#OpenStack Kilo/Juno – L3 High Availability VRRP for #Neutron

Started to work with Neutron since IceHouse. There was some important HA and scalability issues in neutron at that time. HA problems were mostly related to Routers and DNSMASQ resources.

Neutron used to be hard to scale. An important workaround was to implement networks with much memory capacity. It makes you to spend more, but it’s better than a failure that can cost more. don’t you think?

Routers weren’t configured in HA by default in IceHouse’s Neutron. It was solved adding pieces of software from other projects. It wasn’t perfect, took some time (4-5 minutes) to switch all affected routers over to the other network node.

You can see details about it in my post published almost a year ago: “There’s real magic behind OpenStack neutron”

Kilo/Juno solves Neutron’s L3 HA Issues and scalability

Starting at Juno, you would be able to implement VRRP to bring L3 HA to virtual routers.

Honestly, It’s better switch over to Kilo, the solution is much better and easy to implement. Also, there is an extreme improvement in throughput that helps to lower cost in network nodes’ hardware. Routers fail over in just seconds, most of the cases users don’t get they are going through a failure.

Please, check up the following picture and compares it with icehouse’s ones at “There’s real magic behind OpenStack neutron”

L3 HA VRRP neutron openvswitch kilo openstack mauricio rojas 1

You will notice there is an additional internal VLAN between routers for VRRP (KeepAlived). Next picture simplify the above in order to understand better what I mean.

L3 HA VRRP neutron openvswitch kilo openstack mauricio rojas.002

A downside is DNMASQ services (i.e. DHCP) are not easily deployed yet to bring the same HA level as routers. You will need to add projects like pacemaker and corosync to these resources.

Kilo also offers to install DVR (Distributed Virtual Routers) as an important improvement for L3 scalability (you will be able to distribute routers’ load among nova computes instead to consolidates them in a couple of network nodes). However, L3 HA is not fully solved yet for DVR and you will require three times more external IPs (maybe for internal use latter won’t be an issue)

See you!

1 reply »

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: