This feature allows the user to run two instances of AKO in a Kubernetes/OpenShift cluster - one in active mode and the other in passive mode.
AKO's high availability architecture is as described below:
Active and passive modes are assigned automatically by performing a leadership election among the AKOs. A lease lock(Kubernetes object) named ako-lease-lock in avi-system has been used to keep track of the current active AKO. The lease lock object has the identity of the current active AKO and a field named renewTime which active AKO periodically refreshes. The passive AKO periodically polls the lease lock object and updates its identity in the lease lock object when the renewTime goes beyond the deadline.
Leader election between AKOs occurs as described below:
Active AKO does the following:
- Creates the AVI objects in the AVI controller.
- Updates the status of the Ingress/Routes/Service of type LB.
- Cleans up the stale AVI objects from the AVI controller.
- Cleans up the AVI objects created by AKO from the controller when
deleteConfighas been set. - Creates the lease object in the
avi-systemnamespace and periodically renews therenewTimeof the lease object.
Passive AKO does the following:
- Polls the lease object in the
avi-systemnamespace. - Reads the objects in Kubernetes/OpenShift cluster and populates the cache.
- Reads the AVI objects configured by Active AKO and builds the cache.
- Change the
replicaCountinvalues.yamlto two. - Execute the helm upgrade command and provide the updated
values.yamlfile.
helm upgrade ako-1593523840 oci://projects.packages.broadcom.com/ako/helm-charts/ako -f /path/to/values.yaml --version 1.14.1 --set ControllerSettings.controllerHost= --set avicredentials.password= --set avicredentials.username= --namespace=avi-system
Note:
- Currently, more than two replicas are not supported.
- Both instances of AKO should be on the same version.