High Availability support in AKO
Overview
This feature allows the user to run two instances of AKO in a Kubernetes/OpenShift cluster, that is, one in active mode and the other in passive mode.
The following describes the high availability architecture of AKO:
Active and passive modes are assigned automatically by performing a leadership election among the AKOs. A lease lock (Kubernetes object) named ako-lease-lock in the avi-system is used to keep track of the current active AKO. The lease lock object has the identity of the current active AKO and a field named renewTime which active AKO periodically refreshes. The passive AKO periodically polls the lease lock object and updates its identity in the lease lock object when the renewTime goes beyond the deadline.
The following describes how the leader election between AKOs occurs:
Active AKO does the following:
- Creates the Avi objects in the Avi controller.
- Updates the status of the Ingress/Routes/Service of type LB.
- Cleans up the stale Avi objects from the Avi controller.
- Cleans up the Avi objects created by AKO from the controller when
deleteConfigis set. - Creates the lease object in the
avi-systemnamespace and periodically renews therenewTimeof the lease object.
Passive AKO does the following:
- Polls the lease object in the
avi-systemnamespace. - Reads the objects in Kubernetes/OpenShift cluster and populates the cache.
- Reads the Avi objects configured by Active AKO and builds the cache.
Steps to Run AKO in High Availability
- Change the
replicaCountinvalues.yamlto two. - Execute the helm upgrade command and provide the updated
values.yamlfile.Helm upgrade ako-1593523840 ako/ako -f /path/to/values.yaml --version 1.9.2 --set ControllerSettings.controllerHost= --set avicredentials.password= --set avicredentials.username= --namespace=avi-system
Notes:
- Currently, more than two replicas are not supported.
- Both instances of AKO must be on the same version.