[Pacemaker] Mostly STONITH Questions / Seeking Best Practice
Lars Marowsky-Bree
lmb at suse.com
Wed Sep 5 05:53:28 EDT 2012
On 2012-09-04T16:31:54, David Morton <davidmorton78 at gmail.com> wrote:
> 1) I'm planning on implementing sfex resources (a small LVM volume on the
> same volume group as the data being protected) as an additional safety
> feature along side the existing external/ipmi STONITH control ... is this
> best practice in case the IBM IMM is unavailable or credentials change etc
> and the STONITH is not carried out ?
sfex will not help you if STONITH stalls. The stonith agent will fail if
the credentials change or the IMM is unavailable, and thus will not
proceed with the take-over.
(Personally I've not seen many good examples of where I'd use sfex.)
> 2) Is there any risk to a healthy node if an unhealthy node with a shared
> OCFS2 volume mounted goes down ? Quorum policy is set to ignore. Seems to
> not give any issues but I want to clarify this is the designed behavior.
IO will freeze until fencing is completed.
(Theoretically, a failing node can crash the others if it doesn't die
"cleanly", but first starts spreading bad data around. The risk of this
increases with tighter coupling of nodes.)
> 3) Does a node need its own STONITH resource to be able to self fence or is
> this covered off by internal pacemaker functionality ? ie: We currently use
> location constraints to ensure STONITH resources don't run on themselves as
> per the documentation.
STONITH is started as needed.
> 4) What is the best way to disable STONITH non disruptively for node
> maintenance ? Is it a case of editing the CIB stonith-enabled directive to
> false and stopping the STONITH resources then stopping openais ?
Why do you need to disable STONITH for node maintenance? Just shut down
the node cleanly (or at least stop the cluster stack on it, which will
also stop all cluster resources) and it will not be fenced.
> 5) Is there an OCF compliant resource agent script for Derby / JavaDB that
> anyone knows of ? We use an old init style script at the moment, I'm afraid
> it will trip us up and STONITH a node on shutdown at some stage.
Why would it do that?
> group NEWS VG_DB_NEWS FS_LOGS_NEWS FS_DB_NEWS IP_NEWS_15 IP_NEWS_72 DERBYDB
You have an unhealthy obsession with capslock. ;-)
Regards,
Lars
--
Architect Storage/HA
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 21284 (AG Nürnberg)
"Experience is the name everyone gives to their mistakes." -- Oscar Wilde
More information about the Pacemaker
mailing list