Cleanup HA Guide

Cleanup HA Guide to better follow our XML conventions and practices:
* Change simpara to para. We do not use simpare in our guides.
* Remove <info> around titles, this is not really needed and not done in
  other guides.
* Change <xi:include href="./file.xml" to <xi:include href="file.xml"
* Fix usage of screen
* Remove unneeded link xmlns:xlink="http://www.w3.org/1999/xlink"
  declarations.
* Remove space before ":"

Partial-Bug: #1217503

Change-Id: Ie90a7c60be4646a95b7d8aec88773d199fc1a1b2
This commit is contained in:
Andreas Jaeger 2014-07-07 20:53:11 +02:00
parent 0213669a23
commit 896d83a04f
42 changed files with 915 additions and 910 deletions

View File

@ -2,10 +2,10 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-api-pacemaker">
<info>
<title>Configure Pacemaker group</title>
</info>
<simpara>Finally, we need to create a service <literal>group</literal> to ensure that virtual IP is linked to the API services resources:</simpara>
<para>Finally, we need to create a service <literal>group</literal> to ensure that virtual IP is linked to the API services resources:</para>
<screen>group g_services_api p_api-ip p_keystone p_glance-api p_cinder-api \
p_neutron-server p_glance-registry p_ceilometer-agent-central</screen>
</section>

View File

@ -2,13 +2,12 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-api-vip">
<info>
<title>Configure the VIP</title>
</info>
<simpara>First, you must select and assign a virtual IP address (VIP) that can freely float between cluster nodes.</simpara>
<simpara>This configuration creates <literal>p_ip_api</literal>, a virtual IP address for use by the API node (192.168.42.103) :</simpara>
<para>First, you must select and assign a virtual IP address (VIP) that can freely float between cluster nodes.</para>
<para>This configuration creates <literal>p_ip_api</literal>, a virtual IP address for use by the API node (192.168.42.103):</para>
<screen>primitive p_api-ip ocf:heartbeat:IPaddr2 \
params ip="192.168.42.103" cidr_netmask="24" \
op monitor interval="30s"</screen>
</section>

View File

@ -2,65 +2,65 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-ceilometer-agent-central">
<info>
<title>Highly available Telemetry central agent</title>
</info>
<simpara>Telemetry (ceilometer) is the metering and monitoring service in
<para>Telemetry (ceilometer) is the metering and monitoring service in
OpenStack. The Central agent polls for resource utilization
statistics for resources not tied to instances or compute nodes.</simpara>
statistics for resources not tied to instances or compute nodes.</para>
<note>
<simpara>Due to limitations of a polling model, a single instance of this agent
<para>Due to limitations of a polling model, a single instance of this agent
can be polling a given list of meters. In this setup, we install this service
on the API nodes also in the active / passive mode.</simpara>
on the API nodes also in the active / passive mode.</para>
</note>
<simpara>Making the Telemetry central agent service highly available in active / passive mode involves
managing its daemon with the Pacemaker cluster manager.</simpara>
<para>Making the Telemetry central agent service highly available in active / passive mode involves
managing its daemon with the Pacemaker cluster manager.</para>
<note>
<simpara>You will find at <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/developer/ceilometer/install/manual.html#installing-the-central-agent">this page</link>
the process to install the Telemetry central agent.</simpara>
<para>You will find at <link xlink:href="http://docs.openstack.org/developer/ceilometer/install/manual.html#installing-the-central-agent">this page</link>
the process to install the Telemetry central agent.</para>
</note>
<section xml:id="_add_the_telemetry_central_agent_resource_to_pacemaker">
<info>
<title>Add the Telemetry central agent resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/ceilometer-agent-central
chmod a+rx *</screen>
<simpara>You may then proceed with adding the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/ceilometer-agent-central</userinput>
<prompt>#</prompt> <userinput>chmod a+rx *</userinput></screen>
<para>You may then proceed with adding the Pacemaker configuration for
the Telemetry central agent resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_ceilometer-agent-central ocf:openstack:ceilometer-agent-central \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_ceilometer-agent-central ocf:openstack:ceilometer-agent-central \
params config="/etc/ceilometer/ceilometer.conf" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates</simpara>
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_ceilometer-agent-central</literal>, a resource for manage Ceilometer Central Agent service
</simpara>
<para><literal>p_ceilometer-agent-central</literal>, a resource for manage Ceilometer Central Agent service
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
required.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the Ceilometer Central Agent
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_telemetry_central_agent_service">
<info>
<title>Configure Telemetry central agent service</title>
</info>
<simpara>Edit <literal>/etc/ceilometer/ceilometer.conf</literal> :</simpara>
<screen># We use API VIP for Identity Service connection :
<para>Edit <filename>/etc/ceilometer/ceilometer.conf</filename>:</para>
<programlisting language="ini"># We use API VIP for Identity Service connection:
os_auth_url=http://192.168.42.103:5000/v2.0
# We send notifications to High Available RabbitMQ :
# We send notifications to High Available RabbitMQ:
notifier_strategy = rabbit
rabbit_host = 192.168.42.102
[database]
# We have to use MySQL connection to store data :
sql_connection=mysql://ceilometer:password@192.168.42.101/ceilometer</screen>
# We have to use MySQL connection to store data:
sql_connection=mysql://ceilometer:password@192.168.42.101/ceilometer</programlisting>
</section>
</section>

View File

@ -2,69 +2,69 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-cinder-api">
<info>
<title>Highly available Block Storage API</title>
</info>
<simpara>Making the Block Storage (cinder) API service highly available in active / passive mode involves</simpara>
<para>Making the Block Storage (cinder) API service highly available in active / passive mode involves</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Configure Block Storage to listen on the VIP address,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
managing Block Storage API daemon with the Pacemaker cluster manager,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure OpenStack services to use this IP address.
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara>Here is the
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_cinder.html">documentation</link>
for installing Block Storage service.</simpara>
<para>Here is the
<link xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_cinder.html">documentation</link>
for installing Block Storage service.</para>
</note>
<section xml:id="_add_block_storage_api_resource_to_pacemaker">
<info>
<title>Add Block Storage API resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/cinder-api
chmod a+rx *</screen>
<simpara>You can now add the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/cinder-api</userinput>
<prompt>#</prompt> <userinput>chmod a+rx *</userinput></screen>
<para>You can now add the Pacemaker configuration for
Block Storage API resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_cinder-api ocf:openstack:cinder-api \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_cinder-api ocf:openstack:cinder-api \
params config="/etc/cinder/cinder.conf" os_password="secrete" os_username="admin" \
os_tenant_name="admin" keystone_get_token_url="http://192.168.42.103:5000/v2.0/tokens" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates</simpara>
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_cinder-api</literal>, a resource for manage Block Storage API service
</simpara>
<para><literal>p_cinder-api</literal>, a resource for manage Block Storage API service
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required. For example, you may enter <literal>edit p_ip_cinder-api</literal> from the
<literal>crm configure</literal> menu and edit the resource to match your preferred
virtual IP address.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
virtual IP address.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the Block Storage API
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_block_storage_api_service">
<info>
<title>Configure Block Storage API service</title>
</info>
<simpara>Edit <literal>/etc/cinder/cinder.conf</literal>:</simpara>
<screen># We have to use MySQL connection to store data:
<para>Edit <filename>/etc/cinder/cinder.conf</filename>:</para>
<programlisting language="ini"># We have to use MySQL connection to store data:
sql_connection=mysql://cinder:password@192.168.42.101/cinder
# We bind Block Storage API to the VIP:
@ -72,19 +72,22 @@ osapi_volume_listen = 192.168.42.103
# We send notifications to High Available RabbitMQ:
notifier_strategy = rabbit
rabbit_host = 192.168.42.102</screen>
rabbit_host = 192.168.42.102</programlisting>
</section>
<section xml:id="_configure_openstack_services_to_use_highly_available_block_storage_api">
<info>
<title>Configure OpenStack services to use highly available Block Storage API</title>
</info>
<simpara>Your OpenStack services must now point their Block Storage API configuration to
<para>Your OpenStack services must now point their Block Storage API configuration to
the highly available, virtual cluster IP addressrather than a
Block Storage API servers physical IP address as you normally would.</simpara>
<simpara>You must create the Block Storage API endpoint with this IP.</simpara>
Block Storage API servers physical IP address as you normally would.</para>
<para>You must create the Block Storage API endpoint with this IP.</para>
<note>
<simpara>If you are using both private and public IP, you should create two Virtual IPs and define your endpoint like this:</simpara>
<para>If you are using both private and public IP, you should create two Virtual IPs and define your endpoint like this:</para>
</note>
<screen>keystone endpoint-create --region $KEYSTONE_REGION --service-id $service-id --publicurl 'http://PUBLIC_VIP:8776/v1/%(tenant_id)s' --adminurl 'http://192.168.42.103:8776/v1/%(tenant_id)s' --internalurl 'http://192.168.42.103:8776/v1/%(tenant_id)s'</screen>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create --region $KEYSTONE_REGION \
--service-id $service-id --publicurl 'http://PUBLIC_VIP:8776/v1/%(tenant_id)s' \
--adminurl 'http://192.168.42.103:8776/v1/%(tenant_id)s' \
--internalurl 'http://192.168.42.103:8776/v1/%(tenant_id)s'</userinput></screen>
</section>
</section>

View File

@ -2,67 +2,67 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-glance-api">
<info>
<title>Highly available OpenStack Image API</title>
</info>
<simpara>OpenStack Image Service offers a service for discovering, registering, and retrieving virtual machine images.
To make the OpenStack Image API service highly available in active / passive mode, you must:</simpara>
<para>OpenStack Image Service offers a service for discovering, registering, and retrieving virtual machine images.
To make the OpenStack Image API service highly available in active / passive mode, you must:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Configure OpenStack Image to listen on the VIP address.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Manage OpenStack Image API daemon with the Pacemaker cluster manager.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure OpenStack services to use this IP address.
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara>Here is the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_installing-openstack-image.html">documentation</link> for installing OpenStack Image API service.</simpara>
<para>Here is the <link xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_installing-openstack-image.html">documentation</link> for installing OpenStack Image API service.</para>
</note>
<section xml:id="_add_openstack_image_api_resource_to_pacemaker">
<info>
<title>Add OpenStack Image API resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/glance-api
chmod a+rx *</screen>
<simpara>You can now add the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/glance-api</userinput>
<prompt>#</prompt> <userinput>chmod a+rx *</userinput></screen>
<para>You can now add the Pacemaker configuration for
OpenStack Image API resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_glance-api ocf:openstack:glance-api \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_glance-api ocf:openstack:glance-api \
params config="/etc/glance/glance-api.conf" os_password="secrete" os_username="admin" os_tenant_name="admin" os_auth_url="http://192.168.42.103:5000/v2.0/" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates</simpara>
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_glance-api</literal>, a resource for manage OpenStack Image API service
</simpara>
<para><literal>p_glance-api</literal>, a resource for manage OpenStack Image API service
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required. For example, you may enter <literal>edit p_ip_glance-api</literal> from the
<literal>crm configure</literal> menu and edit the resource to match your preferred
virtual IP address.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
virtual IP address.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the OpenStack Image API
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_openstack_image_service_api">
<info>
<title>Configure OpenStack Image Service API</title>
</info>
<simpara>Edit <literal>/etc/glance/glance-api.conf</literal>:</simpara>
<screen># We have to use MySQL connection to store data:
<para>Edit <filename>/etc/glance/glance-api.conf</filename>:</para>
<programlisting language="ini"># We have to use MySQL connection to store data:
sql_connection=mysql://glance:password@192.168.42.101/glance
# We bind OpenStack Image API to the VIP:
@ -73,23 +73,26 @@ registry_host = 192.168.42.103
# We send notifications to High Available RabbitMQ:
notifier_strategy = rabbit
rabbit_host = 192.168.42.102</screen>
rabbit_host = 192.168.42.102</programlisting>
</section>
<section xml:id="_configure_openstack_services_to_use_high_available_openstack_image_api">
<info>
<title>Configure OpenStack services to use high available OpenStack Image API</title>
</info>
<simpara>Your OpenStack services must now point their OpenStack Image API configuration to
<para>Your OpenStack services must now point their OpenStack Image API configuration to
the highly available, virtual cluster IP addressrather than an
OpenStack Image API servers physical IP address as you normally would.</simpara>
<simpara>For OpenStack Compute, for example, if your OpenStack Image API service IP address is
OpenStack Image API servers physical IP address as you normally would.</para>
<para>For OpenStack Compute, for example, if your OpenStack Image API service IP address is
192.168.42.104 as in the configuration explained here, you would use
the following line in your <literal>nova.conf</literal> file:</simpara>
<screen>glance_api_servers = 192.168.42.103</screen>
<simpara>You must also create the OpenStack Image API endpoint with this IP.</simpara>
the following line in your <filename>nova.conf</filename> file:</para>
<programlisting language="ini">glance_api_servers = 192.168.42.103</programlisting>
<para>You must also create the OpenStack Image API endpoint with this IP.</para>
<note>
<simpara>If you are using both private and public IP addresses, you should create two Virtual IP addresses and define your endpoint like this:</simpara>
<para>If you are using both private and public IP addresses, you should create two Virtual IP addresses and define your endpoint like this:</para>
</note>
<screen>keystone endpoint-create --region $KEYSTONE_REGION --service-id $service-id --publicurl 'http://PUBLIC_VIP:9292' --adminurl 'http://192.168.42.103:9292' --internalurl 'http://192.168.42.103:9292'</screen>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create --region $KEYSTONE_REGION \
--service-id $service-id --publicurl 'http://PUBLIC_VIP:9292' \
--adminurl 'http://192.168.42.103:9292' \
--internalurl 'http://192.168.42.103:9292'</userinput></screen>
</section>
</section>

