Difference between revisions of "Scancore"

From Alteeve Wiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 27: Line 27:
How does it do this?
How does it do this?


Multiple scan agents record thermal data. The <span class="code">scan-ipmitool</span> tool checks the host's [[IPMI]] sensor data which includes many thermal sensors and their upper and lower warning and critical thresholds. The <span class="code">scan-storcli</span> agent scan [[AVAGO]]-based [[RAID]] controllers and the attached hard drives and solid state drives. These also have thermal data. This is true also for many UPSes, ethernet switches and so forth.
Multiple scan agents record thermal data. The <span class="code">scan-ipmitool</span> tool checks the host's [[IPMI]] sensor data which includes many thermal sensors and their upper and lower warning and critical thresholds. The <span class="code">scan-storcli</span> agent scan [[LSI]]-based [[RAID]] controllers and the attached hard drives and solid state drives. These also have thermal data. This is true also for many UPSes, ethernet switches and so forth.


As each agent checks its thermal sensors, any within nominal ranges are recorded by the agent in its database tables. Any that are in a <span class="code">warning</span> state though, that is, overly warm or cool but not yet a problem, get pushed into a special '<span class="code">temperature</span>' database table. Alone, Scancore does nothing more than mark the node's health as 'warning' and no further action is taken.
As each agent checks its thermal sensors, any within nominal ranges are recorded by the agent in its database tables. Any that are in a <span class="code">warning</span> state though, that is, overly warm or cool but not yet a problem, get pushed into a special '<span class="code">temperature</span>' database table. Alone, Scancore does nothing more than mark the node's health as 'warning' and no further action is taken.
Line 85: Line 85:
If your agent needs accurate record change timestamps, please make a note to record that current time as a separate database column.
If your agent needs accurate record change timestamps, please make a note to record that current time as a separate database column.


* [[List of Scancore Agents]]
* [https://github.com/ClusterLabs/anvil/tree/main/scancore-agents List of Scancore Agents]
 
== DB Resync ==
 
Part of the difference between Scancore and various other tools is that Scancore is designed from its core as a resilient project. The data collected by agents needs to, from the user's perspective, sync N-way between Scancore databases without the user needing to worry about backups, recoveries and whatnot.
 
How does this work?
 
In essence, the data Agents collects can be categorized in one of two ways;
 
* Data that is global (like data on servers on the [[Anvil!]] platform)
* Data that is target-bound (like a host's sensor data from IPMI interfaces or a given machines view of UPSes it cares about)
 
As an agent author, you need to consider that data may exist in some databases and not others.
 
Consider;
 
A site has two Striker dashboards acting as Scancore databases. This is a satellite office so you data replicates to a third Striker at head office. Meanwhile, head-office is collecting data from many different sites and the two dashboards on your site doesn't care about the data on the head-office site from those other locations.
 
{{warning|1=Isolating data onto a limited number of databases is an efficiency effort, '''not''' a security effort! If you don't trust a Scancore database machine, don't connect to it, period. Similarly, if you don't trust trust a machine with access to your database, don't give the owner access.}}
 
You also need to plan for N-directional resynchronization.
 
Also consider;
 
Power is lost to both/all UPSes and load-shedding takes "Striker 2" offline. Now data is being recorded to "Striker 1" that will need to be copied to Striker 2 later. Time passes and all power is lost. Power is restored, but for some reason Striker 2 boots up first and starts collecting data. Eventually, Striker 1 comes back online.
 
Now, Striker 1 has data that 2 doesn't, and Striker 2 has data that 1 doesn't.
 
Scancore has already solved this problem using the following schemes, depending on which type of data your agent collects.
 
{{note|1=Yes, this is expensive in terms of memory and processing power, relatively speaking. However, a lot of effort is made to never <span class="code">UPDATE</span> the database unless something actually changes, keeping the <span class="code">history</span> schema as small and efficient as possible. For this reason, even data collected from many nodes over a long period of time should not add up to too much. If you are concerned, be sure to run periodic archiving of the data.}}
 
{{warning|1=As this is written, automatic archiving has not been implemented, though it is planned to be implemented shortly.}}
 
=== Resync Global Data ===
 
This is the simplest data to resync because it will go to all databases, no matter what. This is rare in practice but provides a good starting point.
 
The process;
 
The agent starts and connects to the databases. As part of the connection process, a check is made to see if any databases are behind (see <span class="code">[https://github.com/ClusterLabs/striker/blob/master/AN/Tools/DB.pm AN::Tools::DB.pm->find_behind_databases()]</span>). If so, the agent will act on this by initiating a resync.
 
The resync process is fundamentally simple; All records are read in from it's history schema of all connected databases into a common hash based on the time a given record was recorded and the unique ID of the record. The same data is loaded into database-specific hash for later comparison. We also note for each unique record that we've seen at least one copy of the record for a later step. An example "record" would be a server's UUID, which uniquely identifies it regardless of the host node or Anvil!.
 
Here is an example of how the data is read in:
 
<syntaxhighlight lang="perl">
my $query = "
SELECT
    server_uuid,
    server_name,
    server_stop_reason,
    server_start_after,
    server_start_delay,
    server_note,
    server_definition,
    server_host,
    server_state,
    server_migration_type,
    server_pre_migration_script,
    server_pre_migration_arguments,
    server_post_migration_script,
    server_post_migration_arguments,
    modified_date
FROM
    history.servers
;";
</syntaxhighlight>
 
Without constraints, ''all'' data in the table will be read in. This data is recorded in the 'unified' hash using the modification time and the unique identifier as keys.
 
<syntaxhighlight lang="perl">
# Record this in the unified and local hashes.
$anvil->data->{db_data}{unified}{servers}{modified_date}{$modified_date}{server_uuid}{$server_uuid} = {
server_name => $server_name,
server_stop_reason => $server_stop_reason,
server_start_after => $server_start_after,
server_start_delay => $server_start_delay,
server_note => $server_note,
server_definition => $server_definition,
server_host => $server_host,
server_state => $server_state,
server_migration_type => $server_migration_type,
server_pre_migration_script => $server_pre_migration_script,
server_pre_migration_arguments => $server_pre_migration_arguments,
server_post_migration_script => $server_post_migration_script,
server_post_migration_arguments => $server_post_migration_arguments,
};
</syntaxhighlight>
 
Next, for the current Database ID that we're reading from, note that the server with the given ID exists in the <span class="code">public</span> database schema. We'll also set this 'seen' as '0' for now. We'll see why in a moment.
<syntaxhighlight lang="perl">
$anvil->data->{db_data}{$id}{servers}{server_uuid}{$server_uuid}{'exists'} = 1;
$anvil->data->{db_data}{$id}{servers}{server_uuid}{$server_uuid}{seen}    = 0;
</syntaxhighlight>
 
Finally, record the same data in another hash, identified by the currently active database ID in another hash.
<syntaxhighlight lang="perl">
$anvil->data->{db_data}{$id}{servers}{modified_date}{$modified_date}{server_uuid}{$server_uuid} = {
server_name => $server_name,
server_stop_reason => $server_stop_reason,
server_start_after => $server_start_after,
server_start_delay => $server_start_delay,
server_note => $server_note,
server_definition => $server_definition,
server_host => $server_host,
server_state => $server_state,
server_migration_type => $server_migration_type,
server_pre_migration_script => $server_pre_migration_script,
server_pre_migration_arguments => $server_pre_migration_arguments,
server_post_migration_script => $server_post_migration_script,
server_post_migration_arguments => $server_post_migration_arguments,
};
</syntaxhighlight>
 
So, once the read is done from all accessible databases, we'll have a set of hashes; One being the unified collection of all data from both/all sources, plus a hash for each database.
 
{{note|1=This looks a little complicated, but it is worth the mental effort. With this in place, users will never need to worry about data recovery or synchronization so long as even one copy of the database exists somewhere. Scancore database servers can come and go or be destroyed and replaced trivially. So please bear with it... The logic seems complex, but it is fundamentally quite simple.}}
 
With this, here is the sync process:
 
# Walk through the unified records for each given modification timestamp, newest records first, oldest records last.
## Walk through each unique record for the given timestamp (continuing the example, this would be each server's UUID).
### Loop through each connected database ID.
#### Check to see if the unique record ID '''has been seen''' in the resync process yet. (''Note'': This will always be 'not' the first time because the first instance of a record at the most recent time stamp will go into the <span class="code">public</span> schema where all other records will go into the <span class="code">history</span> schema.)
##### '''IF NOT seen''':
###### Mark the record as now having been seen.
###### Check to see if the unique record ID '''exists at all''' on this database.
####### '''IF exists''': Does the record at the current time stamp exist?
######## '''IF NOT at this timestamp''': <span class="code">UPDATE</span> the <span class="code">public</span> schema (the record was already in the <span class="code">public</span> schema, but it was old).
####### '''IF NOT exists''': <span class="code">INSERT</span> it into the <span class="code">public</span> schema as the record didn't exist yet.
##### '''IF seen''':
###### Does it exist at this timestamp?
####### '''If not at this timestamp''': <span class="code">INSERT</span> it into the <span class="code">history</span> schema at the current timestamp.
 
All of these <span class="code">UPDATE</span> and <span class="code">INSERT</span> calls go into an array per database. When all the unified records have been processed, each database array with one or more records is then sent to the given database to be processed in one transaction.
 
Lastly, the hashes that stored all the unified and per-DB records is deleted to clear up memory.
 
Voila! Your data is now synchronized on all databases!
 
=== Resync Target-Bound Data ===
 
The only difference between resync'ing global data from target-bound records in that a constraint is used on the initial reading of data from the connected databases.
 
We will use <span class="code">[https://github.com/ClusterLabs/striker/blob/master/Scancore/agents/scan-bond/scan-bond scan-bond]</span> agent which monitors bonded network interfaces on each node or Striker dashboard. In all cases, the state of the bonds only matters to the one host with the actual bonds. The other nodes and dashboards don't care about it.
 
In this example, then, the bond records will be bound to the <span class="code">hosts</span> -> <span class="code">host_uuid</span>, which is stored on each machine in <span class="code">/etc/striker/host.uuid</span> and is presented in Scancore in the <span class="code">sys::host_uuid</span> variable.
 
The read, then, looks like this;
 
<syntaxhighlight lang="perl">
my $query = "
SELECT
    bond_uuid,
    bond_name,
    bond_mode,
    bond_primary_slave,
    bond_primary_reselect,
    bond_active_slave,
    bond_mii_status,
    bond_mii_polling_interval,
    bond_up_delay,
    bond_down_delay,
    modified_date
FROM
    history.bond
WHERE
    bond_host_uuid = ".$anvil->data->{sys}{use_db_fh}->quote($anvil->data->{sys}{host_uuid})."
;";
</syntaxhighlight>
 
With the <span class="code">WHERE bond_host_uuid = ".$anvil->data->{sys}{use_db_fh}->quote($anvil->data->{sys}{host_uuid})."</span> constraint, all of the data read in from the database will come from the current host machine. Bond records for other nodes and dashboard systems will be ignored.
 
In this way, our data will sync between the Scancore databases we use, but we ''won't'' sync bond records for other hosts (which may sync between an entirely different set of Scancore databases).
 
The rest of the synchronization is process is exactly the same as above. The unified and per-DB hashes will be processed exactly the same way (just with a subset of the data).
 
Easy peasy!
 
== Unit Parsing ==
 
One of the tricker bits of magic that Scancore pulls off is the ability to simultaneously deliver alerts to different recipients in different languages. This is tricky because the agents setting alerts don't process the messages. So we need a standard way to pass values in an alert to Scancore in a translatable format.
 
This is done via the special '<span class="code">alerts</span>' table.
 
{{note|1=Explain this...}}
 
When setting a string to be later translated using double-bang variables line '<span class="code">!!$variable!$value!!</span>', the '<span class="code">$value</span>' will be analysed for certain suffixes. Those suffixes, when found, are translates into the language, unit or human readable appropriate values. For example, '<span class="code">!!size!1024 bytes!!</span>' will be translated to the language-appropriate base-2 human readable size, '<span class="code">1 KiB</span>'.
 
Similarly, temperatures can also be unit-converted for the notification target. So a value like '<span class="code">#!core_temperature!30 C!!</span>' can be translated to '<span class="code">30°C</span>' or, for users preferring imperial measurements, '<span class="code">68°F</span>'.
 
The full list of translated special suffixes are:
 
{{note|1=The 'suffix' strings are case sensitive! If you want your agent's alerts to use these translation, please mind the case and spelling. This is strict to minimise the chance of accidentally formatting a string not meant to be translated by this feature.}}
 
{|class="wikitable sortable"
!Suffix
!String Key
!Note
|-
|class="code"|%
|class="code"|tools_suffix_0016
|Percentage
|-
|class="code"|W
|class="code"|tools_suffix_0017
|[https://en.wikipedia.org/wiki/Watt Watts]
|-
|class="code"|vDC
|class="code"|tools_suffix_0018
|[https://en.wikipedia.org/wiki/Volt Volts] [https://en.wikipedia.org/wiki/Direct_current DC]
|-
|class="code"|vAC
|class="code"|tools_suffix_0019
|[https://en.wikipedia.org/wiki/Volt Volts] [https://en.wikipedia.org/wiki/Alternating_current AC]
|-
|class="code"|A
|class="code"|tools_suffix_0020
|[https://en.wikipedia.org/wiki/Ampere Amperes]
|-
|class="code"|RPM
|class="code"|tools_suffix_0021
|[https://en.wikipedia.org/wiki/Revolutions_per_minute Rotations Per Minute]
|-
|class="code"|Bps
|class="code"|tools_suffix_0022
|[https://en.wikipedia.org/wiki/Data_rate_units Bits per second]
|-
|class="code"|Kbps
|class="code"|tools_suffix_0023
|[https://en.wikipedia.org/wiki/Data_rate_units#Kilobit_per_second Kilobits per second]
|-
|class="code"|Mbps
|class="code"|tools_suffix_0024
|[https://en.wikipedia.org/wiki/Data_rate_units#Megabit_per_second Megabits per second]
|-
|class="code"|Gbps
|class="code"|tools_suffix_0025
|[https://en.wikipedia.org/wiki/Data_rate_units#Gigabit_per_second Gigabits per second]
|-
|class="code"|Tbps
|class="code"|tools_suffix_0026
|[https://en.wikipedia.org/wiki/Data_rate_units#Terabit_per_second Terabits per second]
|-
|class="code"|Bytes
|class="code"|--
|{{note|1=Only whole byte values are supported. Fractional byte values will not be converted.}}
These will be translated to the [[Base-2]] human readable size via the '<span class="code">[https://github.com/ClusterLabs/striker/blob/master/AN/Tools/Readable.pm AN::Tools::Readable->bytes_to_hr()]</span>' method. The suffix returned are those accepted by the [https://en.wikipedia.org/wiki/International_System_of_Quantities ISQ] for base-2 short forms. The [[IEC and SI Size Notations|sizes returned]] are; <span class="code">[[KiB]]</span>, <span class="code">[[MiB]]</span>, <span class="code">[[GiB]]</span>, [[TiB]], <span class="code">[[PiB]]</span>, <span class="code">[[EiB]]</span>, <span class="code">[[ZiB]]</span> and <span class="code">[[YiB]]</span>. <span class="code">KiB</span> is rounded to one decimal place, <span class="code">MiB</span> through <span class="code">TiB</span> are rounded to two decimal places and <span class="code">PiB</span> through <span class="code">YiB</span> are rounded to three decimal places.
|-
|class="code"|sec
|class="code" style="text-align: center;"|tools_suffix_0027
~<br />
tools_suffix_0031
|{{note|1=Only whole seconds are supported. Fractional values will not be converted.}}
The number of seconds given will be returned as a human-readable period of time in the short format '<span class="code">#w, #d, #h, #m, #s</span>' via the '<span class="code">[https://github.com/ClusterLabs/striker/blob/master/AN/Tools/Readable.pm AN::Tools::Readable->time()]</span>' method. If the number of seconds is too short for a number of minutes, hours, days or weeks, those units will be omitted.
|-
|class="code"|seconds
|class="code" style="text-align: center;"|tools_suffix_0032
~<br />
tools_suffix_0036
|{{note|1=Only whole seconds are supported. Fractional values will not be converted.}}
The number of seconds given will be returned as a human-readable period of time in the long format '<span class="code"># Weeks, # Days, # Hours, # Minutes, # Seconds</span>' via the '<span class="code">[https://github.com/ClusterLabs/striker/blob/master/AN/Tools/Readable.pm AN::Tools::Readable->time()]</span>' method. If the number of seconds is too short for a number of minutes, hours, days or weeks, those units will be omitted.
|-
|class="code"|Second
|class="code"|tools_suffix_0037
|Singular "Second".
|-
|class="code"|Seconds
|class="code"|tools_suffix_0038
|{{note|1=Note that this has a capitalised 'S'.}}
Plural "Seconds".
|-
|class="code"|Minute
|class="code"|tools_suffix_0039
|Singular "Minute"
|-
|class="code"|Minutes
|class="code"|tools_suffix_0040
|Plural "Minutes"
|-
|class="code"|Hour
|class="code"|tools_suffix_0041
|Singular "Hour".
|-
|class="code"|Hours
|class="code"|tools_suffix_0042
|Plural "Hours".
|-
|class="code"|Day
|class="code"|tools_suffix_0043
|Singular "Day".
|-
|class="code"|Days
|class="code"|tools_suffix_0044
|Plural "Days".
|-
|class="code"|Week
|class="code"|tools_suffix_0045
|Singular "Week".
|-
|class="code"|Weeks
|class="code"|tools_suffix_0046
|Plural "Weeks".
|-
|class="code"|C
|class="code" style="text-align: center;"|tools_suffix_0010
or<br />
tools_suffix_0012
|The value is in celsius. Which string is returned will depend on the notification target's preference for metric or imperial units of measurement. If metric (the default), <span class="code">tools_suffix_0010</span> is appended to the value and returned. If imperial, the value is converted to fahrenheit and the suffix <span class="code">tools_suffix_0012</span> will be appended.
|}
 
In some cases, the value returned by a string is a simple string in a given language (usually English). To translate this, certain values will be translated based on the table below.
 
{{note|1=Unlike 'value unit' pairs above, these are evaluated '''without''' case sensitivity.}}
 
{|class="wikitable sortable"
!Suffix
!String Key
!Note
|-
|class="code"|Yes
|class="code"|tools_suffix_0047
|The affirmative string "Yes".
|-
|class="code"|No
|class="code"|tools_suffix_0048
|The negative string "No".
|-
|class="code"|Enabled
|class="code"|tools_suffix_0049
|The string "Enabled".
|-
|class="code"|Disabled
|class="code"|tools_suffix_0050
|The string "Enabled".
|-
|class="code"|On
|class="code"|tools_suffix_0051
|The string "On".
|-
|class="code"|Off
|class="code"|tools_suffix_0052
|The string "Off".
|-
|class="code"|
|class="code"|
|
|}


<span class="code"></span>
<span class="code"></span>

Latest revision as of 00:45, 16 August 2023

 Alteeve Wiki :: How To :: Scancore

Template warning icon.svg
Warning: This is little more that raw notes, do not consider anything here to be valid or accurate at this time.

Scancore - The Decision Engine

Scancore is, at its core, a "decision engine".

It was created as a way for Anvil! systems to make intelligent decisions based on data coming in from any number of places. It generates alerts for admins, so in this regard it is an alert and monitoring solution, but that is almost a secondary benefit.

The core of Scancore has no way of gathering data and it doesn't care how data is collected. It walks through a special agents directory and any agent it finds in there, it runs. Each agent connects to any number of Scancore databases, checks whatever it knows how to scan, compares the current data with static limits and compares against historic values (as it deems fit) and records data (new or changed values) into the database.

An agent may decide to take independent action, like sending an alert or attempting a recovery of the devices or software it monitors, and then exits. If an agent doesn't find any hardware or software it knows about, it immediately exits without doing anything further.

After all agents run, Scancore runs through post-scan tasks, depending on whether the machine it is running on is an Anvil! node or a Scancore database. This is where the "decision engine" comes into play.

Lets look at a couple of examples;

Example 1; Overheating

Scancore can tell the difference between a local node overheating and the room it is in overheating.

If the node itself has overheated, it will migrate servers over to the healthy peer. If the enough temperature sensors go critical, the node will power off.

If, however, both nodes are overheating then Scancore can deduce that the room is overheating. In this case, it can automatically shed load to reduce the amount of heat being pumped into the room and slow down the rate of heating. Later, when the room cools, it will automatically reboot the shedded node and reform the Anvil! pair, restoring redundancy without ever requiring a human's input.

How does it do this?

Multiple scan agents record thermal data. The scan-ipmitool tool checks the host's IPMI sensor data which includes many thermal sensors and their upper and lower warning and critical thresholds. The scan-storcli agent scan LSI-based RAID controllers and the attached hard drives and solid state drives. These also have thermal data. This is true also for many UPSes, ethernet switches and so forth.

As each agent checks its thermal sensors, any within nominal ranges are recorded by the agent in its database tables. Any that are in a warning state though, that is, overly warm or cool but not yet a problem, get pushed into a special 'temperature' database table. Alone, Scancore does nothing more than mark the node's health as 'warning' and no further action is taken.

If a given agent finds a given sensor reaching a 'critical' state, that is hot enough or cold enough to be a real concern, it it also pushed into the 'temperature' table. At the end of the scan, Scancore will "add up" the number of sensors that are critical.

If the sum of the sensors exceed a limit, and if the host is a node, Scancore will take action by shutting down. Each sensor has a default weight of '1' and by default, the shutdown threshold is "greater than five". So by default, a node will shut down when 6 or more sensors go critical. This is entirely configurable on a per-sensor basis as well as the shutdown threshold.

Later, when the still-accessible temperature sensors return to an acceptable level, Scancore running on any one of the dashboards will power the node back up. Note that Scancore will check how many times a node has overheated recently and extend a "cool-down" period before rebooting a node. This way, a node with a chronic overheating condition will be rebooted less often. Once repaired though, the reboots will eventually be "forgotten" and the cool-down delay will reset.

What about thermal load shedding?

The example above spoke to a single node overheating. If you recall, Scancore does "post-scan calculations". When on a node, this includes a check to see if the peer's temperature has entered a "warning" state when it has as well. Using a similar heuristic, when both nodes have enough temperature sensors in 'warning' or 'critical' state for more than a set period of time, one of the nodes will be withdrawn and shut down.

Unlike the example above, which shutdown the host node after a critical heuristic is passed, the load-shedding kicks in only when both nodes are registering a thermal event at the same time for more than a set (and configurable) period of time.

Example 2; Loss of input power

In all Anvil! systems, at least two network-monitored UPSes are powering the nodes' redundant power supplies. Thus, the loss of one UPS does not pose a risk to the system and can be ignored. Traditionally, most UPS monitoring software would assume it was the sole power provider for a machine and would initiate a shutdown if it reached critically low power levels.

With Scancore, it understands that each node has two (or more) power sources. If one UPS loses mains power, an alert will be registered but nothing more will be done. Should the one UPS deplete entirely, the power will be lost and additional alerts will be registered when input power is lost to one of the redundant power supplies, but otherwise nothing more will happen.

Thus, Scancore is redundancy-aware.

Consider another power scenario; Power is lost the both UPSes feeding a node. In this case, Scancore does two things;

  1. It begins monitoring the estimated hold-up time of the strongest UPS. If the strongest UPS drops below a minimum hold-up time, a graceful shutdown of hosted servers is initiated followed by the node(s) withdrawing and powering off. Note that if different UPSes power the nodes, Scancore will know that the peer is healthy and will migrate servers to the node with power long before the node needs to shutdown.

In a typical install, the same pair of UPSes power both nodes in the Anvil!. In the case where power is lost to both UPSes, a timer is checked. Once both nodes have been running on UPS batteries for more than two minutes, load shedding will occur. If needed, servers will migrate to consolidate on one node, then the sacrificial node will withdraw and power off to extend the runtime of the remaining node.

If, after load shedding, power stays out for too long and minimum hold-up times are crossed, the remaining node will gracefully shut down the servers and then power itself off.

Later, power is restored.

At this point, the Striker dashboards will boot (if all power was lost). Once up, they will note that both nodes are off and check the UPSes. If both UPSes are depleted (or minimally charged), they will take no action. Instead, they will monitor the charge rate of the UPSes. Once one of the UPSes hits a minimum charge percentage, it will boot the nodes and restore full Anvil! services, including booting all servers.

The logic behind the delay is to ensure that, if mains power is lost immediately after powering the nodes back on, there is sufficient charge for the nodes to power back up, detect the loss and shut back down safely.

Example 3; Node Health

The final example will show how Scancore can react to a localized node issue.

Consider the scenario where Node 1 is the active host. The RAID controller on the host reports that a hard drive is potentially failing. An alert is generated but no further action is taken.

Later, a drive fails entirely and the node enters a degraded state.

At this point, Scancore would note that Node 1 is now in a 'warning' state and the peer node is 'ok' and a timer is started. Recall that Scancore can't determine the nature of a warning, so it pauses a little bit to avoid taking action on a transient issue. Two minutes after the failure, with the 'warning' state still present, Scancore will migrate all hosted servers over to Node 2.

It will remain in the Anvil! and no further action will be taken. However, now, if a second drive were to fail (assuming RAID level 5), Node 1 would be lost and fenced, but no interruption would occur because the servers were already moved as a precaution.

If the drive is replaced before any further issues arise, Node 1 would return to an 'ok' state but nothing else would happen. Servers would be left on Node 2 because there is no benefit or concern around which node is hosting the servers at any given time.

Scan Agents

When an agent runs and connects to the database layer, a timestamp is created and that time stamp is then used for all databases changes made in that given pass. This means that the modification timestamps will be the same for a given pass, regardless of the actual time when the record was changed. This makes resynchronization far more sane, at the cost of some resolution.

If your agent needs accurate record change timestamps, please make a note to record that current time as a separate database column.


 

Any questions, feedback, advice, complaints or meanderings are welcome.
Us: Alteeve's Niche! Support: Mailing List IRC: #clusterlabs on Libera Chat
© Alteeve's Niche! Inc. 1997-2023   Anvil! "Intelligent Availability™" Platform
legal stuff: All info is provided "As-Is". Do not use anything here unless you are willing and able to take responsibility for your own actions.