<div dir="ltr"><div>"<i><span style="font-size:12.8px">Coincidentally, I am about to announce enhanced container support in</span></i><br></div><span style="font-size:12.8px"><i>pacemaker. I should have a post with more details later today or tomorrow.</i></span>"<div><br></div><div>Ken: Where you able to get to it?</div><div><br></div><div>-Thanks</div><div>Nikhil</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 23, 2017 at 7:35 PM, Ken Gaillot <span dir="ltr"><<a href="mailto:kgaillot@redhat.com" target="_blank">kgaillot@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 03/22/2017 11:08 PM, Nikhil Utane wrote:<br>
> I simplified when I called it as a service. Essentially it is a complete<br>
> system.<br>
> It is an LTE eNB solution. It provides LTE service (service A) and now<br>
> we need to provide redundancy for another different but related service<br>
> (service B). The catch being, the LTE redundancy solution will be tied<br>
> to one operator whereas the other service can span across multiple<br>
> operators. Therefore ideally we want two completely independent clusters<br>
> since different set of nodes will form the two clusters.<br>
> Now what I am thinking is, to run additional instance of Pacemaker +<br>
> Corosync in a container which can then notify the service B on host<br>
> machine to start or stop it's service. That way my CIB file will be<br>
> independent and I can run corosync on different interfaces.<br>
><br>
> Workable right?<br>
><br>
> -Regards<br>
> Nikhil<br>
<br>
</span>It's not well-tested, but in theory it should work, as long as the<br>
container is privileged.<br>
<br>
I still think virtualizing the services would be more resilient. It<br>
makes sense to have a single determination of quorum and fencing for the<br>
same real hosts. I'd think of it like a cloud provider -- the cloud<br>
instances are segregated by customer, but the underlying hosts are the same.<br>
<br>
You could configure your cluster as asymmetric, and enable each VM only<br>
on the nodes it's allowed on, so you get the two separate "clusters"<br>
that way. You could set up the VMs as guest nodes if you want to monitor<br>
and manage multiple services within them. If your services require<br>
hardware access that's not easily passed to a VM, containerizing the<br>
services might be a better option.<br>
<span class=""><br>
> On Wed, Mar 22, 2017 at 8:06 PM, Ken Gaillot <<a href="mailto:kgaillot@redhat.com">kgaillot@redhat.com</a><br>
</span><span class="">> <mailto:<a href="mailto:kgaillot@redhat.com">kgaillot@redhat.com</a>>> wrote:<br>
><br>
> On 03/22/2017 05:23 AM, Nikhil Utane wrote:<br>
> > Hi Ulrich,<br>
> ><br>
> > It's not an option unfortunately.<br>
> > Our product runs on a specialized hardware and provides both the<br>
> > services (A & B) that I am referring to. Hence I cannot have service A<br>
> > running on some nodes as cluster A and service B running on other nodes<br>
> > as cluster B.<br>
> > The two services HAVE to run on same node. The catch being service A and<br>
> > service B have to be independent of each other.<br>
> ><br>
> > Hence looking at Container option since we are using that for some other<br>
> > product (but not for Pacemaker/Corosync).<br>
> ><br>
> > -Regards<br>
> > Nikhil<br>
><br>
> Instead of containerizing pacemaker, why don't you containerize or<br>
> virtualize the services, and have pacemaker manage the containers/VMs?<br>
><br>
> Coincidentally, I am about to announce enhanced container support in<br>
> pacemaker. I should have a post with more details later today or<br>
> tomorrow.<br>
><br>
> ><br>
> > On Wed, Mar 22, 2017 at 12:41 PM, Ulrich Windl<br>
> > <<a href="mailto:Ulrich.Windl@rz.uni-regensburg.de">Ulrich.Windl@rz.uni-<wbr>regensburg.de</a><br>
> <mailto:<a href="mailto:Ulrich.Windl@rz.uni-regensburg.de">Ulrich.Windl@rz.uni-<wbr>regensburg.de</a>><br>
