Implement DNS high availability. Pass the correct information to
hacluster to register a DNS entry with MAAS 2.0 or greater rather
than using a virtual IP.

Charm-helpers sync to bring in DNS HA helpers

Change-Id: Ifb27cc96b913f4fe315119477691936919684b62
This commit is contained in:
David Ames 2016-06-14 15:47:54 -07:00 committed by James Page
parent 5251e366b4
commit 592b8e0947
8 changed files with 179 additions and 51 deletions

3
.gitignore vendored
View File

@ -5,3 +5,6 @@ bin
tags tags
*.sw[nop] *.sw[nop]
*.pyc *.pyc
.unit-state.db
trusty/
xenial/

View File

@ -23,6 +23,39 @@ This charm also supports scale out and high availability using the hacluster cha
juju set neutron-api vip=<VIP FOR ACCESS> juju set neutron-api vip=<VIP FOR ACCESS>
juju add-relation neutron-hacluster neutron-api juju add-relation neutron-hacluster neutron-api
## HA/Clustering
There are two mutually exclusive high availability options: using virtual
IP(s) or DNS. In both cases, a relationship to hacluster is required which
provides the corosync back end HA functionality.
To use virtual IP(s) the clustered nodes must be on the same subnet such that
the VIP is a valid IP on the subnet for one of the node's interfaces and each
node has an interface in said subnet. The VIP becomes a highly-available API
endpoint.
At a minimum, the config option 'vip' must be set in order to use virtual IP
HA. If multiple networks are being used, a VIP should be provided for each
network, separated by spaces. Optionally, vip_iface or vip_cidr may be
specified.
To use DNS high availability there are several prerequisites. However, DNS HA
does not require the clustered nodes to be on the same subnet.
Currently the DNS HA feature is only available for MAAS 2.0 or greater
environments. MAAS 2.0 requires Juju 2.0 or greater. The clustered nodes must
have static or "reserved" IP addresses registered in MAAS. The DNS hostname(s)
must be pre-registered in MAAS before use with DNS HA.
At a minimum, the config option 'dns-ha' must be set to true and at least one
of 'os-public-hostname', 'os-internal-hostname' or 'os-internal-hostname' must
be set in order to use DNS HA. One or more of the above hostnames may be set.
The charm will throw an exception in the following circumstances:
If neither 'vip' nor 'dns-ha' is set and the charm is related to hacluster
If both 'vip' and 'dns-ha' are set as they are mutually exclusive
If 'dns-ha' is set and none of the os-{admin,internal,public}-hostname(s) are
set
# Restrictions # Restrictions
This charm only support deployment with OpenStack Icehouse or better. This charm only support deployment with OpenStack Icehouse or better.

View File

@ -231,6 +231,12 @@ options:
Number of floating IPs allowed per tenant. A negative value means Number of floating IPs allowed per tenant. A negative value means
unlimited. unlimited.
# HA configuration settings # HA configuration settings
dns-ha:
type: boolean
default: False
description: |
Use DNS HA with MAAS 2.0. Note if this is set do not set vip
settings below.
vip: vip:
type: string type: string
default: default:
@ -301,6 +307,30 @@ options:
will create the following endpoint for neutron-api: will create the following endpoint for neutron-api:
. .
https://neutron-api.example.com:9696/ https://neutron-api.example.com:9696/
os-internal-hostname:
type: string
default:
description: |
The hostname or address of the internal endpoints created for neutron-api
in the keystone identity provider.
.
This value will be used for internal endpoints. For example, an
os-internal-hostname set to 'neutron-api.internal.example.com' with ssl
enabled will create a internal endpoint for neutron-api:
.
https://neutron-api.internal.example.com:9696/
os-admin-hostname:
type: string
default:
description: |
The hostname or address of the admin endpoints created for neutron-api
in the keystone identity provider.
.
This value will be used for admin endpoints. For example, an
os-admin-hostname set to 'neutron-api.admin.example.com' with ssl enabled
will create a internal endpoint for neutron-api:
.
https://neutron-api.admin.example.com:9696/
ssl_cert: ssl_cert:
type: string type: string
default: default:

