def get_post_lb_amp_association_flow(self, prefix, topology, mark_active=True): """Reload the loadbalancer and create networking subflows for created/allocated amphorae. :return: Post amphorae association subflow """ sf_name = prefix + '-' + constants.POST_LB_AMP_ASSOCIATION_SUBFLOW post_create_LB_flow = linear_flow.Flow(sf_name) post_create_LB_flow.add( database_tasks.ReloadLoadBalancer( name=sf_name + '-' + constants.RELOAD_LB_AFTER_AMP_ASSOC, requires=constants.LOADBALANCER_ID, provides=constants.LOADBALANCER)) if topology == constants.TOPOLOGY_ACTIVE_STANDBY: post_create_LB_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( requires=constants.LOADBALANCER_ID, provides=constants.AMPHORAE)) vrrp_subflow = self.amp_flows.get_vrrp_subflow(prefix) post_create_LB_flow.add(vrrp_subflow) post_create_LB_flow.add( database_tasks.UpdateLoadbalancerInDB( requires=[constants.LOADBALANCER, constants.UPDATE_DICT])) if mark_active: post_create_LB_flow.add( database_tasks.MarkLBActiveInDB( name=sf_name + '-' + constants.MARK_LB_ACTIVE_INDB, requires=constants.LOADBALANCER)) return post_create_LB_flow
def get_failover_LB_flow(self, amps, lb): """Failover a load balancer. 1. Validate the VIP port is correct and present. 2. Build a replacement amphora. 3. Delete the failed amphora. 4. Configure the replacement amphora listeners. 5. Configure VRRP for the listeners. 6. Build the second replacement amphora. 7. Delete the second failed amphora. 8. Delete any extraneous amphora. 9. Configure the listeners on the new amphorae. 10. Configure the VRRP on the new amphorae. 11. Reload the listener configurations to pick up VRRP changes. 12. Mark the load balancer back to ACTIVE. :returns: The flow that will provide the failover. """ # Pick one amphora to be failed over if any exist. failed_amp = None if amps: failed_amp = amps.pop() failover_LB_flow = linear_flow.Flow( constants.FAILOVER_LOADBALANCER_FLOW) # Revert LB to provisioning_status ERROR if this flow goes wrong failover_LB_flow.add( lifecycle_tasks.LoadBalancerToErrorOnRevertTask( requires=constants.LOADBALANCER)) # Setup timeouts for our requests to the amphorae timeout_dict = { constants.CONN_MAX_RETRIES: CONF.haproxy_amphora.active_connection_max_retries, constants.CONN_RETRY_INTERVAL: CONF.haproxy_amphora.active_connection_rety_interval } if failed_amp: if failed_amp.role in (constants.ROLE_MASTER, constants.ROLE_BACKUP): amp_role = 'master_or_backup' elif failed_amp.role == constants.ROLE_STANDALONE: amp_role = 'standalone' elif failed_amp.role is None: amp_role = 'spare' else: amp_role = 'undefined' LOG.info( "Performing failover for amphora: %s", { "id": failed_amp.id, "load_balancer_id": lb.id, "lb_network_ip": failed_amp.lb_network_ip, "compute_id": failed_amp.compute_id, "role": amp_role }) failover_LB_flow.add( database_tasks.MarkAmphoraPendingDeleteInDB( requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amp})) failover_LB_flow.add( database_tasks.MarkAmphoraHealthBusy( requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amp})) # Check that the VIP port exists and is ok failover_LB_flow.add( network_tasks.AllocateVIP(requires=constants.LOADBALANCER, provides=constants.VIP)) # Update the database with the VIP information failover_LB_flow.add( database_tasks.UpdateVIPAfterAllocation( requires=(constants.LOADBALANCER_ID, constants.VIP), provides=constants.LOADBALANCER)) # Make sure the SG has the correct rules and re-apply to the # VIP port. It is not used on the VIP port, but will help lock # the SG as in use. failover_LB_flow.add( network_tasks.UpdateVIPSecurityGroup( requires=constants.LOADBALANCER_ID, provides=constants.VIP_SG_ID)) new_amp_role = constants.ROLE_STANDALONE if lb.topology == constants.TOPOLOGY_ACTIVE_STANDBY: new_amp_role = constants.ROLE_BACKUP # Get a replacement amphora and plug all of the networking. # # Do this early as the compute services have been observed to be # unreliable. The community decided the chance that deleting first # would open resources for an instance is less likely than the compute # service failing to boot an instance for other reasons. if failed_amp: failed_vrrp_is_ipv6 = False if failed_amp.vrrp_ip: failed_vrrp_is_ipv6 = utils.is_ipv6(failed_amp.vrrp_ip) failover_LB_flow.add( self.amp_flows.get_amphora_for_lb_failover_subflow( prefix=constants.FAILOVER_LOADBALANCER_FLOW, role=new_amp_role, failed_amp_vrrp_port_id=failed_amp.vrrp_port_id, is_vrrp_ipv6=failed_vrrp_is_ipv6)) else: failover_LB_flow.add( self.amp_flows.get_amphora_for_lb_failover_subflow( prefix=constants.FAILOVER_LOADBALANCER_FLOW, role=new_amp_role)) if lb.topology == constants.TOPOLOGY_ACTIVE_STANDBY: failover_LB_flow.add( database_tasks.MarkAmphoraBackupInDB( name=constants.MARK_AMP_BACKUP_INDB, requires=constants.AMPHORA)) # Delete the failed amp if failed_amp: failover_LB_flow.add( self.amp_flows.get_delete_amphora_flow(failed_amp)) # Update the data stored in the flow from the database failover_LB_flow.add( database_tasks.ReloadLoadBalancer( requires=constants.LOADBALANCER_ID, provides=constants.LOADBALANCER)) # Configure the listener(s) # We will run update on this amphora again later if this is # an active/standby load balancer because we want this amp # functional as soon as possible. It must run again to update # the configurations for the new peers. failover_LB_flow.add( amphora_driver_tasks.AmpListenersUpdate( name=constants.AMP_LISTENER_UPDATE, requires=(constants.LOADBALANCER, constants.AMPHORA), inject={constants.TIMEOUT_DICT: timeout_dict})) # Bring up the new "backup" amphora VIP now to reduce the outage # on the final failover. This dropped the outage from 8-9 seconds # to less than one in my lab. # This does mean some steps have to be repeated later to reconfigure # for the second amphora as a peer. if lb.topology == constants.TOPOLOGY_ACTIVE_STANDBY: failover_LB_flow.add( database_tasks.CreateVRRPGroupForLB( name=new_amp_role + '-' + constants.CREATE_VRRP_GROUP_FOR_LB, requires=constants.LOADBALANCER_ID)) failover_LB_flow.add( network_tasks.GetAmphoraNetworkConfigsByID( name=(new_amp_role + '-' + constants.GET_AMPHORA_NETWORK_CONFIGS_BY_ID), requires=(constants.LOADBALANCER_ID, constants.AMPHORA_ID), provides=constants.FIRST_AMP_NETWORK_CONFIGS)) failover_LB_flow.add( amphora_driver_tasks.AmphoraUpdateVRRPInterface( name=new_amp_role + '-' + constants.AMP_UPDATE_VRRP_INTF, requires=constants.AMPHORA, inject={constants.TIMEOUT_DICT: timeout_dict}, provides=constants.FIRST_AMP_VRRP_INTERFACE)) failover_LB_flow.add( amphora_driver_tasks.AmphoraVRRPUpdate( name=new_amp_role + '-' + constants.AMP_VRRP_UPDATE, requires=(constants.LOADBALANCER_ID, constants.AMPHORA), rebind={ constants.AMPHORAE_NETWORK_CONFIG: constants.FIRST_AMP_NETWORK_CONFIGS, constants.AMP_VRRP_INT: constants.FIRST_AMP_VRRP_INTERFACE }, inject={constants.TIMEOUT_DICT: timeout_dict})) failover_LB_flow.add( amphora_driver_tasks.AmphoraVRRPStart( name=new_amp_role + '-' + constants.AMP_VRRP_START, requires=constants.AMPHORA, inject={constants.TIMEOUT_DICT: timeout_dict})) # Start the listener. This needs to be done here because # it will create the required haproxy check scripts for # the VRRP deployed above. # A "V" or newer amphora-agent will remove the need for this # task here. # TODO(johnsom) Remove this in the "X" cycle failover_LB_flow.add( amphora_driver_tasks.ListenersStart( name=new_amp_role + '-' + constants.AMP_LISTENER_START, requires=(constants.LOADBALANCER, constants.AMPHORA))) # #### Work on standby amphora if needed ##### new_amp_role = constants.ROLE_MASTER failed_amp = None if amps: failed_amp = amps.pop() if failed_amp: if failed_amp.role in (constants.ROLE_MASTER, constants.ROLE_BACKUP): amp_role = 'master_or_backup' elif failed_amp.role == constants.ROLE_STANDALONE: amp_role = 'standalone' elif failed_amp.role is None: amp_role = 'spare' else: amp_role = 'undefined' LOG.info( "Performing failover for amphora: %s", { "id": failed_amp.id, "load_balancer_id": lb.id, "lb_network_ip": failed_amp.lb_network_ip, "compute_id": failed_amp.compute_id, "role": amp_role }) failover_LB_flow.add( database_tasks.MarkAmphoraPendingDeleteInDB( name=(new_amp_role + '-' + constants.MARK_AMPHORA_PENDING_DELETE), requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amp})) failover_LB_flow.add( database_tasks.MarkAmphoraHealthBusy( name=(new_amp_role + '-' + constants.MARK_AMPHORA_HEALTH_BUSY), requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amp})) # Get a replacement amphora and plug all of the networking. # # Do this early as the compute services have been observed to be # unreliable. The community decided the chance that deleting first # would open resources for an instance is less likely than the # compute service failing to boot an instance for other reasons. failover_LB_flow.add( self.amp_flows.get_amphora_for_lb_failover_subflow( prefix=(new_amp_role + '-' + constants.FAILOVER_LOADBALANCER_FLOW), role=new_amp_role)) failover_LB_flow.add( database_tasks.MarkAmphoraMasterInDB( name=constants.MARK_AMP_MASTER_INDB, requires=constants.AMPHORA)) # Delete the failed amp if failed_amp: failover_LB_flow.add( self.amp_flows.get_delete_amphora_flow(failed_amp)) failover_LB_flow.add( database_tasks.DisableAmphoraHealthMonitoring( name=(new_amp_role + '-' + constants.DISABLE_AMP_HEALTH_MONITORING), requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amp})) # Remove any extraneous amphora # Note: This runs in all topology situations. # It should run before the act/stdby final listener update so # that we don't bother attempting to update dead amphorae. delete_extra_amps_flow = unordered_flow.Flow( constants.DELETE_EXTRA_AMPHORAE_FLOW) for amp in amps: LOG.debug( 'Found extraneous amphora %s on load balancer %s. ' 'Deleting.', amp.id, lb.id) delete_extra_amps_flow.add( self.amp_flows.get_delete_amphora_flow(amp)) failover_LB_flow.add(delete_extra_amps_flow) if lb.topology == constants.TOPOLOGY_ACTIVE_STANDBY: # Update the data stored in the flow from the database failover_LB_flow.add( database_tasks.ReloadLoadBalancer( name=new_amp_role + '-' + constants.RELOAD_LB_AFTER_AMP_ASSOC, requires=constants.LOADBALANCER_ID, provides=constants.LOADBALANCER)) failover_LB_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( name=new_amp_role + '-' + constants.GET_AMPHORAE_FROM_LB, requires=constants.LOADBALANCER_ID, provides=constants.AMPHORAE)) # Listeners update needs to be run on all amphora to update # their peer configurations. So parallelize this with an # unordered subflow. update_amps_subflow = unordered_flow.Flow( constants.UPDATE_AMPS_SUBFLOW) # Setup parallel flows for each amp. We don't know the new amp # details at flow creation time, so setup a subflow for each # amp on the LB, they let the task index into a list of amps # to find the amphora it should work on. update_amps_subflow.add( amphora_driver_tasks.AmphoraIndexListenerUpdate( name=(constants.AMPHORA + '-0-' + constants.AMP_LISTENER_UPDATE), requires=(constants.LOADBALANCER, constants.AMPHORAE), inject={ constants.AMPHORA_INDEX: 0, constants.TIMEOUT_DICT: timeout_dict })) update_amps_subflow.add( amphora_driver_tasks.AmphoraIndexListenerUpdate( name=(constants.AMPHORA + '-1-' + constants.AMP_LISTENER_UPDATE), requires=(constants.LOADBALANCER, constants.AMPHORAE), inject={ constants.AMPHORA_INDEX: 1, constants.TIMEOUT_DICT: timeout_dict })) failover_LB_flow.add(update_amps_subflow) # Configure and enable keepalived in the amphora failover_LB_flow.add( self.amp_flows.get_vrrp_subflow(new_amp_role + '-' + constants.GET_VRRP_SUBFLOW, timeout_dict, create_vrrp_group=False)) # #### End of standby #### # Reload the listener. This needs to be done here because # it will create the required haproxy check scripts for # the VRRP deployed above. # A "V" or newer amphora-agent will remove the need for this # task here. # TODO(johnsom) Remove this in the "X" cycle failover_LB_flow.add( amphora_driver_tasks.AmphoraIndexListenersReload( name=(new_amp_role + '-' + constants.AMPHORA_RELOAD_LISTENER), requires=(constants.LOADBALANCER, constants.AMPHORAE), inject={ constants.AMPHORA_INDEX: 1, constants.TIMEOUT_DICT: timeout_dict })) # Remove any extraneous ports # Note: Nova sometimes fails to delete ports attached to an instance. # For example, if you create an LB with a listener, then # 'openstack server delete' the amphora, you will see the vrrp # port attached to that instance will remain after the instance # is deleted. # TODO(johnsom) Fix this as part of # https://storyboard.openstack.org/#!/story/2007077 # Mark LB ACTIVE failover_LB_flow.add( database_tasks.MarkLBActiveInDB(mark_subobjects=True, requires=constants.LOADBALANCER)) return failover_LB_flow
def get_delete_pool_flow(self, members, health_mon, store, topology): """Create a flow to delete a pool :returns: The flow for deleting a pool """ delete_pool_flow = linear_flow.Flow(constants.DELETE_POOL_FLOW) delete_pool_flow.add( lifecycle_tasks.PoolToErrorOnRevertTask(requires=[ constants.POOL, constants.LISTENERS, constants.LOADBALANCER ])) delete_pool_flow.add( vthunder_tasks.VthunderInstanceBusy( requires=a10constants.COMPUTE_BUSY)) delete_pool_flow.add( database_tasks.MarkPoolPendingDeleteInDB(requires=constants.POOL)) delete_pool_flow.add( database_tasks.CountPoolChildrenForQuota( requires=constants.POOL, provides=constants.POOL_CHILD_COUNT)) delete_pool_flow.add( model_tasks.DeleteModelObject( rebind={constants.OBJECT: constants.POOL})) # Get VThunder details from database delete_pool_flow.add( a10_database_tasks.GetVThunderByLoadBalancer( requires=constants.LOADBALANCER, provides=a10constants.VTHUNDER)) if topology == constants.TOPOLOGY_ACTIVE_STANDBY: delete_pool_flow.add( vthunder_tasks.GetMasterVThunder( name=a10constants.GET_MASTER_VTHUNDER, requires=a10constants.VTHUNDER, provides=a10constants.VTHUNDER)) delete_pool_flow.add( virtual_port_tasks.ListenerUpdateForPool(requires=[ constants.LOADBALANCER, constants.LISTENER, a10constants.VTHUNDER ])) delete_pool_flow.add( persist_tasks.DeleteSessionPersistence( requires=[a10constants.VTHUNDER, constants.POOL])) # Delete pool children delete_pool_flow.add( self._get_delete_health_monitor_vthunder_subflow(health_mon)) delete_pool_flow.add( self._get_delete_member_vthunder_subflow(members, store)) delete_pool_flow.add( service_group_tasks.PoolDelete( requires=[constants.POOL, a10constants.VTHUNDER])) delete_pool_flow.add( database_tasks.DeletePoolInDB(requires=constants.POOL)) # Interface delete. delete_pool_flow.add( a10_database_tasks.GetLoadBalancerListByProjectID( requires=a10constants.VTHUNDER, provides=a10constants.LOADBALANCERS_LIST)) delete_pool_flow.add( a10_database_tasks.GetMemberListByProjectID( requires=a10constants.VTHUNDER, provides=a10constants.MEMBER_LIST)) delete_pool_flow.add( a10_network_tasks.CalculateDelta( requires=(constants.LOADBALANCER, a10constants.LOADBALANCERS_LIST, a10constants.MEMBER_LIST), provides=constants.DELTAS)) delete_pool_flow.add( a10_network_tasks.HandleNetworkDeltas( requires=constants.DELTAS, provides=constants.ADDED_PORTS)) delete_pool_flow.add( vthunder_tasks.AmphoraePostNetworkUnplug( requires=(constants.LOADBALANCER, constants.ADDED_PORTS, a10constants.VTHUNDER))) delete_pool_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( requires=constants.LOADBALANCER_ID, provides=constants.AMPHORA)) delete_pool_flow.add( vthunder_tasks.VThunderComputeConnectivityWait( requires=(a10constants.VTHUNDER, constants.AMPHORA))) delete_pool_flow.add( database_tasks.DecrementPoolQuota( requires=[constants.POOL, constants.POOL_CHILD_COUNT])) delete_pool_flow.add( database_tasks.MarkLBAndListenersActiveInDB( requires=[constants.LOADBALANCER, constants.LISTENERS])) delete_pool_flow.add( vthunder_tasks.WriteMemory(requires=a10constants.VTHUNDER)) delete_pool_flow.add( a10_database_tasks.SetThunderUpdatedAt( requires=a10constants.VTHUNDER)) return delete_pool_flow
def get_failover_amphora_flow(self, failed_amphora, lb_amp_count): """Get a Taskflow flow to failover an amphora. 1. Build a replacement amphora. 2. Delete the old amphora. 3. Update the amphorae listener configurations. 4. Update the VRRP configurations if needed. :param failed_amphora: The amphora object to failover. :param lb_amp_count: The number of amphora on this load balancer. :returns: The flow that will provide the failover. """ failover_amp_flow = linear_flow.Flow(constants.FAILOVER_AMPHORA_FLOW) # Revert amphora to status ERROR if this flow goes wrong failover_amp_flow.add( lifecycle_tasks.AmphoraToErrorOnRevertTask( requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amphora})) if failed_amphora.role in (constants.ROLE_MASTER, constants.ROLE_BACKUP): amp_role = 'master_or_backup' elif failed_amphora.role == constants.ROLE_STANDALONE: amp_role = 'standalone' elif failed_amphora.role is None: amp_role = 'spare' else: amp_role = 'undefined' LOG.info( "Performing failover for amphora: %s", { "id": failed_amphora.id, "load_balancer_id": failed_amphora.load_balancer_id, "lb_network_ip": failed_amphora.lb_network_ip, "compute_id": failed_amphora.compute_id, "role": amp_role }) failover_amp_flow.add( database_tasks.MarkAmphoraPendingDeleteInDB( requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amphora})) failover_amp_flow.add( database_tasks.MarkAmphoraHealthBusy( requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amphora})) failover_amp_flow.add( network_tasks.GetVIPSecurityGroupID( requires=constants.LOADBALANCER_ID, provides=constants.VIP_SG_ID)) is_spare = True is_vrrp_ipv6 = False if failed_amphora.load_balancer_id: is_spare = False if failed_amphora.vrrp_ip: is_vrrp_ipv6 = utils.is_ipv6(failed_amphora.vrrp_ip) # Get a replacement amphora and plug all of the networking. # # Do this early as the compute services have been observed to be # unreliable. The community decided the chance that deleting first # would open resources for an instance is less likely than the # compute service failing to boot an instance for other reasons. # TODO(johnsom) Move this back out to run for spares after # delete amphora API is available. failover_amp_flow.add( self.get_amphora_for_lb_failover_subflow( prefix=constants.FAILOVER_LOADBALANCER_FLOW, role=failed_amphora.role, failed_amp_vrrp_port_id=failed_amphora.vrrp_port_id, is_vrrp_ipv6=is_vrrp_ipv6, is_spare=is_spare)) failover_amp_flow.add( self.get_delete_amphora_flow( failed_amphora, retry_attempts=CONF.controller_worker.amphora_delete_retries, retry_interval=( CONF.controller_worker.amphora_delete_retry_interval))) failover_amp_flow.add( database_tasks.DisableAmphoraHealthMonitoring( requires=constants.AMPHORA, inject={constants.AMPHORA: failed_amphora})) if not failed_amphora.load_balancer_id: # This is an unallocated amphora (spares pool), we are done. return failover_amp_flow failover_amp_flow.add( database_tasks.GetLoadBalancer(requires=constants.LOADBALANCER_ID, inject={ constants.LOADBALANCER_ID: failed_amphora.load_balancer_id }, provides=constants.LOADBALANCER)) failover_amp_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( name=constants.GET_AMPHORAE_FROM_LB, requires=constants.LOADBALANCER_ID, inject={ constants.LOADBALANCER_ID: failed_amphora.load_balancer_id }, provides=constants.AMPHORAE)) # Setup timeouts for our requests to the amphorae timeout_dict = { constants.CONN_MAX_RETRIES: CONF.haproxy_amphora.active_connection_max_retries, constants.CONN_RETRY_INTERVAL: CONF.haproxy_amphora.active_connection_rety_interval } # Listeners update needs to be run on all amphora to update # their peer configurations. So parallelize this with an # unordered subflow. update_amps_subflow = unordered_flow.Flow( constants.UPDATE_AMPS_SUBFLOW) for amp_index in range(0, lb_amp_count): update_amps_subflow.add( amphora_driver_tasks.AmphoraIndexListenerUpdate( name=str(amp_index) + '-' + constants.AMP_LISTENER_UPDATE, requires=(constants.LOADBALANCER, constants.AMPHORAE), inject={ constants.AMPHORA_INDEX: amp_index, constants.TIMEOUT_DICT: timeout_dict })) failover_amp_flow.add(update_amps_subflow) # Configure and enable keepalived in the amphora if lb_amp_count == 2: failover_amp_flow.add( self.get_vrrp_subflow(constants.GET_VRRP_SUBFLOW, timeout_dict, create_vrrp_group=False)) # Reload the listener. This needs to be done here because # it will create the required haproxy check scripts for # the VRRP deployed above. # A "U" or newer amphora-agent will remove the need for this # task here. # TODO(johnsom) Remove this in the "W" cycle reload_listener_subflow = unordered_flow.Flow( constants.AMPHORA_LISTENER_RELOAD_SUBFLOW) for amp_index in range(0, lb_amp_count): reload_listener_subflow.add( amphora_driver_tasks.AmphoraIndexListenersReload( name=(str(amp_index) + '-' + constants.AMPHORA_RELOAD_LISTENER), requires=(constants.LOADBALANCER, constants.AMPHORAE), inject={ constants.AMPHORA_INDEX: amp_index, constants.TIMEOUT_DICT: timeout_dict })) failover_amp_flow.add(reload_listener_subflow) # Remove any extraneous ports # Note: Nova sometimes fails to delete ports attached to an instance. # For example, if you create an LB with a listener, then # 'openstack server delete' the amphora, you will see the vrrp # port attached to that instance will remain after the instance # is deleted. # TODO(johnsom) Fix this as part of # https://storyboard.openstack.org/#!/story/2007077 # Mark LB ACTIVE failover_amp_flow.add( database_tasks.MarkLBActiveInDB(mark_subobjects=True, requires=constants.LOADBALANCER)) return failover_amp_flow
def get_failover_flow(self, role=constants.ROLE_STANDALONE, load_balancer=None): """Creates a flow to failover a stale amphora :returns: The flow for amphora failover """ failover_amphora_flow = linear_flow.Flow( constants.FAILOVER_AMPHORA_FLOW) failover_amphora_flow.add( lifecycle_tasks.AmphoraToErrorOnRevertTask( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) failover_amphora_flow.add( network_tasks.FailoverPreparationForAmphora( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) # Note: It seems intuitive to boot an amphora prior to deleting # the old amphora, however this is a complicated issue. # If the target host (due to anit-affinity) is resource # constrained, this will fail where a post-delete will # succeed. Since this is async with the API it would result # in the LB ending in ERROR though the amps are still alive. # Consider in the future making this a complicated # try-on-failure-retry flow, or move upgrade failovers to be # synchronous with the API. For now spares pool and act/stdby # will mitigate most of this delay. # Delete the old amphora failover_amphora_flow.add( database_tasks.MarkAmphoraPendingDeleteInDB( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) failover_amphora_flow.add( database_tasks.MarkAmphoraHealthBusy( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) failover_amphora_flow.add( compute_tasks.ComputeDelete( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) failover_amphora_flow.add( network_tasks.WaitForPortDetach( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) failover_amphora_flow.add( database_tasks.MarkAmphoraDeletedInDB( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) # If this is an unallocated amp (spares pool), we're done if not load_balancer: failover_amphora_flow.add( database_tasks.DisableAmphoraHealthMonitoring( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) return failover_amphora_flow # Save failed amphora details for later failover_amphora_flow.add( database_tasks.GetAmphoraDetails( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA, provides=constants.AMP_DATA)) # Get a new amphora # Note: Role doesn't matter here. We will update it later. get_amp_subflow = self.get_amphora_for_lb_subflow( prefix=constants.FAILOVER_AMPHORA_FLOW) failover_amphora_flow.add(get_amp_subflow) # Update the new amphora with the failed amphora details failover_amphora_flow.add( database_tasks.UpdateAmpFailoverDetails( requires=(constants.AMPHORA, constants.AMP_DATA))) # Update the data stored in the flow from the database failover_amphora_flow.add( database_tasks.ReloadLoadBalancer( requires=constants.LOADBALANCER_ID, provides=constants.LOADBALANCER)) failover_amphora_flow.add( database_tasks.ReloadAmphora(requires=constants.AMPHORA_ID, provides=constants.AMPHORA)) # Prepare to reconnect the network interface(s) failover_amphora_flow.add( network_tasks.GetAmphoraeNetworkConfigs( requires=constants.LOADBALANCER, provides=constants.AMPHORAE_NETWORK_CONFIG)) failover_amphora_flow.add( database_tasks.GetListenersFromLoadbalancer( requires=constants.LOADBALANCER, provides=constants.LISTENERS)) failover_amphora_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( requires=constants.LOADBALANCER, provides=constants.AMPHORAE)) # Plug the VIP ports into the new amphora # The reason for moving these steps here is the udp listeners want to # do some kernel configuration before Listener update for forbidding # failure during rebuild amphora. failover_amphora_flow.add( network_tasks.PlugVIPPort( requires=(constants.AMPHORA, constants.AMPHORAE_NETWORK_CONFIG))) failover_amphora_flow.add( amphora_driver_tasks.AmphoraPostVIPPlug( requires=(constants.AMPHORA, constants.LOADBALANCER, constants.AMPHORAE_NETWORK_CONFIG))) # Listeners update needs to be run on all amphora to update # their peer configurations. So parallelize this with an # unordered subflow. update_amps_subflow = unordered_flow.Flow( constants.UPDATE_AMPS_SUBFLOW) timeout_dict = { constants.CONN_MAX_RETRIES: CONF.haproxy_amphora.active_connection_max_retries, constants.CONN_RETRY_INTERVAL: CONF.haproxy_amphora.active_connection_rety_interval } # Setup parallel flows for each amp. We don't know the new amp # details at flow creation time, so setup a subflow for each # amp on the LB, they let the task index into a list of amps # to find the amphora it should work on. amp_index = 0 for amp in load_balancer.amphorae: if amp.status == constants.DELETED: continue update_amps_subflow.add( amphora_driver_tasks.AmpListenersUpdate( name=constants.AMP_LISTENER_UPDATE + '-' + str(amp_index), requires=(constants.LOADBALANCER, constants.AMPHORAE), inject={ constants.AMPHORA_INDEX: amp_index, constants.TIMEOUT_DICT: timeout_dict })) amp_index += 1 failover_amphora_flow.add(update_amps_subflow) # Plug the member networks into the new amphora failover_amphora_flow.add( network_tasks.CalculateAmphoraDelta( requires=(constants.LOADBALANCER, constants.AMPHORA), provides=constants.DELTA)) failover_amphora_flow.add( network_tasks.HandleNetworkDelta(requires=(constants.AMPHORA, constants.DELTA), provides=constants.ADDED_PORTS)) failover_amphora_flow.add( amphora_driver_tasks.AmphoraePostNetworkPlug( requires=(constants.LOADBALANCER, constants.ADDED_PORTS))) failover_amphora_flow.add( database_tasks.ReloadLoadBalancer( name='octavia-failover-LB-reload-2', requires=constants.LOADBALANCER_ID, provides=constants.LOADBALANCER)) # Handle the amphora role and VRRP if necessary if role == constants.ROLE_MASTER: failover_amphora_flow.add( database_tasks.MarkAmphoraMasterInDB( name=constants.MARK_AMP_MASTER_INDB, requires=constants.AMPHORA)) vrrp_subflow = self.get_vrrp_subflow(role) failover_amphora_flow.add(vrrp_subflow) elif role == constants.ROLE_BACKUP: failover_amphora_flow.add( database_tasks.MarkAmphoraBackupInDB( name=constants.MARK_AMP_BACKUP_INDB, requires=constants.AMPHORA)) vrrp_subflow = self.get_vrrp_subflow(role) failover_amphora_flow.add(vrrp_subflow) elif role == constants.ROLE_STANDALONE: failover_amphora_flow.add( database_tasks.MarkAmphoraStandAloneInDB( name=constants.MARK_AMP_STANDALONE_INDB, requires=constants.AMPHORA)) failover_amphora_flow.add( amphora_driver_tasks.ListenersStart( requires=(constants.LOADBALANCER, constants.AMPHORA))) failover_amphora_flow.add( database_tasks.DisableAmphoraHealthMonitoring( rebind={constants.AMPHORA: constants.FAILED_AMPHORA}, requires=constants.AMPHORA)) return failover_amphora_flow
