* [PVE-User] 'HA' on a single node...
@ 2020-10-14 13:21 Marco Gaiarin
[not found] ` <mailman.8.1602690308.246.pve-user@lists.proxmox.com>
0 siblings, 1 reply; 2+ messages in thread
From: Marco Gaiarin @ 2020-10-14 13:21 UTC (permalink / raw)
To: pve-user
OK, subject is a bit an oxymoron, but...
I need to setup a PVE standalone server, where one of the VMs is a
firewall, that permit the connection to the Internet, and so also the
management of the PVE instance.
If 'something' (in the mostly vague sense of) goes wrong, and the
firewall VM does not start, i'm cutted out.
I think i've two chices:
a) move the firewall part, at least the more critical one, to the
phisical node, PVE. This is simple and effective, but clearly not a
'clean' solution.
b) use a VM as firewall, but built around it some sort of 'HA', eg some
scripts or something like that will do all the effort possible to keep
the 'firewall' VM running.
Because the firewall VM will be a rather simple one, could be also
something like: throw away current vm and restore the more recent
backup.
Someone have just done something like that? Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PVE-User] 'HA' on a single node...
[not found] ` <mailman.8.1602690308.246.pve-user@lists.proxmox.com>
@ 2020-10-16 14:46 ` Marco Gaiarin
0 siblings, 0 replies; 2+ messages in thread
From: Marco Gaiarin @ 2020-10-16 14:46 UTC (permalink / raw)
To: pve-user
Mandi! Arjen via pve-user
In chel di` si favelave...
> Maybe the watchdog option[0] can be of help? You can make the VM restart if it freezes.
Interesting... so i will add to my 'firewall' VM:
watchdog: model=i6300esb,action=reset
and then install and configure watchdog on the VM...
> You can also use qm agent ${VMID} ping [1] to check if the QEMU guest agent is still running in the VM.
> But you will have to do some scripting and check regularly (crontab?) and reset the VM hard if not responding
> (and also give it some time to start the QEMU guest agent).
Good also. But there's some sort of 'feedback' for unresponsive VM? I
suppose this is only a go/nogo test...
> Note that none of those methods may be perfect, but multiple together might help restarting the VM in common cases.
[...]
> Hope this helps. Maybe other people have more tips and tricks?
Probably doing the wrong thing here can be catastrophic, so i hope
someone have some more feedback.
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-10-16 14:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-14 13:21 [PVE-User] 'HA' on a single node Marco Gaiarin
[not found] ` <mailman.8.1602690308.246.pve-user@lists.proxmox.com>
2020-10-16 14:46 ` Marco Gaiarin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox