SlideShare a Scribd company logo

Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack Israel 2015

•
Cloud Native Day Tel Aviv, profile picture
Cloud Native Day Tel Aviv

This document discusses techniques for achieving high availability in OpenStack Neutron. It describes enabling technologies like Pacemaker and HAProxy that provide redundancy. It also outlines several built-in Neutron mechanisms for high availability, including keeping DHCP and metadata agents highly available, and using Virtual Router Redundancy Protocol (VRRP) for L3 agent HA. Distributed Virtual Routing (DVR) is also discussed as a way to improve availability by distributing routing functionality across compute nodes.

Technology
1 of 37
Downloaded 30 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
@Livnat_Peer Sr. Engineering Manager, Red Hat @ArthurBerezin Sr. Technical Product Manager, Red Hat Neutron High Availability OpenStack Israel Tel-Aviv June 2015
Agenda HA Enabling Technologies Pacemaker and HAProxy Neutron Built-in Mechanisms DHCP Agent HA L3 Agent with Virtual Router Redundancy Protocol(VRRP) Distributed Virtual Routing(DVR)
cc: Morio2015 Source: https://www.wikiwand.com/en/Scuderia_Ferrari
Losing Your Controller https://www.youtube.com/watch?v=Kb43Nxuwc4I
High Availability ● Minimize Downtime By Avoiding SPOF ● Service redundancy ○ Active-Active When possible ■ Stateless services ■ Built-in HA mechanisms ○ Active-Passive for others ● Scale out Architecture Add nodes as you go
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack Israel 2015
HA Enabling Technologies Pacemaker, HAProxy
● Cluster Resource Manager ● Uses Corosync for cluster communication ● Monitor and Control Resources: ○ Floating Virtual IP Address (VIP) ○ SystemD/LSB/OCF Services ○ Cloned Services(Active/Active) ● STONITH - Fencing with Power Management ○ Important for ensuring data consistency Pacemaker
● Virtual IP(VIP) ● SystemD Cloned Resource ● STONITH Fencing Pacemaker OpenStack Service Node 2 - 192.168.1.2Node 1 - 192.168.1.1 pcsd pcsd Cloned STONITH STONITH Service Service Service Virtual IP 10.0.0.1
HAProxy Load Balancer Load Balancing and Proxy for HTTP/TCP ● Mature and popular with web applications ● Health Checking ● Load Distribution
● Load Distribution ○ Round Robin, ○ Stick-Table ● API Isolation ● Failure Detection Node 1 Node 2 Node 3 HAProxy Load Balancer Service Service HAProxy
Avoiding SPOFs A day in a Highly Available Service Life
Neutron-Server Controller Give Me Horizon Web UI NOW!
Neutron-Server Controller Give Me Horizon Web UI NOW! Single Point Of Failure
Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1
Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1 Single Point Of Failure Each Could Fail
Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1 Single Point Of Failure Pacemaker Cloned Horizon Service
Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1 HAProxy Controller 3 HAProxy Controller 2 Pacemaker Cloned Horizon Service Pacemaker Cloned HAProxy Service
Pacemaker Cloned HAProxy Service Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 HAProxy Controller 1 HAProxy Controller 3 HAProxy Controller 2 Give Me Horizon Web UI NOW! Horizon VIP Pacemaker Cloned Horizon Service
Neutron Built-in Mechanisms
● External mechanisms ● Neutron built-in mechanisms ● Reference implementation vs. vendors code My HA Solution
Architecture - Assuming Centralized Network Node Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Neutron server OVS agent OVS OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq Internet External Network API Network Management Network Data Network L3 Agent
DHCP Agent ● IP address allocation is done by the Neutron server ● dnsmasq is used as a distribution mechanism of predefined allocations ● The DHCP protocol allows multiple DHCP servers to co-exist while serving the same pool ● Configuration in Neutron neutron.conf : dhcp_agents_per_network = X OVS Agent Neutron serverOVS DHCP agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent keepalived DHCP Agent
● Dynamic process creation: dnsmasq, keepalived, metadata proxy etc. ● ProcessMonitor check processes liveliness periodically ● Optional actions: – Respawn process – Exit agent – Notify (not available yet) ● Default configuration check_child_processes_action = respawn check_child_processes_period = 0 Process Monitoring OVS Agent Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent keepalived
Metadata Agent OVS What Else? DHCP Agent Metadata Proxy dnsmasq L3 Agent keepalived OVS Agent OVS Metadata Agent
What Else? Metadata Agent OVS DHCP Agent Metadata Proxy dnsmasq L3 Agent keepalived OVS Agent OVS Metadata Agent
What Else? Metadata Agent OVS DHCP Agent Metadata Proxy dnsmasq L3 Agent keepalived OVS Agent OVS Metadata Agent
VRRP (Virtual Router Redundancy Protocol) ● Providing HA of the network’s default gateway ● Configuring default gateway as VIP + Virtual MAC ● Gratuitous ARP after failover Sync Net
L3 HA Implementing VRRP ● Using keepalived which internally implements VRRP ● Creating a per tenant HA network, used for VRRP sync messages ● When HA router is created it is scheduled on multiple network nodes (Configurable) ● New in Kilo – Report which network node is hosting the master instance ● On the work – L3 HA + l2pop – External interface tracking – L3 HA+DVR
Traffic Flow 3-tier Application Host 1 WWW VM Host 2 App VM Host 3 DB VM Network Node Virtual Router
DVR – Distributed Virtual Router ● DVR is moving most of the routing to the compute node – Isolating the failure domain of the network node – Optimizing the network flow ● Traffic types – East – West (Within the tenant, different networks) – North – South with floating IP (VM to/from external network) – North – South without floating IP (Based on SNAT) Direct between compute nodes Through network node
Architecture - Assuming DVR Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Internet External Network API Network Management Network Data Network Network Node OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent Neutron server OVS agent OVS
Architecture - Assuming DVR Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Internet External Network API Network Management Network Data Network Network Node OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent Neutron server OVS agent OVS
Architecture - Assuming DVR Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Neutron server OVS agent OVS Internet External Network API Network Management Network Data Network Compute Node Neutron server OVS agent Neutron serverOVS L3 agent Neutron serverMetadata agent Metadata Proxy Network Node OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent
Summary ● No one stop shop ● Maximize the use of built-in solutions – They are vendor neutral – Highly maintained – Widely documented ● Understand what you need, use the appropriate tools – DVR vs VRRP – What size is your deployment, maybe A/P is good enough... ● The more complicated the solution is the more likely it is to have bugs
Thank You
Resources ● http://assafmuller.com ● http://specs.openstack.org/openstack/neutron-specs/specs/kilo/agent-child-processes-statu s.html ● https://github.com/beekhof/osp-ha-deploy/blob/master/ha-openstack.md ● https://docs.google.com/document/d/1jCmraZGirmXq5V1MtRqhjdZCbUfiwBhRkUjDXGt5QUQ /edit ● https://docs.google.com/document/d/1jCmraZGirmXq5V1MtRqhjdZCbUfiwBhRkUjDXGt5QUQ /edit ● https://www.youtube.com/watch?v=00j1x-T1vhA

More Related Content

PPTX
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Cloud Native Day Tel Aviv
 
PPTX
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Cloud Native Day Tel Aviv
 
PPTX
OpenStack High Availability
Jakub Pavlik
 
PPTX
OpenStack HA
Kenneth Hui
 
PPTX
How Cloud Native VNFs Deployed on OpenStack Will Change the Telecom Industry ...
Cloud Native Day Tel Aviv
 
PDF
High Availability in OpenStack Cloud
Qiming Teng
 
PPTX
Open stack ha design & deployment kilo
Steven Li
 
PDF
Neutron high availability open stack architecture openstack israel event 2015
Arthur Berezin
 
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Cloud Native Day Tel Aviv
 
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...
Cloud Native Day Tel Aviv
 
OpenStack High Availability
Jakub Pavlik
 
OpenStack HA
Kenneth Hui
 
How Cloud Native VNFs Deployed on OpenStack Will Change the Telecom Industry ...
Cloud Native Day Tel Aviv
 
High Availability in OpenStack Cloud
Qiming Teng
 
Open stack ha design & deployment kilo
Steven Li
 
Neutron high availability open stack architecture openstack israel event 2015
Arthur Berezin
 

What's hot (20)

PPTX
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
Cloud Native Day Tel Aviv
 
PDF
Deep dive into highly available open stack architecture openstack summit va...
Arthur Berezin
 
