On 04/15/2011 12:01 AM, Martin Fick wrote:
> --- On Thu, 4/14/11, Gordan Bobic<gordan@bobich.net>  wrote:
>>> --- On Thu, 4/14/11, Gordan Bobic<gordan@bobich.net>
>>
>> DRBD can do active-active, but you'll need a cluster FS to
>> achieve that.
>
> Yes I could use a clusterfs (or more precisely a
> shared disk cluster fs) with DRBD, but those are
> fairly scary currently and do not work reliably
> (from what I have read) with DRBD.  They were not
> designed with drbd in mind.
Absolute nonsense. I've been using GFS with DRBD for years without any 
problems whatsoever. Then again most people don't seem to understand 
clustering so it doesn't surprise me there are a lot of erroneous 
opinions blogged around. If you are failing machines over you should 
already have cluster/fencing set up to make sure IPs don't stay live on 
the machine that was downed, so you might already be half way there.
> I could use a distributed clusterfs without DRBD
> too, if there were one which were mature,
> opensource, and prevented splitbrain properly,
> but I have yet to find one (fingers crossed for
> ceph someday).
Good luck with that. :)
>> However
>> - what use-case do you have where one guest will fail
>> unrecoverably on one machine but resumes working on another
>> machine with the exact same FS? In what case would a single
>> guest fail without all of them failing?
>
> Think load balancing.  Say 10 vservers, split them
> so that 5 run on each host normally.  If either host
> goes down, the other one picks up the slack.
> Everything runs slower, but at least it still runs.
With load balancing you can only have up to 3 replicas, IIRC.
What you could do is use lsyncd to rsync files on close(). This has 
practically no overhead, is completely asynchronous, and pretty close to 
real-time. In case of a crash you won't get files that are kept open 
until shutdown (think databases), but databases have their own 
replication capabilities so this isn't really an issue. I use a setup 
like this for HA with vserver and it works reasonably well.
>> How will it work safely without the inode being marked
>> CoW?
>
> Because the whole filesystem is effectively COW, that
> is what unionfs and aufs do.  They allow you to modify
> the fs view without modifying the bottom readonly
> layer.  The top layer simply stores the deltas.  They
> are nothing but an FS level (instead of file level)
> COW mechanism.
OK, I get what you mean now. That's not a bad idea. It does add an 
additional layer of complexity, though, and I'm not convinced the 
benefits are worth it. There's also the fuse issue of performance.
Gordan
Received on Fri Apr 15 08:03:44 2011