Google Git
Sign in
apache / cloudstack-docs / 24fae4506689cba80a9de75cb727fedc128ddff0 / . / en-US / add-loadbalancer-rule-vpc.xml
blob: 90247b0a6f940a6f6ff2ce91ebc29aa260750a72 [file] [log] [blame]
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-loadbalancer-rule-vpc">
<title>Adding Load Balancing Rules on a VPC</title>
<para>In a VPC, you can configure two types of load balancing&mdash;external LB and internal LB.
External LB is nothing but a LB rule created to redirect the traffic received at a public IP of
the VPC virtual router. The traffic is load balanced within a tier based on your configuration.
Citrix NetScaler and VPC virtual router are supported for external LB. When you use internal LB
service, traffic received at a tier is load balanced across different VMs within that tier. For
example, traffic reached at Web tier is redirected to another VM in that tier. External load
balancing devices are not supported for internal LB. The service is provided by a internal LB VM
configured on the target tier.</para>
<section id="curent-lb-vpc">
<title>Load Balancing Within a Tier (External LB)</title>
<para>A &PRODUCT; user or administrator may create load balancing rules that balance traffic
received at a public IP to one or more VMs that belong to a network tier that provides load
balancing service in a VPC. A user creates a rule, specifies an algorithm, and assigns the
rule to a set of VMs within a tier.</para>
<section id="enable-vpc-public-lb">
<title>Enabling NetScaler as the LB Provider on a VPC Tier</title>
<orderedlist>
<listitem>
<para>Add and enable Netscaler VPX in dedicated mode.</para>
<para>Netscaler can be used in a VPC environment only if it is in dedicated mode.</para>
</listitem>
<listitem>
<para>Create a network offering, as given in <xref linkend="ext-lb-offering"/>.</para>
</listitem>
<listitem>
<para>Create a VPC with Netscaler as the Public LB provider.</para>
<para>For more information, see <xref linkend="add-vpc"/>.</para>
</listitem>
<listitem>
<para>For the VPC, acquire an IP.</para>
</listitem>
<listitem>
<para>Create an external load balancing rule and apply, as given in <xref
linkend="ext-lb-vpc"/>.</para>
</listitem>
</orderedlist>
</section>
<section id="ext-lb-offering">
<title>Creating a Network Offering for External LB</title>
<para>To have external LB support on VPC, create a network offering as follows: </para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a user or admin.</para>
</listitem>
<listitem>
<para>From the Select Offering drop-down, choose Network Offering.</para>
</listitem>
<listitem>
<para>Click Add Network Offering.</para>
</listitem>
<listitem>
<para>In the dialog, make the following choices:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: Any desired name for the network
offering.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: A short description of the
offering that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network Rate</emphasis>: Allowed data transfer rate in MB
per second.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Traffic Type</emphasis>: The type of network traffic that
will be carried on the network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Type</emphasis>: Choose whether the guest network is
isolated or shared.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Persistent</emphasis>: Indicate whether the guest network
is persistent or not. The network that you can provision without having to deploy a
VM on it is termed persistent network. </para>
</listitem>
<listitem>
<para><emphasis role="bold">VPC</emphasis>: This option indicate whether the guest
network is Virtual Private Cloud-enabled. A Virtual Private Cloud (VPC) is a
private, isolated part of &PRODUCT;. A VPC can have its own virtual network topology
that resembles a traditional physical network. For more information on VPCs, see
<xref linkend="vpc"/>.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Specify VLAN</emphasis>: (Isolated guest networks only)
Indicate whether a VLAN should be specified when this offering is used.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Supported Services</emphasis>: Select Load Balancer. Use
Netscaler or VpcVirtualRouter.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Load Balancer Type</emphasis>: Select Public LB from the
drop-down.</para>
</listitem>
<listitem>
<para><emphasis role="bold">LB Isolation</emphasis>: Select Dedicated if Netscaler is
