Introduction
CloudStack provides the ability to set up load balancer in isolated networks [1]. It is implemented by haproxy in virtual routers of the network. In haproxy configuration file, it contains some basic settings which are hardcoded (for example, client/server timeout are hardcodes as 50000 ms) or set globally (for example uri/port/auth of haproxy stats).
This improvements to the VR HA proxy allow domains (our customers) to manage certain restricted configuration settings. With this feature, users can e.g. set the amount of allowed connections, haproxy stats settings.
Based on this, we can implement more advanced features to cloudstack load balancer, for example
(1) transparent load balancer
(2) SSL offloading
(3) Http2 support
(4) Variable SSL configurations [3]
This will add some APIs to manage the Load balancer configs in different scope
API name | API description | API Parameters | API response |
---|---|---|---|
createLoadBalancerConfig | Creates a load balancer config | scope (Network/Vpc/LoadBalancer) networkId vpcId loadBalancerId name (of config) value (of config) forced (Force add a load balancer config) | id (the load balancer rule ID) name (the name of the load balancer config) value (the value of the load balancer config) scope (the scope of the load balancer config) networkId vpcId loadBalancerId created (the date when the load balancer config is created) description (the description of the load balancer config) defaultValue (the default value of the load balancer config) |
deleteLoadBalancerConfig | Deletes a load balancer config | id of load balancer config | Success/Exceptions |
updateLoadBalancerConfig | Updates a load balancer config | id of load balancer config | Success/Exceptions |
replaceLoadBalancerConfigs | Replaces load balancer configs of vpc/network/rule | scope (Network/Vpc/LoadBalancer) networkId vpcId loadBalancerId config (configs list, Example: config[0].name=timout&config[0].value=60000) | Success/Exceptions |
listLoadBalancerConfigs | List load balancer configs | id of load balancer config scope (Network/Vpc/LoadBalancer) networkId vpcId loadBalancerId name (of config) listAll (If set to true, list all available configs for the scope) | List of LoadBalancerConfigResponse |
Scope | name | value type | current value in CS | description |
---|---|---|---|---|
Network | haproxy.timeout | Long | 50000ms | timeout server/client |
Network | haproxy.stats.enable | Boolean | true | If haproxy stats is enabled |
Network | haproxy.stats.uri | String | /admin?stats | URI of HAProxy stats |
Network | haproxy.stats.auth | String | admin1:AdMiN123 | HAproxy stats username and password |
Network | haproxy.maxconn | Long | 4096 | |
Network | haproxy.maxpipes | Long | 1024 | default is maxconn/4 in haproxy |
Scope | name | value type | current value in CS | description |
---|---|---|---|---|
LoadBalancerRule | lb.max.conn | Long | <not set> | LB max connection |
LoadBalancerRule | lb.full.conn | Long | <not set> | LB full connection, default is 'maxconn/10' in haproxy |
LoadBalancerRule | lb.max.conn.each | Long | <not set> | LB max connection per site |
LoadBalancerRule | lb.full.conn.each | Long | <not set> | LB full connection per site |
LoadBalancerRule | lb.max.queue.each | Long | <not set> | LB max queue per site |
LoadBalancerRule | lb.http | Boolean | <not set> | If LB is http, default is 'true' for port 80 and 'false' for others' |
LoadBalancerRule | lb.http.keepalive | Boolean | false | If LB http keepalive enabled/disabled |
Scope | name | value type | current value in CS | description |
---|---|---|---|---|
Network | haproxy.transparent | Boolean | <not set> | If transparent is supported, default value is false |
LoadBalancerRule | lb.transparent | Boolean | <not set> | If LB if transparent, only applies when haproxy.transparent is true. default value is false |
LoadBalancerRule | lb.ssl.offloading | Boolean | <not set> | If SSL offloading is enabled on the IP/port. default value is false |
LoadBalancerRule | lb.http2 | Boolean | <not set> | If HTTP2 is enabled. default value is false |
LoadBalancerRule | lb.ssl.configuration | String | <not set> | Customized SSL configuration. available values are none (default), old, intermediate |
A new table load_balancer_config is added to cloudstack, to save lb configs in network/vpc/loadbalancerrule.