[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: origin master native HA setup





On Mon, Aug 29, 2016 at 9:10 PM, Cameron Braid <cameron braid com au> wrote:
I'm working on an origin master native HA setup

The docs say : The advanced installation method does not currently support multiple HAProxy load balancers in an active-passive setup.
https://docs.openshift.org/latest/install_config/install/advanced_install.html#multiple-masters

1) Doesn't that mean that the load balancer would be a single point of failure ?

Yes, the haproxy instance installed is meant to be a stop-gap until an HA load balancing solution can be provided. If an external load balancer solution can be pre-configured, then skipping the definition of the [lb] host, should be sufficient for installation. 


2) is it just the installation method that doesn't support installing multiple instances? I.e. I presume I can setup my own redundant ha proxy load banalcers and point them all to the three master nodes ?

Correct, or any other LB solution. 

 
3) what is the difference between openshift_master_cluster_hostname and openshift_master_cluster_public_hostname. Am I right in saying that the nodes will resolve the master api via openshift_master_cluster_hostname and the openshift_master_cluster_public_hostname is for things like the oc client tool ?

Yes. The distinction is to better support cloud or NAT environments where user access to the API or console would be over a separate network/DNS name from internal cluster traffic.

 
4) is there a way to get the masters to listen on a different port ?

Setting openshift_master_api_port and openshift_master_console_port would override the default port.
 

5) say I run 3 masters. If I connect to a passive master port 8443, will it proxy traffic to the active master ? Or will it respond with a failing health check so that the loadbalancer takes it out of service ?

The API servers run as active/active. The origin-controllers/atomic-openshift-controllers service will only be active on a single host in the cluster (handled through a lock held in etcd).

The API service also exposes /healthz/ready which can be used for configuring load balancer health checks.


--
Jason DeTiberus

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]