Difference: SmartStackSetup (3 vs. 4)

Revision 42013-11-01 - rprior

Line: 1 to 1
 
META TOPICPARENT name="ShoalDevelopment"

Smartstack Airbnb

Line: 24 to 24
 
  • For above point this does not guarantee extra stability as of this writing : "Currently, the failure of our Zookeeper cluster will take out our entire infrastructure. Also, because of edge cases in the zk library we use, we may not even be handling the failure of a single ZK node properly at the moment." From the official site
  • nerve and synapse need a list of all zookeepers' IPs
  • synapse maintains an internal proxy; the CVMFS config proxy will point to a non-changing port used by synapse which will route to the appropriate squid
Added:
>
>
  • This proxy needs to be rebooted if a new squid node goes online (only new nodes if a node goes offline then later online a reboot is not necessary)
 
  • nerve can have different kinds of status checks above just a heart beat
  • synapse runs continuously, it will automatically change the squid in use if it goes down
Changed:
<
<
  • no SSL? (can be configured in new version of zookeeper but that may only be between ZK nodes need to test)
>
>
  • no SSL support and not easy to add, will need to use something like stunnel
  • can support many services (not just squid caches)
  Shoal:
  • uses python and rabbitMQ
  • relies on a singe rabbitMQ server (could have multiple shoal servers easily but they rely on rabbitMQ. Getting multiple rabbit servers co-operating would be difficult but may not be necessary for load TODO: link Mike Chester's WT report
Changed:
<
<
  • shoal-agent and shoal-server require IP of rabbitMQ server, shoal-client requires IP of shoal-server (can use DNS)
>
>
  • shoal-agent and shoal-server require IP of rabbitMQ server, shoal-client requires IP of shoal-server
 
  • shoal-client writes the CVMFS config file when run
  • shoal-server will remove an agent from its list after a configurable period of inactivity
  • shoal-client runs only once
Line: 41 to 43
  Smartstack:
  • nerve:
Changed:
<
<
    • ruby 2
>
>
    • ruby 2 (? at least high enough to support gem)
 
  • synapse:
Changed:
<
<
    • ruby 2
>
>
    • ruby 2 (? at least high enough to support gem)
 
    • as of now because the version in gem does not work, git
  • zookeeper:
    • Java 1.6 (JDK6)
Line: 69 to 71
 

Setup

Added:
>
>

Nerve

 Nerve (Starting from cernvm-squid-node-2.6.0-4-1-x86_64.ext3.gz):
  • Get ruby from here
  • tar xvzf -> ./configure -> make && make install
Line: 92 to 96
  Nerve can then be run by (assuming squid and zookeeper are already running): nerve --config /path/to/config
Added:
>
>

Zookeeper

 Zookeeper (Starting from cernvm-basic-2.7.2-1-2-x86_64.ext3.gz):
  • get Java (JDK6 or JRE 1.6)
  • java does not require install just make sure the jre/bin/ directory is on the path
Line: 102 to 108
  Run by executing zookeeper/bin/zkServer.sh start

Added:
>
>

Synapse

 Synapse (Starting from cernvm-basic-2.7.2-1-2-x86_64.ext3.gz):
  • Get ruby from here
  • tar xvzf -> ./configure -> make && make install
Line: 111 to 119
  git clone https://github.com/airbnb/synapse.git
Changed:
<
<
A config file has to be provided as well a sample one is given below: (under services->squid->discovery change hosts to be a list of zookeeper IPs and ports (2181 by default) With this config change CVMFS_HTTP_PROXY to localhost:3129 (as specified under services->squid->local_port
>
>
A config file has to be provided as well. A sample one is given below:

under services->squid->discovery change hosts to be a list of zookeeper IPs and ports (2181 by default) With this config change CVMFS_HTTP_PROXY to localhost:3129 (as specified under services->squid->local_port)

 
{
Line: 170 to 179
 }
Added:
>
>

stunnel

Stunnel is a wrapper for web services to add SSL support to applications that don't have it.

I attempted to add SSL support to nerve and synapse and found it too be quite complicated. User credentials (name+password) are easy enough to add but x509 certificates are not. stunnel allows x509 certificate support to be added without modifying nerve/synapse directly. It is just a proxy that accepts SSL connections via the internet and then over localhost sends the unecrypted data to the webservice that needs SSL.

In the case of Smart Stack, commmunication would work like this: Nerve -> unecrypted over loacalhost -> stunnel -> encrypted -> stunnel on zookeeper machine -> unecrypted over localhost -> zookeeper

Every part of Smart Stack would need to run stunnel.

To setup stunnel, download it from the official site

 

-- RobertPrior - 2013-10-28

 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback