# Controller Node 설정
[root@Controller ~(keystone)]# yum --enablerepo=centos-openstack-stein,epel -y install openstack-neutron-lbaas net-tools
[root@Controller ~(keystone)]# vi /etc/neutron/neutron.conf
service_plugins = router,lbaasv2
[root@Controller ~(keystone)]# vi /etc/neutron/neutron_lbaas.conf
# 마지막 줄에 추가
[service_providers]
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
[root@Controller ~(keystone)]# vi /etc/neutron/lbaas_agent.ini
# 2번째 줄 추가
[DEFAULT]
interface_driver = openvswitch
[root@Controller ~(keystone)]# su -s /bin/bash neutron -c "neutron-db-manage --subproject neutron-lbaas --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"
[root@Controller ~(keystone)]# systemctl restart neutron-server
# Network Node 설정
[root@network ~]# yum --enablerepo=centos-openstack-stein,epel -y install openstack-neutron-lbaas haproxy net-tools
[root@network ~]# vi /etc/neutron/neutron.conf
# service_plugins 수정
service_plugins = router,lbaasv2
[root@network ~]# vi /etc/neutron/neutron_lbaas.conf
# 마지막 줄 추가
[service_providers]
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
[root@network ~]# vi /etc/neutron/lbaas_agent.ini
# 2번 줄 추가
[DEFAULT]
interface_driver = openvswitch
[root@network ~]# systemctl start neutron-lbaasv2-agent
[root@network ~]# systemctl enable neutron-lbaasv2-agent
# Compute Node 설정
[root@compute ~]# yum --enablerepo=centos-openstack-stein,epel -y install openstack-neutron-lbaas haproxy net-tools
[root@compute ~]# vi /etc/neutron/neutron.conf
# service_plugins 수정
service_plugins = router,lbaasv2
[root@compute ~]# vi /etc/neutron/neutron_lbaas.conf
# 마지막 줄 추가
[service_providers]
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
[root@compute ~]# vi /etc/neutron/lbaas_agent.ini
# 2번 줄 추가
[DEFAULT]
interface_driver = openvswitch
[root@compute ~]# systemctl start neutron-lbaasv2-agent
[root@compute ~]# systemctl enable neutron-lbaasv2-agent
# Controller Node 확인 및 IP 매핑
1) Loadbalancerv2 서비스 확인
[root@Controller ~(keystone)]# openstack network agent list
+--------------------------------------+----------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+----------------------+------------+-------------------+-------+-------+---------------------------+
| 23be0b3f-f314-410a-965f-3706159fe3a6 | Loadbalancerv2 agent | Controller | None | XXX | UP | neutron-lbaasv2-agent |
| 28609e74-0cab-4232-88a0-17750baab8c8 | Metadata agent | Controller | None | :-) | UP | neutron-metadata-agent |
| 2fbbd18a-325d-42d8-acee-7be6e6a931bc | L3 agent | Network | nova | :-) | UP | neutron-l3-agent |
| 5327eca7-1e9d-4538-9ed5-dcf6a999e149 | Loadbalancerv2 agent | Network | None | :-) | UP | neutron-lbaasv2-agent |
| 7ffb8d81-ee51-4185-aca2-fa448ad509b1 | Loadbalancerv2 agent | Compute | None | :-) | UP | neutron-lbaasv2-agent |
| a6922e95-0e9e-42b0-9a3c-bdbaeb20191a | DHCP agent | Network | nova | :-) | UP | neutron-dhcp-agent |
| c5257c3c-b920-42e7-bcd8-67173ee94641 | Open vSwitch agent | Network | None | :-) | UP | neutron-openvswitch-agent |
| e0179507-c2c2-44a3-8cca-2b9ff38c9943 | Metadata agent | Network | None | :-) | UP | neutron-metadata-agent |
| f6596b2d-7a4c-49d9-a2d8-5fa8648a1613 | Open vSwitch agent | Compute | None | :-) | UP | neutron-openvswitch-agent |
+--------------------------------------+----------------------+------------+-------------------+-------+-------+---------------------------+
2) Openstack user and Create Virtual Load-Balancer.
