SlideShare une entreprise Scribd logo

Chef cookbooks for OpenStack HA

Adam Spiers
Adam Spiers

Technical overview of how SUSE OpenStack Cloud uses Chef to implement highly available OpenStack infrastructure services. Target audience: curious developers in the upstream openstack-chef community These slides were extracted from internal HA training for SUSE OpenStack Cloud developers, and slightly modified for the benefit of the openstack‐chef community.

Technologie
1  sur  34
Télécharger pour lire hors ligne
Adam Spiers Senior Software Engineer aspiers@suse.com SUSE® OpenStack Cloud Chef cookbooks for HA Technical overview for curious upstream #openstack-chef developers
2 Agenda These slides were extracted from internal HA training for SUSE OpenStack Cloud developers, and slightly modified for the benefit of the upstream #openstack chef‑ community. • barclamp-pacemaker • Synchronization • Maintenance mode • HA-enabled barclamps Tip: some handy hyperlinks in this deck!
3 barclamp-pacemaker • SUSE OpenStack Cloud uses the Crowbar deployment framework, which is extensible via plugins which are called “barclamps” • The core of the HA functionality is provided via the Pacemaker barclamp, which: ‒ exposes cluster membership/configuration options via Crowbar UI ‒ sets up the bare cluster and related components ‒ provides Chef cookbooks so other barclamps (Keystone, Glance etc.) can make their own services HA • This barclamp is mature, heavily tested, and deployed in many production OpenStack clouds around the world.
barclamp-pacemaker internals
5 corosync cookbook • Completely independent of Crowbar ‒ TODO: desperately needs to be upstreamed • Under chef/cookbooks/corosync/ • Configures /etc/corosync/ ‒ including authkey generation / propagation ‒ Founder node generates it ‒ Other nodes get a copy • Contains fail-safe cluster startup logic (e.g. to prevent STONITH loops)
6 pacemaker cookbook • The heart of the barclamp! • Under chef/cookbooks/pacemaker/ • Completely independent of Crowbar ‒ TODO: upstreaming desperately needs to be finished! ‒ already used git subtree to export subdirectory to https://github.com/stackforge/cookbook-pacemaker ‒ need to document properly ‒ need to set up Travis CI ‒ automate propagation of changes between repos via ci.opensuse.org Jenkins instance? • Depends on corosync cookbook • Important code, so let's look inside ...
7 pacemaker cookbook internals Two parallel sets of code: 1. Pacemaker::CIBObject class hierarchy ● Takes care of communicating with Pacemaker via crm(8) 2. LWRPs for cluster resources ● Makes it really easy to write recipes which create / manage cluster resources ● Back-end provider uses Pacemaker::CIBObject class hierarchy Both sets of code have comprehensive unit test suites!
8 Pacemaker::CIBObject hierarchy • Class hierarchy under libraries/pacemaker* • Independent of Chef ‒ TODO: should be spun out into a separate gem! • Pacemaker::CIBObject ‒ Pacemaker::Resource ‒ Pacemaker::Resource::Primitive ‒ Pacemaker::Resource::Clone etc. ‒ Pacemaker::Constraint ‒ Pacemaker::Constraint::Location ‒ Pacemaker::Constraint::Order etc.
9 LWRPs for cluster resources • Under resources/ and providers/ • pacemaker_primitive, pacemaker_clone etc. • Has to re-use code via mixins, because LWRPs don't support inheritance :-/ • With hindsight, should have used https://github.com/poise/poise or at least written as a HWRP :-/
10 Example usage of LWRPs service_name = "keystone" pacemaker_primitive service_name do agent node[:keystone][:ha][:agent] # "lsb:openstack-keystone" # If we used the OCF RA instead of the LSB init script: # params ({ # "os_auth_url" => node[:keystone][:api][:admin_auth_URL], # "os_tenant_name" => monitor_creds[:tenant], # "os_username" => monitor_creds[:username], # "os_password" => monitor_creds[:password], # "user" => node[:keystone][:user] # }) op node[:keystone][:ha][:op] # { :monitor => { :interval => “10s” } } action :create end pacemaker_clone "cl-#{service_name}" do rsc service_name action [:create, :start] end
11 Cluster nodeCluster nodeCluster nodes SUSE Cloud HA architecture chef-client HA recipe pacemaker_primitive “keystone” Admin server Crowbar LWRPs + mixins Pacemaker::CIBObject Pacema public_method1() public_method2() public_method3() Pacemaker::Constraint #running? #crm_start_command() #crm_stop_command() Pacemaker::CIBObject #parse_definition #configure_command #delete_command Pacemaker::Resource #running? #crm_start_command() #crm_stop_command() crm(8) crmdCorosync / OpenAIS CIB XML
12 crowbar-pacemaker cookbook • Crowbar-specific code • Under chef/cookbooks/crowbar-pacemaker/ • LWRPs (under resources/ and providers/) ‒ service (covered next) ‒ sync_mark (more detail later) ‒ drbd and drbd_create_internal • Recipes: ‒ maintenance-mode (more detail later) ‒ apache, drbd, haproxy, stonith • Libraries ‒ Various helpers (more detail later)
13 Chef::Provider::CrowbarPacemakerService • Alternative provider for HA-enabled service resources • Ensures that all service management operations (start, stop, restart, reload) are handled safely with respect to Pacemaker • Was really hard to get this right!! ‒ 119 lines of comments for 92 lines of code • Despite complexity, goal was ease of use
14 Using C::P::CrowbarPacemakerService service "keystone" do service_name node[:keystone][:service_name] supports :status => true, :start => true, :restart => true action [ :enable, :start ] ... if ha_enabled provider Chef::Provider::CrowbarPacemakerService end end
15 C::P::CrowbarPacemakerService implementation • start / stop ‒ always ignored (handled by pacemaker_* LWRP) • enable / disable ‒ both always translate to disable • reload ‒ proxied to original service resource iff service is running • restart ‒ puts node in maintenance mode then restarts
16 Maintenance mode • Goal: make it safe to restart a service on a single node without confusing the whole cluster • Pacemaker provides per-node maintenance mode for exactly this ‒ (not to be confused with per-resource maintenance mode, which is completely different) • Degrades cluster ‒ need to minimise time spent in maintenance mode • Multiple resources within one chef-client run might need maintenance mode ‒ but don't want mode to flip-flop a lot
17 How does maintenance mode work? • JIT approach: ‒ Switch to maintenance mode first time it's needed within the chef-client run ‒ Switch out at end of run • Need to handle case where node was already placed in maintenance mode prior to beginning of run (e.g. manually by cloud operator) • Handlers in /etc/chef/client.rb ‒ pacemaker_start_handler ‒ pacemaker_report_handler ‒ pacemaker_exception_handler ‒ /var/chef/handlers/pacemaker_maintenance_handlers.rb • libraries/maintenance_mode_helpers.rb
18 barclamp-pacemaker: other cookbooks • Under chef/cookbooks/: ‒ drbd ‒ lvm ‒ haproxy ‒ hawk • Fairly self-explanatory
Synchronization
20 Cluster-wide synchronization ‒ the problem Why is synchronization needed? Example 1: • Keystone proposal is applied, with keystone-server role assigned to cluster. • All nodes start running chef-client more or less in parallel • Necessary keystone rpms get installed • Two or more nodes could reach keystone database resource block at more or less the same time • action :create only creates if it doesn't exist • Potential race where >= 2 nodes test for existence before any node creates it • >= 2 nodes attempt to create database at the same time
21 Cluster-wide synchronization ‒ the problem One will lose the race ...
22 Cluster-wide synchronization ‒ the problem Example 2: • Continuation of scenario from example 1 • keystone::server recipe configures keystone.conf etc. • then invokes crm configure to add keystone service to cluster. • Pacemaker starts keystone service ... • ... but it could start on any node! • ... even a node which hasn't yet finished installing / configuring keystone!
23 Cluster-wide synchronization ‒ the problem Founder node initiated failure on non-founder node
24 Cluster-wide synchronization ‒ the problem Turns out we need two types of synchronization: 1. “Founder goes first” Ensure one node in cluster (the founder) enters and completes a critical section of a recipe (e.g. "create database") before any other nodes can enter it. 2. “Wait for all nodes” Ensure all nodes reach the same point ("keystone installed, configured, and ready to start anywhere") before any can proceed further.
25 Cluster-wide synchronization ‒ how to use Type 1: “founder goes first” crowbar_pacemaker_sync_mark "wait-keystone_database" ... # Create the Keystone database (critical section) ... crowbar_pacemaker_sync_mark "create-keystone_database" N.B. the cluster founder gets to perform the critical section before any other node, but every node still performs the critical section, which needs to be idempotent. What if we only want one node to perform the critical section?
26 Cluster-wide synchronization ‒ how to use execute "keystone-manage db_sync" do command "keystone-manage db_sync" user node[:keystone][:user] group node[:keystone][:group] action :run # We only do the sync the 1st time, and only if # we're not doing HA or if we are the founder of # the HA cluster (so that it's really only done once). only_if { !node[:keystone][:db_synced] && (!ha_enabled || CrowbarPacemakerHelper.is_cluster_founder?(node)) } end
27 Cluster-wide synchronization ‒ how to use Type 2: “wait for all nodes” # Wait for all nodes to reach this point so we know # that all nodes will have all the required packages # installed before we create the pacemaker resources. crowbar_pacemaker_sync_mark "sync-keystone_before_ha"
28 Cluster-wide synchronization ‒ result All nodes functioning harmoniously
29 Cluster-wide synchronization ‒ internals How does it work? • Hopefully you don't need to know ‒ It should Just Work™ • Chef node attributes used as synchronization “marks” • See libraries/synchronization.rb for details • Value defaults to crowbar-revision from proposal ‒ Assumes cookbook name == barclamp name
HA-enabled barclamps
31 Patterns for HA-enabled barclamps HA code in recipes often interleaved with non-HA code: • Ugly if ha_enabled conditionals • Synchronization points • Incompatible with using upstream cookbooks • but we don't have anything better yet :-/ • Possible solution: split cookbooks into chunks at synchronization points ‒ but would still require intrusive upstream changes
32 Patterns for HA-enabled barclamps Interim solution: minimise ugliness! • Split HA code into separate recipes where possible if ha_enabled include_recipe "keystone::ha" end • Use helpers my_admin_host = CrowbarHelper.get_host_for_admin_url(node, ha_enabled) my_public_host = CrowbarHelper.get_host_for_public_url(node, node[:keystone][:api][:protocol] == "https", ha_enabled) • Use custom provider for service resources if ha_enabled provider Chef::Provider::CrowbarPacemakerService end
33 Questions? • I lurk on the Freenode #openstack-chef IRC channel, nick aspiers • I also lurk on the Chef OpenStack google group, but am not currently doing a good job at monitoring traffic • Feel free to mail me at <aspiers@suse.com>
Corporate Headquarters Maxfeldstrasse 5 90409 Nuremberg Germany +49 911 740 53 0 (Worldwide) www.suse.com Join us on: www.opensuse.org 34

