Chapter 8. Load balancing network traffic at the edge
You can create load balancers at your edge sites to increase traffic throughput and reduce latency by using the Red Hat OpenStack Platform (RHOSP) Load-balancing service (octavia).
The topics included in this section are:
8.1. Creating network resources for Load-balancing service availability zones
Before you can create Red Hat OpenStack Platform (RHOSP) Load-balancing service (octavia) availability zones (AZs), you must be a RHOSP administrator and run the Ansible playbook, octavia-dcn-deployment.yaml
.
By running octavia-dcn-deployment.yaml
you create networking resources like networks, subnets, and routers, that are required for the Load-balancing service AZs. You supply the playbook with a configuration input file, octavia-dcn-parameters.yaml
, in which you have specified the AZ names and the management networks that each AZ uses.
After you have run the playbook and created the necessary networking resources, you must create the actual RHOSP Load-balancing service AZs, before project (tenant) users can create load balancers in the AZs that are appropriate for their distributed compute node (DCN) locales.
This procedure demonstrates creating the required network resources for 3 Load-balancing service AZs named: az-central
, az-dcn1
, and az-dcn2
. These Load-balancing service AZ names match the names of the Compute service AZs, and are also the names of the 3 DCNs that are used in this deployment.
Prerequisites
- You must have one Compute service (nova) AZ for every Load-balancing service AZ that you want to create.
- You must also have one Networking service (neutron) AZ for every Load-balancing service AZ that you want to create. These Networking service AZs must match the names of the Compute service AZs.
- Your Load-balancing service provider driver must be amphora. The OVN provider driver does not support AZs.
-
You must be a RHOSP user with the
admin
role.
Procedure
Source your credentials file.
Example
$ source ~/centralrc
Create a file,
octavia-dcn-parameters.yaml
, and using the syntax shown below, add the Load-balancing service AZs and their management networks for which you want the Ansible playbook to create the required networking resources.The value,
octavia_controller_AZ_name
, is the name of the AZ in which all of the Load-balancer services run:octavia_controller_availability_zone: <octavia_controller_AZ_name> octavia_availability_zones: <octavia_controller_AZ_name>: # no cidr needed, it uses the already existing subnet <octavia_AZ_n>: lb_mgmt_subnet_cidr: <CIDR_address_n> <octavia_AZ_n2>: lb_mgmt_subnet_cidr: <CIDR_address_n2>
ImportantThe names of the Load-balancing service AZs that you specify must match the names of the pre-existing Compute service AZs. You can obtain the names of the Compute service AZs by running
openstack availability zone list --compute
.The Ansible playbook creates a network, subnet, and router for each AZ, and names them using the AZ names that you specify in
octavia-dcn-parameters.yaml
following this convention:lb-mgmt-<AZ_name>-net
,lb-mgmt-<AZ_name>-subnet
, andlb-mgmt-<AZ_name>-router
, respectively. The exception is for the network resources foroctavia_controller_AZ_name
: the playbook uses the existing load-balancing management network and subnet,lb-mgmt-net
andlb-mgmt-subnet
, respectively, and creates an associated router that it names,lb-mgmt-router
.In this example, 3 AZs are specified:
az-central
,az-dcn1
, andaz-dcn2
. Theaz-central
AZ uses the existing load-balancing management network,lb-mgmt-net
. The other two AZs use172.47.0.0/16
and172.48.0.0/16
, respectively:Example
octavia_controller_availability_zone: az-central octavia_availability_zones: az-central: # no cidr needed; it uses the existing subnet az-dcn1: lb_mgmt_subnet_cidr: 172.47.0.0/16 az-dcn2: lb_mgmt_subnet_cidr: 172.48.0.0/16
Run the Ansible playbook,
octavia-dcn-deployment.yaml
, and include the AZ definitions that you created inoctavia-dcn-parameters.yaml
:Example
$ ansible-playbook -i overcloud-deploy/central/config-download/\ central/tripleo-ansible-inventory.yaml \ /usr/share/ansible/tripleo-playbooks/octavia-dcn-deployment.yaml \ -e @octavia-dcn-parameters.yaml -e stack=central -v
Verification
Confirm that the required
lb-mgmt-*
subnets are present.$ openstack subnet list -c Name -c Subnet
Sample output
+-------------------------+------------------+ | Name | Subnet | +-------------------------+------------------+ | lb-mgmt-az-dcn2-subnet | 172.48.0.0/16 | | segment5 | 10.0.20.0/24 | | segment3 | 10.101.30.0/24 | | segment2 | 10.101.20.0/24 | | lb-mgmt-az-dcn1-subnet | 172.47.0.0/16 | | heat_tempestconf_subnet | 192.168.199.0/24 | | segment4 | 10.0.10.0/24 | | lb-mgmt-subnet | 172.24.0.0/16 | | segment1 | 10.101.10.0/24 | | lb-mgmt-backbone-subnet | 172.49.0.0/16 | | segment6 | 10.0.30.0/24 | +-------------------------+------------------+
Confirm that the required virtual routers are present.
