why are RvR routers not HA

[Darren Shepherd <da...@gmail.com>]

I don't quite understand why in the redundant VR use case you wouldn't
want the individual VRs to have HA enabled.  It seems the code will
always set ha=false for RvR.  I know if I loose one of the VRs, the
other takes over, so that is redundant.  But don't you want the lost
VR to come back to life if it can?

Darren

Re: why are RvR routers not HA

[Daan Hoogland <da...@gmail.com>]

Hey Darren,

you daredevil you

I agree that it should be possible and I want it. My focus is with the
VPC routers. They should be redundant and highly available.

I like your take of creating a new provider/element though I think it
is necessary for the whole system to provide this at any time. So when
done I think the present implementation should be replaced altogether.

regards,
Daan

On Thu, Oct 10, 2013 at 5:19 AM, Marcus Sorensen <sh...@gmail.com> wrote:
> The main thing that came to mind was the limitation on VPC where only one
> network can have public load balancing. I looked into it a bit, and its
> because the information is passed to the system vm in such a way that a
> second LB config would completely overwrite previous configs. I was able to
> get around it by modifying the system vm side script to treat incoming
> information as additive/differential rather than starting from scratch,
> then disabling the checks in the mgmt server that block this. I wasn't
> satisfied with that as a solution for master, it seemed like the Command
> should be rewritten to handle multiple network haproxy configs.
>
> On the haproxy note, it would be nice if it could do SSL termination. Its
> mainly just a matter of storing the cert and passing it along in the
> Command.
> On Oct 9, 2013 8:57 PM, "Darren Shepherd" <da...@gmail.com>
> wrote:
>
>> Well, here's the deal.  I'm doing analysis right now to completely
>> revamp the management of systemvm.  Basically get to a faster, more
>> reliable, more transparent way of doing things with far, far, far less
>> code.  I'm planning on putting a thread up for discussion in about a
>> week.  I want to have a relatively complete picture of how I think I
>> can do this in order to not scare the crap out of everyone.  (Just a
>> preview, this will be implemented as a "new" thing/provider, won't
>> disrupt the current implementation).  Then I'll be working on it for
>> about the next couple months I assume.  I have preemptively put in a
>> talk at CCC about this too, even though I know I haven't started the
>> discussions with the community.
>>
>> I've done VRRP orchestration of VMs in the past.  I was able to do HA
>> w/ VRRP.  So while I don't know the specific technical issues that
>> made it difficult to do HA in the current impl, I know it is possible.
>>  So... we'll see.
>>
>> I'm sure you want this fixed now and I'm not going to fix this in the
>> current impl.  Knowing how the current RvR code works today, I can see
>> how the current implementation would make it quite difficult to do
>> correctly.  But yeah, I'm taking requests.  Anything you don't like
>> about the VRs, system VMs, etc.  Let me know.  You want it to make
>> coffee and julienne fries, I'll see what we can do.  We'll add
>> raspberry pi integration :)
>>
>> Darren
>>
>> On Wed, Oct 9, 2013 at 6:33 PM, Marcus Sorensen <sh...@gmail.com>
>> wrote:
>> > Ooh, do you take requests?
>> > On Oct 9, 2013 7:30 PM, "Darren Shepherd" <da...@gmail.com>
>> > wrote:
>> >
>> >> I didn't read the whole thread yet, but at the end of the day it's
>> sounds
>> >> like an implementation issue.  So I'll just naively say I'll fix that :)
>> >>
>> >> Darren
>> >>
>> >> > On Oct 9, 2013, at 5:58 PM, Alena Prokharchyk <
>> >> Alena.Prokharchyk@citrix.com> wrote:
>> >> >
>> >> > HA redundant virtual router
>> >>
>>

Re: why are RvR routers not HA

[Marcus Sorensen <sh...@gmail.com>]

The main thing that came to mind was the limitation on VPC where only one
network can have public load balancing. I looked into it a bit, and its
because the information is passed to the system vm in such a way that a
second LB config would completely overwrite previous configs. I was able to
get around it by modifying the system vm side script to treat incoming
information as additive/differential rather than starting from scratch,
then disabling the checks in the mgmt server that block this. I wasn't
satisfied with that as a solution for master, it seemed like the Command
should be rewritten to handle multiple network haproxy configs.

On the haproxy note, it would be nice if it could do SSL termination. Its
mainly just a matter of storing the cert and passing it along in the
Command.
On Oct 9, 2013 8:57 PM, "Darren Shepherd" <da...@gmail.com>
wrote:

> Well, here's the deal.  I'm doing analysis right now to completely
> revamp the management of systemvm.  Basically get to a faster, more
> reliable, more transparent way of doing things with far, far, far less
> code.  I'm planning on putting a thread up for discussion in about a
> week.  I want to have a relatively complete picture of how I think I
> can do this in order to not scare the crap out of everyone.  (Just a
> preview, this will be implemented as a "new" thing/provider, won't
> disrupt the current implementation).  Then I'll be working on it for
> about the next couple months I assume.  I have preemptively put in a
> talk at CCC about this too, even though I know I haven't started the
> discussions with the community.
>
> I've done VRRP orchestration of VMs in the past.  I was able to do HA
> w/ VRRP.  So while I don't know the specific technical issues that
> made it difficult to do HA in the current impl, I know it is possible.
>  So... we'll see.
>
> I'm sure you want this fixed now and I'm not going to fix this in the
> current impl.  Knowing how the current RvR code works today, I can see
> how the current implementation would make it quite difficult to do
> correctly.  But yeah, I'm taking requests.  Anything you don't like
> about the VRs, system VMs, etc.  Let me know.  You want it to make
> coffee and julienne fries, I'll see what we can do.  We'll add
> raspberry pi integration :)
>
> Darren
>
> On Wed, Oct 9, 2013 at 6:33 PM, Marcus Sorensen <sh...@gmail.com>
> wrote:
> > Ooh, do you take requests?
> > On Oct 9, 2013 7:30 PM, "Darren Shepherd" <da...@gmail.com>
> > wrote:
> >
> >> I didn't read the whole thread yet, but at the end of the day it's
> sounds
> >> like an implementation issue.  So I'll just naively say I'll fix that :)
> >>
> >> Darren
> >>
> >> > On Oct 9, 2013, at 5:58 PM, Alena Prokharchyk <
> >> Alena.Prokharchyk@citrix.com> wrote:
> >> >
> >> > HA redundant virtual router
> >>
>

Re: why are RvR routers not HA

[Sheng Yang <sh...@yasker.org>]

Yes it's mostly an implementation issue. We evaluated the situation and
think it's too complex and too much effort to enable HA plus VRRP, so we
decide to drop HA to simply and make things more stable.

Here are some reference of how RvR works, hope it would help.

https://cwiki.apache.org/confluence/display/CLOUDSTACK/Redundant+Virtual+Router+Functional+Spec


I am more than welcome for the change of RvR with HA. :)

--Sheng


On Wed, Oct 9, 2013 at 7:56 PM, Darren Shepherd <darren.s.shepherd@gmail.com
> wrote:

> Well, here's the deal.  I'm doing analysis right now to completely
> revamp the management of systemvm.  Basically get to a faster, more
> reliable, more transparent way of doing things with far, far, far less
> code.  I'm planning on putting a thread up for discussion in about a
> week.  I want to have a relatively complete picture of how I think I
> can do this in order to not scare the crap out of everyone.  (Just a
> preview, this will be implemented as a "new" thing/provider, won't
> disrupt the current implementation).  Then I'll be working on it for
> about the next couple months I assume.  I have preemptively put in a
> talk at CCC about this too, even though I know I haven't started the
> discussions with the community.
>
> I've done VRRP orchestration of VMs in the past.  I was able to do HA
> w/ VRRP.  So while I don't know the specific technical issues that
> made it difficult to do HA in the current impl, I know it is possible.
>  So... we'll see.
>
> I'm sure you want this fixed now and I'm not going to fix this in the
> current impl.  Knowing how the current RvR code works today, I can see
> how the current implementation would make it quite difficult to do
> correctly.  But yeah, I'm taking requests.  Anything you don't like
> about the VRs, system VMs, etc.  Let me know.  You want it to make
> coffee and julienne fries, I'll see what we can do.  We'll add
> raspberry pi integration :)
>
> Darren
>
> On Wed, Oct 9, 2013 at 6:33 PM, Marcus Sorensen <sh...@gmail.com>
> wrote:
> > Ooh, do you take requests?
> > On Oct 9, 2013 7:30 PM, "Darren Shepherd" <da...@gmail.com>
> > wrote:
> >
> >> I didn't read the whole thread yet, but at the end of the day it's
> sounds
> >> like an implementation issue.  So I'll just naively say I'll fix that :)
> >>
> >> Darren
> >>
> >> > On Oct 9, 2013, at 5:58 PM, Alena Prokharchyk <
> >> Alena.Prokharchyk@citrix.com> wrote:
> >> >
> >> > HA redundant virtual router
> >>
>