Recommandé

Compute node HA - current upstream development
Compute node HA - current upstream developmentCompute node HA - current upstream development
Compute node HA - current upstream development
Adam Spiers
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HA
Kenneth Hui
 
High Availability for OpenStack
High Availability for OpenStackHigh Availability for OpenStack
High Availability for OpenStack
Kamesh Pemmaraju
 
High availability and fault tolerance of openstack
High availability and fault tolerance of openstackHigh availability and fault tolerance of openstack
High availability and fault tolerance of openstack
Deepak Mane
 
Deployment topologies for high availability (ha)
Deployment topologies for high availability (ha)Deployment topologies for high availability (ha)
Deployment topologies for high availability (ha)
Deepak Mane
 
Stacking up with OpenStack: Building for High Availability
Stacking up with OpenStack: Building for High AvailabilityStacking up with OpenStack: Building for High Availability
Stacking up with OpenStack: Building for High Availability
OpenStack Foundation
 
OpenStack High Availability
OpenStack High AvailabilityOpenStack High Availability
OpenStack High Availability
Jakub Pavlik
 
Open stack ha design & deployment kilo
Open stack ha design & deployment kiloOpen stack ha design & deployment kilo
Open stack ha design & deployment kilo
Steven Li
 

Recommandé

Compute node HA - current upstream development
Compute node HA - current upstream developmentCompute node HA - current upstream development
Compute node HA - current upstream development
Adam Spiers
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HA
Kenneth Hui
 
High Availability for OpenStack
High Availability for OpenStackHigh Availability for OpenStack
High Availability for OpenStack
Kamesh Pemmaraju
 
High availability and fault tolerance of openstack
High availability and fault tolerance of openstackHigh availability and fault tolerance of openstack
High availability and fault tolerance of openstack
Deepak Mane
 
Deployment topologies for high availability (ha)
Deployment topologies for high availability (ha)Deployment topologies for high availability (ha)
Deployment topologies for high availability (ha)
Deepak Mane
 
Stacking up with OpenStack: Building for High Availability
Stacking up with OpenStack: Building for High AvailabilityStacking up with OpenStack: Building for High Availability
Stacking up with OpenStack: Building for High Availability
OpenStack Foundation
 
OpenStack High Availability
OpenStack High AvailabilityOpenStack High Availability
OpenStack High Availability
Jakub Pavlik
 
Open stack ha design & deployment kilo
Open stack ha design & deployment kiloOpen stack ha design & deployment kilo
Open stack ha design & deployment kilo
Steven Li
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HA
tcp cloud
 
