[ovirt-users] Re: basic infra and glusterfs sizing question

2020-06-04 Thread Jiří Sléžka 
On 5/30/20 3:48 PM, Jp wrote:
> I'm running oVirt + Gluster in HCI config and had similar questions
> as you when building it out.

I think it would be nice to have some (best practice) design guides...
but there are so many possibilities how to build a oVirt cluster... This
time I try to build very cheap solution with as much redundancy as is
feasible. But of course what is chep cannot be rock-solid...

>> - single point of failure in this router (not really - just in case
>> oVirt is badly broken and I need to access internal vlans to
>> recover it)
> 
> There is no SPOF if you're doing 3x HCI nodes.  I regularly put 1 of
> my 3 Nodes into Maintenance or shutdown Gluster and have had no
> SPOFs.  Are you only doing a single Node?  If so, the point of
> failure is ... that 1 node :)

you are righ, I ment hypotetical situation with non functional HE vm,
broken gluster etc...

>> * have this router as virtual appliance inside oVirt (something
>> like pfSense for example)
> 
> I'm running pfSense in hardware still (a Netgate ARM device).
> There's plenty of opinions on Reddit, StackOverflow, etc. about
> running any router in VM.  There's several steps you'd need to take
> when I looked into it, and if you setup pfSense's interfaces as
> virtio / vhost I'd imagine you'd bump into limitations b/c those para
> devices weren't intended to do things like hardware offload, advanced
> routing, etc.; so you may have to setup PCI passthru / SR-IOV to get
> all of pfSense's routing capabilities.  So I'm keeping pfSense in
> hardware ... though I've thought of creating a backup pfSense
> instance in VM encase of hardware disaster to keep my Internet up in
> "limp mode" ... but creating a cellular Hotspot is my current backup
> plan :)

thanks for sharing your experience.

I will try to keep my topology as simple as possible in the start.
pfSense appliance is something I can add later.

>> Install all hosts and HE with public addresses
> 
> Why?  The HE is a manager to the cluster and sits on the management
> network (ovirtmgmt), so giving it public IPs would be adding a
> security risk to the setup.  I keep my HE accessible only via local
> VLAN and that's how most folks lock it down.  Are you thinking the HE
> or HCI includes a load balancer?  Eitherway, oVirt doesn't, but
> putting a load balancer in front of VM's and giving it your public IP
> would make more sense for exposing things to the Internet ... but I'm
> assuming too much and don't know what your cluster will be running. 

just for sure I can access it in case of disaster recovery. But it is
overkill and of course security risk. My problem is that I have no other
access to my housing other then through public ips. No problem, I will
add dedicated router which will act as gw for local vlans, NAT and vpn
gw and will keep oVirt hosts inside on private space.

Once more thanks for brainstorming :-)

Cheers,

Jiri


> ___ Users mailing list --
> users@ovirt.org To unsubscribe send an email to
> users-le...@ovirt.org Privacy Statement:
> https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/ List
> Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/BCV75LWZ6KTBTP23OIEYIQOMH42RDO3I/
>



smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BBRHMZVHJZXTHAXWIKLICMJTS2CCO5KN/

[ovirt-users] Re: basic infra and glusterfs sizing question

2020-06-04 Thread Jiří Sléžka 
On 5/29/20 5:27 PM, Jayme wrote:
> Also, I can't think of the limit off the top of my head. I believe it's
> either 75 or 100Gb. If the engine volume is set any lower the
> installation will fail. There is a minimum size requirement.

thanks for reply. Meantime I was looking into RHV 4.4 beta docs and the
limit is mentioned there

Minimum Total - 55 GB

https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4-beta/html/installing_red_hat_virtualization_as_a_self-hosted_engine_using_the_command_line/rhv_requirements#Storage_Requirements_SHE_cli_deploy

but oVirt HE vm is created with 51GB disk

as Strahil mentioned in other post in this thread cockpit/ansible
deploys engine lv for gluster brick as thick volume. Data and vmstore is
deployed as thin volume.

I will probably use default 100GB thick volume... (and only one other
volume for vms on ssd disk)