View File

@ -280,14 +280,14 @@ def get_hacluster_config(exclude_keys=None):
for initiating a relation to hacluster: for initiating a relation to hacluster:
ha-bindiface, ha-mcastport, vip, os-internal-hostname, ha-bindiface, ha-mcastport, vip, os-internal-hostname,
os-admin-hostname, os-public-hostname os-admin-hostname, os-public-hostname, os-access-hostname
param: exclude_keys: list of setting key(s) to be excluded. param: exclude_keys: list of setting key(s) to be excluded.
returns: dict: A dict containing settings keyed by setting name. returns: dict: A dict containing settings keyed by setting name.
raises: HAIncompleteConfig if settings are missing or incorrect. raises: HAIncompleteConfig if settings are missing or incorrect.
''' '''
settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'os-internal-hostname', settings = ['ha-bindiface', 'ha-mcastport', 'vip', 'os-internal-hostname',
'os-admin-hostname', 'os-public-hostname'] 'os-admin-hostname', 'os-public-hostname', 'os-access-hostname']
conf = {} conf = {}
for setting in settings: for setting in settings:
if exclude_keys and setting in exclude_keys: if exclude_keys and setting in exclude_keys:
@ -324,7 +324,7 @@ def valid_hacluster_config():
# If dns-ha then one of os-*-hostname must be set # If dns-ha then one of os-*-hostname must be set
if dns: if dns:
dns_settings = ['os-internal-hostname', 'os-admin-hostname', dns_settings = ['os-internal-hostname', 'os-admin-hostname',
'os-public-hostname'] 'os-public-hostname', 'os-access-hostname']
# At this point it is unknown if one or all of the possible # At this point it is unknown if one or all of the possible
# network spaces are in HA. Validate at least one is set which is # network spaces are in HA. Validate at least one is set which is
# the minimum required. # the minimum required.

View File

@ -36,6 +36,10 @@ from charmhelpers.core.hookenv import (
DEBUG, DEBUG,
) )
from charmhelpers.core.host import (
lsb_release
)
from charmhelpers.contrib.openstack.ip import ( from charmhelpers.contrib.openstack.ip import (
resolve_address, resolve_address,
) )
@ -63,8 +67,11 @@ def update_dns_ha_resource_params(resources, resource_params,
DNS HA DNS HA
""" """
# Validate the charm environment for DNS HA
assert_charm_supports_dns_ha()
settings = ['os-admin-hostname', 'os-internal-hostname', settings = ['os-admin-hostname', 'os-internal-hostname',
'os-public-hostname'] 'os-public-hostname', 'os-access-hostname']
# Check which DNS settings are set and update dictionaries # Check which DNS settings are set and update dictionaries
hostname_group = [] hostname_group = []
@ -109,3 +116,15 @@ def update_dns_ha_resource_params(resources, resource_params,
msg = 'DNS HA: Hostname group has no members.' msg = 'DNS HA: Hostname group has no members.'
status_set('blocked', msg) status_set('blocked', msg)
raise DNSHAException(msg) raise DNSHAException(msg)
def assert_charm_supports_dns_ha():
"""Validate prerequisites for DNS HA
The MAAS client is only available on Xenial or greater
"""
if lsb_release().get('DISTRIB_RELEASE') < '16.04':
msg = ('DNS HA is only supported on 16.04 and greater '
'versions of Ubuntu.')
status_set('blocked', msg)
raise DNSHAException(msg)
return True

