Revision as of 12:42, 19 November 2012

Scope

This document describes the internal architecture of LBaaS and workflows.

Modules Decomposition

LBaaS architecture is based on advanced services introduced into Quantum. The structure is following:

File:Quantum$$LBaaS$$Architecture$lbaas architecture new.png

LBaaS Quantum Extension - is responsible for handling REST API calls
LBaaS Quantum AdvSvc Plugin - is a core of service, it is responsible for:
- DB storage
- Request validation
- Scheduling of load balancing services (deployment to LB devices)
LBaaS Agent - is stand-alone service that manages drivers
Driver - is a module that transforms LBaaS object model into vendor-specific model and deploys configuration onto load-balancing device

Workflows

LBaaS management is performed via REST API. If the call involves DB only (read, name update) then it is done synchronous way, all other calls (like status retrieval, write operations) are done asynchronously. See Quantum/LBaaS/REST API for more details.

There are two types of locks:

Object-level lock is done on an instance (vip, pool, member) and restricts concurrent changes. The lock is achieved by moving object into one of PENDING_* states.
Device-level lock is done to lock the whole configuration and disallow concurrent changes. Since this is a restrictive policy, requests are actually put into queue and then processed by driver one-by-one. The queue may be implemented completely as Python code or be an external MQ.

The following diagram shows 2 concurrent update requests, 'alt' blocks show processing alternatives for requests.

Template:Http://goo.gl/BRUP8

REST API request is accepted by Quantum and routed to the corresponding Extension and Plugin.
Plugin performs validation of request (schema conformance, values and references check, etc). If validation fails one of 40x codes is returned (depending on reason).
DB object is updated and object is moved to PENDING_UPDATE state.
Request is transformed into task and pushed into queue.
Plugin responses user with HTTP 202 reply. Steps 1-5 are done synchronously.
Agent picks message from the queue and forwards it to Driver. Driver changes configuration of load balancing device. Once completed the response message is pushed into Plugin's queue.
Plugin retrieves message and updates DB with either "ACTIVE" or "ERROR" status

Data model should be resistant to different failures and crash of modules:

If crash in 1), 2) or 3) all changes are lost, HTTP 500 error is returned to user.
If crash in 4) or 5) then Plugin handles it and moves object into ERROR state, HTTP 500 error is returned.
If crash in 6) or 7) the object remains in "PENDING_" state. The Plugin will move the object into ERROR state after some preconfigured time or after restart.

Driver API

See Quantum/LBaaS/DriverAPI for details.

