Red Hat SummitRed Hat blog
Imagine you're responsible for maintaining an OpenShift cluster on a VMware vSphere environment. Suddenly, some of your VMware ESXi hypervisors fail, and your entire cluster goes down. The downtime costs your organization time and money, not to mention the headache of getting everything back up and running. What if there was a way to eliminate these single points of failure and keep your OpenShift cluster up and running, even in the face of disaster? With a new feature introduced in OpenShift 4.13, you can do just that. Keep reading to learn how this game-changing feature enhances your OpenShift deployment.
Distribute OpenShift nodes across vSphere Data Centers and Clusters
To properly distribute your OpenShift cluster across vSphere data centers and vSphere clusters in a single VMware vCenter, we use OpenShift with regions and zones, and to do that we can now use vSphere Data Centers and Clusters. Here’s how:
- Regions: A region is defined as a vSphere Data Center that has an attached tag. This tag must be part of the openshift-region tag category.
- Zones: A zone is defined as a vSphere Cluster that has an attached tag. Like regions, the tag used for zones must be part of the openshift-zone tag category.
To map OpenShift regions and zones to vSphere Data Centers and Clusters, you create in OpenShift a failure domain, which groups vSphere resources.
For example, let’s say you want to define the regions “dc-east”, “dc-west”, and “dc-north” as the vSphere Data Centers “datacenter1”, “datacenter2”, and “datacenter3”, and then have in them the zones “east-1a”, “west-1a”, and “north-1a” respectively.
Then, in each vSphere data center you want your failure domain to remain within the vSphere clusters named “cluster1” in each vSphere data center.
Let’s see this graphically:
You want to distribute your master and worker nodes in 3 failure domains, called “dc-east-1”, “dc-west-1”, and “dc-north-1”, that represent the above constructs.
Adding the configuration
Now we need some way to associate these vSphere Data Center and Cluster names to OpenShift regions and zones in vSphere, for which we will use vCenter tags with a vmware tool called “govc”:
# Create the tag categories
govc tags.category.create -d "OpenShift region" openshift-region
govc tags.category.create -d "OpenShift zone" openshift-zone
# Create the region tags
govc tags.create -c openshift-region dc-east
govc tags.create -c openshift-region dc-west
govc tags.create -c openshift-region dc-north
# Create the zone tags
govc tags.create -c openshift-zone east-1a
govc tags.create -c openshift-zone west-1a
govc tags.create -c openshift-zone north-1a
# Attach the region tags to vCenter datacenters
govc tags.attach -c openshift-region dc-east /datacenter1
govc tags.attach -c openshift-region dc-west /datacenter2
govc tags.attach -c openshift-region dc-north /datacenter3
# Attach the zone tags to vCenter clusters
govc tags.attach -c openshift-zone east-1a /datacenter1/cluster1
govc tags.attach -c openshift-zone west-1a /datacenter2/cluster1
govc tags.attach -c openshift-zone north-1a /datacenter3/cluster1
And once that’s done, define your logical failure domains in your install-config.yaml file:
apiVersion: v1
baseDomain: devcluster.openshift.com
metadata:
name: mycluster
controlPlane:
name: master
replicas: 3
platform:
vsphere:
zones:
- "dc-east-1"
- "dc-west-1"
- "dc-north-1"
compute:
- name: worker
replicas: 3
platform:
vsphere:
zones:
- "dc-east-1"
- "dc-west-1"
- "dc-north-1"
platform:
vSphere:
vcenters: []
failureDomains:
- name: dc-east-1
region: dc-east
zone: east-1a
server: myvcenter.devcluster.openshift.com
topology:
datacenter: datacenter1
computeCluster: /datacenter1/cluster1
networks:
- my-port-group-in-dc1
datastore: /datacenter1/datastore/share1
- name: dc-west-1
region: dc-west
zone: west-1a
server: myvcenter.devcluster.openshift.com
topology:
datacenter: datacenter2
computeCluster: /datacenter2/cluster1
networks:
- my-port-group-in-dc2
datastore: /datacenter2/datastore/share1
- name: dc-north-1
region: dc-north
zone: north-1a
server: myvcenter.devcluster.openshift.com
topology:
datacenter: datacenter3
computeCluster: /datacenter3/cluster1
networks:
- my-port-group-in-dc3
datastore: /datacenter3/datastore/share1
In Summary
By using regions and zones, you distribute OpenShift nodes across multiple VMware vSphere clusters and datacenters in a single VMware vCenter, reducing the risk of downtime in the event of a failure. With this feature, you can be sure your OpenShift cluster is highly available and more resilient, providing peace of mind for you and your organization. Keep reading to learn how to implement this feature and improve your OpenShift deployment on VMware vSphere.
