Hi,
On 08/11/14 11:02, Dietmar Maurer wrote:
SCENARIO: proxmox HA cluster, VM images exclusively on RBD
GOAL: use Ceph auth for fencing
Currently this can't be done, but I think the following changes would allow it:
- Move storage client auth keyring from /etc/pve/priv/ceph to somewhere
/etc/pve/nodes/<nodename>/ceph
- Configure a different ceph user for each node
- Make each proxmox node use his own auth keyring(user) for RBD
- Develop a fence_ceph that allows to block access of a node to ceph storage
(block user), removing capabilities to the user, or removing the user.
Well, I would not consider such thing very reliable.
And this would only fence the storage connection. What about other resources,
for
example the IP address? If the VM still run and you only fence storage, you
will get an
IP address conflict if you start the VM on another node.
Yes, I didn't realize there were other resources involved; thanks for
pointing it out.
Cheers
Eneko
--
Zuzendari Teknikoa / Director Técnico
Binovo IT Human Project, S.L.
Telf. 943575997
943493611
Astigarraga bidea 2, planta 6 dcha., ofi. 3-2; 20180 Oiartzun (Gipuzkoa)
www.binovo.es
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
