The LocalResourceManager[1] been requested to model fencing operations as resource operations.
AlanRobertson[2]: I think this sounds like a big win if we can do this, but as of now, I'm not 100% sure if we know we can do this. More details on this can be found in the NodeFencing[3] page. Also, for some reason, I thought this might also include ResourceFencing[4] (since, after all, our main object is a resource). So, this is unclear to me at the moment.
HuangZhen[5]: what is the define of ResourceFencing[4]? As my understanding, it means that if the "stop" operation does not work or needs a long time to finish, we can use "fence" operation to stop the resource immediately. If so, it is the RA do the final work of ResourceFencing[4]. LRM will just add a type of operation.
LarsMarowskyBree[6]: I do not think ResourceFencing[4] needs to be handled specially by the LocalResourceManager[1]. Either a resource is self-fencing, in which case we just start it up, knowing that it will handle all of it internally (and the monitor/status operation would inform us if a reservation was pulled out from under us), or we need to perform a special 'reserve' command - but I would argue that we should encapsulate this into a special ResourceAgent[7], say SCSIReservation, which the Filesystem resource would then depend on - from the point of view of the LRM, no special handling at all is required for either of these two.
LarsMarowskyBree[6]: Picking up this discussion, we have not seen any great objection to modelling a STONITH controller as a resource. I'll try to summarize the discussion:
A given STONITH device will be controlled by a STONITH controller resource; this will be allocated by the ClusterResourceManager[8] on a selected node via the LocalResourceManager[1].
To make sure there's no confusion between the resource agents[7] and the StonithAgents[9], they will be mapped to a special resource class stonith in addition to ocf, lsb, heartbeat etc. They will also be searched for in a different path. See the StonithAgent[10] page for a detailed list of differences etc.
But essentially, they provide an additional fence operation via which we can ask them to shot a given set of nodes and report back the result.
This has the advantage that we can monitor the STONITH device using the regular monitor code path and find out early on when a STONITH device becomes unuseable.
From the LocalResourceManager[1] point of view, this seems to be fairly straight-forward. The only real change is searching for the stonith class agents in a different path; everything else should just work. Right?
CategoryIssue[11], CategoryOpenIssue[12]
| [1] | http://www.linux-ha.org/LocalResourceManager |
| [2] | http://www.linux-ha.org/AlanRobertson |
| [3] | http://www.linux-ha.org/NodeFencing |
| [4] | http://www.linux-ha.org/ResourceFencing |
| [5] | http://www.linux-ha.org/HuangZhen |
| [6] | http://www.linux-ha.org/LarsMarowskyBree |
| [7] | http://www.linux-ha.org/ResourceAgent |
| [8] | http://www.linux-ha.org/ClusterResourceManager |
| [9] | http://www.linux-ha.org/StonithAgents |
| [10] | http://www.linux-ha.org/StonithAgent |
| [11] | http://www.linux-ha.org/CategoryIssue |
| [12] | http://www.linux-ha.org/CategoryOpenIssue |
This information provided courtesy of the Linux-HA project at http://linux-ha.org/