From e51e9854e8095400fafb3530c963b017aecc1970 Mon Sep 17 00:00:00 2001 From: Guoshuai Li Date: Wed, 11 Jan 2017 04:11:33 -0800 Subject: [PATCH] ovn: fix slave node can not connect to the master node using SSL, for pacemaker The default slave node connect to the master node using TCP, and the pacemaker can not modify the protocol and port of the connection. Add pacemaker parameters to support the connection of the slave node to the master node using a different protocol and port. Signed-off-by: Guoshuai Li Acked-by: Andy Zhou --- Documentation/topics/integration.rst | 5 ++- ovn/utilities/ovndb-servers.ocf | 60 ++++++++++++++++++++++++++-- 2 files changed, 60 insertions(+), 5 deletions(-) diff --git a/Documentation/topics/integration.rst b/Documentation/topics/integration.rst index 2f4043e929f..0447faf0152 100644 --- a/Documentation/topics/integration.rst +++ b/Documentation/topics/integration.rst @@ -231,7 +231,10 @@ active and multiple backup servers for OVN databases:: The `master_ip` and `ovn_ctl` are the parameters that will be used by the OCF script. `ovn_ctl` is optional, if not given, it assumes a default value of /usr/share/openvswitch/scripts/ovn-ctl. `master_ip` is the IP address on which -the active database server is expected to be listening. +the active database server is expected to be listening, the slave node uses it +to connect to the master node. You can add the optional parameters +'nb_master_port', 'nb_master_protocol', 'sb_master_port', 'sb_master_protocol' +to set the protocol and port. Whenever the active server dies, pacemaker is responsible to promote one of the backup servers to be active. Both ovn-controller and ovn-northd needs the diff --git a/ovn/utilities/ovndb-servers.ocf b/ovn/utilities/ovndb-servers.ocf index 1cf6f20fa57..ad4b1551c56 100755 --- a/ovn/utilities/ovndb-servers.ocf +++ b/ovn/utilities/ovndb-servers.ocf @@ -3,10 +3,18 @@ : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs : ${OVN_CTL_DEFAULT="/usr/share/openvswitch/scripts/ovn-ctl"} +: ${NB_MASTER_PORT_DEFAULT="6641"} +: ${NB_MASTER_PROTO_DEFAULT="tcp"} +: ${SB_MASTER_PORT_DEFAULT="6642"} +: ${SB_MASTER_PROTO_DEFAULT="tcp"} CRM_MASTER="${HA_SBIN_DIR}/crm_master -l reboot" CRM_ATTR_REPL_INFO="${HA_SBIN_DIR}/crm_attribute --type crm_config --name OVN_REPL_INFO -s ovn_ovsdb_master_server" OVN_CTL=${OCF_RESKEY_ovn_ctl:-${OVN_CTL_DEFAULT}} MASTER_IP=${OCF_RESKEY_master_ip} +NB_MASTER_PORT=${OCF_RESKEY_nb_master_port:-${NB_MASTER_PORT_DEFAULT}} +NB_MASTER_PROTO=${OCF_RESKEY_nb_master_protocol:-${NB_MASTER_PROTO_DEFAULT}} +SB_MASTER_PORT=${OCF_RESKEY_sb_master_port:-${SB_MASTER_PORT_DEFAULT}} +SB_MASTER_PROTO=${OCF_RESKEY_sb_master_protocol:-${SB_MASTER_PROTO_DEFAULT}} # Invalid IP address is an address that can never exist in the network, as # mentioned in rfc-5737. The ovsdb servers connects to this IP address till @@ -50,6 +58,38 @@ ovsdb_server_metadata() { + + + The port which the master Northbound database server is listening + + master Northbound database port + + + + + + The protocol which the master Northbound database server used, 'tcp' or 'ssl'. + + master Northbound database protocol + + + + + + The port which the master Southbound database server is listening + + master Southbound database port + + + + + + The protocol which the master Southbound database server used, 'tcp' or 'ssl'. + + master Southbound database protocol + + + @@ -86,8 +126,12 @@ ovsdb_server_notify() { else # Synchronize with the new master ocf_log debug "ovndb_server: Connecting to the new master ${OCF_RESKEY_CRM_meta_notify_promote_uname}" - ${OVN_CTL} demote_ovnnb --db-nb-sync-from-addr=${MASTER_IP} - ${OVN_CTL} demote_ovnsb --db-sb-sync-from-addr=${MASTER_IP} + ${OVN_CTL} demote_ovnnb --db-nb-sync-from-addr=${MASTER_IP} \ + --db-nb-sync-from-port=${NB_MASTER_PORT} \ + --db-nb-sync-from-proto=${NB_MASTER_PROTO} + ${OVN_CTL} demote_ovnsb --db-sb-sync-from-addr=${MASTER_IP} \ + --db-sb-sync-from-port=${SB_MASTER_PORT} \ + --db-sb-sync-from-proto=${SB_MASTER_PROTO} fi } @@ -206,6 +250,10 @@ ovsdb_server_start() { elif [ ${present_master} != ${host_name} ]; then # An existing master is active, connect to it set $@ --db-nb-sync-from-addr=${MASTER_IP} --db-sb-sync-from-addr=${MASTER_IP} + set $@ --db-nb-sync-from-port=${NB_MASTER_PORT} + set $@ --db-nb-sync-from-proto=${NB_MASTER_PROTO} + set $@ --db-sb-sync-from-port=${SB_MASTER_PORT} + set $@ --db-sb-sync-from-proto=${SB_MASTER_PROTO} fi $@ start_ovsdb @@ -314,8 +362,12 @@ ovsdb_server_demote() { elif [ "x${present_master}" != x ]; then # There are too many masters and we're an extra one that is # being demoted. Sync to the surviving one - ${OVN_CTL} demote_ovnnb --db-nb-sync-from-addr=${MASTER_IP} - ${OVN_CTL} demote_ovnsb --db-sb-sync-from-addr=${MASTER_IP} + ${OVN_CTL} demote_ovnnb --db-nb-sync-from-addr=${MASTER_IP} \ + --db-nb-sync-from-port=${NB_MASTER_PORT} \ + --db-nb-sync-from-proto=${NB_MASTER_PROTO} + ${OVN_CTL} demote_ovnsb --db-sb-sync-from-addr=${MASTER_IP} \ + --db-sb-sync-from-port=${SB_MASTER_PORT} \ + --db-sb-sync-from-proto=${SB_MASTER_PROTO} else # For completeness, should never be called