Open Stack

Eugene

I would prefer to tackle your points in the following way:

1) Regarding rabbitmq - you and me both know that this a major flaw in how
OpenStack operates - it uses message broker in very unoptimal way sending
lots of unneeded data through when it actually may not send it. So far we
hardened our automated control of rabbitmq as much as possible and the only
issues we see are those when nodes are already under very stressful
conditions such as one of the OpenStack services consuming 95% of available
memory. I doubt that such a case should be handled by Pacemaker or any
other supervisor - they just will not help you. The proper thing that
should be done is fixing OpenStack itself to not overload messaging bus and
use built-in capabilities of RDBMS and other underlying components.

2) I think you misunderstand what is the difference between upstart/systemd
and Pacemaker in this case. There are many cases when you need to have
syncrhonized view of the cluster. Otherwise you will hit split-brain
situations and have your cluster misfunctioning. Until OpenStack provides
us with such means there is no other way than using Pacemaker/Zookeper/etc.

3) Regarding Neutron agents - we discussed it many times - you need to be
able to control and clean up stuff after some service crashed. Currently,
Neutron does not provide reliable ways to do it. If your agent dies and
does not clean up ip addresses from the network namespace you will get into
the situation of ARP duplication which will be a kind of split brain
described in item #2. I personally as a system architect and administrator
do not believe for this to change in at least several years for OpenStack
so we will be using Pacemaker for a very long period of time.

Now, back to the topic - we may decide to use some more sophisticated
integral node health attribute which can be used with Pacemaker as well as
to put node into some kind of maintenance mode. We can leverage User
Maintenance Mode feature here or just simply stop particular services and
disable particular haproxy backends.

On Mon, Oct 5, 2015 at 11:57 PM, Eugene Nikanorov <enikanorov at mirantis.com>
wrote:

>
>>>
>> Mirantis does control neither Rabbitmq or Galera. Mirantis cannot assure
>> their quality as well.
>>
>
> Correct, and rabbitmq was always the pain in the back, preventing any *real
> *enterprise usage of openstack where reliability does matter.
>
>
>> > 2) it has terrible UX
>>>
>>
>> It looks like personal opinion. I'd like to see surveys or operators
>> feedbacks. Also, this statement is not constructive as it doesn't have
>> alternative solutions.
>>
>
> The solution is to get rid of terrible UX wherever possible (i'm not
> saying it is always possible, of course)
> upstart is just so much better.
> And yes, this is my personal opinion and is a summary of escalation team's
> experience.
>
>
>>
>>> > 3) it is not reliable
>>>
>>
>> I would say openstack services are not HA reliable. So OCF scripts are
>> reaction of operators on these problems. Many of them have child-ish issues
>> from release to release. Operators made OCF scripts to fix these problems.
>> A lot of openstack are stateful, so they require some kind of stickiness or
>> synchronization. Openstack services doesn't have simple health-check
>> functionality so it's hard to say it's running well or not. Sighup is still
>> a problem for many of openstack services. Etc/etc So, let's be constructive
>> here.
>>
>
> Well, I prefer to be responsible for what I know and maintain. Thus, I
> state that neutron doesn't need to be managed by pacemaker, neither server,
> nor all kinds of agents, and that's the path that neutron team will be
> taking.
>
> Thanks,
> Eugene.
>
>>
>>
>>> >
>>>
>>> I disagree with #1 as I do not agree that should be a criteria for an
>>> open-source project.  Considering pacemaker is at the core of our
>>> controller setup, I would argue that if these are in fact true we need
>>> to be using something else.  I would agree that it is a terrible UX
>>> but all the clustering software I've used fall in this category.  I'd
>>> like more information on how it is not reliable. Do we have numbers to
>>> backup these claims?
>>>
>>> > (3) is not evaluation of the project itself, but just a logical
>>> consequence
>>> > of (1) and (2).
>>> > As a part of escalation team I can say that it has cost our team
>>> thousands
>>> > of man hours of head-scratching, staring at pacemaker logs which value
>>> are
>>> > usually slightly below zero.
>>> >
>>> > Most of openstack services (in fact, ALL api servers) are stateless,
>>> they
>>> > don't require any cluster management (also, they don't need to be
>>> moved in
>>> > case of lack of space).
>>> > Statefull services like neutron agents have their states being a
>>> function of
>>> > db state and are able to syncronize it with the server without external
>>> > "help".
>>> >
>>>
>>> So it's not an issue with moving services so much as being able to
>>> stop the services when a condition is met. Have we tested all OS
>>> services to ensure they do function 100% when out of disk space?  I
>>> would assume that glance might have issues with image uploads if there
>>> is no space to handle a request.
>>>
>>> > So now usage of pacemaker can be only justified for cases where
>>> service's
>>> > clustering mechanism requires active monitoring (rabbitmq, galera)
>>> > But even there, examples when we are better off without pacemaker are
>>> all
>>> > around.
>>> >
>>> > Thanks,
>>> > Eugene.
>>> >
>>>
>>> After I sent this email, I had further discussions around the issues
>>> that I'm facing and it may not be completely related to disk space. I
>>> think we might be relying on the expectation that the local rabbitmq
>>> is always available but I need to look into that. Either way, I
>>> believe we still should continue to discuss this issue as we are
>>> managing services in multiple ways on a single host. Additionally I do
>>> not believe that we really perform quality health checks on our
>>> services.
>>>
>>> Thanks,
>>> -Alex
>>>
>>>
>>> >
>>> > On Mon, Oct 5, 2015 at 1:34 PM, Sergey Vasilenko <
>>> svasilenko at mirantis.com>
>>> > wrote:
>>> >>
>>> >>
>>> >> On Mon, Oct 5, 2015 at 12:22 PM, Eugene Nikanorov
>>> >> <enikanorov at mirantis.com> wrote:
>>> >>>
>>> >>> No pacemaker for os services, please.
>>> >>> We'll be moving out neutron agents from pacemaker control in 8.0,
>>> other
>>> >>> os services don't need it too.
>>> >>
>>> >>
>>> >> could you please provide your arguments.
>>> >>
>>> >>
>>> >> /sv
>>> >>
>>> >>
>>> __________________________________________________________________________
>>> >> OpenStack Development Mailing List (not for usage questions)
>>> >> Unsubscribe:
>>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>> >>
>>> >
>>> >
>>> >
>>> __________________________________________________________________________
>>> > OpenStack Development Mailing List (not for usage questions)
>>> > Unsubscribe:
>>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>>> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>> >
>>>
>>>
>>> __________________________________________________________________________
>>> OpenStack Development Mailing List (not for usage questions)
>>> Unsubscribe:
>>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>
>>
>> __________________________________________________________________________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe:
>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
Yours Faithfully,
Vladimir Kuklin,
Fuel Library Tech Lead,
Mirantis, Inc.
+7 (495) 640-49-04
+7 (926) 702-39-68
Skype kuklinvv
35bk3, Vorontsovskaya Str.
Moscow, Russia,
www.mirantis.com <http://www.mirantis.ru/>
www.mirantis.ru
vkuklin at mirantis.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20151006/b57889f3/attachment.html>