Merge "Add spec for Multisite Ceph RADOS Gateway"
This commit is contained in:
commit
e4f93b041e
|
@ -0,0 +1,140 @@
|
||||||
|
..
|
||||||
|
Copyright 2018 Canonical Ltd.
|
||||||
|
|
||||||
|
This work is licensed under a Creative Commons Attribution 3.0
|
||||||
|
Unported License.
|
||||||
|
http://creativecommons.org/licenses/by/3.0/legalcode
|
||||||
|
|
||||||
|
..
|
||||||
|
This template should be in ReSTructured text. Please do not delete
|
||||||
|
any of the sections in this template. If you have nothing to say
|
||||||
|
for a whole section, just write: "None". For help with syntax, see
|
||||||
|
http://sphinx-doc.org/rest.html To test out your formatting, see
|
||||||
|
http://www.tele3.cz/jbar/rest/rest.html
|
||||||
|
|
||||||
|
====================================
|
||||||
|
RadosGW Charm Multi-site Replication
|
||||||
|
====================================
|
||||||
|
|
||||||
|
Problem Description
|
||||||
|
===================
|
||||||
|
|
||||||
|
RadosGW `multi-site configuration <http://docs.ceph.com/docs/luminous/radosgw/multisite/>`__ can be set up to provide object sync for
|
||||||
|
disaster recovery and other purposes such as using the same object data stored
|
||||||
|
in a Ceph cluster local to a cloud region. A typical setup would look like
|
||||||
|
this:
|
||||||
|
|
||||||
|
* One zone per Zone Group (1 cluster per “region”);
|
||||||
|
* Multiple Zone Groups (“regions”);
|
||||||
|
* One Realm;
|
||||||
|
* Mode of operation: active-active or active-passive.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
|
||||||
|
Ceph does support active-passive configurations, but to simplify
|
||||||
|
deployment choice the charms will only support active-active.
|
||||||
|
|
||||||
|
There could also be more complex configurations with multiple zones (clusters)
|
||||||
|
per zone group.
|
||||||
|
|
||||||
|
In order to set this up, independent radosgw application deployments in
|
||||||
|
different Juju models have to be aware of each other and set up the
|
||||||
|
necessary configuration:
|
||||||
|
|
||||||
|
* Realm name for radosgw;
|
||||||
|
* Master zone group and master zone configuration;
|
||||||
|
* a system user for authentication between daemons;
|
||||||
|
* Access key and secret key setup for master zone authentication;
|
||||||
|
* A period needs to be updated after configuration changes to change an epoch.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
|
||||||
|
Migration of an existing single site ceph-radosgw deployment to a
|
||||||
|
multi-zone deployment will not be supported by the charms.
|
||||||
|
|
||||||
|
Proposed Change
|
||||||
|
===============
|
||||||
|
|
||||||
|
To be able to configure multi-site radosgw deployments it is necessary to
|
||||||
|
modify the radosgw charm to support cross-model relations between multiple
|
||||||
|
radosgw applications. This relation will be used to exchange endpoint and
|
||||||
|
authentication information between the RADOS gateway deployment for
|
||||||
|
configuration of replication.
|
||||||
|
|
||||||
|
The charms will target a fix topology with a single realm and zone group
|
||||||
|
and two zones. Its assumed that zones will be supported by separate
|
||||||
|
Ceph clusters but this is not a hard requirement (but is recommended).
|
||||||
|
|
||||||
|
Actions will be provided to promote and demote a RADOS gateway cluster
|
||||||
|
to and from master status. No automatic failover will be provided and
|
||||||
|
these operations must be performed by an operator in the event of site
|
||||||
|
failover/failback.
|
||||||
|
|
||||||
|
Alternatives
|
||||||
|
------------
|
||||||
|
|
||||||
|
As this is a RADOS gateway specific feature, no alternatives have been
|
||||||
|
considered.
|
||||||
|
|
||||||
|
Implementation
|
||||||
|
==============
|
||||||
|
|
||||||
|
Assignee(s)
|
||||||
|
-----------
|
||||||
|
|
||||||
|
Primary assignee:
|
||||||
|
|
||||||
|
Gerrit Topic
|
||||||
|
------------
|
||||||
|
|
||||||
|
Use Gerrit topic "radosgw-multi-site" for all patches related to this spec.
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
git-review -t radosgw-multi-site
|
||||||
|
|
||||||
|
Work Items
|
||||||
|
----------
|
||||||
|
|
||||||
|
* Implement support for new (cross-model) relation 'rgw-peer' between radosgw
|
||||||
|
applications associated with different Ceph clusters.
|
||||||
|
* Add support for additional configuration keys to set up realm, zonegroup and
|
||||||
|
zone for each ceph-radosgw deployment.
|
||||||
|
* Implement functionality to set up a master zone and add secondary zones to
|
||||||
|
it.
|
||||||
|
* Write unit tests for newly added features.
|
||||||
|
* Write functional tests that include the deployment of multiple clusters and
|
||||||
|
verification of object synchronization.
|
||||||
|
|
||||||
|
Repositories
|
||||||
|
------------
|
||||||
|
|
||||||
|
No new git repositories will be created.
|
||||||
|
|
||||||
|
Documentation
|
||||||
|
-------------
|
||||||
|
|
||||||
|
The ``radosgw`` charm README should contain instructions on deploying the
|
||||||
|
charm with new functionality enabled.
|
||||||
|
|
||||||
|
Security
|
||||||
|
--------
|
||||||
|
|
||||||
|
- TLS termination can be enabled on any side and needs to be supported without
|
||||||
|
manual steps of synchronizing CA certificates between sites. SSL CA certs
|
||||||
|
will be shared between RADOS peers using the new rgw-peer relation.
|
||||||
|
|
||||||
|
Testing
|
||||||
|
-------
|
||||||
|
|
||||||
|
Code written or changed will be covered by unit tests; functional testing will
|
||||||
|
be done using ``Zaza``.
|
||||||
|
|
||||||
|
Dependencies
|
||||||
|
============
|
||||||
|
|
||||||
|
The ceph-radosgw charm currently uses the old-style radosgw systemd unit and
|
||||||
|
a global cephx key for access to the underlying Ceph cluster.
|
||||||
|
|
||||||
|
The charm should be migrated to use the new ceph-radosgw systemd units and
|
||||||
|
switch to use of cephx keys which are specific to individual radosgw units.
|
Loading…
Reference in New Issue