running on it to be stopped. The other servers will detect that the VMs are no longer running and the VMs will be restarted according to the restart priorities assign to them. The fenced server will enter a reboot sequence, and when it has restarted it will try to re-join the resource pool.

Configuration Requirements

To use the HA feature, you need:

Shared storage, including at least one iSCSI or Fibre Channel LUN of size 356MB or greater - the heartbeat SR. The HA mechanism creates two volumes on the heartbeat SR:

4MB heartbeat volume Used for heartbeating.

256MB metadata volume

Stores pool master metadata to be used in the case of master failover.

If you are using a NetApp or EqualLogic SR, manually provision an iSCSI LUN on the array to use as the heartbeat SR.

A XenServer pool (this feature provides high availability at the server level within a single resource pool).

Enterprise licenses on all hosts.

Static IP addresses for all hosts.

Warning:

Should the IP address of a server change while HA is enabled, HA will assume that the host's network has failed, and will probably fence the host and leave it in an unbootable state. To remedy this situation, disable HA using the host-emergency-ha-disablecommand, reset the pool master using pool-emergency-reset- master, and then re-enable HA.

For a VM to be protected by the HA feature, it must be agile. This means that:

it must have its virtual disks on shared storage (any type of shared storage may be used; the iSCSI or Fibre Channel LUN is only required for the storage heartbeat and can be used for virtual disk storage if you prefer, but this is not necessary)

it must not have a connection to a local DVD drive configured

it should have its virtual network interfaces on pool-wide networks.

Citrix strongly recommends the use of a bonded management interface on the servers in the pool if HA is enabled, and multipathed storage for the heartbeat SR.

If you create VLANs and bonded interfaces from the CLI, then they may not be plugged in and active despite being created. In this situation, a VM can appear to be not agile, and cannot be protected by HA. If this occurs, use the CLI pif-plugcommand to bring the VLAN and bond PIFs up so that the VM can become agile. You can also determine precisely why a VM is not agile by using the xe diagnostic-vm-statusCLI command to analyze its placement constraints, and take remedial action if required.

Restart priorities

Virtual machines are assigned a restart priority and a flag that indicates whether they should be protected by HA or not. When HA is enabled, every effort is made to keep protected virtual machines live. If a restart priority is specified, any protected VM that is halted will be started automatically. If a server fails then the VMs on it will be started on another server.

The possible restart priorities are:

24

Page 43 Page 45
Page 44
Image 44
Citrix Systems 5.6 manual Configuration Requirements, Restart priorities
Page 43 Page 45
Top Page Image Contents