View File

@ -725,15 +725,14 @@ def git_install_requested():
requirements_dir = None requirements_dir = None
def git_default_repos(projects_yaml): def git_default_repos(projects):
""" """
Returns default repos if a default openstack-origin-git value is specified. Returns default repos if a default openstack-origin-git value is specified.
""" """
service = service_name() service = service_name()
core_project = service
for default, branch in GIT_DEFAULT_BRANCHES.iteritems(): for default, branch in GIT_DEFAULT_BRANCHES.iteritems():
if projects_yaml == default: if projects == default:
# add the requirements repo first # add the requirements repo first
repo = { repo = {
@ -743,41 +742,34 @@ def git_default_repos(projects_yaml):
} }
repos = [repo] repos = [repo]
# neutron-* and nova-* charms require some additional repos # neutron and nova charms require some additional repos
if service in ['neutron-api', 'neutron-gateway', if service == 'neutron':
'neutron-openvswitch']: for svc in ['neutron-fwaas', 'neutron-lbaas', 'neutron-vpnaas']:
core_project = 'neutron'
for project in ['neutron-fwaas', 'neutron-lbaas',
'neutron-vpnaas']:
repo = { repo = {
'name': project, 'name': svc,
'repository': GIT_DEFAULT_REPOS[project], 'repository': GIT_DEFAULT_REPOS[svc],
'branch': branch, 'branch': branch,
} }
repos.append(repo) repos.append(repo)
elif service == 'nova':
elif service in ['nova-cloud-controller', 'nova-compute']:
core_project = 'nova'
repo = { repo = {
'name': 'neutron', 'name': 'neutron',
'repository': GIT_DEFAULT_REPOS['neutron'], 'repository': GIT_DEFAULT_REPOS['neutron'],
'branch': branch, 'branch': branch,
} }
repos.append(repo) repos.append(repo)
elif service == 'openstack-dashboard':
core_project = 'horizon'
# finally add the current service's core project repo # finally add the current service's repo
repo = { repo = {
'name': core_project, 'name': service,
'repository': GIT_DEFAULT_REPOS[core_project], 'repository': GIT_DEFAULT_REPOS[service],
'branch': branch, 'branch': branch,
} }
repos.append(repo) repos.append(repo)
return yaml.dump(dict(repositories=repos)) return yaml.dump(dict(repositories=repos))
return projects_yaml return projects
def _git_yaml_load(projects_yaml): def _git_yaml_load(projects_yaml):

View File

@ -86,6 +86,10 @@ from charmhelpers.contrib.hahelpers.cluster import (
is_elected_leader, is_elected_leader,
) )
from charmhelpers.contrib.openstack.ha.utils import (
update_dns_ha_resource_params,
)
from charmhelpers.payload.execd import execd_preinstall from charmhelpers.payload.execd import execd_preinstall
from charmhelpers.contrib.openstack.ip import ( from charmhelpers.contrib.openstack.ip import (
@ -516,7 +520,7 @@ def cluster_changed():
@hooks.hook('ha-relation-joined') @hooks.hook('ha-relation-joined')
def ha_joined(): def ha_joined(relation_id=None):
cluster_config = get_hacluster_config() cluster_config = get_hacluster_config()
resources = { resources = {
'res_neutron_haproxy': 'lsb:haproxy', 'res_neutron_haproxy': 'lsb:haproxy',
@ -524,6 +528,11 @@ def ha_joined():
resource_params = { resource_params = {
'res_neutron_haproxy': 'op monitor interval="5s"' 'res_neutron_haproxy': 'op monitor interval="5s"'
} }
if config('dns-ha'):
update_dns_ha_resource_params(relation_id=relation_id,
resources=resources,
resource_params=resource_params)
else:
vip_group = [] vip_group = []
for vip in cluster_config['vip'].split(): for vip in cluster_config['vip'].split():
if is_ipv6(vip): if is_ipv6(vip):
@ -559,7 +568,8 @@ def ha_joined():
clones = { clones = {
'cl_nova_haproxy': 'res_neutron_haproxy' 'cl_nova_haproxy': 'res_neutron_haproxy'
} }
relation_set(init_services=init_services, relation_set(relation_id=relation_id,
init_services=init_services,
corosync_bindiface=cluster_config['ha-bindiface'], corosync_bindiface=cluster_config['ha-bindiface'],
corosync_mcastport=cluster_config['ha-mcastport'], corosync_mcastport=cluster_config['ha-mcastport'],
resources=resources, resources=resources,

