[Pacemaker] SFEX resource agent

Xinwei Hu hxinwei at gmail.com
Tue Feb 24 08:12:40 UTC 2009


Hi Priyanka,

2009/2/22 Priyanka Ranjan <priyanka3rdfeb at gmail.com>:
>> It is close to impossible to protect against malicious applications from
>> other cluster nodes. sfex, LVM exclusive activation, and SCSI2/SCSI3
>> reservations likewise can be broken - they must be able to be broken, or
>> else the cluster could never orchestrate a fail-over.
>
> I understand your point but if we have SCSI3 protection other node will have
> to perform few extra steps before accessing the disk. it will have to remove
> to the present key, put it's new registration key , then put it's own
> reservation then only it can go ahead and access the disk. this way SCSI3
> provide extra security unlike sfex or LVM.

sfex actually depends on the contraints from pacemaker to ensure the
data integrity,
and LVM doesn't secure data integrity until clustered locking is enabled.

> can we configure present scsi2reservation R.A  to use sg_persist command .

Implement exclusive control RA like scsi2reservation in sg_persist
needs extra works.
I attached my RA of scsi-3 reservation.

It'll be great if you can test it and give some feedback based on it.

Thanks.
> Thanks & Regards,
> Priyanka.
>>
>>
>> Regards,
>>    Lars
>>
>> --
>> Teamlead Kernel, SuSE Labs, Research and Development
>> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)
>> "Experience is the name everyone gives to their mistakes." -- Oscar Wilde
>>
>>
>> _______________________________________________
>> Pacemaker mailing list
>> Pacemaker at oss.clusterlabs.org
>> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
>
> _______________________________________________
> Pacemaker mailing list
> Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
>




More information about the Pacemaker mailing list