View File

@ -2,91 +2,94 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-keystone">
<info>
<title>Highly available OpenStack Identity</title>
</info>
<simpara>OpenStack Identity is the Identity Service in OpenStack and used by many services.
Making the OpenStack Identity service highly available in active / passive mode involves</simpara>
<para>OpenStack Identity is the Identity Service in OpenStack and used by many services.
Making the OpenStack Identity service highly available in active / passive mode involves</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Configure OpenStack Identity to listen on the VIP address,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
managing OpenStack Identity daemon with the Pacemaker cluster manager,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure OpenStack services to use this IP address.
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara>Here is the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_installing-openstack-identity-service.html">documentation</link> for installing OpenStack Identity service.</simpara>
<para>Here is the <link xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_installing-openstack-identity-service.html">documentation</link> for installing OpenStack Identity service.</para>
</note>
<section xml:id="_add_openstack_identity_resource_to_pacemaker">
<info>
<title>Add OpenStack Identity resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d
mkdir openstack
cd openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/keystone
chmod a+rx *</screen>
<simpara>You can now add the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d</userinput>
<prompt>#</prompt> <userinput>mkdir openstack</userinput>
<prompt>#</prompt> <userinput>cd openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/keystone</userinput>
<prompt>#</prompt> <userinput>chmod a+rx *</userinput></screen>
<para>You can now add the Pacemaker configuration for
OpenStack Identity resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_keystone ocf:openstack:keystone \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_keystone ocf:openstack:keystone \
params config="/etc/keystone/keystone.conf" os_password="secret" os_username="admin" os_tenant_name="admin" os_auth_url="http://192.168.42.103:5000/v2.0/" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates <literal>p_keystone</literal>, a resource for managing the OpenStack Identity service.</simpara>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates <literal>p_keystone</literal>, a resource for managing the OpenStack Identity service.</para>
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required. For example, you may enter <literal>edit p_ip_keystone</literal> from the
<literal>crm configure</literal> menu and edit the resource to match your preferred
virtual IP address.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
virtual IP address.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the OpenStack Identity
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_openstack_identity_service">
<info>
<title>Configure OpenStack Identity service</title>
</info>
<simpara>You need to edit your OpenStack Identity configuration file (<literal>keystone.conf</literal>) and change the bind parameters:</simpara>
<simpara>On Havana:</simpara>
<screen>bind_host = 192.168.42.103</screen>
<simpara>On Icehouse, the <literal>admin_bind_host</literal> option lets you use a private network for the admin access.</simpara>
<screen>public_bind_host = 192.168.42.103
admin_bind_host = 192.168.42.103</screen>
<simpara>To be sure all data will be highly available, you should be sure that you store everything in the MySQL database (which is also highly available):</simpara>
<screen>[catalog]
<para>You need to edit your OpenStack Identity configuration file (<filename>keystone.conf</filename>) and change the bind parameters:</para>
<para>On Havana:</para>
<programlisting language="ini">bind_host = 192.168.42.103</programlisting>
<para>On Icehouse, the <literal>admin_bind_host</literal> option lets you use a private network for the admin access.</para>
<programlisting language="ini">public_bind_host = 192.168.42.103
admin_bind_host = 192.168.42.103</programlisting>
<para>To be sure all data will be highly available, you should be sure that you store everything in the MySQL database (which is also highly available):</para>
<programlisting language="ini">[catalog]
driver = keystone.catalog.backends.sql.Catalog
...
[identity]
driver = keystone.identity.backends.sql.Identity
...</screen>
...</programlisting>
</section>
<section xml:id="_configure_openstack_services_to_use_the_highly_available_openstack_identity">
<info>
<title>Configure OpenStack services to use the highly available OpenStack Identity</title>
</info>
<simpara>Your OpenStack services must now point their OpenStack Identity configuration to
<para>Your OpenStack services must now point their OpenStack Identity configuration to
the highly available, virtual cluster IP addressrather than a
OpenStack Identity servers physical IP address as you normally would.</simpara>
<simpara>For example with OpenStack Compute, if your OpenStack Identity service IP address is
OpenStack Identity servers physical IP address as you normally would.</para>
<para>For example with OpenStack Compute, if your OpenStack Identity service IP address is
192.168.42.103 as in the configuration explained here, you would use
the following line in your API configuration file
(<literal>api-paste.ini</literal>):</simpara>
<screen>auth_host = 192.168.42.103</screen>
<simpara>You also need to create the OpenStack Identity Endpoint with this IP.</simpara>
<simpara>NOTE : If you are using both private and public IP addresses, you should create two Virtual IP addresses and define your endpoint like this:</simpara>
<screen>keystone endpoint-create --region $KEYSTONE_REGION --service-id $service-id --publicurl 'http://PUBLIC_VIP:5000/v2.0' --adminurl 'http://192.168.42.103:35357/v2.0' --internalurl 'http://192.168.42.103:5000/v2.0'</screen>
<simpara>If you are using the horizon dashboard, you should edit the <literal>local_settings.py</literal> file:</simpara>
<screen>OPENSTACK_HOST = 192.168.42.103</screen>
(<literal>api-paste.ini</literal>):</para>
<programlisting language="ini">auth_host = 192.168.42.103</programlisting>
<para>You also need to create the OpenStack Identity Endpoint with this IP.</para>
<para>NOTE: If you are using both private and public IP addresses, you should create two Virtual IP addresses and define your endpoint like this:</para>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create --region $KEYSTONE_REGION \
--service-id $service-id --publicurl 'http://PUBLIC_VIP:5000/v2.0' \
--adminurl 'http://192.168.42.103:35357/v2.0' \
--internalurl 'http://192.168.42.103:5000/v2.0'</userinput></screen>
<para>If you are using the horizon dashboard, you should edit the <literal>local_settings.py</literal> file:</para>
<programlisting>OPENSTACK_HOST = 192.168.42.103</programlisting>
</section>
</section>

View File

@ -2,62 +2,62 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-neutron-server">
<info>
<title>Highly available OpenStack Networking server</title>
</info>
<simpara>OpenStack Networking is the network connectivity service in OpenStack.
Making the OpenStack Networking Server service highly available in active / passive mode involves</simpara>
<para>OpenStack Networking is the network connectivity service in OpenStack.
Making the OpenStack Networking Server service highly available in active / passive mode involves</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Configure OpenStack Networking to listen on the VIP address,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
managing OpenStack Networking API Server daemon with the Pacemaker cluster manager,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure OpenStack services to use this IP address.
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara>Here is the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_installing-openstack-networking.html">documentation</link> for installing OpenStack Networking service.</simpara>
<para>Here is the <link xlink:href="http://docs.openstack.org/trunk/install-guide/install/apt/content/ch_installing-openstack-networking.html">documentation</link> for installing OpenStack Networking service.</para>
</note>
<section xml:id="_add_openstack_networking_server_resource_to_pacemaker">
<info>
<title>Add OpenStack Networking Server resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-server
chmod a+rx *</screen>
<simpara>You can now add the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-server</userinput>
<prompt>#</prompt> <userinput>chmod a+rx *</userinput></screen>
<para>You can now add the Pacemaker configuration for
OpenStack Networking Server resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_neutron-server ocf:openstack:neutron-server \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_neutron-server ocf:openstack:neutron-server \
params os_password="secrete" os_username="admin" os_tenant_name="admin" \
keystone_get_token_url="http://192.168.42.103:5000/v2.0/tokens" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates <literal>p_neutron-server</literal>, a resource for manage OpenStack Networking Server service</simpara>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates <literal>p_neutron-server</literal>, a resource for manage OpenStack Networking Server service</para>
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required. For example, you may enter <literal>edit p_neutron-server</literal> from the
<literal>crm configure</literal> menu and edit the resource to match your preferred
virtual IP address.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
virtual IP address.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the OpenStack Networking API
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_openstack_networking_server">
<info>
<title>Configure OpenStack Networking server</title>
</info>
<simpara>Edit <literal>/etc/neutron/neutron.conf</literal> :</simpara>
<screen># We bind the service to the VIP:
<para>Edit <filename>/etc/neutron/neutron.conf</filename>:</para>
<programlisting language="ini"># We bind the service to the VIP:
bind_host = 192.168.42.103
# We bind OpenStack Networking Server to the VIP:
@ -69,21 +69,24 @@ rabbit_host = 192.168.42.102
[database]
# We have to use MySQL connection to store data:
connection = mysql://neutron:password@192.168.42.101/neutron</screen>
connection = mysql://neutron:password@192.168.42.101/neutron</programlisting>
</section>
<section xml:id="_configure_openstack_services_to_use_highly_available_openstack_networking_server">
<info>
<title>Configure OpenStack services to use highly available OpenStack Networking server</title>
</info>
<simpara>Your OpenStack services must now point their OpenStack Networking Server configuration to
<para>Your OpenStack services must now point their OpenStack Networking Server configuration to
the highly available, virtual cluster IP addressrather than an
OpenStack Networking servers physical IP address as you normally would.</simpara>
<simpara>For example, you should configure OpenStack Compute for using highly available OpenStack Networking server in editing <literal>nova.conf</literal> file:</simpara>
<screen>neutron_url = http://192.168.42.103:9696</screen>
<simpara>You need to create the OpenStack Networking server endpoint with this IP.</simpara>
OpenStack Networking servers physical IP address as you normally would.</para>
<para>For example, you should configure OpenStack Compute for using highly available OpenStack Networking server in editing <literal>nova.conf</literal> file:</para>
<programlisting language="ini">neutron_url = http://192.168.42.103:9696</programlisting>
<para>You need to create the OpenStack Networking server endpoint with this IP.</para>
<note>
<simpara>If you are using both private and public IP addresses, you should create two Virtual IP addresses and define your endpoint like this:</simpara>
<para>If you are using both private and public IP addresses, you should create two Virtual IP addresses and define your endpoint like this:</para>
</note>
<screen>keystone endpoint-create --region $KEYSTONE_REGION --service-id $service-id --publicurl 'http://PUBLIC_VIP:9696/' --adminurl 'http://192.168.42.103:9696/' --internalurl 'http://192.168.42.103:9696/'</screen>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create --region $KEYSTONE_REGION --service-id $service-id \
--publicurl 'http://PUBLIC_VIP:9696/' \
--adminurl 'http://192.168.42.103:9696/' \
--internalurl 'http://192.168.42.103:9696/'</userinput></screen>
</section>
</section>

View File

@ -4,8 +4,9 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0">
<info>
<title>OpenStack High Availability Guide</title>
<info>
<author>
<personname>
<firstname>Florian</firstname>
@ -77,12 +78,12 @@
</revdescription>
</revision>
</revhistory>
</info>
</info>
<xi:include href="../common/ch_preface.xml"/>
<xi:include href="./ch_intro.xml"/>
<xi:include href="./part_active_passive.xml"/>
<xi:include href="./part_active_active.xml"/>
<xi:include href="ch_intro.xml"/>
<xi:include href="part_active_passive.xml"/>
<xi:include href="part_active_active.xml"/>
<xi:include href="../common/app_support.xml"/>
</book>

View File

@ -3,18 +3,18 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ch-api">
<info>
<title>API node cluster stack</title>
</info>
<simpara>The API node exposes OpenStack API endpoints onto external network (Internet).
It must talk to the cloud controller on the management network.</simpara>
<xi:include href="./api/section_api_vip.xml"/>
<xi:include href="./api/section_keystone.xml"/>
<xi:include href="./api/section_glance_api.xml"/>
<xi:include href="./api/section_cinder_api.xml"/>
<xi:include href="./api/section_neutron_server.xml"/>
<xi:include href="./api/section_ceilometer_agent_central.xml"/>
<xi:include href="./api/section_api_pacemaker.xml"/>
<title>API node cluster stack</title>
<para>The API node exposes OpenStack API endpoints onto external network (Internet).
It must talk to the cloud controller on the management network.</para>
<xi:include href="api/section_api_vip.xml"/>
<xi:include href="api/section_keystone.xml"/>
<xi:include href="api/section_glance_api.xml"/>
<xi:include href="api/section_cinder_api.xml"/>
<xi:include href="api/section_neutron_server.xml"/>
<xi:include href="api/section_ceilometer_agent_central.xml"/>
<xi:include href="api/section_api_pacemaker.xml"/>
</chapter>

View File

@ -3,12 +3,12 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ch-controller">
<info>
<title>Cloud controller cluster stack</title>
</info>
<simpara>The cloud controller runs on the management network and must talk to all other services.</simpara>
<xi:include href="./controller/section_mysql.xml"/>
<xi:include href="./controller/section_rabbitmq.xml"/>
<title>Cloud controller cluster stack</title>
<para>The cloud controller runs on the management network and must talk to all other services.</para>
<xi:include href="controller/section_mysql.xml"/>
<xi:include href="controller/section_rabbitmq.xml"/>
</chapter>

View File

@ -3,29 +3,29 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-controllers">
<info>
<title>OpenStack controller nodes</title>
</info>
<simpara>OpenStack controller nodes contain:</simpara>
<para>OpenStack controller nodes contain:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
All OpenStack API services
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
All OpenStack schedulers
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Memcached service
</simpara>
</para>
</listitem>
</itemizedlist>
<xi:include href="./ha_aa_controllers/section_run_openstack_api_and_schedulers.xml"/>
<xi:include href="./ha_aa_controllers/section_memcached.xml"/>
<xi:include href="ha_aa_controllers/section_run_openstack_api_and_schedulers.xml"/>
<xi:include href="ha_aa_controllers/section_memcached.xml"/>
</chapter>

View File

@ -3,19 +3,19 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-db">
<info>
<title>Database</title>
</info>
<simpara>The first step is installing the database that sits at the heart of the
<para>The first step is installing the database that sits at the heart of the
cluster. When we talk about High Availability, we talk about several databases (for redundancy) and a
means to keep them synchronized. In this case, we must choose the
MySQL database, along with Galera for synchronous multi-master replication.</simpara>
<simpara>The choice of database isnt a foregone conclusion; youre not required
MySQL database, along with Galera for synchronous multi-master replication.</para>
<para>The choice of database isnt a foregone conclusion; youre not required
to use MySQL. It is, however, a fairly common choice in OpenStack
installations, so well cover it here.</simpara>
installations, so well cover it here.</para>
<xi:include href="./ha_aa_db/section_ha_aa_db_mysql_galera.xml"/>
<xi:include href="./ha_aa_db/section_ha_aa_db_galera_monitoring.xml"/>
<xi:include href="./ha_aa_db/section_other_ways_to_provide_a_highly_available_database.xml"/>
<xi:include href="ha_aa_db/section_ha_aa_db_mysql_galera.xml"/>
<xi:include href="ha_aa_db/section_ha_aa_db_galera_monitoring.xml"/>
<xi:include href="ha_aa_db/section_other_ways_to_provide_a_highly_available_database.xml"/>
</chapter>

