You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

Anycast

From Wikitech-static
Revision as of 21:01, 18 July 2019 by imported>Ayounsi (→‎How to deploy a new service?)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Still WIP

Internal

In production

Anycast recursive DNS

How does it work?


How to deploy a new service?

  1. Assign an IP in DNS, from the 10.3.0.0/24 range - (eg. Gerrit CR 524045)
  2. Configure the server side (eg. Gerrit CR 524037)
    1. Add include ::profile::bird::anycast where you see fit (usually to the service's role)
    2. Configure the VIP and its attributes (usually hieradata/role/common/)
      profile::bird::advertise_vips:
  <vip_fqdn>:
    address: 10.3.x.x # VIP to advertise (required)
    check_cmd: '/bin/true' # Any command to check the healh of the service, ran as user "bird" (required)
    ensure: present # Set to absent to cleanly remove the check (optional, present by default)
    bfd: true # Fast failure detection between router and server (Optional, true by default)
profile::bird::bind_service: 'foobar.service' # Stop bird if linked service goes down (optional, none by default)
      Some notes:
      • The check_cmd needs to run in less than 1s (check interval)
  3. Configure the router side:
    1. set protocols bgp group Anycast4 neighbor <server_IP>
  4. Add monitoring to the VIP, similar to any Icinga checks, but in modules/profile/manifests/bird/anycast_monitoring.pp
  5. (Optional) if deploying a new type of service, ask Netops to add a backup static route


Retrieved from "https://wikitech-static.wikimedia.org/w/index.php?title=Anycast&oldid=325979"