Версия 7 - История - SETUP - SCI-CD - SkyCover Company - высокие технологии доступны

SETUP » История » Версия 7

Владимир Ипатов, 08.11.2012 00:58

-Dmitry Chernyak
+h1. SETUP
 Dmitry Chernyak
-Dmitry Chernyak
+{{toc}}
 Dmitry Chernyak
-Dmitry Chernyak
+Ensure both nodes are up.
 Dmitry Chernyak
-Dmitry Chernyak
+If you planning to use the secondary network for SAN and DRBD synchronization, you
-Dmitry Chernyak
+should configure secondary IP interfaces manually on both nodes at this time.
 Dmitry Chernyak
-Dmitry Chernyak
+Log in to the first node via ssh. Due to lack of DNS there may be
-Dmitry Chernyak
+a minute timeout before password prompt.
 Dmitry Chernyak
-Владимир Ипатов
+h2. NETWORK CONFIGURATION
 Владимир Ипатов
-Владимир Ипатов
+Network configuration may be highly various.
-Владимир Ипатов
+Here we describe several schemas.
 Владимир Ипатов
-Владимир Ипатов
+h3. Basic schema - one ethernet to all.
 Владимир Ипатов
-Владимир Ипатов
+one ethernet, one subnet, internet connection provided by external (not in claster) router.
-Dmitry Chernyak
+By default installer create bridge named xen-br0. You can customize parameters by editing /etc/network/interfaces.
-Владимир Ипатов
+In this case you must have nodes connected to gigabit ethernet switch.
-Владимир Ипатов
+By default it looks like:
-Владимир Ипатов
+<pre>
-Владимир Ипатов
+auto xen-br0
-Владимир Ипатов
+iface xen-br0 inet static
-Владимир Ипатов
+        address 192.168.5.88
-Владимир Ипатов
+        netmask 255.255.255.0
-Владимир Ипатов
+        network 192.168.5.0
-Владимир Ипатов
+        broadcast 192.168.5.255
-Владимир Ипатов
+        gateway 192.168.5.1
-Владимир Ипатов
+        bridge_ports eth0
-Владимир Ипатов
+        bridge_stp off
-Владимир Ипатов
+        bridge_fd 0
-Владимир Ипатов
+#       up ifconfig eth0 mtu 9000
-Владимир Ипатов
+#       up ifconfig xen-br0 mtu 9000
-Владимир Ипатов
+</pre>
-Владимир Ипатов
+Important parameters besides ipv4 settings is:
-Владимир Ипатов
+bridge_ports eth0 - means that physical interface eth0 enslaved to this bridge.
 Владимир Ипатов
-Владимир Ипатов
+up ifconfig eth0 mtu 9000
-Владимир Ипатов
+up ifconfig xen-br0 mtu 9000 - setting jumbo frame on bridge for more net speed and less cpu utilization.
-Владимир Ипатов
+It will be actual on interface where drbd link will be.
-Владимир Ипатов
+However, setting mtu higher than 1500 will cause problems with any network equipment that
-Владимир Ипатов
+doesn't support jumbo frames. That's the reason because it option commented out by default.
 Владимир Ипатов
-Владимир Ипатов
+Also it is important to specify broadcast and network adresses - it will help automatically
-Владимир Ипатов
+fullfill /etc/ganeti/networks file(a file that specify networks for instances).
-Dmitry Chernyak
+However, it ins't required.
 Владимир Ипатов
-Владимир Ипатов
+h3. Default schema - two ethernets, one for interlink(ganeti interoperation+drbd link) and one for lan.
 Dmitry Chernyak
-Владимир Ипатов
+This schema suits most cases. It doesn't required gigabit switch, provide good performance and reliability.
-Владимир Ипатов
+Two gigabit network interfaces on nodes connected directly or via gigabit switch(if you want more than two nodes in cluster).
-Владимир Ипатов
+Other interfaces connected to lan. Routing, firewalling, dhcp, dns in lan performed by external router or server.
-Владимир Ипатов
+Lan failure doesn't affect cluster in this setup.
 Владимир Ипатов
 Владимир Ипатов
-Владимир Ипатов
+h3. Mupltiple bridges with routing, firewalling and wan access.
 Владимир Ипатов
-Владимир Ипатов
+Here is a bit more complicated network setup.
-Владимир Ипатов
+In this setup we have, for example, two private netwokrs and wan by ethernet. All routing and firewalling
-Владимир Ипатов
+performed by separate firewall instance in our cluster. This setup fit when you don't have expensive hardware routers and firewalls.
-Владимир Ипатов
+This is /etc/network/interfaces file in this setup:
-Владимир Ипатов
+<pre>
-Владимир Ипатов
+auto lan
-Владимир Ипатов
+iface lan inet static
-Владимир Ипатов
+	address 192.168.21.10
-Владимир Ипатов
+	netmask 255.255.255.0
-Dmitry Chernyak
+        bridge_ports eth0
-Dmitry Chernyak
+        bridge_stp off
-Dmitry Chernyak
+        bridge_fd 0
 Владимир Ипатов
-Владимир Ипатов
+auto dmz
-Владимир Ипатов
+iface dmz inet static
-Владимир Ипатов
+	address 192.168.20.10
-Владимир Ипатов
+	netmask 255.255.255.0
-Владимир Ипатов
+	gateway 192.168.20.1
-Владимир Ипатов
+        bridge_ports eth1
-Владимир Ипатов
+        bridge_stp off
-Владимир Ипатов
+        bridge_fd 0
-Владимир Ипатов
+        up ifconfig eth1 mtu 9000
-Владимир Ипатов
+        up ifconfig dmz mtu 9000
 Владимир Ипатов
-Владимир Ипатов
+auto wan1
-Владимир Ипатов
+iface wan1 inet manual
-Владимир Ипатов
+        bridge_ports eth2
-Владимир Ипатов
+        bridge_stp off
-Владимир Ипатов
+        bridge_fd 0
-Dmitry Chernyak
+</pre>
-Владимир Ипатов
+In this example we have separate lan interfaces, dmz interface(it isn't actually dmz,
-Владимир Ипатов
+it just named this) and wan interface. dmz interface - ganeti master dev and drbd link
-Владимир Ипатов
+interfase, so there is mtu 9000.
-Владимир Ипатов
+Also in this example you must edit MASTER_NETDEV and LINK_NETDEV in /etc/sci/sci.conf from default xen-br0 to dmz.
-Владимир Ипатов
+There is no address in wan for hypervisor, although we recommend you to get subnet from
-Владимир Ипатов
+your ISP in order to assign IP addresses to nodes to management it even if router instance
-Владимир Ипатов
+is down.
 Владимир Ипатов
-Владимир Ипатов
+Here is an example /etc/network/interfaces in router instance:
-Владимир Ипатов
+<pre>
-Владимир Ипатов
+auto eth0
-Владимир Ипатов
+iface eth0 inet static
-Владимир Ипатов
+   address 192.168.20.1
-Владимир Ипатов
+   netmask 255.255.255.0
 Владимир Ипатов
-Владимир Ипатов
+auto eth1
-Владимир Ипатов
+iface eth1 inet static
-Владимир Ипатов
+   address 192.168.21.1
-Владимир Ипатов
+   netmask 255.255.255.0
 Владимир Ипатов
-Владимир Ипатов
+auto eth2
-Владимир Ипатов
+iface eth2 inet static
-Владимир Ипатов
+   address 1.1.1.2
-Владимир Ипатов
+   netmask 255.255.255.0
-Dmitry Chernyak
+   address 1.1.1.1
-Dmitry Chernyak
+</pre>
-Dmitry Chernyak
+Where eth0 linked to bridge dmz, eth1 linked to lan, eth2 linked to wan.
 Владимир Ипатов
-Владимир Ипатов
+h3. Datacenter schema - separate interfaces for lan, ganeti interoperation, drbd link.
-Владимир Ипатов
+If you have powerful networking infrastructure
 Владимир Ипатов
-Владимир Ипатов
+h3. VLAN schema
 Владимир Ипатов
-Владимир Ипатов
+If you have managed switches, you can set networking with VLANs.
-Владимир Ипатов
+You should add something like this for each VLAN:
-Владимир Ипатов
+<pre>
-Владимир Ипатов
+auto eth0.55
-Владимир Ипатов
+iface eth0.55 inet manual
-Владимир Ипатов
+        up ifconfig eth0.55 up
 Владимир Ипатов
-Владимир Ипатов
+auto bridge-example-vlan
-Владимир Ипатов
+iface bridge-example-vlan inet manual
-Владимир Ипатов
+        up brctl addbr bridge-example-vlan
-Владимир Ипатов
+        up brctl addif bridge-example-vlan eth0.55
-Владимир Ипатов
+        up brctl stp bridge-example-vlan off
-Владимир Ипатов
+        up ifconfig bridge-example-vlan up
-Владимир Ипатов
+        down ifconfig bridge-example-vlan down
-Владимир Ипатов
+        down brctl delbr bridge-example-vlan
-Владимир Ипатов
+</pre>
-Владимир Ипатов
+Where 55 - VLAN number.
-Владимир Ипатов
+In this example node don't have an ip address in this VLAN, although you could
-Владимир Ипатов
+assign an ip to bridge just like standard bridge.
 Владимир Ипатов
-Владимир Ипатов
+Alternative schema is:
-Владимир Ипатов
+<pre>
-Владимир Ипатов
+auto vlan55
-Владимир Ипатов
+iface vlan55 inet manual
-Владимир Ипатов
+   vlan_raw_device eth0
 Владимир Ипатов
-Владимир Ипатов
+auto bridge-example-vlan
-Владимир Ипатов
+iface bridge-example-vlan inet manual
-Владимир Ипатов
+           bridge_ports vlan55
-Владимир Ипатов
+        bridge_stp off
-Владимир Ипатов
+        bridge_fd 0
-Владимир Ипатов
+</pre>
-Владимир Ипатов
+It do the same, but in another way.
 Владимир Ипатов
-Dmitry Chernyak
+h2. DEFINING ENVIRONMENT
 Dmitry Chernyak
-Dmitry Chernyak
+Edit @/etc/sci/sci.conf@
 Dmitry Chernyak
-Dmitry Chernyak
+* You should specify node1 and node2 data as you have installed them.
-Dmitry Chernyak
+*NOTE*: You can setup the cluster even with one node. In this case just leave NODE2_
-Dmitry Chernyak
+lines as is. In fact this is a dangerous setup, so you will be warned about this duging
-Dmitry Chernyak
+the procedures.
 Dmitry Chernyak
-Dmitry Chernyak
+* You should specify the cluster's name and IP.
 Dmitry Chernyak
-Dmitry Chernyak
+* NODE#_SAN_IP should be specified on both nodes or none.
 Dmitry Chernyak
-Dmitry Chernyak
+* If you haven't Internet uplink or have a local package mirrors, you should correct
-Dmitry Chernyak
+APT_ - settings.
 Dmitry Chernyak
-Dmitry Chernyak
+* If you need to uplink to the DNS hierarchy other than root hint zones, specify DNS_FORWARDERS
-Dmitry Chernyak
+(note trailing ';').
 Владимир Ипатов
-Владимир Ипатов
+* MASTER_NETDEV - master interface name for ganeti. By default is xen-br0
 Владимир Ипатов
-Владимир Ипатов
+* LINK_NETDEV - cluster link interface name. By default is xen-br0
 Владимир Ипатов
-Владимир Ипатов
+* RESERVED_VOLS - list of volumes ignored by ganeti. Comma separated. You must specify vg for all volumes in this list.
 Владимир Ипатов
 Dmitry Chernyak
-Dmitry Chernyak
+h2. SETUP CLUSTER
 Dmitry Chernyak
-Dmitry Chernyak
+Issue:
 Dmitry Chernyak
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+# sci-setup cluster
-Dmitry Chernyak
+</pre>
 Dmitry Chernyak
-Dmitry Chernyak
+Check and confirm settings printed.
 Dmitry Chernyak
-Dmitry Chernyak
+The process will go on.
 Dmitry Chernyak
-Dmitry Chernyak
+Next you will be prompted to accept ssh key from node2 and for the root's password to node2.
 Dmitry Chernyak
-Dmitry Chernyak
+On finish you will look something like this:
 Dmitry Chernyak
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+Verify
-Dmitry Chernyak
+Wed Jan 12 15:36:10 2011 * Verifying global settings
-Dmitry Chernyak
+Wed Jan 12 15:36:10 2011 * Gathering data (1 nodes)
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Verifying node status
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Verifying instance status
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Verifying orphan volumes
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Verifying orphan instances
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Verifying N+1 Memory redundancy
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Other Notes
-Dmitry Chernyak
+Wed Jan 12 15:36:11 2011 * Hooks Results
-Dmitry Chernyak
+Node                    DTotal  DFree MTotal MNode MFree Pinst Sinst
-Dmitry Chernyak
+gnt1.ganeti.example.org 100.0G 100.0G  1020M  379M  625M     0     0
-Dmitry Chernyak
+gnt2.ganeti.example.org 100.0G 100.0G  1020M  379M  625M     0     0
-Dmitry Chernyak
+If all is ok, proceed with /usr/local/sbin/sci-setup service
-Dmitry Chernyak
+</pre>
 Dmitry Chernyak
-Dmitry Chernyak
+h2. SETUP SERVICE INSTANCE
 Dmitry Chernyak
-Dmitry Chernyak
+The service instance is named 'sci' and have a few aliases.
-Dmitry Chernyak
+On setup, it's IP address is determined from @/etc/resolv.conf@ of your first node.
-Dmitry Chernyak
+This instance will be hardcoded in @/etc/hosts@ file of all cluster nodes and instances.
 Dmitry Chernyak
-Dmitry Chernyak
+Issue:
 Dmitry Chernyak
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+# sci-setup service
-Dmitry Chernyak
+</pre>
 Dmitry Chernyak
-Dmitry Chernyak
+You'll see the progress of DRBD syncing disks, then the message
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+* running the instance OS create scripts...
-Dmitry Chernyak
+</pre>
-Dmitry Chernyak
+appears. The further may take a while. The process finishes with
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+* starting instance...
-Dmitry Chernyak
+</pre>
-Dmitry Chernyak
+message.
 Dmitry Chernyak
-Dmitry Chernyak
+Now you can log on to the sci instance using:
 Dmitry Chernyak
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+# gnt-instance console sci
-Dmitry Chernyak
+</pre>
 Dmitry Chernyak
-Dmitry Chernyak
+Log in as root, the password is empty.
-Dmitry Chernyak
+*NOTE*: Due to empty password all remote connections to new instance is prohibited.
-Dmitry Chernyak
+You should change password and install @openssh-server@ package manually after
-Dmitry Chernyak
+successful bootstrap procedure.
 Dmitry Chernyak
-Dmitry Chernyak
+h2. SERVICE INSTANCE BOOTSTRAP
 Dmitry Chernyak
-Dmitry Chernyak
+The system will setup itself via puppet. This is the iterative process. You can monitor
-Dmitry Chernyak
+it by looking into @/var/log/daemon.log@. At start there is no @less@ command yet, so
-Dmitry Chernyak
+you can use @more@, @cat@, @tail@ or @tail -f@ until @less@ will be auto-installed.
 Dmitry Chernyak
-Dmitry Chernyak
+By default the iterations are repeated in 20 minutes. To shorten the wait time you can
-Dmitry Chernyak
+issue
 Dmitry Chernyak
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+# /etc/init.d/puppet restart
-Dmitry Chernyak
+</pre>
 Dmitry Chernyak
-Dmitry Chernyak
+and then look into @daemon.log@ how it finishes.
 Dmitry Chernyak
-Dmitry Chernyak
+Repeat this a few times until puppet will do nothing in turn.
 Dmitry Chernyak
-Dmitry Chernyak
+h2. PREPARING FOR NEW INSTANCES
 Dmitry Chernyak
-Dmitry Chernyak
+New instances are created just by regular Ganeti commands such as:
 Dmitry Chernyak
-Dmitry Chernyak
+<pre>
-Dmitry Chernyak
+gnt-instance add -t drbd -o debootstrap+default -s 10g -B memory=256m -n NODE1_NAME:NODE2_NAME INSTANCE_NAME
-Dmitry Chernyak
+</pre>
 Dmitry Chernyak
-Dmitry Chernyak
+Altought, some tuning hooks are provided by SCI-CD project:
-Dmitry Chernyak
+# Each instance has installed @puppet@ for autoconfiguration and @openssh-client@ for file transfers etc.
-Dmitry Chernyak
+# The instance uses pygrub to boot kernel from /vmlinuz & Co on the innstance's own disk.
-Dmitry Chernyak
+# The instance's network interfaces may be set up automatically as described below.
 Dmitry Chernyak
-Dmitry Chernyak
+h3. INSTANCE INTERFACE AUTOCONFIGURATION
 Dmitry Chernyak
-Dmitry Chernyak
+If your instances may sit on several networks and you need static addressing in them, you should fulfill
-Dmitry Chernyak
+the file @/etc/ganeti/networks@ with all known networks you want to attach your instances.
-Dmitry Chernyak
+Each line in the file has format
 Dmitry Chernyak
-Dmitry Chernyak
+|NETWORK|NETMASK|BROADCAST|GATEWAY|
 Dmitry Chernyak
-Dmitry Chernyak
+Ganeti instance debootstrap hook looks in this file for the network, mathing the address of bootstraped
-Dmitry Chernyak
+instance and fulfill it's @/etc/network/interfaces@ accordingly.
 Dmitry Chernyak
-Dmitry Chernyak
+*NOTE*: If you have only one default network, you shouldn't care because it's data are preinstalled.
-Dmitry Chernyak
+*NOTE*: networks file must be copied to all cluster nodes (not automated yet).
 Dmitry Chernyak
-Dmitry Chernyak
+h2. SCI OPERATIONS
 Dmitry Chernyak
-Dmitry Chernyak
+Read [[OPERATIONS]] next.

Проект

Общее

Профиль

SCI-CD

SETUP » История » Версия 7