[ovs-dev,v1] ovndb-servers.ocf: add LB support for managing ovsdb cluster

using pacemaker so that controllers can be placed in different fault domains.

Signed-off-by: aginwala <aginwala@ebay.com>
---
 ovn/utilities/ovndb-servers.ocf | 63 +++++++++++++++++++++++++++++++++--------
 1 file changed, 51 insertions(+), 12 deletions(-)

Hi Aliasgar,

I will try it out and come back with my comments.

Thanks
Numan


On Tue, May 8, 2018 at 10:37 AM, aginwala <amginwal@gmail.com> wrote:

> using pacemaker so that controllers can be placed in different fault
> domains.
>
> Signed-off-by: aginwala <aginwala@ebay.com>
> ---
>  ovn/utilities/ovndb-servers.ocf | 63 ++++++++++++++++++++++++++++++
> +++--------
>  1 file changed, 51 insertions(+), 12 deletions(-)
>
> diff --git a/ovn/utilities/ovndb-servers.ocf
> b/ovn/utilities/ovndb-servers.ocf
> index 164b6bc..85a5d92 100755
> --- a/ovn/utilities/ovndb-servers.ocf
> +++ b/ovn/utilities/ovndb-servers.ocf
> @@ -9,6 +9,7 @@
>  : ${SB_MASTER_PROTO_DEFAULT="tcp"}
>  : ${MANAGE_NORTHD_DEFAULT="no"}
>  : ${INACTIVE_PROBE_DEFAULT="5000"}
> +: ${LISTEN_ON_MASTER_IP_ONLY_DEFAULT="yes"}
>
>  CRM_MASTER="${HA_SBIN_DIR}/crm_master -l reboot"
>  CRM_ATTR_REPL_INFO="${HA_SBIN_DIR}/crm_attribute --type crm_config
> --name OVN_REPL_INFO -s ovn_ovsdb_master_server"
> @@ -21,6 +22,10 @@ SB_MASTER_PROTO=${OCF_RESKEY_sb_master_protocol:-${SB_
> MASTER_PROTO_DEFAULT}}
>  MANAGE_NORTHD=${OCF_RESKEY_manage_northd:-${MANAGE_NORTHD_DEFAULT}}
>  INACTIVE_PROBE=${OCF_RESKEY_inactive_probe_interval:-${
> INACTIVE_PROBE_DEFAULT}}
>
> +# In order for pacemaker to work with LB, we can keep
> LISTEN_ON_MASTER_IP_ONLY
> +# to false and pass LB vip IP while creating pcs resource.
> +LISTEN_ON_MASTER_IP_ONLY=${OCF_RESKEY_listen_on_master_
> ip:-${LISTEN_ON_MASTER_IP_ONLY_DEFAULT}}
> +
>  # Invalid IP address is an address that can never exist in the network, as
>  # mentioned in rfc-5737. The ovsdb servers connects to this IP address
> till
>  # a master is promoted and the IPAddr2 resource is started.
> @@ -157,20 +162,29 @@ ovsdb_server_notify() {
>              ${OVN_CTL} --ovn-manage-ovsdb=no start_northd
>          fi
>
> +        if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
> +            nb_target=""
> +            sb_target=""
> +        else
> +            nb_target="p${NB_MASTER_PROTO}\:${NB_MASTER_PORT}\:${MASTER_
> IP}"
> +            sb_target="p${SB_MASTER_PROTO}\:${SB_MASTER_PORT}\:${MASTER_
> IP}"
> +        fi
> +
>          conn=`ovn-nbctl get NB_global . connections`
>          if [ "$conn" == "[]" ]
>          then
> -            ovn-nbctl -- --id=@conn_uuid create Connection \
> -target="p${NB_MASTER_PROTO}\:${NB_MASTER_PORT}\:${MASTER_IP}" \
> +            ovn-nbctl -- --id=@conn_uuid create Connection
> target=$nb_target \
>  inactivity_probe=$INACTIVE_PROBE -- set NB_Global .
> connections=@conn_uuid
> +
>          fi
>
>          conn=`ovn-sbctl get SB_global . connections`
>          if [ "$conn" == "[]" ]
>          then
> -            ovn-sbctl -- --id=@conn_uuid create Connection \
> -target="p${SB_MASTER_PROTO}\:${SB_MASTER_PORT}\:${MASTER_IP}" \
> +
> +            ovn-sbctl -- --id=@conn_uuid create Connection
> target=$sb_target \
>  inactivity_probe=$INACTIVE_PROBE -- set SB_Global .
> connections=@conn_uuid
> +
>          fi
>
>      else
> @@ -295,15 +309,15 @@ ovsdb_server_start() {
>
>      set ${OVN_CTL}
>
