Google Git
Sign in
apache / cloudstack-docs / 24fae4506689cba80a9de75cb727fedc128ddff0 / . / en-US / gslb.xml
blob: 3f832afa92229f8f4623264f95e04f5fc201af9a [file] [log] [blame]
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="gslb">
<title>Global Server Load Balancing Support</title>
<para>&PRODUCT; supports Global Server Load Balancing (GSLB) functionalities to provide business
continuity, and enable seamless resource movement within a &PRODUCT; environment. &PRODUCT;
achieve this by extending its functionality of integrating with NetScaler Application Delivery
Controller (ADC), which also provides various GSLB capabilities, such as disaster recovery and
load balancing. The DNS redirection technique is used to achieve GSLB in &PRODUCT;. </para>
<para>In order to support this functionality, region level services and service provider are
introduced. A new service 'GSLB' is introduced as a region level service. The GSLB service
provider is introduced that will provider the GSLB service. Currently, NetScaler is the
supported GSLB provider in &PRODUCT;. GSLB functionality works in an Active-Active data center
environment. </para>
<section id="about-gslb">
<title>About Global Server Load Balancing</title>
<para>Global Server Load Balancing (GSLB) is an extension of load balancing functionality, which
is highly efficient in avoiding downtime. Based on the nature of deployment, GSLB represents a
set of technologies that is used for various purposes, such as load sharing, disaster
recovery, performance, and legal obligations. With GSLB, workloads can be distributed across
multiple data centers situated at geographically separated locations. GSLB can also provide an
alternate location for accessing a resource in the event of a failure, or to provide a means
of shifting traffic easily to simplify maintenance, or both.</para>
<section id="gslb-comp">
<title>Components of GSLB</title>
<para>A typical GSLB environment is comprised of the following components:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">GSLB Site</emphasis>: In &PRODUCT; terminology, GSLB sites are
represented by zones that are mapped to data centers, each of which has various network
appliances. Each GSLB site is managed by a NetScaler appliance that is local to that
site. Each of these appliances treats its own site as the local site and all other
sites, managed by other appliances, as remote sites. It is the central entity in a GSLB
deployment, and is represented by a name and an IP address.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Services</emphasis>: A GSLB service is typically
represented by a load balancing or content switching virtual server. In a GSLB
environment, you can have a local as well as remote GSLB services. A local GSLB service
represents a local load balancing or content switching virtual server. A remote GSLB
service is the one configured at one of the other sites in the GSLB setup. At each site
in the GSLB setup, you can create one local GSLB service and any number of remote GSLB
services.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Virtual Servers</emphasis>: A GSLB virtual server refers
to one or more GSLB services and balances traffic between traffic across the VMs in
multiple zones by using the &PRODUCT; functionality. It evaluates the configured GSLB
methods or algorithms to select a GSLB service to which to send the client requests. One
or more virtual servers from different zones are bound to the GSLB virtual server. GSLB
virtual server does not have a public IP associated with it, instead it will have a FQDN
DNS name.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Load Balancing or Content Switching Virtual
Servers</emphasis>: According to Citrix NetScaler terminology, a load balancing or
content switching virtual server represents one or many servers on the local network.
Clients send their requests to the load balancing or content switching virtual server’s
virtual IP (VIP) address, and the virtual server balances the load across the local
servers. After a GSLB virtual server selects a GSLB service representing either a local
or a remote load balancing or content switching virtual server, the client sends the
request to that virtual server’s VIP address.</para>
</listitem>
<listitem>
<para><emphasis role="bold">DNS VIPs</emphasis>: DNS virtual IP represents a load
balancing DNS virtual server on the GSLB service provider. The DNS requests for domains
for which the GSLB service provider is authoritative can be sent to a DNS VIP.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Authoritative DNS</emphasis>: ADNS (Authoritative Domain Name
Server) is a service that provides actual answer to DNS queries, such as web site IP
address. In a GSLB environment, an ADNS service responds only to DNS requests for
domains for which the GSLB service provider is authoritative. When an ADNS service is
configured, the service provider owns that IP address and advertises it. When you create
an ADNS service, the NetScaler responds to DNS queries on the configured ADNS service IP
and port.</para>
</listitem>
</itemizedlist>
</section>
<section id="concept-gslb">
<title>How Does GSLB Works in &PRODUCT;?</title>
<para>Global server load balancing is used to manage the traffic flow to a web site hosted on
two separate zones that ideally are in different geographic locations. The following is an
illustration of how GLSB functionality is provided in &PRODUCT;: An organization, xyztelco,
has set up a public cloud that spans two zones, Zone-1 and Zone-2, across geographically
separated data centers that are managed by &PRODUCT;. Tenant-A of the cloud launches a
highly available solution by using xyztelco cloud. For that purpose, they launch two
instances each in both the zones: VM1 and VM2 in Zone-1 and VM5 and VM6 in Zone-2. Tenant-A
acquires a public IP, IP-1 in Zone-1, and configures a load balancer rule to load balance
the traffic between VM1 and VM2 instances. &PRODUCT; orchestrates setting up a virtual
server on the LB service provider in Zone-1. Virtual server 1 that is set up on the LB
service provider in Zone-1 represents a publicly accessible virtual server that client
reaches at IP-1. The client traffic to virtual server 1 at IP-1 will be load balanced across
VM1 and VM2 instances. </para>
<para>Tenant-A acquires another public IP, IP-2 in Zone-2 and sets up a load balancer rule to
load balance the traffic between VM5 and VM6 instances. Similarly in Zone-2, &PRODUCT;
orchestrates setting up a virtual server on the LB service provider. Virtual server 2 that
is setup on the LB service provider in Zone-2 represents a publicly accessible virtual
server that client reaches at IP-2. The client traffic that reaches virtual server 2 at IP-2
is load balanced across VM5 and VM6 instances. At this point Tenant-A has the service
enabled in both the zones, but has no means to set up a disaster recovery plan if one of the
zone fails. Additionally, there is no way for Tenant-A to load balance the traffic
intelligently to one of the zones based on load, proximity and so on. The cloud
administrator of xyztelco provisions a GSLB service provider to both the zones. A GSLB
provider is typically an ADC that has the ability to act as an ADNS (Authoritative Domain
Name Server) and has the mechanism to monitor health of virtual servers both at local and
remote sites. The cloud admin enables GSLB as a service to the tenants that use zones 1 and
2. </para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/gslb.png"/>
</imageobject>
<textobject>
<phrase>gslb.png: GSLB architecture</phrase>
</textobject>
</mediaobject>
<para>Tenant-A wishes to leverage the GSLB service provided by the xyztelco cloud. Tenant-A
configures a GSLB rule to load balance traffic across virtual server 1 at Zone-1 and virtual
server 2 at Zone-2. The domain name is provided as A.xyztelco.com. &PRODUCT; orchestrates
setting up GSLB virtual server 1 on the GSLB service provider at Zone-1. &PRODUCT; binds
virtual server 1 of Zone-1 and virtual server 2 of Zone-2 to GLSB virtual server 1. GSLB
virtual server 1 is configured to start monitoring the health of virtual server 1 and 2 in
Zone-1. &PRODUCT; will also orchestrate setting up GSLB virtual server 2 on GSLB service
provider at Zone-2. &PRODUCT; will bind virtual server 1 of Zone-1 and virtual server 2 of
Zone-2 to GLSB virtual server 2. GSLB virtual server 2 is configured to start monitoring the
health of virtual server 1 and 2. &PRODUCT; will bind the domain A.xyztelco.com to both the
GSLB virtual server 1 and 2. At this point, Tenant-A service will be globally reachable at
A.xyztelco.com. The private DNS server for the domain xyztelcom.com is configured by the
admin out-of-band to resolve the domain A.xyztelco.com to the GSLB providers at both the
zones, which are configured as ADNS for the domain A.xyztelco.com. A client when sends a DNS
request to resolve A.xyztelcom.com, will eventually get DNS delegation to the address of
GSLB providers at zone 1 and 2. A client DNS request will be received by the GSLB provider.
