Documentation

Skip to end of metadata
Go to start of metadata

Load balancer feature

The Abiquo load balancer feature is designed to simplify the creation of load balancers in both public and private cloud with the unified Abiquo interface.

Users with the privilege to Manage load balancers can create, edit and delete load balancers.  Abiquo supports load balancers using the following cloud providers and network managers:

  • AWS
  • Rackspace
  • OpenStack Neutron
  • VMware NSX

Abiquo-only load balancers

  • Depending on provider support you can:
    • Create a load balancer in Abiquo that is not assigned to a provider
    • Remove a load balancer configuration from the provider and reuse it

Synchronization

Support for load balancer synchronization is:

  • Public cloud
    • Retrieve public cloud entities and create or update the corresponding Abiquo entities accordingly
  • Private cloud
    • Retrieve Abiquo private cloud entities only and update the corresponding Abiquo entities
    • Warning: Do not modify Abiquo entities directly in the network manager

Provider Notes

Please refer to cloud provider documentation or network manager documentation as the definitive guide to the load balancer feature. And remember to check your cloud provider's pricing before you begin.

AWS load balancers

 Click here to show/hide the AWS table

AWS ElementNotes
AWS documentationhttp://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/SvcIntro.html
SSL certificates
  • To list and upload SSL server certificates to IAM your user requires IAM privileges to manage IAM
  • Abiquo never stores SSL certificates, so you cannot create a routing rule for a secure connection in an Abiquo-only load balancer that is not assigned to a network
Healthy threshold
  • AWS will assign a previously unhealthy machine a healthy status after a number of successful health checks. Check the value configured for your platform with your system administrator.
Modifications

You cannot change the following attributes in AWS:

  • Name
  • Description
Load balancer Name
  • AWS will only accept the following characters: A-Z, a-z, 0-9 and "-". 
  • You cannot change the name after Abiquo creates the load balancer in AWS (when a valid load balancer is saved with a subnet assigned to it)
Algorithm
  • ROUND_ROBIN only
Abiquo-only load balancers
  • AWS load balancers are created for virtual datacenter networks, which are VPC subnets
  • Abiquo will not create a load balancer in AWS until it is assigned to at least one subnet
    • You can create a load balancer in Abiquo only, by not supplying a subnet
    • If you delete the load balancer directly in the provider, it will remain in Abiquo only
High availability
  • For high availablility, create private networks (subnets) in different availability zone in your virtual datacenter
Multiple incoming connectionsUse one load balancer with multiple incoming connections to different ports
Routing rules
  • You must create at least one routing rule. There must always be at least one routing rule in the load balancer
  • You can only create one routing rule per protocol and path
Subnet
  • If you do not supply a subnet when creating the load balancer, Abiquo will not create the LB in AWS
  • When you edit the load balancer, you can add new subnets and delete subnets
Routing rule protocol inAWS accepts HTTP, HTTPS, TCP
Routing rule port inAWS accepts 80, 443 and 1024-65535 inclusive
SSL certificateCan be a new certificate or an existing one registered in AWS with an ARN
Health check
  • If you do not create a health check, AWS will create a default health check with the following specifications:
    • Name in the format "PROTOCOL:port", for example, "TCP:80"
    • TCP check to one of the ports specified in a routing rule
  • AWS will only allow you to create one health check per load balancer
Firewalls
  • If a firewall does not display, it may not have been properly synchronized. In this case, you will need to click Cancel, synchronize firewalls and start again creating a new load balancer

Rackspace load balancers

 Click here to show/hide the Rackspace table

Rackspace ElementNotes
Rackspace documentationhttp://docs.rackspace.com/loadbalancers/api/v1.0/clb-devguide/content/
Algorithms
  • The algorithms Rackspace supports are:
    • LEAST_CONNECTIONS
    • RANDOM
    • ROUND_ROBIN
    • WEIGHTED_LEAST_CONNECTIONS
    • WEIGHTED_ROUND_ROBIN
Load balancing multiple
incoming protocols and ports
Use multiple load balancers to the same IP address each with an incoming connection with a different protocol and to a different port
Routing rulesIn Rackspace you must create only one routing rule for incoming traffic per load balancer
Changes to routing rulesYou can only add new rules with same incoming port and protocol and delete rules until there is only 1 rule remaining
Health check protocols
  • Rackspace supports HTTP, HTTPS and CONNECT
  • The health check protocols HTTP and HTTPS can only be used with routing rules for the same protocol
Health check pathRequired by RackSpace for health monitors using HTTP and HTTPS protocols
FirewallsRackspace provides automatic port filtering for load balancers, so no firewalls screen is displayed

OpenStack Neutron load balancers

 Click here to show/hide the OSN table

OSN ElementNotes
OpenStack Neutron documentation
Complete OpenStack Neutron guide:
Docs specific to Load Balancers:
http://docs.openstack.org/liberty/networking-guide/adv-config-lbaas.html
Algorithms
  • The algorithms Neutron supports are:
    • round robin
    • least connections
    • source IP
Load balancing multiple
incoming protocols and ports
Use multiple load balancers to the same IP address each with an incoming connection with a different protocol and to a different port
Routing rule protocols in

Neutron accepts HTTP, HTTPS, TCP

Changes to routing rule protocols-inIf no nodes are assigned, you can change port and protocol to add new rules with same in-port and protocol and delete rules until there is only 1 rule remaining
Routing rule ports in

Neutron accepts 80, 443 and 1024-65535 inclusive

Health check protocols

Neutron supports: PING, TCP, HTTP, HTTPS

Health check protocol
  • The health check protocols HTTP and HTTPS can only be used with routing rules for the same protocol
  • Only one check per protocol and path. The health check protocol must be compatible with the routing rule protocol
Abiquo-only load balancers
  • You cannot create a load balancer without a subnet directly
  • However, you can later modify the load balancer to make it an Abiquo-only load balancer

