Open Stack

Andrew,

For clustered services that require generation of a discovery token, and access to a discovery service, we need to keep in mind a few things:

1) Cloud operators have their own preferences for what defaults should be use. Some may want to run their own discovery services, and others will not.

2) Users may not want to use a discovery service offered by his or her cloud provider. They may want to run their own.

3) We do not want the burden for running Magnum to be any higher than it has to be. We should not require cloud operators to also run discovery services in order to use Magnum if they are willing to rely on the public discovery services.

So I propose the following:

* The address for the discovery service should be set using a magnum configuration directive to be set in magnum.conf.
* The value of this configuration directive should default to the public discovery service.
* The Bay Create call should allow a parameter to allow the user to supply his/her own value to use for this setting.

This approach addresses all three concerns laid out above. The same approach should apply both to CoreOS and Swarm Bay so the user experience is consistent.

Regards,

Adrian

On Apr 16, 2015, at 12:31 PM, Andrew Melton <andrew.melton at RACKSPACE.COM<mailto:andrew.melton at RACKSPACE.COM>> wrote:


Hi Devs,


I'd like to get some discussion going for possible improvements to the

discovery mechanism used in Magnum's Swarm bay.


The method of the existing review[1] is to use the public swarm discovery

endpoint, and let the user pass a token in on the bay-create call. This is

definitely not ideal for a couple reasons. First, it requires the user to go

out and request that token themselves. Secondly, it relies on having

access to the internet and public swarm discovery endpoint.


Solving the first issue is fairly simple, the TemplateDefinition could request

the token just like the CoreOS TemplateDefinition does. That still requires

not only Magnum but also all of the instances in the Bay have access to the

public discovery endpoint. I still think this option has some merit for some

cases, how many of our users will be running their bays in isolation without

access to Docker's public services (registry/hub/discovery).


Solving the second issue is going to be a bit more complex. Swarm does

provide multiple alternatives to public token based discovery [2]. These

revolve around either static lists of hosts, or around other configuration

services like etcd. Static lists of hosts is going to make growing or shrinking

bays a real pain. I think the best option here is to go with a configuration

service.


Configuration services present their own issues. Should each bay host it's

own service, similar to how we're doing for the swarm manager and agents.

Or, should it be up to the operator to run a global configuration service and

each bay will use some unique ID (Bay UUID  may work here) for discovery.

Running a service inside each bay will likely require a different template for

each type of service, and will add more services to each Bay that may need

to be maintained. Due to that, the simpler solution may be to rely on the

operator to run a global service.


Anyways, any thoughts here will be greatly appreciated!


Thanks!

Andrew

​

[1]: https://review.openstack.org/#/c/174112

[2]: https://github.com/docker/swarm/blob/master/discovery/README.md​

__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org<mailto:OpenStack-dev-request at lists.openstack.org>?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150416/bb3dc446/attachment.html>