PDF
Mirantis OpenStack-DC-Meetup 17 Sept 2014
Mirantis
 
PDF
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Keith Tobin
 
PDF
Tech Talk by Gal Sagie: Kuryr - Connecting containers networking to OpenStack...
nvirters
 
PDF
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
OpenStack Korea Community
 
PDF
What's new in OpenStack Liberty
Stephen Gordon
 
PPTX
OpenStack and NetApp - Chen Reuven - OpenStack Day Israel 2017
Cloud Native Day Tel Aviv
 
PDF
Introduction to MidoNet
Taku Fukushima
 
PPTX
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
PDF
Zephyr: Creating a Best-of-Breed, Secure RTOS for IoT
LinuxCon ContainerCon CloudOpen China
 
PDF
An approach for migrating enterprise apps into open stack
Arthur Berezin
 
PPTX
Open stack HA - Theory to Reality
Sriram Subramanian
 
PDF
Running and Managing Kubernetes on OpenStack
Victor Palma
 
PPTX
OpenStack Neutron's Distributed Virtual Router
carlbaldwin
 
PPTX
Topologies of OpenStack
haribabu kasturi
 
PPTX
OpenStack HA
tcp cloud
 
PDF
Open stack in action enovance-quantum in action
eNovance
 
PDF
Inside Architecture of Neutron
markmcclain
 
PPTX
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
inwin stack
 
OpenStack Israel Meetup - Project Kuryr: Bringing Container Networking to Neu...
Cloud Native Day Tel Aviv
 
Deep dive into highly available open stack architecture openstack summit va...
Arthur Berezin
 
Mirantis OpenStack-DC-Meetup 17 Sept 2014
Mirantis
 
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Keith Tobin
 
Tech Talk by Gal Sagie: Kuryr - Connecting containers networking to OpenStack...
nvirters
 
[OpenStack Days 2016] Track4 - OpenNSL으로 브로드콜 기반 네트,워크 스위치 제어하기
OpenStack Korea Community
 
What's new in OpenStack Liberty
Stephen Gordon
 
OpenStack and NetApp - Chen Reuven - OpenStack Day Israel 2017
Cloud Native Day Tel Aviv
 
Introduction to MidoNet
Taku Fukushima
 
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
Zephyr: Creating a Best-of-Breed, Secure RTOS for IoT
LinuxCon ContainerCon CloudOpen China
 
An approach for migrating enterprise apps into open stack
Arthur Berezin
 
Open stack HA - Theory to Reality
Sriram Subramanian
 
Running and Managing Kubernetes on OpenStack
Victor Palma
 
OpenStack Neutron's Distributed Virtual Router
carlbaldwin
 
Topologies of OpenStack
haribabu kasturi
 
OpenStack HA
tcp cloud
 
Open stack in action enovance-quantum in action
eNovance
 
Inside Architecture of Neutron
markmcclain
 
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
inwin stack
 
Ad

Viewers also liked (20)

PDF
Application Management in Openstack
Cloud Native Day Tel Aviv
 
PDF
TechStory_CLASA_A4_eng_[1]
Ruaidhri Gleeson
 
ODP
Nadya ip 9ci
nadyaipi
 
PPTX
Tarea 3: Competencias informáticas
Maria MuĂąoz Ferreiro
 
PDF
Same looks, different compo...
Ruaidhri Gleeson
 
PDF
Foire de Caen 2015 - CommuniquĂŠ de Presse
Twisto
 
ODP
Barak Merimovich (GIgaSpaces) & Gal Moav (Ravello) - Devstack on Demand, Open...
Cloud Native Day Tel Aviv
 
DOCX
HIPERVINCULOS
reynavillegasg
 
PDF
How Openstack is Built
Anton Weiss
 
PDF
Ieeepro techno solutions ieee java project - privacy-preserving multi-keywor...
hemanthbbc
 
PDF
4.4 fractional exponents notes 2
Edith Steeves
 
PPTX
muhammad salman LI ppt
Muhammad Salman
 
PPTX
Eli Mansoor, Rackspace - The Rackspace Story, OpenStacl Israel 2015
Cloud Native Day Tel Aviv
 
PDF
Unix in the Cloud — Ignorance, Stagnation, Obsolescence
Andrew Pantyukhin
 
PDF
OpenStack in Production
OpenStack Foundation
 
PPTX
Dov Shalev, Kontron - Quantum Leap in Converged Modular Servers for Cloud Inf...
Cloud Native Day Tel Aviv
 