Cheers,

Jiri

> 
> On Fri, May 29, 2020 at 12:09 PM Jayme  > wrote:
> 
> Regarding Gluster question. The volumes would be provisioned with
> LVM on the same block device. I believe 100Gb is recommended for the
> engine volume. The other volumes such as data would be created on
> another logical volume and you can use up the rest of the available
> space there. Ex. 100gb engine, 500Gb data and 400Gb vmstore. 
> 
> Data domains are basically the same now, in the past there used to
> be different domain types such as ISO domains which are deprecated.
> You don't really need any more than engine volume and data volume. 
> You could have a volume for storing ISOs if you wanted to. You could
> have a separate volume for OS disks and another volume for data
> disks which would give you more flexibility for backups (so that you
> could backup data disks but not OS for example). 
> 
> On Fri, May 29, 2020 at 10:29 AM Jiří Sléžka  > wrote:
> 
> Hello,
> 
> I am just curious if basic gluster HCI layout which is suggested in
> cockpit has some deeper meaning.
> 
> There are suggested 3 volumes
> 
> * engine - it is clear, it is the volume where engine vm is running.
> When this vm is 51GB big how small could this volume be? I have
> 1TB SSD
> storage and I would like utilize it as much as possible. Could I
> create
> this volume as small as this vm is? Is it safe for example for
> future
> upgrades?
> 
> * vmstore - it make sense it is a space for all other vms running in
> oVirt. Right?
> 
> * data - which purpose has this volume? other data like for example
> ISOs? Direct disks?
> 
> Another infra question... or maybe request for comment
> 
> I have small amount of public ipv4 addresses in my housing (but
> I have
> own switches there so I can create vlans and separate internal
> traffic).
> I can access only these public ipv4 addresses directly. I would
> like to
> conserve these addressess as much as possible so what is the best
> approach in your opinion?
> 
> * Install all hosts and HE with management network on private
> addressess
> 
>   * have small router (hw appliance with for example LEDE) which
> will
> utilize one ipv4 address and will do NAT and vpn for accessing my
> internals vlans.
>     + looks like simple approach to me
>     - single point of failure in this router (not really - just
> in case
> oVirt is badly broken and I need to access internal vlans to
> recover it)
> 
>   * have this router as virtual appliance inside oVirt
> (something like
> pfSense for example)
>     + no need hw router
>     + not sure but I could probably configure vrrp redundancy
>     - still single point of failure like in first case
> 
>   * any other approach? Could ovn help here somehow?
> 
> * Install all hosts and HE with public addresses :-)
>   + access to all hosts directly
>   - 3 node HCI cluster uses 4 public ip addressess
> 
> Thanks for your opinions
> 
> Cheers,
> 
> Jiri
> 
> ___
> Users mailing list -- users@ovirt.org 
> To unsubscribe send an email to users-le...@ovirt.org
> 
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> 
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/LIFQQHTFVTS6KICR5MTRPGO5CH7QDLK7/
> 




smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list -- users@ovirt.o

[ovirt-users] Re: basic infra and glusterfs sizing question

2020-05-30 Thread Jp 
I'm running oVirt + Gluster in HCI config and had similar questions as you when 
building it out.

>- single point of failure in this router (not really - just in case oVirt is 
>badly broken and I need to access internal vlans to recover it)

There is no SPOF if you're doing 3x HCI nodes.  I regularly put 1 of my 3 Nodes 
into Maintenance or shutdown Gluster and have had no SPOFs.  Are you only doing 
a single Node?  If so, the point of failure is ... that 1 node :)

>* have this router as virtual appliance inside oVirt (something like pfSense 
>for example)

I'm running pfSense in hardware still (a Netgate ARM device).  There's plenty 
of opinions on Reddit, StackOverflow, etc. about running any router in VM.  
There's several steps you'd need to take when I looked into it, and if you 
setup pfSense's interfaces as virtio / vhost I'd imagine you'd bump into 
limitations b/c those para devices weren't intended to do things like hardware 
offload, advanced routing, etc.; so you may have to setup PCI passthru / SR-IOV 
to get all of pfSense's routing capabilities.  So I'm keeping pfSense in 
hardware ... though I've thought of creating a backup pfSense instance in VM 
encase of hardware disaster to keep my Internet up in "limp mode" ... but 
creating a cellular Hotspot is my current backup plan :)

> Install all hosts and HE with public addresses 

Why?  The HE is a manager to the cluster and sits on the management network 
(ovirtmgmt), so giving it public IPs would be adding a security risk to the 
setup.  I keep my HE accessible only via local VLAN and that's how most folks 
lock it down.  Are you thinking the HE or HCI includes a load balancer?  
Eitherway, oVirt doesn't, but putting a load balancer in front of VM's and 
giving it your public IP would make more sense for exposing things to the 
Internet ... but I'm assuming too much and don't know what your cluster will be 
running.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BCV75LWZ6KTBTP23OIEYIQOMH42RDO3I/

[ovirt-users] Re: basic infra and glusterfs sizing question

2020-05-29 Thread Strahil Nikolov via Users 
Last time I used oVirt to deploy my gluster, cockpit was  using thick LVs 
instead of thin LVM.
I think that thin LVM is  way more  suitable for the task. Then you can set the 
size  to anything needed.

