Hello
we have been running for years HA (Heartbeat, DRBD, Openvz, 2 NICs and serial cable) on two node clusters, in a master-master configuration. Every machine has an active DRBD master partition and a passive DRBD slave partition. Both servers run VMs in their active DRBD partitions (which are copied in realtime to the other machine). In case of a hardware failure the surviving machine mounts the inactive slave partition as a second DRBD master and starts the contained VMs.
Despite all comments here that this shouldnt work reliably I can only say that it does. The two connections, Ethernet and Serial, ensure that no false hardware failure is detected.
Also a split-brain situation cannot happen because the surviving master IS the new master and has the active partition. DRBD must be configured so that when the slave is up again that its partitions are in passive mode and VMs do not migrate back without admin intervention.
We have had this config running for years, we have had hardware failures and HA worked just fine. It is a highly reliable and cheap setup.
This seems to be also confirmed by DRBD
"Even though DRBD-based clusters utilize no shared storage resources and thus fencing is not strictly required from DRBD’s standpoint, Red Hat Cluster Suite still requires fencing even in DRBD-based configurations."
http://www.drbd.org/users-guide/ch-rhcs.html
We would love to use Proxmox. Can Proxmox be hacked to support our configuration?
Thanks for any hints.
Geejay
we have been running for years HA (Heartbeat, DRBD, Openvz, 2 NICs and serial cable) on two node clusters, in a master-master configuration. Every machine has an active DRBD master partition and a passive DRBD slave partition. Both servers run VMs in their active DRBD partitions (which are copied in realtime to the other machine). In case of a hardware failure the surviving machine mounts the inactive slave partition as a second DRBD master and starts the contained VMs.
Despite all comments here that this shouldnt work reliably I can only say that it does. The two connections, Ethernet and Serial, ensure that no false hardware failure is detected.
Also a split-brain situation cannot happen because the surviving master IS the new master and has the active partition. DRBD must be configured so that when the slave is up again that its partitions are in passive mode and VMs do not migrate back without admin intervention.
We have had this config running for years, we have had hardware failures and HA worked just fine. It is a highly reliable and cheap setup.
This seems to be also confirmed by DRBD
"Even though DRBD-based clusters utilize no shared storage resources and thus fencing is not strictly required from DRBD’s standpoint, Red Hat Cluster Suite still requires fencing even in DRBD-based configurations."
http://www.drbd.org/users-guide/ch-rhcs.html
We would love to use Proxmox. Can Proxmox be hacked to support our configuration?
Thanks for any hints.
Geejay
Last edited: