openstack load balancing use cases and requirements
TRANSCRIPT
![Page 1: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/1.jpg)
LBaaS Use Cases and Requirements
What do you mean we have to make this work now?
OpenStack Design Summit – Fall 2012 – Tuesday October 16th [email protected]
![Page 2: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/2.jpg)
Background and Thoughts
Please Read the Wiki: http://wiki.openstack.org/Quantum/LBaaS
Primer on Network Load Balancing: http://wiki.openstack.org/NetworkLoadBalancingIntegrationsWithQuantum
Decided to Standardize Two L3 Routed Use Cases for Now:
“Routed Mode”- LB device is the default L3 route path (maybe)
“One-Arm Mode”- LB device uses SNAT to force a L3 route path
![Page 3: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/3.jpg)
Quick Look At Routed Mode
VIP: 10.10.10.10
NLB: 20.20.20.1
Node: 20.20.20.10Gateway: 20.20.20.1
Node: 20.20.20.9Gateway: 20.20.20.1
Node: 20.20.20.8Gateway: 20.20.20.1
Ramifications: - L2 adjacency to 'Nodes' - L3 routing works to everything the 'Nodes' need to get to - No LB for the Local Segment
![Page 4: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/4.jpg)
Quick Look At One-Arm ModeRamifications: - L3 client address abstracted to 'Nodes' - Additional L3 addressing for SNAT - 64k connections per IP - Defined as pools before deployed
VIP: 20.20.20.5Router: 20.20.20.1
Node: 20.20.20.10Gateway: 20.20.20.1
Node: 20.20.20.9Gateway: 20.20.20.1
Node: 20.20.20.8Gateway: 20.20.20.1
SNAT Pool20.20.20.50-52
![Page 5: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/5.jpg)
LB Devices Should Be HA
MAC A
MAC B
MAC Masq C
Virtual IP bound to MAC C
Virtual IP
Virtual IP
routedomain
broadcastdomain
Dynamic MAC address generation
GARP or ICMPv6 for failover
1 IP per HA + 1 IP per device + 1 VIP
Dynamic MAC address generation
GARP or ICMPv6 for failover
1 IP per HA + 1 IP per device + 1 VIP
Dynamic routing protocol with forwarding on separate L3 network
Anycast or RHI Virtual IPs
1 IP per device + 1 VIP
Dynamic routing protocol with forwarding on separate L3 network
Anycast or RHI Virtual IPs
1 IP per device + 1 VIP
L2 HA
L3 HA
![Page 6: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/6.jpg)
Use Case 1: Multi-Tenant Devices with Routed Shared Networks
One-Arm mode only – Edge LB Service
……….
OOB Management Port
Management Network
HA Virtual IP Network (Public)
HA Shared Network (Private)
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP Address per Virtual Service ( n + d + v )1 IP Address per Device + 1 IP HA Cluster Management ( n + 1 )
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP per 64k connections ( n + d + p )
n = number of LB devicesd = number of HA domainsp = number of concurrent SNAT addresses
OOB Typically is a physical interface
100% Routed L3 Topology for LB
All Virtual IPs are from shared network pools
There are no tenant specific networks at L2 or tenant provided L3 addressing
100% Routed L3 Topology for LB
All Virtual IPs are from shared network pools
There are no tenant specific networks at L2 or tenant provided L3 addressing
![Page 7: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/7.jpg)
Use Case 1: Multi-Tenant Devices with Routed Shared Networks
One-Arm Mode Only
……….
OOB Management Port
Management Network
HA Virtual IP Network (Public)
HA Shared Network (Private)
n = number of LB devicesd = number of HA domainsp = number of concurrent SNAT addresses
OOB Typically is a physical interface
1 IP Address per Device + 1 IP HA Cluster Management ( n + 1 )
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP per 64k connections ( n + d + p )1 IP Address per Device + 1 IP Address per HA Domain + 1 IP Address per Virtual Service ( n + d + v )
PROVIDER REQUIREMENTS
This looks like AtlasLB today
LB Device Management and HA networking
Predefined network poolsfor PUBLIC and PRIVATE routed networks
Predefined SNAT pool addresses
L3 filtering on PRIVATE virtual IPs allowing only tenant network addresses
to connect to the virtual service
Security groups must allow connectionsfrom SNAT pool addresses
PROVIDER REQUIREMENTS
This looks like AtlasLB today
LB Device Management and HA networking
Predefined network poolsfor PUBLIC and PRIVATE routed networks
Predefined SNAT pool addresses
L3 filtering on PRIVATE virtual IPs allowing only tenant network addresses
to connect to the virtual service
Security groups must allow connectionsfrom SNAT pool addresses
TENANT REQUIREMENTS
This looks like AtlasLB today
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
TENANT REQUIREMENTS
This looks like AtlasLB today
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
![Page 8: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/8.jpg)
Use Case 2: Multi-Tenant Devices with Shared and Quantum Networks
……….
OOB Management Port
Management Network
HA Virtual IP Network (Public)
HA Tenant Network
1 IP Address per Device + 1 IP HA Cluster Management ( n + 1 )
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP per 64k connections ( n + d + p )
OOB Typically is a physical interface
HA Tenant Network
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP per 64k connections ( n + d + p )
Quantum IP Addresses
Dynamic MAC Addresses + Tenant Managed IP Addresses
Tenant Networks
Public HA Virtual IPs are from shared network pools
Tenant supplies network ids and required L3 addressing
Public HA Virtual IPs are from shared network pools
Tenant supplies network ids and required L3 addressing
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP Address per Virtual Service ( n + d + v )
One-Arm mode only?
