IntroductionFor production environment in the lab,
load balancers running BalanceNG will be configured to balance varies
services on two seperate vlans. For each vlan there should have at
least two load balancers running to ensure availability. Since
balanceNG supports multiple instances and virtual servers on the same
physical node, only two load balancers are need for the two vlans. The
design of implementation (testing) is as follow:
 In the design above, each of the
balancer nodes are running two instances of balancesNG on single legged
dsr mode. Each balancer acts as a master vrrp node of the vlan1 and
slave vrrp node of vlan2, thus the two balancers provides high
availability for both vlans. Proper firewall rules need to be
implemented on the blancers so that they don't act as bridge so that
security is not compromized. bng agents are intalled on the targets so
that balanceNG could direct incoming traffic to the target server with
lightest load. ConfigurationIn this configuration example, the two openldap servers belong to
the internal load balanced vlan and two apache servers from the
external load balanced vlan are configured to be balanced by the two
load balancers.d
License Key for Production servers is required.
Hodges:
Serial: NUSxxxxxxx
Key: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Archie:
Serial: NUSxxxxxxx
Key: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Load balancer 1 setupThis load balancer acts as a master vrrp node for openldap server and a slave vrrp node for the apache servers. Additional virtual server can be added if more services needs to be load-balancedFistly connect the load balancer server to both of the network. Install balanceNG and put the two configuration file in the /etc folder bng20.cnfhostname Internal_masterremark "DSR configuration with dual node HA adn session synchronization" license Master-Test d5... set { vrrppreempt 0 sessionsync 1 } interface eth1 vrrp { vrid 9 priority 200 network 1 } network 1 { name "Internal load-balanced network" addr 10.0.11.0 mask 255.255.255.0 real 10.0.11.253 interface eth1 } register network 1 enable network 1 gateway { ipaddr 10.0.11.1 } server 1{ ipaddr 10.0.11.120 targets 1,2 port 389,636 protocol tcp method agent } register server 1 enable server 1 target 1 { ipaddr 10.0.11.5 agent 439,2,5 dsr enable } target 2 { ipaddr 10.0.11.6 agent 439,2,5 dsr enable } register targets 1,2 enable targets 1,2 //end of configuration bng25.cnfhostname External_slave remark "DSR configuration with dual node HA adn session synchronization" license Master-Test d5... set { vrrppreempt 0 sessionsync 1 } interface eth2 vrrp { vrid 10 priority 100 network 1 } network 1 { name "External load-balanced network" addr 192.168.10.0 mask 255.255.255.0 real 192.168.10.253 interface eth2 } register network 1 enable network 1 gateway { ipaddr 192.168.10.1 } server 1{ ipaddr 192.168.10.120 targets 1,2 port 80,443 protocol tcp method agent } register server 1 enable server 1 target 1 { ipaddr 192.168.10.5 agent 439,2,5 dsr enable } target 2 { ipaddr 192.168.10.6 agent 439,2,5 dsr enable } register targets 1,2 enable targets 1,2 //end of configuration Load balancer 2 setupThis load balancer is a master load for apache servers and a slave node for openldap servers.bng20.cnfhostname Internal_slaveremark "DSR configuration with dual node HA adn session synchronization" license Master-Test d5... set { vrrppreempt 0 sessionsync 1 } interface eth1 vrrp { vrid 9 priority 100 network 1 } network 1 { name "Internal load-balanced network" addr 10.0.11.0 mask 255.255.255.0 real 10.0.11.252 interface eth1 } register network 1 enable network 1 gateway { ipaddr 10.0.11.1 } server 1{ ipaddr 10.0.11.120 targets 1,2 port 389,636 protocol tcp method agent } register server 1 enable server 1 target 1 { ipaddr 10.0.11.5 agent 439,2,5 dsr enable } target 2 { ipaddr 10.0.11.6 agent 439,2,5 dsr enable } register targets 1,2 enable targets 1,2 //end of configuration bng25.cnfhostname External_master remark "DSR configuration with dual node HA adn session synchronization" license Master-Test d5... set { vrrppreempt 0 sessionsync 1 } interface eth2 vrrp { vrid 10 priority 100 network 1 } network 1 { name "External load-balanced network" addr 192.168.10.0 mask 255.255.255.0 real 192.168.10.252 interface eth2 } register network 1 enable network 1 gateway { ipaddr 192.168.10.1 } server 1{ ipaddr 192.168.10.120 targets 1,2 port 80,443 protocol tcp method agent } register server 1 enable server 1 target 1 { ipaddr 192.168.10.5 agent 439,2,5 dsr enable } target 2 { ipaddr 192.168.10.6 agent 439,2,5 dsr enable } register targets 1,2 enable targets 1,2 //end of configuration Target server setupSetup local loopbacklocal loopback aliases have to be set up on all the targets. Bng agents have to be installed and enabled at startup add the following line to /etc/rc.d/rc.local file, so that they will be added at startupOn internal network's targets in terminal: ifconfig lo:0 10.0.11.120 netmask 255.255.255.255 echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce On external network's targets in terminal: ifconfig lo:0 192.168.10.120 netmask 255.255.255.255
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce bngagentbngagent is a simple udp client loaded on the targets to check the availability of the targets. By default it will check the system load of the targets so that balancer would direct incoming traffic to the target that has lowest load. In addition, with a "-c" option, it can load a customized script that would return a value and bngagent will direct the traffic to target with the lowest return value.Download and compile bng agent: The bngagent sorce code is attatched with this page, named bngagent.c. The already complied executable for centos 5 is also attached (bngaent) To compile bngagent from source, use the following command: gcc -o bngagent bngagent.c The usage information can be obtained by running bngagent without any arguments: #./bngagent $Revision: 1.45 $ bngagent is an open source part of the BalanceNG product Copyright (C) 2005-2007,2008 by Inlab Software GmbH, Gruenwald, Germany All rights reserved - more infos at: http://www.BalanceNG.net usage: server bngagent <options> port request (test) bngagent <options> -r address:port options: -0 return 1 minute load avg (server,default) -1 return 5 minute load avg (server) -2 return 15 minute load avg (server) -f stay in foreground (server) -b <address> specify bind address (both) -c <command> specify command (server) -d enable debug and foreground (both) -t <targetid> specify targetid (request) To start bngagent, run it with arguments and port number, the default port is 439, make sure that communication through this port is allowed by firewall. bngagent 439 The vlaue of target's bngagent output can be checked by - r option ./bngagent -r localhost:439 |
