How to configure lbaasv2 in openstack Kilo packstack setup ?

In this article I am going to show the configuration of lbaasv2 on openstack kilo packstack setup. By default lbaasv1 configuration is present, we have to modify some files to make lbaasv2  work.

First of all, I suggest you to refer the below presentation to understand the difference between lbaasv1 and lbaasv2. Most importantly, the slide number 9.

https://www.openstack.org/assets/Uploads/LBaaS.v2.Liberty.and.Beyond.pdf

Step 1 : Ensure that openstack packstack setup is installed using lbaas.

~~~

grep LBAAS /root/answer.txt
CONFIG_LBAAS_INSTALL=y

~~~

Step 2 : Make the below changes. Before making any change I suggest you to take the backup of conf file.

a) Changes made in /etc/neutron/neutron.conf 

~~~

diff /etc/neutron/neutron.conf /var/tmp/LBAAS_BACKUP/neutron.conf
79,80c79
< #service_plugins =neutron.services.loadbalancer.plugin.LoadBalancerPlugin,neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
< service_plugins = neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2,neutron.services.l3_router.l3_router_plugin.L3RouterPlugin

> service_plugins =neutron.services.loadbalancer.plugin.LoadBalancerPlugin,neutron.services.l3_router.l3_router_plugin.L3RouterPlugin

~~~

b) Changes made in /etc/neutron/neutron_lbaas.conf 

~~~

diff /etc/neutron/neutron_lbaas.conf /var/tmp/LBAAS_BACKUP/neutron_lbaas.conf
53,54c53
< #service_provider=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
< service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default

> service_provider=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default

~~~

c) Changes made in /etc/neutron/lbaas_agent.ini

~~~

diff /etc/neutron/lbaas_agent.ini /var/tmp/LBAAS_BACKUP/lbaas_agent.ini
31,32c31
< #device_driver = neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver
< device_driver = neutron_lbaas.drivers.haproxy.namespace_driver.HaproxyNSDriver

> device_driver = neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver

~~~

Step 3 : Run the below command to activate the lbaasv2 agent.

# neutron-db-manage --service lbaas upgrade head
# systemctl disable neutron-lbaas-agent.service
# systemctl stop neutron-lbaas-agent.service
# systemctl restart neutron-server.service
# systemctl enable neutron-lbaasv2-agent.service
# systemctl start neutron-lbaasv2-agent.service

Verify that lbaasv2 agent is running.
ps -ef | grep 'neutron-lbaasv2'  |grep -v grep
neutron  24609     1  0 06:01 ?        00:00:14 /usr/bin/python2 /usr/bin/neutron-lbaasv2-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /usr/share/neutron/neutron-lbaas-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/lbaas_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-lbaasv2-agent --log-file /var/log/neutron/lbaas-agent.log

Step 4 : Creating loadbalancer using LbaaSv2.

a) Create loadbalancer.

[root@allinone-7 ~(keystone_admin)]# neutron lbaas-loadbalancer-create –name Snet_test_1 9bed29a5-8cb3-436a-89fc-6ca6a8467c03
Created a new loadbalancer:
+———————+————————————–+
| Field               | Value                                |
+———————+————————————–+
| admin_state_up      | True                                 |
| description         |                                      |
| id                  | f0513999-9b07-48c4-b8b8-645b322a0e78 |
| listeners           |                                      |
| name                | Snet_test_1                          |
| operating_status    | OFFLINE                              |
| provider            | haproxy                              |
| provisioning_status | PENDING_CREATE                       |
| tenant_id           | 90686d89a72143179f7608cb9b6d0898     |
| vip_address         | 10.10.1.9                            |
| vip_port_id         | 6d95724a-1232-45ba-8992-7ffc1983b2b9 |
| vip_subnet_id       | 9bed29a5-8cb3-436a-89fc-6ca6a8467c03 |
+———————+————————————–+

b) Creating listener.

[root@allinone-7 ~(keystone_admin)]# neutron lbaas-listener-create –loadbalancer 9455e883-2fb2-49d8-8468-2b24003de808 –protocol TCP –protocol-port 80 –name Snet_test_1_80
Created a new listener:
+————————–+————————————————+
| Field                    | Value                                          |
+————————–+————————————————+
| admin_state_up           | True                                           |
| connection_limit         | -1                                             |
| default_pool_id          |                                                |
| default_tls_container_id |                                                |
| description              |                                                |
| id                       | 78bc2864-b962-4483-a287-80afe45ec6ec           |
| loadbalancers            | {“id”: “f0513999-9b07-48c4-b8b8-645b322a0e78”} |
| name                     | Snet_test_1_80                                 |
| protocol                 | TCP                                            |
| protocol_port            | 80                                             |
| sni_container_ids        |                                                |
| tenant_id                | 90686d89a72143179f7608cb9b6d0898               |
+————————–+————————————————+

c) Creating pool in listener.

[root@allinone-7 ~(keystone_admin)]# neutron lbaas-pool-create –lb-algorithm ROUND_ROBIN –listener Snet_test_1_80 –protocol TCP –name Snet_test_1_pool80
Created a new pool:
+———————+————————————————+
| Field               | Value                                          |
+———————+————————————————+
| admin_state_up      | True                                           |
| description         |                                                |
| healthmonitor_id    |                                                |
| id                  | 48d9b744-c7d5-41c0-873e-5d477a1f7853           |
| lb_algorithm        | ROUND_ROBIN                                    |
| listeners           | {“id”: “78bc2864-b962-4483-a287-80afe45ec6ec”} |
| members             |                                                |
| name                | Snet_test_1_pool80                             |
| protocol            | TCP                                            |
| session_persistence |                                                |
| tenant_id           | 90686d89a72143179f7608cb9b6d0898               |
+———————+————————————————+

d) Creating members using below commands.

~~~
# neutron lbaas-member-create –subnet 9bed29a5-8cb3-436a-89fc-6ca6a8467c03 –address 10.10.1.5 –protocol-port 80 Snet_test_1_pool80
# neutron lbaas-member-create –subnet 9bed29a5-8cb3-436a-89fc-6ca6a8467c03 –address 10.10.1.6 –protocol-port 80 Snet_test_1_pool80
~~~

e) It’s working fine in round-robin manner. I have used only private range. I am curl from inside the namespace hence I am able to reach the private range.

~~~
[root@allinone-7 ~(keystone_admin)]# ip netns exec qdhcp-049b58b3-716f-4445-ae24-32a23f8523dd bash
[root@allinone-7 ~(keystone_admin)]# for i in {1..5} ; do curl  10.10.1.9 ; done
web2
web1
web2
web1
web2
~~~

f) Even if I am using public IP I am able to access them. Let’s come out of namespace and verify the same by accessing the public IP.

~~~
[root@allinone-7 ~(keystone_admin)]# exit
[root@allinone-7 ~(keystone_admin)]# for i in {1..5} ; do curl  192.168.122.4 ; done
web1
web2
web1
web2
web1
~~~

Troubleshooting Tips :

  • Make sure httpd service is running in instances.
  • iptables are not blocking the httpd traffic.
  • selinux content are right on created http file.
  • if you are facing issue while getting response from curl using load balancer ip check whether you are getting response using instance ip or not.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s