On Thu, Jul 7, 2016 at 1:15 PM, Andy Zhou <az...@ovn.org> wrote: > > > On Thursday, July 7, 2016, Russell Bryant <russ...@ovn.org> wrote: > >> >> On Thu, Jul 7, 2016 at 2:44 PM, Andy Zhou <az...@ovn.org> wrote: >> >>> On Thu, Jul 7, 2016 at 11:37 AM, Han Zhou <zhou...@gmail.com> wrote: >>> >>>> Hi Andy, >>>> >>>> Sorry #1 seems not clear to me. It sounds like a etcd cluster running >>>> behind a ovsdb-server cluster? Then what would be the HA mechanism for the >>>> ovsdb-server layer? >>>> >>> >>> Yes, your understanding is correct, expect ovsdb-servers do not form a >>> cluster, they only connect to etcd servers. >>> >>> etcd servers form the HA cluster. All ovsdb-servers maintain >>> connections to the leader etcd server. OVSDB servers do not store >>> transactions, they essentially translate ovsdb protocol into etcd gRPC >>> protocol. >>> >> >> Would you be able to run N copies of ovsdb-server in this case? >> > > Yes, ovsdb-client can connect to any one of them. >
Good, so does it mean a load balancer can be put between clients and ovsdb-servers? > >> Another consideration is that we'd be able to make use of ovsdb features, >> but at the expense of not be able to use etcd features directly. An >> example is authorization. This is a v2 API doc, but: >> >> https://coreos.com/etcd/docs/latest/auth_api.html >> >> I was thinking we might be able to build a solution for the "Limiting the >> impact of a compromised chassis" item in ovn/TODO using etcd capabilities. >> If we put ovsdb in front of it, we still have to solve this in ovsdb. >> >> This is a very good point. May be it is another +1 for #2? Or you have > some other approach in mind? > >> -- >> Russell Bryant >> >
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
