<div dir="ltr"><div>Hello everyone,</div><div><br></div><div>Thank you all for your advice!</div><div>In my case one keystone server can easily hold a load. I don't need to balance a load between two or more keystone servers. However I need two keystone servers for high availability. So, I decided just to use two keystone servers with the same virtual IP address. </div><div>Pros:</div><div>- I can easily configure HA</div><div>- I don't need to use a master/master replication for a database.</div><div>- I don't need to use load balancers.</div><div>- I don't need to learn peacemaker</div><div>Cons:</div><div>- It will not increase the overall throughput</div><div>- One of the keystone servers will always be at a cold state</div><div><br></div><div>However. We can rid of cons by using two virtual IP adresses. So, we can use a half proxy servers with keystone1 and another half of proxy servers with keystone2. If one of the keystone servers will be dead then keepalived will assign both virtual ip addresses to the alive node. After node will be brought back to live keepalived will reassign IP addresses back (It isn't the load balancing but our throughput will increase). If our clients will use proxy servers with both keystone1 and keystone 2 then we have to use master/master replication for the database.</div><div><br></div><div>Best regards,</div><div>Alexandr</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Sep 20, 2016 at 8:49 AM, Van Leeuwen, Robert <span dir="ltr"><<a href="mailto:rovanleeuwen@ebay.com" target="_blank">rovanleeuwen@ebay.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="white" lang="EN-US" link="#0563C1" vlink="#954F72">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">></span><u></u> <u></u></p>
<div>
<div>
<div><span class="">
<div>
<p class="MsoNormal">> Hello,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">> I am thinking about using the keystone as an authentication system but I am afraid about failures which can affect all the cluster. In fact if the keystone server dies then our full cluster will stop. It would be better if we could use
HA with the keystone. Then if > our primary keystone server dies we have to elect a new primary keystoe server. Are there some tools which can be used in HA deployment?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">> Any piece of advice will be valuable<u></u><u></u></p>
</div>
</span><div>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">IMHO: get a proper ha load-balancer solution, make sure you install at least 2 of all APIS and load-balance in active-active mode<u></u><u></u></p>
<p class="MsoNormal">The OpenStack APIs are stateless so you can run multiple servers at the same time as long as they can connect to the same database backend.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">The load-balancer is usable for all APIs, you can use it as the HA-IP for mysql and can also be used to offload SSL so you just have one place to configure your certificates.<u></u><u></u></p>
<p class="MsoNormal">(for galera, make use of a “sorry-server” and not active-active load-balancing for writes)<b><u></u><u></u></b></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">The great thing about a load-balancer is that you remove all HA complexity out of the OpenStack setup.<u></u><u></u></p>
<p class="MsoNormal">In my personal opinion the pacemaker setups can function OK but pacemaker is a complex piece of software and it is not unlikely to cause downtime either to misconfiguration or inexperienced people operating it.<u></u><u></u></p>
<p class="MsoNormal">Especially if pacemaker is also starting/stopping mysql/rabbit/openstack services and not only moving around a few IPs.<u></u><u></u></p>
<p class="MsoNormal">If you are going the pacemaker way make sure you play around with it quite a bit and do failure tests so you are comfortable with the commands and know what to look for when things go wrong.<u></u><u></u></p>
<p class="MsoNormal">Do not forget: any other people operating the pacemaker cluster will need that knowledge and a 2 node cluster is not a real cluster (split-brains).<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Cheers,<u></u><u></u></p>
<p class="MsoNormal">Robert van Leeuwen<u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote></div><br></div>