View File

@ -3,18 +3,18 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-haproxy">
<info>
<title>HAproxy nodes</title>
</info>
<simpara>HAProxy is a very fast and reliable solution offering high availability, load balancing, and proxying
<para>HAProxy is a very fast and reliable solution offering high availability, load balancing, and proxying
for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads
while needing persistence or Layer 7 processing. Supporting tens of thousands of connections is clearly
realistic with todays hardware.</simpara>
<simpara>For installing HAproxy on your nodes, you should consider its <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://haproxy.1wt.eu/#docs">official documentation</link>.
realistic with todays hardware.</para>
<para>For installing HAproxy on your nodes, you should consider its <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://haproxy.1wt.eu/#docs">official documentation</link>.
Also, you have to consider that this service should not be a single point of failure, so you need at least two
nodes running HAproxy.</simpara>
<simpara>Here is an example for HAproxy configuration file:</simpara>
<screen>global
nodes running HAproxy.</para>
<para>Here is an example for HAproxy configuration file:</para>
<programlisting>global
chroot /var/lib/haproxy
daemon
group haproxy
@ -152,6 +152,6 @@ listen swift_proxy_cluster
option tcplog
option tcpka
server controller1 10.0.0.1:8080 check inter 2000 rise 2 fall 5
server controller2 10.0.0.2:8080 check inter 2000 rise 2 fall 5</screen>
<simpara>After each change of this file, you should restart HAproxy.</simpara>
server controller2 10.0.0.2:8080 check inter 2000 rise 2 fall 5</programlisting>
<para>After each change of this file, you should restart HAproxy.</para>
</chapter>

View File

@ -3,47 +3,47 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-network">
<info>
<title>OpenStack network nodes</title>
</info>
<simpara>OpenStack network nodes contain:</simpara>
<para>OpenStack network nodes contain:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
neutron DHCP agent
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
neutron L2 agent
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Neutron L3 agent
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
neutron metadata agent
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
neutron lbaas agent
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara>The neutron L2 agent does not need to be highly available. It has to be
<para>The neutron L2 agent does not need to be highly available. It has to be
installed on each Data Forwarding Node and controls the virtual networking
drivers as Open vSwitch or Linux Bridge. One L2 agent runs per node
and controls its virtual interfaces. Thats why it cannot be distributed and
highly available.</simpara>
highly available.</para>
</note>
<xi:include href="./ha_aa_network/section_run_neutron_dhcp_agent.xml"/>
<xi:include href="./ha_aa_network/section_run_neutron_l3_agent.xml"/>
<xi:include href="./ha_aa_network/section_run_neutron_metadata_agent.xml"/>
<xi:include href="ha_aa_network/section_run_neutron_dhcp_agent.xml"/>
<xi:include href="ha_aa_network/section_run_neutron_l3_agent.xml"/>
<xi:include href="ha_aa_network/section_run_neutron_metadata_agent.xml"/>
</chapter>

View File

@ -3,31 +3,31 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-rabbitmq">
<info>
<title>RabbitMQ</title>
</info>
<simpara>RabbitMQ is the default AMQP server used by many OpenStack services. Making the RabbitMQ service
highly available involves the following steps:</simpara>
<para>RabbitMQ is the default AMQP server used by many OpenStack services. Making the RabbitMQ service
highly available involves the following steps:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Install RabbitMQ
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure RabbitMQ for HA queues
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure OpenStack services to use Rabbit HA queues
</simpara>
</para>
</listitem>
</itemizedlist>
<xi:include href="./ha_aa_rabbitmq/section_install_rabbitmq.xml"/>
<xi:include href="./ha_aa_rabbitmq/section_configure_rabbitmq.xml"/>
<xi:include href="./ha_aa_rabbitmq/section_configure_openstack_services_to_user_rabbitmq.xml"/>
<xi:include href="ha_aa_rabbitmq/section_install_rabbitmq.xml"/>
<xi:include href="ha_aa_rabbitmq/section_configure_rabbitmq.xml"/>
<xi:include href="ha_aa_rabbitmq/section_configure_openstack_services_to_user_rabbitmq.xml"/>
</chapter>

View File

@ -3,71 +3,71 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ch-intro">
<info>
<title>Introduction to OpenStack High Availability</title>
</info>
<simpara>High Availability systems seek to minimize two things:</simpara>
<para>High Availability systems seek to minimize two things:</para>
<itemizedlist>
<listitem>
<simpara><emphasis role="strong">System downtime</emphasis>occurs when a <emphasis>user-facing</emphasis> service is unavailable beyond a specified maximum amount of time, and
</simpara>
<para><emphasis role="strong">System downtime</emphasis>occurs when a <emphasis>user-facing</emphasis> service is unavailable beyond a specified maximum amount of time, and
</para>
</listitem>
<listitem>
<simpara><emphasis role="strong">Data loss</emphasis>accidental deletion or destruction of data.
</simpara>
<para><emphasis role="strong">Data loss</emphasis>accidental deletion or destruction of data.
</para>
</listitem>
</itemizedlist>
<simpara>Most high availability systems guarantee protection against system downtime and data loss only in the event of a single failure. However, they are also expected to protect against cascading failures, where a single failure deteriorates into a series of consequential failures.</simpara>
<simpara>A crucial aspect of high availability is the elimination of single points of failure (SPOFs). A SPOF is an individual piece of equipment or software which will cause system downtime or data loss if it fails. In order to eliminate SPOFs, check that mechanisms exist for redundancy of:</simpara>
<para>Most high availability systems guarantee protection against system downtime and data loss only in the event of a single failure. However, they are also expected to protect against cascading failures, where a single failure deteriorates into a series of consequential failures.</para>
<para>A crucial aspect of high availability is the elimination of single points of failure (SPOFs). A SPOF is an individual piece of equipment or software which will cause system downtime or data loss if it fails. In order to eliminate SPOFs, check that mechanisms exist for redundancy of:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Network components, such as switches and routers
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Applications and automatic service migration
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Storage components
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Facility services such as power, air conditioning, and fire protection
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara>Most high availability systems will fail in the event of multiple independent (non-consequential) failures. In this case, most systems will protect data over maintaining availability.</simpara>
<simpara>High-availability systems typically achieve uptime of 99.99% or more, which roughly equates to less than an hour of cumulative downtime per year. In order to achieve this, high availability systems should keep recovery times after a failure to about one to two minutes, sometimes significantly less.</simpara>
<simpara>OpenStack currently meets such availability requirements for its own infrastructure services, meaning that an uptime of 99.99% is feasible for the OpenStack infrastructure proper. However, OpenStack <emphasis>does</emphasis> <emphasis>not</emphasis> guarantee 99.99% availability for individual guest instances.</simpara>
<simpara>Preventing single points of failure can depend on whether or not a service is stateless.</simpara>
<para>Most high availability systems will fail in the event of multiple independent (non-consequential) failures. In this case, most systems will protect data over maintaining availability.</para>
<para>High-availability systems typically achieve uptime of 99.99% or more, which roughly equates to less than an hour of cumulative downtime per year. In order to achieve this, high availability systems should keep recovery times after a failure to about one to two minutes, sometimes significantly less.</para>
<para>OpenStack currently meets such availability requirements for its own infrastructure services, meaning that an uptime of 99.99% is feasible for the OpenStack infrastructure proper. However, OpenStack <emphasis>does</emphasis> <emphasis>not</emphasis> guarantee 99.99% availability for individual guest instances.</para>
<para>Preventing single points of failure can depend on whether or not a service is stateless.</para>
<section xml:id="stateless-vs-stateful">
<info>
<title>Stateless vs. Stateful services</title>
</info>
<simpara>A stateless service is one that provides a response after your request, and then requires no further attention. To make a stateless service highly available, you need to provide redundant instances and load balance them. OpenStack services that are stateless include nova-api, nova-conductor, glance-api, keystone-api, neutron-api and nova-scheduler.</simpara>
<simpara>A stateful service is one where subsequent requests to the service depend on the results of the first request. Stateful services are more difficult to manage because a single action typically involves more than one request, so simply providing additional instances and load balancing will not solve the problem. For example, if the Horizon user interface reset itself every time you went to a new page, it wouldnt be very useful. OpenStack services that are stateful include the OpenStack database and message queue.</simpara>
<simpara>Making stateful services highly available can depend on whether you choose an active/passive or active/active configuration.</simpara>
<para>A stateless service is one that provides a response after your request, and then requires no further attention. To make a stateless service highly available, you need to provide redundant instances and load balance them. OpenStack services that are stateless include nova-api, nova-conductor, glance-api, keystone-api, neutron-api and nova-scheduler.</para>
<para>A stateful service is one where subsequent requests to the service depend on the results of the first request. Stateful services are more difficult to manage because a single action typically involves more than one request, so simply providing additional instances and load balancing will not solve the problem. For example, if the Horizon user interface reset itself every time you went to a new page, it wouldnt be very useful. OpenStack services that are stateful include the OpenStack database and message queue.</para>
<para>Making stateful services highly available can depend on whether you choose an active/passive or active/active configuration.</para>
</section>
<section xml:id="ap-intro">
<info>
<title>Active/Passive</title>
</info>
<simpara>In an active/passive configuration, systems are set up to bring additional resources online to replace those that have failed. For example, OpenStack would write to the main database while maintaining a disaster recovery database that can be brought online in the event that the main database fails.</simpara>
<simpara>Typically, an active/passive installation for a stateless service would maintain a redundant instance that can be brought online when required. Requests are load balanced using a virtual IP address and a load balancer such as HAProxy.</simpara>
<simpara>A typical active/passive installation for a stateful service maintains a replacement resource that can be brought online when required. A separate application (such as Pacemaker or Corosync) monitors these services, bringing the backup online as necessary.</simpara>
<para>In an active/passive configuration, systems are set up to bring additional resources online to replace those that have failed. For example, OpenStack would write to the main database while maintaining a disaster recovery database that can be brought online in the event that the main database fails.</para>
<para>Typically, an active/passive installation for a stateless service would maintain a redundant instance that can be brought online when required. Requests are load balanced using a virtual IP address and a load balancer such as HAProxy.</para>
<para>A typical active/passive installation for a stateful service maintains a replacement resource that can be brought online when required. A separate application (such as Pacemaker or Corosync) monitors these services, bringing the backup online as necessary.</para>
</section>
<section xml:id="aa-intro">
<info>
<title>Active/Active</title>
</info>
<simpara>In an active/active configuration, systems also use a backup but will manage both the main and redundant systems concurrently. This way, if there is a failure the user is unlikely to notice. The backup system is already online, and takes on increased load while the main system is fixed and brought back online.</simpara>
<simpara>Typically, an active/active installation for a stateless service would maintain a redundant instance, and requests are load balanced using a virtual IP address and a load balancer such as HAProxy.</simpara>
<simpara>A typical active/active installation for a stateful service would include redundant services with all instances having an identical state. For example, updates to one instance of a database would also update all other instances. This way a request to one instance is the same as a request to any other. A load balancer manages the traffic to these systems, ensuring that operational systems always handle the request.</simpara>
<simpara>These are some of the more common ways to implement these high availability architectures, but they are by no means the only ways to do it. The important thing is to make sure that your services are redundant, and available; how you achieve that is up to you. This document will cover some of the more common options for highly available systems.</simpara>
<para>In an active/active configuration, systems also use a backup but will manage both the main and redundant systems concurrently. This way, if there is a failure the user is unlikely to notice. The backup system is already online, and takes on increased load while the main system is fixed and brought back online.</para>
<para>Typically, an active/active installation for a stateless service would maintain a redundant instance, and requests are load balanced using a virtual IP address and a load balancer such as HAProxy.</para>
<para>A typical active/active installation for a stateful service would include redundant services with all instances having an identical state. For example, updates to one instance of a database would also update all other instances. This way a request to one instance is the same as a request to any other. A load balancer manages the traffic to these systems, ensuring that operational systems always handle the request.</para>
<para>These are some of the more common ways to implement these high availability architectures, but they are by no means the only ways to do it. The important thing is to make sure that your services are redundant, and available; how you achieve that is up to you. This document will cover some of the more common options for highly available systems.</para>
</section>
</chapter>

View File

@ -3,18 +3,18 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ch-network">
<info>
<title>Network controller cluster stack</title>
</info>
<simpara>The network controller sits on the management and data network, and needs to be connected to the Internet if a VM needs access to it.</simpara>
<para>The network controller sits on the management and data network, and needs to be connected to the Internet if a VM needs access to it.</para>
<note>
<simpara>Both nodes should have the same hostname since the Networking scheduler will be
aware of one node, for example a virtual router attached to a single L3 node.</simpara>
<para>Both nodes should have the same hostname since the Networking scheduler will be
aware of one node, for example a virtual router attached to a single L3 node.</para>
</note>
<xi:include href="./network/section_highly_available_neutron_l3_agent.xml"/>
<xi:include href="./network/section_highly_available_neutron_dhcp_agent.xml"/>
<xi:include href="./network/section_highly_available_neutron_metadata_agent.xml"/>
<xi:include href="./network/section_manage_network_resources.xml"/>
<xi:include href="network/section_highly_available_neutron_l3_agent.xml"/>
<xi:include href="network/section_highly_available_neutron_dhcp_agent.xml"/>
<xi:include href="network/section_highly_available_neutron_metadata_agent.xml"/>
<xi:include href="network/section_manage_network_resources.xml"/>
</chapter>

View File

@ -3,31 +3,31 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ch-pacemaker">
<info>
<title>The Pacemaker cluster stack</title>
</info>
<simpara>OpenStack infrastructure high availability relies on the
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.clusterlabs.org">Pacemaker</link> cluster stack, the
<para>OpenStack infrastructure high availability relies on the
<link xlink:href="http://www.clusterlabs.org">Pacemaker</link> cluster stack, the
state-of-the-art high availability and load balancing stack for the
Linux platform. Pacemaker is storage and application-agnostic, and is
in no way specific to OpenStack.</simpara>
<simpara>Pacemaker relies on the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.corosync.org">Corosync</link> messaging
in no way specific to OpenStack.</para>
<para>Pacemaker relies on the <link xlink:href="http://www.corosync.org">Corosync</link> messaging
layer for reliable cluster communications. Corosync implements the
Totem single-ring ordering and membership protocol. It also provides UDP
and InfiniBand based messaging, quorum, and cluster membership to
Pacemaker.</simpara>
<simpara>Pacemaker interacts with applications through <emphasis>resource agents</emphasis> (RAs),
Pacemaker.</para>
<para>Pacemaker interacts with applications through <emphasis>resource agents</emphasis> (RAs),
of which it supports over 70 natively. Pacemaker can also easily use
third-party RAs. An OpenStack high-availability configuration uses
existing native Pacemaker RAs (such as those managing MySQL
databases or virtual IP addresses), existing third-party RAs (such as
for RabbitMQ), and native OpenStack RAs (such as those managing the
OpenStack Identity and Image Services).</simpara>
OpenStack Identity and Image Services).</para>
<xi:include href="./pacemaker/section_install_packages.xml"/>
<xi:include href="./pacemaker/section_set_up_corosync.xml"/>
<xi:include href="./pacemaker/section_starting_corosync.xml"/>
<xi:include href="./pacemaker/section_start_pacemaker.xml"/>
<xi:include href="./pacemaker/section_set_basic_cluster_properties.xml"/>
<xi:include href="pacemaker/section_install_packages.xml"/>
<xi:include href="pacemaker/section_set_up_corosync.xml"/>
<xi:include href="pacemaker/section_starting_corosync.xml"/>
<xi:include href="pacemaker/section_start_pacemaker.xml"/>
<xi:include href="pacemaker/section_set_basic_cluster_properties.xml"/>
</chapter>

View File

@ -7,62 +7,62 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-mysql">
<info>
<title>Highly available MySQL</title>
</info>
<simpara>MySQL is the default database server used by many OpenStack
services. Making the MySQL service highly available involves</simpara>
<para>MySQL is the default database server used by many OpenStack
services. Making the MySQL service highly available involves</para>
<itemizedlist>
<listitem>
<simpara>
<para>
Configure a DRBD device for use by MySQL,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure MySQL to use a data directory residing on that DRBD
device,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
selecting and assigning a virtual IP address (VIP) that can freely
float between cluster nodes,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Configure MySQL to listen on that IP address,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
managing all resources, including the MySQL daemon itself, with
the Pacemaker cluster manager.
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara><link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://codership.com/products/mysql_galera">MySQL/Galera</link> is an
<para><link xlink:href="http://codership.com/products/mysql_galera">MySQL/Galera</link> is an
alternative method of Configure MySQL for high availability. It is
likely to become the preferred method of achieving MySQL high
availability once it has sufficiently matured. At the time of writing,
however, the Pacemaker/DRBD based approach remains the recommended one
for OpenStack environments.</simpara>
for OpenStack environments.</para>
</note>
<section xml:id="_configure_drbd">
<info>
<title>Configure DRBD</title>
</info>
<simpara>The Pacemaker based MySQL server requires a DRBD resource from
<para>The Pacemaker based MySQL server requires a DRBD resource from
which it mounts the <literal>/var/lib/mysql</literal> directory. In this example,
the DRBD resource is simply named <literal>mysql</literal>:</simpara>
the DRBD resource is simply named <literal>mysql</literal>:</para>
<formalpara>
<info>
<title><literal>mysql</literal> DRBD resource configuration (<literal>/etc/drbd.d/mysql.res</literal>)</title>
</info>
<title><literal>mysql</literal> DRBD resource configuration (<filename>/etc/drbd.d/mysql.res</filename>)</title>
<para>
<screen>resource mysql {
<programlisting>resource mysql {
device minor 0;
disk "/dev/data/mysql";
meta-disk internal;
@ -72,10 +72,10 @@ the DRBD resource is simply named <literal>mysql</literal>:</simpara>
on node2 {
address ipv4 10.0.42.254:7700;
}
}</screen>
}</programlisting>
</para>
</formalpara>
<simpara>This resource uses an underlying local disk (in DRBD terminology, a
<para>This resource uses an underlying local disk (in DRBD terminology, a
<emphasis>backing device</emphasis>) named <literal>/dev/data/mysql</literal> on both cluster nodes,
<literal>node1</literal> and <literal>node2</literal>. Normally, this would be an LVM Logical Volume
specifically set aside for this purpose. The DRBD <literal>meta-disk</literal> is
@ -83,13 +83,13 @@ specifically set aside for this purpose. The DRBD <literal>meta-disk</literal> i
of the <literal>disk</literal> device itself. The device is configured to communicate
between IPv4 addresses 10.0.42.100 and 10.0.42.254, using TCP port
7700. Once enabled, it will map to a local DRBD block device with the
device minor number 0, that is, <literal>/dev/drbd0</literal>.</simpara>
<simpara>Enabling a DRBD resource is explained in detail in
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.drbd.org/users-guide-8.3/s-first-time-up.html">the DRBD
Users Guide</link>. In brief, the proper sequence of commands is this:</simpara>
<screen>drbdadm create-md mysql <co xml:id="CO3-1"/>
drbdadm up mysql <co xml:id="CO3-2"/>
drbdadm -- --force primary mysql <co xml:id="CO3-3"/></screen>
device minor number 0, that is, <filename>/dev/drbd0</filename>.</para>
<para>Enabling a DRBD resource is explained in detail in
<link xlink:href="http://www.drbd.org/users-guide-8.3/s-first-time-up.html">the DRBD
Users Guide</link>. In brief, the proper sequence of commands is this:</para>
<screen><prompt>#</prompt> <userinput>drbdadm create-md mysql</userinput><co xml:id="CO3-1"/>
<prompt>#</prompt> <userinput>drbdadm up mysql</userinput><co xml:id="CO3-2"/>
<prompt>#</prompt> <userinput>drbdadm -- --force primary mysql</userinput><co xml:id="CO3-3"/></screen>
<calloutlist>
<callout arearefs="CO3-1">
<para>
@ -108,7 +108,7 @@ be completed on both nodes.
<para>
Kicks off the initial device synchronization, and puts the device
into the <literal>primary</literal> (readable and writable) role. See
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.drbd.org/users-guide-8.3/ch-admin.html#s-roles">Resource
<link xlink:href="http://www.drbd.org/users-guide-8.3/ch-admin.html#s-roles">Resource
roles</link> (from the DRBD Users Guide) for a more detailed description of
the primary and secondary roles in DRBD. Must be completed <emphasis>on one
node only,</emphasis> namely the one where you are about to continue with
@ -118,55 +118,55 @@ creating your filesystem.
</calloutlist>
</section>
<section xml:id="_creating_a_file_system">
<info>
<title>Creating a file system</title>
</info>
<simpara>Once the DRBD resource is running and in the primary role (and
<para>Once the DRBD resource is running and in the primary role (and
potentially still in the process of running the initial device
synchronization), you may proceed with creating the filesystem for
MySQL data. XFS is the generally recommended filesystem:</simpara>
<screen>mkfs -t xfs /dev/drbd0</screen>
<simpara>You may also use the alternate device path for the DRBD device, which
MySQL data. XFS is the generally recommended filesystem:</para>
<screen><prompt>#</prompt> <userinput>mkfs -t xfs /dev/drbd0</userinput></screen>
<para>You may also use the alternate device path for the DRBD device, which
may be easier to remember as it includes the self-explanatory resource
name:</simpara>
<screen>mkfs -t xfs /dev/drbd/by-res/mysql</screen>
<simpara>Once completed, you may safely return the device to the secondary
name:</para>
<screen><prompt>#</prompt> <userinput>mkfs -t xfs /dev/drbd/by-res/mysql</userinput></screen>
<para>Once completed, you may safely return the device to the secondary
role. Any ongoing device synchronization will continue in the
background:</simpara>
<screen>drbdadm secondary mysql</screen>
background:</para>
<screen><prompt>#</prompt> <userinput>drbdadm secondary mysql</userinput></screen>
</section>
<section xml:id="_prepare_mysql_for_pacemaker_high_availability">
<info>
<title>Prepare MySQL for Pacemaker high availability</title>
</info>
<simpara>In order for Pacemaker monitoring to function properly, you must
<para>In order for Pacemaker monitoring to function properly, you must
ensure that MySQLs database files reside on the DRBD device. If you
already have an existing MySQL database, the simplest approach is to
just move the contents of the existing <literal>/var/lib/mysql</literal> directory into
the newly created filesystem on the DRBD device.</simpara>
the newly created filesystem on the DRBD device.</para>
<warning>
<simpara>You must complete the next step while the MySQL database
server is shut down.</simpara>
<para>You must complete the next step while the MySQL database
server is shut down.</para>
</warning>
<screen>node1:# mount /dev/drbd/by-res/mysql /mnt
node1:# mv /var/lib/mysql/* /mnt
node1:# umount /mnt</screen>
<simpara>For a new MySQL installation with no existing data, you may also run
the <literal>mysql_install_db</literal> command:</simpara>
<screen>node1:# mount /dev/drbd/by-res/mysql /mnt
node1:# mysql_install_db --datadir=/mnt
node1:# umount /mnt</screen>
<simpara>Regardless of the approach, the steps outlined here must be completed
on only one cluster node.</simpara>
<screen><prompt>#</prompt> <userinput>mount /dev/drbd/by-res/mysql /mnt</userinput>
<prompt>#</prompt> <userinput>mv /var/lib/mysql/* /mnt</userinput>
<prompt>#</prompt> <userinput>umount /mnt</userinput></screen>
<para>For a new MySQL installation with no existing data, you may also run
the <literal>mysql_install_db</literal> command:</para>
<screen><prompt>#</prompt> <userinput>mount /dev/drbd/by-res/mysql /mnt</userinput>
<prompt>#</prompt> <userinput>mysql_install_db --datadir=/mnt</userinput>
<prompt>#</prompt> <userinput>umount /mnt</userinput></screen>
<para>Regardless of the approach, the steps outlined here must be completed
on only one cluster node.</para>
</section>
<section xml:id="_add_mysql_resources_to_pacemaker">
<info>
<title>Add MySQL resources to Pacemaker</title>
</info>
<simpara>You can now add the Pacemaker configuration for
<para>You can now add the Pacemaker configuration for
MySQL resources. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_ip_mysql ocf:heartbeat:IPaddr2 \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_ip_mysql ocf:heartbeat:IPaddr2 \
params ip="192.168.42.101" cidr_netmask="24" \
op monitor interval="30s"
primitive p_drbd_mysql ocf:linbit:drbd \
@ -198,57 +198,57 @@ group g_mysql p_ip_mysql p_fs_mysql p_mysql
ms ms_drbd_mysql p_drbd_mysql \
meta notify="true" clone-max="2"
colocation c_mysql_on_drbd inf: g_mysql ms_drbd_mysql:Master
order o_drbd_before_mysql inf: ms_drbd_mysql:promote g_mysql:start</screen>
<simpara>This configuration creates</simpara>
order o_drbd_before_mysql inf: ms_drbd_mysql:promote g_mysql:start</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_ip_mysql</literal>, a virtual IP address for use by MySQL
<para><literal>p_ip_mysql</literal>, a virtual IP address for use by MySQL
(192.168.42.101),
</simpara>
</para>
</listitem>
<listitem>
<simpara><literal>p_fs_mysql</literal>, a Pacemaker managed filesystem mounted to
<para><literal>p_fs_mysql</literal>, a Pacemaker managed filesystem mounted to
<literal>/var/lib/mysql</literal> on whatever node currently runs the MySQL
service,
</simpara>
</para>
</listitem>
<listitem>
<simpara><literal>ms_drbd_mysql</literal>, the <emphasis>master/slave set</emphasis> managing the <literal>mysql</literal>
<para><literal>ms_drbd_mysql</literal>, the <emphasis>master/slave set</emphasis> managing the <literal>mysql</literal>
DRBD resource,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
a service <literal>group</literal> and <literal>order</literal> and <literal>colocation</literal> constraints to ensure
resources are started on the correct nodes, and in the correct sequence.
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required. For example, you may enter <literal>edit p_ip_mysql</literal> from the
<literal>crm configure</literal> menu and edit the resource to match your preferred
virtual IP address.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
virtual IP address.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the MySQL
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_openstack_services_for_highly_available_mysql">
<info>
<title>Configure OpenStack services for highly available MySQL</title>
</info>
<simpara>Your OpenStack services must now point their MySQL configuration to
<para>Your OpenStack services must now point their MySQL configuration to
the highly available, virtual cluster IP address&mdash;rather than a
MySQL servers physical IP address as you normally would.</simpara>
<simpara>For OpenStack Image, for example, if your MySQL service IP address is
MySQL servers physical IP address as you normally would.</para>
<para>For OpenStack Image, for example, if your MySQL service IP address is
192.168.42.101 as in the configuration explained here, you would use
the following line in your OpenStack Image registry configuration file
(<literal>glance-registry.conf</literal>):</simpara>
<screen>sql_connection = mysql://glancedbadmin:&lt;password&gt;@192.168.42.101/glance</screen>
<simpara>No other changes are necessary to your OpenStack configuration. If the
(<filename>glance-registry.conf</filename>):</para>
<programlisting language="ini">sql_connection = mysql://glancedbadmin:&lt;password&gt;@192.168.42.101/glance</programlisting>
<para>No other changes are necessary to your OpenStack configuration. If the
node currently hosting your database experiences a problem
necessitating service failover, your OpenStack services may experience
a brief MySQL interruption, as they would in the event of a network
hiccup, and then continue to run normally.</simpara>
hiccup, and then continue to run normally.</para>
</section>
</section>

View File

@ -7,65 +7,65 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="s-rabbitmq">
<info>
<title>Highly available RabbitMQ</title>
</info>
<simpara>RabbitMQ is the default AMQP server used by many OpenStack
services. Making the RabbitMQ service highly available involves:</simpara>
<para>RabbitMQ is the default AMQP server used by many OpenStack
services. Making the RabbitMQ service highly available involves:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
configuring a DRBD device for use by RabbitMQ,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
configuring RabbitMQ to use a data directory residing on that DRBD
device,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
selecting and assigning a virtual IP address (VIP) that can freely
float between cluster nodes,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
configuring RabbitMQ to listen on that IP address,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
managing all resources, including the RabbitMQ daemon itself, with
the Pacemaker cluster manager.
</simpara>
</para>
</listitem>
</itemizedlist>
<note>
<simpara>There is an alternative method of configuring RabbitMQ for high
<para>There is an alternative method of configuring RabbitMQ for high
availability. That approach, known as
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.rabbitmq.com/ha.html">active-active mirrored queues</link>,
<link xlink:href="http://www.rabbitmq.com/ha.html">active-active mirrored queues</link>,
happens to be the one preferred by the RabbitMQ developers&mdash;however
it has shown less than ideal consistency and reliability in OpenStack
clusters. Thus, at the time of writing, the Pacemaker/DRBD based
approach remains the recommended one for OpenStack environments,
although this may change in the near future as RabbitMQ active-active
mirrored queues mature.</simpara>
mirrored queues mature.</para>
</note>
<section xml:id="_configure_drbd_2">
<info>
<title>Configure DRBD</title>
</info>
<simpara>The Pacemaker based RabbitMQ server requires a DRBD resource from
<para>The Pacemaker based RabbitMQ server requires a DRBD resource from
which it mounts the <literal>/var/lib/rabbitmq</literal> directory. In this example,
the DRBD resource is simply named <literal>rabbitmq</literal>:</simpara>
the DRBD resource is simply named <literal>rabbitmq</literal>:</para>
<formalpara>
<info>
<title><literal>rabbitmq</literal> DRBD resource configuration (<literal>/etc/drbd.d/rabbitmq.res</literal>)</title>
</info>
<title><literal>rabbitmq</literal> DRBD resource configuration (<filename>/etc/drbd.d/rabbitmq.res</filename>)</title>
<para>
<screen>resource rabbitmq {
<programlisting>resource rabbitmq {
device minor 1;
disk "/dev/data/rabbitmq";
meta-disk internal;
@ -75,10 +75,10 @@ the DRBD resource is simply named <literal>rabbitmq</literal>:</simpara>
on node2 {
address ipv4 10.0.42.254:7701;
}
}</screen>
}</programlisting>
</para>
</formalpara>
<simpara>This resource uses an underlying local disk (in DRBD terminology, a
<para>This resource uses an underlying local disk (in DRBD terminology, a
<emphasis>backing device</emphasis>) named <literal>/dev/data/rabbitmq</literal> on both cluster nodes,
<literal>node1</literal> and <literal>node2</literal>. Normally, this would be an LVM Logical Volume
specifically set aside for this purpose. The DRBD <literal>meta-disk</literal> is
@ -86,13 +86,13 @@ specifically set aside for this purpose. The DRBD <literal>meta-disk</literal> i
of the <literal>disk</literal> device itself. The device is configured to communicate
between IPv4 addresses 10.0.42.100 and 10.0.42.254, using TCP port
7701. Once enabled, it will map to a local DRBD block device with the
device minor number 1, that is, <literal>/dev/drbd1</literal>.</simpara>
<simpara>Enabling a DRBD resource is explained in detail in
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.drbd.org/users-guide-8.3/s-first-time-up.html">the DRBD
Users Guide</link>. In brief, the proper sequence of commands is this:</simpara>
<screen>drbdadm create-md rabbitmq <co xml:id="CO4-1"/>
drbdadm up rabbitmq <co xml:id="CO4-2"/>
drbdadm -- --force primary rabbitmq <co xml:id="CO4-3"/></screen>
device minor number 1, that is, <literal>/dev/drbd1</literal>.</para>
<para>Enabling a DRBD resource is explained in detail in
<link xlink:href="http://www.drbd.org/users-guide-8.3/s-first-time-up.html">the DRBD
Users Guide</link>. In brief, the proper sequence of commands is this:</para>
<screen><prompt>#</prompt> <userinput>drbdadm create-md rabbitmq</userinput><co xml:id="CO4-1"/>
<prompt>#</prompt> <userinput>drbdadm up rabbitmq</userinput><co xml:id="CO4-2"/>
<prompt>#</prompt> <userinput>drbdadm -- --force primary rabbitmq</userinput><co xml:id="CO4-3"/></screen>
<calloutlist>
<callout arearefs="CO4-1">
<para>
@ -111,7 +111,7 @@ be completed on both nodes.
<para>
Kicks off the initial device synchronization, and puts the device
into the <literal>primary</literal> (readable and writable) role. See
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.drbd.org/users-guide-8.3/ch-admin.html#s-roles">Resource
<link xlink:href="http://www.drbd.org/users-guide-8.3/ch-admin.html#s-roles">Resource
roles</link> (from the DRBD Users Guide) for a more detailed description of
the primary and secondary roles in DRBD. Must be completed <emphasis>on one
node only,</emphasis> namely the one where you are about to continue with
@ -121,46 +121,46 @@ creating your filesystem.
</calloutlist>
</section>
<section xml:id="_create_a_file_system">
<info>
<title>Create a file system</title>
</info>
<simpara>Once the DRBD resource is running and in the primary role (and
<para>Once the DRBD resource is running and in the primary role (and
potentially still in the process of running the initial device
synchronization), you may proceed with creating the filesystem for
RabbitMQ data. XFS is generally the recommended filesystem:</simpara>
<screen>mkfs -t xfs /dev/drbd1</screen>
<simpara>You may also use the alternate device path for the DRBD device, which
RabbitMQ data. XFS is generally the recommended filesystem:</para>
<screen><prompt>#</prompt> <userinput>mkfs -t xfs /dev/drbd1</userinput></screen>
<para>You may also use the alternate device path for the DRBD device, which
may be easier to remember as it includes the self-explanatory resource
name:</simpara>
<screen>mkfs -t xfs /dev/drbd/by-res/rabbitmq</screen>
<simpara>Once completed, you may safely return the device to the secondary
name:</para>
<screen><prompt>#</prompt> <userinput>mkfs -t xfs /dev/drbd/by-res/rabbitmq</userinput></screen>
<para>Once completed, you may safely return the device to the secondary
role. Any ongoing device synchronization will continue in the
background:</simpara>
<screen>drbdadm secondary rabbitmq</screen>
background:</para>
<screen><prompt>#</prompt> <userinput>drbdadm secondary rabbitmq</userinput></screen>
</section>
<section xml:id="_prepare_rabbitmq_for_pacemaker_high_availability">
<info>
<title>Prepare RabbitMQ for Pacemaker high availability</title>
</info>
<simpara>In order for Pacemaker monitoring to function properly, you must
<para>In order for Pacemaker monitoring to function properly, you must
ensure that RabbitMQs <literal>.erlang.cookie</literal> files are identical on all
nodes, regardless of whether DRBD is mounted there or not. The
simplest way of doing so is to take an existing <literal>.erlang.cookie</literal> from
one of your nodes, copying it to the RabbitMQ data directory on the
other node, and also copying it to the DRBD-backed filesystem.</simpara>
<screen>node1:# scp -a /var/lib/rabbitmq/.erlang.cookie node2:/var/lib/rabbitmq/
node1:# mount /dev/drbd/by-res/rabbitmq /mnt
node1:# cp -a /var/lib/rabbitmq/.erlang.cookie /mnt
node1:# umount /mnt</screen>
other node, and also copying it to the DRBD-backed filesystem.</para>
<screen><prompt>#</prompt> <userinput>scp -a /var/lib/rabbitmq/.erlang.cookie node2:/var/lib/rabbitmq/</userinput>
<prompt>#</prompt> <userinput>mount /dev/drbd/by-res/rabbitmq /mnt</userinput>
<prompt>#</prompt> <userinput>cp -a /var/lib/rabbitmq/.erlang.cookie /mnt</userinput>
<prompt>#</prompt> <userinput>umount /mnt</userinput></screen>
</section>
<section xml:id="_add_rabbitmq_resources_to_pacemaker">
<info>
<title>Add RabbitMQ resources to Pacemaker</title>
</info>
<simpara>You may now proceed with adding the Pacemaker configuration for
<para>You may now proceed with adding the Pacemaker configuration for
RabbitMQ resources. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_ip_rabbitmq ocf:heartbeat:IPaddr2 \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_ip_rabbitmq ocf:heartbeat:IPaddr2 \
params ip="192.168.42.100" cidr_netmask="24" \
op monitor interval="10s"
primitive p_drbd_rabbitmq ocf:linbit:drbd \
@ -186,57 +186,57 @@ group g_rabbitmq p_ip_rabbitmq p_fs_rabbitmq p_rabbitmq
ms ms_drbd_rabbitmq p_drbd_rabbitmq \
meta notify="true" master-max="1" clone-max="2"
colocation c_rabbitmq_on_drbd inf: g_rabbitmq ms_drbd_rabbitmq:Master
order o_drbd_before_rabbitmq inf: ms_drbd_rabbitmq:promote g_rabbitmq:start</screen>
<simpara>This configuration creates</simpara>
order o_drbd_before_rabbitmq inf: ms_drbd_rabbitmq:promote g_rabbitmq:start</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_ip_rabbitmq</literal>, a virtual IP address for use by RabbitMQ
<para><literal>p_ip_rabbitmq</literal>, a virtual IP address for use by RabbitMQ
(192.168.42.100),
</simpara>
</para>
</listitem>
<listitem>
<simpara><literal>p_fs_rabbitmq</literal>, a Pacemaker managed filesystem mounted to
<para><literal>p_fs_rabbitmq</literal>, a Pacemaker managed filesystem mounted to
<literal>/var/lib/rabbitmq</literal> on whatever node currently runs the RabbitMQ
service,
</simpara>
</para>
</listitem>
<listitem>
<simpara><literal>ms_drbd_rabbitmq</literal>, the <emphasis>master/slave set</emphasis> managing the <literal>rabbitmq</literal>
<para><literal>ms_drbd_rabbitmq</literal>, the <emphasis>master/slave set</emphasis> managing the <literal>rabbitmq</literal>
DRBD resource,
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
a service <literal>group</literal> and <literal>order</literal> and <literal>colocation</literal> constraints to ensure
resources are started on the correct nodes, and in the correct sequence.
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required. For example, you may enter <literal>edit p_ip_rabbitmq</literal> from the
<literal>crm configure</literal> menu and edit the resource to match your preferred
virtual IP address.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
virtual IP address.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the RabbitMQ
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
</section>
<section xml:id="_configure_openstack_services_for_highly_available_rabbitmq">
<info>
<title>Configure OpenStack services for highly available RabbitMQ</title>
</info>
<simpara>Your OpenStack services must now point their RabbitMQ configuration to
<para>Your OpenStack services must now point their RabbitMQ configuration to
the highly available, virtual cluster IP address&mdash;rather than a
RabbitMQ servers physical IP address as you normally would.</simpara>
<simpara>For OpenStack Image, for example, if your RabbitMQ service IP address is
RabbitMQ servers physical IP address as you normally would.</para>
<para>For OpenStack Image, for example, if your RabbitMQ service IP address is
192.168.42.100 as in the configuration explained here, you would use
the following line in your OpenStack Image API configuration file
(<literal>glance-api.conf</literal>):</simpara>
<screen>rabbit_host = 192.168.42.100</screen>
<simpara>No other changes are necessary to your OpenStack configuration. If the
(<filename>glance-api.conf</filename>):</para>
<programlisting language="ini">rabbit_host = 192.168.42.100</programlisting>
<para>No other changes are necessary to your OpenStack configuration. If the
node currently hosting your RabbitMQ experiences a problem
necessitating service failover, your OpenStack services may experience
a brief RabbitMQ interruption, as they would in the event of a network
hiccup, and then continue to run normally.</simpara>
hiccup, and then continue to run normally.</para>
</section>
</section>

View File

@ -2,16 +2,16 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_memcached">
<info>
<title>Memcached</title>
</info>
<simpara>Most of OpenStack services use an application to offer persistence and store ephemeral data (like tokens).
Memcached is one of them and can scale-out easily without specific trick.</simpara>
<simpara>To install and configure it, read the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://code.google.com/p/memcached/wiki/NewStart">official documentation</link>.</simpara>
<simpara>Memory caching is managed by oslo-incubator so the way to use multiple memcached servers is the same for all projects.</simpara>
<simpara>Example with two hosts:</simpara>
<screen>memcached_servers = controller1:11211,controller2:11211</screen>
<simpara>By default, controller1 handles the caching service but if the host goes down, controller2 does the job.
<para>Most of OpenStack services use an application to offer persistence and store ephemeral data (like tokens).
Memcached is one of them and can scale-out easily without specific trick.</para>
<para>To install and configure it, read the <link xlink:href="http://code.google.com/p/memcached/wiki/NewStart">official documentation</link>.</para>
<para>Memory caching is managed by oslo-incubator so the way to use multiple memcached servers is the same for all projects.</para>
<para>Example with two hosts:</para>
<programlisting>memcached_servers = controller1:11211,controller2:11211</programlisting>
<para>By default, controller1 handles the caching service but if the host goes down, controller2 does the job.
For more information about memcached installation, see the OpenStack
Cloud Administrator Guide.</simpara>
Cloud Administrator Guide.</para>
</section>

View File

@ -2,79 +2,79 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_run_openstack_api_and_schedulers">
<info>
<title>Run OpenStack API and schedulers</title>
</info>
<section xml:id="_api_services">
<info>
<title>API services</title>
</info>
<simpara>All OpenStack projects have an API service for controlling all the resources in the Cloud.
<para>All OpenStack projects have an API service for controlling all the resources in the Cloud.
In Active / Active mode, the most common setup is to scale-out these services on at least two nodes
and use load balancing and virtual IP (with HAproxy &amp; Keepalived in this setup).</simpara>
<simpara>
and use load balancing and virtual IP (with HAproxy &amp; Keepalived in this setup).</para>
<para>
<emphasis role="strong">Configure API OpenStack services</emphasis>
</simpara>
<simpara>To configure our Cloud using Highly available and scalable API services, we need to ensure that:</simpara>
</para>
<para>To configure our Cloud using Highly available and scalable API services, we need to ensure that:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
You use Virtual IP when configuring OpenStack Identity endpoints.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
All OpenStack configuration files should refer to Virtual IP.
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara>
<para>
<emphasis role="strong">In case of failure</emphasis>
</simpara>
<simpara>The monitor check is quite simple since it just establishes a TCP connection to the API port. Comparing to the
</para>
<para>The monitor check is quite simple since it just establishes a TCP connection to the API port. Comparing to the
Active / Passive mode using Corosync &amp; Resources Agents, we dont check if the service is actually running).
Thats why all OpenStack API should be monitored by another tool, for example Nagios, with the goal to detect
failures in the Cloud Framework infrastructure.</simpara>
failures in the Cloud Framework infrastructure.</para>
</section>
<section xml:id="_schedulers">
<info>
<title>Schedulers</title>
</info>
<simpara>OpenStack schedulers are used to determine how to dispatch compute, network and volume requests. The most
<para>OpenStack schedulers are used to determine how to dispatch compute, network and volume requests. The most
common setup is to use RabbitMQ as messaging system already documented in this guide.
Those services are connected to the messaging backend and can scale-out :</simpara>
Those services are connected to the messaging backend and can scale-out:</para>
<itemizedlist>
<listitem>
<simpara>
<para>
nova-scheduler
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
nova-conductor
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
cinder-scheduler
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
neutron-server
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
ceilometer-collector
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
heat-engine
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara>Please refer to the RabbitMQ section for configure these services with multiple messaging servers.</simpara>
<para>Please refer to the RabbitMQ section for configure these services with multiple messaging servers.</para>
</section>
</section>

