Elena Ezhova | a3a4323 | 2017-06-02 17:53:00 +0400 | [diff] [blame] | 1 | ======= |
| 2 | Octavia |
| 3 | ======= |
| 4 | |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 5 | Octavia is an open source, operator-scale load balancing solution designed to |
| 6 | work with OpenStack. It accomplishes its delivery of load balancing services |
| 7 | by managing a fleet of virtual machines, known as amphorae, which it spins up |
| 8 | on demand. |
| 9 | |
| 10 | Octavia is designed to “plug in” to Neutron LBaaS in the same way that any |
| 11 | proprietary vendor solution would: through a Neutron LBaaS version 2 driver |
| 12 | interface. Octavia plans to supplant Neutron LBaaS as the load balancing |
| 13 | solution for OpenStack. At that time, third-party vendor drivers that presently |
| 14 | “plug in” to Neutron LBaaS will plug in to Octavia instead. For end-users, |
| 15 | this transition should be relatively seamless, because Octavia supports |
| 16 | the Neutron LBaaS v2 API and it has a similar CLI interface. |
| 17 | |
Elena Ezhova | a3a4323 | 2017-06-02 17:53:00 +0400 | [diff] [blame] | 18 | |
| 19 | Sample pillars |
| 20 | ============== |
| 21 | |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 22 | Octavia API service pillar: |
| 23 | |
Elena Ezhova | a3a4323 | 2017-06-02 17:53:00 +0400 | [diff] [blame] | 24 | .. code-block:: yaml |
| 25 | |
| 26 | octavia: |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 27 | api: |
Elena Ezhova | a3a4323 | 2017-06-02 17:53:00 +0400 | [diff] [blame] | 28 | enabled: true |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 29 | version: ocata |
| 30 | bind: |
| 31 | address: 127.0.0.1 |
| 32 | port: 9876 |
| 33 | database: |
| 34 | engine: mysql |
| 35 | host: 127.0.0.1 |
| 36 | port: 3306 |
| 37 | name: octavia |
| 38 | user: octavia |
| 39 | password: password |
| 40 | identity: |
| 41 | engine: keystone |
| 42 | region: RegionOne |
| 43 | host: 127.0.0.1 |
| 44 | port: 35357 |
| 45 | user: octavia |
| 46 | password: password |
| 47 | tenant: service |
| 48 | message_queue: |
| 49 | engine: rabbitmq |
| 50 | host: 127.0.0.1 |
| 51 | port: 5672 |
| 52 | user: openstack |
| 53 | password: password |
| 54 | virtual_host: '/openstack' |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 55 | |
| 56 | |
| 57 | Octavia manager service pillar: |
| 58 | |
| 59 | .. code-block:: yaml |
| 60 | |
| 61 | octavia: |
| 62 | manager: |
| 63 | enabled: true |
| 64 | version: ocata |
| 65 | database: |
| 66 | engine: mysql |
| 67 | host: 127.0.0.1 |
| 68 | port: 3306 |
| 69 | name: octavia |
| 70 | user: octavia |
| 71 | password: password |
| 72 | identity: |
| 73 | engine: keystone |
| 74 | region: RegionOne |
| 75 | host: 127.0.0.1 |
| 76 | port: 35357 |
| 77 | user: octavia |
| 78 | password: password |
| 79 | tenant: service |
| 80 | message_queue: |
| 81 | engine: rabbitmq |
| 82 | host: 127.0.0.1 |
| 83 | port: 5672 |
| 84 | user: openstack |
| 85 | password: password |
| 86 | virtual_host: '/openstack' |
| 87 | certificates: |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 88 | ca_private_key: '/etc/octavia/certs/private/cakey.pem' |
| 89 | ca_certificate: '/etc/octavia/certs/ca_01.pem' |
| 90 | controller_worker: |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 91 | amp_flavor_id: '967972bb-ab54-4679-9f53-bf81d5e28154' |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 92 | amp_image_tag: amphora |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 93 | amp_ssh_key_name: octavia_ssh_key |
| 94 | loadbalancer_topology: 'SINGLE' |
| 95 | haproxy_amphora: |
| 96 | client_cert: '/etc/octavia/certs/client.pem' |
Elena Ezhova | 9e97de7 | 2017-07-18 16:12:55 +0400 | [diff] [blame] | 97 | client_cert_key: '/etc/octavia/certs/client.key' |
| 98 | client_cert_all: '/etc/octavia/certs/client_all.pem' |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 99 | server_ca: '/etc/octavia/certs/ca_01.pem' |
| 100 | health_manager: |
| 101 | bind_ip: 192.168.0.12 |
| 102 | heartbeat_key: 'insecure' |
| 103 | house_keeping: |
| 104 | spare_amphora_pool_size: 0 |
Elena Ezhova | 8345de0 | 2017-08-02 17:46:52 +0400 | [diff] [blame] | 105 | ssh: |
| 106 | private_key: | |
| 107 | -----BEGIN RSA PRIVATE KEY----- |
| 108 | MIIEpAIBAAKCAQEAtjnPDJsQToHBtoqIo15mdSYpfi8z6DFMi8Gbo0KCN33OUn5u |
| 109 | OctbdtjUfeuhvI6px1SCnvyWi09Ft8eWwq+KwLCGKbUxLvqKltuJ7K3LIrGXkt+m |
| 110 | qZN4O9XKeVKfZH+mQWkkxRWgX2r8RKNV3GkdNtd74VjhP+R6XSKJQ1Z8b7eHM10v |
| 111 | 6IjTY/jPczjK+eyCeEj4qbSnV8eKlqLhhquuSQRmUO2DRSjLVdpdf2BB4/BdWFsD |
| 112 | YOmX7mb8kpEr9vQ+c1JKMXDwD6ehzyU8kE+1kVm5zOeEy4HdYIMpvUfN49P1anRV |
| 113 | 2ISQ1ZE+r22IAMKl0tekrGH0e/1NP1DF5rINMwIDAQABAoIBAQCkP/cgpaRNHyg8 |
| 114 | ISKIHs67SWqdEm73G3ijgB+JSKmW2w7dzJgN//6xYUAnP/zIuM7PnJ0gMQyBBTMS |
| 115 | NBTv5spqZLKJZYivj6Tb1Ya8jupKm0jEWlMfBo2ZYVrfgFmrfGOfEebSvmuPlh9M |
| 116 | vuzlftmWVSSUOkjODmM9D6QpzgrbpktBuA/WpX+6esMTwJpOcQ5xZWEnHXnVzuTc |
| 117 | SncodVweE4gz6F1qorbqIJz8UAUQ5T0OZTdHzIS1IbamACHWaxQfixAO2s4+BoUK |
| 118 | ANGGZWkfneCxx7lthvY8DiKn7M5cSRnqFyDToGqaLezdkMNlGC7v3U11FF5blSEW |
| 119 | fL1o/HwBAoGBAOavhTr8eqezTchqZvarorFIq7HFWk/l0vguIotu6/wlh1V/KdF+ |
| 120 | aLLHgPgJ5j+RrCMvTBoKqMeeHfVGrS2udEy8L1mK6b3meG+tMxU05OA55abmhYn7 |
| 121 | 7vF0q8XJmYIHIXmuCgF90R8Piscb0eaMlmHW9unKTKo8EOs5j+D8+AMJAoGBAMo4 |
| 122 | 8WW+D3XiD7fsymsfXalf7VpAt/H834QTbNZJweUWhg11eLutyahyyfjjHV200nNZ |
| 123 | cnU09DWKpBbLg7d1pyT69CNLXpNnxuWCt8oiUjhWCUpNqVm2nDJbUdlRFTzYb2fS |
| 124 | ZC4r0oQaPD5kMLSipjcwzMWe0PniySxNvKXKInFbAoGBAKxW2qD7uKKKuQSOQUft |
| 125 | aAksMmEIAHWKTDdvOA2VG6XvX5DHBLXmy08s7rPfqW06ZjCPCDq4Velzvgvc9koX |
| 126 | d/lP6cvqlL9za+x6p5wjPQ4rEt/CfmdcmOE4eY+1EgLrUt314LHGjjG3ScWAiirE |
| 127 | QyDrGOIGaYoQf89L3KqIMr0JAoGARYAklw8nSSCUvmXHe+Gf0yKA9M/haG28dCwo |
| 128 | 780RsqZ3FBEXmYk1EYvCFqQX56jJ25MWX2n/tJcdpifz8Q2ikHcfiTHSI187YI34 |
| 129 | lKQPFgWb08m1NnwoWrY//yx63BqWz1vjymqNQ5GwutC8XJi5/6Xp+tGGiRuEgJGH |
| 130 | EIPUKpkCgYAjBIVMkpNiLCREZ6b+qjrPV96ed3iTUt7TqP7yGlFI/OkORFS38xqC |
| 131 | hBP6Fk8iNWuOWQD+ohM/vMMnvIhk5jwlcwn+kF0ra04gi5KBFWSh/ddWMJxUtPC1 |
| 132 | 2htvlEc6zQAR6QfqXHmwhg1hP81JcpqpicQzCMhkzLoR1DC6stXdLg== |
| 133 | -----END RSA PRIVATE KEY----- |
| 134 | user: octavia |
| 135 | group: octavia |
Elena Ezhova | 26bab1f | 2017-06-15 16:34:59 +0400 | [diff] [blame] | 136 | |
Elena Ezhova | a3a4323 | 2017-06-02 17:53:00 +0400 | [diff] [blame] | 137 | |
Oleg Bondarev | e46deb1 | 2018-09-18 17:54:52 +0400 | [diff] [blame] | 138 | Upgrades |
| 139 | ======== |
| 140 | Each openstack formula provide set of phases (logical bloks) that will help to |
| 141 | build flexible upgrade orchestration logic for particular components. The list |
| 142 | of phases might and theirs descriptions are listed in table below: |
| 143 | +-------------------------------+------------------------------------------------------+ |
| 144 | | State | Description | |
| 145 | +===============================+======================================================+ |
| 146 | | <app>.upgrade.service_running | Ensure that all services for particular application | |
| 147 | | | are enabled for autostart and running | |
| 148 | +-------------------------------+------------------------------------------------------+ |
| 149 | | <app>.upgrade.service_stopped | Ensure that all services for particular application | |
| 150 | | | disabled for autostart and dead | |
| 151 | +-------------------------------+------------------------------------------------------+ |
| 152 | | <app>.upgrade.pkg_latest | Ensure that packages used by particular application | |
| 153 | | | are installed to latest available version. | |
| 154 | | | This will not upgrade data plane packages like qemu | |
| 155 | | | and openvswitch as usually minimal required version | |
| 156 | | | in openstack services is really old. The data plane | |
| 157 | | | packages should be upgraded separately by `apt-get | |
| 158 | | | upgrade` or `apt-get dist-upgrade` | |
| 159 | | | Applying this state will not autostart service. | |
| 160 | +-------------------------------+------------------------------------------------------+ |