> -    set $@ --db-nb-addr=${MASTER_IP} --db-nb-port=${NB_MASTER_PORT}
> -    set $@ --db-sb-addr=${MASTER_IP} --db-sb-port=${SB_MASTER_PORT}
> +    # For LB vip to talk to master pool member on a specific tcp port, we
> need
> +    # to listen on 0.0.0.0.instead of master_ip
> +    if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
> +        set $@ --db-nb-port=${NB_MASTER_PORT}
> +        set $@ --db-sb-port=${SB_MASTER_PORT}
>
> -    if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
> -        set $@ --db-nb-create-insecure-remote=yes
> -    fi
> -
> -    if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
> -        set $@ --db-sb-create-insecure-remote=yes
> +    else
> +       set $@ --db-nb-addr=${MASTER_IP} --db-nb-port=${NB_MASTER_PORT}
> +       set $@ --db-sb-addr=${MASTER_IP} --db-sb-port=${SB_MASTER_PORT}
>      fi
>
>      if [ "x${present_master}" = x ]; then
> @@ -313,9 +327,29 @@ ovsdb_server_start() {
>          # Force all copies to come up as slaves by pointing them into
>          # space and let pacemaker pick one to promote:
>          #
> +        if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
> +            set $@ --db-nb-create-insecure-remote=yes
> +        fi
> +
> +        if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
> +            set $@ --db-sb-create-insecure-remote=yes
> +        fi
>          set $@ --db-nb-sync-from-addr=${INVALID_IP_ADDRESS}
> --db-sb-sync-from-addr=${INVALID_IP_ADDRESS}
>
>      elif [ ${present_master} != ${host_name} ]; then
> +        if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
> +            # TODO for using LB vip, need to test for ssl.
> +            set $@ --db-nb-create-insecure-remote=no
> +            set $@ --db-sb-create-insecure-remote=no
> +        else
> +            if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
> +                set $@ --db-nb-create-insecure-remote=yes
> +            fi
> +
> +            if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
> +                set $@ --db-sb-create-insecure-remote=yes
> +            fi
> +        fi
>          # An existing master is active, connect to it
>          set $@ --db-nb-sync-from-addr=${MASTER_IP}
> --db-sb-sync-from-addr=${MASTER_IP}
>          set $@ --db-nb-sync-from-port=${NB_MASTER_PORT}
> @@ -416,6 +450,11 @@ ovsdb_server_promote() {
>              ;;
>      esac
>
> +    if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
> +        # Restart ovs so that new master can listen on tcp port
> +        ${OVN_CTL} stop_ovsdb
> +        ovsdb_server_start
> +    fi
>      ${OVN_CTL} promote_ovnnb
>      ${OVN_CTL} promote_ovnsb
>
> --
> 1.9.1
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>

Sure Thanks:
Below is the command I use for resource creation in this case:

pcs resource create ovndb_servers ocf:ovn:ovndb-servers \
     master_ip="vip_IP" \
     op monitor interval="10s" \
     op monitor role=Master interval="15s" --debug
pcs resource master ovndb_servers-master ovndb_servers \
    meta notify="true"


Regards,


From: Numan Siddique <nusiddiq@redhat.com>
Date: Thursday, May 17, 2018 at 11:37 PM
To: aginwala <amginwal@gmail.com>
Cc: ovs dev <dev@openvswitch.org>, "Ginwala, Aliasgar" <aginwala@ebay.com>
Subject: Re: [ovs-dev] [PATCH v1] ovndb-servers.ocf: add LB support for managing ovsdb cluster

Hi Aliasgar,

I will try it out and come back with my comments.

