Platform & Engineering Services CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use cases for load balancing and HA Ignacio Reguero 12 June 2014

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA Contents LB /HA things we cannot do –HAProxy –Pacemaker/Corosync Here comes Neutron Neutron for LB and HA To bear in mind 1 To bear in mind 2

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA LB /HA things we cannot do Service deployment in The CERN Cloud could benefit from services currently hampered by limitations on Floating (Virtual) IP addresses: –Only allowed within a (physical) «network service» HA Systems: –Pacemaker/Corosync Physical load balancers: –HAProxy

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA HAProxy Supports multiple balancing policies Operates in various modes. ( TCP – Layer 4, HTTP – Layer-7 ) Statistics and monitoring for backend/frontend members Multiple listening services within the same process Typically combined with HA system

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA Pacemaker/Corosync Framework to configure distributed resources –Pacemaker: resource (service) manager –Corosync: communication protocol Supports various resources: –httpd, haproxy, mysql, Floating IP, etc Supports Floating (Virtual) IP addresses

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA Here comes Neutron We focus on Network as a Service as implemented by Openstack Neutron Neutron present Virtual Networks (dedicated L2 segment) that allow per tenant control of –Topology –IP prefixes + addresses –Other service insertion

CERN IT Department CH-1211 Geneva 23 Switzerland t PES TWiki at CERN. Past Present and Future Neutron: Concept

CERN IT Department CH-1211 Geneva 23 Switzerland t PES TWiki at CERN. Past Present and Future Neutron: Architecture

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA Neutron: What you can do

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA Neutron for LB and HA Neutron Virtual Networks decouple us from the Physical Network. We could consider tenants with NeutronVirtual Networks spanning –Physical Networks –Availability Zones –Sites: CERN CC and Wigner Within these NeutronVirtual Networks we could consider combinations of HAProxy and Pacemaker/corosync

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA To bear in mind 1 The requirement is that Floating IPs that may reach all nodes in the tenant that are alias members or part of an HA service –Otherwise we do not care about the topology HAProxy could be used through Neutron LBaaS interface Bearing in mind that HAProxy is only recommended when session persistence required

CERN IT Department CH-1211 Geneva 23 Switzerland t PES Network as a Service Use Cases for Load Balancing and HA To bear in mind 2 DNS LB is recommended for cases that do not require network persistence: –Does not alter traffic patterns –It is much cheaper to implement We aim to integrate the DNS LB with Openstack –Ermis REST service configures «DNS delegated zones» using SOAP interface from CS group –To be integrated with Keystone identity manager for per tenant authorization