THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Page History
...
- Available scope: Network, Vpc, LoadBalancerRule
- Available APIs to create/delete/update/list load balancer configs. A new API replaceLoadBalancerConfigs will be added to replace all current LB configs with passed configs.
- When create/update/delet/replace lb configs, cloudstack will re-apply new load balancer configs
- generate new haproxy.cfg , based on our changes
- apply new haproxy.cfg in VRs.
- When VR is rebooted/recreated, the haproxy.cfg is also created based on our configs.
- For advanced features, more changes are needed
- Transparent LB. Beside the new haproxy.cfg, it will add some firewall rules in VRs.
- SSL offloading, it requires some changes on UI, and copied the SSL certificate to VRs.
API Changes
| API name | API description | API Parameters | API response |
|---|---|---|---|
| createLoadBalancerConfig | Creates a load balancer config | scope (Network/Vpc/LoadBalancer) networkId vpcId loadBalancerId name (of config) value (of config) forced (Force add a load balancer config) | id (the load balancer rule ID) name (the name of the load balancer config) value (the value of the load balancer config) scope (the scope of the load balancer config) networkId vpcId loadBalancerId created (the date when the load balancer config is created) description (the description of the load balancer config) defaultValue (the default value of the load balancer config) |
| deleteLoadBalancerConfig | Deletes a load balancer config | id of load balancer config | Success/Exceptions |
| updateLoadBalancerConfig | Updates a load balancer config | id of load balancer config | Success/Exceptions |
replaceLoadBalancerConfigs | Replaces load balancer configs of vpc/network/rule | scope (Network/Vpc/LoadBalancer) networkId vpcId loadBalancerId config (configs list, Example: config[0].name=timout&config[0].value=60000) | Success/Exceptions |
| listLoadBalancerConfigs | List load balancer configs | id of load balancer config scope (Network/Vpc/LoadBalancer) networkId vpcId loadBalancerId name (of config) listAll (If set to true, list all available configs for the scope) | List of LoadBalancerConfigResponse |
Load balancer configurations (to be supported)
Network
| Scope | name | value type | current value in CS | description |
|---|---|---|---|---|
| Network | haproxy.timeout | Long | 50000ms | timeout server/client |
| Network | haproxy.stats.enable | Boolean | true | If haproxy stats is enabled |
| Network | haproxy.stats.uri | String | /admin?stats | URI of HAProxy stats |
| Network | haproxy.stats.auth | String | admin1:AdMiN123 | HAproxy stats username and password |
| Network | haproxy.maxconn | Long | 4096 | |
| Network | haproxy.maxpipes | Long | 1024 | default is maxconn/4 in haproxy |
VPC (same as Network)
LoadBalancerRule
| Scope | name | value type | current value in CS | description |
|---|---|---|---|---|
LoadBalancerRule | lb.max.conn | Long | <not set> | LB max connection |
| LoadBalancerRule | lb.full.conn | Long | <not set> | LB full connection, default is 'maxconn/10' in haproxy |
LoadBalancerRule | lb.max.conn.each | Long | <not set> | LB max connection per site |
| LoadBalancerRule | lb.full.conn.each | Long | <not set> | LB full connection per site |
| LoadBalancerRule | lb.max.queue.each | Long | <not set> | LB max queue per site |
| LoadBalancerRule | lb.http | Boolean | <not set> | If LB is http, default is 'true' for port 80 and 'false' for others' |
| LoadBalancerRule | lb.http.keepalive | Boolean | false | If LB http keepalive enabled/disabled |
Advanced configurations
| Scope | name | value type | current value in CS | description |
|---|---|---|---|---|
| Network | haproxy.transparent | Boolean | <not set> | If transparent is supported, default value is false |
| LoadBalancerRule | lb.transparent | Boolean | <not set> | If LB if transparent, only applies when haproxy.transparent is true. default value is false |
| LoadBalancerRule | lb.ssl.offloading | Boolean | <not set> | If SSL offloading is enabled on the IP/port. default value is false |
| LoadBalancerRule | lb.http2 | Boolean | <not set> | If HTTP2 is enabled. default value is false |
| LoadBalancerRule | lb.ssl.configuration | String | <not set> | Customized SSL configuration. available values are none (default), old, intermediate |
DB Changes
A new table load_balancer_config is added to cloudstack, to save lb configs in network/vpc/loadbalancerrule.
UI changes
- Add a new tab 'LB Configs" in network view. Click on Network -> 'LB Configs', an overview of all the available settings are shown in a form;
- Add a new column in Load balancer rule view. Click 'Network' -> choose a network -> 'View IP Addresses' -> choose an IP -> click 'Configurations' tab -> click 'Load Balancing' -> click 'View All'
- Click 'Configure', a new dialog will be popup.
References
- Load Balancer rules http://docs.cloudstack.apache.org/en/latest/adminguide/networking_and_traffic.html#load-balancer-rules
- haproxy configurations. http://cbonte.github.io/haproxy-dconv/1.8/configuration.html
- SSL configurations. https://ssl-config.mozilla.org/#server=haproxy&version=1.8&config=intermediate&openssl=1.1.1d&guideline=5.4
- Leaseweb implementation for CloudStack 4.7.1. https://kb.leaseweb.com/products/apache-cloudstack-private-cloud/managing-apache-cloudstack-network#ManagingApacheCloudStackNetwork-ConfiguringaloadbalancerforanIPAddressofanIsolatedNetwork
Overview
Content Tools
Apps