[Openstack] load balancer as a service for all protocols

Alex Barclay alex at planet-barclay.com
Mon May 16 14:49:48 UTC 2016

Hi Priyanka

I'll dive in a little here. As I may know a little about LBaaS on OpenStack.

If you're on Juno you'll be using Neutron LBaaS v1 - warning - this is 
deprecated in Liberty. It has limitations such as inability to support 
TLS termination, multiple simultaneous TCP ports (e.g. one virtual IP 
can't do both 80 and 443). Coming in Kilo and through Mitaka we've been 
changing over the Neutron LBaaS v2 which can provide the missing 
features I've mentioned above.

Neutron LBaaS is an API/plugin architecture that's very similar to other 
parts of OpenStack. As an example, for LBaaS v1 I've been working 
closely with F5 and their driver (not sure if it'll work back on Juno 
though). Moving forward to LBaaS v2 there are 2 out of the box drivers: 
HAProxy which is the original driver (and deprecated in Liberty) and 
Octavia which is the replacement software load balancer (and runs LBs in 
Nova VMs). There are also a rich set of drivers available from companies 
such as F5, A10, Citrix and Radware. Multiple drivers can be installed 
simultaneously so you can create some LBs on F5 and others on Octavia, 
as an example.

Now for the big question: If you can upgrade I'd strongly suggest it. To 
be honest Neutron and associated services have been improving markedly 
since Icehouse and were a work in progress in Juno. If you can't upgrade 
I'd suggest using an external load balancer which you would connect to 
your VMs using a provider network (i.e. a Neutron net where you specify 
the encapsulation type and id - e.g. VLAN or VXLAN and the appropriate 
segmentation ID), alternatively if you are only protecting external 
services you can run your load balancer externally to the entire cloud.

Sorry the story isn't better in Juno - it's been a long path from the 
Atlanta summit, where we decided to fix LBaaS, to where we are today.



On 5/16/16 7:05 AM, nithish B wrote:
> Hi Priyanka,
> When you say you want to load balance between a set of VMs, will this 
> load balancer be another VM or should it be a LBaaS. Please let me know.
> Regards,
> Nitish B.
> On Mon, May 16, 2016 at 7:22 PM, Priyanka <ppnaik at cse.iitb.ac.in 
> <mailto:ppnaik at cse.iitb.ac.in>> wrote:
>     Hi Nitish,
>     Thanks for the response. But can this be used for VMs on openstack
>     cloud. There is no plugin in openstack for this.
>     Thanks,
>     Priyanka
>     On Monday 16 May 2016 07:14 PM, nithish B wrote:
>>     Hi Priyanka,
>>     You could have a look at IPVS
>>     <https://en.wikipedia.org/wiki/IP_Virtual_Server>. It is part of
>>     the linux kernel and load balances at the transport layer.
>>     Regards,
>>     Nitish B.
>>     On Mon, May 16, 2016 at 6:46 PM, Priyanka <ppnaik at cse.iitb.ac.in
>>     <mailto:ppnaik at cse.iitb.ac.in>> wrote:
>>         Hi,
>>          I have a openstack juno cloud with one controller+neutron
>>         node and three compute nodes. I want to create a load
>>         balancer for balancing the load on a set of VMs of same type.
>>         The load to these VMs would come from VMs on the same subnet
>>         and the the communications are using different protocols i.e.
>>         TCP and UDP. I read about HAproxy lbaas and lvs lbaas.
>>         HAproxy is protocol dependent which would not suit for the
>>         multiple protocol scenario and LVS is a plugin on the router
>>         which too would not work. Are there any variation of lbaas to
>>         suit this need. Also, can any of the above (HAproxy or LVS)
>>         be modified to suit my need? Please guide me on this.
>>         Thanks,
>>         Priyanka
>>         _______________________________________________
>>         Mailing list:
>>         http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>         Post to     : openstack at lists.openstack.org
>>         <mailto:openstack at lists.openstack.org>
>>         Unsubscribe :
>>         http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160516/0ecf853b/attachment.html>

More information about the Openstack mailing list