[ovs-discuss] etcd for OVN status update (was: Re: more about etcd (can it support big transactions and many monitors?))

Andy Zhou azhou at ovn.org
Thu Jul 7 20:15:06 UTC 2016


On Thursday, July 7, 2016, Russell Bryant <russell at ovn.org> wrote:

>
> On Thu, Jul 7, 2016 at 2:44 PM, Andy Zhou <azhou at ovn.org> wrote:
>
>> On Thu, Jul 7, 2016 at 11:37 AM, Han Zhou <zhouhan at gmail.com> wrote:
>>
>>> Hi Andy,
>>>
>>> Sorry #1 seems not clear to me. It sounds like a etcd cluster running
>>> behind a ovsdb-server cluster? Then what would be the HA mechanism for the
>>> ovsdb-server layer?
>>>
>>
>> Yes, your understanding is correct, expect ovsdb-servers do not form a
>> cluster, they only connect to etcd servers.
>>
>> etcd  servers form the HA cluster. All ovsdb-servers maintain connections
>> to the leader etcd server.  OVSDB servers do not store
>> transactions, they essentially translate ovsdb protocol into etcd gRPC
>> protocol.
>>
>
> Would you be able to run N copies of ovsdb-server in this case?
>

Yes, ovsdb-client can connect to any one of them.

>
> Another consideration is that we'd be able to make use of ovsdb features,
> but at the expense of not be able to use etcd features directly.  An
> example is authorization.  This is a v2 API doc, but:
>
> https://coreos.com/etcd/docs/latest/auth_api.html
>
> I was thinking we might be able to build a solution for the "Limiting the
> impact of a compromised chassis" item in ovn/TODO using etcd capabilities.
> If we put ovsdb in front of it, we still have to solve this in ovsdb.
>
> This is a very good point. May be it is another +1 for #2? Or you have
some other approach in mind?

> --
> Russell Bryant
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20160707/89bf25b8/attachment-0002.html>


More information about the discuss mailing list