You can create load balancers to distribute incoming requests among designated instances. Load balancers ensure that workloads are shared predictably among instances and system resources are used more effectively.

VMware Integrated OpenStack 6.0 supports load balancer as a service (LBaaS) v2.0 for deployments with NSX Data Center for vSphere or NSX-T Data Center networking. The OpenStack Octavia component is not supported in this version.

The LBaaS configuration process also creates a health monitor and associates it with the LBaaS pool. The health monitor is a Neutron service that checks whether the instances are still running on the specified protocol and port.

Note: The admin_state parameter for LBaaS pools is not supported on NSX Data Center for vSphere deployments, and setting the admin state of a pool to down has no effect. To prevent network traffic from reaching the members of a pool, set the admin state of each member to down.

LBaaS listeners can use HTTP, TCP, or terminated HTTPS. Terminated HTTPS listeners terminate TLS for incoming connections, and the TLS certificates and keys for these listeners are stored in Barbican. If you want to create terminated HTTPS listeners, contact your cloud administrator to determine whether you must configure the ACL to grant the barbican user access to the secrets for your project.

Prerequisites

  • Create a public subnet and router on your network. For an NSX Data Center for vSphere deployment, the router type must be exclusive.
    Note: You can create the load balancer on a tenant subnet, but you must assign it a floating IP address.
  • Configure at least one client and at least two server instances.

Procedure

  1. If you want to create terminated HTTPS listeners and need to configure the ACL, grant the barbican user access to your certificates, keys, and TLS containers.
    1. Log in to the Integrated OpenStack Manager as the root user and open the toolbox. 
      ssh root@mgmt-server-ip
toolbox
    2. Configure the ACL. 
      openstack acl user add -u barbican-uuid object-name

      Run this command one time for each certificate, key, and container in your project.

      You can run the openstack user list command to find the UUID of the barbican user. You can run the openstack secret list command to find certificate, key, and container names.

  2. Log in to the VMware Integrated OpenStack dashboard.
  3. Select your project from the drop-down menu in the title bar.
  4. Select Project > Network > Neutron Load Balancers and click Create Load Balancer.
  5. On the Load Balancer Details page, enter the desired configuration and click Next.
    Option Description

    Name

    Enter a name for the load balancer.

    Description

    (Optional) Enter a description of the load balancer.

    IP Address

    (Optional) Enter the IP address of the load balancer.

    Subnet

    Select a subnet for the load balancer. Only members of this subnet can be added to the LBaaS pool.

  6. On the Listener Details page, enter the desired configuration and click Next.
    Option Description

    Name

    Enter a name for the listener.

    Description

    Enter a description of the listener.

    Protocol

    Select the protocol for the listener to use. The following protocols are supported:

    • HTTP
    • TCP
    • Terminated HTTPS
    • HTTPS

    If you select terminated HTTPS as the protocol, you must also provide the ID of the TLS container.

    Port

    Enter the port for the listener to use.
  7. If you selected the TERMINATED_HTTPS protocol, specify one or more certificates for the listener and click Next.
  8. Specify the name, description, and load balancing method for your LBaaS pool and click Next.
    Supported load balancing methods are described as follows:
    Method Description
    LEAST_CONNECTIONS

    New client requests are sent to the server with the fewest connections.

    ROUND_ROBIN

    Each server is used in turn according to the weight assigned to it.

    SOURCE_IP

    All connections that originate from the same source IP address are handled by the same member of the pool.

  9. Select the server and client instances to add to the load balancer pool and click Next.
  10. Specify parameters for the health monitor and click Next.
    Parameter Description
    Monitor type

    Specify HTTP, PING, or TCP.

    Interval

    Enter the time in seconds between sending probes to members.

    Retries

    Enter the number of connection failures allowed before changing the member status to INACTIVE.

    Timeout

    Enter the time in seconds that a monitor will wait for a connection to be established before it times out.

    The timeout value must be less than the interval value.

    If you select HTTP, you must also configure the HTTP method, expected status code, and URL.
  11. Click Create Load Balancer.
  12. If you created the load balancer on a tenant subnet, associate a floating IP address with the load balancer.
    1. Click the down arrow to the right of the load balancer and select Associate Floating IP.
    2. Select a floating IP address or pool and click Associate.
  13. (Optional) Send test requests to validate your LBaaS configuration.
    1. Log in to the Integrated OpenStack Manager as the root user. 
      ssh root@mgmt-server-ip
    2. Create a test index.html file.
    3. In the same directory, start a web server. 
      sudo python -m SimpleHTTPServer 80
    4. Log in to the client instance.
    5. Run the wget command to view whether your requests are being correctly load-balanced across the servers in the pool. 
       wget -O - http://mgmt-server-ip

What to do next

You can open the load balancer and click Create Listener to add listeners to it.