def get_create_member_flow(self, topology): """Create a flow to create a member :returns: The flow for creating a member """ create_member_flow = linear_flow.Flow(constants.CREATE_MEMBER_FLOW) create_member_flow.add( lifecycle_tasks.MemberToErrorOnRevertTask(requires=[ constants.MEMBER, constants.LISTENERS, constants.LOADBALANCER, constants.POOL ])) create_member_flow.add( vthunder_tasks.VthunderInstanceBusy( requires=a10constants.COMPUTE_BUSY)) create_member_flow.add( database_tasks.MarkMemberPendingCreateInDB( requires=constants.MEMBER)) create_member_flow.add( a10_database_tasks.GetVThunderByLoadBalancer( requires=constants.LOADBALANCER, provides=a10constants.VTHUNDER)) create_member_flow.add( a10_database_tasks.GetLoadBalancerListByProjectID( requires=a10constants.VTHUNDER, provides=a10constants.LOADBALANCERS_LIST)) create_member_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( requires=constants.LOADBALANCER_ID, provides=constants.AMPHORA)) create_member_flow.add( a10_database_tasks.GetMemberListByProjectID( requires=a10constants.VTHUNDER, provides=a10constants.MEMBER_LIST)) create_member_flow.add( a10_network_tasks.CalculateDelta( requires=(constants.LOADBALANCER, a10constants.LOADBALANCERS_LIST, a10constants.MEMBER_LIST), provides=constants.DELTAS)) create_member_flow.add( a10_network_tasks.HandleNetworkDeltas( requires=constants.DELTAS, provides=constants.ADDED_PORTS)) if topology == constants.TOPOLOGY_ACTIVE_STANDBY: create_member_flow.add( vthunder_tasks.VCSSyncWait( name="vcs_sync_wait_before_probe_device", requires=a10constants.VTHUNDER)) create_member_flow.add( vthunder_tasks.GetMasterVThunder( name=a10constants.GET_VTHUNDER_MASTER, requires=a10constants.VTHUNDER, provides=a10constants.VTHUNDER)) # managing interface additions here create_member_flow.add( vthunder_tasks.AmphoraePostMemberNetworkPlug( requires=(constants.LOADBALANCER, constants.ADDED_PORTS, a10constants.VTHUNDER))) create_member_flow.add( vthunder_tasks.VThunderComputeConnectivityWait( name=a10constants.VTHUNDER_CONNECTIVITY_WAIT, requires=(a10constants.VTHUNDER, constants.AMPHORA))) if topology == constants.TOPOLOGY_ACTIVE_STANDBY: create_member_flow.add( a10_database_tasks.GetBackupVThunderByLoadBalancer( name="get_backup_vThunder", requires=(constants.LOADBALANCER, a10constants.VTHUNDER), provides=a10constants.BACKUP_VTHUNDER)) create_member_flow.add( vthunder_tasks.VThunderComputeConnectivityWait( name="backup_compute_conn_wait_before_probe_device", requires=constants.AMPHORA, rebind={ a10constants.VTHUNDER: a10constants.BACKUP_VTHUNDER })) create_member_flow.add( vthunder_tasks.VCSSyncWait(name="backup-plug-wait-vcs-ready", requires=a10constants.VTHUNDER)) create_member_flow.add( vthunder_tasks.GetMasterVThunder( name=a10constants.GET_MASTER_VTHUNDER, requires=a10constants.VTHUNDER, provides=a10constants.VTHUNDER)) create_member_flow.add( vthunder_tasks.EnableInterfaceForMembers(requires=[ constants.ADDED_PORTS, constants.LOADBALANCER, a10constants.VTHUNDER ])) create_member_flow.add(self.handle_vrid_for_member_subflow()) create_member_flow.add( a10_database_tasks.CountMembersWithIP( requires=constants.MEMBER, provides=a10constants.MEMBER_COUNT_IP)) create_member_flow.add( vthunder_tasks.AllowLoadbalancerForwardWithAnySource( name=a10constants.ALLOW_NO_SNAT, requires=(constants.MEMBER, constants.AMPHORA))) create_member_flow.add( a10_database_tasks.GetFlavorData( rebind={a10constants.LB_RESOURCE: constants.LOADBALANCER}, provides=constants.FLAVOR)) create_member_flow.add(self.get_create_member_snat_pool_subflow()) create_member_flow.add( server_tasks.MemberCreate(requires=(constants.MEMBER, a10constants.VTHUNDER, constants.POOL, a10constants.MEMBER_COUNT_IP, constants.FLAVOR))) create_member_flow.add( database_tasks.MarkMemberActiveInDB(requires=constants.MEMBER)) create_member_flow.add( database_tasks.MarkPoolActiveInDB(requires=constants.POOL)) create_member_flow.add( database_tasks.MarkLBAndListenersActiveInDB( requires=(constants.LOADBALANCER, constants.LISTENERS))) create_member_flow.add( vthunder_tasks.WriteMemory(requires=a10constants.VTHUNDER)) create_member_flow.add( a10_database_tasks.SetThunderUpdatedAt( requires=a10constants.VTHUNDER)) return create_member_flow
def get_delete_member_flow(self, topology): """Flow to delete a member on VThunder :returns: The flow for deleting a member """ delete_member_flow = linear_flow.Flow(constants.DELETE_MEMBER_FLOW) delete_member_flow.add( lifecycle_tasks.MemberToErrorOnRevertTask(requires=[ constants.MEMBER, constants.LISTENERS, constants.LOADBALANCER, constants.POOL ])) delete_member_flow.add( vthunder_tasks.VthunderInstanceBusy( requires=a10constants.COMPUTE_BUSY)) delete_member_flow.add( database_tasks.MarkMemberPendingDeleteInDB( requires=constants.MEMBER)) delete_member_flow.add( model_tasks.DeleteModelObject( rebind={constants.OBJECT: constants.MEMBER})) delete_member_flow.add( database_tasks.GetAmphoraeFromLoadbalancer( requires=constants.LOADBALANCER_ID, provides=constants.AMPHORA)) delete_member_flow.add( a10_database_tasks.GetVThunderByLoadBalancer( requires=constants.LOADBALANCER, provides=a10constants.VTHUNDER)) delete_member_flow.add( a10_database_tasks.CountMembersWithIP( requires=constants.MEMBER, provides=a10constants.MEMBER_COUNT_IP)) delete_member_flow.add( a10_database_tasks.CountMembersWithIPPortProtocol( requires=(constants.MEMBER, constants.POOL), provides=a10constants.MEMBER_COUNT_IP_PORT_PROTOCOL)) delete_member_flow.add( a10_database_tasks.GetFlavorData( rebind={a10constants.LB_RESOURCE: constants.LOADBALANCER}, provides=constants.FLAVOR)) delete_member_flow.add( a10_database_tasks.GetLoadBalancerListByProjectID( requires=a10constants.VTHUNDER, provides=a10constants.LOADBALANCERS_LIST)) delete_member_flow.add( a10_database_tasks.GetMemberListByProjectID( requires=a10constants.VTHUNDER, provides=a10constants.MEMBER_LIST)) delete_member_flow.add( a10_network_tasks.CalculateDelta( requires=(constants.LOADBALANCER, a10constants.LOADBALANCERS_LIST, a10constants.MEMBER_LIST), provides=constants.DELTAS)) delete_member_flow.add( a10_network_tasks.HandleNetworkDeltas( requires=constants.DELTAS, provides=constants.ADDED_PORTS)) if topology == constants.TOPOLOGY_ACTIVE_STANDBY: delete_member_flow.add( vthunder_tasks.VCSSyncWait(name=a10constants.VCS_SYNC_WAIT, requires=a10constants.VTHUNDER)) delete_member_flow.add( vthunder_tasks.GetMasterVThunder( name=a10constants.GET_MASTER_VTHUNDER, requires=a10constants.VTHUNDER, provides=a10constants.VTHUNDER)) delete_member_flow.add( vthunder_tasks.AmphoraePostNetworkUnplug( requires=(constants.LOADBALANCER, constants.ADDED_PORTS, a10constants.VTHUNDER))) delete_member_flow.add( vthunder_tasks.VThunderComputeConnectivityWait( name=a10constants.VTHUNDER_CONNECTIVITY_WAIT, requires=(a10constants.VTHUNDER, constants.AMPHORA))) if topology == constants.TOPOLOGY_ACTIVE_STANDBY: delete_member_flow.add( a10_database_tasks.GetBackupVThunderByLoadBalancer( name=a10constants.GET_BACKUP_VTHUNDER_BY_LB, requires=(constants.LOADBALANCER, a10constants.VTHUNDER), provides=a10constants.BACKUP_VTHUNDER)) delete_member_flow.add( vthunder_tasks.VThunderComputeConnectivityWait( name=a10constants.BACKUP_CONNECTIVITY_WAIT + "-before-unplug", requires=constants.AMPHORA, rebind={ a10constants.VTHUNDER: a10constants.BACKUP_VTHUNDER })) delete_member_flow.add( vthunder_tasks.VCSSyncWait(name='member-unplug-' + a10constants.VCS_SYNC_WAIT, requires=a10constants.VTHUNDER)) delete_member_flow.add( vthunder_tasks.GetMasterVThunder( name=a10constants.GET_VTHUNDER_MASTER, requires=a10constants.VTHUNDER, provides=a10constants.VTHUNDER)) delete_member_flow.add( server_tasks.MemberFindNatPool(requires=[ constants.MEMBER, a10constants.VTHUNDER, constants.POOL, constants.FLAVOR ], provides=a10constants.NAT_FLAVOR)) delete_member_flow.add( a10_database_tasks.GetNatPoolEntry( requires=[constants.MEMBER, a10constants.NAT_FLAVOR], provides=a10constants.NAT_POOL)) delete_member_flow.add( a10_network_tasks.ReleaseSubnetAddressForMember(requires=[ constants.MEMBER, a10constants.NAT_FLAVOR, a10constants.NAT_POOL ])) delete_member_flow.add( a10_database_tasks.DeleteNatPoolEntry( requires=a10constants.NAT_POOL)) delete_member_flow.add( server_tasks.MemberDelete( requires=(constants.MEMBER, a10constants.VTHUNDER, constants.POOL, a10constants.MEMBER_COUNT_IP, a10constants.MEMBER_COUNT_IP_PORT_PROTOCOL))) delete_member_flow.add(self.get_delete_member_vrid_subflow()) delete_member_flow.add( database_tasks.DeleteMemberInDB(requires=constants.MEMBER)) delete_member_flow.add( database_tasks.DecrementMemberQuota(requires=constants.MEMBER)) delete_member_flow.add( database_tasks.MarkPoolActiveInDB(requires=constants.POOL)) delete_member_flow.add( database_tasks.MarkLBAndListenersActiveInDB( requires=[constants.LOADBALANCER, constants.LISTENERS])) delete_member_flow.add( vthunder_tasks.WriteMemory(requires=a10constants.VTHUNDER)) delete_member_flow.add( a10_database_tasks.SetThunderUpdatedAt( requires=a10constants.VTHUNDER)) return delete_member_flow