View File

@ -2,8 +2,8 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-db-galera-monitoring">
<info>
<title>Galera monitoring scripts</title>
</info>
<simpara>(Coming soon)</simpara>
<para>(Coming soon)</para>
</section>

View File

@ -2,132 +2,136 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-aa-db-mysql-galera">
<info>
<title>MySQL with Galera</title>
</info>
<simpara>Rather than starting with a vanilla version of MySQL, and then adding
<para>Rather than starting with a vanilla version of MySQL, and then adding
Galera, you will want to install a version of MySQL patched for wsrep
(Write Set REPlication) from <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://launchpad.net/codership-mysql/0.7">https://launchpad.net/codership-mysql/0.7</link>.
(Write Set REPlication) from <link xlink:href="https://launchpad.net/codership-mysql/0.7">https://launchpad.net/codership-mysql/0.7</link>.
The wsrep API is suitable for configuring MySQL High Availability in
OpenStack because it supports synchronous replication.</simpara>
<simpara>Note that the installation requirements call for careful attention. Read
the guide <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://launchpadlibrarian.net/66669857/README-wsrep">https://launchpadlibrarian.net/66669857/README-wsrep</link>
to ensure you follow all the required steps.</simpara>
OpenStack because it supports synchronous replication.</para>
<para>Note that the installation requirements call for careful attention. Read
the guide <link xlink:href="https://launchpadlibrarian.net/66669857/README-wsrep">https://launchpadlibrarian.net/66669857/README-wsrep</link>
to ensure you follow all the required steps.</para>
<orderedlist numeration="arabic" inheritnum="ignore" continuation="restarts">
<info>
<title>Installing Galera through a MySQL version patched for wsrep:</title>
</info>
<listitem>
<simpara>
Download Galera from <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://launchpad.net/galera/+download">https://launchpad.net/galera/+download</link>, and
<para>
Download Galera from <link xlink:href="https://launchpad.net/galera/+download">https://launchpad.net/galera/+download</link>, and
install the *.rpms or *.debs, which takes care of any dependencies
that your system doesnt already have installed.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Adjust the configuration:
</simpara>
<simpara>In the system-wide <literal>my.conf</literal> file, make sure mysqld isnt bound to
127.0.0.1, and that <literal>/etc/mysql/conf.d/</literal> is included.
Typically you can find this file at <literal>/etc/my.cnf</literal>:</simpara>
<screen>[mysqld]
</para>
<para>In the system-wide <filename>my.conf</filename> file, make sure mysqld isnt bound to
127.0.0.1, and that <filename>/etc/mysql/conf.d/</filename> is included.
Typically you can find this file at <filename>/etc/my.cnf</filename>:</para>
<programlisting>[mysqld]
...
!includedir /etc/mysql/conf.d/
...
#bind-address = 127.0.0.1</screen>
<simpara>When adding a new node, you must configure it with a MySQL account that
#bind-address = 127.0.0.1</programlisting>
<para>When adding a new node, you must configure it with a MySQL account that
can access the other nodes. The new node must be able to request a state
snapshot from one of the existing nodes:</simpara>
snapshot from one of the existing nodes:</para>
</listitem>
<listitem>
<simpara>
Specify your MySQL account information in <literal>/etc/mysql/conf.d/wsrep.cnf</literal>:
</simpara>
<screen>wsrep_sst_auth=wsrep_sst:wspass</screen>
<para>
Specify your MySQL account information in <filename>/etc/mysql/conf.d/wsrep.cnf</filename>:
</para>
<programlisting>wsrep_sst_auth=wsrep_sst:wspass</programlisting>
</listitem>
<listitem>
<simpara>
<para>
Connect as root and grant privileges to that user:
</simpara>
<screen>$ mysql -e "SET wsrep_on=OFF; GRANT ALL ON *.* TO wsrep_sst@'%' IDENTIFIED BY 'wspass'";</screen>
</para>
<screen><prompt></prompt> <userinput>mysql -e "SET wsrep_on=OFF; GRANT ALL ON *.* TO wsrep_sst@'%' IDENTIFIED BY 'wspass'";</userinput></screen>
</listitem>
<listitem>
<simpara>
<para>
Remove user accounts with empty usernames because they cause problems:
</simpara>
<screen>$ mysql -e "SET wsrep_on=OFF; DELETE FROM mysql.user WHERE user='';"</screen>
</para>
<screen><prompt>$</prompt> <userinput>mysql -e "SET wsrep_on=OFF; DELETE FROM mysql.user WHERE user='';"</userinput></screen>
</listitem>
<listitem>
<simpara>
<para>
Set up certain mandatory configuration options within MySQL itself.
These include:
</simpara>
<screen>query_cache_size=0
</para>
<programlisting>query_cache_size=0
binlog_format=ROW
default_storage_engine=innodb
innodb_autoinc_lock_mode=2
innodb_doublewrite=1</screen>
innodb_doublewrite=1</programlisting>
</listitem>
<listitem>
<simpara>
<para>
Check that the nodes can access each other through the firewall.
Depending on your environment, this might mean adjusting iptables, as in:
</simpara>
<screen># iptables --insert RH-Firewall-1-INPUT 1 --proto tcp --source &lt;my IP&gt;/24 --destination &lt;my IP&gt;/32 --dport 3306 -j ACCEPT
# iptables --insert RH-Firewall-1-INPUT 1 --proto tcp --source &lt;my IP&gt;/24 --destination &lt;my IP&gt;/32 --dport 4567 -j ACCEPT</screen>
<simpara>This might also mean configuring any NAT firewall between nodes to allow
</para>
<screen><prompt>#</prompt> <userinput>iptables --insert RH-Firewall-1-INPUT 1 --proto tcp \
--source &lt;my IP&gt;/24 --destination &lt;my IP&gt;/32 --dport 3306 \
-j ACCEPT</userinput>
<prompt>#</prompt> <userinput>iptables --insert RH-Firewall-1-INPUT 1 --proto tcp \
--source &lt;my IP&gt;/24 --destination &lt;my IP&gt;/32 --dport 4567 \
-j ACCEPT</userinput></screen>
<para>This might also mean configuring any NAT firewall between nodes to allow
direct connections. You might need to disable SELinux, or configure it to
allow mysqld to listen to sockets at unprivileged ports.</simpara>
allow mysqld to listen to sockets at unprivileged ports.</para>
</listitem>
</orderedlist>
<simpara>Now youre ready to create the cluster.</simpara>
<para>Now youre ready to create the cluster.</para>
<section xml:id="_create_the_cluster">
<info>
<title>Create the cluster</title>
</info>
<simpara>In creating a cluster, you first start a single instance, which creates
<para>In creating a cluster, you first start a single instance, which creates
the cluster. The rest of the MySQL instances then connect to
that cluster:</simpara>
that cluster:</para>
<orderedlist numeration="arabic" inheritnum="ignore" continuation="restarts">
<info>
<title>An example of creating the cluster:</title>
</info>
<listitem>
<simpara>
<para>
Start on <literal>10.0.0.10</literal> by executing the command:
</simpara>
</para>
</listitem>
</orderedlist>
<screen># service mysql start wsrep_cluster_address=gcomm://</screen>
<screen><prompt>#</prompt> <userinput>service mysql start wsrep_cluster_address=gcomm://</userinput></screen>
<orderedlist numeration="arabic" inheritnum="ignore" continuation="restarts">
<listitem>
<simpara>
<para>
Connect to that cluster on the rest of the nodes by referencing the
address of that node, as in:
</simpara>
</para>
</listitem>
</orderedlist>
<screen># service mysql start wsrep_cluster_address=gcomm://10.0.0.10</screen>
<simpara>You also have the option to set the <literal>wsrep_cluster_address</literal> in the
<literal>/etc/mysql/conf.d/wsrep.cnf</literal> file, or within the client itself. (In
<screen><prompt>#</prompt> <userinput>service mysql start wsrep_cluster_address=gcomm://10.0.0.10</userinput></screen>
<para>You also have the option to set the <literal>wsrep_cluster_address</literal> in the
<filename>/etc/mysql/conf.d/wsrep.cnf</filename> file, or within the client itself. (In
fact, for some systems, such as MariaDB or Percona, this may be your
only option.)</simpara>
only option.)</para>
<orderedlist numeration="arabic" inheritnum="ignore" continuation="restarts">
<info>
<title>An example of checking the status of the cluster.</title>
</info>
<listitem>
<simpara>
<para>
Open the MySQL client and check the status of the various parameters:
</simpara>
</para>
</listitem>
</orderedlist>
<screen>mysql&gt; SET GLOBAL wsrep_cluster_address='&lt;cluster address string&gt;';
mysql&gt; SHOW STATUS LIKE 'wsrep%';</screen>
<simpara>You should see a status that looks something like this:</simpara>
<screen>mysql&gt; show status like 'wsrep%';
+----------------------------+--------------------------------------+
<screen><prompt>mysql&gt;</prompt> <userinput>SET GLOBAL wsrep_cluster_address='&lt;cluster address string&gt;';</userinput>
<prompt>mysql&gt;</prompt> <userinput>SHOW STATUS LIKE 'wsrep%';</userinput></screen>
<para>You should see a status that looks something like this:</para>
<screen><prompt>mysql&gt;</prompt> <userinput>show status like 'wsrep%';</userinput>
<computeroutput>+----------------------------+--------------------------------------+
| Variable_name | Value |
+----------------------------+--------------------------------------+
| wsrep_local_state_uuid | 111fc28b-1b05-11e1-0800-e00ec5a7c930 |
@ -169,6 +173,6 @@ mysql&gt; SHOW STATUS LIKE 'wsrep%';</screen>
| wsrep_provider_version | 21.1.0(r86) |
| wsrep_ready | ON |
+----------------------------+--------------------------------------+
38 rows in set (0.01 sec)</screen>
38 rows in set (0.01 sec)</computeroutput></screen>
</section>
</section>

View File

@ -2,11 +2,11 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_other_ways_to_provide_a_highly_available_database">
<info>
<title>Other ways to provide a highly available database</title>
</info>
<simpara>MySQL with Galera is by no means the only way to achieve database HA.
MariaDB (<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://mariadb.org/">https://mariadb.org/</link>) and Percona (<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.percona.com/">http://www.percona.com/</link>)
<para>MySQL with Galera is by no means the only way to achieve database HA.
MariaDB (<link xlink:href="https://mariadb.org/">https://mariadb.org/</link>) and Percona (<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.percona.com/">http://www.percona.com/</link>)
also work with Galera. You also have the option to use Postgres, which
has its own replication, or another database HA option.</simpara>
has its own replication, or another database HA option.</para>
</section>

View File

@ -2,10 +2,10 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_run_neutron_dhcp_agent">
<info>
<title>Run neutron DHCP agent</title>
</info>
<simpara>OpenStack Networking service has a scheduler that
<para>OpenStack Networking service has a scheduler that
lets you run multiple agents across nodes. Also, the DHCP agent can be natively
highly available. For details, see <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/config-reference/content/app_demo_multi_dhcp_agents.html">OpenStack Configuration Reference</link>.</simpara>
highly available. For details, see <link xlink:href="http://docs.openstack.org/trunk/config-reference/content/app_demo_multi_dhcp_agents.html">OpenStack Configuration Reference</link>.</para>
</section>

View File

@ -2,13 +2,13 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_run_neutron_l3_agent">
<info>
<title>Run neutron L3 agent</title>
</info>
<simpara>The neutron L3 agent is scalable thanks to the scheduler
<para>The neutron L3 agent is scalable thanks to the scheduler
that allows distribution of virtual routers across multiple nodes.
But there is no native feature to make these routers highly available.
At this time, the Active / Passive solution exists to run the Neutron L3
agent in failover mode with Pacemaker. See the Active / Passive
section of this guide.</simpara>
section of this guide.</para>
</section>

View File

@ -2,11 +2,11 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_run_neutron_metadata_agent">
<info>
<title>Run neutron metadata agent</title>
</info>
<simpara>There is no native feature to make this service highly available.
<para>There is no native feature to make this service highly available.
At this time, the Active / Passive solution exists to run the neutron
metadata agent in failover mode with Pacemaker. See the Active /
Passive section of this guide.</simpara>
Passive section of this guide.</para>
</section>

View File

@ -2,27 +2,26 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_configure_openstack_services_to_use_rabbitmq">
<info>
<title>Configure OpenStack services to use RabbitMQ</title>
</info>
<simpara>We have to configure the OpenStack components to use at least two RabbitMQ nodes.</simpara>
<simpara>Do this configuration on all services using RabbitMQ:</simpara>
<simpara>RabbitMQ HA cluster host:port pairs:</simpara>
<screen>rabbit_hosts=rabbit1:5672,rabbit2:5672</screen>
<simpara>How frequently to retry connecting with RabbitMQ:</simpara>
<screen>rabbit_retry_interval=1</screen>
<simpara>How long to back-off for between retries when connecting to RabbitMQ:</simpara>
<screen>rabbit_retry_backoff=2</screen>
<simpara>Maximum retries with trying to connect to RabbitMQ (infinite by default):</simpara>
<screen>rabbit_max_retries=0</screen>
<simpara>Use durable queues in RabbitMQ:</simpara>
<screen>rabbit_durable_queues=false</screen>
<simpara>Use H/A queues in RabbitMQ (x-ha-policy: all):</simpara>
<screen>rabbit_ha_queues=true</screen>
<simpara>If you change the configuration from an old setup which did not use HA queues, you should interrupt the service:</simpara>
<screen>rabbitmqctl stop_app
rabbitmqctl reset
rabbitmqctl start_app</screen>
<simpara>Services currently working with HA queues: OpenStack Compute, OpenStack Block Storage, OpenStack Networking, Telemetry.</simpara>
<para>We have to configure the OpenStack components to use at least two RabbitMQ nodes.</para>
<para>Do this configuration on all services using RabbitMQ:</para>
<para>RabbitMQ HA cluster host:port pairs:</para>
<programlisting>rabbit_hosts=rabbit1:5672,rabbit2:5672</programlisting>
<para>How frequently to retry connecting with RabbitMQ:</para>
<programlisting>rabbit_retry_interval=1</programlisting>
<para>How long to back-off for between retries when connecting to RabbitMQ:</para>
<programlisting>rabbit_retry_backoff=2</programlisting>
<para>Maximum retries with trying to connect to RabbitMQ (infinite by default):</para>
<programlisting>rabbit_max_retries=0</programlisting>
<para>Use durable queues in RabbitMQ:</para>
<programlisting>rabbit_durable_queues=false</programlisting>
<para>Use H/A queues in RabbitMQ (x-ha-policy: all):</para>
<programlisting>rabbit_ha_queues=true</programlisting>
<para>If you change the configuration from an old setup which did not use HA queues, you should interrupt the service:</para>
<screen><prompt>#</prompt> <userinput>rabbitmqctl stop_app</userinput>
<prompt>#</prompt> <userinput>rabbitmqctl reset</userinput>
<prompt>#</prompt> <userinput>rabbitmqctl start_app</userinput></screen>
<para>Services currently working with HA queues: OpenStack Compute, OpenStack Block Storage, OpenStack Networking, Telemetry.</para>
</section>

View File

@ -2,39 +2,40 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_configure_rabbitmq">
<info>
<title>Configure RabbitMQ</title>
</info>
<simpara>Here we are building a cluster of RabbitMQ nodes to construct a RabbitMQ broker.
<para>Here we are building a cluster of RabbitMQ nodes to construct a RabbitMQ broker.
Mirrored queues in RabbitMQ improve the availability of service since it will be resilient to failures.
We have to consider that while exchanges and bindings will survive the loss of individual nodes, queues
and their messages will not because a queue and its contents is located on one node. If we lose this node,
we also lose the queue.</simpara>
<simpara>We consider that we run (at least) two RabbitMQ servers. To build a broker, we need to ensure that all nodes
we also lose the queue.</para>
<para>We consider that we run (at least) two RabbitMQ servers. To build a broker, we need to ensure that all nodes
have the same erlang cookie file. To do so, stop RabbitMQ everywhere and copy the cookie from rabbit1 server
to other server(s):</simpara>
<screen>scp /var/lib/rabbitmq/.erlang.cookie \
root@rabbit2:/var/lib/rabbitmq/.erlang.cookie</screen>
<simpara>Then, start RabbitMQ on nodes.
If RabbitMQ fails to start, you cant continue to the next step.</simpara>
<simpara>Now, we are building the HA cluster. From rabbit2, run these commands:</simpara>
<screen>rabbitmqctl stop_app
rabbitmqctl join_cluster rabbit@rabbit1
rabbitmqctl start_app</screen>
<simpara>To verify the cluster status :</simpara>
<screen>rabbitmqctl cluster_status
to other server(s):</para>
<screen><prompt>#</prompt> <userinput>scp /var/lib/rabbitmq/.erlang.cookie \
root@rabbit2:/var/lib/rabbitmq/.erlang.cookie</userinput></screen>
<para>Then, start RabbitMQ on nodes.
If RabbitMQ fails to start, you cant continue to the next step.</para>
<para>Now, we are building the HA cluster. From rabbit2, run these commands:</para>
<screen><prompt>#</prompt> <userinput>rabbitmqctl stop_app</userinput>
<prompt>#</prompt> <userinput>rabbitmqctl join_cluster rabbit@rabbit1</userinput>
<prompt>#</prompt> <userinput>rabbitmqctl start_app</userinput></screen>
<para>To verify the cluster status:</para>
<screen><prompt>#</prompt> <userinput>rabbitmqctl cluster_status</userinput>
<computeroutput>
Cluster status of node rabbit@rabbit2 ...
[{nodes,[{disc,[rabbit@rabbit1]},{ram,[rabbit@rabbit2]}]},{running_nodes,[rabbit@rabbit2,rabbit@rabbit1]}]</screen>
<simpara>If the cluster is working, you can now proceed to creating users and passwords for queues.</simpara>
<simpara>
[{nodes,[{disc,[rabbit@rabbit1]},{ram,[rabbit@rabbit2]}]},{running_nodes,[rabbit@rabbit2,rabbit@rabbit1]}]
</computeroutput></screen>
<para>If the cluster is working, you can now proceed to creating users and passwords for queues.</para>
<para>
<emphasis role="strong">Note for RabbitMQ version 3</emphasis>
</simpara>
<simpara>Queue mirroring is no longer controlled by the <emphasis>x-ha-policy</emphasis> argument when declaring a queue. OpenStack can
</para>
<para>Queue mirroring is no longer controlled by the <emphasis>x-ha-policy</emphasis> argument when declaring a queue. OpenStack can
continue to declare this argument, but it wont cause queues to be mirrored.
We need to make sure that all queues (except those with auto-generated names) are mirrored across all running nodes:</simpara>
<screen>rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-mode": "all"}'</screen>
<simpara>
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.rabbitmq.com/ha.html">More information about High availability in RabbitMQ</link>
</simpara>
We need to make sure that all queues (except those with auto-generated names) are mirrored across all running nodes:</para>
<screen><prompt>#</prompt> <userinput>rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-mode": "all"}'</userinput></screen>
<para>
<link xlink:href="http://www.rabbitmq.com/ha.html">More information about High availability in RabbitMQ</link>
</para>
</section>

View File

@ -2,28 +2,28 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_install_rabbitmq">
<info>
<title>Install RabbitMQ</title>
</info>
<simpara>This setup has been tested with RabbitMQ 2.7.1.</simpara>
<para>This setup has been tested with RabbitMQ 2.7.1.</para>
<section xml:id="_on_ubuntu_debian">
<info>
<title>On Ubuntu / Debian</title>
</info>
<simpara>RabbitMQ is packaged on both distros:</simpara>
<screen>apt-get install rabbitmq-server rabbitmq-plugins</screen>
<simpara>
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.rabbitmq.com/install-debian.html">Official manual for installing RabbitMQ on Ubuntu / Debian</link>
</simpara>
<para>RabbitMQ is packaged on both distros:</para>
<screen><prompt>#</prompt> <userinput>apt-get install rabbitmq-server rabbitmq-plugins</userinput></screen>
<para>
<link xlink:href="http://www.rabbitmq.com/install-debian.html">Official manual for installing RabbitMQ on Ubuntu / Debian</link>
</para>
</section>
<section xml:id="_on_fedora_rhel">
<info>
<title>On Fedora / RHEL</title>
</info>
<simpara>RabbitMQ is packaged on both distros:</simpara>
<screen>yum install erlang</screen>
<simpara>
<link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.rabbitmq.com/install-rpm.html">Official manual for installing RabbitMQ on Fedora / RHEL</link>
</simpara>
<para>RabbitMQ is packaged on both distros:</para>
<screen><prompt>#</prompt> <userinput>yum install erlang</userinput></screen>
<para>
<link xlink:href="http://www.rabbitmq.com/install-rpm.html">Official manual for installing RabbitMQ on Fedora / RHEL</link>
</para>
</section>
</section>

View File

@ -2,43 +2,43 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_highly_available_neutron_dhcp_agent">
<info>
<title>Highly available neutron DHCP agent</title>
</info>
<simpara>Neutron DHCP agent distributes IP addresses to the VMs with dnsmasq (by
<para>Neutron DHCP agent distributes IP addresses to the VMs with dnsmasq (by
default). High availability for the DHCP agent is achieved by adopting
Pacemaker.</simpara>
Pacemaker.</para>
<note>
<simpara>Here is the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/config-reference/content/section_adv_cfg_dhcp_agent.html">documentation</link> for installing neutron DHCP agent.</simpara>
<para>Here is the <link xlink:href="http://docs.openstack.org/trunk/config-reference/content/section_adv_cfg_dhcp_agent.html">documentation</link> for installing neutron DHCP agent.</para>
</note>
<section xml:id="_add_neutron_dhcp_agent_resource_to_pacemaker">
<info>
<title>Add neutron DHCP agent resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-agent-dhcp
chmod a+rx neutron-dhcp-agent</screen>
<simpara>You may now proceed with adding the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-agent-dhcp</userinput>
<prompt>#</prompt> <userinput>chmod a+rx neutron-dhcp-agent</userinput></screen>
<para>You may now proceed with adding the Pacemaker configuration for
neutron DHCP agent resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_neutron-dhcp-agent ocf:openstack:neutron-dhcp-agent \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_neutron-dhcp-agent ocf:openstack:neutron-dhcp-agent \
params config="/etc/neutron/neutron.conf" \
plugin_config="/etc/neutron/dhcp_agent.ini" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates</simpara>
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_neutron-dhcp-agent</literal>, a resource for manage Neutron DHCP Agent
<para><literal>p_neutron-dhcp-agent</literal>, a resource for manage Neutron DHCP Agent
service
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
required.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the neutron DHCP
agent service, and its dependent resources, on one of your nodes.</simpara>
agent service, and its dependent resources, on one of your nodes.</para>
</section>
</section>

View File

@ -2,46 +2,46 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_highly_available_neutron_l3_agent">
<info>
<title>Highly available neutron L3 agent</title>
</info>
<simpara>The neutron L3 agent provides L3/NAT forwarding to ensure external network access
<para>The neutron L3 agent provides L3/NAT forwarding to ensure external network access
for VMs on tenant networks. High availability for the L3 agent is achieved by
adopting Pacemaker.</simpara>
adopting Pacemaker.</para>
<note>
<simpara>Here is the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/config-reference/content/section_adv_cfg_l3_agent.html">documentation</link> for installing neutron L3 agent.</simpara>
<para>Here is the <link xlink:href="http://docs.openstack.org/trunk/config-reference/content/section_adv_cfg_l3_agent.html">documentation</link> for installing neutron L3 agent.</para>
</note>
<section xml:id="_add_neutron_l3_agent_resource_to_pacemaker">
<info>
<title>Add neutron L3 agent resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-agent-l3
chmod a+rx neutron-l3-agent</screen>
<simpara>You may now proceed with adding the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-agent-l3</userinput>
<prompt>#</prompt> <userinput>chmod a+rx neutron-l3-agent</userinput></screen>
<para>You may now proceed with adding the Pacemaker configuration for
neutron L3 agent resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_neutron-l3-agent ocf:openstack:neutron-agent-l3 \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_neutron-l3-agent ocf:openstack:neutron-agent-l3 \
params config="/etc/neutron/neutron.conf" \
plugin_config="/etc/neutron/l3_agent.ini" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates</simpara>
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_neutron-l3-agent</literal>, a resource for manage Neutron L3 Agent service
</simpara>
<para><literal>p_neutron-l3-agent</literal>, a resource for manage Neutron L3 Agent service
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
required.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the neutron L3 agent
service, and its dependent resources, on one of your nodes.</simpara>
service, and its dependent resources, on one of your nodes.</para>
<note>
<simpara>This method does not ensure a zero downtime since it has to recreate all
the namespaces and virtual routers on the node.</simpara>
<para>This method does not ensure a zero downtime since it has to recreate all
the namespaces and virtual routers on the node.</para>
</note>
</section>
</section>

View File

@ -2,43 +2,39 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_highly_available_neutron_metadata_agent">
<info>
<title>Highly available neutron metadata agent</title>
</info>
<simpara>Neutron metadata agent allows Compute API metadata to be reachable by VMs on tenant
<para>Neutron metadata agent allows Compute API metadata to be reachable by VMs on tenant
networks. High availability for the metadata agent is achieved by adopting
Pacemaker.</simpara>
Pacemaker.</para>
<note>
<simpara>Here is the <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://docs.openstack.org/trunk/config-reference/content/networking-options-metadata.html">documentation</link> for installing Neutron Metadata Agent.</simpara>
<para>Here is the <link xlink:href="http://docs.openstack.org/trunk/config-reference/content/networking-options-metadata.html">documentation</link> for installing Neutron Metadata Agent.</para>
</note>
<section xml:id="_add_neutron_metadata_agent_resource_to_pacemaker">
<info>
<title>Add neutron metadata agent resource to Pacemaker</title>
</info>
<simpara>First of all, you need to download the resource agent to your system:</simpara>
<screen>cd /usr/lib/ocf/resource.d/openstack
wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-metadata-agent
chmod a+rx neutron-metadata-agent</screen>
<simpara>You may now proceed with adding the Pacemaker configuration for
<para>First of all, you need to download the resource agent to your system:</para>
<screen><prompt>#</prompt> <userinput>cd /usr/lib/ocf/resource.d/openstack</userinput>
<prompt>#</prompt> <userinput>wget https://raw.github.com/madkiss/openstack-resource-agents/master/ocf/neutron-metadata-agent</userinput>
<prompt>#</prompt> <userinput>chmod a+rx neutron-metadata-agent</userinput></screen>
<para>You may now proceed with adding the Pacemaker configuration for
neutron metadata agent resource. Connect to the Pacemaker cluster with <literal>crm
configure</literal>, and add the following cluster resources:</simpara>
<screen>primitive p_neutron-metadata-agent ocf:openstack:neutron-metadata-agent \
configure</literal>, and add the following cluster resources:</para>
<programlisting>primitive p_neutron-metadata-agent ocf:openstack:neutron-metadata-agent \
params config="/etc/neutron/neutron.conf" \
plugin_config="/etc/neutron/metadata_agent.ini" \
op monitor interval="30s" timeout="30s"</screen>
<simpara>This configuration creates</simpara>
op monitor interval="30s" timeout="30s"</programlisting>
<para>This configuration creates</para>
<itemizedlist>
<listitem>
<simpara><literal>p_neutron-metadata-agent</literal>, a resource for manage Neutron Metadata Agent
<para><literal>p_neutron-metadata-agent</literal>, a resource for manage Neutron Metadata Agent
service
</simpara>
</para>
</listitem>
</itemizedlist>
<simpara><literal>crm configure</literal> supports batch input, so you may copy and paste the
<para><literal>crm configure</literal> supports batch input, so you may copy and paste the
above into your live pacemaker configuration, and then make changes as
required.</simpara>
<simpara>Once completed, commit your configuration changes by entering <literal>commit</literal>
required.</para>
<para>Once completed, commit your configuration changes by entering <literal>commit</literal>
from the <literal>crm configure</literal> menu. Pacemaker will then start the neutron metadata
agent service, and its dependent resources, on one of your nodes.</simpara>
agent service, and its dependent resources, on one of your nodes.</para>
</section>
</section>

