Red Hat SummitChapter 1. Creating a RHOSO environment with distributed zones
You can deploy the Red Hat OpenStack Services on OpenShift (RHOSO) environment across distributed zones. Distributed zones are failure domains that are located in distributed low-latency L3-connected racks, rows, rooms, and data centers. You can deploy the RHOSO control plane across multiple Red Hat OpenShift Container Platform (RHOCP) cluster nodes that are located in the distributed zones, and you can deploy the RHOSO data plane across the same distributed zones.
A RHOSO environment with distributed zones is built on a routed spine-leaf network topology. The topology of a distributed control plane environment includes three RHOCP zones. Each zone has at least one worker node that hosts the control plane services and one Compute node.
To create a RHOSO environment with distributed zones, you must complete the following tasks:
-
Install OpenStack Operator (
openstack-operator) on an operational RHOCP cluster. - Provide secure access to the RHOSO services.
- Create and configure the control plane network for dynamic routing with border gateway protocol (BGP).
- Create and configure the data plane networks for dynamic routing with BGP.
- Create the distributed control plane for your environment.
- Create and configure the distributed data plane nodes.
You perform the control plane installation tasks and all data plane creation tasks on a workstation that has access to the RHOCP cluster.
You cannot use the provisioning network in a routed spine-leaf network environment. You must configure provisioning to use the RHOCP machine network. The machine network is the network used by RHOCP cluster nodes to communicate with each other. The machine network is also the subnet that includes the API and Ingress VIPs. You configure the machine network by specifying the IP address blocks for the nodes that form the cluster in the machineNetwork field of the RHOCP install-config.yaml file. For more details about the RHOCP machine network, see the following RHOCP resources:
- Configuring the install-config.yaml file in the Installing on bare metal guide
- Network configuration parameters in the Installing on bare metal guide
- Configuring networking
1.1. Planning the infrastructure for distributed zones
To plan and prepare to deploy a distributed zone environment, you must understand the requirements and limitations for Red Hat OpenShift Container Platform (RHOCP) clusters that span multiple sites. For more information, see Guidance for Red Hat OpenShift Container Platform Clusters - Deployments Spanning Multiple Sites (Data Centers/Regions).
1.1.1. RHOCP requirements
Your RHOCP cluster must comply with the minimum RHOCP hardware, network, software and storage requirements that are detailed in Planning your deployment. In addition, to host a distributed zone environment, your RHOCP cluster must comply with the following requirements:
- The RHOCP cluster must not be a compact cluster.
Each zone requires a low-latency interconnect:
- Etcd for RHOCP requires a Round Trip Time (RTT) less than 15ms.
- The network equipment must support the BGP protocol and be compatible with FRRouting (FRR).
- The MetalLB Operator is configured to integrate with FRR-K8s. For more information, see Configuring the integration of MetalLB and FRR-K8s.
The following Operators are installed on the RHOCP cluster:
- The Self Node Remediation (SNR) Operator. For information, see Using Self Node remediation in the Workload Availability for Red Hat OpenShift Remediation, fencing, and maintenance guide.
- The Node Health Check Operator. For information, see Remediating Nodes with Node Health Checks in the Workload Availability for Red Hat OpenShift Remediation, fencing, and maintenance guide.
1.1.2. Storage requirements
The RHOCP storage class is defined, and has access to persistent volumes of type
ReadWriteOnce.NoteIf you use Logical Volume Manager (LVM) storage, the attached volume is not mounted on a new node in the event of a node failure. LVM storage only provides local volumes, and the volume remains assigned to the failed node. This prevents the SNR Operator from automatically rescheduling pods with LVMS PVCs. Therefore, if you use LVMs for storage, you must detach volumes after non-graceful node shutdown. For more information, see Detach volumes after non-graceful node shutdown.
- For Red Hat Ceph Storage, a redundant Red Hat Ceph Storage cluster is available in each zone.
- For third-party storage, local and remote storage array access is configured.
This configuration is Technology Preview when the following storage protocols are used with the Block Storage service, and therefore is not fully supported by Red Hat. It should be used only for testing, and should not be deployed in a production environment:
- Fibre Channel
- NFS
For more information, see Technology Preview.
- Local access storage configuration
Storage services are co-located with their storage arrays in the same availability zone (AZ).
- Each AZ contains its own storage array and dedicated storage network.
- Service pods, such as cinder-volume or manila-share, are deployed on worker nodes within the same AZ as their target storage array.
Compute nodes must be on the same storage network to access local storage resources.
AZ1 setup example
- Storage array: 10.1.0.6.
- Storage network: 10.1.0.0/24.
- The manila-share pod is deployed on the AZ1 worker node with access to 10.1.0.0/24.
- Compute nodes are connected to the same network for direct array access.
- Remote access storage configuration
Storage arrays in each zone must be accessible from worker nodes in other zones to enable cross-AZ operations, such as image management or volume operations.
Network implementation requirements
- iSCSI: Configure IP routing between AZ storage networks to enable remote access.
- Fibre Channel: Configure FC switch zoning to allow cross-AZ access and maintain the same local and remote access patterns as iSCSI.
Use cases
Image management example: The Image service (glance) pod in AZ1 requires access to cinder-volume services across AZs so that you can upload images to the local
glancestore in AZ1 and copy the images to remoteglancestores in AZ2 or AZ3.NoteWhen you use the Block Storage service as a back end for the Image service, volume creation from images can be optimized within each zone’s storage pool. The system uses back-end-assisted cloning instead of downloading image data, which significantly improves performance for boot-from-volume instances and volume creation. This optimization works when the image volume and destination volume are in the same storage pool. For cross-zone operations where volumes are created in different pools, the system uses the traditional download method. For more information, see Volume-from-image optimization with Block Storage back ends.
- Volume operations example: Retype volumes between different AZs.
- Cross-AZ share access example: Grant Compute service (nova) instances in AZ2 access to a Shared File Systems service (manila) share hosted in AZ1. Because network latency between AZs might impact storage performance, administrator policy determines whether to restrict access to the local AZ only for better performance or allow remote AZ access for greater flexibility.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}