So as promised, today I’m going to blog about how to manually create a load balancer service on an edge gateway within vCloud Director.
I’m assuming here that you know all about Edge Gateways and how to create them, so will by-pass that info – if you don’t know then VMware has a simple to follow video on creating a gateway: http://www.youtube.com/watch?v=v9XOOFhvDBk
(Note: with 5.1 you can now setup an edge gateway to run in HA mode – basically providing a secondary gateway device that can seamlessly take over if the primary gateway dies! Also worth noting is the multiple interfaces you can configure – now 10 are supported – and VXLAN support… for more info check out the release notes: http://www.vmware.com/support/vshield/doc/releasenotes_vshield_51.html. BTW, the latest version of vShield is 5.1.2).
So on an edge gateway within your Organisation vDC (virtual Data Centre), you can setup several gateway features (or services):
- Static Routing
- Load Balancing
I won’t go into each one otherwise this will end up being an extremely long post. For more info have a look at VMware’s video: http://www.youtube.com/watch?v=elG1zxGHheg
Creating a Load Balancer service on the edge gateway is a pretty simple process. The two main attributes that need to be configured are:
- “Pool Servers” – which basically contains all the servers that you wish to load balance, as well as the protocol you wish to balance over.
- “Virtual Servers” – this is basically where you assign a VIP (virtual IP) to the load balancer, determine which “Pool” of servers you wish to assign it to, and which protocols you wish to enable.
Step 1 – Configuring Load Balancer Service
When you navigate to the Edge Gateway tab within the Org vDC, right-click on the edge gateway you wish to configure and select “Edge Gateway Services”. This will pop up a window which allows you to configure all the services available on that gateway. In our case we’re configuring the Load Balancer, so click on that tab.
Step 2 – Configure Pool Servers
The first thing you need to do is configure the Pool Servers, it’s no use configuring the Virtual Servers as one of its requirements is that you assign the Virtual Server to a Pool….. Click on Add to bring up the Add Load Balancer Member Pool window.
Here you will just enter a Name for the Pool and a description. Try and use an unique and useful name (eg. <vApp Name>-LB-Pool) that helps to identify the Pool, this is because each load balancer service can have multiple pools and it could get confusing if you end up calling every pool “LBPoolxx”.
Next up is choosing what services/protocols are to be load balanced. One of the new things with vShield 5.1 (or vCloud Network and Security 5.1) is the ability to load balance over HTTPS and generic TCP connections (previous versions only allowed HTTP). Which is GREAT as you can now use an Edge gateway within vCenter Server to load balance vCloud Director cells!! (More on this another time).
So select the services you wish to balance and then decide what balancing methods you wish to use.
Here’s a quick rundown of balancing methods:
- IP_HASH – This basically means the load balancer selects a server based on a hash of the source and destination IP address of each packet.
- LEAST_CONN – This distributes the connection requests based on the number of connections already on the pool-member server. Basically new connections are sent to the server with the fewest connections! However, this does not take into consideration the amount of traffic being handled by that server. Usually great for load balancing long sessions (LDAP, SQL) but not that great for short sessions (like HTTP)
- ROUND_ROBIN – Probably the most common algorithm to use (especially when the servers have equal processing capabilities), it allows equal distribution of traffic amongst the pool servers regardless of the number of connections (or response time). Basically each server in the pool is used in turn according to the weight assigned to it. Although be careful using this if you have servers in the pool with different capabilities as you may end up with servers receiving more requests than they can process. =)
- URI – (Taken from vShield admin guide – tbh, I’ve never used URI as a method)The left part of the URI (before the question mark) is hashed and divided by the total weight of the running servers. The result designates which server will receive the request. This ensures that a URI is always directed to the same server as long as no server goes up or down.
Anyways, keeping it simple we can choose just to balance HTTP over Port 80 using a Round Robin algorithm. =)
Next we configure Health-checking. A health check checks that all servers in the pool are alive and answering queries. Usually the parameters I tend to use are the default ones configured.
- Interval – Interval in secs at which a server is pinged.
- Timeout – Time in secs within which a response from the server must be received.
- Health Threshold – Number of consecutive successful health checks before a server is declared operational.
- Unhealth Threshold – Number of consecutive unsuccessful health checks before a server is declared dead
It’s worth noting that with the default settings, I believe a server would be flagged as down after 60secs (3x timeout + 3x Interval – correct me if I’m wrong!). Obviously you can tune this to whatever you want. Just be aware that the worst thing to do is set the Timeout to 1 second as this can cause all sorts of issues because if a server did not respond to a ping within a second, it would be marked as a missed response!
Likewise setting the Unhealth Threshold to 1 would be inappropriate as that means if a server missed 1 response it would be flagged as down.
URI for HTTP service is basically where the load balancer queries to see if the server is up. Usually this is set to “/”, but if you wish to be smart then you can create a static web page to use on each server. Usually a “200 OK” response means a healthy status, a “4xx or 5xx” would usually mean you have a problem.
Next up is adding the servers you wish to load balance into the pool. Simply enter the IP address of the server, it’s weighting (indicates the ratio of how many requests are sent to this server), and the services and ports to be load balanced.
Once you’ve finished adding all the servers to the pool, click Next and Finish at the summary page.
Step 3 – Configure Virtual Servers
Once the Pool Servers has been defined, click on Virtual Servers tab and the Add button.
Again, like when you created the Pool, I suggest using an unique and useful name for the Virtual Server. =)
When creating the Virtual Server, you need to choose which network to apply it on, usually this would be the Org vDC network.
Specify the IP address to use as the load balancer VIP and then which Pool you wish to assign to be load balanced. Finally select the services you wish to load balance, ensure the ‘Enabled’ box is checked on both the services and the Virtual Server and click OK.
Give it about 30secs to reconfigure the edge gateway and there you go….. a working (hopefully) load balancer service on your Edge Gateway!
Next blog entry will discuss how we tie the vCenter Orchestrator Load Balancer Actions to our manual process!