Remove absolute paths from md links
This commit is contained in:
parent
0777823695
commit
ff0b00683d
|
@ -65,7 +65,7 @@ If all you want is a simple home server solution, or you demand scalability beyo
|
||||||
|
|
||||||
For a redundant cluster, yes. PVC requires a majority quorum for proper operation at various levels, and the smallest possible majority quorum is 2-of-3; thus 3 nodes is the smallest safe minimum. That said, you can run PVC on a single node for testing/lab purposes without host-level redundancy, should you wish to do so, and it might also be possible to run 2 "main" systems with a 3rd "quorum observer" hosting only the management tools but no VMs; however these options are not officially supported, as PVC is designed primarily for 3+ node operation.
|
For a redundant cluster, yes. PVC requires a majority quorum for proper operation at various levels, and the smallest possible majority quorum is 2-of-3; thus 3 nodes is the smallest safe minimum. That said, you can run PVC on a single node for testing/lab purposes without host-level redundancy, should you wish to do so, and it might also be possible to run 2 "main" systems with a 3rd "quorum observer" hosting only the management tools but no VMs; however these options are not officially supported, as PVC is designed primarily for 3+ node operation.
|
||||||
|
|
||||||
For more details, see the [Cluster Architecture page](/architecture/cluster-architecture.md).
|
For more details, see the [Cluster Architecture page](architecture/cluster-architecture.md).
|
||||||
|
|
||||||
#### Does PVC support containers (Docker/Kubernetes/LXC/etc.)?
|
#### Does PVC support containers (Docker/Kubernetes/LXC/etc.)?
|
||||||
|
|
||||||
|
|
|
@ -78,7 +78,7 @@ Many PVC daemons, as discussed below, leverage a majority quorum to function. A
|
||||||
|
|
||||||
This is an important consideration when deciding the number of coordinators to allocate: a 3-coordinator system can tolerate the loss of a single coordinator without impacting the cluster, but losing 2 would render the cluster inoperable; similarly, a 5-coordinator system can tolerate the loss of 2 coordinators, but losing 3 would render the cluster inoperable. In addition, these coordinators must be located in such a way that a majority can communicate in outage events, in order for the cluster to remain operational. This affects the network and physical design of a cluster and must be carefully considered during deployment; for instance, network switches and links, and power, should be redundant.
|
This is an important consideration when deciding the number of coordinators to allocate: a 3-coordinator system can tolerate the loss of a single coordinator without impacting the cluster, but losing 2 would render the cluster inoperable; similarly, a 5-coordinator system can tolerate the loss of 2 coordinators, but losing 3 would render the cluster inoperable. In addition, these coordinators must be located in such a way that a majority can communicate in outage events, in order for the cluster to remain operational. This affects the network and physical design of a cluster and must be carefully considered during deployment; for instance, network switches and links, and power, should be redundant.
|
||||||
|
|
||||||
For more details on this, see the [Fencing](/architecture/fencing.) and [Georedundancy](/architecture/georedundancy.md) documentation. The first also covers the node fencing process, which allows automatic recovery from a node failure in certain outage events.
|
For more details on this, see the [Fencing](architecture/fencing.) and [Georedundancy](architecture/georedundancy.md) documentation. The first also covers the node fencing process, which allows automatic recovery from a node failure in certain outage events.
|
||||||
|
|
||||||
Hypervisors are not affected by the coordinator quorum: a cluster can lose any number of non-coordinator hypervisors without impacting core services, though compute resources (CPU and memory) must be available on the remaining nodes for VMs to function properly, and any OSDs on these hypervisors, if applicable, would become unavailable, potentially impacting storage availability.
|
Hypervisors are not affected by the coordinator quorum: a cluster can lose any number of non-coordinator hypervisors without impacting core services, though compute resources (CPU and memory) must be available on the remaining nodes for VMs to function properly, and any OSDs on these hypervisors, if applicable, would become unavailable, potentially impacting storage availability.
|
||||||
|
|
||||||
|
@ -92,7 +92,7 @@ The Zookeeper database runs on the coordinator nodes, and requires a majority qu
|
||||||
|
|
||||||
### Patroni/PostgreSQL
|
### Patroni/PostgreSQL
|
||||||
|
|
||||||
PVC uses the Patroni PostgreSQL cluster manager to store relational data for use by the [Provisioner subsystem](/manuals/provisioner.md) and managed network DNS aggregation.
|
PVC uses the Patroni PostgreSQL cluster manager to store relational data for use by the [Provisioner subsystem](manuals/provisioner.md) and managed network DNS aggregation.