used as the external LB provider.</para>
</listitem>
<listitem>
<para><emphasis role="bold">System Offering</emphasis>: Choose the system service
offering that you want virtual routers to use in this network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Conserve mode</emphasis>: Indicate whether to use conserve
mode. In this mode, network resources are allocated only when the first virtual
machine starts in the network.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK and the network offering is created.</para>
</listitem>
</orderedlist>
</section>
<section id="ext-lb-vpc">
<title>Creating an External LB Rule</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC, for which you want to configure load
balancing rules.</para>
<para>The VPC page is displayed where all the tiers you created listed in a
diagram.</para>
<para>For each tier, the following options are displayed:</para>
<itemizedlist>
<listitem>
<para>Internal LB</para>
</listitem>
<listitem>
<para>Public LB IP</para>
</listitem>
<listitem>
<para>Static NAT</para>
</listitem>
<listitem>
<para>Virtual Machines</para>
</listitem>
<listitem>
<para>CIDR</para>
</listitem>
</itemizedlist>
<para>The following router information is displayed:</para>
<itemizedlist>
<listitem>
<para>Private Gateways</para>
</listitem>
<listitem>
<para>Public IP Addresses</para>
</listitem>
<listitem>
<para>Site-to-Site VPNs</para>
</listitem>
<listitem>
<para>Network ACL Lists</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>In the Router node, select Public IP Addresses.</para>
<para>The IP Addresses page is displayed.</para>
</listitem>
<listitem>
<para>Click the IP address for which you want to create the rule, then click the
Configuration tab.</para>
</listitem>
<listitem>
<para>In the Load Balancing node of the diagram, click View All.</para>
</listitem>
<listitem>
<para>Select the tier to which you want to apply the rule.</para>
</listitem>
<listitem>
<para>Specify the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: A name for the load balancer rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Public Port</emphasis>: The port that receives the
incoming traffic to be balanced.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Private Port</emphasis>: The port that the VMs will use to
receive the traffic.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Algorithm</emphasis>. Choose the load balancing algorithm
you want &PRODUCT; to use. &PRODUCT; supports the following well-known
algorithms:</para>
<itemizedlist>
<listitem>
<para>Round-robin</para>
</listitem>
<listitem>
<para>Least connections</para>
</listitem>
<listitem>
<para>Source</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para><emphasis role="bold">Stickiness</emphasis>. (Optional) Click Configure and
choose the algorithm for the stickiness policy. See Sticky Session Policies for Load
Balancer Rules.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Add VMs</emphasis>: Click Add VMs, then select two or more
VMs that will divide the load of incoming traffic, and click Apply.</para>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
<para>The new load balancing rule appears in the list. You can repeat these steps to add more
load balancing rules for this IP address.</para>
</section>
</section>
<section id="acros-tiers-lb">
<title>Load Balancing Across Tiers</title>
<para>&PRODUCT; supports sharing workload across different tiers within your VPC. Assume that
multiple tiers are set up in your environment, such as Web tier and Application tier. Traffic
to each tier is balanced on the VPC virtual router on the public side, as explained in <xref
linkend="add-loadbalancer-rule-vpc"/>. If you want the traffic coming from the Web tier to
the Application tier to be balanced, use the internal load balancing feature offered by
&PRODUCT;.</para>
<section id="vpc-pic">
<title>How Does Internal LB Work in VPC?</title>
<para>In this figure, a public LB rule is created for the public IP 72.52.125.10 with public
port 80 and private port 81. The LB rule, created on the VPC virtual router, is applied on
the traffic coming from the Internet to the VMs on the Web tier. On the Application tier two
internal load balancing rules are created. An internal LB rule for the guest IP 10.10.10.4
with load balancer port 23 and instance port 25 is configured on the VM, InternalLBVM1.
Another internal LB rule for the guest IP 10.10.10.4 with load balancer port 45 and instance
port 46 is configured on the VM, InternalLBVM1. Another internal LB rule for the guest IP
10.10.10.6, with load balancer port 23 and instance port 25 is configured on the VM,
InternalLBVM2.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vpc-lb.png"/>
</imageobject>
<textobject>
<phrase>vpc-lb.png: Configuring internal LB for VPC</phrase>
</textobject>
</mediaobject>
</section>
<section id="internallb-notes">
<title>Guidelines</title>
<itemizedlist>
<listitem><para>Internal LB and Public LB are mutually exclusive on a tier. If the tier has LB on the public
side, then it can't have the Internal LB.</para></listitem>
<listitem><para>Internal LB is supported just on VPC networks in &PRODUCT; 4.2 release.</para></listitem>
<listitem><para>Only Internal LB VM can act as the Internal LB provider in &PRODUCT; 4.2 release.</para></listitem>
<listitem><para>Network upgrade is not supported from the network offering with Internal LB to the network
offering with Public LB.</para></listitem>
<listitem><para>Multiple tiers can have internal LB support in a VPC.</para></listitem>
<listitem><para>Only one tier can have Public LB support in a VPC.</para></listitem>
</itemizedlist>
</section>
<section id="enable-vpc-lb">
<title>Enabling Internal LB on a VPC Tier</title>
<orderedlist>
<listitem>
<para>Create a network offering, as given in <xref linkend="int-lb-vpc"/>.</para>
</listitem>
<listitem>
<para>Create an internal load balancing rule and apply, as given in <xref
linkend="int-lb-vpc"/>.</para>
</listitem>
</orderedlist>
</section>
<section id="int-lb-offering">
<title>Creating a Network Offering for Internal LB</title>
<para>To have internal LB support on VPC, either use the default offering,
DefaultIsolatedNetworkOfferingForVpcNetworksWithInternalLB, or create a network offering as
follows: </para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a user or admin.</para>
</listitem>
<listitem>
<para>From the Select Offering drop-down, choose Network Offering.</para>
</listitem>
<listitem>
<para>Click Add Network Offering.</para>
</listitem>
<listitem>
<para>In the dialog, make the following choices:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: Any desired name for the network
offering.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: A short description of the
offering that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network Rate</emphasis>: Allowed data transfer rate in MB
per second.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Traffic Type</emphasis>: The type of network traffic that
will be carried on the network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Type</emphasis>: Choose whether the guest network is
isolated or shared.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Persistent</emphasis>: Indicate whether the guest network
is persistent or not. The network that you can provision without having to deploy a
VM on it is termed persistent network. </para>
</listitem>
<listitem>
<para><emphasis role="bold">VPC</emphasis>: This option indicate whether the guest
network is Virtual Private Cloud-enabled. A Virtual Private Cloud (VPC) is a
private, isolated part of &PRODUCT;. A VPC can have its own virtual network topology
that resembles a traditional physical network. For more information on VPCs, see
<xref linkend="vpc"/>.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Specify VLAN</emphasis>: (Isolated guest networks only)
Indicate whether a VLAN should be specified when this offering is used.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Supported Services</emphasis>: Select Load Balancer.
Select <code>InternalLbVM</code> from the provider list.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Load Balancer Type</emphasis>: Select Internal LB from the
drop-down.</para>
</listitem>
<listitem>
<para><emphasis role="bold">System Offering</emphasis>: Choose the system service
offering that you want virtual routers to use in this network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Conserve mode</emphasis>: Indicate whether to use conserve
mode. In this mode, network resources are allocated only when the first virtual
machine starts in the network.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK and the network offering is created.</para>
</listitem>
</orderedlist>
</section>
<section id="int-lb-vpc">
<title>Creating an Internal LB Rule</title>
<para>When you create the Internal LB rule and applies to a VM, an Internal LB VM, which is
responsible for load balancing, is created. </para>
<para>You can view the created Internal LB VM in the Instances page if you navigate to
<emphasis role="bold">Infrastructure</emphasis> > <emphasis role="bold">Zones</emphasis> >
&lt;<emphasis role="italic">zone_ name</emphasis>&gt; > &lt;<emphasis role="italic"
>physical_network_name</emphasis>&gt; > <emphasis role="bold">Network Service
Providers</emphasis> > <emphasis role="bold">Internal LB VM</emphasis>. You can manage the
Internal LB VMs as and when required from the location.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Locate the VPC for which you want to configure internal LB, then click
Configure.</para>
<para>The VPC page is displayed where all the tiers you created listed in a
diagram.</para>
</listitem>
<listitem>
<para>Locate the Tier for which you want to configure an internal LB rule, click Internal
LB.</para>
<para>In the Internal LB page, click Add Internal LB.</para>
</listitem>
<listitem>
<para>In the dialog, specify the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: A name for the load balancer rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: A short description of the rule
that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Source IP Address</emphasis>: (Optional) The source IP
from which traffic originates. The IP is acquired from the CIDR of that particular
tier on which you want to create the Internal LB rule. If not specified, the IP
address is automatically allocated from the network CIDR.</para>
<para>For every Source IP, a new Internal LB VM is created for load balancing.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Source Port</emphasis>: The port associated with the
source IP. Traffic on this port is load balanced. </para>
</listitem>
<listitem>
<para><emphasis role="bold">Instance Port</emphasis>: The port of the internal LB
VM.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Algorithm</emphasis>. Choose the load balancing algorithm
you want &PRODUCT; to use. &PRODUCT; supports the following well-known
algorithms:</para>
<itemizedlist>
<listitem>
<para>Round-robin</para>
</listitem>
<listitem>
<para>Least connections</para>
</listitem>
<listitem>
<para>Source</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
</section>
</section>
</section>