Vincent Bernat wrote:
OoO En ce début d'après-midi nuageux du mardi 17 février 2009, vers
14:50, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> disait :
Re-adjusting cluster-total-nodes and cluster-local-nodes options (eg. if
one cluster node goes down and there are only two nodes alive, change
the rule-set to have only two nodes) seems indeed the natural way to go
since the alive cluster nodes would share the workload that the failing
node has left. However, as said, existing failover daemons only select
one new master to recover what a failing node was doing, thus, only one
runs the script to inject the states into the kernel.
Moreover, some of them (the one that are using VRRP for example) don't
report the total number of nodes still alive. As a user, I would prefer
a simple /proc interface to add/remove a node.
That "simple" argument really doesn't cut it, there's nothing inherently
more complicated in executing an iptables command compared to executing
an echo command. Most likely some program is going to do it anyways.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