[root@Controller ~(keystone)]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 85844309-e89a-49cb-8ec7-730a8e6d253c | ext_net | 7bcaa30a-261c-41bb-bcab-f88c711f98a8 |
| c9377689-558e-4f2a-9334-17a3b9fa1b87 | int_net | b4dda943-e57b-4455-88dd-c3308c2ac30c |
+--------------------------------------+---------+--------------------------------------+
[root@Controller ~(keystone)]# openstack subnet list
+--------------------------------------+---------+--------------------------------------+------------------+
| ID | Name | Network | Subnet |
+--------------------------------------+---------+--------------------------------------+------------------+
| b4dda943-e57b-4455-88dd-c3308c2ac30c | subnet1 | c9377689-558e-4f2a-9334-17a3b9fa1b87 | 192.168.100.0/24 |
+--------------------------------------+---------+--------------------------------------+------------------+
# create a LB [lb01] in [subnet1]
[root@Controller ~(keystone)]# neutron lbaas-loadbalancer-create --name lb01 subnet1
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| admin_state_up | True |
| description | |
| id | 0de4812e-47ee-4f34-b63c-85ece32246ee |
| listeners | |
| name | lb01 |
| operating_status | OFFLINE |
| pools | |
| provider | haproxy |
| provisioning_status | PENDING_CREATE |
| tenant_id | caab6ec580994e6481cd104b9d210f3f |
| vip_address | 192.168.100.65 |
| vip_port_id | cf6b5dd0-74d9-469f-bd3d-876e831729cb |
| vip_subnet_id | b4dda943-e57b-4455-88dd-c3308c2ac30c |
+---------------------+--------------------------------------+
# create a security group for [lb01] and allow ports you'd like to set load-balancing (example is 80 port)
[root@Controller ~(keystone)]# openstack security group create lbaasv2
[root@Controller ~(keystone)]# openstack security group rule create --protocol icmp --ingress lbaasv2
[root@Controller ~(keystone)]# openstack security group rule create --protocol tcp --dst-port 80:80 lbaasv2
# apply security group [lbaasv2] to [lb01]'s [vip_port_id]
[root@Controller ~(keystone)]# openstack port set --security-group lbaasv2 cf6b5dd0-74d9-469f-bd3d-876e831729cb
# create a listener for a port you'd like to set load-balancing (example is 80 port)
[root@Controller ~(keystone)]# neutron lbaas-listener-create --name lb01-http --loadbalancer lb01 --protocol HTTP --protocol-port 80
+---------------------------+------------------------------------------------+
| Field | Value |
+---------------------------+------------------------------------------------+
| admin_state_up | True |
| connection_limit | -1 |
| default_pool_id | |
| default_tls_container_ref | |
| description | |
| id | 6e577ad7-6aac-4769-898b-c60eb5f3f679 |
| loadbalancers | {"id": "0de4812e-47ee-4f34-b63c-85ece32246ee"} |
| name | lb01-http |
| protocol | HTTP |
| protocol_port | 80 |
| sni_container_refs | |
| tenant_id | caab6ec580994e6481cd104b9d210f3f |
+---------------------------+------------------------------------------------+
# create a pool [lb01-http-pool] with ROUND_ROBIN Algorithm for the listener created above
[root@Controller ~(keystone)]# neutron lbaas-pool-create --name lb01-http-pool --lb-algorithm ROUND_ROBIN --listener lb01-http --protocol HTTP
+---------------------+------------------------------------------------+
| Field | Value |
+---------------------+------------------------------------------------+
| admin_state_up | True |
| description | |
| healthmonitor_id | |
| id | c8a2831d-3d8a-4d9f-a6fc-e29737417278 |
| lb_algorithm | ROUND_ROBIN |
| listeners | {"id": "6e577ad7-6aac-4769-898b-c60eb5f3f679"} |
| loadbalancers | {"id": "0de4812e-47ee-4f34-b63c-85ece32246ee"} |
| members | |
| name | lb01-http-pool |
| protocol | HTTP |
| session_persistence | |
| tenant_id | caab6ec580994e6481cd104b9d210f3f |
+---------------------+------------------------------------------------+
3) To add members to the pool of listener, it's OK all.
