On Wed, 2010-07-21 at 13:46 +0300, Avi Kivity wrote: > On 07/21/2010 10:43 AM, Takuya Yoshikawa wrote: > > > >> If the VM can't do anything, you're safe. Of course a crash doesn't mean > >> a VM can't do anything, you typically need to isolate it by resetting > >> the host or having a switch disconnect its storage and network. > >> > >> > > Thanks, > > We are starting to manage the "only VM crashed" case by HA. > > So yes, we need to reset the host. > > > > It may be sufficient to issue a sync(2). > > > >> I believe nothing special is needed, as long as a crash means both the > >> qemu and host kernel crashed. If only qemu crashed, then the writeback > >> case needs buffers flushed. > >> > >> > > My main concern is only qemu crashed and host is alive case. > > > > Host memory is typically large, so we want to eliminate flushing everything > > if possible. > > > > So we don't need to flush in the case of writethrough = RHEL default ? > > > > No. But you do need to unmount the underlying host filesystem. > > I recommend using cache=none and direct volume access, this is easier to > guarantee integrity. By the way, if we used cache=none we would still need to invoke sync(2) to flush the physical device's write cache. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
