[Drbd-dev] /usr/lib/drbd/crm-unfence-peer.sh: fencing rule leak?

Pallai Roland dap at magex.hu
Wed Jan 16 23:50:14 CET 2013


2013/1/16 Lars Ellenberg <lars.ellenberg at linbit.com>:
> But still, the race, or races, you describe
> would still be possible in one form or an other.
>
> The only sane way I see would be to add some logic to the resource agent
> monitor section, and try to reliably detect a "healthy" replication (all
> nodes "UpToDate"), then "race free" remove a possibly leaked constraint.
>
> Unless cibadmin has a "compare exchange" mode, I don't see how you can
> do this race free. Hm, okay, you could protect both "critical sections"
> of crm-fence-peer and the resource agent monitor with flock, maybe.

I think there is no such fencing race if the fencing node does the
unfencing too. In that case the fencing and unfencing requests may be
queued in FIFO order in the cluster (optionally with some locking that
you outlined), no leaked constraints.

Extend drbd.conf's handlers to support primary side unfencing seems
like easy. What's the problem with that?

> --
> : Lars Ellenberg
> : LINBIT | Your Way to High Availability
> : DRBD/HA support and consulting http://www.linbit.com
>
> DRBD® and LINBIT® are registered trademarks of LINBIT, Austria.
>

(Lars, reply to drbd-user@ or personally me if this thread is too
annoying on drbd-dev@, sorry.)


More information about the drbd-dev mailing list