![Page 9: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/9.jpg)
Use Case 2: Multi-Tenant Devices with Shared and Quantum Networks
One-Arm mode only?
……….
OOB Management Port
Management Network
HA Virtual IP Network (Public)
HA Tenant Network
OOB Typically is a physical interface
HA Tenant Network
Tenant Networks
1 IP Address per Device + 1 IP HA Cluster Management ( n + 1 )Quantum IP Addresses
Dynamic MAC Addresses + Tenant Managed IP Addresses
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP Address per Virtual Service ( n + d + v )
1 IP Address per Device + 1 IP Address per HA Domain + 1 IP per 64k connections ( n + d + p )1 IP Address per Device + 1 IP Address per HA Domain + 1 IP per 64k connections ( n + d + p )
PROVIDER REQUIREMENTS
LB devices Management and sharednetwork HA requirements
Predefined network poolsfor shared network virtual IPs
PROVIDER REQUIREMENTS
LB devices Management and sharednetwork HA requirements
Predefined network poolsfor shared network virtual IPs
TENANT REQUIREMENTS
Tenant network id(s)
LB devices tenant network(s) HA requirements
IP for virtual IPs on tenant network(s)
Predefined network addressesfor SNAT pools on tenant network(s)
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
TENANT REQUIREMENTS
Tenant network id(s)
LB devices tenant network(s) HA requirements
IP for virtual IPs on tenant network(s)
Predefined network addressesfor SNAT pools on tenant network(s)
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
![Page 10: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/10.jpg)
Use Case 3: Single-Tenant Load Balancing
One-Arm Mode Only
Public Network Address is not HA
Possibly HA Tenant Network
1 IP Address per Device
Quantum IP Addresses
Tenant Networks
Possibly HA Tenant Network
optionalLB device is 'owned' by a
single quantum tenant
LB device is not the onlyroute between tenant networks
Tenant controls LB HA devices
LB device is 'owned' by asingle quantum tenant
LB device is not the onlyroute between tenant networks
Tenant controls LB HA devices
![Page 11: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/11.jpg)
Use Case 3: Single-Tenant Load Balancing
One-Arm Mode Only
Public Network Address is not HA
Possibly HA Tenant Network
1 IP Address per Device
Quantum IP Addresses
Tenant Networks
Possibly HA Tenant Network
optional
PROVIDER REQUIREMENTS
LB devices Management requirements
Predefined network poolsfor shared network virtual IPs
PROVIDER REQUIREMENTS
LB devices Management requirements
Predefined network poolsfor shared network virtual IPs
TENANT REQUIREMENTS
Tenant network id(s) (L2 on device)
LB devices tenant network(s) HA requirements
LB device L3 filtering control
IP for virtual IPs on tenant network(s)
Predefined network addressesfor SNAT pools on tenant network(s)
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
TENANT REQUIREMENTS
Tenant network id(s) (L2 on device)
LB devices tenant network(s) HA requirements
LB device L3 filtering control
IP for virtual IPs on tenant network(s)
Predefined network addressesfor SNAT pools on tenant network(s)
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
![Page 12: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/12.jpg)
Use Case 4: Single-Tenant LB Devices as Gateway
Public Network Address is not HA
Possibly HA Tenant Network
1 IP per Device 1 IP per 64k connections
Possibly HA Tenant Network
Quantum IP Addresses
Tenant Networks
LB device is 'owned' by asingle quantum tenant
LB device is the onlyroute between tenant networks
LB device is 'owned' by asingle quantum tenant
LB device is the onlyroute between tenant networks
Do we even need this use case?
![Page 13: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/13.jpg)
Use Case 4: Single-Tenant Devices as Gateway
Do we even need this use case?
Public Network Address is not HA
Possibly HA Tenant Network
1 IP per Device 1 IP per 64k connections
Possibly HA Tenant Network
Quantum IP Addresses
Tenant Networks
PROVIDER REQUIREMENTS
LB devices Management requirements
Predefined network poolsfor shared network virtual IPs
PROVIDER REQUIREMENTS
LB devices Management requirements
Predefined network poolsfor shared network virtual IPs
TENANT REQUIREMENTS
Tenant network id(s) (L2 on device)
LB devices tenant network(s) HA requirements
LB device L3 filtering control
LB device route table control
LB device DHCP relay / service
IP for virtual IPs on tenant network(s)
Predefined network addressesfor SNAT pools on tenant network(s)
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
TENANT REQUIREMENTS
Tenant network id(s) (L2 on device)
LB devices tenant network(s) HA requirements
LB device L3 filtering control
LB device route table control
LB device DHCP relay / service
IP for virtual IPs on tenant network(s)
Predefined network addressesfor SNAT pools on tenant network(s)
Defines MembersDefines LB Method
Defines Monitoring RequirementsDefines Persistence Requirements
Overload Virtual IPs with Different Ports
![Page 14: OpenStack Load Balancing Use Cases and Requirements](https://reader035.vdocuments.site/reader035/viewer/2022080211/558922f7d8b42aec048b457f/html5/thumbnails/14.jpg)
What Did We Miss?