@@ Line 2: / Line 2: @@
 = Scope =
-This document describes the architecture of LBaaS and introduces internal APIs
+This document describes the internal architecture of LBaaS and workflows.
 == Modules Decomposition ==
@@ Line 15: / Line 15: @@
 ** Request validation
 ** Scheduling of load balancing services (deployment to LB devices)
-* LBaaS Agent - is stand-alone service that provides API for driver developers
+* LBaaS Agent - is stand-alone service that manages drivers
 * Driver - is a module that transforms LBaaS object model into vendor-specific model and deploys configuration onto load-balancing device
-== Sequence Diagram ==
+== Workflows ==
-LBaaS management is performed via REST API. If the call involves DB only (read, name update) then it is done in synchronous manner, all other calls (like status retrieval, write operations) are done asynchronously. See [[Quantum/LBaaS/REST API]] for more details.
+LBaaS management is performed via REST API. If the call involves DB only (read, name update) then it is done synchronous way, all other calls (like status retrieval, write operations) are done asynchronously. See [[Quantum/LBaaS/REST API]] for more details.
-Communicaion between [[AdvSvc]] Plugin and Agent is done via AMQP.
+There are two types of locks:
+* Object-level lock is done on an instance (vip, pool, member) and restricts concurrent changes. The lock is achieved by moving object into one of PENDING_* states.
+* Device-level lock is done to lock the whole configuration and disallow concurrent changes. Since this is a restrictive policy, requests are actually put into queue and then processed by driver one-by-one. The queue may be implemented completely as Python code or be an external MQ.
-The diagram (#1) for update operation is following:
+The following diagram shows 2 concurrent update requests, 'alt' blocks show processing alternatives for requests.
-[[Image:Quantum$$LBaaS$$Architecture$lbaas_update_sequence.png]]
+{{http://goo.gl/BRUP8|width=780}}
-== Driver API ==
+# REST API request is accepted by Quantum and routed to the corresponding Extension and Plugin.
+# Plugin performs validation of request (schema conformance, values and references check, etc). If validation fails one of 40x codes is returned (depending on reason).
+# DB object is updated and object is moved to PENDING_UPDATE state.
+# Request is transformed into task and pushed into queue.
+# Plugin responses user with HTTP 202 reply. Steps 1-5 are done synchronously.
+# Agent picks message from the queue and forwards it to Driver. Driver changes configuration of load balancing device. Once completed the response message is pushed into Plugin's queue.
+# Plugin retrieves message and updates DB with either "ACTIVE" or "ERROR" status
-All vendor drivers implement base Driver API. The list of operations is following:
+Data model should be resistant to different failures and crash of modules:
+* If crash in 1), 2) or 3) all changes are lost, HTTP 500 error is returned to user.
+* If crash in 4) or 5) then Plugin handles it and moves object into ERROR state, HTTP 500 error is returned.
+* If crash in 6) or 7) the object remains in "PENDING_" state. The Plugin will move the object into ERROR state after some preconfigured time or after restart.
+== Driver API ==
-<pre><nowiki>
+See [[Quantum/LBaaS/DriverAPI]] for details.
-createVIP (vip: VIP)
-updateVIP (newVip: VIP, oldVip: VIP)
-deleteVIP (vip: VIP)
-createPool (pool: Pool, vip: VIP)
-updatePool (newPool: Pool, oldPool: Pool, vip: VIP)
-deletePool (pool: Pool, vip: VIP)
-createMember (member: Member, pool: Pool)
-updateMember (newMember: Member, oldMember: Member, pool: Pool)
-deleteMember (member: Member, pool: Pool)
-createHealthMonitor (healthMonitor: HealthMonitor, pool: Pool)
-updateHealthMonitor (newHealthMonitor: HealthMonitor, oldHealthMonitor: HealthMonitor, pool: Pool)
-deleteHealthMonitor (healthMonitor: HealthMonitor, pool: Pool)
-getPoolStats (pool: Pool)
-getVIPStatus (vip: VIP)
-getPoolStatus (pool: Pool)
-getMemberStatus (member: Member)
-getCapabilities ()
-</nowiki></pre>
-(?) For all update operations both old and new object are passed. The driver may decide to use new object only, or apply patch. Maybe we need to pass patch instead of old?
------
-''Appendix''. Diagram #1 is created using http://www.websequencediagrams.com, source code:
-<pre><nowiki>
-title Update Request
-User -> +Extension: REST API Request
-activate User
-Extension --> +Plugin: Core API Request
-alt Valid
-    Plugin --> Extension: Accepted
-    Extension -> User: HTTP 202
-else Invalid
-    Plugin --> Extension: Error Message
-    Extension -> -User: HTTP 40x
-end
-deactivate User
-Plugin --> +DB: Set W-Lock
-Plugin -> +Agent: AMQP Request
-Agent --> +Driver: Driver API call
-Driver -> +Device: Apply Change
-Device -> -Driver: Status
-Driver --> -Agent: Status
-Agent -> -Plugin: AMQP Response
-alt Success
-    Plugin --> DB: Update DB
-else Failure
-    Plugin --> DB: Store Last Error
-end
-Plugin --> DB: Clear W-Lock
-deactivate Plugin
-deactivate DB
-</nowiki></pre>

Difference between revisions of "Neutron/LBaaS/Architecture"

Revision as of 12:42, 19 November 2012

Scope

Modules Decomposition

Workflows

Driver API