</span>> > <mailto:<a href="mailto:Ulrich.Windl@rz.uni-regensburg.de">Ulrich.Windl@rz.uni-<wbr>regensburg.de</a><br>
<span class="">> <mailto:<a href="mailto:Ulrich.Windl@rz.uni-regensburg.de">Ulrich.Windl@rz.uni-<wbr>regensburg.de</a>>>> wrote:<br>
> ><br>
> > >>> Nikhil Utane <<a href="mailto:nikhil.subscribed@gmail.com">nikhil.subscribed@gmail.com</a> <mailto:<a href="mailto:nikhil.subscribed@gmail.com">nikhil.subscribed@<wbr>gmail.com</a>><br>
</span>> > <mailto:<a href="mailto:nikhil.subscribed@gmail.com">nikhil.subscribed@<wbr>gmail.com</a><br>
<span class="">> <mailto:<a href="mailto:nikhil.subscribed@gmail.com">nikhil.subscribed@<wbr>gmail.com</a>>>> schrieb am 22.03.2017 um 07:48 in<br>
> > Nachricht<br>
> ><br>
> <CAGNWmJV05-YG+f9VNG0Deu-<wbr>2xo7Lp+kRQPOn9sWYy7Jz=<a href="mailto:0gNag@mail.gmail.com">0gNag@<wbr>mail.gmail.com</a><br>
> <mailto:<a href="mailto:0gNag@mail.gmail.com">0gNag@mail.gmail.com</a>><br>
</span>> > <mailto:<a href="mailto:0gNag@mail.gmail.com">0gNag@mail.gmail.com</a> <mailto:<a href="mailto:0gNag@mail.gmail.com">0gNag@mail.gmail.com</a>>><wbr>>:<br>
<div class="HOEnZb"><div class="h5">> > > Hi All,<br>
> > ><br>
> > > First of all, let me thank everyone here for providing<br>
> excellent support<br>
> > > from the time I started evaluating this tool about a year<br>
> ago. It has<br>
> > > helped me to make a timely and good quality release of our<br>
> Redundancy<br>
> > > solution using Pacemaker & Corosync. (Three cheers :))<br>
> > ><br>
> > > Now for our next release we have a slightly different ask.<br>
> > > We want to provide Redundancy to two different types of<br>
> services (we can<br>
> > > call them Service A and Service B) such that all cluster<br>
> communication for<br>
> > > Service A happens on one network/interface (say VLAN A) and<br>
> for service B<br>
> > > happens on a different network/interface (say VLAN B).<br>
> Moreover we do not<br>
> > > want the details of Service A (resource attributes etc) to<br>
> be seen by<br>
> > > Service B and vice-versa.<br>
> > ><br>
> > > So essentially we want to be able to run two independent<br>
> clusters. From<br>
> > > what I gathered, we cannot run multiple instances of<br>
> Pacemaker and Corosync<br>
> > > on same node. I was thinking if we can use Containers and<br>
> run two isolated<br>
> ><br>
> > You conclude from two services that should not see each other that<br>
> > you need to instances of pacemaker on one node. Why?<br>
> > If you want true separation, drop the VLANs, make real<br>
> networks and<br>
> > two independent clusters.<br>
> > Even if two pacemeaker on one node would work, you habe the<br>
> problem<br>
> > of fencing, where at least one pacemaker instance will always be<br>
> > surprised badly if fencing takes place. I cannot imaging you<br>
> want that!<br>
> ><br>
> > > instances of Pacemaker + Corosync on same node.<br>
> > > As per <a href="https://github.com/davidvossel/pacemaker_docker" rel="noreferrer" target="_blank">https://github.com/<wbr>davidvossel/pacemaker_docker</a><br>
> <<a href="https://github.com/davidvossel/pacemaker_docker" rel="noreferrer" target="_blank">https://github.com/<wbr>davidvossel/pacemaker_docker</a>><br>
> > <<a href="https://github.com/davidvossel/pacemaker_docker" rel="noreferrer" target="_blank">https://github.com/<wbr>davidvossel/pacemaker_docker</a><br>
> <<a href="https://github.com/davidvossel/pacemaker_docker" rel="noreferrer" target="_blank">https://github.com/<wbr>davidvossel/pacemaker_docker</a>>> it looks do-able.<br>
> > > I wanted to get an opinion on this forum before I can commit<br>
> that it can be<br>
> > > done.<br>
> ><br>
> > Why are you designing it more complicated as necessary?<br>
> ><br>
> > ><br>
> > > Please share your views if you have already done this and if<br>
> there are any<br>
> > > known challenges that I should be familiar with.<br>
> > ><br>
> > > -Thanks<br>
> > > Nikhil<br>
</div></div></blockquote></div><br></div>