Overview
Key Concepts
General
- Index
- Favorites
- User Getting Started
- General
- User Key Concepts
- Search
- User Testing and Debugging
- User Interface
Account
- Index
- Add a Group to an Organization
- Add a New Azure Cloud
- Add a New Cloud
- Add a User To a Group
- Add a User
- Add a User to a Team
- Azure Setup
- Azure
- Catalogs
- Clouds
- Cost Management
- Create a Team in an Organization
- Delete a Platform
- Deploy an Organization
- Deployment Approval Process
- Enable Access to an Assembly for a User on a Team
- Environment Profiles
- How Cost Tracking and Reporting Works
- Import and Export Catalog
- Account
- Manage OneOps User Accounts
- Notifications
- OneOps Policy Management
- Organization Summary
- Provide Only Necessary Privileges to Accounts
- Reports Summary
- Restrict Access with Teams
- Secrets Proxy
- Security Groups
- Shutdown a Cloud
- View a Reports Summary
- View, Add, or Edit Environment Profiles
- View an Organization Summary
- View Assembly and Organization Consumption with Reports
Design
- Index
- Add a Platform to a Design
- Add a Variable
- Add ELK Stack to an Application
- Add or Delete a Security Group to Open or Close an Additional Port
- Add a Team to an Assembly
- Apache HTTP Server Component
- Apache HTTP Server Pack
- Apache Tomcat Pack
- Artifact Component
- Attachments
- Variables Override Prevention
- Certificate Component
- Chocolatey Package Component
- Components
- Compute Component
- Create Assemblies to Design Applications
- Create Environment Dependency with Environment Profiles
- Daemon Component
- Design Best Practices
- Download Component
- Edit a Platform
- Enable https for a Service (LB Certs)
- File Component
- Filebeat Component
- Firewall Component
- Fully Qualified Domain Name FQDN
- Hostname Component
- Design
- Java Component
- Job Component
- Keystore Component
- Load Balancer Component
- Library Component
- Load/Extract
- Logstash Component
- Manage Assemblies
- DotNet Framework Component
- Microsoft IIS Pack
- IIS Website Component
- Microsoft SQL Server Pack
- Naming Conventions
- NuGet Package Component
- Objectstore Component
- Operating System Component
- Packs
- Platform Links
- Platforms
- Ports by Platform
- Propagation
- Security Group Component
- Secrets Client Component
- Sensuclient Component
- Set Up Multiple Ports/Protocols in Load Balancer
- Share Component
- SSH Keys Component
- Storage Component
- Telegraf Component
- Upgrade an Application Version in an Environment
- User Component
- Variables
- View Design Releases
- Volume Component
- Watching an Assembly
- Website Component
Transition
- Index
- Add CNAME in Azure DNS
- Add CNAME
- Add or Edit Primary and Secondary Clouds
- Add or Reduce Capacity
- Availability Modes
- Configure ECV Check URL on OneOps
- Create an Environment
- Delete an Environment
- Deploy Application after Design Changes
- Deploy an Application for the First Time
- Deploy Application With Database
- Deploy an Environment
- Deploy Multiple Clouds in Parallel
- Deploy and Provision an Application and Environment for the First Time
- Edit an Environment
- Email Notification Relay
- Environment Releases
- Environment
- Transition
- Remove an Unused Cloud from an Environment
- Rollback Code
- Set Variable Cloud Scaling Percentage
- Transition Best Practices
- Transition
- View Deployment Status
Operation
- Index
- Assess the Health of Applications, Platforms and Clouds
- Auto Repair
- Auto Replace
- Auto Scale
- Computes in Operation
- Control Environment
- Enable Platform to Auto Replace Unhealthy Components
- Ensure that Alerts for Production Environment are Sent to NOC
- Find a Platform VIP Name
- Grep or Search Text in Files on Computes
- Operation
- Navigation to Monitors
- Monitors
- Operations
- Operations Summary
- Set Up a Custom Action
- Take a Node out of Traffic (ECV Disable)
- Update or Upgrade New OneOps Code
Load Balancer Component
The lb component is of core importance and part of most platforms since it defines the load balancing of request being received by the platform.
You can configure the lb component as part of your platform in design phase and specific to an environment in the transition phase.
Once your assembly is deployed in an environment you can access the lb in operation.
Configuration
Besides the global configuration available for any component such as Name, you can configure the following attributes:
LB Service Type: Defines type of LoadBalancing service to use. Two options available:
- lb: for physical loadbalancer service e.g. Citrix Netscaler.
