Implementing Load Balancing

Implementing Load Balancing
This chapter contains the following sections:
• About F5 Load Balancing, page 1
• About the Workflow Task for F5 Application Container Setup, page 2
• F5 Load Balancing Application Container Prerequisites, page 3
• Requirements for Setup of a F5 Load Balancing Application Container, page 3
• About Citrix Netscaler Load Balancing, page 15
About F5 Load Balancing
Cisco UCS Director supports the creation of a Fenced Virtual application container that utilizes F5 load
balancing.
Although load balancing may be quite prevalent in the routing environment, it is also of growing importance
in the virtual networking and VM environment. Server load balancing is a mechanism for distributing traffic
across multiple virtual servers, offering high application and server resource utilization.
Server load balancing (SLB) is the process of deciding to which server a load-balancing device should send
a client request for service. For example, a client request can consist of an HTTP GET for a Web page or an
FTP GET to download a file. The job of the load balancer is to select the server that can successfully fulfill
the client request and do so in the shortest amount of time without overloading either the server or the server
farm as a whole.
Depending on the load-balancing algorithm or predictor that you configure, the Cisco UCS Director performs
a series of checks and calculations to determine the server that can best service each client request. Cisco UCS
Director bases server selection on several factors, including the server with the fewest connections with respect
to load, source or destination address, cookies, URLs, or HTTP headers.
A high-level process flow of load balancing is described below:
1 A client attempts to connect with a service on the load balancer using the Cisco UCS Director F5 Connector.
2 The load balancer accepts the connection.
3 The load balancer decides which host should receive the connection and changes the destination IP address
(or port) in order to match the service of the selected host.
Cisco UCS Director Application Container Guide, Release 5.1
1
Implementing Load Balancing
About the Workflow Task for F5 Application Container Setup
4 The host accepts the load balancer's connection and responds back to the original source, the client (through
its default route), and to the load balancer.
5 The load balancer acquires the return packet from the host and now changes the source IP (or port) to
correspond to the virtual server IP and port, and forwards the packet back to the client.
6 The client receives the return packet assuming it came from the virtual server, and continues the rest of
the process.
Cisco UCS Director enables the management, orchestration, and monitoring of the F5 load balancer. Following
is a summary of the crucial processes:
1 You add the F5 load balancer using Administration > Physical Accounts > Managed Network Element
> Add Network Element.
2 When the F5 load balancer is added to Cisco UCS Director as a managed element, the Cisco UCS
Directortask inventory collection is triggered. The polling interval configured on the System Tasks tab
specifies the frequency of inventory collection.
3 After the F5 is added to the Pod, it is listed with all other components of the pod environment at the account
level. To see the F5 component information, navigate to Physical > Network > Network Managed
Elements.
There are two ways to implement load balancing using an F5 device:
1 Use an iApps (BIG-IP) application service, OR
2 Use Cisco UCS Director to:
• Set up a managed element and
• Create a Pool
• Add pool members
• Create a virtual server
The Cisco UCS Director tasks listed above are documented in detail in the Cisco UCS Director Application
Container Guide.
About the Workflow Task for F5 Application Container Setup
Cisco UCS Director includes an F5 BIG-IP workflow task to aid in connecting to the Load Balancer using
the Workflow Designer. The crucial workflow tasks are listed below:
• Allocate Container VM Resources
• Provision Container - Network
• Provision Container - VM
• Re-Synch Container - VMs
• Setup Container Gateway
• Setup Container F5 Load Balancer
• Send Container Email
Cisco UCS Director Application Container Guide, Release 5.1
2
Implementing Load Balancing
F5 Load Balancing Application Container Prerequisites
Note
Only the task titled "Setup Container F5 Load Balancer" is unique in this F5 workflow. This F5 task was
recently added to the Cisco UCS Director container support. The other tasks already existed, and are used
in other workflows. Two additional workflows that aid in the construction of load balancing application
containers are Fenced Container Setup - ASA Gateway and Fenced Container Setup.
Documentation for the entire Application Container Setup Workflow, including setup of the container for the
F5 load balancer, is provided in the Cisco UCS Director Application Container Guide. See the link to this
publication in http://www.cisco.com/c/en/us/support/servers-unified-computing/ucs-director/
products-installation-and-configuration-guides-list.html.
F5 Load Balancing Application Container Prerequisites
You must complete the following tasks before you can create and implement an F5 Load Balancing Application
Container within Cisco UCS Director.
• Fenced Container Setup
• Fenced Container Setup - ASA Gateway
Tip
The Setup Container Load Balancer task is provided to create the application service manually. This task
is integrated with the Fenced Container Setup-ASA Gateway task to create an F5 load balancing application
container.
Requirements for Setup of a F5 Load Balancing Application
Container
Cisco UCS Director can create an application container that provides the F5 load balancing properties to the
contained VMs. The Cisco UCS Director process workflow is summarized below:
1 Create a load balancing policy
2 Add a network element
3 Create a virtual infrastructure policy
4 Create a tiered application gateway policies
5 Create a container template
6 Create a container
F5 Big IP Network Settings Limitations
You have to configure the required network settings in the gateway as well as in F5 Big IP device manually.
Cisco UCS Director Application Container Guide, Release 5.1
3
Implementing Load Balancing
Adding a Network Element
Configuring the VLAN and NAT settings in the gateway, as well related network settings in F5 device,
cannot be configured using Cisco UCS Director as part of F5 application container support. This particular
automation process will be addressed in an upcoming release of Cisco UCS Director.
Note
Adding a Network Element
In order to create a virtual server that will support load balancing, you first have to add a network element in
Cisco UCS Director. Once the F5 load balancer is added as a network element in Cisco UCS Director, it
appears under the Managed Network Element tab.
Before You Begin
You must be logged in to the appliance to complete this task.
Step 1
Step 2
Step 3
Step 4
On the menu bar, choose Administration > Physical Accounts.
Choose the Managed Network Elements tab.
Click Add Network Element.
In the Add Network Element dialog box, complete the following fields:
Name
Description
Pod drop-down list
Choose the pod to which the network element belongs.
Device Category drop-down list
Choose the device category for this network element. For
example, F5 Load Balancer.
Device IP field
The IP address for this device.
Protocol drop-down list
Choose the protocol to be used. The list may include the
following:
• telnet
• ssh
• http
• https
Note
Port field
The port to use.
Login field
The login name.
Password field
The password associated with the login name.
Cisco UCS Director Application Container Guide, Release 5.1
4
When working with an F5 load balancer device,
http and https are the only valid selections.
Implementing Load Balancing
Adding a F5 Load Balancing Policy
Step 5
Click Submit.
When the F5 Load Balancer is added, the system task inventory collection is triggered. The polling interval
configured on the System Tasks tab specifies the frequency of inventory collection.
What to Do Next
To make changes to a virtual server, choose the server, then click the Modify button. To remove a virtual
server, choose the server, then click theDelete button.
Adding a F5 Load Balancing Policy
Step 1
Step 2
Step 3
Step 4
On the menu bar, choose Policies > Application Containers.
Click the F5 Load Balancer Policies tab.
Click (+) Add Policy.
In the Add F5 Load Balancer Policy screen , complete the following fields:
Table 1:
Step 5
Step 6
Step 7
Name
Description
Policy Name field
The name you assign to an F5 load balancer application
policy.
Policy Description field
A description of this policy.
Load Balancer Account Type drop-down list
Choose Physical.
Select F5 Account drop-down list
Choose a F5 load balancer account from the available list.
Click Select.
Click Next.
Click Submit.
What to Do Next
Create a virtual infrastructure policy.
Cisco UCS Director Application Container Guide, Release 5.1
5
Implementing Load Balancing
Adding a F5 Load Balancing Virtual Infrastructure Policy
Adding a F5 Load Balancing Virtual Infrastructure Policy
Step 1
Step 2
From the menu bar, choose Policies > Application Containers.
Click the Virtual Infrastructure Policies tab.
Step 3
Step 4
Click (+) Add Policy.
In the Virtual Infrastructure Policy Specification pane, complete the following:
Table 2:
Step 5
Step 6
Name
Description
Template Name field
A unique name for the policy.
Template Description field
A description of this policy.
Container Type drop-down list
Choose a container type. Select Fenced Virtual for a load
balancing application container.
Select Virtual Account drop-down list
Choose a virtual account.
Click Next.
In the Virtual Infrastructure Policy - Fencing Gateway pane, complete the following:
Table 3:
Step 7
Step 8
Name
Description
Gateway Required check box
If checked, let's you configure your gateway configuration.
