[Linux-cluster] Shared storage across clustered VMs?
Ahmed Taha
linuxmails.lists at gmail.com
Fri Mar 5 17:20:15 UTC 2010
Hi,
How nss ldap traffic is doing when the locking time out (default 30
seconds) in /proc/cluster/config/dlm/lock-timeout, when authentication
happens from a user/group local to one of the nodes which gets it's
KVM locked ?
Thanks, --Ahmed
On Mar 5, 2010, at 5:02, Brett Cave <brettcave at gmail.com> wrote:
>
>
> On Fri, Mar 5, 2010 at 12:42 PM, Rudi Ahlers <Rudi at softdux.com> wrote:
>
>
> On 2010/03/05 11:59 AM, Brett Cave wrote:
>>
>>
>>
>> On Thu, Mar 4, 2010 at 4:23 AM, Jeff Karpinski <jeff at 3d0g.net> wrote:
>> Our assigned Red Hat engineer was on-site today and pointed out the
>> blindingly obvious solution. Can't believe I didn't think of it:
>> Run NFS as a clustered service and have the VMs mount that. That
>> way ANY system - even outside of the cluster - can also access the
>> data.
>>
>> This is what we are doing, works great. We considered presenting
>> the raw devices from our SAN (fc connectivity instead of iSCSI) to
>> the VM's, but opted against it due to dynamics of changing # of
>> VM's and GFS requirements for journals / # of nodes, as well as
>> multicast issues (each dom0 uses a different routed network for
>> VM's). Each VM mounts NFS from its host.
>>
>>
>>
>
>>
>
>
> What kind of security do you apply, both to the NFS cluster, and the
> data that get accessed on it?
>
> heya rudi, never realised u were on this list too ;)
>
> the exports are controlled by source IP address in /etc/exports. The
> data on there is not sensitive data at all in our environment, and
> GFS is all server environment, with no user access... but I just
> tested using ACLs and it works 100% (added the acl option to gfs
> mount, and configured using setfacl). We are using ldap network
> authentication, so works nicely with group permissions ;)
>
> (although we do have 1 luks volume image on the gfs filesystem that
> is mounted by one of the phy machines using a keyfile stored locally).
>
>
> --
> Kind Regards
> Rudi Ahlers, SoftDux MD
>
> Website: http://www.SoftDux.com
> Blog: http://Blog.SoftDux.com
> Support: http://Billing.SoftDux.com
>
> Office: 087 805 9573
> Cell: 082 554 7532
> Fax: 086 609 6128
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-cluster/attachments/20100305/893a6951/attachment.htm>
More information about the Linux-cluster
mailing list