On Thu, Jul 7, 2016 at 2:44 PM, Andy Zhou <az...@ovn.org> wrote: > On Thu, Jul 7, 2016 at 11:37 AM, Han Zhou <zhou...@gmail.com> wrote: > >> Hi Andy, >> >> Sorry #1 seems not clear to me. It sounds like a etcd cluster running >> behind a ovsdb-server cluster? Then what would be the HA mechanism for the >> ovsdb-server layer? >> > > Yes, your understanding is correct, expect ovsdb-servers do not form a > cluster, they only connect to etcd servers. > > etcd servers form the HA cluster. All ovsdb-servers maintain connections > to the leader etcd server. OVSDB servers do not store > transactions, they essentially translate ovsdb protocol into etcd gRPC > protocol. >
Would you be able to run N copies of ovsdb-server in this case? Another consideration is that we'd be able to make use of ovsdb features, but at the expense of not be able to use etcd features directly. An example is authorization. This is a v2 API doc, but: https://coreos.com/etcd/docs/latest/auth_api.html I was thinking we might be able to build a solution for the "Limiting the impact of a compromised chassis" item in ovn/TODO using etcd capabilities. If we put ovsdb in front of it, we still have to solve this in ovsdb. -- Russell Bryant
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
