4.Run the pool-ha-compute-max-host-failures-to-tolerate command. This command returns the maximum number of hosts that can fail before there are insufficient resources to run all the protected VMs in the pool.

xe pool-ha-compute-max-host-failures-to-tolerate

The number of failures to tolerate determines when an alert is sent: the system will recompute a failover plan as the state of the pool changes and with this computation the system identifies the capacity of the pool and how many more failures are possible without loss of the liveness guarantee for protected VMs. A system alert is generated when this computed value falls below the specified value for ha- host-failures-to-tolerate.

5.Specify the number of failures to tolerate parameter. This should be less than or equal to the computed value:

xe pool-param-set ha-host-failures-to-tolerate=<2>

Removing HA protection from a VM using the CLI

To disable HA features for a VM, use the xe vm-param-setcommand to set the ha-always-runparameter to false. This does not clear the VM restart priority settings. You can enable HA for a VM again by setting the ha-always-runparameter to true.

Recovering an unreachable host

If for some reason a host cannot access the HA statefile, it is possible that a host may become unreachable. To recover your XenServer installation it may be necessary to disable HA using the host-emergency-ha- disable command:

xe host-emergency-ha-disable --force

If the host was the pool master, then it should start up as normal with HA disabled. Slaves should reconnect and automatically disable HA. If the host was a Pool slave and cannot contact the master, then it may be necessary to force the host to reboot as a pool master (xe pool-emergency-transition-to-master) or to tell it where the new master is (xe pool-emergency-reset-master):

xe pool-emergency-transition-to-master uuid=<host_uuid>

xe pool-emergency-reset-master master-address=<new_master_hostname>

When all hosts have successfully restarted, re-enable HA:

xe pool-ha-enable heartbeat-sr-uuid=<sr_uuid>

Shutting down a host when HA is enabled

When HA is enabled special care needs to be taken when shutting down or rebooting a host to prevent the HA mechanism from assuming that the host has failed. To shutdown a host cleanly in an HA-enabled environment, first disable the host, then evacuate the host and finally shutdown the host using either XenCenter or the CLI. To shutdown a host in an HA-enabled environment on the command line:

xe host-disable host=<host_name> xe host-evacuate uuid=<host_uuid> xe host-shutdown host=<host_name>

Shutting down a VM when it is protected by HA

When a VM is protected under a HA plan and set to restart automatically, it cannot be shut down while this protection is active. To shut down a VM, first disable its HA protection and then execute the CLI command.

26

Page 46
Image 46
Citrix Systems 5.6 manual Removing HA protection from a VM using the CLI, Recovering an unreachable host