* Paolo Bonzini (pbonz...@redhat.com) wrote: > > > On 23/04/2015 14:05, Dr. David Alan Gilbert wrote: > > As presented at the moment, I don't see there's any dynamic reconfiguration > > on the primary side at the moment > > So that means the bdrv_start_replication and bdrv_stop_replication > callbacks are more or less redundant, at least on the primary? > > In fact, who calls them? Certainly nothing in this patch set... > :)
In the main colo set (I'm looking at the February version) there are calls to them, the 'stop_replication' is called at failover time. Here is I think the later version: http://lists.nongnu.org/archive/html/qemu-devel/2015-03/msg05391.html Dave > > Paolo > > - it starts up in the configuration with > > the quorum(disk, NBD), and that's the way it stays throughout the > > fault-tolerant > > setup; the primary doesn't start running until the secondary is connected. > > > > Similarly the secondary startups in the configuration and stays that way; > > the interesting question to me is what happens after a failure. > > > > If the secondary fails, then your primary is still quorum(disk, NBD) but > > the NBD side is dead - so I don't think you need to do anything there > > immediately. > > > > If the primary fails, and the secondary takes over, then a lot of the > > stuff on the secondary now becomes redundent; does that stay the same > > and just operate in some form of passthrough - or does it need to > > change configuration? > > > > The hard part to me is how to bring it back into fault-tolerance now; > > after a primary failure, the secondary now needs to morph into something > > like a primary, and somehow you need to bring up a new secondary > > and get that new secondary an image of the primaries current disk. -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK