VM High Availability

Overview

VM High Availability ensures that your virtual machines running business critical applications stay up and running in the event of a failure of the underlying hypervisor infrastructure. In any enterprise-grade cloud offering, Virtual Machine High Availability (VM HA) is a must have feature. HA features are a popular capability offered by virtual infrastructure platforms such as VMware and Hyper-V. PMO offers the same capability for your KVM environment.

Architecture

PMO admininstrators can enable the HA feature per availability zone (AZ). AZ a logical construct defined by OpenStack Nova. An AZ is basically a specific metadata information attached to a host aggregate. All hypervisors belong to the ‘nova’ availability zone by default. Tagging a host aggregate with the ‘availability_zone’ metadata key creates an availability zone with that name. Host aggregates are annotated to form an AZ. All the aggregate hosts get implicitly moved from the default ‘nova’ zone to this user specified zone. A hypervisor can belong to multiple aggregates, but it can only belong to a single AZ at any given time. Platform9 currently supports HA at the AZ level where given AZ maps to a single host aggregate. Hosts that are added to or removed from such an aggregate will automatically be protected against failures by reconfiguring the HA cluster as needed.

Configuration

Consul IP Address:

The IP address that Consul binds to on all hypervisor hosts part of some HA cluster is, by default the same as the one you configured for VNC proxy when authorizing the Hypervisor role. You need to choose an IP address that is reachable by all other nodes in the cluster. From a security standpoint, please make sure that this IP address is not accessible on the public network. The IP address you wish to use for a host in Consul cluster can be configured as the hypervisor ‘Cluster IP’ in Infrastructure tab during host authorization.

Ports:

Consul requires up to four different ports to work properly, some on TCP, UDP, or both protocols. If you have any firewalls, be sure to allow both protocols for following ports.

  1. Server RPC (Default 8300). This is used by servers to handle incoming requests from other agents. TCP only.
  2. Serf LAN (Default 8301). This is used to handle gossip in the LAN. Required by all agents. TCP and UDP.
  3. CLI RPC (Default 8400). This is used by all agents to handle RPC from the CLI. TCP only.
  4. HTTP API (Default 8500). This is used by clients to talk to the HTTP API. TCP only.

References

Masakari Project: https://wiki.openstack.org/wiki/Masakari Consul: https://www.consul.io/