- slb: for software loadbalancer service e.g. Octavia from the openstack project.
Switching the service type after an initial deployment is not advised and can lead to inconsistent state of the deployed system.
Listeners: Defines the ports that the LB will be listing on for incoming
traffic.
LB Method: Defines the protocol used to forward traffic to balance the load to the servers. Two methods are available described below:
- Least Connection Method: The default method, when a virtual server is configured to use the least connection, it selects the service with the fewest active connections.
- Round Robin Method: This method continuously rotates a list of services that are attached to it. When the virtual server receives a request, it assigns the connection to the first service in the list, and then moves that service to the bottom of the list.
- Source IP Hash: Generates a unique hash key using a clients source and the destination servers IP’s which then allocates the client to a particular server. If the session is terminated the key can be recreated to ensure the client is sent to the same server used previously.
Session Persistence: Directs the LB to send related requests to the same
server. Additional attributes described below if session persistence is checked.
Persistence Type, Cookie Domain and LB Custom Attributes are shown when Session
Persistence is checked.
- Persistence type: Defines the method the LB will provide the
persistence. Two available are described below.v
- SourceIP: The LB caches the IP of the server to send related traffic to.
- Cookieinsert: The LB caches a cookie for a period of time which directs the traffic.
- SourceIP: The LB caches the IP of the server to send related traffic to.
- Cookie Domain: Defines the domain where the cookie is valid.
Create Cloud vips: Vips at the cloud level are available by default. This
checkbox will allow the vips to be avaialble to all cloud regions in the data
center.
Enable LB Group: Used to enable the LB group for persistence across all
listeners.
LB Custom Attributes: Used to define and utilize additional attributes
avaialble on the LB’s. Examples of this are: Enable Access Logs and Configure
Connection Draining. (ex. Key/Value - ConnectionDraining/Enabled: True,Timeout:
300). Please check for the available attributes for your lb’s.
Required Availability Zone: Used to horizontally scale physical LB
Devices.
Connection Limit: Applicable only for software loadbalancers. The maximum
number of connections per second allowed for the vip. Valid values: a positive
integer or -1 for unlimited (default).
Compute Related Attributes
ECV: Used to define service monitors. (ex. 80 => GET
/someservice/node). Port-available monitors are used for tcp(s) and udp.
Note: Currently ECV checks will use TCP on Azure. If your app server
(ex. Tomcat) is listeneing on port HTTP 8443 and runs out of listeners, the lb
will think the server is still listening and direct traffic to it. Please be
aware.
ServiceGroup Custom Attrs: Used to define additional attributes available to the Server Groups defined. Examples of these are: servicegroupname, servicetype, maxclient, cipheader. Please check for the available attributes for your lb’s.
Octavia Software Load Balancer
Octavia is an open source scalable software load balancer that is part of the OpenStack ecosystem. Compared to using physical load balancers such as Netscaler, it can increase operational efficiency and reduces outages.
Octavia and barbican service need to be enabled in the OpenStack cloud to use this feature.
The connection limit parameters is only applicable for software loadbalancer and set the maximum number of connections per second allowed for the virtual IP. Valid values are a positive integer or -1 for unlimited (default).
SLB listener options available are explained below.
Octavia SLB offers all three types of LB connections as available in Physical Netscalars. Listener configurations for each type is explained in the following.
Non-Secure Load balancer
An unencrypted, non-secure LB connection uses HTTP with a listener configuration such as:
http 80 http 8080
This configuration forwards any incoming requests on port 80 to the internal port 8080.
Non-Terminated HTTPS Load Balancer
This type of connection enables end to end SSL encryption with HTTPS.
https 443 https 8443
Any incoming requests on the default HTTPS port 443 are forwarded to the internal computes at 8443. It is necessary to configure the needed certificate in the certificate component.
The certificate is copied to the backend servers and certificate verification is done at the backend.
Terminated HTTPS Load Balancer
This type of connection allows SSL encryption between client and the load balancer. Connectivity from the load balancer to the backend servers is unencrypted:
https 443 http 8080
This configuration takes incoming HTTPS requests on port 443 and forwards them as HTTP requests to port 8080. The advantage of this configuration is that it requires no certificate configuration on the computes.
It is necessary to configure the certificate in the certificate component. The certificate is copied to the load balancer only and certificate verification is done at the load balancer.
Usage of the terminated HTTPS load balancer configuration requires the barbican service in the openstack cloud. Certificate details entered in lb-certificate component are converted to barbican secret and containers for octavia load balancer to use with the TLS_Termination option.
