On Wed, May 6, 2015 at 9:26 AM, Fox, Kevin M <kevin....@pnnl.gov> wrote:
> If your Mistral engine is on the same host as the network node hosting the > router for the tenant, then it would probably work.... there are a lot of > conditions in that statement though... Too many for my tastes. :/ > > While I dislike agents running in the vm's, this still might be a good use > case for one... > > This would also probably be a good use case for Zaqar I think. Have a > generic "run shell commands from Zaqar queue" agent, that pulls commands > from a Zaqar queue, and executes it. > > The vm's don't have to be directly reachable from the network then. You > just have to push messages into Zaqar. > > From Murano's perspective though, maybe it shouldn't care. Should Mistral > abstract away how to execute the action, leaving it up to Mistral how to > get the action to the vm? If that's the case, then ssh vs queue/agent is > just a Mistral implementation detail? Maybe the OpenStack Deployer chooses > what's the best route for their cloud? > > Thanks, > Kevins > +1 for MQ. That is the path which proved itself to be working in most of the cases. -1 for ssh as this is a big headache. Thanks, Gosha > ________________________________________ > From: Filip Blaha [filip.bl...@hp.com] > Sent: Wednesday, May 06, 2015 8:42 AM > To: openstack-dev@lists.openstack.org > Subject: [openstack-dev] [Murano] [Mistral] SSH workflow action > > Hello > > We are considering implementing actions on services of a murano > environment via mistral workflows. We are considering whether mistral > std.ssh action could be used to run some command on an instance. Example > of such action in murano could be restart action on Mysql DB service. > Mistral workflow would ssh to that instance running Mysql and run > "service mysql restart". From my point of view trying to use SSH to > access instances from mistral workflow is not good > idea but I would like to confirm it. > > The biggest problem I see there is openstack networking. Mistral service > running on some openstack node would not be able to access instance via > its fixed IP (e.g. 10.0.0.5) via SSH. Instance could accessed via ssh > from namespace of its gateway router e.g. "ip netns exec qrouter-... ssh > cirros@10.0.0.5" but I think it is not good to rely on implementation > detail of neutron and use it. In multinode openstack deployment it > could be even more complicated. > > In other words I am asking whether we can use std.ssh mistral action to > access instances via ssh on theirs fixed IPs? I think no but I would > like to confirm it. > > Thanks > Filip > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- Georgy Okrokvertskhov Architect, OpenStack Platform Products, Mirantis http://www.mirantis.com Tel. +1 650 963 9828 Mob. +1 650 996 3284
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
