Hi all, currently in order to enable automatic fencing on the controllers we need to pass something like the following yaml to an overcloud deploy: """ EnableFencing: true FencingConfig: { "devices": [ { "agent": "fence_xvm", "host_mac": "52:54:00:2d:bb:38", "params": { "multicast_address": "225.0.0.12", "port": "osp8-node1" } }, { "agent": "fence_xvm", "host_mac": "52:54:00:e9:f4:a8", "params": { "multicast_address": "225.0.0.12", "port": "osp8-node2" } }, .... """
the problem with this approach is two-fold: 1) The stonith resources will be named something like "stonith-xvm-5254002dbb38". This is rather suboptimal for a sysadmin as it is really important to know which node is actually behind that stonith device without looking at a db containing mac addresses<->node-name. Both for troubleshooting purposes and for monitoring the health of the cluster. 2) While trying to build a template to configure instance HA, which also requires the computing nodes to be fenced, the current implementation is not really workable, because it assumes that each node has the pcs command and it will basically check that the node where puppet runs matches a macaddress in the FencingConfig table and will create the stonith class in such a case. Compute nodes cannot invoke the pcs command so the stonith devices for them need to be created on a controller and they need the fencing information (node name + fencing info) Jiri Stransky and I discussed this a bit and thought that it would be best to bring it on the ML first to see if other people have opinions on how to tackle this problem. Ideally we would have the FencingConfig info above amended with the hostname of the node and then we could implement the fencing for controllers + compute nodes in one of the steps in overcloud_controller_pacemaker.pp. Right now, one approach I am toying with is by tweaking extraconfig/all_nodes/mac_hostname.yaml and then on a controller parse the macaddresses + hostname and execute the pcs stonith commands on a controller. It's quite hacky though, so am looking for other input on this. cheers, Michele -- Michele Baldessari C2A5 9DA3 9961 4FFB E01B D0BC DDD4 DCCB 7515 __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev