[pve-devel] PVE + Ceph + Ceph fencing?
Eneko Lacunza
elacunza at binovo.es
Mon Nov 10 10:51:23 CET 2014
Hi,
On 08/11/14 11:02, Dietmar Maurer wrote:
>> SCENARIO: proxmox HA cluster, VM images exclusively on RBD
>> GOAL: use Ceph auth for fencing
>>
>> Currently this can't be done, but I think the following changes would allow it:
>> - Move storage client auth keyring from /etc/pve/priv/ceph to somewhere
>> /etc/pve/nodes/<nodename>/ceph
>> - Configure a different ceph user for each node
>> - Make each proxmox node use his own auth keyring(user) for RBD
>> - Develop a fence_ceph that allows to block access of a node to ceph storage
>> (block user), removing capabilities to the user, or removing the user.
> Well, I would not consider such thing very reliable.
>
> And this would only fence the storage connection. What about other resources, for
> example the IP address? If the VM still run and you only fence storage, you will get an
> IP address conflict if you start the VM on another node.
>
>
Yes, I didn't realize there were other resources involved; thanks for
pointing it out.
Cheers
Eneko
--
Zuzendari Teknikoa / Director Técnico
Binovo IT Human Project, S.L.
Telf. 943575997
943493611
Astigarraga bidea 2, planta 6 dcha., ofi. 3-2; 20180 Oiartzun (Gipuzkoa)
www.binovo.es
More information about the pve-devel
mailing list