Thanks
Numan


On Tue, May 8, 2018 at 10:37 AM, aginwala <amginwal@gmail.com<mailto:amginwal@gmail.com>> wrote:
using pacemaker so that controllers can be placed in different fault domains.

Signed-off-by: aginwala <aginwala@ebay.com<mailto:aginwala@ebay.com>>
---
 ovn/utilities/ovndb-servers.ocf | 63 +++++++++++++++++++++++++++++++++--------
 1 file changed, 51 insertions(+), 12 deletions(-)

diff --git a/ovn/utilities/ovndb-servers.ocf b/ovn/utilities/ovndb-servers.ocf
index 164b6bc..85a5d92 100755
--- a/ovn/utilities/ovndb-servers.ocf
+++ b/ovn/utilities/ovndb-servers.ocf
@@ -9,6 +9,7 @@
 : ${SB_MASTER_PROTO_DEFAULT="tcp"}
 : ${MANAGE_NORTHD_DEFAULT="no"}
 : ${INACTIVE_PROBE_DEFAULT="5000"}
+: ${LISTEN_ON_MASTER_IP_ONLY_DEFAULT="yes"}

 CRM_MASTER="${HA_SBIN_DIR}/crm_master -l reboot"
 CRM_ATTR_REPL_INFO="${HA_SBIN_DIR}/crm_attribute --type crm_config --name OVN_REPL_INFO -s ovn_ovsdb_master_server"
@@ -21,6 +22,10 @@ SB_MASTER_PROTO=${OCF_RESKEY_sb_master_protocol:-${SB_MASTER_PROTO_DEFAULT}}
 MANAGE_NORTHD=${OCF_RESKEY_manage_northd:-${MANAGE_NORTHD_DEFAULT}}
 INACTIVE_PROBE=${OCF_RESKEY_inactive_probe_interval:-${INACTIVE_PROBE_DEFAULT}}

+# In order for pacemaker to work with LB, we can keep LISTEN_ON_MASTER_IP_ONLY
+# to false and pass LB vip IP while creating pcs resource.
+LISTEN_ON_MASTER_IP_ONLY=${OCF_RESKEY_listen_on_master_ip:-${LISTEN_ON_MASTER_IP_ONLY_DEFAULT}}
+
 # Invalid IP address is an address that can never exist in the network, as
 # mentioned in rfc-5737. The ovsdb servers connects to this IP address till
 # a master is promoted and the IPAddr2 resource is started.
@@ -157,20 +162,29 @@ ovsdb_server_notify() {
             ${OVN_CTL} --ovn-manage-ovsdb=no start_northd
         fi

+        if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+            nb_target=""
+            sb_target=""
+        else
+            nb_target="p${NB_MASTER_PROTO}\:${NB_MASTER_PORT}\:${MASTER_IP}"
+            sb_target="p${SB_MASTER_PROTO}\:${SB_MASTER_PORT}\:${MASTER_IP}"
+        fi
+
         conn=`ovn-nbctl get NB_global . connections`
         if [ "$conn" == "[]" ]
         then
-            ovn-nbctl -- --id=@conn_uuid create Connection \
-target="p${NB_MASTER_PROTO}\:${NB_MASTER_PORT}\:${MASTER_IP}" \
+            ovn-nbctl -- --id=@conn_uuid create Connection target=$nb_target \
 inactivity_probe=$INACTIVE_PROBE -- set NB_Global . connections=@conn_uuid
+
         fi

         conn=`ovn-sbctl get SB_global . connections`
         if [ "$conn" == "[]" ]
         then
-            ovn-sbctl -- --id=@conn_uuid create Connection \
-target="p${SB_MASTER_PROTO}\:${SB_MASTER_PORT}\:${MASTER_IP}" \
+
+            ovn-sbctl -- --id=@conn_uuid create Connection target=$sb_target \
 inactivity_probe=$INACTIVE_PROBE -- set SB_Global . connections=@conn_uuid
+
         fi

     else
@@ -295,15 +309,15 @@ ovsdb_server_start() {

     set ${OVN_CTL}

-    set $@ --db-nb-addr=${MASTER_IP} --db-nb-port=${NB_MASTER_PORT}
-    set $@ --db-sb-addr=${MASTER_IP} --db-sb-port=${SB_MASTER_PORT}
+    # For LB vip to talk to master pool member on a specific tcp port, we need
+    # to listen on 0.0.0.0.instead of master_ip
+    if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+        set $@ --db-nb-port=${NB_MASTER_PORT}
+        set $@ --db-sb-port=${SB_MASTER_PORT}

-    if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
-        set $@ --db-nb-create-insecure-remote=yes
-    fi
-
-    if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
-        set $@ --db-sb-create-insecure-remote=yes
+    else
+       set $@ --db-nb-addr=${MASTER_IP} --db-nb-port=${NB_MASTER_PORT}
+       set $@ --db-sb-addr=${MASTER_IP} --db-sb-port=${SB_MASTER_PORT}
     fi

     if [ "x${present_master}" = x ]; then
@@ -313,9 +327,29 @@ ovsdb_server_start() {
         # Force all copies to come up as slaves by pointing them into
         # space and let pacemaker pick one to promote:
         #
+        if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
+            set $@ --db-nb-create-insecure-remote=yes
+        fi
+
+        if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
+            set $@ --db-sb-create-insecure-remote=yes
+        fi
         set $@ --db-nb-sync-from-addr=${INVALID_IP_ADDRESS} --db-sb-sync-from-addr=${INVALID_IP_ADDRESS}

     elif [ ${present_master} != ${host_name} ]; then
+        if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+            # TODO for using LB vip, need to test for ssl.
+            set $@ --db-nb-create-insecure-remote=no
+            set $@ --db-sb-create-insecure-remote=no
+        else
+            if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
+                set $@ --db-nb-create-insecure-remote=yes
+            fi
+
+            if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
+                set $@ --db-sb-create-insecure-remote=yes
+            fi
+        fi
         # An existing master is active, connect to it
         set $@ --db-nb-sync-from-addr=${MASTER_IP} --db-sb-sync-from-addr=${MASTER_IP}
         set $@ --db-nb-sync-from-port=${NB_MASTER_PORT}
@@ -416,6 +450,11 @@ ovsdb_server_promote() {
             ;;
     esac

+    if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+        # Restart ovs so that new master can listen on tcp port
+        ${OVN_CTL} stop_ovsdb
+        ovsdb_server_start
+    fi
     ${OVN_CTL} promote_ovnnb
     ${OVN_CTL} promote_ovnsb

--
1.9.1

Please try v2 that is sent out. Have made minor improvements post review from Han.

Please set LISTEN_ON_MASTER_IP_ONLY and LISTEN_ON_SLAVE to no when creating resource for LB.



