此内容没有您所选择的语言版本。
Chapter 15. Configure Load Balancing-as-a-Service with the Networking LBaaSv2 API
15.1. Overview of LBaaS
Load Balancing-as-a-Service (LBaaS) enables OpenStack Networking to distribute incoming requests evenly between designated instances. Complete the steps in this section to configure OpenStack Networking to use LBaaS with the Open vSwitch (OVS) plug-in.
Load Balancing-as-a-Service (LBaaS) enables OpenStack Networking to distribute incoming requests evenly between designated instances. This ensures the workload is shared predictably among instances, and allows more effective use of system resources. Incoming requests are distributed using one of the following load balancing methods:
- Round robin - Rotates requests evenly between multiple instances.
- Source IP - Requests from a unique source IP address are consistently directed to the same instance.
- Least connections - Allocates requests to the instance with the least number of active connections.
| Feature | Description |
|---|---|
| Monitors | LBaaS provides availability monitoring with the PING, TCP, HTTP and HTTPS GET methods. Monitors determine whether pool members are available to handle requests. |
| Management | LBaaS is managed using a variety of tool sets. The REST API is available for programmatic administration and scripting. Users perform administrative management of load balancers through either the CLI (neutron) or the OpenStack dashboard. |
| Connection limits | Ingress traffic can be shaped with connection limits. This feature allows workload control and can also assist with mitigating DoS (Denial of Service) attacks. |
| Session persistence | LBaaS supports session persistence by ensuring incoming requests are routed to the same instance within a pool of multiple instances. LBaaS supports routing decisions based on cookies and source IP address. |
LBaaS is currently supported only with IPv4 addressing.
15.2. OpenStack Networking and LBaaS Topology
OpenStack Networking (neutron) services can be broadly classified into two categories.
Neutron API server - This service runs the OpenStack Networking API server, which has the main responsibility of providing an API for end users and services to interact with OpenStack Networking. This server also has the responsibility of interacting with the underlying database to store and retrieve tenant network, router, and loadbalancer details, among others.
Neutron Agents - These are the services that deliver various network functionality for OpenStack Networking.
- neutron-dhcp-agent - manages DHCP IP addressing for tenant private networks.
- neutron-l3-agent - facilitates layer 3 routing between tenant private networks, the external network, and other networks.
The neutron-lbaasv2-agent (with HAProxy) is deprecated. For the preferred load-balancing reference implementation with octavia, see the Using Octavia for Load Balancing-as-a-Service guide.
The following diagram shows the flow of HTTPS traffic through to a pool member:
15.2.1. Support Status of LBaaS
- LBaaS v1 API was removed in version 10.
- LBaaS v2 API is deprecated and removed after Red Hat OpenStack Platform 13. (Octavia is the replacement.)
- LBaaS deployment is not currently supported in Red Hat OpenStack Platform director.
The neutron-lbaasv2-agent (with HAProxy) is deprecated. For the preferred load-balancing reference implementation with Octavia, see the Using Octavia for Load Balancing-as-a-Service guide. The neutron-lbaas RPMs are still available to support the API for third-party plugin support.
15.3. Configuring LBaaS
This procedure configures OpenStack Networking (neutron) to use LBaaS with the Open vSwitch (OVS) plugin.
Perform these steps on nodes running the neutron-server service:
Procedure
On the Controller node (API Server):
Enable LBaaS:
# yum install openstack-neutron-lbaas -y
Add the LBaaS tables to the neutron database:
$ neutron-db-manage --subproject neutron-lbaas --config-file /var/lib/config-data/neutron/etc/neutron/neutron.conf --config-file /var/lib/config-data/neutron/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
Change the service provider in
/var/lib/config-data/neutron/etc/neutron/neutron_lbaas.conf. In the[service providers]section, comment out (#) all entries except for this entry:service_provider=LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
In
/var/lib/config-data/neutron/etc/neutron/neutron.conf, confirm that you have the LBaaS v2 plugin configured inservice_plugins:service_plugins=neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2
You can also expect to see any other plugins you have previously added.
NoteIf you have
lbaasv1configured, replace it with the above setting forlbaasv2.In
/var/lib/config-data/neutron/etc/neutron/lbaas_agent.ini, add the following to the[DEFAULT]section:ovs_use_veth = False interface_driver =neutron.agent.linux.interface.OVSInterfaceDriver
In
/var/lib/config-data/neutron/etc/neutron/services_lbaas.conf, add the following to the[haproxy]section:user_group = haproxy
Comment out any other
device driverentries.NoteIf the
l3-agentis in a failed mode, see thel3_agentlog files. You may need to edit/var/lib/config-data/neutron/etc/neutron/neutron.confand comment out certain values in[DEFAULT], and uncomment the corresponding values inoslo_messaging_rabbit, as described in the log file.
Configure the LbaaS services, and review their status:
Stop the
lbaasv1services and startlbaasv2:# systemctl disable neutron-lbaas-agent.service # systemctl stop neutron-lbaas-agent.service # systemctl mask neutron-lbaas-agent.service # systemctl enable neutron-lbaasv2-agent.service # systemctl start neutron-lbaasv2-agent.service
Review the status of
lbaasv2:# systemctl status neutron-lbaasv2-agent.service
Restart
neutron-serverand check the status:# systemctl restart neutron-server.service # systemctl status neutron-server.service
Check the
Loadbalancerv2agent:$ openstack network agent list
