[openstack-dev] [Neutron][LBaaS] Neutron LBaaS, Libra and "managed services"

Eugene Nikanorov enikanorov at mirantis.com
Mon Mar 24 20:01:34 UTC 2014

Hi Susanne,

a couple of comments inline:

> We would like to discuss adding the concept of "managed services" to the
> Neutron LBaaS either directly or via a Neutron LBaaS plug-in to Libra/HA
> proxy. The latter could be a second approach for some of the software
> load-balancers e.g. HA proxy since I am not sure that it makes sense to
> deploy Libra within Devstack on a single VM.
> Currently users would have to deal with HA, resiliency, monitoring and
> managing their load-balancers themselves.  As a service provider we are
> taking a more managed service approach allowing our customers to consider
> the LB as a black box and the service manages the resiliency, HA,
> monitoring, etc. for them.
As far as I understand these two abstracts, you're talking about making
LBaaS API more high-level than it is right now.
I think that was not on our roadmap because another project (Heat) is
taking care of more abstracted service.
The LBaaS goal is to provide vendor-agnostic management of load balancing
capabilities and quite fine-grained level.
Any higher level APIs/tools can be built on top of that, but are out of
LBaaS scope.

> We like where Neutron LBaaS is going with regards to L7 policies and SSL
> termination support which Libra is not currently supporting and want to
> take advantage of the best in each project.
> We have a draft on how we could make Neutron LBaaS take advantage of Libra
> in the back-end.
> The details are available at:
> https://wiki.openstack.org/wiki/Neutron/LBaaS/LBaaS%2Band%2BLibra%2Bintegration%2BDraft

I looked at the proposal briefly, it makes sense to me. Also it seems to be
the simplest way of integrating LBaaS and Libra - create a Libra driver for

> While this would allow us to fill a gap short term we would like to
> discuss the longer term strategy since we believe that everybody would
> benefit from having such "managed services" artifacts built directly into
> Neutron LBaaS.
I'm not sure about building it directly into LBaaS, although we can discuss
it. For instance, HA is definitely on roadmap and everybody seems to agree
that HA should not require user/tenant to do any specific configuration
other than choosing HA capability of LBaaS service. So as far as I see it,
requirements for HA in LBaaS look very similar to requirements for HA in

> There are blueprints on high-availability for the HA proxy software
> load-balancer and we would like to suggest implementations that fit our
> needs as services providers.
> One example where the managed service approach for the HA proxy load
> balancer is different from the current Neutron LBaaS roadmap is around HA
> and resiliency. The 2 LB HA setup proposed (
> https://blueprints.launchpad.net/neutron/+spec/lbaas-ha-haproxy) isn't
> appropriate for service providers in that users would have to pay for the
> extra load-balancer even though it is not being actively used.
One important idea of the HA is that its implementation is vendor-specific,
so each vendor or cloud provider can implement it in the way that suits
their needs. So I don't see why particular HA solution for haproxy should
be considered as a common among other vendors/providers.

An alternative approach is to implement resiliency using a pool of stand-by
> load-and preconfigured load balancers own by e.g. LBaaS tenant and assign
> load-balancers from the pool to tenants environments. We currently are
> using this approach in the public cloud with Libra and it takes
> approximately 80 seconds for the service to decide that a load-balancer has
> failed, swap the floating ip and update the db, etc. and have a new LB
> running.
That for sure can be implemented. I only would recommend to implement such
kind of management system out of Neutron/LBaaS tree, e.g. to only have
client within Libra driver that will communicate with the management


> Regards Susanne
> -------------------------------------------
> Susanne M. Balle
> Hewlett-Packard
> HP Cloud Services
> Please consider the environment before printing this email.
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140325/c6ce1c50/attachment.html>

More information about the OpenStack-dev mailing list