Regards,

From: "Ginwala, Aliasgar" <aginwala@ebay.com>
Date: Friday, May 18, 2018 at 12:01 PM
To: Numan Siddique <nusiddiq@redhat.com>, aginwala <amginwal@gmail.com>
Cc: ovs dev <dev@openvswitch.org>
Subject: Re: [ovs-dev] [PATCH v1] ovndb-servers.ocf: add LB support for managing ovsdb cluster

Sure Thanks:
Below is the command I use for resource creation in this case:

pcs resource create ovndb_servers ocf:ovn:ovndb-servers \
     master_ip="vip_IP" \
     op monitor interval="10s" \
     op monitor role=Master interval="15s" --debug
pcs resource master ovndb_servers-master ovndb_servers \
    meta notify="true"


Regards,


From: Numan Siddique <nusiddiq@redhat.com>
Date: Thursday, May 17, 2018 at 11:37 PM
To: aginwala <amginwal@gmail.com>
Cc: ovs dev <dev@openvswitch.org>, "Ginwala, Aliasgar" <aginwala@ebay.com>
Subject: Re: [ovs-dev] [PATCH v1] ovndb-servers.ocf: add LB support for managing ovsdb cluster

Hi Aliasgar,

I will try it out and come back with my comments.

Thanks
Numan


On Tue, May 8, 2018 at 10:37 AM, aginwala <amginwal@gmail.com<mailto:amginwal@gmail.com>> wrote:
using pacemaker so that controllers can be placed in different fault domains.

Signed-off-by: aginwala <aginwala@ebay.com<mailto:aginwala@ebay.com>>
---
 ovn/utilities/ovndb-servers.ocf | 63 +++++++++++++++++++++++++++++++++--------
 1 file changed, 51 insertions(+), 12 deletions(-)

diff --git a/ovn/utilities/ovndb-servers.ocf b/ovn/utilities/ovndb-servers.ocf
index 164b6bc..85a5d92 100755
--- a/ovn/utilities/ovndb-servers.ocf
+++ b/ovn/utilities/ovndb-servers.ocf
@@ -9,6 +9,7 @@
 : ${SB_MASTER_PROTO_DEFAULT="tcp"}
 : ${MANAGE_NORTHD_DEFAULT="no"}
 : ${INACTIVE_PROBE_DEFAULT="5000"}
+: ${LISTEN_ON_MASTER_IP_ONLY_DEFAULT="yes"}

 CRM_MASTER="${HA_SBIN_DIR}/crm_master -l reboot"
 CRM_ATTR_REPL_INFO="${HA_SBIN_DIR}/crm_attribute --type crm_config --name OVN_REPL_INFO -s ovn_ovsdb_master_server"
@@ -21,6 +22,10 @@ SB_MASTER_PROTO=${OCF_RESKEY_sb_master_protocol:-${SB_MASTER_PROTO_DEFAULT}}
 MANAGE_NORTHD=${OCF_RESKEY_manage_northd:-${MANAGE_NORTHD_DEFAULT}}
 INACTIVE_PROBE=${OCF_RESKEY_inactive_probe_interval:-${INACTIVE_PROBE_DEFAULT}}

+# In order for pacemaker to work with LB, we can keep LISTEN_ON_MASTER_IP_ONLY
+# to false and pass LB vip IP while creating pcs resource.
+LISTEN_ON_MASTER_IP_ONLY=${OCF_RESKEY_listen_on_master_ip:-${LISTEN_ON_MASTER_IP_ONLY_DEFAULT}}
+
 # Invalid IP address is an address that can never exist in the network, as
 # mentioned in rfc-5737. The ovsdb servers connects to this IP address till
 # a master is promoted and the IPAddr2 resource is started.
@@ -157,20 +162,29 @@ ovsdb_server_notify() {
             ${OVN_CTL} --ovn-manage-ovsdb=no start_northd
         fi

+        if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+            nb_target=""
+            sb_target=""
+        else
+            nb_target="p${NB_MASTER_PROTO}\:${NB_MASTER_PORT}\:${MASTER_IP}"
+            sb_target="p${SB_MASTER_PROTO}\:${SB_MASTER_PORT}\:${MASTER_IP}"
+        fi
+
         conn=`ovn-nbctl get NB_global . connections`
         if [ "$conn" == "[]" ]
         then
-            ovn-nbctl -- --id=@conn_uuid create Connection \
-target="p${NB_MASTER_PROTO}\:${NB_MASTER_PORT}\:${MASTER_IP}" \
+            ovn-nbctl -- --id=@conn_uuid create Connection target=$nb_target \
 inactivity_probe=$INACTIVE_PROBE -- set NB_Global . connections=@conn_uuid
+
         fi

         conn=`ovn-sbctl get SB_global . connections`
         if [ "$conn" == "[]" ]
         then
-            ovn-sbctl -- --id=@conn_uuid create Connection \
-target="p${SB_MASTER_PROTO}\:${SB_MASTER_PORT}\:${MASTER_IP}" \
+
+            ovn-sbctl -- --id=@conn_uuid create Connection target=$sb_target \
 inactivity_probe=$INACTIVE_PROBE -- set SB_Global . connections=@conn_uuid
+
         fi

     else
@@ -295,15 +309,15 @@ ovsdb_server_start() {

     set ${OVN_CTL}

-    set $@ --db-nb-addr=${MASTER_IP} --db-nb-port=${NB_MASTER_PORT}
-    set $@ --db-sb-addr=${MASTER_IP} --db-sb-port=${SB_MASTER_PORT}
+    # For LB vip to talk to master pool member on a specific tcp port, we need
+    # to listen on 0.0.0.0.instead of master_ip
+    if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+        set $@ --db-nb-port=${NB_MASTER_PORT}
+        set $@ --db-sb-port=${SB_MASTER_PORT}

-    if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
-        set $@ --db-nb-create-insecure-remote=yes
-    fi
-
-    if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
-        set $@ --db-sb-create-insecure-remote=yes
+    else
+       set $@ --db-nb-addr=${MASTER_IP} --db-nb-port=${NB_MASTER_PORT}
+       set $@ --db-sb-addr=${MASTER_IP} --db-sb-port=${SB_MASTER_PORT}
     fi

     if [ "x${present_master}" = x ]; then
@@ -313,9 +327,29 @@ ovsdb_server_start() {
         # Force all copies to come up as slaves by pointing them into
         # space and let pacemaker pick one to promote:
         #
+        if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
+            set $@ --db-nb-create-insecure-remote=yes
+        fi
+
+        if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
+            set $@ --db-sb-create-insecure-remote=yes
+        fi
         set $@ --db-nb-sync-from-addr=${INVALID_IP_ADDRESS} --db-sb-sync-from-addr=${INVALID_IP_ADDRESS}

     elif [ ${present_master} != ${host_name} ]; then
+        if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+            # TODO for using LB vip, need to test for ssl.
+            set $@ --db-nb-create-insecure-remote=no
+            set $@ --db-sb-create-insecure-remote=no
+        else
+            if [ "x${NB_MASTER_PROTO}" = xtcp ]; then
+                set $@ --db-nb-create-insecure-remote=yes
+            fi
+
+            if [ "x${SB_MASTER_PROTO}" = xtcp ]; then
+                set $@ --db-sb-create-insecure-remote=yes
+            fi
+        fi
         # An existing master is active, connect to it
         set $@ --db-nb-sync-from-addr=${MASTER_IP} --db-sb-sync-from-addr=${MASTER_IP}
         set $@ --db-nb-sync-from-port=${NB_MASTER_PORT}
@@ -416,6 +450,11 @@ ovsdb_server_promote() {
             ;;
     esac

+    if [ "x${LISTEN_ON_MASTER_IP_ONLY}" = xno ]; then
+        # Restart ovs so that new master can listen on tcp port
+        ${OVN_CTL} stop_ovsdb
+        ovsdb_server_start
+    fi
     ${OVN_CTL} promote_ovnnb
     ${OVN_CTL} promote_ovnsb

--
1.9.1