[pve-devel] PVE + Ceph + Ceph fencing?
Eneko Lacunza
elacunza at binovo.es
Fri Nov 7 17:13:20 CET 2014
Hi all,
I have been lecturing a Proxmox+Ceph hands-on workshop the last 3 days.
Talking about HA and Fencing, I came with an idea I'm not sure could
work, but wanted to discuss with you.
SCENARIO: proxmox HA cluster, VM images exclusively on RBD
GOAL: use Ceph auth for fencing
Currently this can't be done, but I think the following changes would
allow it:
- Move storage client auth keyring from /etc/pve/priv/ceph to somewhere
/etc/pve/nodes/<nodename>/ceph
- Configure a different ceph user for each node
- Make each proxmox node use his own auth keyring(user) for RBD
- Develop a fence_ceph that allows to block access of a node to ceph
storage (block user), removing capabilities to the user, or removing the
user.
I don't know much about ceph auth, and haven't found very detailed info
on online dosc, so maybe this is nonsense, sorry if that is the case.
Thanks
Eneko
--
Zuzendari Teknikoa / Director Técnico
Binovo IT Human Project, S.L.
Telf. 943575997
943493611
Astigarraga bidea 2, planta 6 dcha., ofi. 3-2; 20180 Oiartzun (Gipuzkoa)
www.binovo.es
More information about the pve-devel
mailing list