[openstack-dev] [nova] AggregateMultiTenancyIsolation scheduler filter - bug, or new feature proposal?

Belmiro Moreira moreira.belmiro.email.lists at gmail.com
Mon Jun 9 13:18:01 UTC 2014


Hi Jesse,

I would say that is a documentation bug for the
“AggregateMultiTenancyIsolation” filter.


When this was implemented the objective was to schedule only instances from
specific tenants for those aggregates but not make them exclusive.


That’s why the work on
https://blueprints.launchpad.net/nova/+spec/multi-tenancy-isolation-only-aggregates
started but was left on hold because it was believed
https://blueprints.launchpad.net/nova/+spec/whole-host-allocation had some
similarities and eventually could solve the problem in a more generic way.


However p-clouds implementation is marked as “slow progress” and I believe
there is no active work at the moment.


Probably is a good time to review the "ProjectsToAggregateFilter" filter
again. The implementation and reviews are available at
https://review.openstack.org/#/c/28635/


One of the problems raised was performance concerns considering the number
of DB queries required. However this can be documented if people intend to
enable the filter.

In the review there was also the discussion about a config option for the
old filter.


cheers,

Belmiro


----------------------------------

Belmiro Moreira

CERN

Email: belmiro.moreira at cern.ch

IRC: belmoreira



On Mon, Jun 9, 2014 at 1:12 PM, Jesse Pretorius <jesse.pretorius at gmail.com>
wrote:

> Hi everyone,
>
> We have a need to be able to dedicate a specific host aggregate to a list
> of tenants/projects. If the aggregate is marked as such, the aggregate may
> only be used by that specified list of tenants and those tenants may only
> be scheduled to that aggregate.
>
> The AggregateMultiTenancyIsolation filter almost does what we need - it
> pushes all new instances created by a specified tenant to the designated
> aggregate. However, it also seems to still see that aggregate as available
> for other tenants.
>
> The description in the documentation [1] states: "If a host is in an
> aggregate that has the metadata key filter_tenant_id it only creates
> instances from that tenant (or list of tenants)."
>
> This would seem to us either as a code bug, or a documentation bug?
>
> If the filter is working as intended, then I'd like to propose working on
> a patch to the filter which has an additional metadata field (something
> like 'filter_tenant_exclusive') which - when 'true' - will consider the
> filter_tenant_id list to be the only projects/tenants which may be
> scheduled onto the host aggregate, and the only host aggregate which the
> list of projects/tenants which may be scheduled onto.
>
> Note that there has been some similar work done with [2] and [3]. [2]
> actually works as we expect, but as is noted in the gerrit comments it
> seems rather wasteful to add a new filter when we could use the existing
> filter as a base. [3] is a much larger framework to facilitate end-users
> being able to request a whole host allocation - while this could be a nice
> addition, it's overkill for what we're looking for. We're happy to
> facilitate this with a simple admin-only allocation.
>
> So - should I work on a nova-specs proposal for a change, or should I just
> log a bug against either nova or docs? :) Guidance would be appreciated.
>
> [1]
> http://docs.openstack.org/trunk/config-reference/content/section_compute-scheduler.html
> [2]
> https://blueprints.launchpad.net/nova/+spec/multi-tenancy-isolation-only-aggregates
> [3] https://blueprints.launchpad.net/nova/+spec/whole-host-allocation
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140609/b91024a1/attachment.html>


More information about the OpenStack-dev mailing list