http bit doIntroduction LBaa SPike Introduction to Open

http: //bit. do/Introduction. LBaa. SPike Introduction to Open. Stack Load Balancing German Eichberger Adam Harwell Michael Johnson irc: xgerman irc: rm_work irc: johnsom

Agenda • • • What is network load balancing? What are some use cases for using load balancing? The Open. Stack load balancing model Load balancing providers (drivers) The load balancing Application Programming Interface (API) The load balancing Command Line Interface (CLI) The horizon dashboard for load balancing Session persistence TLS termination Layer 7 load balancing

What is network load balancing? http: //www. openstack. org Network Load Balancer http: //www. openstack. org

What are some use cases for using load balancing? • • Distributing the network load between many servers Increasing the availability of the served resource SSL offload and centralized certificate management Protocol conversion • IPv 6 VIP but IPv 4 member servers • Protocol port conversion • VIP may listen on port 80 when member servers listen on 8080 • L 7 policies and rules • Static image files may be served from different member servers than the web page itself • Abstracting the physical network topology • Ease the upgrade and rollback of applications or equipment • Many more…

The Open. Stack Load Balancing Model Load Balancer VIP: 192. 0. 2. 1 Listener Port: 80 Health Monitor Listener Port: 443 Pool Member 198. 51. 100. 5: 8888 Member 203. 0. 113. 20: 8080

Load Balancing Providers (drivers) • When you create a load balancer you can specify a “provider” that will implement the load balancing engine. • The following providers are available: Octavia reference driver F 5 Networks A 10 Networks Kemp Technologies Brocade Radware Citrix Netscaler Vmware NSX Legacy HAProxy namespace driver Note: Not all drivers are currently present via the native Octavia v 2 API.

The load balancing Application Programming Interface (API) • Load balancing is available via a REST API advertised as the “loadbalancer” service endpoint in keystone. • To create a load balancer, you would POST a JSON body to the “loadbalancer” endpoint with the appropriate keystone token. { } "loadbalancer": { "description": "My favorite load balancer", "vip_subnet_id": "d 4 af 86 e 1 -0051 -488 c-b 7 a 0 -527 f 97490 c 9 a", "vip_address": "203. 0. 113. 50", "provider": "octavia", "name": "best_load_balancer" } The API does support single-call-create, meaning one API call can create a fully functional load balancer. See the API reference: https: //developer. openstack. org/api-ref/load-balancer/v 2

The load balancing Command Line Interface (CLI) • Octavia has a native Open. Stack Client plugin for the Octavia v 2 API. • This can be installed by “pip install python-octaviaclient” openstack loadbalancer create –name best_load_balancer –provider octavia –vip-subnet tenant-1 -subnet

The Horizon Dashboard for Load Balancing • Web UI for creating and managing load balancers • Includes a wizard workflow for load balancer creation Demo Time!

Session Persistence - None http: //www. openstack. org/news Network Load Balancer

Session Persistence – HTTP Cookie http: //www. openstack. org/news Network Load Balancer

TLS Termination • The load balancer handles decrypting the request and encrypting the response • This reduces the load on the backend servers and simplifies certificate management • Certificates only need to be installed and updated in the load balancer as opposed to in each backend member server • Certificates and keys are stored in a secure location and accessed via the Barbican project. • Allows for advanced load balancing of TLS protected requests

TLS Termination https: //www. openstack. org Network Load Balancer

Layer 7 Load Balancing Policy Actions Rule Types Rule Comparison Types • Reject • Redirect to URL • Redirect to Pool • Request hostname • Path • File Type • Header field • Cookie • Regular expression • Starts with • Ends with • Contains • Equal to Example: Requested files ending in JPG can be serviced by a load balancer pool with static content caching member servers, but the HTML and CSS can be served by a pool with traditional web server members.

Layer 7 Load Balancing Load Balancer VIP: 192. 0. 2. 1 Listener Port: 80 Health Monitor Listener Port: 443 Pool Member 198. 51. 100. 5: 8888 Member 203. 0. 113. 20: 8080 L 7 Policy Pool L 7 Rule Member 203. 0. 13. 50: 80

Get Involved! • Weekly meetings: Wednesday @ 20: 00 UTC in #openstack-meeting-alt • Freenode IRC: #openstack-lbaas • https: //wiki. openstack. org/wiki/octavia • http: //www. octavia. cloud • https: //launchpad. net/octavia • https: //github. com/openstack/octavia We are irc: johnsom, irc: rm_work, irc: xgerman

Thank You! Questions?