesting :)

> when it ssh's in, root's .bashrc sources the admin
> creds from openstack so the call to nova list and nova reboot succeed.
> 
> Please note: as I said in the original post, my fence_openstack has 20
> minutes of coding in it and not much more thinking about it. I assume
> that someone who really knows these issues would fix any issues or shoot
> down the methodology as unworkable, broken, insecure, etc... ;-) Given
> your difficulties earlier, I'd not be terribly shocked if I've
> overlooked something critical.
> 
> Best,
> JR
> 
> On 2/18/2014 4:47 PM, Andrew Beekhof wrote:
>> 
>> On 19 Feb 2014, at 9:15 am, JR <[email protected]> wrote:
>> 
>>> Greetings,
>>> 
>>> Someone on the linux-ha irc channel suggested that perhaps this agent
>>> might be of use to others using openstack.
>>> 
>>> Note: it's based on fence_virsh and was written in about 20 mins; it
>>> seems to work for me but YMMV.
>> 
>> Question... this is for openstack instances acting as cluster nodes?
>> If so, how did you get them to use predictable IPs that corosync could bind 
>> to?
>> Also, how did you provide authentication for the nova client?
>> 
>> I created https://github.com/beekhof/fence_openstack but gave up on it 
>> because corosync wasn't able to function.
>> 
>> 
>> 
>> _______________________________________________
>> Linux-HA mailing list
>> [email protected]
>> http://lists.linux-ha.org/mailman/listinfo/linux-ha
>> See also: http://linux-ha.org/ReportingProblems
>> 
> 
> -- 
> Your electronic communications are being monitored; strong encryption is
> an answer. My public key
> <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4F08C504BD634953>
> _______________________________________________
> Linux-HA mailing list
> [email protected]
> http://lists.linux-ha.org/mailman/listinfo/linux-ha
> See also: http://linux-ha.org/ReportingProblems

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

Reply via email to