(2010/07/21 16:27), Avi Kivity wrote: > On 07/21/2010 09:27 AM, Takuya Yoshikawa wrote: >> Hi, >> >> >> We are now checking about what we should do on vm fail-over. >> >> Concerning this, does anybody know about any danger about data >> consistency when we are using shared disk? >> >> >> What I'm concerning is if crashed VM-side host is still holding >> buffered data, starting a new VM instance on another node may >> result in file system corruption. >> >> This problem may similar to live-migration but little bit different >> in the sense that VM is crashed -> cannot do anything from that point. >> > > If the VM can't do anything, you're safe. Of course a crash doesn't mean > a VM can't do anything, you typically need to isolate it by resetting > the host or having a switch disconnect its storage and network. > Thanks, We are starting to manage the "only VM crashed" case by HA. So yes, we need to reset the host. >> >> How about the combination of old or new guest OS and the following >> settings? >> >> - writethrough >> - writeback >> - none >> >> If needed, we'll do sync by HA-side scripts before starting a new VM >> instance. >> > > I believe nothing special is needed, as long as a crash means both the > qemu and host kernel crashed. If only qemu crashed, then the writeback > case needs buffers flushed. > My main concern is only qemu crashed and host is alive case. Host memory is typically large, so we want to eliminate flushing everything if possible. So we don't need to flush in the case of writethrough = RHEL default ? -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
