From 176b30649b18f14818480ba3b6a76cfcf9f3aa26 Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Wed, 24 Jul 2019 08:57:36 +0200 Subject: [PATCH] Give the OVN DBS service a separate Vip This change (with its dependent reviews) creates a separate VIP for the OVN DBS service. A more detailed explanation can be found in https://bugs.launchpad.net/tripleo/+bug/1841811. The short explanation is that the OVN DBS HA service puts some additional constraints on the VIP it uses and that is problematic when that VIP is used by other services (e.g. a change in OVN DBS master will move the VIP and will also reset all mysql connections. It also prevents us splitting OVN DBS from where haproxy runs). Tested as follows: A) Deployed a mster environment with this review and all its dependencies and correctly obtained an OVN DBS service with its own Vip and the OVN services (controller/metadata) pointing to this separate Vip B) Deployed a master environment as is and then applied this review + dependencies and observed that a redeploy correctly created a new VIP, reconfigured the services to point to the new VIP and that the old obsolete constraints created around the per-network VIP were removed Closes-Bug: #1841811 Depends-On: Ic62b0fbc0fee40638811a5cd77a5dc5a4d82acf5 Change-Id: I620e37117c26b5b51bf9e1eda91daeb00fdf0f43 --- .../deployed-server-environment-output.yaml | 3 ++ deployment/ovn/ovn-dbs-pacemaker-puppet.yaml | 2 +- .../external-loadbalancer-vip-v6-all.yaml | 2 ++ .../external-loadbalancer-vip-v6.yaml | 2 ++ environments/external-loadbalancer-vip.yaml | 2 ++ environments/fixed-ip-vips-v6.yaml | 2 ++ environments/fixed-ip-vips.yaml | 2 ++ .../network-isolation-no-tunneling.j2.yaml | 1 + environments/network-isolation-v6-all.j2.yaml | 1 + environments/network-isolation-v6.j2.yaml | 1 + environments/network-isolation.j2.yaml | 1 + environments/standalone.yaml | 1 + .../standalone/standalone-tripleo.yaml | 1 + environments/undercloud.yaml | 1 + network/service_net_map.j2.yaml | 1 + overcloud-resource-registry-puppet.j2.yaml | 1 + overcloud.j2.yaml | 36 +++++++++++++++++-- .../ovn-separate-vip-ed28ffa3ff77f865.yaml | 9 +++++ sample-env-generator/standalone.yaml | 1 + 19 files changed, 67 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/ovn-separate-vip-ed28ffa3ff77f865.yaml diff --git a/deployed-server/deployed-server-environment-output.yaml b/deployed-server/deployed-server-environment-output.yaml index c28ea2fabb..d9096dbf6b 100644 --- a/deployed-server/deployed-server-environment-output.yaml +++ b/deployed-server/deployed-server-environment-output.yaml @@ -30,6 +30,9 @@ resources: - redis_virtual_ip: fixed_ips: - ip_address: {get_param: [VipMap, redis]} + - ovn_dbs_virtual_ip: + fixed_ips: + - ip_address: {get_param: [VipMap, ovn_dbs]} DeployedServerEnvironment: type: OS::Heat::Value diff --git a/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml b/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml index 67e44ec66f..022c063964 100644 --- a/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml +++ b/deployment/ovn/ovn-dbs-pacemaker-puppet.yaml @@ -155,7 +155,7 @@ outputs: list_concat: - - '/container_puppet_apply.sh' - '3' - - 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation' + - 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,ovn_dbs_remove_old_cruft' - 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::ovn_dbs_bundle' - if: - puppet_debug_enabled diff --git a/environments/external-loadbalancer-vip-v6-all.yaml b/environments/external-loadbalancer-vip-v6-all.yaml index 057e53a23a..51332025bd 100644 --- a/environments/external-loadbalancer-vip-v6-all.yaml +++ b/environments/external-loadbalancer-vip-v6-all.yaml @@ -7,6 +7,7 @@ resource_registry: OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip_v6.yaml OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml @@ -26,6 +27,7 @@ parameter_defaults: StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:0005'}] StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}] RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}] + OVNDBsVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0007'}] ControllerIPs: external: - 2001:db8:fd00:1000:0000:0000:0000:0007 diff --git a/environments/external-loadbalancer-vip-v6.yaml b/environments/external-loadbalancer-vip-v6.yaml index c8375fc784..96c619cd86 100644 --- a/environments/external-loadbalancer-vip-v6.yaml +++ b/environments/external-loadbalancer-vip-v6.yaml @@ -4,6 +4,7 @@ resource_registry: OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip_v6.yaml OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml @@ -24,6 +25,7 @@ parameter_defaults: StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:0005'}] StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}] RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}] + OVNDBsVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0007'}] ControllerIPs: external: - 2001:db8:fd00:1000:0000:0000:0000:0007 diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml index 33f145d977..ab06e57db5 100644 --- a/environments/external-loadbalancer-vip.yaml +++ b/environments/external-loadbalancer-vip.yaml @@ -4,6 +4,7 @@ resource_registry: OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip.yaml OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml @@ -23,6 +24,7 @@ parameter_defaults: StorageVirtualFixedIPs: [{'ip_address':'172.16.1.251'}] StorageMgmtVirtualFixedIPs: [{'ip_address':'172.16.3.251'}] RedisVirtualFixedIPs: [{'ip_address':'172.16.2.252'}] + OVNDBsVirtualFixedIPs: [{'ip_address':'172.16.2.253'}] ControllerIPs: external: - 10.0.0.253 diff --git a/environments/fixed-ip-vips-v6.yaml b/environments/fixed-ip-vips-v6.yaml index edcb4d8f9f..c7599910c0 100644 --- a/environments/fixed-ip-vips-v6.yaml +++ b/environments/fixed-ip-vips-v6.yaml @@ -8,6 +8,7 @@ resource_registry: OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip_v6.yaml parameter_defaults: # Set the IP addresses of the VIPs here. @@ -19,3 +20,4 @@ parameter_defaults: StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:000'}] StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}] RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}] + OVNDBsVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0007'}] diff --git a/environments/fixed-ip-vips.yaml b/environments/fixed-ip-vips.yaml index b304b65e56..1083eea04d 100644 --- a/environments/fixed-ip-vips.yaml +++ b/environments/fixed-ip-vips.yaml @@ -8,6 +8,7 @@ resource_registry: OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip.yaml parameter_defaults: # Set the IP addresses of the VIPs here. @@ -19,3 +20,4 @@ parameter_defaults: StorageVirtualFixedIPs: [{'ip_address':'172.16.1.240'}] StorageMgmtVirtualFixedIPs: [{'ip_address':'172.16.3.240'}] RedisVirtualFixedIPs: [{'ip_address':'172.16.2.241'}] + OVNDBsVirtualFixedIPs: [{'ip_address':'172.16.2.242'}] diff --git a/environments/network-isolation-no-tunneling.j2.yaml b/environments/network-isolation-no-tunneling.j2.yaml index 0f44bc7d14..2035a608cc 100644 --- a/environments/network-isolation-no-tunneling.j2.yaml +++ b/environments/network-isolation-no-tunneling.j2.yaml @@ -20,6 +20,7 @@ resource_registry: OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}.yaml {%- endfor %} OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip.yaml # Port assignments for each role are determined by the role definition. {%- for role in roles %} diff --git a/environments/network-isolation-v6-all.j2.yaml b/environments/network-isolation-v6-all.j2.yaml index 73801692a1..6c69ee5654 100644 --- a/environments/network-isolation-v6-all.j2.yaml +++ b/environments/network-isolation-v6-all.j2.yaml @@ -34,6 +34,7 @@ resource_registry: {%- endfor %} OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip_v6.yaml # Port assignments by role, edit role definition to assign networks to roles. {%- for role in roles %} diff --git a/environments/network-isolation-v6.j2.yaml b/environments/network-isolation-v6.j2.yaml index 86b2d1eddb..ad9a604159 100644 --- a/environments/network-isolation-v6.j2.yaml +++ b/environments/network-isolation-v6.j2.yaml @@ -27,6 +27,7 @@ resource_registry: {%- endfor %} OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip_v6.yaml # Port assignments by role, edit role definition to assign networks to roles. {%- for role in roles %} diff --git a/environments/network-isolation.j2.yaml b/environments/network-isolation.j2.yaml index fbc560d512..0577b71213 100644 --- a/environments/network-isolation.j2.yaml +++ b/environments/network-isolation.j2.yaml @@ -16,6 +16,7 @@ resource_registry: {%- endif %} {%- endfor %} OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/vip.yaml # Port assignments by role, edit role definition to assign networks to roles. {%- for role in roles %} diff --git a/environments/standalone.yaml b/environments/standalone.yaml index 88f570d6df..466d9a2a4d 100644 --- a/environments/standalone.yaml +++ b/environments/standalone.yaml @@ -3,6 +3,7 @@ resource_registry: OS::TripleO::Services::Tmpwatch: ../deployment/logrotate/tmpwatch-install.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/noop.yaml OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/standalone_post.yaml diff --git a/environments/standalone/standalone-tripleo.yaml b/environments/standalone/standalone-tripleo.yaml index c13482a8b4..4eedd11bd8 100644 --- a/environments/standalone/standalone-tripleo.yaml +++ b/environments/standalone/standalone-tripleo.yaml @@ -51,6 +51,7 @@ parameter_defaults: resource_registry: OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml OS::TripleO::Network::Ports::RedisVipPort: ../../network/ports/noop.