>>> James Smith <james.sm...@m247.com> schrieb am 07.07.2011 um 11:59 in >>> Nachricht <05CDC1A731F2E64C8C3BD1957047E844471ED3@office-server2.m247.local>: > Hi, > > Summary: Two node cluster running DRBD, IET with a floating IP and stonith > enabled. > > All this works well, I can kernel panic the machine, kill individual PIDs > (for example IET) > which then invoke failover. However, when I forkbomb the master, nothing > happens. > The box is dead, the services stop responding etc, but pacemaker does not > recognise > this and therefore failover does not occur. > > Very occasionally it will fence and invoke failover after several minutes or > even longer, > which is no good at all. > > To me, it seems extremely odd pacemaker itself does not automatically > incorporate system > health checks that can detect such a scenario. I've raised this a couple of > times, but the > suggestion is to run watchdog or create an RA to do resource checking. > Watchdog certainly > does its job and is easy to configure, but this seems flawed to me.
Hi! A fork-bomb effectively means the system cannot start any new process. So basically not even a monitoring process. However you can set up "ulimits" to limit the number of processes users can create. Maybe that's the way to go. Procatically it's very hard to design a unix program that can work without creating a new process. The only fork bomb we actually had was a mis-behaving Oracle several years ago: Root could not even log in then... Regards, Ulrich _______________________________________________ Linux-HA mailing list Linux-HA@lists.linux-ha.org http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
