Red Hat SummitChapter 4. Configuring Clustering
The JBoss Data Grid for OpenShift images can use either the Kubernetes or DNS discovery mechanisms for clustering. These discovery mechanisms enable images to automatically join clusters.
By default, DNS is pre-configured in the JBoss Data Grid for OpenShift image templates. If you want to use Kubernetes as the discovery mechanism, or if you plan to build and deploy a custom image, you must configure cluster discovery.
JBoss Data Grid does not support removing images from an active cluster.
4.1. Configuring the Kubernetes Discovery Mechanism
To configure the Kubernetes discovery mechanism for clustering, do the following:
Set
openshift.KUBE_PINGas the value for theJGROUPS_PING_PROTOCOLenvironment variable.JGROUPS_PING_PROTOCOL=openshift.KUBE_PING
JGROUPS_PING_PROTOCOL=openshift.KUBE_PINGCopy to Clipboard Copied! Specify the OpenShift project name as the value for the
OPENSHIFT_KUBE_PING_NAMESPACEenvironment variable. If you do not set this variable, the server behaves like a single-node cluster.OPENSHIFT_KUBE_PING_NAMESPACE=PROJECT_NAME
OPENSHIFT_KUBE_PING_NAMESPACE=PROJECT_NAMECopy to Clipboard Copied! Specify the label that is set at the service level as the value for the
OPENSHIFT_KUBE_PING_LABELSenvironment variable. If you do not set this variable, pods outside the application but in the same namespace attempt to join.OPENSHIFT_KUBE_PING_LABELS=app=APP_NAME
OPENSHIFT_KUBE_PING_LABELS=app=APP_NAMECopy to Clipboard Copied! Grant authorization to the service account the pod is running under so that it can access the Kubernetes REST API. You grant this authorization using the OpenShift CLI, as follows:
Granting authorization for the default service account in the myproject namespace:
oc policy add-role-to-user view system:serviceaccount:$(oc project -q):default -n $(oc project -q)
oc policy add-role-to-user view system:serviceaccount:$(oc project -q):default -n $(oc project -q)Copy to Clipboard Copied! Granting authorization for eap-service-account in the myproject namespace:
oc policy add-role-to-user view system:serviceaccount:$(oc project -q):eap-service-account -n $(oc project -q)
oc policy add-role-to-user view system:serviceaccount:$(oc project -q):eap-service-account -n $(oc project -q)Copy to Clipboard Copied! Ensure port
8888is defined as a ping port on the pod container, as follows:ports: - containerPort: 8888 name: ping protocol: TCPports: - containerPort: 8888 name: ping protocol: TCPCopy to Clipboard Copied!
4.2. Configuring the DNS Discovery Mechanism
To configure the DNS discovery mechanism for clustering, do the following:
Set
openshift.DNS_PINGas the value for theJGROUPS_PING_PROTOCOLenvironment variable.JGROUPS_PING_PROTOCOL=openshift.DNS_PING
JGROUPS_PING_PROTOCOL=openshift.DNS_PINGCopy to Clipboard Copied! Specify the name of the ping service for the cluster as the value for the
OPENSHIFT_DNS_PING_SERVICE_NAMEenvironment variable.OPENSHIFT_DNS_PING_SERVICE_NAME=PING_SERVICE_NAME
OPENSHIFT_DNS_PING_SERVICE_NAME=PING_SERVICE_NAMECopy to Clipboard Copied! Specify the port number where the ping service is exposed as the value for the
OPENSHIFT_DNS_PING_SERVICE_PORTenvironment variable. The default value is8888.OPENSHIFT_DNS_PING_SERVICE_PORT=PING_PORT
OPENSHIFT_DNS_PING_SERVICE_PORT=PING_PORTCopy to Clipboard Copied! Define a ping service that exposes the ping port, as in the following example:
apiVersion: v1 kind: Service spec: clusterIP: None ports: - name: ping port: 8888 protocol: TCP targetPort: 8888 selector: deploymentConfig=datagrid-app metadata: annotations: description: The JGroups ping port for clustering. service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'apiVersion: v1 kind: Service spec: clusterIP: None ports: - name: ping port: 8888 protocol: TCP targetPort: 8888 selector: deploymentConfig=datagrid-app metadata: annotations: description: The JGroups ping port for clustering. service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'Copy to Clipboard Copied! ImportantYou should configure
clusterIP: Noneso that the service is headless. Likewise, the ping port must be named and include theservice.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'annotation.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}