PDF
Heat optimization
Rico Lin
 
PPTX
The Unambiguous Cloud - Ori Weizman - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
PPTX
The IDI Digital Transformation - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
PPTX
Fluo CICD OpenStack Summit
Miguel Zuniga
 
Application Management in Openstack
Cloud Native Day Tel Aviv
 
TechStory_CLASA_A4_eng_[1]
Ruaidhri Gleeson
 
Nadya ip 9ci
nadyaipi
 
Tarea 3: Competencias informáticas
Maria MuĂąoz Ferreiro
 
Same looks, different compo...
Ruaidhri Gleeson
 
Foire de Caen 2015 - CommuniquĂŠ de Presse
Twisto
 
Barak Merimovich (GIgaSpaces) & Gal Moav (Ravello) - Devstack on Demand, Open...
Cloud Native Day Tel Aviv
 
HIPERVINCULOS
reynavillegasg
 
How Openstack is Built
Anton Weiss
 
Ieeepro techno solutions ieee java project - privacy-preserving multi-keywor...
hemanthbbc
 
4.4 fractional exponents notes 2
Edith Steeves
 
muhammad salman LI ppt
Muhammad Salman
 
Eli Mansoor, Rackspace - The Rackspace Story, OpenStacl Israel 2015
Cloud Native Day Tel Aviv
 
Unix in the Cloud — Ignorance, Stagnation, Obsolescence
Andrew Pantyukhin
 
OpenStack in Production
OpenStack Foundation
 
Dov Shalev, Kontron - Quantum Leap in Converged Modular Servers for Cloud Inf...
Cloud Native Day Tel Aviv
 
Heat optimization
Rico Lin
 
The Unambiguous Cloud - Ori Weizman - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
The IDI Digital Transformation - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
Fluo CICD OpenStack Summit
Miguel Zuniga
 
Ad

Similar to Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack Israel 2015 (20)

PDF
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
Nicolas Brousse
 
PDF
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Công TÔ
 
PDF
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
markmcclain
 
PDF
NetScaler and advanced networking in cloudstack
Deepak Garg
 
PDF
Osnug meetup-tungsten fabric - overview.pptx
M.Qasim Arham
 
PDF
OpenStack Neutron 201 1hr
David Lenwell
 
PDF
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
PDF
SDN & NFV Introduction - Open Source Data Center Networking
Thomas Graf
 
PDF
Network Virtualization & Software-defined Networking
Digicomp Academy AG
 
PDF
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
Chef Software, Inc.
 
PDF
Pulsar summit asia 2021 apache pulsar with mqtt for edge computing
Timothy Spann
 
PPTX
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Dan Mihai Dumitriu
 
PPTX
Bbva bank on Open Stack
Jose Maria San Jose Juarez
 
PPTX
Openstack Overview
rajdeep
 
PPTX
Multi tier-app-network-topology-neutron-final
Sadique Puthen
 
PDF
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
OpenNebula Project
 
PPTX
DCUS17 : Docker networking deep dive
Madhu Venugopal
 
PDF
Banv meetup-contrail
nvirters
 
PPTX
Dragonflow 01 2016 TLV meetup
Eran Gampel
 
PDF
OpenStack Neutron Advanced Services by Akanda
Sean Roberts
 
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
Nicolas Brousse
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Công TÔ
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
markmcclain
 
NetScaler and advanced networking in cloudstack
Deepak Garg
 
Osnug meetup-tungsten fabric - overview.pptx
M.Qasim Arham
 
OpenStack Neutron 201 1hr
David Lenwell
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
SDN & NFV Introduction - Open Source Data Center Networking
Thomas Graf
 
Network Virtualization & Software-defined Networking
Digicomp Academy AG
 
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
Chef Software, Inc.
 