The GSLB provider, depending on the domain for which it needs to resolve, will pick up the
GSLB virtual server associated with the domain. Depending on the health of the virtual
servers being load balanced, DNS request for the domain will be resolved to the public IP
associated with the selected virtual server.</para>
</section>
</section>
<section id="gslb-workflow">
<title>Configuring GSLB</title>
<para>To configure a GSLB deployment, you must first configure a standard load balancing setup
for each zone. This enables you to balance load across the different servers in each zone in
the region. Then on the NetScaler side, configure both NetScaler appliances that you plan to
add to each zone as authoritative DNS (ADNS) servers. Next, create a GSLB site for each zone,
configure GSLB virtual servers for each site, create GLSB services, and bind the GSLB services
to the GSLB virtual servers. Finally, bind the domain to the GSLB virtual servers. The GSLB
configurations on the two appliances at the two different zones are identical, although each
sites load-balancing configuration is specific to that site.</para>
<para>Perform the following as a cloud administrator. As per the example given above, the
administrator of xyztelco is the one who sets up GSLB:</para>
<orderedlist>
<listitem>
<para>In the cloud.dns.name global parameter, specify the DNS name of your tenant's cloud
that make use of the GSLB service.</para>
</listitem>
<listitem>
<para>On the NetScaler side, configure GSLB as given in <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-con.html"
>Configuring Global Server Load Balancing (GSLB)</ulink>:</para>
<orderedlist>
<listitem>
<para>Configuring a standard load balancing setup.</para>
</listitem>
<listitem>
<para>Configure Authoritative DNS, as explained in <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-adns-svc-tsk.html"
>Configuring an Authoritative DNS Service</ulink>.</para>
</listitem>
<listitem>
<para>Configure a GSLB site with site name formed from the domain name details.</para>
<para>Configure a GSLB site with the site name formed from the domain name.</para>
<para>As per the example given above, the site names are A.xyztelco.com and
B.xyztelco.com.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-basic-site-tsk.html"
>Configuring a Basic GSLB Site</ulink>.</para>
</listitem>
<listitem>
<para>Configure a GSLB virtual server.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-vsvr-tsk.html"
>Configuring a GSLB Virtual Server</ulink>.</para>
</listitem>
<listitem>
<para>Configure a GSLB service for each virtual server.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-svc-tsk.html"
>Configuring a GSLB Service</ulink>.</para>
</listitem>
<listitem>
<para>Bind the GSLB services to the GSLB virtual server.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-bind-svc-vsvr-tsk.html"
>Binding GSLB Services to a GSLB Virtual Server</ulink>.</para>
</listitem>
<listitem>
<para>Bind domain name to GSLB virtual server. Domain name is obtained from the domain
details.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-bind-dom-vsvr-tsk.html"
>Binding a Domain to a GSLB Virtual Server</ulink>.</para>
</listitem>
</orderedlist>
</listitem>
<listitem>
<para>In each zone that are participating in GSLB, add GSLB-enabled NetScaler device.</para>
<para>For more information, see <xref linkend="enable-glsb-ns"/>.</para>
</listitem>
</orderedlist>
<para>As a domain administrator/ user perform the following:</para>
<orderedlist>
<listitem>
<para>Add a GSLB rule on both the sites.</para>
<para>See <xref linkend="gslb-add"/>.</para>
</listitem>
<listitem>
<para>Assign load balancer rules.</para>
<para>See <xref linkend="assign-lb-gslb"/>.</para>
</listitem>
</orderedlist>
<section id="prereq-gslb">
<title>Prerequisites and Guidelines</title>
<itemizedlist>
<listitem>
<para>The GSLB functionality is supported both Basic and Advanced zones.</para>
</listitem>
<listitem>
<para>GSLB is added as a new network service.</para>
</listitem>
<listitem>
<para>GSLB service provider can be added to a physical network in a zone.</para>
</listitem>
<listitem>
<para>The admin is allowed to enable or disable GSLB functionality at region level.</para>
</listitem>
<listitem>
<para>The admin is allowed to configure a zone as GSLB capable or enabled. </para>
<para>A zone shall be considered as GSLB capable only if a GSLB service provider is
provisioned in the zone.</para>
</listitem>
<listitem>
<para>When users have VMs deployed in multiple availability zones which are GSLB enabled,
they can use the GSLB functionality to load balance traffic across the VMs in multiple
zones.</para>
</listitem>
<listitem>
<para>The users can use GSLB to load balance across the VMs across zones in a region only
if the admin has enabled GSLB in that region. </para>
</listitem>
<listitem>
<para>The users can load balance traffic across the availability zones in the same region
or different regions.</para>
</listitem>
<listitem>
<para>The admin can configure DNS name for the entire cloud.</para>
</listitem>
<listitem>
<para>The users can specify an unique name across the cloud for a globally load balanced
service. The provided name is used as the domain name under the DNS name associated with
the cloud.</para>
<para>The user-provided name along with the admin-provided DNS name is used to produce a
globally resolvable FQDN for the globally load balanced service of the user. For
example, if the admin has configured xyztelco.com as the DNS name for the cloud, and
user specifies 'foo' for the GSLB virtual service, then the FQDN name of the GSLB
virtual service is foo.xyztelco.com.</para>
</listitem>
<listitem>
<para>While setting up GSLB, users can select a load balancing method, such as round
robin, for using across the zones that are part of GSLB.</para>
</listitem>
<listitem>
<para>The user shall be able to set weight to zone-level virtual server. Weight shall be