Re: why are RvR routers not HA

[Darren Shepherd <da...@gmail.com>]

Well, here's the deal.  I'm doing analysis right now to completely
revamp the management of systemvm.  Basically get to a faster, more
reliable, more transparent way of doing things with far, far, far less
code.  I'm planning on putting a thread up for discussion in about a
week.  I want to have a relatively complete picture of how I think I
can do this in order to not scare the crap out of everyone.  (Just a
preview, this will be implemented as a "new" thing/provider, won't
disrupt the current implementation).  Then I'll be working on it for
about the next couple months I assume.  I have preemptively put in a
talk at CCC about this too, even though I know I haven't started the
discussions with the community.

I've done VRRP orchestration of VMs in the past.  I was able to do HA
w/ VRRP.  So while I don't know the specific technical issues that
made it difficult to do HA in the current impl, I know it is possible.
 So... we'll see.

I'm sure you want this fixed now and I'm not going to fix this in the
current impl.  Knowing how the current RvR code works today, I can see
how the current implementation would make it quite difficult to do
correctly.  But yeah, I'm taking requests.  Anything you don't like
about the VRs, system VMs, etc.  Let me know.  You want it to make
coffee and julienne fries, I'll see what we can do.  We'll add
raspberry pi integration :)

Darren

On Wed, Oct 9, 2013 at 6:33 PM, Marcus Sorensen <sh...@gmail.com> wrote:
> Ooh, do you take requests?
> On Oct 9, 2013 7:30 PM, "Darren Shepherd" <da...@gmail.com>
> wrote:
>
>> I didn't read the whole thread yet, but at the end of the day it's sounds
>> like an implementation issue.  So I'll just naively say I'll fix that :)
>>
>> Darren
>>
>> > On Oct 9, 2013, at 5:58 PM, Alena Prokharchyk <
>> Alena.Prokharchyk@citrix.com> wrote:
>> >
>> > HA redundant virtual router
>>

Re: why are RvR routers not HA

[Marcus Sorensen <sh...@gmail.com>]

Ooh, do you take requests?
On Oct 9, 2013 7:30 PM, "Darren Shepherd" <da...@gmail.com>
wrote:

> I didn't read the whole thread yet, but at the end of the day it's sounds
> like an implementation issue.  So I'll just naively say I'll fix that :)
>
> Darren
>
> > On Oct 9, 2013, at 5:58 PM, Alena Prokharchyk <
> Alena.Prokharchyk@citrix.com> wrote:
> >
> > HA redundant virtual router
>

Re: why are RvR routers not HA

[Darren Shepherd <da...@gmail.com>]

I didn't read the whole thread yet, but at the end of the day it's sounds like an implementation issue.  So I'll just naively say I'll fix that :)

Darren

> On Oct 9, 2013, at 5:58 PM, Alena Prokharchyk <Al...@citrix.com> wrote:
> 
> HA redundant virtual router

Re: why are RvR routers not HA

[Alena Prokharchyk <Al...@citrix.com>]

On 10/9/13 4:55 PM, "Darren Shepherd" <da...@gmail.com> wrote:

>I don't quite understand why in the redundant VR use case you wouldn't
>want the individual VRs to have HA enabled.  It seems the code will
>always set ha=false for RvR.  I know if I loose one of the VRs, the
>other takes over, so that is redundant.  But don't you want the lost
>VR to come back to life if it can?
>
>Darren
>

Darren, refer to the email thread "HA redundant virtual router" (started
8/23/2013), Sheng Yang gave an explanation there.