$ openstack router list -c Name -c Status
Sample output
+------------------------+--------+ | Name | Status | +------------------------+--------+ | lb-mgmt-az-dcn2-router | ACTIVE | | lb-mgmt-az-dcn1-router | ACTIVE | | lb-mgmt-router | ACTIVE | +------------------------+--------+
8.2. Creating availability zones for the Load-balancing service
With the Red Hat OpenStack Platform (RHOSP) Load-balancing service (octavia), RHOSP administrators can create availability zones (AZs) that enable project users to create load balancers in a distributed compute node (DCN) environment to increase traffic throughput and reduce latency.
There are two steps required to create a Load-balancing service AZ: RHOSP administrators must first create an AZ profile, and then use the profile to create a Load-balancing service AZ that is visible to users.
An AZ profile must have the following:
- The name of the Compute service (nova) AZ.
The management network to use.
There are multiple management networks, one unique network for each AZ. The central AZ uses the existing load-balancing management network,
lb-mgmt-net
, and the additional AZs use their respective network,lb-mgmt-<AZ_name>-net
, for example,lb-mgmt-az-dcn1-net
,lb-mgmt-az-dcn2-net
, and so on.
Prerequisites
You must have a DCN environment in which the required networking resources have been created by running the
octavia-dcn-deployment.yaml
Ansible playbook.For more information, see Creating network resources for Load-balancing service availability zones.
- Your Load-balancing service provider driver must be amphora. The OVN provider driver does not support AZs.
-
You must be a RHOSP user with the
admin
role.
Procedure
Source your credentials file.
Example
$ source ~/centralrc
Gather the names of the Compute service AZs that you will use to name your Load-balancing service AZs.
ImportantThe names of the Load-balancing service AZ that you create must match the names of your Compute service AZs.
$ openstack availability zone list --compute
Sample output
+------------+-------------+ | Zone Name | Zone Status | +------------+-------------+ | az-central | available | | az-dcn1 | available | | az-dcn2 | available | | internal | available | +------------+-------------+
Gather the IDs for the management networks that you will use to create your Load-balancing service AZs:
$ openstack network list -c Name -c ID
Sample output
+--------------------------------------+--------------------------+ | ID | Name | +--------------------------------------+--------------------------+ | 10458d6b-e7c9-436f-92d9-711677c9d9fd | lb-mgmt-az-dcn2-net | | 662a94f5-51eb-4a4c-86c4-52dcbf471ef9 | lb-mgmt-net | | 6b97ef58-2a25-4ea5-931f-b7c07cd09474 | lb-mgmt-backbone-net | | 99f4215b-fad8-432d-8444-1f894154dc30 | heat_tempestconf_network | | a2884aaf-846c-4936-9982-3083f6a71d9b | lb-mgmt-az-dcn1-net | | d7f7de6c-0e84-49e2-9042-697fa85d2532 | public | | e887a9f9-15f7-4854-a797-033cedbfe5f3 | public2 | +--------------------------------------+--------------------------+
Create an AZ profile. Repeat this step to create an AZ profile for each Load-balancing service AZ that you want to create:
$ openstack loadbalancer availabilityzoneprofile create \ --name <AZ_profile_name> --provider amphora --availability-zone-data '{"compute_zone": "<compute_AZ_name>","management_network": "<lb_mgmt_AZ_net_UUID>"}'
Example - create profile for
az-central
In this example, an AZ profile (
az_profile_central
) is created that uses the management network (lb-mgmt-net
) on a Compute node that runs in the Compute AZ (az-central
):$ openstack loadbalancer availabilityzoneprofile create \ --name az_profile_central --provider amphora --availability-zone-data \ '{"compute_zone": "az-central","management_network": \ "662a94f5-51eb-4a4c-86c4-52dcbf471ef9"}'
Repeat step 4 to create an AZ profile for each Load-balancing service AZ that you want to create.
Example - create profile for
az-dcn1
In this example, an AZ profile (
az-profile-dcn1
) is created that uses the management network (lb-mgmt-az-dcn1-net
) on a Compute node that runs in the Compute AZ (az-dcn1
):$ openstack loadbalancer availabilityzoneprofile create \ --name az-profile-dcn1 --provider amphora --availability-zone-data \ '{"compute-zone": "az-dcn1","management-network": \ "a2884aaf-846c-4936-9982-3083f6a71d9b"}'
Example - create profile for
az-dcn2
In this example, an AZ profile (
az-profile-dcn2
) is created that uses the management network (lb-mgmt-az-dcn2-net
) on a Compute node that runs in the Compute AZ (az-dcn2
):$ openstack loadbalancer availabilityzoneprofile create \ --name az-profile-dcn2 --provider amphora --availability-zone-data \ '{"compute-zone": "az-dcn2","management-network": \ "10458d6b-e7c9-436f-92d9-711677c9d9fd"}'
Using the AZ profile, create a Load-balancing service AZ. Repeat this step for any additional AZs, using the appropriate profile for each AZ.