VMware NSX load balancers

 Click here to show/hide the NSX table

NSX ElementNotes
NSX documentationhttps://www.vmware.com/support/pubs/nsx_pubs.html
Load balance multiple protocols and portsUse multiple load balancers to the same IP address each with an incoming connection to a different port
Algorithms
  • The algorithms NSX supports are:
    • ROUND_ROBIN
    • IP_HASH
    • LEAST_CONN
    • URI
    • HTTP_HEADER
    • URL
AddressesIn NSX a load balancer must have at least one private address
Routing rule protocols in

NSX accepts HTTP, HTTPS, TCP and UDP

Changes to routing rulesYou cannot change NSX routing rules after they have been created
Health checkThe health check is not required
Health check protocols

NSX supports: HTTP, HTTPS, TCP, UDP, ICMP

Create load balancers

Before you begin:

  • Synchronize your virtual datacenters (including virtual machines, networks, firewalls, firewall rules and loadbalancers)
  • As required by your provider, create firewalls for your virtual machines to allow your load balancers to access the virtual machines

Check your cloud provider's pricing of load balancers

To manage load balancers:

  1. Select a virtual datacenter
  2. Open the Network tab
  3. Open the Load Balancers page
  4. Use the buttons in the top-right corner of the page to manage load balancers
    • read your cloud provider documentation and the steps below

Load balancer general information

The following screenshot is from AWS.

Field

Value

Name

The name of the load balancer. Check cloud provider documentation for accepted values

Subnets

In providers that support subnets, the subnets load balancer is connected to. In AWS these are private networks in different availability zones. If you do not supply a subnet when creating the load balancer, Abiquo will not create the LB in AWS

Algorithm

See cloud provider documentation for accepted values

Addresses

  • For connections to the load balancer, you can select
    • public IP
    • private IP OR
    • both
  • The cloud provider will automatically create the load balancer addresses for you
  • If you have already created a load balancer, you may be able to select its connection address for other load balancers in the same VDC
  • When you edit the load balancer you can change the address to another one in the same VDC

Load balancer routing rules

Field

Value

Common protocols

Select one of the common protocols to load presets

Protocol in

The incoming protocol to the load balancer. See cloud provider documentation for accepted values.

Port in

The incoming port to the load balancer. See cloud provider documentation for accepted values.

Protocol out

The outgoing protocol from the load balancer.

Port outThe outgoing port from the load balancer
SSL CerftificateFor secure connections (e.g. HTTPS), you can add an SSL certificate.
  • Abiquo will never store or validate the SSL certificate 
  • Abiquo will pass the certificate directly to the provider
Select an existing certificate or add a new one
AddClick Add to save a routing rule for the load balancer

To delete a routing rule, click X beside the name of the routing rule in the list

Load balancer SSL certificate

Abiquo will never validate or store SSL certificate data. Abiquo will pass any certificates or private keys that you enter directly to the cloud provider for the creation of routing rules. This means that you cannot create a routing rule for a secure connection in a load balancer that will only be created in Abiquo and not in the provider.

Field

Value

Name

Name of the certificate

Certificate

The certificate contents

Intermediate certificate

An intermediate certificate can be issued by a provider to support older browsers that may not have all of the trusted root certificates for that provider, so that users will not receive invalid SSL warnings. If you have an intermediate certificate, add it at the same time as the certificate to ensure that a trusted-chain certificate is configured.

Private key

The RSA private key for the certificate

Load balancer health check

 

Field

Value

Common protocols

Select one of the most common protocols to load presets

Name

Name of the health check

Protocol

The protocol with which the health check will be performed

Port

The port to which the health check will be performed

PathThe server path to ping
Interval (sec)The interval in seconds between health checks
Timeout (sec)The timeout in seconds after which an attempted health check will be considered unsuccessful
AttemptsThe number of attempts before the health check will be considered unsuccessful
AddAdd the current health check to the load balancer

Load balancer firewalls

If your provider supports firewalls, to add a firewall to your load balancer, select your firewall from the list of firewalls that were created in your provider.

  • Rackspace does not display a firewall selection list

In providers with firewall support, if a firewall does not display, it may not have been properly synchronized. In this case, you will need to click Cancel, synchronize firewalls and start again creating a new load balancer.

Assign load balancer nodes

If you have the privilege to Manage load balancers and Assign load balancers, you can assign the load balancers to nodes.

To assign your load balancer to virtual machines, drag and drop the virtual machines them from the Available Nodes list into the Attached Nodes list.

  • The virtual machines to be load balanced can be in the same or different virtual appliances in the same virtual datacenter
  • You can also attach virtual machines by selecting load balancers when configuring the virtual machine.

The following screenshot is from OpenStack Neutron. 

Load balancer node status

Abiquo will display the status of the load balancer nodes on the Nodes tab.

You can also check the status using the Abiquo API.

API Documentation

For the Abiquo API documentation of this feature, see Abiquo API Resources and the page for this resource LoadbalancerResource.

Edit load balancers

The elements of a load balancer that you can edit depend on the cloud provider.

The Abiquo load balancer interface is generic, so you might be able to perform some operations in Abiquo that can later be rejected by the cloud provider, triggering an error. Always check your cloud provider documentation.

Edit virtual machines to assign or unassign load balancers

Users with the privilege to Assign load balancers will see the Load Balancers tab when they create or edit a virtual machine.

Select a load balancer to attach it to your virtual machine.

To assign a virtual machine to a load balancer, select the load balancer from the list.

Load balancer administrator notes