| 161 | | <app>.upgrade.render_config | Ensure configuration is rendered actual version. + |
| 162 | +-------------------------------+------------------------------------------------------+ |
| 163 | | <app>.upgrade.pre | We assume this state is applied on all nodes in the | |
| 164 | | | cloud before running upgrade. | |
| 165 | | | Only non destructive actions will be applied during | |
| 166 | | | this phase. Perform service built in service check | |
| 167 | | | like (keystone-manage doctor and nova-status upgrade)| |
| 168 | +-------------------------------+------------------------------------------------------+ |
| 169 | | <app>.upgrade.upgrade.pre | Mostly applicable for data plane nodes. During this | |
| 170 | | | phase resources will be gracefully removed from | |
| 171 | | | current node if it is allowed. Services for upgraded | |
| 172 | | | application will be set to admin disabled state to | |
| 173 | | | make sure node will not participate in resources | |
| 174 | | | scheduling. For example on gtw nodes this will set | |
| 175 | | | all agents to admin disable state and will move all | |
| 176 | | | routers to other agents. | |
| 177 | +-------------------------------+------------------------------------------------------+ |
| 178 | | <app>.upgrade.upgrade | This state will basically upgrade application on | |
| 179 | | | particular target. Stop services, render | |
| 180 | | | configuration, install new packages, run offline | |
| 181 | | | dbsync (for ctl), start services. Data plane should | |
| 182 | | | not be affected, only OpenStack python services. | |
| 183 | +-------------------------------+------------------------------------------------------+ |
| 184 | | <app>.upgrade.upgrade.post | Add services back to scheduling. | |
| 185 | +-------------------------------+------------------------------------------------------+ |
| 186 | | <app>.upgrade.post | This phase should be launched only when upgrade of | |
| 187 | | | the cloud is completed. | |
| 188 | +-------------------------------+------------------------------------------------------+ |
| 189 | | <app>.upgrade.verify | Here we will do basic health checks (API CRUD | |
| 190 | | | operations, verify do not have dead network | |
| 191 | | | agents/compute services) | |
| 192 | +-------------------------------+------------------------------------------------------+ |
| 193 | |
Elena Ezhova | a3a4323 | 2017-06-02 17:53:00 +0400 | [diff] [blame] | 194 | |
| 195 | More information |
| 196 | ================ |
| 197 | |
| 198 | Octavia developer documentation: |
| 199 | |
| 200 | https://docs.openstack.org/developer/octavia |
| 201 | |
| 202 | Release notes: |
| 203 | |
| 204 | https://docs.openstack.org/releasenotes/octavia |
| 205 | |
| 206 | |
| 207 | Documentation and Bugs |
| 208 | ====================== |
| 209 | |
| 210 | To learn how to install and update salt-formulas, consult the documentation |
| 211 | available online at: |
| 212 | |
| 213 | http://salt-formulas.readthedocs.io/ |
| 214 | |
| 215 | In the unfortunate event that bugs are discovered, they should be reported to |
| 216 | the appropriate issue tracker. Use GitHub issue tracker for specific salt |
| 217 | formula: |
| 218 | |
| 219 | https://github.com/salt-formulas/salt-formula-octavia/issues |
| 220 | |
| 221 | For feature requests, bug reports or blueprints affecting entire ecosystem, |
| 222 | use Launchpad salt-formulas project: |
| 223 | |
| 224 | https://launchpad.net/salt-formulas |
| 225 | |
| 226 | Developers wishing to work on the salt-formulas projects should always base |
| 227 | their work on master branch and submit pull request against specific formula. |
| 228 | |
| 229 | You should also subscribe to mailing list (salt-formulas@freelists.org): |
| 230 | |
| 231 | https://www.freelists.org/list/salt-formulas |
| 232 | |
| 233 | Any questions or feedback is always welcome so feel free to join our IRC |
| 234 | channel: |
| 235 | |
| 236 | #salt-formulas @ irc.freenode.net |