On 2013-11-19T23:06:04, Andrey Groshev <gre...@yandex.ru> wrote:
> > First, like digimer wrote, clearly stonith-by-ssh is useless for
> > production since you can't fence nodes that are having problems. But for
> > testing, it's worth a try.
> Maybe I do not quite understand correctly the term "fence"
A "fence" request is executed when a node is deemed to be in an
untrustworthy state - when a stop has failed, or when a network error
occurs. Note that in the last case, login via ssh is obviously no longer
possible at all.
With the new fence-topology, you could try ssh first before escalating
to a real fencing mechanism, but why bother?
> > Note that cluster-glue actually does include an external/ssh script.
> > You're reinventing the wheel ;-)
> I've seen your script, thanks for the example
> But my wheels are hard! :)
> I need authorization by key, but but I do not want to mix them with
> /root/.ssh/...
Why not extend the existing agent rather than writing your own?
> I am indifferent what server reboot if the key matches.
> I exactly know that the server was rebooted.
I'm not sure about the first sentence; clearly you care which server is
rebooted, namely the one the cluster wants to have rebooted (or powered
off), right? That must be a misunderstanding.
Regards,
Lars
--
Architect Storage/HA
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB
21284 (AG Nürnberg)
"Experience is the name everyone gives to their mistakes." -- Oscar Wilde
_______________________________________________
Pacemaker mailing list: Pacemaker@oss.clusterlabs.org
http://oss.clusterlabs.org/mailman/listinfo/pacemaker
Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org
