From cbf21dff4edcaa4107132391216d3727d5caf4e0 Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Tue, 31 Aug 2021 14:23:09 -0400 Subject: Document multi-cluster support Updated per review comment: - specify PDP removal frequency - indicate that it's experimental Issue-ID: POLICY-3494 Change-Id: Ia3085c984b95415090e245d2ff7cd966c154064f Signed-off-by: Jim Hahn --- docs/architecture/architecture.rst | 73 ++++++++++++++++++++++++++++++ docs/architecture/images/MCLocalDmaap.svg | 1 + docs/architecture/images/MCLocalHB.svg | 1 + docs/architecture/images/MCMissedHB.svg | 1 + docs/architecture/images/MCSharedDB.svg | 1 + docs/architecture/images/MCSharedDmaap.svg | 1 + docs/architecture/images/MCSharedHB.svg | 1 + 7 files changed, 79 insertions(+) create mode 100644 docs/architecture/images/MCLocalDmaap.svg create mode 100644 docs/architecture/images/MCLocalHB.svg create mode 100644 docs/architecture/images/MCMissedHB.svg create mode 100644 docs/architecture/images/MCSharedDB.svg create mode 100644 docs/architecture/images/MCSharedDmaap.svg create mode 100644 docs/architecture/images/MCSharedHB.svg (limited to 'docs/architecture') diff --git a/docs/architecture/architecture.rst b/docs/architecture/architecture.rst index 7edf9e07..9e999e3b 100644 --- a/docs/architecture/architecture.rst +++ b/docs/architecture/architecture.rst @@ -701,6 +701,79 @@ APIs. Some example PEPs are: DCAE, OOF, and SDNC. See Section 3.4 of the :ref:`Policy Design and Development ` for more information on the Decision APIs. +2.3.8 Multi-Cluster Support +^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Multi-cluster support was added to the Policy Framework during the Istanbul release, +enabling redundancy, load-sharing, and inter-site failover. + +**Note:** *multi-cluster support has only been minimally tested, and is thus still +experimental.* + +2.3.8.1 Shared DB +""""""""""""""""" + +Multi-cluster support requires a shared DB. Rather than spinning up a +separate DB for each cluster, all of the clusters are pointed to a common DB. +Policy-API adds policy types and policies, while Policy-PAP manages PDP Groups and +Subgroups, as well as policy deployments. The information in these tables is not +segregated, but is, instead, shared across the API and PAP components across all of +the clusters. + +.. image:: images/MCSharedDB.svg + +2.3.8.2 DMaaP Arrangement +""""""""""""""""""""""""" + +As in prior releases, communication between the PAPs and PDPs still takes place via +DMaaP. Two arrangements, described below, are supported. + +2.3.8.2.1 Local DMaaP +~~~~~~~~~~~~~~~~~~~~~ + +In this arrangement, each cluster is associated with its own, local +DMaaP, and communication only happens between PAPs and PDPs within the same cluster. + +.. image:: images/MCLocalDmaap.svg + +The one +limitation with this approach is that, when a PAP in cluster A deploys a policy, PAP +is only able to inform the PDPs in the local cluster; the PDPs in the other clusters +are not made aware of the new deployment until they generate a heartbeat, at which +point, their local PAP will inform them of the new deployment. The same is true of +changes made to the state of a PDP Group; changes only propagate to PDPs in other +clusters in response to heartbeats generated by the PDPs. + +.. image:: images/MCLocalHB.svg + +2.3.8.2.2 Shared DMaaP +~~~~~~~~~~~~~~~~~~~~~~ + +In this arrangement, the PAPs and PDPs in all of the clusters are +pointed to a common DMaaP. Because the PAP and PDPs all communicate via the same +DMaaP, when a PAP deploys a policy, all PDPs are made aware, rather than having to +wait for a heartbeat. + +.. image:: images/MCSharedDmaap.svg + +2.3.8.3 Missed Heartbeat +"""""""""""""""""""""""" + +To manage the removal of terminated PDPs from the DB, a record, containing a +"last-updated" timestamp, is maintained within the DB for each PDP. Whether using a +local or shared DMaaP, any PAP receiving a message from a PDP will update the timestamp +in the associated record, thus keeping the records “current”. + +.. image:: images/MCSharedHB.svg + +Periodically, each PAP will sweep the DB of PDP records whose timestamp has not been +updated recently. The frequency with which it is checked is based on the value of +the "heartbeatMs" configuration parameter, with a record considered expired if no +heartbeat has been received for three cycles. + +.. image:: images/MCMissedHB.svg + + 3. APIs Provided by the Policy Framework ======================================== diff --git a/docs/architecture/images/MCLocalDmaap.svg b/docs/architecture/images/MCLocalDmaap.svg new file mode 100644 index 00000000..1b851223 --- /dev/null +++ b/docs/architecture/images/MCLocalDmaap.svg @@ -0,0 +1 @@ +PAPDMaaPQueuePDP A1PDP A2Cluster ACluster BPdpSubgroupPDP A1PDP A2PDP B1Shared DBPDP B2PDP A1PDP A2PDP B1 (discard)PDP B2 (discard)Local DMaaPDeploy/UndeployPolicyRequestPAPDMaaPQueuePDP B2PDP B2PDP B2HeartbeatPDP-UPDATEHeartbeatPDP-UPDATEPDP-UPDATEPDP-UPDATE \ No newline at end of file diff --git a/docs/architecture/images/MCLocalHB.svg b/docs/architecture/images/MCLocalHB.svg new file mode 100644 index 00000000..ae26672c --- /dev/null +++ b/docs/architecture/images/MCLocalHB.svg @@ -0,0 +1 @@ +Cluster BPdpSubgroupPDP A1PDP A2PDP B1Shared DBPDP B2(timestamp UTC)Local DMaaPHeartbeatPAPDMaaPQueuePDP B2PDP B2HeartbeatHeartbeatPDP B2PDP-UPDATEPDP-UPDATE \ No newline at end of file diff --git a/docs/architecture/images/MCMissedHB.svg b/docs/architecture/images/MCMissedHB.svg new file mode 100644 index 00000000..d5b39b88 --- /dev/null +++ b/docs/architecture/images/MCMissedHB.svg @@ -0,0 +1 @@ +Cluster BPdpSubgroupPDP A1 (delete)PDP A2PDP B1Shared DBLocal or Shared DMaaPMissed HeartbeatPAPTimer CheckPDP B2 \ No newline at end of file diff --git a/docs/architecture/images/MCSharedDB.svg b/docs/architecture/images/MCSharedDB.svg new file mode 100644 index 00000000..6d6126db --- /dev/null +++ b/docs/architecture/images/MCSharedDB.svg @@ -0,0 +1 @@ +APIPAPCluster AAPIPAPCluster BPolicy TypePolicyShared DBPdpGroupPdpSubgroup diff --git a/docs/architecture/images/MCSharedDmaap.svg b/docs/architecture/images/MCSharedDmaap.svg new file mode 100644 index 00000000..2a906abb --- /dev/null +++ b/docs/architecture/images/MCSharedDmaap.svg @@ -0,0 +1 @@ +PAPDMaaPQueue(shared)PDP A1PDP A2Cluster ACluster BPdpSubgroupPDP A1PDP A2PDP B1Shared DBPDP B2PDP A1PDP A2PDP B1PDP B2Shared DMaaPDeploy/UndeployPolicyRequestPDP B1PDP B2PDP-UPDATEPDP-UPDATEPDP-UPDATE \ No newline at end of file diff --git a/docs/architecture/images/MCSharedHB.svg b/docs/architecture/images/MCSharedHB.svg new file mode 100644 index 00000000..74020a12 --- /dev/null +++ b/docs/architecture/images/MCSharedHB.svg @@ -0,0 +1 @@ +Cluster BPdpSubgroupPDP A1PDP A2PDP B1Shared DBShared DMaaPHeartbeatPAPPDP B2PDP B2HeartbeatHeartbeatPAPCluster AHeartbeatPDP B2PDP B2PDP B2(timestamp UTC)PDP-UPDATEPDP-UPDATEPDP-UPDATEPDP-UPDATEDMaaPQueue(shared) \ No newline at end of file -- cgit 1.2.3-korg