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml OS::TripleO::Services::AodhApi: OS::Heat::None OS::TripleO::Services::AodhEvaluator: OS::Heat::None diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml index 55343eec40..f38a077897 100644 --- a/environments/undercloud.yaml +++ b/environments/undercloud.yaml @@ -5,6 +5,7 @@ parameter_merge_strategies: resource_registry: OS::TripleO::Services::Tmpwatch: ../deployment/logrotate/tmpwatch-install.yaml OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/noop.yaml OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml index 9ac0d8869b..7d4fff8dbb 100644 --- a/network/service_net_map.j2.yaml +++ b/network/service_net_map.j2.yaml @@ -123,6 +123,7 @@ parameters: {{network.name}}: {{network.name_lower}}_subnet {%- endfor %} redis: {{ _service_nets.get('internal_api', 'internal_api') }}_subnet + ovn_dbs: {{ _service_nets.get('internal_api', 'internal_api') }}_subnet type: json # We define mappings to work around names that break when doing the diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index c4a10c0e5b..489cf2202b 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -85,6 +85,7 @@ resource_registry: {%- endfor %} OS::TripleO::Network::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: network/ports/ctlplane_vip.yaml OS::TripleO::Network::Ports::ControlPlaneVipPort: OS::Neutron::Port # Service to network Mappings diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index c88b0b005d..d3b928a9ca 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -123,6 +123,12 @@ parameters: Control the IP allocation for the virtual IP used by Redis. E.g. [{'ip_address':'1.2.3.4'}] type: json + OVNDBsVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the virtual IP used by OVN DBs. E.g. + [{'ip_address':'1.2.3.4'}] + type: json CloudDomain: default: 'localdomain' type: string @@ -332,6 +338,11 @@ conditions: equals: - get_param: RedisVirtualFixedIPs - [] + ovn_dbs_virtual_fixed_ip_set: + not: + equals: + - get_param: OVNDBsVirtualFixedIPs + - [] set_default_mysql_cell_internal: or: - equals: @@ -923,6 +934,26 @@ resources: - {get_param: RedisVirtualFixedIPs} - [{subnet: {get_attr: [ServiceNetMap, vip_subnet_map, redis]}}] + OVNDBsVirtualIP: + depends_on: [Networks, ServiceNetMap] + type: OS::TripleO::Network::Ports::OVNDBsVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ControlPlaneSubnetCidr: + if: + - ctlplane_subnet_cidr_set + - {get_param: ControlPlaneSubnetCidr} + - {str_split: ['/', {get_attr: [ControlVirtualIP, subnets, 0, cidr]}, 1]} + ControlPlaneNetwork: {get_param: NeutronControlPlaneID} + PortName: ovn_dbs_virtual_ip + NetworkName: {get_attr: [ServiceNetMap, service_net_map, OvnDbsNetwork]} + ServiceName: ovn_dbs + FixedIPs: + if: + - ovn_dbs_virtual_fixed_ip_set + - {get_param: OVNDBsVirtualFixedIPs} + - [{subnet: {get_attr: [ServiceNetMap, vip_subnet_map, ovn_dbs]}}] + {%- for network in networks if network.vip|default(false) and network.enabled|default(true) %} {%- if network.name == 'External' %} # The public VIP is on the External net, falls back to ctlplane @@ -1077,9 +1108,9 @@ resources: map_merge: - {get_attr: [VipMap, net_ip_map]} - redis: {get_attr: [RedisVirtualIP, ip_address]} + - ovn_dbs: {get_attr: [OVNDBsVirtualIP, ip_address]} CloudNames: {get_attr: [CloudNames, value]} - outputs: ManagedEndpoints: description: Asserts that the keystone endpoints have been provisioned. @@ -1159,11 +1190,12 @@ outputs: {{role.name}}: {{role.tags|default([])}} {%- endfor %} VipMap: - description: Mapping of each network to VIP addresses. Also includes the Redis VIP. + description: Mapping of each network to VIP addresses. Also includes the Redis and OVN DBs VIPs. value: map_merge: - {get_attr: [VipMap, net_ip_map]} - redis: {get_attr: [RedisVirtualIP, ip_address]} + - ovn_dbs: {get_attr: [OVNDBsVirtualIP, ip_address]} ServerIdData: description: Mapping of each role to a list of nova server IDs and the bootstrap ID value: {get_attr: [ServerIdMap, value]} diff --git a/releasenotes/notes/ovn-separate-vip-ed28ffa3ff77f865.yaml b/releasenotes/notes/ovn-separate-vip-ed28ffa3ff77f865.yaml new file mode 100644 index 0000000000..7b6171577c --- /dev/null +++ b/releasenotes/notes/ovn-separate-vip-ed28ffa3ff77f865.yaml @@ -0,0 +1,9 @@ +--- +fixes: + - | + This change (with its dependent reviews) creates a separate VIP for the OVN DBS + service. A more detailed explanation can be found in https://bugs.launchpad.net/tripleo/+bug/1841811. + The short explanation is that the OVN DBS HA service puts some additional constraints on the VIP it + uses and that is problematic when that VIP is used by other services (e.g. a change in OVN DBS master + will move the VIP and will also reset all mysql connections. It also prevents us splitting OVN DBS from + where haproxy runs). diff --git a/sample-env-generator/standalone.yaml b/sample-env-generator/standalone.yaml index db1f2ef2af..36dcd5a3c2 100644 --- a/sample-env-generator/standalone.yaml +++ b/sample-env-generator/standalone.yaml @@ -51,6 +51,7 @@ environments: resource_registry: # this network config is assumed by the tripleo deploy command OS::TripleO::Network::Ports::RedisVipPort: ../../network/ports/noop.yaml + OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml