On 19.08.2016 23:20, Andy Zhou wrote:
On Fri, Aug 19, 2016 at 1:40 AM, Valentine Sinitsyn
<valentine.sinit...@gmail.com <mailto:valentine.sinit...@gmail.com>> wrote:
On 19.08.2016 02:44, Andy Zhou wrote:
On Thu, Aug 18, 2016 at 1:41 PM, Valentine Sinitsyn
<valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>> wrote:
On 18.08.2016 23:49, Andy Zhou wrote:
On Thu, Aug 18, 2016 at 8:34 AM, Valentine Sinitsyn
<valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>>> wrote:
On 18.08.2016 17:42, Russell Bryant wrote:
On Thu, Aug 18, 2016 at 2:30 AM, Valentine Sinitsyn
<valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>
<mailto:valentine.sinit...@gmail.com
<mailto:valentine.sinit...@gmail.com>>>>> wrote:
Hi everyone,
Russell, Would HA manager also
manage
ovn-controller
switch over?
Yes, indirectly. The way this is
typically
handled
is by
using a virtual
IP that moves to whatever host is
currently
the master
Cool, then ovn-controller does not have
to be HA
aware.
In my understanding, the virtual IP feature in
Pacemaker (i.e.
IPaddr2) works if both active and passive
nodes of the
cluster are
in the same IP subnet.
For some deployments, this would mean both
nodes a
located
on the
same physical rack. This is not actually a
fault-tolerant design
(think blackout).
If I'm getting virtual IP addresses in Pacemaker
correct,
wouldn't
it be better to make ovn-controller HA
aware? That
is, have
a node
switching command (akin to
ovsdb-server/connect-active-ovsdb-server)
and let Pacemaker make use it?
I was not planning to have pacemaker manage
ovn-controller on
every host.
OK, makes sense.
Would using a proxy server, such as HAproxy, help?
Help in what?
To provide a single routable IP address for ovsdb clients to
connect to.
Yes it would, but doesn't Pacemaker handle this already as well?
If this sounds reasonable, I can take on it
probably.
In general, I think having ovn-controller able
to connect to
more than
one database IP seems fine. I don't expect
everyone to
necessarily
agree on the same HA architecture.
Perhaps it's simple and good enough to add some
support for
multiple IP
addresses for the southbound database that
ovn-controller can rotate
through on reconnect attempts?
As passive ovsdb instance doesn't accept client
connections,
this
wouldn't help much if the connectivity between
ovn-controller and
south ovsdb master is broken. But this scenario is
likely
outside
current HA architecture either.
Yes, something external should change ovsdb-server from
backup into
active. A backup server accepts clinet connections, but
rejects any
"write" transaction that can
change the database.
Pacamaker is a proposed way to do it, as far as I understand.
Right. I am still in favor of using floating IP for this release.
Agree. That's a typical was to deploy Pacemaker, and something which
would work for most people, I guess.
I'm trying to find a solution for a different case, where this IP
can float within the single rack only (as L3 subnet is not permitted
to stretch across racks). The mechanisms involved are complementary,
not mutually exclusive.
In short, yes, having support for multiple IPs in
ovn-controller is
certainly a step forward in the right direction IMO.
I agree it could be a worthwhile feature. If we end up
implementing this
feature, I hope we don't statically configure the backup
server IP
address. It may be better
for the idl client to keep track of current backup
server. One
possible
way to implement it is to store the backup connection
into the
database.
Which of the databases? ovn-controller connects to OVS one,
and to
SB. Storing this in OVS means the backup server need to know all
ovn-controllers on the net, having this information in SB
itself is
somewhat chicken and the egg problem.
I'd think we need store them in both DBs. HA manager or backup
server
can update the SB first, ovn-controller can then replicate the
configurations to its local OVS DB.
An ovsdb-server updating itself sounds somewhat unnatural to me. HA
manager updating the SB (or NB) seems more straightforward. However
this leaves us a narrow race window when an active server fails and
the client is left with no way to learn the backup server address.
HA manager works.
Do you mean the narrow window between a backup server has transitioned
into an active server, but before HA manager adds the next backup server?
Yes.
If it helps, we can update the SB with new backup server address
*before* making it active. Current OVSDB does not allow this, but can
be fixed.
Are there other race windows?
I'm not presently aware of any other races. Although we discussed our
problem within the team today, and it seems we have some other solution
not involving any OVN changes at this point. IOW, this can be probably
postponed.
On a related note, this ML indicates some ongoing work on ovsdb-server
OCF scripts. Do you know if someone works on OCF scripts for ovn-northd,
or there are no plans to make it HA-enabled at this point?
Thanks,
Valentine
Now we store OVN SB location in the OVS database, do we? My
initial
intent was store not one, but two addresses, and switch
between them.
I don't object we start there. and this may be fine for the
situations
where active and backup server will always occupy two well known
addresses. I just hope we have
a plan to to update those addresses in case HA manager launches the
backup server with a differnt IP address.
Ack.
Besides, don't we also want ovn-northd to support multiple
addresses
for NB/SB then?
That would be nice too,
Will have a look on it.
Valentine
The backup server
can issue an transaction to record its connection
information,
before
replicating.
Valentine
Best,
Valentine
--
Russell Bryant
_______________________________________________
dev mailing list
dev@openvswitch.org <mailto:dev@openvswitch.org>
<mailto:dev@openvswitch.org <mailto:dev@openvswitch.org>>
<mailto:dev@openvswitch.org <mailto:dev@openvswitch.org>
<mailto:dev@openvswitch.org <mailto:dev@openvswitch.org>>>
http://openvswitch.org/mailman/listinfo/dev
<http://openvswitch.org/mailman/listinfo/dev>
<http://openvswitch.org/mailman/listinfo/dev
<http://openvswitch.org/mailman/listinfo/dev>>
<http://openvswitch.org/mailman/listinfo/dev
<http://openvswitch.org/mailman/listinfo/dev>
<http://openvswitch.org/mailman/listinfo/dev
<http://openvswitch.org/mailman/listinfo/dev>>>
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev