<div dir="ltr"><span class=""><span dir="ltr" name="Daniel" class=""></span> </span><div class=""><img class="" id=":309" src="https://mail.google.com/mail/u/1/images/cleardot.gif" alt=""></div><div id=":3fk" class=""><div id=":3og" style="overflow:hidden">
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
> Can anyone guide me on how to theoretically build a very "lock" safe 5-node<br>
> active-active KVM cluster atop Ceph RBD? Must I use sanlock with its NFS<br>
> or GFS2 with its performance bottlenecks? Does your answer work for LXC<br>
> (sans the current state of live migration)?<br>
<br>
The "proper" way would likely be to add a new libvirt lock manager<br>
plugin that uses ceph's locking, or perhaps extend virtlockd to<br>
be able to acquire locks on ceph.<br>
<br>
The hook scripts aren't called in the right places to be able todo<br>
safe locking in all scenarios where you need it, in particular I<br>
don't think it'll cope with migration correctly.<br>
<span><font color="#888888"><br>
Daniel</font></span><br clear="all"></blockquote></div><br>Thanks for
your reply. Is it unwise to open an issue to request development of
such a plugin? Do you think it makes more sense to file such an issue
with one or both of the Ceph and Libvirt teams?<br>
<div class="gmail_extra"><br></div><div class="gmail_extra">I just
learned that Ceph RBD's locks never time out. Locks must be removed
manually, for example, in the event of a hypervisor-gone-missing
event. Is removing the lock upon such an event something that is
typically built into a libvirt lock manager plug-in? Is this in any way
a show stopper? Do you think it may be best for me to drop direct use
of RBD for libvirt usage, in lieu of GFS2 or OCFS2 atop RBDs?<br>
<br></div><div class="gmail_extra">I'm starting to feel far less
enamored with the concept of live migration. It finally dawned on me
today that live migration cannot realistically preempt an unplanned
outage of any hypervisor node(s). Self-healing offline migration (plus
fencing, I suppose) for LXC/KVM with Ceph RBD and proper locking would
be enough to keep me happy for a long while, I think. Besides, this
5-node cluster is the management complex for a much larger Mesos+Aurora
cluster. I need to move on to more important things (like running H/A
LXC on Mesos Slave via Aurora). :-)<br>
</div><br></div><div class="gmail_extra">Any thoughts or tips are welcomed.<br><br></div><div class="gmail_extra">Thanks again,<br>Joshua</div></div></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Thu, Jan 16, 2014 at 5:37 AM, Daniel P. Berrange <span dir="ltr"><<a href="mailto:berrange@redhat.com" target="_blank">berrange@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Wed, Jan 15, 2014 at 05:47:35PM -0500, Joshua Dotson wrote:<br>
> Hi,<br>
><br>
> I'm trying to build an active/active virtualization cluster using a Ceph<br>
> RBD as backing for each libvirt-managed LXC. I know live migration for LXC<br>
> isn't yet possible, but I'd like to build my infrastructure as if it were.<br>
> That is, I would like to be sure proper locking is in place for live<br>
> migrations to someday take place. In other words, I'm building things as<br>
> if I were using KVM and live migration via libvirt.<br>
><br>
> I've been looking at corosync, pacemaker, virtlock, sanlock, gfs2, ocfs2,<br>
> glusterfs, cephfs, ceph RBD and other solutions. I admit that I'm quite<br>
> confused. If oVirt, with its embedded GlusterFS and its planned<br>
> self-hosted engine option, supported LXC, I'd use that. However the stars<br>
> have not yet aligned for that.<br>
><br>
> It seems that the most elegant and scalable approach may be to utilize<br>
> Ceph's RBD with its native locking mechanism plus corosync and pacemaker<br>
> for fencing, for a number of reasons out of scope for this email.<br>
><br>
> *My question now is in regards to proper locking. Please see the following<br>
> links. The libvirt hook looks good, but is there any expectation that this<br>
> arrangement will become a patch to libvirt itself, as is suggested by the<br>
> second link?*<br>
><br>
> <a href="http://www.wogri.at/en/linux/ceph-libvirt-locking/" target="_blank">http://www.wogri.at/en/linux/ceph-libvirt-locking/</a><br>
><br>
> <a href="http://lists.ceph.com/pipermail/ceph-users-ceph.com/2013-August/003887.html" target="_blank">http://lists.ceph.com/pipermail/ceph-users-ceph.com/2013-August/003887.html</a><br>
><br>
> Can anyone guide me on how to theoretically build a very "lock" safe 5-node<br>
> active-active KVM cluster atop Ceph RBD? Must I use sanlock with its NFS<br>
> or GFS2 with its performance bottlenecks? Does your answer work for LXC<br>
> (sans the current state of live migration)?<br>
<br>
The "proper" way would likely be to add a new libvirt lock manager<br>
plugin that uses ceph's locking, or perhaps extend virtlockd to<br>
be able to acquire locks on ceph.<br>
<br>
The hook scripts aren't called in the right places to be able todo<br>
safe locking in all scenarios where you need it, in particular I<br>
don't think it'll cope with migration correctly.<br>
<span class="HOEnZb"><font color="#888888"><br>
Daniel<br>
--<br>
|: <a href="http://berrange.com" target="_blank">http://berrange.com</a> -o- <a href="http://www.flickr.com/photos/dberrange/" target="_blank">http://www.flickr.com/photos/dberrange/</a> :|<br>
|: <a href="http://libvirt.org" target="_blank">http://libvirt.org</a> -o- <a href="http://virt-manager.org" target="_blank">http://virt-manager.org</a> :|<br>
|: <a href="http://autobuild.org" target="_blank">http://autobuild.org</a> -o- <a href="http://search.cpan.org/~danberr/" target="_blank">http://search.cpan.org/~danberr/</a> :|<br>
|: <a href="http://entangle-photo.org" target="_blank">http://entangle-photo.org</a> -o- <a href="http://live.gnome.org/gtk-vnc" target="_blank">http://live.gnome.org/gtk-vnc</a> :|<br>
</font></span></blockquote></div><br><br clear="all"><br>-- <br><div dir="ltr">Joshua Dotson<br>Founder, Wrale Ltd</div>
</div>