considered by the load balancing method for distributing the traffic.</para>
</listitem>
<listitem>
<para>The GSLB functionality shall support session persistence, where series of client
requests for particular domain name is sent to a virtual server on the same zone. </para>
<para>Statistics is collected from each GSLB virtual server.</para>
</listitem>
</itemizedlist>
</section>
<section id="enable-glsb-ns">
<title>Enabling GSLB in NetScaler</title>
<para>In each zone, add GSLB-enabled NetScaler device for load balancing.</para>
<orderedlist>
<listitem>
<para>Log in as administrator to the &PRODUCT; UI.</para>
</listitem>
<listitem>
<para>In the left navigation bar, click Infrastructure.</para>
</listitem>
<listitem>
<para>In Zones, click View More.</para>
</listitem>
<listitem>
<para>Choose the zone you want to work with.</para>
</listitem>
<listitem>
<para>Click the Physical Network tab, then click the name of the physical network. </para>
</listitem>
<listitem>
<para>In the Network Service Providers node of the diagram, click Configure. </para>
<para>You might have to scroll down to see this.</para>
</listitem>
<listitem>
<para>Click NetScaler.</para>
</listitem>
<listitem>
<para>Click Add NetScaler device and provide the following:</para>
<para>For NetScaler:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">IP Address</emphasis>: The IP address of the SDX.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Username/Password</emphasis>: The authentication
credentials to access the device. &PRODUCT; uses these credentials to access the
device.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Type</emphasis>: The type of device that is being added.
It could be F5 Big Ip Load Balancer, NetScaler VPX, NetScaler MPX, or NetScaler SDX.
For a comparison of the NetScaler types, see the &PRODUCT; Administration
Guide.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Public interface</emphasis>: Interface of device that is
configured to be part of the public network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Private interface</emphasis>: Interface of device that is
configured to be part of the private network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB service</emphasis>: Select this option.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB service Public IP</emphasis>: The public IP address
of the NAT translator for a GSLB service that is on a private network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB service Private IP</emphasis>: The private IP of the
GSLB service.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Number of Retries</emphasis>. Number of times to attempt a
command on the device before considering the operation failed. Default is 2.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Capacity</emphasis>: The number of networks the device can
handle.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Dedicated</emphasis>: When marked as dedicated, this
device will be dedicated to a single account. When Dedicated is checked, the value
in the Capacity field has no significance implicitly, its value is 1.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>
<section id="gslb-add">
<title>Adding a GSLB Rule</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a domain administrator or user.</para>
</listitem>
<listitem>
<para>In the left navigation pane, click Region.</para>
</listitem>
<listitem>
<para>Select the region for which you want to create a GSLB rule.</para>
</listitem>
<listitem>
<para>In the Details tab, click View GSLB.</para>
</listitem>
<listitem>
<para>Click Add GSLB.</para>
<para>The Add GSLB page is displayed as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-gslb.png"/>
</imageobject>
<textobject>
<phrase>gslb-add.png: adding a gslb rule</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Specify the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: Name for the GSLB rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: (Optional) A short description of
the GSLB rule that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Domain Name</emphasis>: A preferred domain name for
the service.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Algorithm</emphasis>: (Optional) The algorithm to use to
load balance the traffic across the zones. The options are Round Robin, Least
Connection, and Proximity.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Service Type</emphasis>: The transport protocol to use for
GSLB. The options are TCP and UDP.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Domain</emphasis>: (Optional) The domain for which you
want to create the GSLB rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Account</emphasis>: (Optional) The account on which you
want to apply the GSLB rule.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK to confirm.</para>
</listitem>
</orderedlist>
</section>
<section id="assign-lb-gslb">
<title>Assigning Load Balancing Rules to GSLB</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a domain administrator or user.</para>
</listitem>
<listitem>
<para>In the left navigation pane, click Region.</para>
</listitem>
<listitem>
<para>Select the region for which you want to create a GSLB rule.</para>
</listitem>
<listitem>
<para>In the Details tab, click View GSLB.</para>
</listitem>
<listitem>
<para>Select the desired GSLB.</para>
</listitem>
<listitem>
<para>Click view assigned load balancing.</para>
</listitem>
<listitem>
<para>Click assign more load balancing.</para>
</listitem>
<listitem>
<para>Select the load balancing rule you have created for the zone.</para>
</listitem>
<listitem>
<para>Click OK to confirm.</para>
</listitem>
</orderedlist>
</section>
</section>
<section>
<title>Known Limitation</title>
<para>Currently, &PRODUCT; does not support orchestration of services across the zones. The
notion of services and service providers in region are to be introduced.</para>
</section>
</section>