On 10/07/2013 05:30 PM, Joshua Harlow wrote:
A scenario that I've seen:
Take 'nova-compute' down for software upgrade, API still accessible since
you want to provide API uptime (aka not taking the whole cluster offline).
User Y deletes VM on that hypervisor where nova-compute is currently down,
DB locally deletes, at this point VM 'A' is still active but nova thinks
its not.
Isn't this sort of thing exactly what "nova host-update --maintenance
enable <hostname>" was intended for? I.e., push all the VMs off that
compute node so you can take down the services without causing problems.
Its kind of a pain that the host-update stuff is implemented at the
hypervisor level though (and isn't available for libvirt), it seems like
it could be implemented at a more generic level. (And on that note, why
isn't there a "host" table in the database since we can have multiple
services running on one host and we might want to take them all down?)
Alternately, maybe we need to have a 2-stage delete, where the VM gets
put into a "zombie" state in the database and the resources can't be
reused until the compute service confirms that the VM has been killed.
Chris
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