Best Regards,
Strahil Nikolov

На 29 май 2020 г. 18:27:59 GMT+03:00, Jayme  написа:
>Also, I can't think of the limit off the top of my head. I believe it's
>either 75 or 100Gb. If the engine volume is set any lower the
>installation
>will fail. There is a minimum size requirement.
>
>On Fri, May 29, 2020 at 12:09 PM Jayme  wrote:
>
>> Regarding Gluster question. The volumes would be provisioned with LVM
>on
>> the same block device. I believe 100Gb is recommended for the engine
>> volume. The other volumes such as data would be created on another
>logical
>> volume and you can use up the rest of the available space there. Ex.
>100gb
>> engine, 500Gb data and 400Gb vmstore.
>>
>> Data domains are basically the same now, in the past there used to be
>> different domain types such as ISO domains which are deprecated. You
>don't
>> really need any more than engine volume and data volume.  You could
>have a
>> volume for storing ISOs if you wanted to. You could have a separate
>volume
>> for OS disks and another volume for data disks which would give you
>more
>> flexibility for backups (so that you could backup data disks but not
>OS for
>> example).
>>
>> On Fri, May 29, 2020 at 10:29 AM Jiří Sléžka 
>wrote:
>>
>>> Hello,
>>>
>>> I am just curious if basic gluster HCI layout which is suggested in
>>> cockpit has some deeper meaning.
>>>
>>> There are suggested 3 volumes
>>>
>>> * engine - it is clear, it is the volume where engine vm is running.
>>> When this vm is 51GB big how small could this volume be? I have 1TB
>SSD
>>> storage and I would like utilize it as much as possible. Could I
>create
>>> this volume as small as this vm is? Is it safe for example for
>future
>>> upgrades?
>>>
>>> * vmstore - it make sense it is a space for all other vms running in
>>> oVirt. Right?
>>>
>>> * data - which purpose has this volume? other data like for example
>>> ISOs? Direct disks?
>>>
>>> Another infra question... or maybe request for comment
>>>
>>> I have small amount of public ipv4 addresses in my housing (but I
>have
>>> own switches there so I can create vlans and separate internal
>traffic).
>>> I can access only these public ipv4 addresses directly. I would like
>to
>>> conserve these addressess as much as possible so what is the best
>>> approach in your opinion?
>>>
>>> * Install all hosts and HE with management network on private
>addressess
>>>
>>>   * have small router (hw appliance with for example LEDE) which
>will
>>> utilize one ipv4 address and will do NAT and vpn for accessing my
>>> internals vlans.
>>> + looks like simple approach to me
>>> - single point of failure in this router (not really - just in
>case
>>> oVirt is badly broken and I need to access internal vlans to recover
>it)
>>>
>>>   * have this router as virtual appliance inside oVirt (something
>like
>>> pfSense for example)
>>> + no need hw router
>>> + not sure but I could probably configure vrrp redundancy
>>> - still single point of failure like in first case
>>>
>>>   * any other approach? Could ovn help here somehow?
>>>
>>> * Install all hosts and HE with public addresses :-)
>>>   + access to all hosts directly
>>>   - 3 node HCI cluster uses 4 public ip addressess
>>>
>>> Thanks for your opinions
>>>
>>> Cheers,
>>>
>>> Jiri
>>>
>>> ___
>>> Users mailing list -- users@ovirt.org
>>> To unsubscribe send an email to users-le...@ovirt.org
>>> Privacy Statement: https://www.ovirt.org/privacy-policy.html
>>> oVirt Code of Conduct:
>>> https://www.ovirt.org/community/about/community-guidelines/
>>> List Archives:
>>>
>https://lists.ovirt.org/archives/list/users@ovirt.org/message/LIFQQHTFVTS6KICR5MTRPGO5CH7QDLK7/
>>>
>>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/UZU3JPWVPFWD7SCOUHZXLGYRLGYNOA3J/

[ovirt-users] Re: basic infra and glusterfs sizing question

2020-05-29 Thread Jayme 
Also, I can't think of the limit off the top of my head. I believe it's
either 75 or 100Gb. If the engine volume is set any lower the installation
will fail. There is a minimum size requirement.

On Fri, May 29, 2020 at 12:09 PM Jayme  wrote:

