Whocarez wrote:
In the current situation, I can split the cluster. Use HA on each site but not over both sites. (affinity settings).If the primairy site failes I should be able to manualy recover the vm's on the secondairy knowing that there is data loss.
The HA agent in ESXi5 utilizes a heartbeat on the datastores themselves. If your VMFS datastore is synchronously mirrored, so that a write can be made on either side, then it can possibly be configured to "look like" the same datastore to all the hosts.
So that any write operation to either side is immediately propagated to the opposite side, before the write is committed.
In fact... you really need not only synchronous mirroring of the files, but also mirroring of file locks,
so that a VM cannot accidentally be started on both sides simultaneously, either by HA, or by a human.
However, if the datastore is only asynchronously mirrored, the datastore will "look different" to different hosts.
Different hosts will see different filesystem contents, and for HA purposes, the hosts care about that.
The split brain problem i'm awair of and could be solved with vmware heartbeat if i'm correct.
The VMware vCenter Heartbeat product is a product for backing up vCenter; it doesn't help with VMware HA.
Other than forcing failover to be a manual operation... (in that case, why try to use HA?)
The only real ways to really prevent split brain in a HA scenario are to have assuredly redundant communication links,
that you can guarantee will never fail together, or have a "third site", with some kind of resource, so you have
an odd number of "clustered systems" (sites that can fail) with independent communication paths.
