Difference between revisions of "RescueMode"
Line 36: | Line 36: | ||
* a new VM is created with identical network configuration but a new root password | * a new VM is created with identical network configuration but a new root password | ||
* the new VM has a rescue image as the primary filesystem and the secondary filesystem would be the original VM's primary filesystem | * the new VM has a rescue image as the primary filesystem and the secondary filesystem would be the original VM's primary filesystem | ||
− | * | + | |
+ | Add an API method for finish rescue: | ||
+ | |||
+ | * the rescue machine is shutdown, the original VM is respawned with any changes | ||
+ | |||
+ | Status Transition: | ||
+ | * ACTIVE → QUEUE_RESCUE → PREP_RESCUE → RESCUE → VERIFY_RESCUE | ||
+ | * ACTIVE → QUEUE_RESCUE → ACTIVE (on error) | ||
+ | |||
+ | Model after RS cloud: | ||
+ | * Actions such as destroy are not possible while machine is in rescue mode. | ||
== Implementation == | == Implementation == | ||
− | + | Model the api after the /server/:id/action method. | |
== Test/Demo Plan == | == Test/Demo Plan == |
Revision as of 14:56, 3 September 2010
- Launchpad Entry: NovaSpec:rescue-mode
- Created: 2010-09-01
- Contributors: JesseAndrews
Summary
An instance's filesystem could become corrupted with prolonged usage. Rescue mode provides a mechanism for access even when the VM's image renders the instance inaccessible.
Release Note
A method has been added to OpenStack compute to reboot a virtual machine in rescue mode. A rescue VM is launched that allows a user to fix their VM (by accessing with a new root password).
Rationale
Rackspace/Slicehost parity
User stories
A user deleted a crucial file needed to launch a VM as they found out after they rebooted. The user was able to reboot in rescue mode and restore the original file.
Assumptions
- rescue VM is given the same network configuration as real VM
- a new root username/password is generated
- a new API method is needed since Cloud Servers Developer Guide (API v1) doesn't include a rescue mode
- a rescue image would be provided (the image id woudl be a nova configuration option)
Design
When the API method is called:
- VM is marked in rescue mode
- VM is shutdown
- a new VM is created with identical network configuration but a new root password
- the new VM has a rescue image as the primary filesystem and the secondary filesystem would be the original VM's primary filesystem
Add an API method for finish rescue:
- the rescue machine is shutdown, the original VM is respawned with any changes
Status Transition:
- ACTIVE → QUEUE_RESCUE → PREP_RESCUE → RESCUE → VERIFY_RESCUE
- ACTIVE → QUEUE_RESCUE → ACTIVE (on error)
Model after RS cloud:
- Actions such as destroy are not possible while machine is in rescue mode.
Implementation
Model the api after the /server/:id/action method.