|
||||||
|
|
||||||
The Patroni system runs on the coordinator nodes, with the primary coordinator taking on the "leader" role (read-write) and all others taking on the "follower" role (read-only). Patroni leverages Zookeeper to handle state, and is thus dependent on Zookeeper to function.
|
The Patroni system runs on the coordinator nodes, with the primary coordinator taking on the "leader" role (read-write) and all others taking on the "follower" role (read-only). Patroni leverages Zookeeper to handle state, and is thus dependent on Zookeeper to function.
|
||||||
|
|
||||||
|
@ -108,7 +108,7 @@ The Ceph storage system features multiple layers. First, OSDs are created on ded
|
||||||
|
|
||||||
This default layout provides several benefits, including multi-node replication, the ability to tolerate the loss of a full node without impacting storage, and shared storage facilitating live migration, at the cost of a 3x storage penalty. Additional replication modes (for instance, more copies) are possible to provide more resiliency at the cost of a larger storage penalty.
|
This default layout provides several benefits, including multi-node replication, the ability to tolerate the loss of a full node without impacting storage, and shared storage facilitating live migration, at the cost of a 3x storage penalty. Additional replication modes (for instance, more copies) are possible to provide more resiliency at the cost of a larger storage penalty.
|
||||||
|
|
||||||
It can be important to more advanced configurations to understand how disk writes work in this system to properly understand the implications of this replication. Please see the [Ceph Write Process](/manuals/ceph-write-process.md) documentation for a full explanation.
|
It can be important to more advanced configurations to understand how disk writes work in this system to properly understand the implications of this replication. Please see the [Ceph Write Process](manuals/ceph-write-process.md) documentation for a full explanation.
|
||||||
|
|
||||||
## Cluster Networking
|
## Cluster Networking
|
||||||
|
|
||||||
|
@ -120,7 +120,7 @@ Within each core network, each node is assigned a static IP address; DHCP is not
|
||||||
|
|
||||||
In addition to the main static IP of each node, there is also a "floating" IP in each network which is bound to the primary coordinator. This IP can be used as a single point of access into the cluster for the API or other services that need to see the "cluster as a whole" rather than individual nodes.
|
In addition to the main static IP of each node, there is also a "floating" IP in each network which is bound to the primary coordinator. This IP can be used as a single point of access into the cluster for the API or other services that need to see the "cluster as a whole" rather than individual nodes.
|
||||||
|
|
||||||
Some or all of these networks can be collapsed, though for optimal performance and security, it is recommended that, at a minimum, the "upstream" and "cluster"/"storage" networks be separated. The physical aspect is discussed further in the [Hardware Requirements](/architecture/hardware-requirements.md) documentation, however larger clusters should generally lean towards splitting these networks into separate physical, as well as logical, links.
|
Some or all of these networks can be collapsed, though for optimal performance and security, it is recommended that, at a minimum, the "upstream" and "cluster"/"storage" networks be separated. The physical aspect is discussed further in the [Hardware Requirements](architecture/hardware-requirements.md) documentation, however larger clusters should generally lean towards splitting these networks into separate physical, as well as logical, links.
|
||||||
|
|
||||||
#### Upstream
|
#### Upstream
|
||||||
|
|
||||||
|
@ -130,7 +130,7 @@ The "upstream" network requires outbound Internet access, as it will be used to
|
||||||
|
|
||||||
This network, though it requires Internet access, should not be exposed directly to the Internet or to other untrusted local networks for security reasons. PVC itself makes no attempt to hinder access to nodes from within this network. At a minimum, an upstream firewall should prevent external access to this network, and only trusted hosts or on-cluster VMs should be added to it.
|
This network, though it requires Internet access, should not be exposed directly to the Internet or to other untrusted local networks for security reasons. PVC itself makes no attempt to hinder access to nodes from within this network. At a minimum, an upstream firewall should prevent external access to this network, and only trusted hosts or on-cluster VMs should be added to it.
|
||||||
|
|
||||||
In addition to all other functions, server IPMI interfaces should reside either directly in this network, or in a network directly reachable from this network, to provide fencing and auto-recovery functionality. For more details, see the [Fencing](/architecture/fencing.md) documentation.
|
In addition to all other functions, server IPMI interfaces should reside either directly in this network, or in a network directly reachable from this network, to provide fencing and auto-recovery functionality. For more details, see the [Fencing](architecture/fencing.md) documentation.
|
||||||
|
|
||||||
#### Cluster
|
#### Cluster
|
||||||
|
|
||||||
|
@ -158,7 +158,7 @@ PVC can provide services to clients in this network via the DNSMasq subsystem, i
|
||||||
|
|
||||||
**NOTE:** Be aware of the potential for "tromboning" when routing between managed networks. All traffic to and from a managed network will flow out the primary coordinator. Thus, if there is a large amount of inter-network traffic between two managed networks, all this traffic will traverse the primary coordinator, introducing a potential bottleneck. To avoid this, keep the amount of inter-network routing between managed networks or between managed networks and the outside world to a minimum.
|
**NOTE:** Be aware of the potential for "tromboning" when routing between managed networks. All traffic to and from a managed network will flow out the primary coordinator. Thus, if there is a large amount of inter-network traffic between two managed networks, all this traffic will traverse the primary coordinator, introducing a potential bottleneck. To avoid this, keep the amount of inter-network routing between managed networks or between managed networks and the outside world to a minimum.
|
||||||
|
|
||||||
One major purpose of managed networks is to provide a bootstrapping mechanism for new VMs deployed using the [PVC provisioner](/manuals/provisioner.md) with CloudInit metadata services (see that documentation for details). Such deployments will require at least one managed network to provide access to the CloudInit metadata system.
|
One major purpose of managed networks is to provide a bootstrapping mechanism for new VMs deployed using the [PVC provisioner](manuals/provisioner.md) with CloudInit metadata services (see that documentation for details). Such deployments will require at least one managed network to provide access to the CloudInit metadata system.
|
||||||
|
|
||||||
#### Bridged
|
#### Bridged
|
||||||
|
|
||||||
|
|
|
@ -20,14 +20,14 @@ Fencing can be temporarily disabled by setting the cluster maintenance mode to `
|
||||||
|
|
||||||
For fencing to be enabled, several configurations must be correctly set.
|
For fencing to be enabled, several configurations must be correctly set.
|
||||||
|
|
||||||
* The node must have a proper IPMI interface, as detailed in the [Hardware Requirements](/architecture/hardware-requirements.md#ipmilights-out-management) documentation.
|
* The node must have a proper IPMI interface, as detailed in the [Hardware Requirements](architecture/hardware-requirements.md#ipmilights-out-management) documentation.
|
||||||
* The IPMI interface must be either in the [cluster "upstream" network](/architecture/cluster-architecture.md#upstream), or in another network reachable by it. The former is strongly recommended, because the latter is potentially susceptable to network faults in the routing between the networks which might cause fencing to fail in otherwise valid scenarios.
|
* The IPMI interface must be either in the [cluster "upstream" network](architecture/cluster-architecture.md#upstream), or in another network reachable by it. The former is strongly recommended, because the latter is potentially susceptable to network faults in the routing between the networks which might cause fencing to fail in otherwise valid scenarios.
|
||||||
* The IPMI BMC must be configured with an `Administrator`-level user with IPMI-over-LAN privilieges enabled.
|
* The IPMI BMC must be configured with an `Administrator`-level user with IPMI-over-LAN privilieges enabled.
|
||||||
* The IPMI interface (IP or hostname) and aforementioned user of each node must be configured in the `fencing` -> `ipmi` section of the `pvcnoded.yaml` file of that node.
|
* The IPMI interface (IP or hostname) and aforementioned user of each node must be configured in the `fencing` -> `ipmi` section of the `pvcnoded.yaml` file of that node.
|
||||||
|
|
||||||
PVC will automatically check the reachability of its IPMI and its functionality early during node startup. The functionality can also be tested via the `ipmitool -I lanplus` command from a node.
|
PVC will automatically check the reachability of its IPMI and its functionality early during node startup. The functionality can also be tested via the `ipmitool -I lanplus` command from a node.
|
||||||
|
|
||||||
The [PVC Ansible framework](/deployment/getting-started.md) will automatically configure most aspects of this IPMI setup, though some might require manual configuration. Ensure you test before putting the cluster into production.
|
The [PVC Ansible framework](deployment/getting-started.md) will automatically configure most aspects of this IPMI setup, though some might require manual configuration. Ensure you test before putting the cluster into production.
|
||||||
|
|
||||||
## Fencing Process
|
## Fencing Process
|
||||||
|
|
||||||
|
|
|
@ -16,7 +16,7 @@ PVC is designed to operate in "N-1" mode, that is, all sizing of the cluster sho
|
||||||
|
|
||||||
For example, consider 3 nodes each with 16 CPU cores and 128GB of RAM. This totals 48 CPU cores and 384GB of RAM, however we should consider the N-1 number, that is 32 CPU cores and 256GB of RAM, to be the maximum usable quantity of each available across the entire cluster.
|
For example, consider 3 nodes each with 16 CPU cores and 128GB of RAM. This totals 48 CPU cores and 384GB of RAM, however we should consider the N-1 number, that is 32 CPU cores and 256GB of RAM, to be the maximum usable quantity of each available across the entire cluster.
|
||||||
|
|
||||||
Disks are even more limited. As outlined in the [Cluster Storage section of the Cluster Architecture](/architecture/cluster-architecture.md#cluster-storage) documentation, a normal pool replication level for reliable redundant operation is 3 copies with 2 minimum copies. Thus, to continue the above 3 node example, if each node features a 2TB data SSD, the total available N-1 storage is 2TB (as 3 x 2TB / 3 = 2TB).
|
Disks are even more limited. As outlined in the [Cluster Storage section of the Cluster Architecture](architecture/cluster-architecture.md#cluster-storage) documentation, a normal pool replication level for reliable redundant operation is 3 copies with 2 minimum copies. Thus, to continue the above 3 node example, if each node features a 2TB data SSD, the total available N-1 storage is 2TB (as 3 x 2TB / 3 = 2TB).
|
||||||
|
|
||||||
## Hardware Vendors
|
## Hardware Vendors
|
||||||
|
|
||||||
|
@ -28,9 +28,9 @@ Some common recommended vendors, with whom the author has had good experiences,
|
||||||
|
|
||||||
All aforementioned server vendors support some form of IPMI Lights-out Management, e.g. Dell iDRAC, Cisco CIMC, HP iLO, etc. with IPMI-over-LAN functionality. Consumer and low-end Workstation hardware does not normally support IPMI Lights-out Management and is thus unsuitable for a production node.
|
All aforementioned server vendors support some form of IPMI Lights-out Management, e.g. Dell iDRAC, Cisco CIMC, HP iLO, etc. with IPMI-over-LAN functionality. Consumer and low-end Workstation hardware does not normally support IPMI Lights-out Management and is thus unsuitable for a production node.
|
||||||
|
|
||||||
* It is **recommended** for a redundant, production PVC node to feature IPMI Lights-out Management, on a dedicated Ethernet port, with support for IPMI-over-LAN functionality, reachable from or in the [cluster "upstream" network](/architecture/cluster-architecture.md#upstream).
|
* It is **recommended** for a redundant, production PVC node to feature IPMI Lights-out Management, on a dedicated Ethernet port, with support for IPMI-over-LAN functionality, reachable from or in the [cluster "upstream" network](architecture/cluster-architecture.md#upstream).
|
||||||
|
|
||||||
This feature is not strictly required, however it is required for the [PVC fencing system](/architecture/fencing.md) to function properly, which is required for auto-recovery from node failures. PVC will detect the lack of a reachable IPMI interface at startup and disable fencing and auto-recovery in such a case.
|
This feature is not strictly required, however it is required for the [PVC fencing system](architecture/fencing.md) to function properly, which is required for auto-recovery from node failures. PVC will detect the lack of a reachable IPMI interface at startup and disable fencing and auto-recovery in such a case.
|
||||||
|
|
||||||
## CPU
|
## CPU
|
||||||
|
|
||||||
|
|
|
@ -22,7 +22,7 @@ Installation of PVC is accomplished by two main components: a [Node installer IS
|
||||||
|
|
||||||
Just give it physical servers, and it will run your VMs without you having to think about it, all in just an hour or two of setup time.
|
Just give it physical servers, and it will run your VMs without you having to think about it, all in just an hour or two of setup time.
|
||||||
|
|
||||||
For more details on the project motivation, please see the [About](/about.md) page.
|
For more details on the project motivation, please see the [About](about.md) page.
|
||||||
|
|
||||||
## What is it based on?
|
## What is it based on?
|
||||||
|
|
||||||
|
@ -38,7 +38,7 @@ The core node and API daemons, as well as the CLI API client, are written in Pyt
|
||||||
|
|
||||||
## Getting Started
|
## Getting Started
|
||||||
|
|
||||||
To get started with PVC, read over the [Cluster Architecture](/architecture/cluster-architecture.md) pages then see the [Getting Started](/deployment/getting-started.md) guide for details on configuring your first cluster.
|
To get started with PVC, read over the [Cluster Architecture](architecture/cluster-architecture.md) pages then see the [Getting Started](deployment/getting-started.md) guide for details on configuring your first cluster.
|
||||||
|
|
||||||
|
|
||||||
## Changelog
|
## Changelog
|
||||||
|
|
Loading…
Reference in New Issue