arch_ha - sk4zuzu/one-deploy GitHub Wiki
Highly-available Front-end
Architecture
To deploy OpenNebula Front-ends in High Availability (HA) mode, you need at least three Front-ends, the minimum odd number to reach consensus. For these servers you will need to consider:
- The Front-ends can run as Virtual Machines (VMs). In this case you need to provision them directly from libvirt/QEMU or any other virtualization platform.
- The OpenNebula services will be reached through a Virtual IP (VIP). This IP will float to the active leader automatically.
- This configuration is compatible with any storage configuration, shared or local.
- The Front-ends will need to share the image repository. You need to mount the NFS share, then include the mount point in the inventory file as described in the shared or local guides.
Ansible Role
The opennebula/server
role is capable of managing multiple, clustered OpenNebula Front-end machines. Each such machine is simply added to the built-in Zone 0 of OpenNebula.
root@n1a1:~# onezone show 0
ZONE 0 INFORMATION
ID : 0
NAME : OpenNebula
STATE : ENABLED
ZONE SERVERS
ID NAME ENDPOINT
0 n1a1 http://n1a1:2633/RPC2
1 n1a2 http://n1a2:2633/RPC2
2 n1a3 http://n1a3:2633/RPC2
HA & FEDERATION SYNC STATUS
ID NAME STATE TERM INDEX COMMIT VOTE FED_INDEX
0 n1a1 leader 1 263 263 0 -1
1 n1a2 follower 1 263 263 0 -1
2 n1a3 follower 1 263 263 0 -1
ZONE TEMPLATE
ENDPOINT="http://localhost:2633/RPC2
Deploying
To deploy a cluster, it's enough to provide the VIP configuration and multiple Front-end machines in the inventory file:
all:
vars:
one_vip: 10.2.50.86
one_vip_cidr: 24
one_vip_if: eth0
frontend:
hosts:
n1a1: { ansible_host: 10.2.50.10 }
n1a2: { ansible_host: 10.2.50.11 }
n1a3: { ansible_host: 10.2.50.12 }
[!NOTE] For HA mode to work, all of the
one_vip*
parameters are strictly required, i.e. inside the Leader Front-end you will always find:
root@n1a1:~# ip address show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 10.2.50.10/24 brd 10.2.50.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.2.50.86/24 scope global secondary eth0
valid_lft forever preferred_lft forever
Scaling
If you would like to deploy only a single Front-end, but still make it HA-ready, you can specify the force_ha
parameter.
all:
vars:
force_ha: true
frontend:
hosts:
n1a1: { ansible_host: 10.2.50.10 }
Later, when you decide to implement true HA, you can simply increase the number of Front-end machines and re-run the automation:
frontend:
hosts:
n1a1: { ansible_host: 10.2.50.10 }
n1a2: { ansible_host: 10.2.50.11 }
n1a3: { ansible_host: 10.2.50.12 }
[!NOTE] Conversion from non-HA to HA is not implemented in this automation, please plan ahead!
[!NOTE] We support scaling UP only, as the reverse operation seems to be uncommon (you can still do it manually).
RSYNC/SSH keys
It's important to mention that adding extra Front-end machines requires synchronization of the OpenNebula Database and the /var/lib/one/{.one,.ssh}/
folders. This is performed automatically, but requires password-less login to enable Ansible to use rsync
or ssh
to copy all required files from the Leader directly to new Followers. To can generate SSH keys with ssh-agent
, provide them manually, or generate them automatically by using the ensure_keys_for
parameter:
all:
vars:
ansible_user: ubuntu
ensure_keys_for: [ubuntu]