This feature allows the user to run two instances of AKO in a Kubernetes/OpenShift cluster, that is, one in active mode and the other in passive mode.

The following describes the high availability architecture of AKO:



Active and passive modes are assigned automatically by performing a leadership election among the AKOs. A lease lock (Kubernetes object) named ako-lease-lock in the avi-system is used to keep track of the current active AKO. The lease lock object has the identity of the current active AKO and a field named renewTime which active AKO periodically refreshes. The passive AKO periodically polls the lease lock object and updates its identity in the lease lock object when the renewTime goes beyond the deadline.

The following describes how the leader election between AKOs occurs:



Active AKO does the following:

  • Creates the NSX Advanced Load Balancer objects in the NSX Advanced Load Balancer Controller.

  • Updates the status of the Ingress/Routes/Service of type LB.

  • Cleans up the stale NSX Advanced Load Balancer objects from the NSX Advanced Load Balancer Controller.

  • Cleans up the NSX Advanced Load Balancer objects created by AKO from the controller when deleteConfig is set.

  • Creates the lease object in the avi-system namespace and periodically renews the renewTime of the lease object.

Passive AKO does the following:

  • Polls the lease object in the avi-system namespace.

  • Reads the objects in Kubernetes/OpenShift cluster and populates the cache.

  • Reads the NSX Advanced Load Balancer objects configured by Active AKO and builds the cache.

Steps to Run AKO in High Availability

  1. Change the replicaCount in values.yaml to two.

  2. Execute the helm upgrade command and provide the updated values.yaml file.

    helm upgrade ako-1593523840 oci://projects.registry.vmware.com/ako/helm-charts/ako -f /path/to/values.yaml --version 1.11.4 --set ControllerSettings.controllerHost= --set avicredentials.password= --set avicredentials.username= --namespace=avi-system
Note:
  1. Currently, more than two replicas are not supported.

  2. Both instances of AKO must be on the same version.