> Regarding Gluster question. The volumes would be provisioned with LVM on
> the same block device. I believe 100Gb is recommended for the engine
> volume. The other volumes such as data would be created on another logical
> volume and you can use up the rest of the available space there. Ex. 100gb
> engine, 500Gb data and 400Gb vmstore.
>
> Data domains are basically the same now, in the past there used to be
> different domain types such as ISO domains which are deprecated. You don't
> really need any more than engine volume and data volume.  You could have a
> volume for storing ISOs if you wanted to. You could have a separate volume
> for OS disks and another volume for data disks which would give you more
> flexibility for backups (so that you could backup data disks but not OS for
> example).
>
> On Fri, May 29, 2020 at 10:29 AM Jiří Sléžka  wrote:
>
>> Hello,
>>
>> I am just curious if basic gluster HCI layout which is suggested in
>> cockpit has some deeper meaning.
>>
>> There are suggested 3 volumes
>>
>> * engine - it is clear, it is the volume where engine vm is running.
>> When this vm is 51GB big how small could this volume be? I have 1TB SSD
>> storage and I would like utilize it as much as possible. Could I create
>> this volume as small as this vm is? Is it safe for example for future
>> upgrades?
>>
>> * vmstore - it make sense it is a space for all other vms running in
>> oVirt. Right?
>>
>> * data - which purpose has this volume? other data like for example
>> ISOs? Direct disks?
>>
>> Another infra question... or maybe request for comment
>>
>> I have small amount of public ipv4 addresses in my housing (but I have
>> own switches there so I can create vlans and separate internal traffic).
>> I can access only these public ipv4 addresses directly. I would like to
>> conserve these addressess as much as possible so what is the best
>> approach in your opinion?
>>
>> * Install all hosts and HE with management network on private addressess
>>
>>   * have small router (hw appliance with for example LEDE) which will
>> utilize one ipv4 address and will do NAT and vpn for accessing my
>> internals vlans.
>> + looks like simple approach to me
>> - single point of failure in this router (not really - just in case
>> oVirt is badly broken and I need to access internal vlans to recover it)
>>
>>   * have this router as virtual appliance inside oVirt (something like
>> pfSense for example)
>> + no need hw router
>> + not sure but I could probably configure vrrp redundancy
>> - still single point of failure like in first case
>>
>>   * any other approach? Could ovn help here somehow?
>>
>> * Install all hosts and HE with public addresses :-)
>>   + access to all hosts directly
>>   - 3 node HCI cluster uses 4 public ip addressess
>>
>> Thanks for your opinions
>>
>> Cheers,
>>
>> Jiri
>>
>> ___
>> Users mailing list -- users@ovirt.org
>> To unsubscribe send an email to users-le...@ovirt.org
>> Privacy Statement: https://www.ovirt.org/privacy-policy.html
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/LIFQQHTFVTS6KICR5MTRPGO5CH7QDLK7/
>>
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/Z232GYXPCKDAH2FCYSJQSDTD7GL6CUT7/

[ovirt-users] Re: basic infra and glusterfs sizing question

2020-05-29 Thread Jayme 
Regarding Gluster question. The volumes would be provisioned with LVM on
the same block device. I believe 100Gb is recommended for the engine
volume. The other volumes such as data would be created on another logical
volume and you can use up the rest of the available space there. Ex. 100gb
engine, 500Gb data and 400Gb vmstore.

Data domains are basically the same now, in the past there used to be
different domain types such as ISO domains which are deprecated. You don't
really need any more than engine volume and data volume.  You could have a
volume for storing ISOs if you wanted to. You could have a separate volume
for OS disks and another volume for data disks which would give you more
flexibility for backups (so that you could backup data disks but not OS for
example).

On Fri, May 29, 2020 at 10:29 AM Jiří Sléžka  wrote:

> Hello,
>
> I am just curious if basic gluster HCI layout which is suggested in
> cockpit has some deeper meaning.
>
> There are suggested 3 volumes
>
> * engine - it is clear, it is the volume where engine vm is running.
> When this vm is 51GB big how small could this volume be? I have 1TB SSD
> storage and I would like utilize it as much as possible. Could I create
> this volume as small as this vm is? Is it safe for example for future
> upgrades?
>
> * vmstore - it make sense it is a space for all other vms running in
> oVirt. Right?
>
> * data - which purpose has this volume? other data like for example
> ISOs? Direct disks?
>
> Another infra question... or maybe request for comment
>
> I have small amount of public ipv4 addresses in my housing (but I have
> own switches there so I can create vlans and separate internal traffic).
> I can access only these public ipv4 addresses directly. I would like to
> conserve these addressess as much as possible so what is the best
> approach in your opinion?
>
> * Install all hosts and HE with management network on private addressess
>
>   * have small router (hw appliance with for example LEDE) which will
> utilize one ipv4 address and will do NAT and vpn for accessing my
> internals vlans.
> + looks like simple approach to me
> - single point of failure in this router (not really - just in case
> oVirt is badly broken and I need to access internal vlans to recover it)
>
>   * have this router as virtual appliance inside oVirt (something like
> pfSense for example)
> + no need hw router
> + not sure but I could probably configure vrrp redundancy
> - still single point of failure like in first case
>
>   * any other approach? Could ovn help here somehow?
>
> * Install all hosts and HE with public addresses :-)
>   + access to all hosts directly
>   - 3 node HCI cluster uses 4 public ip addressess
>
> Thanks for your opinions
>
> Cheers,
>
> Jiri
>
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/LIFQQHTFVTS6KICR5MTRPGO5CH7QDLK7/
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/FINP3OVMABC7VG4OY7TINSK4OMLHCBL2/