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
High Availability in OpenStack Cloud
High Availability in OpenStack CloudHigh Availability in OpenStack Cloud
High Availability in OpenStack Cloud
Qiming Teng
 
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
confluent
 
Dockerizing OpenStack for High Availability
Dockerizing OpenStack for High AvailabilityDockerizing OpenStack for High Availability
Dockerizing OpenStack for High Availability
Daniel Krook
 
Using CloudStack With Clustered LVM
Using CloudStack With Clustered LVMUsing CloudStack With Clustered LVM
Using CloudStack With Clustered LVM
Marcus L Sorensen
 
Troubleshooting Kafka's socket server: from incident to resolution
Troubleshooting Kafka's socket server: from incident to resolutionTroubleshooting Kafka's socket server: from incident to resolution
Troubleshooting Kafka's socket server: from incident to resolution
Joel Koshy
 
Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.
Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.
Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.
Opcito Technologies
 
Galera Cluster Best Practices for DBA's and DevOps Part 1
Galera Cluster Best Practices for DBA's and DevOps Part 1Galera Cluster Best Practices for DBA's and DevOps Part 1
Galera Cluster Best Practices for DBA's and DevOps Part 1
Codership Oy - Creators of Galera Cluster
 
Topologies of OpenStack
Topologies of OpenStackTopologies of OpenStack
Topologies of OpenStack
haribabu kasturi
 
Heart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelHeart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object Model
Docker, Inc.
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Enrico Olivelli
 
Using galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanUsing galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wan
Codership Oy - Creators of Galera Cluster
 
Galera webinar migration to galera cluster from my sql async replication
Galera webinar migration to galera cluster from my sql async replicationGalera webinar migration to galera cluster from my sql async replication
Galera webinar migration to galera cluster from my sql async replication
Codership Oy - Creators of Galera Cluster
 
Galera cluster for MySQL - Introduction Slides
Galera cluster for MySQL - Introduction SlidesGalera cluster for MySQL - Introduction Slides
Galera cluster for MySQL - Introduction Slides
Severalnines
 
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell ScruggsOrchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Cloud Native Day Tel Aviv
 
Docker Swarm Mode Orchestration
Docker Swarm Mode OrchestrationDocker Swarm Mode Orchestration
Docker Swarm Mode Orchestration
Alican Akkuş
 
Everything you need to know about Docker
Everything you need to know about DockerEverything you need to know about Docker
Everything you need to know about Docker
Alican Akkuş
 
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
Ivan Tu
 
Code Quality - Security
Code Quality - SecurityCode Quality - Security
Code Quality - Security
sedukull
 
Barbican 1.0 - Open Source Key Management for OpenStack
Barbican 1.0 - Open Source Key Management for OpenStackBarbican 1.0 - Open Source Key Management for OpenStack
Barbican 1.0 - Open Source Key Management for OpenStack
jarito030506
 

Contenu connexe

Tendances

Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
confluent
 
Dockerizing OpenStack for High Availability
Dockerizing OpenStack for High AvailabilityDockerizing OpenStack for High Availability
Dockerizing OpenStack for High Availability
Daniel Krook
 
Troubleshooting Kafka's socket server: from incident to resolution
Troubleshooting Kafka's socket server: from incident to resolutionTroubleshooting Kafka's socket server: from incident to resolution
Troubleshooting Kafka's socket server: from incident to resolution
Joel Koshy
 
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell ScruggsOrchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Cloud Native Day Tel Aviv
 
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
Ivan Tu
 

Tendances (20)

OpenStack HA
OpenStack HAOpenStack HA
OpenStack HA
 
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
 
High Availability in OpenStack Cloud
High Availability in OpenStack CloudHigh Availability in OpenStack Cloud
High Availability in OpenStack Cloud
 
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
Running Neutron at Scale - Gal Sagie & Eran Gampel - OpenStack Day Israel 2016
 
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
 
Dockerizing OpenStack for High Availability
Dockerizing OpenStack for High AvailabilityDockerizing OpenStack for High Availability
Dockerizing OpenStack for High Availability
 
Using CloudStack With Clustered LVM
Using CloudStack With Clustered LVMUsing CloudStack With Clustered LVM
Using CloudStack With Clustered LVM
 
Troubleshooting Kafka's socket server: from incident to resolution
Troubleshooting Kafka's socket server: from incident to resolutionTroubleshooting Kafka's socket server: from incident to resolution
Troubleshooting Kafka's socket server: from incident to resolution
 
Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.
Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.
Securing & Monitoring Your K8s Cluster with RBAC and Prometheus”.
 
Galera Cluster Best Practices for DBA's and DevOps Part 1
Galera Cluster Best Practices for DBA's and DevOps Part 1Galera Cluster Best Practices for DBA's and DevOps Part 1
Galera Cluster Best Practices for DBA's and DevOps Part 1
 
Topologies of OpenStack
Topologies of OpenStackTopologies of OpenStack
Topologies of OpenStack
 
Heart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelHeart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object Model
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
 
Using galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wanUsing galera replication to create geo distributed clusters on the wan
Using galera replication to create geo distributed clusters on the wan
 
Galera webinar migration to galera cluster from my sql async replication
Galera webinar migration to galera cluster from my sql async replicationGalera webinar migration to galera cluster from my sql async replication
Galera webinar migration to galera cluster from my sql async replication
 
Galera cluster for MySQL - Introduction Slides
Galera cluster for MySQL - Introduction SlidesGalera cluster for MySQL - Introduction Slides
Galera cluster for MySQL - Introduction Slides
 
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell ScruggsOrchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
 
Docker Swarm Mode Orchestration
Docker Swarm Mode OrchestrationDocker Swarm Mode Orchestration
Docker Swarm Mode Orchestration
 
Everything you need to know about Docker
Everything you need to know about DockerEverything you need to know about Docker
Everything you need to know about Docker
 
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
3 周彦偉-隨需而變 我所經歷的my sql架構變遷﹣周彥偉﹣acmug@2015.12台北
 

En vedette

Barbican 1.0 - Open Source Key Management for OpenStack
Barbican 1.0 - Open Source Key Management for OpenStackBarbican 1.0 - Open Source Key Management for OpenStack
Barbican 1.0 - Open Source Key Management for OpenStack
jarito030506
 
Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...
Arthur Berezin
 
Pers ppt med karakterudviklende opgaver og flow
Pers ppt med karakterudviklende opgaver og flowPers ppt med karakterudviklende opgaver og flow
Pers ppt med karakterudviklende opgaver og flow
JulieKraaseBrandt
 

En vedette (14)

Code Quality - Security
Code Quality - SecurityCode Quality - Security
Code Quality - Security
 
Barbican 1.0 - Open Source Key Management for OpenStack
Barbican 1.0 - Open Source Key Management for OpenStackBarbican 1.0 - Open Source Key Management for OpenStack
Barbican 1.0 - Open Source Key Management for OpenStack
 
Open Source KMIP Implementation
Open Source KMIP ImplementationOpen Source KMIP Implementation
Open Source KMIP Implementation
 
MySQL HA with Pacemaker
MySQL HA with PacemakerMySQL HA with Pacemaker
MySQL HA with Pacemaker
 
Supriya Shailaja Latest Gallery
Supriya Shailaja Latest Gallery Supriya Shailaja Latest Gallery
Supriya Shailaja Latest Gallery
 
MySQL High Availability Sprint: Launch the Pacemaker
MySQL High Availability Sprint: Launch the PacemakerMySQL High Availability Sprint: Launch the Pacemaker
MySQL High Availability Sprint: Launch the Pacemaker
 
Open stack HA - Theory to Reality
Open stack HA - Theory to RealityOpen stack HA - Theory to Reality
Open stack HA - Theory to Reality
 
MySQL with DRBD/Pacemaker/Corosync on Linux
MySQL with DRBD/Pacemaker/Corosync on Linux MySQL with DRBD/Pacemaker/Corosync on Linux
MySQL with DRBD/Pacemaker/Corosync on Linux
 
Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...
 
Tools kali
Tools kaliTools kali
Tools kali
 
Pers ppt med karakterudviklende opgaver og flow
Pers ppt med karakterudviklende opgaver og flowPers ppt med karakterudviklende opgaver og flow
Pers ppt med karakterudviklende opgaver og flow
 
Klout
KloutKlout
Klout
 
English
EnglishEnglish
English
 
Educa2010 Student and Employee Engagement Strategies
Educa2010 Student and Employee Engagement StrategiesEduca2010 Student and Employee Engagement Strategies
Educa2010 Student and Employee Engagement Strategies
 

Similaire à Chef cookbooks for OpenStack HA

Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...
Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...
Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...
Uri Cohen
 
Kubernetes Clusters as a Service with Gardener
Kubernetes Clusters as a Service with GardenerKubernetes Clusters as a Service with Gardener
Kubernetes Clusters as a Service with Gardener
QAware GmbH
 

Similaire à Chef cookbooks for OpenStack HA (20)

FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE PlatformsFIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
FIWARE Tech Summit - Docker Swarm Secrets for Creating Great FIWARE Platforms
 
