best-effortpriority setting are not part of the failover plan and are not guaranteed to be kept running, since capacity is not reserved for them. If the pool experiences server failures and enters a state where the number of tolerable failures drops to zero, the protected VMs will no longer be guaranteed to be restarted. If this condition is reached, a system alert will be generated. In this case, should an additional failure occur, all VMs that have a restart priority set will behave according to the best-effortbehavior.

If a protected VM cannot be restarted at the time of a server failure (for example, if the pool was overcommitted when the failure occurred), further attempts to start this VM will be made as the state of the pool changes. This means that if extra capacity becomes available in a pool (if you shut down a non-essential VM, or add an additional server, for example), a fresh attempt to restart the protected VMs will be made, which may now succeed.

Note:

No running VM will ever be stopped or migrated in order to free resources for a VM with always-run=trueto be restarted.

Enabling HA on a XenServer Pool

HA can be enabled on a pool using either XenCenter or the command-line interface. In either case, you will specify a set of priorities that determine which VMs should be given highest restart priority when a pool is overcommitted.

Warning:

When HA is enabled, some operations that would compromise the plan for restarting VMs may be disabled, such as removing a server from a pool. To perform these operations, HA can be temporarily disabled, or alternately, VMs protected by HA made unprotected.

Enabling HA Using the CLI

1.Verify that you have a compatible Storage Repository (SR) attached to your pool. iSCSI, NFS or Fibre Channel are compatible SR types. Please refer to the reference guide for details on how to configure such a storage repository using the CLI.

2.For each VM you wish to protect, set a restart priority. You can do this as follows:

xe vm-param-set uuid=<vm_uuid> ha-restart-priority=<1>ha-always-run=true

3.Enable HA on the pool:

xe pool-ha-enable heartbeat-sr-uuids=<sr_uuid>

4.Run the pool-ha-compute-max-host-failures-to-toleratecommand. This command returns the maximum number of hosts that can fail before there are insufficient resources to run all the protected VMs in the pool.

xe pool-ha-compute-max-host-failures-to-tolerate

The number of failures to tolerate determines when an alert is sent: the system will recompute a failover plan as the state of the pool changes and with this computation the system identifies the capacity of the pool and how many more failures are possible without loss of the liveness guarantee for protected VMs. A system alert is generated when this computed value falls below the specified value for ha-host-failures-to-tolerate.

5.Specify the number of failures to tolerate parameter. This should be less than or equal to the computed value:

xe pool-param-set ha-host-failures-to-tolerate=<2>uuid=<pool-uuid>

Removing HA Protection from a VM using the CLI

To disable HA features for a VM, use the xe vm-param-setcommand to set the ha-always-runparameter to false. This does not clear the VM restart priority settings. You can enable HA for a VM again by setting the ha-always-runparameter to true.

29

Page 46 Page 48
Page 47
Image 47
Citrix Systems 6 manual Enabling HA on a XenServer Pool, Enabling HA Using the CLI
Page 46 Page 48
Top Page Image Contents