View File

@ -2,14 +2,13 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_manage_network_resources">
<info>
<title>Manage network resources</title>
</info>
<simpara>You can now add the Pacemaker configuration for
<para>You can now add the Pacemaker configuration for
managing all network resources together with a group.
Connect to the Pacemaker cluster with <literal>crm configure</literal>, and add the following
cluster resources:</simpara>
<screen>group g_services_network p_neutron-l3-agent p_neutron-dhcp-agent \
p_neutron-metadata_agent</screen>
cluster resources:</para>
<programlisting>group g_services_network p_neutron-l3-agent p_neutron-dhcp-agent \
p_neutron-metadata_agent</programlisting>
</section>

View File

@ -2,43 +2,41 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_install_packages">
<info>
<title>Install packages</title>
</info>
<simpara>On any host that is meant to be part of a Pacemaker cluster, you must
<para>On any host that is meant to be part of a Pacemaker cluster, you must
first establish cluster communications through the Corosync messaging
layer. This involves Install the following packages (and their
dependencies, which your package manager will normally install
automatically):</simpara>
automatically):</para>
<itemizedlist>
<listitem>
<simpara><literal>pacemaker</literal> Note that the crm shell should be downloaded separately.
</simpara>
<para><literal>pacemaker</literal> Note that the crm shell should be downloaded separately.
</para>
</listitem>
<listitem>
<simpara>
<para>
<literal>crmsh</literal>
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
<literal>corosync</literal>
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
<literal>cluster-glue</literal>
</simpara>
</para>
</listitem>
<listitem>
<simpara><literal>fence-agents</literal> (Fedora only; all other distributions use fencing
<para><literal>fence-agents</literal> (Fedora only; all other distributions use fencing
agents from <literal>cluster-glue</literal>)
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
<literal>resource-agents</literal>
</simpara>
</para>
</listitem>
</itemizedlist>
</section>

View File

@ -2,21 +2,21 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_set_basic_cluster_properties">
<info>
<title>Set basic cluster properties</title>
</info>
<simpara>Once your Pacemaker cluster is set up, it is recommended to set a few
<para>Once your Pacemaker cluster is set up, it is recommended to set a few
basic cluster properties. To do so, start the <literal>crm</literal> shell and change
into the configuration menu by entering
<literal>configure</literal>. Alternatively. you may jump straight into the Pacemaker
configuration menu by typing <literal>crm configure</literal> directly from a shell
prompt.</simpara>
<simpara>Then, set the following properties:</simpara>
<screen>property no-quorum-policy="ignore" \ # <co xml:id="CO2-1"/>
prompt.</para>
<para>Then, set the following properties:</para>
<programlisting>property no-quorum-policy="ignore" \ # <co xml:id="CO2-1"/>
pe-warn-series-max="1000" \ # <co xml:id="CO2-2"/>
pe-input-series-max="1000" \
pe-error-series-max="1000" \
cluster-recheck-interval="5min" # <co xml:id="CO2-3"/></screen>
cluster-recheck-interval="5min" # <co xml:id="CO2-3"/></programlisting>
<calloutlist>
<callout arearefs="CO2-1">
<para>
@ -49,6 +49,6 @@ is usually prudent to reduce this to a shorter interval, such as 5 or
</para>
</callout>
</calloutlist>
<simpara>Once you have made these changes, you may <literal>commit</literal> the updated
configuration.</simpara>
<para>Once you have made these changes, you may <literal>commit</literal> the updated
configuration.</para>
</section>

View File

@ -2,21 +2,19 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_set_up_corosync">
<info>
<title>Set up Corosync</title>
</info>
<simpara>Besides installing the <literal>corosync</literal> package, you must also
<para>Besides installing the <literal>corosync</literal> package, you must also
create a configuration file, stored in
<literal>/etc/corosync/corosync.conf</literal>. Most distributions ship an example
configuration file (<literal>corosync.conf.example</literal>) as part of the
<filename>/etc/corosync/corosync.conf</filename>. Most distributions ship an example
configuration file (<filename>corosync.conf.example</filename>) as part of the
documentation bundled with the <literal>corosync</literal> package. An example Corosync
configuration file is shown below:</simpara>
configuration file is shown below:</para>
<formalpara>
<info>
<title>Corosync configuration file (<literal>corosync.conf</literal>)</title>
</info>
<title>Corosync configuration file (<filename>corosync.conf</filename>)</title>
<para>
<screen>totem {
<programlisting>totem {
version: 2
# Time (in ms) to wait for a token <co xml:id="CO1-1"/>
@ -82,7 +80,7 @@ logging {
debug: off
tags: enter|leave|trace1|trace2|trace3|trace4|trace6
}
}</screen>
}</programlisting>
</para>
</formalpara>
<calloutlist>
@ -124,44 +122,44 @@ configuration:
</para>
<itemizedlist>
<listitem>
<simpara>
<para>
The <literal>ringnumber</literal> must differ between all configured interfaces,
starting with 0.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
The <literal>bindnetaddr</literal> is the <emphasis>network</emphasis> address of the interfaces to bind
to. The example uses two network addresses of <literal>/24</literal> IPv4 subnets.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
Multicast groups (<literal>mcastaddr</literal>) <emphasis>must not</emphasis> be reused across cluster
boundaries. In other words, no two distinct clusters should ever use
the same multicast group. Be sure to select multicast addresses
compliant with <link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://www.ietf.org/rfc/rfc2365.txt">RFC 2365,
compliant with <link xlink:href="http://www.ietf.org/rfc/rfc2365.txt">RFC 2365,
"Administratively Scoped IP Multicast"</link>.
</simpara>
</para>
</listitem>
<listitem>
<simpara>
<para>
For firewall configurations, note that Corosync communicates over
UDP only, and uses <literal>mcastport</literal> (for receives) and <literal>mcastport</literal>-1 (for
sends).
</simpara>
</para>
</listitem>
</itemizedlist>
</callout>
<callout arearefs="CO1-5">
<para>
The <literal>service</literal> declaration for the <literal>pacemaker</literal> service may be
placed in the <literal>corosync.conf</literal> file directly, or in its own separate
file, <literal>/etc/corosync/service.d/pacemaker</literal>.
placed in the <filename>corosync.conf</filename> file directly, or in its own separate
file, <filename>/etc/corosync/service.d/pacemaker</filename>.
</para>
</callout>
</calloutlist>
<simpara>Once created, the <literal>corosync.conf</literal> file (and the <literal>authkey</literal> file if the
<para>Once created, the <filename>corosync.conf</filename> file (and the <filename>authkey</filename> file if the
<literal>secauth</literal> option is enabled) must be synchronized across all cluster
nodes.</simpara>
nodes.</para>
</section>

View File

@ -2,34 +2,32 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_start_pacemaker">
<info>
<title>Start Pacemaker</title>
</info>
<simpara>Once the Corosync services have been started, and you have established
<para>Once the Corosync services have been started, and you have established
that the cluster is communicating properly, it is safe to start
<literal>pacemakerd</literal>, the Pacemaker master control process:</simpara>
<literal>pacemakerd</literal>, the Pacemaker master control process:</para>
<itemizedlist>
<listitem>
<simpara><literal>/etc/init.d/pacemaker start</literal> (LSB)
</simpara>
<para><literal>/etc/init.d/pacemaker start</literal> (LSB)
</para>
</listitem>
<listitem>
<simpara><literal>service pacemaker start</literal> (LSB, alternate)
</simpara>
<para><literal>service pacemaker start</literal> (LSB, alternate)
</para>
</listitem>
<listitem>
<simpara><literal>start pacemaker</literal> (upstart)
</simpara>
<para><literal>start pacemaker</literal> (upstart)
</para>
</listitem>
<listitem>
<simpara><literal>systemctl start pacemaker</literal> (systemd)
</simpara>
<para><literal>systemctl start pacemaker</literal> (systemd)
</para>
</listitem>
</itemizedlist>
<simpara>Once Pacemaker services have started, Pacemaker will create a default
<para>Once Pacemaker services have started, Pacemaker will create a default
empty cluster configuration with no resources. You may observe
Pacemakers status with the <literal>crm_mon</literal> utility:</simpara>
<screen>============
Pacemakers status with the <literal>crm_mon</literal> utility:</para>
<screen><computeroutput>============
Last updated: Sun Oct 7 21:07:52 2012
Last change: Sun Oct 7 20:46:00 2012 via cibadmin on node2
Stack: openais
@ -39,5 +37,5 @@ Version: 1.1.6-9971ebba4494012a93c03b40a2c58ec0eb60f50c
0 Resources configured.
============
Online: [ node2 node1 ]</screen>
Online: [ node2 node1 ]</computeroutput></screen>
</section>

View File

@ -2,52 +2,52 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="_starting_corosync">
<info>
<title>Starting Corosync</title>
</info>
<simpara>Corosync is started as a regular system service. Depending on your
<para>Corosync is started as a regular system service. Depending on your
distribution, it may ship with a LSB (System V style) init script, an
upstart job, or a systemd unit file. Either way, the service is
usually named <literal>corosync</literal>:</simpara>
usually named <literal>corosync</literal>:</para>
<itemizedlist>
<listitem>
<simpara><literal>/etc/init.d/corosync start</literal> (LSB)
</simpara>
<para><literal>/etc/init.d/corosync start</literal> (LSB)
</para>
</listitem>
<listitem>
<simpara><literal>service corosync start</literal> (LSB, alternate)
</simpara>
<para><literal>service corosync start</literal> (LSB, alternate)
</para>
</listitem>
<listitem>
<simpara><literal>start corosync</literal> (upstart)
</simpara>
<para><literal>start corosync</literal> (upstart)
</para>
</listitem>
<listitem>
<simpara><literal>systemctl start corosync</literal> (systemd)
</simpara>
<para><literal>systemctl start corosync</literal> (systemd)
</para>
</listitem>
</itemizedlist>
<simpara>You can now check the Corosync connectivity with two tools.</simpara>
<simpara>The <literal>corosync-cfgtool</literal> utility, when invoked with the <literal>-s</literal> option,
gives a summary of the health of the communication rings:</simpara>
<screen># corosync-cfgtool -s
Printing ring status.
<para>You can now check the Corosync connectivity with two tools.</para>
<para>The <literal>corosync-cfgtool</literal> utility, when invoked with the <literal>-s</literal> option,
gives a summary of the health of the communication rings:</para>
<screen><prompt>#</prompt> <userinput>corosync-cfgtool -s</userinput>
<computeroutput>Printing ring status.
Local node ID 435324542
RING ID 0
id = 192.168.42.82
status = ring 0 active with no faults
RING ID 1
id = 10.0.42.100
status = ring 1 active with no faults</screen>
<simpara>The <literal>corosync-objctl</literal> utility can be used to dump the Corosync cluster
member list:</simpara>
<screen># corosync-objctl runtime.totem.pg.mrp.srp.members
runtime.totem.pg.mrp.srp.435324542.ip=r(0) ip(192.168.42.82) r(1) ip(10.0.42.100)
status = ring 1 active with no faults</computeroutput></screen>
<para>The <literal>corosync-objctl</literal> utility can be used to dump the Corosync cluster
member list:</para>
<screen><prompt>#</prompt> <userinput>corosync-objctl runtime.totem.pg.mrp.srp.members</userinput>
<computeroutput>runtime.totem.pg.mrp.srp.435324542.ip=r(0) ip(192.168.42.82) r(1) ip(10.0.42.100)
runtime.totem.pg.mrp.srp.435324542.join_count=1
runtime.totem.pg.mrp.srp.435324542.status=joined
runtime.totem.pg.mrp.srp.983895584.ip=r(0) ip(192.168.42.87) r(1) ip(10.0.42.254)
runtime.totem.pg.mrp.srp.983895584.join_count=1
runtime.totem.pg.mrp.srp.983895584.status=joined</screen>
<simpara>You should see a <literal>status=joined</literal> entry for each of your constituent
cluster nodes.</simpara>
runtime.totem.pg.mrp.srp.983895584.status=joined</computeroutput></screen>
<para>You should see a <literal>status=joined</literal> entry for each of your constituent
cluster nodes.</para>
</section>

View File

@ -3,14 +3,14 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-using-active-active">
<info>
<title>HA using active/active</title>
</info>
<xi:include href="./ch_ha_aa_db.xml"/>
<xi:include href="./ch_ha_aa_rabbitmq.xml"/>
<xi:include href="./ch_ha_aa_haproxy.xml"/>
<xi:include href="./ch_ha_aa_controllers.xml"/>
<xi:include href="./ch_ha_aa_network.xml"/>
<title>HA using active/active</title>
<xi:include href="ch_ha_aa_db.xml"/>
<xi:include href="ch_ha_aa_rabbitmq.xml"/>
<xi:include href="ch_ha_aa_haproxy.xml"/>
<xi:include href="ch_ha_aa_controllers.xml"/>
<xi:include href="ch_ha_aa_network.xml"/>
</part>

View File

@ -3,13 +3,13 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" xml:id="ha-using-active-passive">
<info>
<title>HA using active/passive</title>
</info>
<xi:include href="./ch_pacemaker.xml"/>
<xi:include href="./ch_controller.xml"/>
<xi:include href="./ch_api.xml"/>
<xi:include href="./ch_network.xml"/>
<title>HA using active/passive</title>
<xi:include href="ch_pacemaker.xml"/>
<xi:include href="ch_controller.xml"/>
<xi:include href="ch_api.xml"/>
<xi:include href="ch_network.xml"/>
</part>