Kubernetes Walk Through from Technical View
Kubernetes Walk Through from Technical ViewKubernetes Walk Through from Technical View
Kubernetes Walk Through from Technical View
 
Docker Swarm secrets for creating great FIWARE platforms
Docker Swarm secrets for creating great FIWARE platformsDocker Swarm secrets for creating great FIWARE platforms
Docker Swarm secrets for creating great FIWARE platforms
 
Pg amqp
Pg amqpPg amqp
Pg amqp
 
PostgreSQL: meet your queue
PostgreSQL: meet your queuePostgreSQL: meet your queue
PostgreSQL: meet your queue
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 intro
 
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
 
To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…
 
Nagios Conference 2014 - Troy Lea - Monitoring VMware Virtualization Using vMA
Nagios Conference 2014 - Troy Lea - Monitoring VMware Virtualization Using vMANagios Conference 2014 - Troy Lea - Monitoring VMware Virtualization Using vMA
Nagios Conference 2014 - Troy Lea - Monitoring VMware Virtualization Using vMA
 
Best Practice for Deploying Application with Heat
Best Practice for Deploying Application with HeatBest Practice for Deploying Application with Heat
Best Practice for Deploying Application with Heat
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and NovaDockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Nova
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Gdg izmir kubernetes
Gdg izmir kubernetesGdg izmir kubernetes
Gdg izmir kubernetes
 
Kubernetes 101 VMworld 2019 workshop slides
Kubernetes 101 VMworld 2019 workshop slidesKubernetes 101 VMworld 2019 workshop slides
Kubernetes 101 VMworld 2019 workshop slides
 
Highly Available Load Balanced Galera MySql Cluster
Highly Available Load Balanced Galera MySql ClusterHighly Available Load Balanced Galera MySql Cluster
Highly Available Load Balanced Galera MySql Cluster
 
Neutron CI Run on Docker
Neutron CI Run on DockerNeutron CI Run on Docker
Neutron CI Run on Docker
 
Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...
Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...
Orchestration tool roundup - OpenStack Israel summit - kubernetes vs. docker...
 
Kubernetes Clusters as a Service with Gardener
Kubernetes Clusters as a Service with GardenerKubernetes Clusters as a Service with Gardener
Kubernetes Clusters as a Service with Gardener
 
Database as a Service (DBaaS) on Kubernetes
Database as a Service (DBaaS) on KubernetesDatabase as a Service (DBaaS) on Kubernetes
Database as a Service (DBaaS) on Kubernetes
 
Kubernetes Internals
Kubernetes InternalsKubernetes Internals
Kubernetes Internals
 

Dernier

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Dernier (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Chef cookbooks for OpenStack HA