Example - create AZ: az-central
In this example, a Load-balancing service AZ (
az-central
) is created by using the AZ profile (az-profile-central
):$ openstack loadbalancer availabilityzone create --name az-central \ --availabilityzoneprofile az-profile-central \ --description "AZ for Headquarters" --enable
Example - create AZ: az-dcn1
In this example, a Load-balancing service AZ (
az-dcn1
) is created by using the AZ profile (az-profile-az-dcn1
):$ openstack loadbalancer availabilityzone create --name az-dcn1 \ --availabilityzoneprofile az-profile-az-dcn1 \ --description "AZ for South Region" --enable
Example - create AZ: az-dcn2
In this example, a Load-balancing service AZ (
az-dcn2
) is created by using the AZ profile (az-profile-az-dcn2
):$ openstack loadbalancer availabilityzone create --name az-dcn2 \ --availabilityzoneprofile az-profile-az-dcn2 \ --description "AZ for North Region" --enable
Verification
Confirm that the AZ (
az-central
) was created. Repeat this step for any additional AZs, using the appropriate name for each AZ.Example - verify az-central
$ openstack loadbalancer availabilityzone show az-central
Sample output
+------------------------------+--------------------------------------+ | Field | Value | +------------------------------+--------------------------------------+ | name | az-central | | availability_zone_profile_id | 5ed25d22-52a5-48ad-85ec-255910791623 | | enabled | True | | description | AZ for Headquarters | +------------------------------+--------------------------------------+
Example - verify az-dcn1
$ openstack loadbalancer availabilityzone show az-dcn1
Sample output
+------------------------------+--------------------------------------+ | Field | Value | +------------------------------+--------------------------------------+ | name | az-dcn1 | | availability_zone_profile_id | e0995a82-8e67-4cea-b32c-256cd61f9cf3 | | enabled | True | | description | AZ for South Region | +------------------------------+--------------------------------------+
Example - verify az-dcn2
$ openstack loadbalancer availabilityzone show az-dcn2
Sample output
+------------------------------+--------------------------------------+ | Field | Value | +------------------------------+--------------------------------------+ | name | az-dcn2 | | availability_zone_profile_id | 306a4725-7dac-4046-8f16-f2e668ee5a8d | | enabled | True | | description | AZ for North Region | +------------------------------+--------------------------------------+
Additional resources
- loadbalancer availabilityzoneprofile create in the Command line interface reference
- loadbalancer availabilityzone create in the Command line interface reference
8.3. Creating load balancers in availability zones
With the Red Hat OpenStack Platform (RHOSP) Load-balancing service (octavia), you can create load balancers in availability zones (AZs) in a distributed compute node (DCN) environment to increase traffic throughput and reduce latency.
Prerequisites
- You must have a Load-balancing service AZ provided by your RHOSP administrator.
- The virtual IP (VIP) network associated with the load balancer must be available in the AZ in which your load balancer is a member.
Procedure
Source your credentials file.
Example
$ source ~/centralrc
To create a load balancer for a DCN environment, use the
loadbalancer create
command with the--availability-zone
option and specify the appropriate AZ.Example
For example, to create a non-terminated HTTPS load balancer (
lb1
) on a public subnet (public_subnet
) on availability zone (az-central
), you would enter the following command:$ openstack loadbalancer create --name lb1 --vip-subnet-id \ public_subnet --availability-zone az-central
Continue to create your load balancer by adding a listener, pool, health monitor, and load balancer members.
For more information, see the Configuring load balancing as a service guide.
Verification
Confirm that the load balancer (lb1) is a member of the availability zone (
az-central
).Example
$ openstack loadbalancer show lb1
Sample output
+---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | admin_state_up | True | | availability_zone | az-central | | created_at | 2023-07-12T16:35:05 | | description | | | flavor_id | None | | id | 85c7e567-a0a7-4fcb-af89-a0bbc9abe3aa | | listeners | | | name | lb1 | | operating_status | ONLINE | | pools | | | project_id | d303d3bda9b34d73926dc46f4d0cb4bc | | provider | amphora | | provisioning_status | ACTIVE | | updated_at | 2023-07-12T16:36:45 | | vip_address | 10.101.10.229 | | vip_network_id | d7f7de6c-0e84-49e2-9042-697fa85d2532 | | vip_port_id | 7f916764-d171-4317-9c86-a1750a54b16e | | vip_qos_policy_id | None | | vip_subnet_id | a421cbcf-c5db-4323-b7ab-1df20ee6acab | | tags | | +---------------------+--------------------------------------+
Additional resources
- Creating availability zones for the Load-balancing service
- loadbalancer in the Command line interface reference
- Configuring load balancing as a service guide