# instances which httpd are running
[root@Controller ~(keystone)]# openstack server list
+--------------------------------------+-------------+--------+-------------------------+---------+----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------+--------+-------------------------+---------+----------+
| 6e03e81e-5de8-412a-ae30-8407acd20dfb | WebServer02 | ACTIVE | int_net=192.168.100.52 | CentOS7 | m1.small |
| fb4699a6-5eac-4295-850a-8818e575b6b8 | WebServer01 | ACTIVE | int_net=192.168.100.212 | CentOS7 | m1.small |
+--------------------------------------+-------------+--------+-------------------------+---------+----------+
# add to the pool as a member
[root@Controller ~(keystone)]# neutron lbaas-member-create --name lb01-member-01 --subnet subnet1 --address 192.168.100.52 --protocol-port 80 lb01-http-pool
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| address | 192.168.100.52 |
| admin_state_up | True |
| id | 605aa588-afa5-465b-b56c-2b7e0f678a55 |
| name | lb01-member-01 |
| protocol_port | 80 |
| subnet_id | b4dda943-e57b-4455-88dd-c3308c2ac30c |
| tenant_id | caab6ec580994e6481cd104b9d210f3f |
| weight | 1 |
+----------------+--------------------------------------+
[root@Controller ~(keystone)]# neutron lbaas-member-create --name lb01-member-02 --subnet subnet1 --address 192.168.100.212 --protocol-port 80 lb01-http-pool
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| address | 192.168.100.212 |
| admin_state_up | True |
| id | 273fd727-c0a0-45c7-9387-b2c5825b817e |
| name | lb01-member-02 |
| protocol_port | 80 |
| subnet_id | b4dda943-e57b-4455-88dd-c3308c2ac30c |
| tenant_id | caab6ec580994e6481cd104b9d210f3f |
| weight | 1 |
+----------------+--------------------------------------+
[root@Controller ~(keystone)]# neutron lbaas-member-list lb01-http-pool
+--------------------------------------+----------------+-----------------+---------------+--------+--------------------------------------+----------------+
| id | name | address | protocol_port | weight | subnet_id | admin_state_up |
+--------------------------------------+----------------+-----------------+---------------+--------+--------------------------------------+----------------+
| 273fd727-c0a0-45c7-9387-b2c5825b817e | lb01-member-02 | 192.168.100.212 | 80 | 1 | b4dda943-e57b-4455-88dd-c3308c2ac30c | True |
| 605aa588-afa5-465b-b56c-2b7e0f678a55 | lb01-member-01 | 192.168.100.52 | 80 | 1 | b4dda943-e57b-4455-88dd-c3308c2ac30c | True |
+--------------------------------------+----------------+-----------------+---------------+--------+--------------------------------------+----------------+
4) To assosiate floating IP with VIP-Port of LB, it's possible to access from public network.
[root@Controller ~(keystone)]# openstack floating ip list
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| 390e25f5-e71e-44a2-a655-021f0e8d0e30 | 10.0.0.240 | None | None | 85844309-e89a-49cb-8ec7-730a8e6d253c | caab6ec580994e6481cd104b9d210f3f |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
[root@Controller ~(keystone)]# neutron lbaas-loadbalancer-show lb01
+---------------------+------------------------------------------------+
| Field | Value |
+---------------------+------------------------------------------------+
| admin_state_up | True |
| description | |
| id | 0de4812e-47ee-4f34-b63c-85ece32246ee |
| listeners | {"id": "6e577ad7-6aac-4769-898b-c60eb5f3f679"} |
| name | lb01 |
| operating_status | ONLINE |
| pools | {"id": "c8a2831d-3d8a-4d9f-a6fc-e29737417278"} |
| provider | haproxy |
| provisioning_status | ACTIVE |
| tenant_id | caab6ec580994e6481cd104b9d210f3f |
| vip_address | 192.168.100.65 |
| vip_port_id | cf6b5dd0-74d9-469f-bd3d-876e831729cb |
| vip_subnet_id | b4dda943-e57b-4455-88dd-c3308c2ac30c |
+---------------------+------------------------------------------------+
[root@Controller ~(keystone)]# openstack floating ip set --port cf6b5dd0-74d9-469f-bd3d-876e831729cb 10.0.0.240
[root@Controller ~(keystone)]# curl 10.0.0.240
Web_Server_01
[root@Controller ~(keystone)]# curl 10.0.0.240
Web_Server_02
'서버 > Cloud' 카테고리의 다른 글
| 오픈스택 클라우드 서버 구축(Stein)(11)-Block Storage(Cinder) 설정(LVM) (0) | 2023.02.02 |
|---|---|
| 오픈스택 클라우드 서버 구축(Stein)(10)-Block Storage(Cinder) 구성 (0) | 2023.02.02 |
| 오픈스택 클라우드 서버 구축(Stein)(8)-Dashboard 설치 및 설정 (0) | 2023.02.02 |
| 오픈스택 클라우드 서버 구축(Stein)(7)-네트워크 서비스(Neutron) Configure Networking(FLAT/VXLAN) (0) | 2023.02.02 |
| 오픈스택 클라우드 서버 구축(Stein)(6)-네트워크 서비스(Neutron) 설치 및 설정 (0) | 2023.02.02 |