[Pacemaker] RFC: stonith-enabled="error-recovery"

Lars Marowsky-Bree lmb at novell.com
Thu Jun 24 11:46:39 EDT 2010


Hi,

this is about a new setting for stonith mode.

Basically, a node failure would not cause a fence - the node would be
trusted to be truly down and have self-fenced. (Certain hardware
infrastructures can guarantee this, and also drive the probability of
split-communication down to be neglible; or the issue of re-syncing the
data be considered acceptably solved (drbd).)

However, fencing would still be welcome for error cleanup (say, stop
failures).

Do others think this would be a useful idea?

An alternative route could be to implement a STONITH plugin that returns
success if the node is missing from the membership layer, and "pass" if
it is present (thus invoking the next STONITH plugin in the priority
list). But I think the PE-approach would be cleaner.


Regards,
    Lars

-- 
Architect Storage/HA, OPS Engineering, Novell, Inc.
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)
"Experience is the name everyone gives to their mistakes." -- Oscar Wilde





More information about the Pacemaker mailing list