  • 1. Adam Spiers Senior Software Engineer aspiers@suse.com SUSE® OpenStack Cloud Chef cookbooks for HA Technical overview for curious upstream #openstack-chef developers
  • 2. 2 Agenda These slides were extracted from internal HA training for SUSE OpenStack Cloud developers, and slightly modified for the benefit of the upstream #openstack chef‑ community. • barclamp-pacemaker • Synchronization • Maintenance mode • HA-enabled barclamps Tip: some handy hyperlinks in this deck!
  • 3. 3 barclamp-pacemaker • SUSE OpenStack Cloud uses the Crowbar deployment framework, which is extensible via plugins which are called “barclamps” • The core of the HA functionality is provided via the Pacemaker barclamp, which: ‒ exposes cluster membership/configuration options via Crowbar UI ‒ sets up the bare cluster and related components ‒ provides Chef cookbooks so other barclamps (Keystone, Glance etc.) can make their own services HA • This barclamp is mature, heavily tested, and deployed in many production OpenStack clouds around the world.
  • 5. 5 corosync cookbook • Completely independent of Crowbar ‒ TODO: desperately needs to be upstreamed • Under chef/cookbooks/corosync/ • Configures /etc/corosync/ ‒ including authkey generation / propagation ‒ Founder node generates it ‒ Other nodes get a copy • Contains fail-safe cluster startup logic (e.g. to prevent STONITH loops)
  • 6. 6 pacemaker cookbook • The heart of the barclamp! • Under chef/cookbooks/pacemaker/ • Completely independent of Crowbar ‒ TODO: upstreaming desperately needs to be finished! ‒ already used git subtree to export subdirectory to https://github.com/stackforge/cookbook-pacemaker ‒ need to document properly ‒ need to set up Travis CI ‒ automate propagation of changes between repos via ci.opensuse.org Jenkins instance? • Depends on corosync cookbook • Important code, so let's look inside ...
  • 7. 7 pacemaker cookbook internals Two parallel sets of code: 1. Pacemaker::CIBObject class hierarchy ● Takes care of communicating with Pacemaker via crm(8) 2. LWRPs for cluster resources ● Makes it really easy to write recipes which create / manage cluster resources ● Back-end provider uses Pacemaker::CIBObject class hierarchy Both sets of code have comprehensive unit test suites!
  • 8. 8 Pacemaker::CIBObject hierarchy • Class hierarchy under libraries/pacemaker* • Independent of Chef ‒ TODO: should be spun out into a separate gem! • Pacemaker::CIBObject ‒ Pacemaker::Resource ‒ Pacemaker::Resource::Primitive ‒ Pacemaker::Resource::Clone etc. ‒ Pacemaker::Constraint ‒ Pacemaker::Constraint::Location ‒ Pacemaker::Constraint::Order etc.
  • 9. 9 LWRPs for cluster resources • Under resources/ and providers/ • pacemaker_primitive, pacemaker_clone etc. • Has to re-use code via mixins, because LWRPs don't support inheritance :-/ • With hindsight, should have used https://github.com/poise/poise or at least written as a HWRP :-/
  • 10. 10 Example usage of LWRPs service_name = "keystone" pacemaker_primitive service_name do agent node[:keystone][:ha][:agent] # "lsb:openstack-keystone" # If we used the OCF RA instead of the LSB init script: # params ({ # "os_auth_url" => node[:keystone][:api][:admin_auth_URL], # "os_tenant_name" => monitor_creds[:tenant], # "os_username" => monitor_creds[:username], # "os_password" => monitor_creds[:password], # "user" => node[:keystone][:user] # }) op node[:keystone][:ha][:op] # { :monitor => { :interval => “10s” } } action :create end pacemaker_clone "cl-#{service_name}" do rsc service_name action [:create, :start] end
  • 11. 11 Cluster nodeCluster nodeCluster nodes SUSE Cloud HA architecture chef-client HA recipe pacemaker_primitive “keystone” Admin server Crowbar LWRPs + mixins Pacemaker::CIBObject Pacema public_method1() public_method2() public_method3() Pacemaker::Constraint #running? #crm_start_command() #crm_stop_command() Pacemaker::CIBObject #parse_definition #configure_command #delete_command Pacemaker::Resource #running? #crm_start_command() #crm_stop_command() crm(8) crmdCorosync / OpenAIS CIB XML
  • 12. 12 crowbar-pacemaker cookbook • Crowbar-specific code • Under chef/cookbooks/crowbar-pacemaker/ • LWRPs (under resources/ and providers/) ‒ service (covered next) ‒ sync_mark (more detail later) ‒ drbd and drbd_create_internal • Recipes: ‒ maintenance-mode (more detail later) ‒ apache, drbd, haproxy, stonith • Libraries ‒ Various helpers (more detail later)
  • 13. 13 Chef::Provider::CrowbarPacemakerService • Alternative provider for HA-enabled service resources • Ensures that all service management operations (start, stop, restart, reload) are handled safely with respect to Pacemaker • Was really hard to get this right!! ‒ 119 lines of comments for 92 lines of code • Despite complexity, goal was ease of use
  • 14. 14 Using C::P::CrowbarPacemakerService service "keystone" do service_name node[:keystone][:service_name] supports :status => true, :start => true, :restart => true action [ :enable, :start ] ... if ha_enabled provider Chef::Provider::CrowbarPacemakerService end end
  • 15. 15 C::P::CrowbarPacemakerService implementation • start / stop ‒ always ignored (handled by pacemaker_* LWRP) • enable / disable ‒ both always translate to disable • reload ‒ proxied to original service resource iff service is running • restart ‒ puts node in maintenance mode then restarts
  • 16. 16 Maintenance mode • Goal: make it safe to restart a service on a single node without confusing the whole cluster • Pacemaker provides per-node maintenance mode for exactly this ‒ (not to be confused with per-resource maintenance mode, which is completely different) • Degrades cluster ‒ need to minimise time spent in maintenance mode • Multiple resources within one chef-client run might need maintenance mode ‒ but don't want mode to flip-flop a lot
  • 17. 17 How does maintenance mode work? • JIT approach: ‒ Switch to maintenance mode first time it's needed within the chef-client run ‒ Switch out at end of run • Need to handle case where node was already placed in maintenance mode prior to beginning of run (e.g. manually by cloud operator) • Handlers in /etc/chef/client.rb ‒ pacemaker_start_handler ‒ pacemaker_report_handler ‒ pacemaker_exception_handler ‒ /var/chef/handlers/pacemaker_maintenance_handlers.rb • libraries/maintenance_mode_helpers.rb
  • 18. 18 barclamp-pacemaker: other cookbooks • Under chef/cookbooks/: ‒ drbd ‒ lvm ‒ haproxy ‒ hawk • Fairly self-explanatory
  • 20. 20 Cluster-wide synchronization ‒ the problem Why is synchronization needed? Example 1: • Keystone proposal is applied, with keystone-server role assigned to cluster. • All nodes start running chef-client more or less in parallel • Necessary keystone rpms get installed • Two or more nodes could reach keystone database resource block at more or less the same time • action :create only creates if it doesn't exist • Potential race where >= 2 nodes test for existence before any node creates it • >= 2 nodes attempt to create database at the same time
  • 21. 21 Cluster-wide synchronization ‒ the problem One will lose the race ...
  • 22. 22 Cluster-wide synchronization ‒ the problem Example 2: • Continuation of scenario from example 1 • keystone::server recipe configures keystone.conf etc. • then invokes crm configure to add keystone service to cluster. • Pacemaker starts keystone service ... • ... but it could start on any node! • ... even a node which hasn't yet finished installing / configuring keystone!
  • 23. 23 Cluster-wide synchronization ‒ the problem Founder node initiated failure on non-founder node
  • 24. 24 Cluster-wide synchronization ‒ the problem Turns out we need two types of synchronization: 1. “Founder goes first” Ensure one node in cluster (the founder) enters and completes a critical section of a recipe (e.g. "create database") before any other nodes can enter it. 2. “Wait for all nodes” Ensure all nodes reach the same point ("keystone installed, configured, and ready to start anywhere") before any can proceed further.
  • 25. 25 Cluster-wide synchronization ‒ how to use Type 1: “founder goes first” crowbar_pacemaker_sync_mark "wait-keystone_database" ... # Create the Keystone database (critical section) ... crowbar_pacemaker_sync_mark "create-keystone_database" N.B. the cluster founder gets to perform the critical section before any other node, but every node still performs the critical section, which needs to be idempotent. What if we only want one node to perform the critical section?
  • 26. 26 Cluster-wide synchronization ‒ how to use execute "keystone-manage db_sync" do command "keystone-manage db_sync" user node[:keystone][:user] group node[:keystone][:group] action :run # We only do the sync the 1st time, and only if # we're not doing HA or if we are the founder of # the HA cluster (so that it's really only done once). only_if { !node[:keystone][:db_synced] && (!ha_enabled || CrowbarPacemakerHelper.is_cluster_founder?(node)) } end
  • 27. 27 Cluster-wide synchronization ‒ how to use Type 2: “wait for all nodes” # Wait for all nodes to reach this point so we know # that all nodes will have all the required packages # installed before we create the pacemaker resources. crowbar_pacemaker_sync_mark "sync-keystone_before_ha"
  • 28. 28 Cluster-wide synchronization ‒ result All nodes functioning harmoniously
  • 29. 29 Cluster-wide synchronization ‒ internals How does it work? • Hopefully you don't need to know ‒ It should Just Work™ • Chef node attributes used as synchronization “marks” • See libraries/synchronization.rb for details • Value defaults to crowbar-revision from proposal ‒ Assumes cookbook name == barclamp name
  • 31. 31 Patterns for HA-enabled barclamps HA code in recipes often interleaved with non-HA code: • Ugly if ha_enabled conditionals • Synchronization points • Incompatible with using upstream cookbooks • but we don't have anything better yet :-/ • Possible solution: split cookbooks into chunks at synchronization points ‒ but would still require intrusive upstream changes
  • 32. 32 Patterns for HA-enabled barclamps Interim solution: minimise ugliness! • Split HA code into separate recipes where possible if ha_enabled include_recipe "keystone::ha" end • Use helpers my_admin_host = CrowbarHelper.get_host_for_admin_url(node, ha_enabled) my_public_host = CrowbarHelper.get_host_for_public_url(node, node[:keystone][:api][:protocol] == "https", ha_enabled) • Use custom provider for service resources if ha_enabled provider Chef::Provider::CrowbarPacemakerService end
  • 33. 33 Questions? • I lurk on the Freenode #openstack-chef IRC channel, nick aspiers • I also lurk on the Chef OpenStack google group, but am not currently doing a good job at monitoring traffic • Feel free to mail me at <aspiers@suse.com>
  • 34. Corporate Headquarters Maxfeldstrasse 5 90409 Nuremberg Germany +49 911 740 53 0 (Worldwide) www.suse.com Join us on: www.opensuse.org 34