Jump to: navigation, search

Difference between revisions of "RescueMode"

m (Text replace - "__NOTOC__" to "")
m (Text replace - "NovaSpec" to "NovaSpec")
Line 1: Line 1:
  
 
<!-- ##(see the [[SpecSpec]] for an explanation) -->
 
<!-- ##(see the [[SpecSpec]] for an explanation) -->
* '''Launchpad Entry''': [[NovaSpec]]:rescue-mode
+
* '''Launchpad Entry''': NovaSpec:rescue-mode
 
* '''Created''': 2010-09-01
 
* '''Created''': 2010-09-01
 
* '''Contributors''': [[JesseAndrews]]
 
* '''Contributors''': [[JesseAndrews]]

Revision as of 23:31, 17 February 2013

  • Launchpad Entry: NovaSpec:rescue-mode
  • Created: 2010-09-01
  • Contributors: JesseAndrews

Summary

An instance's filesystem could become corrupted with prolonged usage. Rescue mode provides a mechanism for access even when the VM's image renders the instance inaccessible.

Release Note

A method has been added to OpenStack compute to reboot a virtual machine in rescue mode. A rescue VM is launched that allows a user to fix their VM (by accessing with a new root password).

Rationale

Rackspace/Slicehost parity

User stories

A user deleted a crucial file needed to launch a VM as they found out after they rebooted. The user was able to reboot in rescue mode and restore the original file.

Assumptions

  • rescue VM is given the same network configuration as real VM
  • a new root username/password is generated
  • a new API method is needed since Cloud Servers Developer Guide (API v1) doesn't include a rescue mode
  • a rescue image would be provided (the image id woudl be a nova configuration option)

Design

When the API method is called:

  • VM is marked in rescue mode
  • VM is shutdown
  • a new VM is created with identical network configuration but a new root password
  • the new VM has a rescue image as the primary filesystem and the secondary filesystem would be the original VM's primary filesystem

Add an API method for finish rescue:

  • the rescue machine is shutdown, the original VM is respawned with any changes

Status Transition:

  • ACTIVE → QUEUE_RESCUE → PREP_RESCUE → RESCUE → VERIFY_RESCUE
  • ACTIVE → QUEUE_RESCUE → ACTIVE (on error)

Model after RS cloud:

  • Actions such as destroy are not possible while machine is in rescue mode.

Implementation

Model the api after the /server/:id/action method.

Test/Demo Plan