View File

@ -75,6 +75,7 @@ TO_PATCH = [
'force_etcd_restart', 'force_etcd_restart',
'status_set', 'status_set',
'network_get_primary_address', 'network_get_primary_address',
'update_dns_ha_resource_params',
] ]
NEUTRON_CONF_DIR = "/etc/neutron" NEUTRON_CONF_DIR = "/etc/neutron"
@ -731,6 +732,7 @@ class NeutronAPIHooksTests(CharmTestCase):
self.get_iface_for_address.return_value = 'eth0' self.get_iface_for_address.return_value = 'eth0'
self.get_netmask_for_address.return_value = '255.255.255.0' self.get_netmask_for_address.return_value = '255.255.255.0'
_relation_data = { _relation_data = {
'relation_id': None,
'init_services': {'res_neutron_haproxy': 'haproxy'}, 'init_services': {'res_neutron_haproxy': 'haproxy'},
'corosync_bindiface': _ha_config['ha-bindiface'], 'corosync_bindiface': _ha_config['ha-bindiface'],
'corosync_mcastport': _ha_config['ha-mcastport'], 'corosync_mcastport': _ha_config['ha-mcastport'],
@ -763,6 +765,7 @@ class NeutronAPIHooksTests(CharmTestCase):
self.get_iface_for_address.return_value = None self.get_iface_for_address.return_value = None
self.get_netmask_for_address.return_value = None self.get_netmask_for_address.return_value = None
_relation_data = { _relation_data = {
'relation_id': None,
'init_services': {'res_neutron_haproxy': 'haproxy'}, 'init_services': {'res_neutron_haproxy': 'haproxy'},
'corosync_bindiface': _ha_config['ha-bindiface'], 'corosync_bindiface': _ha_config['ha-bindiface'],
'corosync_mcastport': _ha_config['ha-mcastport'], 'corosync_mcastport': _ha_config['ha-mcastport'],
@ -799,6 +802,7 @@ class NeutronAPIHooksTests(CharmTestCase):
self.get_iface_for_address.return_value = 'eth0' self.get_iface_for_address.return_value = 'eth0'
self.get_netmask_for_address.return_value = 'ffff.ffff.ffff.ffff' self.get_netmask_for_address.return_value = 'ffff.ffff.ffff.ffff'
_relation_data = { _relation_data = {
'relation_id': None,
'init_services': {'res_neutron_haproxy': 'haproxy'}, 'init_services': {'res_neutron_haproxy': 'haproxy'},
'corosync_bindiface': _ha_config['ha-bindiface'], 'corosync_bindiface': _ha_config['ha-bindiface'],
'corosync_mcastport': _ha_config['ha-mcastport'], 'corosync_mcastport': _ha_config['ha-mcastport'],
@ -817,6 +821,43 @@ class NeutronAPIHooksTests(CharmTestCase):
**_relation_data **_relation_data
) )
@patch.object(hooks, 'get_hacluster_config')
def test_ha_joined_dns_ha(self, _get_hacluster_config):
def _fake_update(resources, resource_params, relation_id=None):
resources.update({'res_neutron_public_hostname':
'ocf:maas:dns'})
resource_params.update({'res_neutron_public_hostname':
'params fqdn="neutron-api.maas" '
'ip_address="10.0.0.1"'})
self.test_config.set('dns-ha', True)
_get_hacluster_config.return_value = {
'vip': None,
'ha-bindiface': 'em0',
'ha-mcastport': '8080',
'os-admin-hostname': None,
'os-internal-hostname': None,
'os-public-hostname': 'neutron-api.maas',
}
args = {
'relation_id': None,
'corosync_bindiface': 'em0',
'corosync_mcastport': '8080',
'init_services': {'res_neutron_haproxy': 'haproxy'},
'resources': {'res_neutron_public_hostname': 'ocf:maas:dns',
'res_neutron_haproxy': 'lsb:haproxy'},
'resource_params': {
'res_neutron_public_hostname':
'params fqdn="neutron-api.maas" ip_address="10.0.0.1"',
'res_neutron_haproxy': 'op monitor interval="5s"'},
'clones': {'cl_nova_haproxy': 'res_neutron_haproxy'}
}
self.update_dns_ha_resource_params.side_effect = _fake_update
hooks.ha_joined()
self.assertTrue(self.update_dns_ha_resource_params.called)
self.relation_set.assert_called_with(**args)
def test_ha_changed(self): def test_ha_changed(self):
self.test_relation.set({ self.test_relation.set({
'clustered': 'true', 'clustered': 'true',