|
| 1 | +- Feature Name: Hub Online synchronization |
| 2 | +- Start Date: (fill with today's date, YYYY-MM-DD) |
| 3 | + |
| 4 | +# Summary |
| 5 | +[summary]: #summary |
| 6 | + |
| 7 | +A new online synchronization mechanism between SUSE Manager HUB and peripheral servers which would be easier to use and provides automatic content synchronization by re-using existing stable mechanisms. |
| 8 | + |
| 9 | +From the field we see that HUB deployments are made with connection between HUB and Peripheral servers, and a disconnected environment can be considered a different scope. |
| 10 | + |
| 11 | +# Motivation |
| 12 | +[motivation]: #motivation |
| 13 | + |
| 14 | + |
| 15 | +With the Hub deployment architecture we provided a concept of centralized content management in SUSE Manager server, which would then synchronize the data to the peripheral servers. To support it, a new inter-server-sync (ISSv2) tool was developed with the goal of replacing the existing mechanism. |
| 16 | + |
| 17 | +The new ISSv2 was designed to allow the transfer of different data types, like software channels, configuration channels and images. The design makes it agnostic to database changes since it uses database metadata (if the new fields and tables follow the SUMA database conventions) and also gives support for fully disconnected environments. |
| 18 | + |
| 19 | +ISSv2 has some constrains and limitation. This RFC proposes a different approach by re-using some existing features to provide a more complete solution, instead of trying to solve the issues with ISSv2. |
| 20 | + |
| 21 | +## Existing Solutions |
| 22 | + |
| 23 | +Let's make a more detailed analysis of each of the existing inter-server-sync solutions, with pros and cons. |
| 24 | + |
| 25 | +### ISS v1 |
| 26 | + |
| 27 | +Based on an old code base, with declarative fields to be transferred (changes in database would mean changes in the transfer specification). |
| 28 | + |
| 29 | +Cons: |
| 30 | +- Only works with software channels |
| 31 | +- Declarative fields to be transferred and serialized in XML. |
| 32 | +- Changes in the database structure needs means adaptation in the field declaration |
| 33 | +- Old code base |
| 34 | + |
| 35 | +Pros: |
| 36 | +- Simple usage, with initial configuration through the web-UI |
| 37 | + - Adding a channel needs to go through a command line tool |
| 38 | +- Automatically channel + Products synchronization with mgr-sync Taskomatic job (delegates call to `mgr-inter-sync` cli tool) |
| 39 | +- Cross organization synchronization |
| 40 | + |
| 41 | +### ISSv2 |
| 42 | + |
| 43 | +Cons: |
| 44 | +- Slow to export and import |
| 45 | + - Data transfer is not optimized: uses sql statements with a single transaction. The bigger the channel or more channels in one single export, the bigger the problem. |
| 46 | +- If database schema doesn't follow the conventions, we need manual corrections |
| 47 | +- A lot of manual steps to run and make it more efficient |
| 48 | +- No UI support |
| 49 | +- Hard to debug |
| 50 | +- No good feedback during import |
| 51 | +- No cross organization import (organizations needs to have the same name in source and target) |
| 52 | +- Need to have all the cloned channels hierarchy to be able to use SP migration |
| 53 | + |
| 54 | +Pros: |
| 55 | +- Can transfer more than just software channels (images and configuration channels) |
| 56 | +- Sync process is started from the server side |
| 57 | +- Export once, import in parallel in all peripherals |
| 58 | +- Support for fully disconnected environment |
| 59 | + |
| 60 | + |
| 61 | +## Proposed solution |
| 62 | + |
| 63 | +One of SUSE Manager focus areas is synchronizing and managing content, especially RPM's. To do so, it synchronizes remote channels, apply filters to produce new channels (CLM) and makes these channels available to be consumed. |
| 64 | + |
| 65 | +The overall idea of the Hub Online synchronization is to re-use the existing repo-sync mechanism and synchronize channels in the peripheral from the HUB published repositories (online connection between hub and peripherals servers). |
| 66 | + |
| 67 | +In the first stage the focus will be synchronizing software channels, since it's the most problematic one in terms of performance and automation. However, we should be able to re-use the integration mechanism, since everything will be implemented through API. |
| 68 | + |
| 69 | +We will need a mechanism to create the channels in the peripheral servers (vendor and customs ones) in the desired organization. Those channels need to have as content source the corresponding HUB server repository URL, with the correct authentication token. With this, repo-sync will take care of channel synchronization (proof of concept already tested). |
| 70 | + |
| 71 | +Pros: |
| 72 | +- Automatically update channel during the night with repo-sync/mgr-sync |
| 73 | +- No need to have specific code adaptations in case of schema changes. It will be handled any way in repo-sync changes |
| 74 | +- Rely on a stable specification: repositories metadata |
| 75 | +- After initial configuration, all synchronization between hub and peripheral should be automatic and transparent |
| 76 | + - Only differences would be transferred |
| 77 | +- Promote environments in CLM will automatically propagate changes to all connected peripherals |
| 78 | +- Automatic creating of bootstrap repository done by repo-sync tool |
| 79 | + |
| 80 | +Cons: |
| 81 | +- All peripheral can start synchronizing at same time |
| 82 | + - Can be problematic if we have several peripherals performing full synchronization at same time. However we can configure the peripherals to run repo-sync in different hours and spread the load |
| 83 | + - This is only a problem in first sync, since subsequent sync only transfer differences |
| 84 | + |
| 85 | + |
| 86 | +## Tools scope |
| 87 | + |
| 88 | +With this solution we can change the scope of the existing tools. For ISSv1 this would be a full replacement, meaning this tool/feature can be removed in SUSE Manager 5.0. |
| 89 | + |
| 90 | +Issv2 will continue to exist but with a change in its scope to be the tool to synchronize content between fully disconnected environments, and not to use in HUB set-ups. However, since this first implementation is not considering images and configuration channels synchronization, we still need to use it in HUB for these scenarios (should be temporary and replace with implementation in HUB Online Synchronization). |
| 91 | + |
| 92 | +The new Hub synchronization would be focused on HUB online deployments to allow scale SUSE Manager infrastructure. The only focus of this solution would be to work in scale and make it easier to use. |
| 93 | + |
| 94 | + |
| 95 | +# Detailed design |
| 96 | +[design]: #detailed-design |
| 97 | + |
| 98 | +The solution focuses on re-using the repo-sync mechanism to synchronize channels from Hub server to peripheral servers. It will be described in several steps that aim to address how it will be used and how we can technically support it. |
| 99 | + |
| 100 | +The main focus is to develop the integration between HUB server and peripherals through API only and re-using existing API methods as much as possible. However, some new custom methods will be needed. |
| 101 | + |
| 102 | +Configuration should be pushed from the HUB to peripherals, to avoid the need of direct management of the peripherals. |
| 103 | + |
| 104 | +For now this solution is focused on software channels only, but can be extended to synchronize more data types. |
| 105 | + |
| 106 | + |
| 107 | +## Define connection between HUB and Peripherals |
| 108 | + |
| 109 | +We can follow a similar approach to what exists on ISSv1. On the hub side we can define multiple peripheral servers to connect to by providing the FQDN and an authentication token. |
| 110 | +On the peripheral side we also need to define the Hub server FQDN and an Authentication token. |
| 111 | + |
| 112 | +Each peripheral server can only have 1 Hub server (master). This will avoid dealing with problems like channel label conflicts between multiple masters. Configure a hub server will block access to a set of menu items like: "Admin" -> "Setup wizard" -> "Organization Credentials" and "Products" and "PAYG Connection" (similar to what we already have for ISSv1). |
| 113 | +We cannot add Hub connection if SCC credentials are defined, they should be mutually excluded. |
| 114 | + |
| 115 | +We can re-use and improve existing ISSv1 database tables to save the needed data. |
| 116 | + |
| 117 | + |
| 118 | +## Hub as a proxy for SCC data |
| 119 | + |
| 120 | +The SUSE Manager server needs a set of metadata to be able to operate. Currently that metadata is provided by SCC directly or, in the case of PAYG, provided by the cloud RMT infrastructure. We should also provide this data in SUSE Manager HUB to be consumed by the peripheral servers. |
| 121 | +The minimal endpoints to be provided are: |
| 122 | + - "/suma/product_tree.json" |
| 123 | + - "/connect/organizations/products/unscoped" |
| 124 | + |
| 125 | +On top of this, we should also provide an endpoint for peripherals to send status data needed by SCC (example of this is the minions registered and hardware information). Peripheral servers should send this data to the HUB instead of SCC, and the HUB server should consolidate it and send it to SCC. |
| 126 | + |
| 127 | +## Peripheral software channels creation |
| 128 | + |
| 129 | +We need a mechanism to create the channels in the peripheral servers (vendor and CLM's) in the desired organization. The peripheral channel creation must be done from the HUB server through an API. Since we are making special channel creation (defined next), those API methods should be available to server-to-server communication only. |
| 130 | + |
| 131 | +For each peripheral we should define the organization mapping between HUB organizations and peripheral ones, following the rules (similiar to what we have on ISSv1): |
| 132 | + - Each Hub organization can only be mapped to one peripheral organizations |
| 133 | + - Peripheral organization can receive data from several different HUB organizations |
| 134 | + |
| 135 | +From the webUI we should be able to select which channels should be added to each peripheral (vendor or custom). This needed to be saved in a new database table on the HUB side. |
| 136 | + |
| 137 | +Steps needed to create the channels on peripheral: |
| 138 | + - In the HUB, generate authentication tokens to access the channel(s). Re-use the existing channel access table. |
| 139 | + - In the peripheral create all needed channels (vendor and custom) point to the HUB server in the rhncontentsource table. Each channel needs to have its own entry. |
| 140 | + - Minimal set of tables will be populated on the peripheral: rhnchannel, rhnchannelcontentsource, rhnchannelproduct, rhnchannelfamilymembers, rhnproductname, rhnchannelcloned, suseproductchannel. |
| 141 | + |
| 142 | + |
| 143 | +When creating the channels in the peripheral server the content source will reference the correct HUB repository that provides that channel. Peripheral servers need to be configured with the flag `java.unify_custom_channel_management`, which will synchronize custom channels during the nightly mgr-sync process. |
| 144 | + |
| 145 | +One important aspect is to recreate the connection between custom channels and vendor channels, so we can have SP migration and avoid the need to synchronize all channel clone chains (ISSv1 also does this implementation). |
| 146 | + |
| 147 | +Vendor channels are not linked to any organization, and can also be synchronized with this method. |
| 148 | + |
| 149 | +## Communication Workflow |
| 150 | + |
| 151 | + |
| 152 | + |
| 153 | +## Integration with SUSE Manager 5.0 |
| 154 | + |
| 155 | +With SUSE Manager containerization we cannot register the peripheral servers as minions anymore. Several components were relying on having that. |
| 156 | +In this section we will have a walk-through of those problems and how this solution can help solve them. |
| 157 | + |
| 158 | +### HUB XML-RPC API |
| 159 | + |
| 160 | +Component responsible for broadcasting API requests to peripheral servers. This component loads the peripheral servers that are registered on the HUB by looking at the minion entitlements. |
| 161 | + |
| 162 | +With the proposed solution we can retrieve the list of the registered peripheral servers and avoid the peripheral server registration as minion. |
| 163 | + |
| 164 | +### Inter-server-sync-v2 |
| 165 | + |
| 166 | +Will be replaced by this solution. It will continue to exist but for disconnect set-ups only. |
| 167 | + |
| 168 | +### Uyuni-config formula |
| 169 | + |
| 170 | +This proposal doesn't address any of the issues with the configuration formula. |
| 171 | + |
| 172 | +### HUB Report Federation |
| 173 | + |
| 174 | +Reporting database information is collected using a salt state to get the report DB connection information. |
| 175 | +With this solution we can replace the mechanism by an API call to the peripheral server which would return the needed information, and in this way remove the need to minion registration. |
| 176 | + |
| 177 | + |
| 178 | +## Future Steps |
| 179 | + |
| 180 | +This implementation sets the foundations to add more online content synchronization through the API, like configuration channels, images and activation keys. |
| 181 | + |
| 182 | +# Drawbacks |
| 183 | +[drawbacks]: #drawbacks |
| 184 | + |
| 185 | +- Full synchronize a high number of peripherals at same time can overload the HUB server |
| 186 | + - After the first full synchronization it should not be a problem |
| 187 | + - One Peripheral can manage up to 10.000 minions. If we add 10 peripherals we would be able to manage 100.000 minions (more than our biggest customer) |
| 188 | + |
| 189 | +# Alternatives |
| 190 | +[alternatives]: #alternatives |
| 191 | + |
| 192 | +- Create a new UI and use ISSv2 to synchronize data |
| 193 | +- Solve the existing and known problems of ISSv2 |
| 194 | + |
| 195 | +# Unresolved questions |
| 196 | +[unresolved]: #unresolved-questions |
| 197 | + |
| 198 | +- How to deal when channel mapping is removed at hub configuration? Channel should stay in peripheral but will not get more updates? |
| 199 | +- how to deal with channel delete on HUB? Channel should stay in peripheral but will not get more updates? |
0 commit comments