On Jul 18, 2013 10:00 AM, "Jakov Sosic" wrote:
I'm trying to design a solution that will encompass load balancing
I have two nodes, and idea is to connect them with DRBD, put some
cluster aware filesystem (OCFS2 or GFS2), and just link /etc/puppet and
/var/lib/puppet on both nodes to cluster FS.
Accessing to the masters would be load balanced by round-robin DNS.
Would this work? Is there any problem that both masters are using the
same directories? Any possibility of data corruption or potential
This would be risky if not disastrous. I am wary of anything that might
depend on file locking on shared file systems, unless it is well-supported
by the vendor.
You should be able to share /etc/puppet as this should be read-only for the
master process (you might have a function that generates or writes files
here, but that would be unusual). But you could more simply maintain this
with SCM checkouts, unless you have the agent generating files here and
precise consistency required.
For /var, however, you might divide into data subsets, some that you could
safely share and some definitely not:
- Reports processed with "store" are named with timestamps and node
names, so that might be ok. And a single report, stored in a single file,
is unlikely to be a big deal if lost.
- Reports processed with "rrdgraph" seem like a big risk.
- The CA store seems highly vulnerable to race conditions, unless you
have such a low rate of node provisioning you can guarantee serial access
-- but you probably would not need an HA setup in that case.
- The filebucket I would expect to be risky -- seems like a high
probability of attempted concurrent writes of the same file.
- Other stuff is specific to the node agent and node master that you would
not want to share in any case.
You might consider an active/passive setup with a front-end load balancer,
where one of the above data subsets is effectively read-only for the
passive server. You could distribute the load by taking advantage of the
ability to configure the various master roles (fileserver, catalog,
inventory, filebucket, CA, etc.) with different hostnames and ports. It
would still be a risk of corruption in a split-brain situation, but that's
often (always?) a danger with shared-storage filesystems.