DNS HA
Implement DNS high availability. Pass the correct information to hacluster to register a DNS entry with MAAS 2.0 or greater rather than using a virtual IP. Charm-helpers sync to bring in DNS HA helpers Change-Id: Ifb27cc96b913f4fe315119477691936919684b62
This commit is contained in:
parent
5251e366b4
commit
592b8e0947
3
.gitignore
vendored
3
.gitignore
vendored
@ -5,3 +5,6 @@ bin
|
|||||||
tags
|
tags
|
||||||
*.sw[nop]
|
*.sw[nop]
|
||||||
*.pyc
|
*.pyc
|
||||||
|
.unit-state.db
|
||||||
|
trusty/
|
||||||
|
xenial/
|
||||||
|
33
README.md
33
README.md
@ -23,6 +23,39 @@ This charm also supports scale out and high availability using the hacluster cha
|
|||||||
juju set neutron-api vip=<VIP FOR ACCESS>
|
juju set neutron-api vip=<VIP FOR ACCESS>
|
||||||
juju add-relation neutron-hacluster neutron-api
|
juju add-relation neutron-hacluster neutron-api
|
||||||
|
|
||||||
|
## HA/Clustering
|
||||||
|
|
||||||
|
There are two mutually exclusive high availability options: using virtual
|
||||||
|
IP(s) or DNS. In both cases, a relationship to hacluster is required which
|
||||||
|
provides the corosync back end HA functionality.
|
||||||
|
|
||||||
|
To use virtual IP(s) the clustered nodes must be on the same subnet such that
|
||||||
|
the VIP is a valid IP on the subnet for one of the node's interfaces and each
|
||||||
|
node has an interface in said subnet. The VIP becomes a highly-available API
|
||||||
|
endpoint.
|
||||||
|
|
||||||
|
At a minimum, the config option 'vip' must be set in order to use virtual IP
|
||||||
|
HA. If multiple networks are being used, a VIP should be provided for each
|
||||||
|
network, separated by spaces. Optionally, vip_iface or vip_cidr may be
|
||||||
|
specified.
|
||||||
|
|
||||||
|
To use DNS high availability there are several prerequisites. However, DNS HA
|
||||||
|
does not require the clustered nodes to be on the same subnet.
|
||||||
|
Currently the DNS HA feature is only available for MAAS 2.0 or greater
|
||||||
|
environments. MAAS 2.0 requires Juju 2.0 or greater. The clustered nodes must
|
||||||
|
have static or "reserved" IP addresses registered in MAAS. The DNS hostname(s)
|
||||||
|
must be pre-registered in MAAS before use with DNS HA.
|
||||||
|
|
||||||
|
At a minimum, the config option 'dns-ha' must be set to true and at least one
|
||||||
|
of 'os-public-hostname', 'os-internal-hostname' or 'os-internal-hostname' must
|
||||||
|
be set in order to use DNS HA. One or more of the above hostnames may be set.
|
||||||
|
|
||||||
|
The charm will throw an exception in the following circumstances:
|
||||||
|
If neither 'vip' nor 'dns-ha' is set and the charm is related to hacluster
|
||||||
|
If both 'vip' and 'dns-ha' are set as they are mutually exclusive
|
||||||
|
If 'dns-ha' is set and none of the os-{admin,internal,public}-hostname(s) are
|
||||||
|
set
|
||||||
|
|
||||||
# Restrictions
|
# Restrictions
|
||||||
|
|
||||||
This charm only support deployment with OpenStack Icehouse or better.
|
This charm only support deployment with OpenStack Icehouse or better.
|
||||||
|
30
config.yaml
30
config.yaml
@ -231,6 +231,12 @@ options:
|
|||||||
Number of floating IPs allowed per tenant. A negative value means
|
Number of floating IPs allowed per tenant. A negative value means
|
||||||
unlimited.
|
unlimited.
|
||||||
# HA configuration settings
|
# HA configuration settings
|
||||||
|
dns-ha:
|
||||||
|
type: boolean
|
||||||
|
default: False
|
||||||
|
description: |
|
||||||
|
Use DNS HA with MAAS 2.0. Note if this is set do not set vip
|
||||||
|
settings below.
|
||||||
vip:
|
vip:
|
||||||
type: string
|
type: string
|
||||||
default:
|
default:
|
||||||
@ -301,6 +307,30 @@ options:
|
|||||||
will create the following endpoint for neutron-api:
|
will create the following endpoint for neutron-api:
|
||||||
.
|
.
|
||||||
https://neutron-api.example.com:9696/
|
https://neutron-api.example.com:9696/
|
||||||
|
os-internal-hostname:
|
||||||
|
type: string
|
||||||
|
default:
|
||||||
|
description: |
|
||||||
|
The hostname or address of the internal endpoints created for neutron-api
|
||||||
|
in the keystone identity provider.
|
||||||
|
.
|
||||||
|
This value will be used for internal endpoints. For example, an
|
||||||
|
os-internal-hostname set to 'neutron-api.internal.example.com' with ssl
|
||||||
|
enabled will create a internal endpoint for neutron-api:
|
||||||
|
.
|
||||||
|
https://neutron-api.internal.example.com:9696/
|
||||||
|
os-admin-hostname:
|
||||||
|
type: string
|
||||||
|
default:
|
||||||
|
description: |
|
||||||
|
The hostname or address of the admin endpoints created for neutron-api
|
||||||
|
in the keystone identity provider.
|
||||||
|
.
|
||||||
|
This value will be used for admin endpoints. For example, an
|
||||||
|
os-admin-hostname set to 'neutron-api.admin.example.com' with ssl enabled
|
||||||
|
will create a internal endpoint for neutron-api:
|
||||||
|
.
|
||||||
|
https://neutron-api.admin.example.com:9696/
|
||||||
ssl_cert:
|
ssl_cert:
|
||||||
type: string
|
type: string
|
||||||
default:
|
default:
|
||||||
|
@ -280,14 +280,14 @@ def get_hacluster_config(exclude_keys=None):
|
|||||||
for initiating a relation to hacluster:
|
for initiating a relation to hacluster:
|
||||||
|
|
||||||
ha-bindiface, ha-mcastport, vip, os-internal-hostname,
|
ha-bindiface, ha-mcastport, vip, os-internal-hostname,
|
||||||
os-admin-hostname, os-public-hostname
|
os-admin-hostname, os-public-hostname, os-access-hostname
|
||||||
|
|
||||||
param: exclude_keys: list of setting key(s) to be excluded.
|
param: exclude_keys: list of setting key(s) to be excluded.
|
||||||
returns: dict: A dict containing settings keyed by setting name.
|
returns: dict: A dict containing settings keyed by setting name.
|
||||||
raises: HAIncompleteConfig if settings are missing or incorrect.
|
raises: HAIncompleteConfig if settings are missing or incorrect.
|
||||||
'''
|
'''
|
||||||
settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'os-internal-hostname',
|
settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'os-internal-hostname',
|
||||||
'os-admin-hostname', 'os-public-hostname']
|
'os-admin-hostname', 'os-public-hostname', 'os-access-hostname']
|
||||||
conf = {}
|
conf = {}
|
||||||
for setting in settings:
|
for setting in settings:
|
||||||
if exclude_keys and setting in exclude_keys:
|
if exclude_keys and setting in exclude_keys:
|
||||||
@ -324,7 +324,7 @@ def valid_hacluster_config():
|
|||||||
# If dns-ha then one of os-*-hostname must be set
|
# If dns-ha then one of os-*-hostname must be set
|
||||||
if dns:
|
if dns:
|
||||||
dns_settings = ['os-internal-hostname', 'os-admin-hostname',
|
dns_settings = ['os-internal-hostname', 'os-admin-hostname',
|
||||||
'os-public-hostname']
|
'os-public-hostname', 'os-access-hostname']
|
||||||
# At this point it is unknown if one or all of the possible
|
# At this point it is unknown if one or all of the possible
|
||||||
# network spaces are in HA. Validate at least one is set which is
|
# network spaces are in HA. Validate at least one is set which is
|
||||||
# the minimum required.
|
# the minimum required.
|
||||||
|
@ -36,6 +36,10 @@ from charmhelpers.core.hookenv import (
|
|||||||
DEBUG,
|
DEBUG,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from charmhelpers.core.host import (
|
||||||
|
lsb_release
|
||||||
|
)
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack.ip import (
|
from charmhelpers.contrib.openstack.ip import (
|
||||||
resolve_address,
|
resolve_address,
|
||||||
)
|
)
|
||||||
@ -63,8 +67,11 @@ def update_dns_ha_resource_params(resources, resource_params,
|
|||||||
DNS HA
|
DNS HA
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
# Validate the charm environment for DNS HA
|
||||||
|
assert_charm_supports_dns_ha()
|
||||||
|
|
||||||
settings = ['os-admin-hostname', 'os-internal-hostname',
|
settings = ['os-admin-hostname', 'os-internal-hostname',
|
||||||
'os-public-hostname']
|
'os-public-hostname', 'os-access-hostname']
|
||||||
|
|
||||||
# Check which DNS settings are set and update dictionaries
|
# Check which DNS settings are set and update dictionaries
|
||||||
hostname_group = []
|
hostname_group = []
|
||||||
@ -109,3 +116,15 @@ def update_dns_ha_resource_params(resources, resource_params,
|
|||||||
msg = 'DNS HA: Hostname group has no members.'
|
msg = 'DNS HA: Hostname group has no members.'
|
||||||
status_set('blocked', msg)
|
status_set('blocked', msg)
|
||||||
raise DNSHAException(msg)
|
raise DNSHAException(msg)
|
||||||
|
|
||||||
|
|
||||||
|
def assert_charm_supports_dns_ha():
|
||||||
|
"""Validate prerequisites for DNS HA
|
||||||
|
The MAAS client is only available on Xenial or greater
|
||||||
|
"""
|
||||||
|
if lsb_release().get('DISTRIB_RELEASE') < '16.04':
|
||||||
|
msg = ('DNS HA is only supported on 16.04 and greater '
|
||||||
|
'versions of Ubuntu.')
|
||||||
|
status_set('blocked', msg)
|
||||||
|
raise DNSHAException(msg)
|
||||||
|
return True
|
||||||
|
@ -725,15 +725,14 @@ def git_install_requested():
|
|||||||
requirements_dir = None
|
requirements_dir = None
|
||||||
|
|
||||||
|
|
||||||
def git_default_repos(projects_yaml):
|
def git_default_repos(projects):
|
||||||
"""
|
"""
|
||||||
Returns default repos if a default openstack-origin-git value is specified.
|
Returns default repos if a default openstack-origin-git value is specified.
|
||||||
"""
|
"""
|
||||||
service = service_name()
|
service = service_name()
|
||||||
core_project = service
|
|
||||||
|
|
||||||
for default, branch in GIT_DEFAULT_BRANCHES.iteritems():
|
for default, branch in GIT_DEFAULT_BRANCHES.iteritems():
|
||||||
if projects_yaml == default:
|
if projects == default:
|
||||||
|
|
||||||
# add the requirements repo first
|
# add the requirements repo first
|
||||||
repo = {
|
repo = {
|
||||||
@ -743,41 +742,34 @@ def git_default_repos(projects_yaml):
|
|||||||
}
|
}
|
||||||
repos = [repo]
|
repos = [repo]
|
||||||
|
|
||||||
# neutron-* and nova-* charms require some additional repos
|
# neutron and nova charms require some additional repos
|
||||||
if service in ['neutron-api', 'neutron-gateway',
|
if service == 'neutron':
|
||||||
'neutron-openvswitch']:
|
for svc in ['neutron-fwaas', 'neutron-lbaas', 'neutron-vpnaas']:
|
||||||
core_project = 'neutron'
|
|
||||||
for project in ['neutron-fwaas', 'neutron-lbaas',
|
|
||||||
'neutron-vpnaas']:
|
|
||||||
repo = {
|
repo = {
|
||||||
'name': project,
|
'name': svc,
|
||||||
'repository': GIT_DEFAULT_REPOS[project],
|
'repository': GIT_DEFAULT_REPOS[svc],
|
||||||
'branch': branch,
|
'branch': branch,
|
||||||
}
|
}
|
||||||
repos.append(repo)
|
repos.append(repo)
|
||||||
|
elif service == 'nova':
|
||||||
elif service in ['nova-cloud-controller', 'nova-compute']:
|
|
||||||
core_project = 'nova'
|
|
||||||
repo = {
|
repo = {
|
||||||
'name': 'neutron',
|
'name': 'neutron',
|
||||||
'repository': GIT_DEFAULT_REPOS['neutron'],
|
'repository': GIT_DEFAULT_REPOS['neutron'],
|
||||||
'branch': branch,
|
'branch': branch,
|
||||||
}
|
}
|
||||||
repos.append(repo)
|
repos.append(repo)
|
||||||
elif service == 'openstack-dashboard':
|
|
||||||
core_project = 'horizon'
|
|
||||||
|
|
||||||
# finally add the current service's core project repo
|
# finally add the current service's repo
|
||||||
repo = {
|
repo = {
|
||||||
'name': core_project,
|
'name': service,
|
||||||
'repository': GIT_DEFAULT_REPOS[core_project],
|
'repository': GIT_DEFAULT_REPOS[service],
|
||||||
'branch': branch,
|
'branch': branch,
|
||||||
}
|
}
|
||||||
repos.append(repo)
|
repos.append(repo)
|
||||||
|
|
||||||
return yaml.dump(dict(repositories=repos))
|
return yaml.dump(dict(repositories=repos))
