Launching load balancer using the OpenStack terminal client¶
Note
Before launching your first load balancer, we strongly recommend reading our concepts guide to gain a better understanding of the parts.
We also recommend setting the correct security groups on the instances that should be members in the load balancing.
Traffic from the load balancer will not come from the default group as the load balancer is not an instance - this means that explicit rules needs to be setup on the members.
Configuration¶
To launch a load balancer from the OpenStack Terminal Client, follow the below steps.
We recommend checking OpenStack Horizon for what options are available or using
the -h
option of the terminal client for more information.
More information is also available here.
This documentation aims to show how to get going, not display exhaustive information on each available option. The example below will load balance HTTP (protocol aware) and thus port 80.
Note
If you want to create a load balancer that terminates SSL/TLS, you first need to create the requisite certificate in our secret store. We recommend reading our SSL/TLS termination using Load Balancer guide before proceeding.
Note
The brackets in below example commands are for demonstrating values that you need to change.
The suffixes, for example _listener_80
, suggested within brackets are for clarity, with
the NAME
part to symbolise a common name you pick to identify the load balancer.
You can use any name for each part of the load balancer. That said, each command will reference an earlier example names.
Run this command:
openstack subnet list
, save the name of the subnet that your members are on. We suggest using the same subnet for the load balancer but if you would rather use another subnet (or have members in many subnets), then also save the other subnet names.Run this command to create the load balancer:
openstack loadbalancer create --name [NAME_lb] --vip-subnet-id [SUBNET_NAME]
replacing the subnet name with that from previous step, use--availability-zone
to select a available, if not given europe-se-1a will be used by default.Run this command until it says that the
operating_status
isONLINE
:openstack loadbalancer show [NAME_OF_LB]
Create a listener
If you want to create a HTTP listener you can use
openstack loadbalancer listener create --name [NAME_listener_80] --protocol HTTP --protocol-port 80 [NAME_lb]
.If you want to create a HTTP listener with SSL/TLS termination you can use:
openstack loadbalancer listener create --protocol-port 443 --protocol TERMINATED_HTTPS --name [NAME_listener_80] --default-tls-container=$(openstack secret list | awk '/ [NAME_OF_SECRET] / {print $2}') [NAME_lb]
Run this command to setup the pool:
openstack loadbalancer pool create --name [NAME_pool_80] --lb-algorithm ROUND_ROBIN --listener [NAME_listener_80] --protocol HTTP
.Run this command to setup health checkers:
openstack loadbalancer healthmonitor create --delay 5 --max-retries 4 --timeout 10 --type HTTP --url-path / [NAME_pool_80]
.Run this command:
openstack server list
, save the IP addresses of the members you want to add.Repeat this command to add the members:
openstack loadbalancer member create --subnet-id [SUBNET_NAME] --address [IP_OF_MEMBER] --protocol-port 80 [NAME_pool_80]
Note
The load balancer will take some time to start as its a complex process to create it, this particularly applies after the second command above.
If you want to assign a floating IP to your load balancer.
Run this command:
openstack loadbalancer list
, save the name of the load balancer you want to verify.Run this command:
openstack loadbalancer show [NAME]
. Replace [NAME] with the name from previous step. Save the value of thevip_port_id
of the load balancer.Run this command:
openstack floating ip list
, save an unassigned floating IP.If you don’t have an unassigned floating IP, follow the steps in the floating IP addresses article to assign one to the project.
Run this command:
openstack floating ip set --port [VIP_PORT_ID] [FLOATING_IP]
, replace the items in angle brackets with data from previous steps.
Verification¶
To verify that the health checking has added the members to the pool, follow this procedure:
Run this command:
openstack loadbalancer pool list
, save the name of the pool containing the members you want to check.Run this command:
openstack loadbalancer member list [NAME_OF_POOL]
(replace the name with the name of the pool from previous step).Members have Operating status of
ONLINE
when they are online in the pool.
Tip
If the members are not online, make sure you have the proper Security groups configured
on the them. If you still cant get the members online, verify by using for example tcpdump
or by reading access
logs, that the traffic hits the member servers from the load balancers IP.