[Openstack-operators] [Openstack] HA Guide, no Ubuntu instructions for HA Identity

Mike Lowe jomlowe at iu.edu
Mon Mar 19 14:55:40 UTC 2018


As far as that goes, if you have 2 haproxies you might as well use both.  Use 2 VIPs and DNS round robin between them, configure keepalived to have each haproxy node take one VIP as primary with the other node’s VIP as backup.  This has worked well for me for the past couple of years.

vrrp_instance VI_1 {
    state MASTER
    virtual_router_id 1
…
virtual_ipaddress {
    IP_ADDRESS_1 dev eth0
}
}

vrrp_instance VI_2 {
    state BACKUP
    virtual_router_id 5
…
virtual_ipaddress {
    IP_ADDRESS_2 dev eth0
}
}

> On Mar 19, 2018, at 10:26 AM, Erik McCormick <emccormick at cirrusseven.com> wrote:
> 
> Looping the list back in since I accidentally dropped it yet again :/
> 
> On Mon, Mar 19, 2018 at 8:45 AM, Torin Woltjer
> <torin.woltjer at granddial.com> wrote:
>> That's good to know, thank you. Out of curiousity, without
>> pacemaker/chorosync, does haproxy have the capability to manage a floating
>> ip and failover etc?
>> 
> 
> HAProxy can't do that alone. However, using Pacemaker just to manage a
> floating IP is like using an aircraft carrier to go fishing. It's best
> to use Keepalived (or similar) to do that job. It only does that one
> thing, and it does it very well.
> 
>> ________________________________
>> From: Erik McCormick <emccormick at cirrusseven.com>
>> Sent: 3/16/18 5:22 PM
>> To: torin.woltjer at granddial.com
>> Subject: Re: [Openstack] HA Guide, no Ubuntu instructions for HA Identity
>> There's no good reason to do any of that pacemaker stuff. Just stick haproxy
>> in front of 2+ servers running Keystone and move along. This is the case for
>> almost all Openstack services.
>> 
>> The main exceptions are the Neutron agents. Just look into L3 HA or DVR for
>> that and you should be good.  The guide needs much reworking.
>> 
>> -Erik
>> 
>> 
>> 
>> On Mar 16, 2018 11:28 AM, "Torin Woltjer" <torin.woltjer at granddial.com>
>> wrote:
>>> 
>>> I'm currently going through the HA guide, setting up openstack HA on
>>> ubuntu server. I've gotten to this page,
>>> https://docs.openstack.org/ha-guide/controller-ha-identity.html , and there
>>> is no instructions for ubuntu. Would I be fine following the instructions
>>> for SUSE or is there a different process for setting up HA keystone on
>>> Ubuntu?
>>> 
>>> 
>>> _______________________________________________
>>> Mailing list:
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to     : openstack at lists.openstack.org
>>> Unsubscribe :
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> 
>> 
> 
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4035 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20180319/faf5a9cb/attachment.bin>


More information about the OpenStack-operators mailing list