|
||||||
|
|
||||||
return projects_yaml
|
return projects
|
||||||
|
|
||||||
|
|
||||||
def _git_yaml_load(projects_yaml):
|
def _git_yaml_load(projects_yaml):
|
||||||
|
@ -86,6 +86,10 @@ from charmhelpers.contrib.hahelpers.cluster import (
|
|||||||
is_elected_leader,
|
is_elected_leader,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack.ha.utils import (
|
||||||
|
update_dns_ha_resource_params,
|
||||||
|
)
|
||||||
|
|
||||||
from charmhelpers.payload.execd import execd_preinstall
|
from charmhelpers.payload.execd import execd_preinstall
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack.ip import (
|
from charmhelpers.contrib.openstack.ip import (
|
||||||
@ -516,7 +520,7 @@ def cluster_changed():
|
|||||||
|
|
||||||
|
|
||||||
@hooks.hook('ha-relation-joined')
|
@hooks.hook('ha-relation-joined')
|
||||||
def ha_joined():
|
def ha_joined(relation_id=None):
|
||||||
cluster_config = get_hacluster_config()
|
cluster_config = get_hacluster_config()
|
||||||
resources = {
|
resources = {
|
||||||
'res_neutron_haproxy': 'lsb:haproxy',
|
'res_neutron_haproxy': 'lsb:haproxy',
|
||||||
@ -524,6 +528,11 @@ def ha_joined():
|
|||||||
resource_params = {
|
resource_params = {
|
||||||
'res_neutron_haproxy': 'op monitor interval="5s"'
|
'res_neutron_haproxy': 'op monitor interval="5s"'
|
||||||
}
|
}
|
||||||
|
if config('dns-ha'):
|
||||||
|
update_dns_ha_resource_params(relation_id=relation_id,
|
||||||
|
resources=resources,
|
||||||
|
resource_params=resource_params)
|
||||||
|
else:
|
||||||
vip_group = []
|
vip_group = []
|
||||||
for vip in cluster_config['vip'].split():
|
for vip in cluster_config['vip'].split():
|
||||||
if is_ipv6(vip):
|
if is_ipv6(vip):
|
||||||
@ -559,7 +568,8 @@ def ha_joined():
|
|||||||
clones = {
|
clones = {
|
||||||
'cl_nova_haproxy': 'res_neutron_haproxy'
|
'cl_nova_haproxy': 'res_neutron_haproxy'
|
||||||
}
|
}
|
||||||
relation_set(init_services=init_services,
|
relation_set(relation_id=relation_id,
|
||||||
|
init_services=init_services,
|
||||||
corosync_bindiface=cluster_config['ha-bindiface'],
|
corosync_bindiface=cluster_config['ha-bindiface'],
|
||||||
corosync_mcastport=cluster_config['ha-mcastport'],
|
corosync_mcastport=cluster_config['ha-mcastport'],
|
||||||
resources=resources,
|
resources=resources,
|
||||||
|
@ -75,6 +75,7 @@ TO_PATCH = [
|
|||||||
'force_etcd_restart',
|
'force_etcd_restart',
|
||||||
'status_set',
|
'status_set',
|
||||||
'network_get_primary_address',
|
'network_get_primary_address',
|
||||||
|
'update_dns_ha_resource_params',
|
||||||
]
|
]
|
||||||
NEUTRON_CONF_DIR = "/etc/neutron"
|
NEUTRON_CONF_DIR = "/etc/neutron"
|
||||||
|
|
||||||
@ -731,6 +732,7 @@ class NeutronAPIHooksTests(CharmTestCase):
|
|||||||
self.get_iface_for_address.return_value = 'eth0'
|
self.get_iface_for_address.return_value = 'eth0'
|
||||||
self.get_netmask_for_address.return_value = '255.255.255.0'
|
self.get_netmask_for_address.return_value = '255.255.255.0'
|
||||||
_relation_data = {
|
_relation_data = {
|
||||||
|
'relation_id': None,
|
||||||
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
||||||
'corosync_bindiface': _ha_config['ha-bindiface'],
|
'corosync_bindiface': _ha_config['ha-bindiface'],
|
||||||
'corosync_mcastport': _ha_config['ha-mcastport'],
|
'corosync_mcastport': _ha_config['ha-mcastport'],
|
||||||
@ -763,6 +765,7 @@ class NeutronAPIHooksTests(CharmTestCase):
|
|||||||
self.get_iface_for_address.return_value = None
|
self.get_iface_for_address.return_value = None
|
||||||
self.get_netmask_for_address.return_value = None
|
self.get_netmask_for_address.return_value = None
|
||||||
_relation_data = {
|
_relation_data = {
|
||||||
|
'relation_id': None,
|
||||||
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
||||||
'corosync_bindiface': _ha_config['ha-bindiface'],
|
'corosync_bindiface': _ha_config['ha-bindiface'],
|
||||||
'corosync_mcastport': _ha_config['ha-mcastport'],
|
'corosync_mcastport': _ha_config['ha-mcastport'],
|
||||||
@ -799,6 +802,7 @@ class NeutronAPIHooksTests(CharmTestCase):
|
|||||||
self.get_iface_for_address.return_value = 'eth0'
|
self.get_iface_for_address.return_value = 'eth0'
|
||||||
self.get_netmask_for_address.return_value = 'ffff.ffff.ffff.ffff'
|
self.get_netmask_for_address.return_value = 'ffff.ffff.ffff.ffff'
|
||||||
_relation_data = {
|
_relation_data = {
|
||||||
|
'relation_id': None,
|
||||||
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
||||||
'corosync_bindiface': _ha_config['ha-bindiface'],
|
'corosync_bindiface': _ha_config['ha-bindiface'],
|
||||||
'corosync_mcastport': _ha_config['ha-mcastport'],
|
'corosync_mcastport': _ha_config['ha-mcastport'],
|
||||||
@ -817,6 +821,43 @@ class NeutronAPIHooksTests(CharmTestCase):
|
|||||||
**_relation_data
|
**_relation_data
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@patch.object(hooks, 'get_hacluster_config')
|
||||||
|
def test_ha_joined_dns_ha(self, _get_hacluster_config):
|
||||||
|
def _fake_update(resources, resource_params, relation_id=None):
|
||||||
|
resources.update({'res_neutron_public_hostname':
|
||||||
|
'ocf:maas:dns'})
|
||||||
|
resource_params.update({'res_neutron_public_hostname':
|
||||||
|
'params fqdn="neutron-api.maas" '
|
||||||
|
'ip_address="10.0.0.1"'})
|
||||||
|
|
||||||
|
self.test_config.set('dns-ha', True)
|
||||||
|
_get_hacluster_config.return_value = {
|
||||||
|
'vip': None,
|
||||||
|
'ha-bindiface': 'em0',
|
||||||
|
'ha-mcastport': '8080',
|
||||||
|
'os-admin-hostname': None,
|
||||||
|
'os-internal-hostname': None,
|
||||||
|
'os-public-hostname': 'neutron-api.maas',
|
||||||
|
}
|
||||||
|
args = {
|
||||||
|
'relation_id': None,
|
||||||
|
'corosync_bindiface': 'em0',
|
||||||
|
'corosync_mcastport': '8080',
|
||||||
|
'init_services': {'res_neutron_haproxy': 'haproxy'},
|
||||||
|
'resources': {'res_neutron_public_hostname': 'ocf:maas:dns',
|
||||||
|
'res_neutron_haproxy': 'lsb:haproxy'},
|
||||||
|
'resource_params': {
|
||||||
|
'res_neutron_public_hostname':
|
||||||
|
'params fqdn="neutron-api.maas" ip_address="10.0.0.1"',
|
||||||
|
'res_neutron_haproxy': 'op monitor interval="5s"'},
|
||||||
|
'clones': {'cl_nova_haproxy': 'res_neutron_haproxy'}
|
||||||
|
}
|
||||||
|
self.update_dns_ha_resource_params.side_effect = _fake_update
|
||||||
|
|
||||||
|
hooks.ha_joined()
|
||||||
|
self.assertTrue(self.update_dns_ha_resource_params.called)
|
||||||
|
self.relation_set.assert_called_with(**args)
|
||||||
|
|
||||||
def test_ha_changed(self):
|
def test_ha_changed(self):
|
||||||
self.test_relation.set({
|
self.test_relation.set({
|
||||||
'clustered': 'true',
|
'clustered': 'true',
|
||||||
|
Loading…
Reference in New Issue
Block a user