[Feature] Native Floating IP Support and Automated Failover for Octavia Load Balancer #107
Description
Description
1. Problem Statement
-
Currently, integrating OpenStack Octavia with OpenSDN in External Load Balancer mode presents two critical challenges:
-
Connectivity Failure via Neutron API: Associating a Floating IP (FIP) with an Octavia VIP port using standard Neutron API commands does not establish end-to-end connectivity to Amphora VMs. This occurs because the SDN Fabric fails to route traffic when the FIP object lacks the mandatory virtual-machine-interface-refs for both the VIP and VRRP interfaces.
-
Disruption during Failover: When Octavia triggers a failover, it spawns new Amphora VMs with new VMI IDs while decommissioning the old ones. Consequently, the existing FIP mapping becomes stale, leading to immediate service downtime until the SDN configuration is manually updated.
-
2. Current Workaround
- To maintain service availability, we are forced to bypass the Neutron API and interface directly with the OpenSDN Config API to perform the following:
- Manually inject the Octavia Amphora VRRP port into the virtual-machine-interface-refs of the FIP object.
- Apply custom annotations to the FIP object (e.g., lb_id = <LoadBalancer_UUID>) to track relationships.
- Deploy an external "Watcher" script (via Cronjob) to poll FIP objects and re-map them to new VMIs during failover events. This introduces significant architectural complexity and unacceptable propagation latency (
$10s$ –$30s$)
Proposed Solution: Native Integration via virtual-ip Abstraction
To achieve sub-second failover and native integration, I propose utilizing the existing virtual-ip object in the OpenSDN Schema as an abstraction layer between the FIP and the VMIs.
-
Technical Architecture Changes:
A. OpenSDN Neutron Plugin- Logic: Implement auto-detection for Octavia VIP ports by inspecting the device_owner attribute.
- Behavior: When a FIP is associated with a VIP port, the plugin should create or update a virtual-ip object and link the FIP to this object, rather than creating a direct VMI reference.
B. Schema Transformer & API Server
- Validation: Ensure the schema fully supports floating-ip-refs within the virtual-ip object.
- Auto-Population: Enable the Schema Transformer to maintain implicit links between Amphora VMIs and the virtual-ip object whenever allowed-address-pairs are detected.
C. Service Monitor (svc-monitor)
- Dynamic Ref Updates: Enhance svc-monitor to track the lifecycle of Octavia VMIs.
- Traffic Steering: Upon failover, svc-monitor should automatically update the virtual-machine-interface-refs within the virtual-ip object. This allows the vRouter to update the Flow Table at the fabric level instantly, keeping the FIP reference immutable and the transition seamless.
Benefits
- Native Compatibility: Allows users to use standard OpenStack Neutron commands.
- High Availability: Provides sub-second failover without relying on external polling scripts.
- Reduced Complexity: Eliminates the need for out-of-band configuration management and custom annotations on SDN objects.