[Openstack] load balancer as a service for all protocols

Priyanka ppnaik at cse.iitb.ac.in
Mon May 16 15:13:47 UTC 2016

Hi Alex,

Thanks for the insight about lbaas in openstack. I would have preferred 
not to upgrade but if the services I need are not available in Juno I 
think i will have to upgrade. But can any of these lbaas (haproxy or 
octavia) suit my need because they are protocol specific and I need a 
generic lbaas (i.e. which handles TCP as well as UDP requests).


On Monday 16 May 2016 08:19 PM, Alex Barclay wrote:
> Hi Priyanka
> I'll dive in a little here. As I may know a little about LBaaS on 
> OpenStack.
> If you're on Juno you'll be using Neutron LBaaS v1 - warning - this is 
> deprecated in Liberty. It has limitations such as inability to support 
> TLS termination, multiple simultaneous TCP ports (e.g. one virtual IP 
> can't do both 80 and 443). Coming in Kilo and through Mitaka we've 
> been changing over the Neutron LBaaS v2 which can provide the missing 
> features I've mentioned above.
> Neutron LBaaS is an API/plugin architecture that's very similar to 
> other parts of OpenStack. As an example, for LBaaS v1 I've been 
> working closely with F5 and their driver (not sure if it'll work back 
> on Juno though). Moving forward to LBaaS v2 there are 2 out of the box 
> drivers: HAProxy which is the original driver (and deprecated in 
> Liberty) and Octavia which is the replacement software load balancer 
> (and runs LBs in Nova VMs). There are also a rich set of drivers 
> available from companies such as F5, A10, Citrix and Radware. Multiple 
> drivers can be installed simultaneously so you can create some LBs on 
> F5 and others on Octavia, as an example.
> Now for the big question: If you can upgrade I'd strongly suggest it. 
> To be honest Neutron and associated services have been improving 
> markedly since Icehouse and were a work in progress in Juno. If you 
> can't upgrade I'd suggest using an external load balancer which you 
> would connect to your VMs using a provider network (i.e. a Neutron net 
> where you specify the encapsulation type and id - e.g. VLAN or VXLAN 
> and the appropriate segmentation ID), alternatively if you are only 
> protecting external services you can run your load balancer externally 
> to the entire cloud.
> Sorry the story isn't better in Juno - it's been a long path from the 
> Atlanta summit, where we decided to fix LBaaS, to where we are today.
> Regards
> Alex
> On 5/16/16 7:05 AM, nithish B wrote:
>> Hi Priyanka,
>> When you say you want to load balance between a set of VMs, will this 
>> load balancer be another VM or should it be a LBaaS. Please let me know.
>> Regards,
>> Nitish B.
>> On Mon, May 16, 2016 at 7:22 PM, Priyanka <ppnaik at cse.iitb.ac.in 
>> <mailto:ppnaik at cse.iitb.ac.in>> wrote:
>>     Hi Nitish,
>>     Thanks for the response. But can this be used for VMs on
>>     openstack cloud. There is no plugin in openstack for this.
>>     Thanks,
>>     Priyanka
>>     On Monday 16 May 2016 07:14 PM, nithish B wrote:
>>>     Hi Priyanka,
>>>     You could have a look at IPVS
>>>     <https://en.wikipedia.org/wiki/IP_Virtual_Server>. It is part of
>>>     the linux kernel and load balances at the transport layer.
>>>     Regards,
>>>     Nitish B.
>>>     On Mon, May 16, 2016 at 6:46 PM, Priyanka
>>>     <ppnaik at cse.iitb.ac.in> wrote:
>>>         Hi,
>>>          I have a openstack juno cloud with one controller+neutron
>>>         node and three compute nodes. I want to create a load
>>>         balancer for balancing the load on a set of VMs of same
>>>         type. The load to these VMs would come from VMs on the same
>>>         subnet and the the communications are using different
>>>         protocols i.e. TCP and UDP. I read about HAproxy lbaas and
>>>         lvs lbaas. HAproxy is protocol dependent which would not
>>>         suit for the multiple protocol scenario and LVS is a plugin
>>>         on the router which too would not work. Are there any
>>>         variation of lbaas to suit this need. Also, can any of the
>>>         above (HAproxy or LVS) be modified to suit my need? Please
>>>         guide me on this.
>>>         Thanks,
>>>         Priyanka
>>>         _______________________________________________
>>>         Mailing list:
>>>         http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>         Post to     : openstack at lists.openstack.org
>>>         <mailto:openstack at lists.openstack.org>
>>>         Unsubscribe :
>>>         http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> _______________________________________________
>> Mailing list:http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to     :openstack at lists.openstack.org
>> Unsubscribe :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160516/754e3264/attachment.html>

More information about the Openstack mailing list