Pulsar summit asia 2021 apache pulsar with mqtt for edge computing
Timothy Spann
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Dan Mihai Dumitriu
 
Bbva bank on Open Stack
Jose Maria San Jose Juarez
 
Openstack Overview
rajdeep
 
Multi tier-app-network-topology-neutron-final
Sadique Puthen
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
OpenNebula Project
 
DCUS17 : Docker networking deep dive
Madhu Venugopal
 
Banv meetup-contrail
nvirters
 
Dragonflow 01 2016 TLV meetup
Eran Gampel
 
OpenStack Neutron Advanced Services by Akanda
Sean Roberts
 

More from Cloud Native Day Tel Aviv (20)

PDF
Cloud Native is a Cultural Decision. By Reshef Mann
Cloud Native Day Tel Aviv
 
PDF
Container Runtime Security with Falco, by NĂŠstor Salceda
Cloud Native Day Tel Aviv
 
PDF
Kafka Mirror Tester: Go and Kubernetes Powered Test Suite for Kafka Replicati...
Cloud Native Day Tel Aviv
 
PDF
Running I/O intensive workloads on Kubernetes, by Nati Shalom
Cloud Native Day Tel Aviv
 
PDF
WTF Do We Need a Service Mesh? By Anton Weiss.
Cloud Native Day Tel Aviv
 
PDF
Update Strategies for the Edge, by Kat Cosgrove
Cloud Native Day Tel Aviv
 
PDF
Building a Cloud-Native SaaS Product The Hard Way. By Arthur Berezin
Cloud Native Day Tel Aviv
 
PDF
The Four Questions (Every Monitoring Engineer gets asked), by Leon Adato
Cloud Native Day Tel Aviv
 
PDF
K8s Pod Scheduling - Deep Dive. By Tsahi Duek.
Cloud Native Day Tel Aviv
 
PDF
Cloud Native: The Cattle, the Pets, and the Germs, by Avishai Ish-Shalom
Cloud Native Day Tel Aviv
 
PDF
MySQL Shell: the daily tool for devs and admins. By Vittorio Cioe.
Cloud Native Day Tel Aviv
 
PDF
Cloud native transformation patterns, by Pini Reznik
Cloud Native Day Tel Aviv
 
PPTX
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud Native Day Tel Aviv
 
PDF
Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...
Cloud Native Day Tel Aviv
 
PDF
12 Factor Serverless Applications - Mike Morain, AWS - Cloud Native Day Tel A...
Cloud Native Day Tel Aviv
 
PDF
Not my problem! Delegating responsibilities to the infrastructure - Yshay Yaa...
Cloud Native Day Tel Aviv
 
PDF
Brain in the Cloud: Machine Learning on OpenStack & Kubernetes Done Right - E...
Cloud Native Day Tel Aviv
 
PPTX
A stateful application walks into a Kubernetes bar - Arthur Berezin, JovianX ...
Cloud Native Day Tel Aviv
 
PPTX
The story of how KubeMQ was born - Oz Golan, KubeMQ - Cloud Native Day Tel Av...
Cloud Native Day Tel Aviv
 
PPTX
I want it all: go hybrid - Orit Yaron, Outbrain - Cloud Native Day Tel Aviv 2018
Cloud Native Day Tel Aviv
 
Cloud Native is a Cultural Decision. By Reshef Mann
Cloud Native Day Tel Aviv
 
Container Runtime Security with Falco, by NĂŠstor Salceda
Cloud Native Day Tel Aviv
 
Kafka Mirror Tester: Go and Kubernetes Powered Test Suite for Kafka Replicati...
Cloud Native Day Tel Aviv
 
Running I/O intensive workloads on Kubernetes, by Nati Shalom
Cloud Native Day Tel Aviv
 
WTF Do We Need a Service Mesh? By Anton Weiss.
Cloud Native Day Tel Aviv
 
Update Strategies for the Edge, by Kat Cosgrove
Cloud Native Day Tel Aviv
 
Building a Cloud-Native SaaS Product The Hard Way. By Arthur Berezin
Cloud Native Day Tel Aviv
 
The Four Questions (Every Monitoring Engineer gets asked), by Leon Adato
Cloud Native Day Tel Aviv
 
K8s Pod Scheduling - Deep Dive. By Tsahi Duek.
Cloud Native Day Tel Aviv
 
Cloud Native: The Cattle, the Pets, and the Germs, by Avishai Ish-Shalom
Cloud Native Day Tel Aviv
 
MySQL Shell: the daily tool for devs and admins. By Vittorio Cioe.
Cloud Native Day Tel Aviv
 
Cloud native transformation patterns, by Pini Reznik
Cloud Native Day Tel Aviv
 
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud Native Day Tel Aviv
 
Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...
Cloud Native Day Tel Aviv
 
12 Factor Serverless Applications - Mike Morain, AWS - Cloud Native Day Tel A...
Cloud Native Day Tel Aviv
 
Not my problem! Delegating responsibilities to the infrastructure - Yshay Yaa...
Cloud Native Day Tel Aviv
 
Brain in the Cloud: Machine Learning on OpenStack & Kubernetes Done Right - E...
Cloud Native Day Tel Aviv
 
A stateful application walks into a Kubernetes bar - Arthur Berezin, JovianX ...
Cloud Native Day Tel Aviv
 
The story of how KubeMQ was born - Oz Golan, KubeMQ - Cloud Native Day Tel Av...
Cloud Native Day Tel Aviv
 
I want it all: go hybrid - Orit Yaron, Outbrain - Cloud Native Day Tel Aviv 2018
Cloud Native Day Tel Aviv
 

Recently uploaded (20)

PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PDF
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
PDF
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
PDF
Software Development Company | KodekX
KodekX
 
PDF
Software Development Methodologies in 2025
KodekX
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PPTX
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PDF
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
REPORT: Heating appliances market in Poland 2024
SPIUG
 
PPTX
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
PPTX
How to Build a Scalable Micro-Investing Platform in 2025 - A Founder’s Guide ...
Third Rock Techkno
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
Software Development Company | KodekX
KodekX
 
Software Development Methodologies in 2025
KodekX
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
REPORT: Heating appliances market in Poland 2024
SPIUG
 
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
How to Build a Scalable Micro-Investing Platform in 2025 - A Founder’s Guide ...
Third Rock Techkno
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 

Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack Israel 2015

  • 1. @Livnat_Peer Sr. Engineering Manager, Red Hat @ArthurBerezin Sr. Technical Product Manager, Red Hat Neutron High Availability OpenStack Israel Tel-Aviv June 2015
  • 2. Agenda HA Enabling Technologies Pacemaker and HAProxy Neutron Built-in Mechanisms DHCP Agent HA L3 Agent with Virtual Router Redundancy Protocol(VRRP) Distributed Virtual Routing(DVR)
  • 3. cc: Morio2015 Source: https://www.wikiwand.com/en/Scuderia_Ferrari
  • 5. High Availability ● Minimize Downtime By Avoiding SPOF ● Service redundancy ○ Active-Active When possible ■ Stateless services ■ Built-in HA mechanisms ○ Active-Passive for others ● Scale out Architecture Add nodes as you go
  • 8. ● Cluster Resource Manager ● Uses Corosync for cluster communication ● Monitor and Control Resources: ○ Floating Virtual IP Address (VIP) ○ SystemD/LSB/OCF Services ○ Cloned Services(Active/Active) ● STONITH - Fencing with Power Management ○ Important for ensuring data consistency Pacemaker
  • 9. ● Virtual IP(VIP) ● SystemD Cloned Resource ● STONITH Fencing Pacemaker OpenStack Service Node 2 - 192.168.1.2Node 1 - 192.168.1.1 pcsd pcsd Cloned STONITH STONITH Service Service Service Virtual IP 10.0.0.1
  • 10. HAProxy Load Balancer Load Balancing and Proxy for HTTP/TCP ● Mature and popular with web applications ● Health Checking ● Load Distribution
  • 11. ● Load Distribution ○ Round Robin, ○ Stick-Table ● API Isolation ● Failure Detection Node 1 Node 2 Node 3 HAProxy Load Balancer Service Service HAProxy
  • 12. Avoiding SPOFs A day in a Highly Available Service Life
  • 14. Neutron-Server Controller Give Me Horizon Web UI NOW! Single Point Of Failure
  • 15. Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1
  • 16. Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1 Single Point Of Failure Each Could Fail
  • 17. Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1 Single Point Of Failure Pacemaker Cloned Horizon Service
  • 18. Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 Give Me Horizon Web UI NOW! HAProxy Controller 1 HAProxy Controller 3 HAProxy Controller 2 Pacemaker Cloned Horizon Service Pacemaker Cloned HAProxy Service
  • 19. Pacemaker Cloned HAProxy Service Neutron-Server Controller 1 Neutron-Server Controller 2 Neutron-Server Controller 3 HAProxy Controller 1 HAProxy Controller 3 HAProxy Controller 2 Give Me Horizon Web UI NOW! Horizon VIP Pacemaker Cloned Horizon Service
  • 21. ● External mechanisms ● Neutron built-in mechanisms ● Reference implementation vs. vendors code My HA Solution
  • 22. Architecture - Assuming Centralized Network Node Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Neutron server OVS agent OVS OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq Internet External Network API Network Management Network Data Network L3 Agent
  • 23. DHCP Agent ● IP address allocation is done by the Neutron server ● dnsmasq is used as a distribution mechanism of predefined allocations ● The DHCP protocol allows multiple DHCP servers to co-exist while serving the same pool ● Configuration in Neutron neutron.conf : dhcp_agents_per_network = X OVS Agent Neutron serverOVS DHCP agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent keepalived DHCP Agent
  • 24. ● Dynamic process creation: dnsmasq, keepalived, metadata proxy etc. ● ProcessMonitor check processes liveliness periodically ● Optional actions: – Respawn process – Exit agent – Notify (not available yet) ● Default configuration check_child_processes_action = respawn check_child_processes_period = 0 Process Monitoring OVS Agent Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent keepalived
  • 25. Metadata Agent OVS What Else? DHCP Agent Metadata Proxy dnsmasq L3 Agent keepalived OVS Agent OVS Metadata Agent
  • 26. What Else? Metadata Agent OVS DHCP Agent Metadata Proxy dnsmasq L3 Agent keepalived OVS Agent OVS Metadata Agent
  • 27. What Else? Metadata Agent OVS DHCP Agent Metadata Proxy dnsmasq L3 Agent keepalived OVS Agent OVS Metadata Agent
  • 28. VRRP (Virtual Router Redundancy Protocol) ● Providing HA of the network’s default gateway ● Configuring default gateway as VIP + Virtual MAC ● Gratuitous ARP after failover Sync Net
  • 29. L3 HA Implementing VRRP ● Using keepalived which internally implements VRRP ● Creating a per tenant HA network, used for VRRP sync messages ● When HA router is created it is scheduled on multiple network nodes (Configurable) ● New in Kilo – Report which network node is hosting the master instance ● On the work – L3 HA + l2pop – External interface tracking – L3 HA+DVR
  • 30. Traffic Flow 3-tier Application Host 1 WWW VM Host 2 App VM Host 3 DB VM Network Node Virtual Router
  • 31. DVR – Distributed Virtual Router ● DVR is moving most of the routing to the compute node – Isolating the failure domain of the network node – Optimizing the network flow ● Traffic types – East – West (Within the tenant, different networks) – North – South with floating IP (VM to/from external network) – North – South without floating IP (Based on SNAT) Direct between compute nodes Through network node
  • 32. Architecture - Assuming DVR Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Internet External Network API Network Management Network Data Network Network Node OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent Neutron server OVS agent OVS
  • 33. Architecture - Assuming DVR Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Internet External Network API Network Management Network Data Network Network Node OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent Neutron server OVS agent OVS
  • 34. Architecture - Assuming DVR Compute Node Controller Node Network Node Neutron server MySQL server Neutron server Neutron serverRabbitmq server Neutron server OVS agent OVS Internet External Network API Network Management Network Data Network Compute Node Neutron server OVS agent Neutron serverOVS L3 agent Neutron serverMetadata agent Metadata Proxy Network Node OVS Agent keepalived Neutron serverOVS DHCP agentDHCP Agent Neutron serverMetadata Agent Metadata Proxy dnsmasq L3 Agent
  • 35. Summary ● No one stop shop ● Maximize the use of built-in solutions – They are vendor neutral – Highly maintained – Widely documented ● Understand what you need, use the appropriate tools – DVR vs VRRP – What size is your deployment, maybe A/P is good enough... ● The more complicated the solution is the more likely it is to have bugs
  • 37. Resources ● http://assafmuller.com ● http://specs.openstack.org/openstack/neutron-specs/specs/kilo/agent-child-processes-statu s.html ● https://github.com/beekhof/osp-ha-deploy/blob/master/ha-openstack.md ● https://docs.google.com/document/d/1jCmraZGirmXq5V1MtRqhjdZCbUfiwBhRkUjDXGt5QUQ /edit ● https://docs.google.com/document/d/1jCmraZGirmXq5V1MtRqhjdZCbUfiwBhRkUjDXGt5QUQ /edit ● https://www.youtube.com/watch?v=00j1x-T1vhA