Difference between revisions of "RescueMode"
m (Text replace - "__NOTOC__" to "") |
m (Text replace - "NovaSpec" to "NovaSpec") |
||
Line 1: | Line 1: | ||
<!-- ##(see the [[SpecSpec]] for an explanation) --> | <!-- ##(see the [[SpecSpec]] for an explanation) --> | ||
− | * '''Launchpad Entry''': | + | * '''Launchpad Entry''': NovaSpec:rescue-mode |
* '''Created''': 2010-09-01 | * '''Created''': 2010-09-01 | ||
* '''Contributors''': [[JesseAndrews]] | * '''Contributors''': [[JesseAndrews]] |
Revision as of 23:31, 17 February 2013
- Launchpad Entry: NovaSpec:rescue-mode
- Created: 2010-09-01
- Contributors: JesseAndrews
Contents
Summary
An instance's filesystem could become corrupted with prolonged usage. Rescue mode provides a mechanism for access even when the VM's image renders the instance inaccessible.
Release Note
A method has been added to OpenStack compute to reboot a virtual machine in rescue mode. A rescue VM is launched that allows a user to fix their VM (by accessing with a new root password).
Rationale
Rackspace/Slicehost parity
User stories
A user deleted a crucial file needed to launch a VM as they found out after they rebooted. The user was able to reboot in rescue mode and restore the original file.
Assumptions
- rescue VM is given the same network configuration as real VM
- a new root username/password is generated
- a new API method is needed since Cloud Servers Developer Guide (API v1) doesn't include a rescue mode
- a rescue image would be provided (the image id woudl be a nova configuration option)
Design
When the API method is called:
- VM is marked in rescue mode
- VM is shutdown
- a new VM is created with identical network configuration but a new root password
- the new VM has a rescue image as the primary filesystem and the secondary filesystem would be the original VM's primary filesystem
Add an API method for finish rescue:
- the rescue machine is shutdown, the original VM is respawned with any changes
Status Transition:
- ACTIVE → QUEUE_RESCUE → PREP_RESCUE → RESCUE → VERIFY_RESCUE
- ACTIVE → QUEUE_RESCUE → ACTIVE (on error)
Model after RS cloud:
- Actions such as destroy are not possible while machine is in rescue mode.
Implementation
Model the api after the /server/:id/action method.