Otherwise, click Next.
Select Gateway Policy drop-down list
If the Gateway Required check box is checked, lets you
assign a gateway policy.
Click Next.
In the Virtual Infrastructure Policy - Fencing Load Balancing pane, complete the following:
Table 4:
Name
Description
F5 Load Balancer Requiredcheck box
If checked, requires the F5 load balancer to be used for this
container.
Cisco UCS Director Application Container Guide, Release 5.1
6
Implementing Load Balancing
Creating a Tiered Application Gateway Policy
Step 9
Step 10
Name
Description
Select F5 Load Balancer Policy drop-down list
Choose a load balancing policy required for this container.
Click Next.
Click Submit.
What to Do Next
Configure the Tiered Application Gateway Policies.
Creating a Tiered Application Gateway Policy
Step 1
Step 2
Step 3
Step 4
On the menu bar, choose Policies > Application Containers.
Click the Tiered Applications Gateway Policies tab.
Click (+) Add Policy.
In the Application Container Gateway Policy screen , complete the following fields:
Table 5:
Step 5
Step 6
Name
Description
Policy Name field
The name you assign to an F5 load balancer tiered
application gateway policy.
Policy Description field
A description of this policy.
Gateway Type drop-down list
Choose a gateway type.
Select Virtual Account drop-down list
Choose a cloud account to deploy the container.
Click Next.
In the Application Container Gateway Policy screen , complete the following fields for the Linux gateway selection
(if applicable):
Table 6:
Name
Description
VM Image for the Gateway drop-down list
The name you assign to an F5 load balancer tiered
application gateway policy.
Cisco UCS Director Application Container Guide, Release 5.1
7
Implementing Load Balancing
Creating a Tiered Application Gateway Policy
Step 7
Name
Description
Number of Virtul CPUs field
A description of this policy.
Memory drop-down list
Choose a gateway type.
CPU Reservation in MHz field
Choose a cloud account to deploy the container.
Memory Reservation in MB field
Memory reservation in MB.
Root Login for the Template field
The root login for the template.
Root password for the Template field
The root password for the template.
Gateway Password Sharing Option drop-down list
If and how to share the root password for the gateway VM
with end users.
In the Application Container Gateway Policy screen , complete the following fields for the Cisco ASA (if applicable)
selection:
Table 7:
Step 8
Name
Description
Select Device drop-down list
Choose a device.
Outside Interfacedrop-down list
The outside interface name to apply to the context.
Outside Interface IP Address field
The outside interface IP address.
Outside Interface VLAN ID field
The name associated to the outside VLAN ID.
Inside Interface drop-down list
Choose an inside interface.
In the Application Container Gateway Policy screen , complete the following fields for the Cisco ASAv (if applicable)
selection:
Table 8:
Name
Description
ASAv OVF drop-down list
Choose a device.
ASAv Policydrop-down list
The outside interface name to apply to the context.
Outside Interface drop-down list
Choose an outside interface.
Cisco UCS Director Application Container Guide, Release 5.1
8
Implementing Load Balancing
Creating an Application Container Template
Step 9
Step 10
Name
Description
Inside Interface drop-down list
Choose an inside interface.
Click Next.
Click Submit.
Creating an Application Container Template
Note
This procedure does not create an updating template. If you change templates, it is applied only to the
newly created containers from that template. With this template you can create application containers for
use in a variety of networks (including DFA Networks).
Before You Begin
Creating an application container policy.
Step 1
Step 2
Step 3
Step 4
Step 5
On the menu bar, choose Policies > Application Containers.
Click the Application Container Templates tab.
Click Add Template. The Application Container Template screen appears. Complete the following fields:
Name
Description
Template Name field
The name of the new template.
Template Description field
The description of the template.
Click Next.
The Application Container Template - Select a Virtual infrastructure policy screen appears. Complete the following
selection:
Name
Description
Select Virtual Infrastructure Policy Choose a policy to deploy the container.
drop-down list
Note
Select a policy that supports load balancing (future wizard screens are
then populated with applicable load balancing information).
Step 6
Click Next. The Application Container: Template - Internal Networks screen appears.
Cisco UCS Director Application Container Guide, Release 5.1
9
Implementing Load Balancing
Creating an Application Container Template
You can add and configure multiple networks for a container. These networks are applicable to the VM that is provisioned
using this template.
Step 7
Click the (+) Add icon to add a network. The Add Entry to Networks dialog box appears. Complete the following
fields:
Name
Description
Dynamic Fabric Network check box
If checked, enables the application container for use in Digital Fabric
Automation Networks.
Network Name field
The network name. The name should be unique within the container.
Fabric Account drop-down list
Choose a fabric account.
Network IP Address field
The network IP address for the container.
Network Mask
The network mask.
field
Gateway IP Address field
The IP address of the default gateway for the network. A NIC with
this IP is created on the GW VM.
field
Step 8
Click Submit.
Next, you can add and configure the VM that will be provisioned in the application container.
Step 9
Step 10
Click OK.
Click the Add (+) icon to add a VM. The Add Entry to Virtual Machines screen appears. Complete the following
fields:
Name
Description
VM Name field
The VM name.
Description field
The description of the VM.
VM Image drop-down list
Choose the image to be deployed.
Number of Virtual CPUs
drop-down list
Choose the network mask.
Memory drop-down list
Choose the IP address of the default gateway for the network.
CPU Reservation (MHz) field
The CPU reservation for the VM.
Memory Reservation (MB) field
The memory reservation for the VM.
Disk Size (GB) field
The custom disk size for the VM. To use the template disk size specify the value
of 0. The specified disk size overrides the disk size of the selected image.
Cisco UCS Director Application Container Guide, Release 5.1
10
Implementing Load Balancing
Creating an Application Container Template
Step 11
Step 12
Name
Description
VM Password Sharing Option
drop-down list
Choose an option on how to share the VM's username and password with the
end users. If Share after password reset or Share template credentials is
chosen, the end user needs to specify a username and password for the chosen
templates.
VM Network Interface field
Choose the VM network interface information. If you are adding another network
interface, go to Step 9.
Maximum Quality field
States the maximum number of instances that can be added in this container after
it is created.
Initial Quality field
States the number of VM instances to provision when the container is created.
Click Next.
(Optional) Click the Add (+) icon to add a new (multiple) VM network interface. Complete the following fields:
Name
Description
VM Network Interface Name field The name of the VM network interface.
Step 13
Select the Network drop-down list
Choose a network.
IP Address field
The IP address of the network.
In the Application Container Template - F5 Application Service screen, complete the following fields:
Name
Description
Application Service Name field
The name of the application service.
Template field
Choose a network.
IP Address field
The IP address of the network.
Virtual Server IP field
IP address of the virtual server.
Virtual Server Port field
Port used on the virtual server.
FQDN names of Virtual Server field Name of the FQDN virtual server.
Note
Separate each FQDN name with a
comma.
Cisco UCS Director Application Container Guide, Release 5.1
11
Implementing Load Balancing
Creating an Application Container Template
Name
Description
Nodes List
Select a node form the Nodes list and click Submit. If a node that you want to
associate with the Virtual Server does not appear in the Nodes list:
• Click + to add it. The Add Entry to Nodes list dialog box appears.
• Provide the Node IP address, the port, and the connection limit; then click
Submit.
Step 14
Step 15
Click Next.
Click Next. The Application Container Template - Deployment Policies screen appears.
You must select the compute, storage, network, system policy, and cost model required for VM provisioning. A policy
is a group of rules that determine where and how a new VM is to be provisioned within an application container (based
on the availability of system resources).
• The network policy is used only to deploy the outside interface of the virtual firewall (container gateway).
• The selected Portgroup in Network Policy should be on the host on which the Gateway VM is provisioned.
• The network policy can use either a Static IP Pool or DHCP. However, for container type VSG the network policy
should use a Static IP Pool only. The VSG VM requires IP addresses as input. There is no current provision to
specify DHCP for deploying a VSG VM.
• The network adapter settings for a provisioned VM (container gateway) should be similar to the settings in the
template. You may or may not have to check the Copy Adapter from Template check box in the network policy
used for this application container.
Complete the following fields:
Step 16
Name
Description
Compute Policy drop-down list
Choose a computer policy.
Storage Policy drop-down list
Choose a storage policy.
Network Policy drop-down list
Choose a network policy.
Systems Policy drop-down list
Choose a systems policy.
Cost Model drop-down list
Choose a cost model.
Click Next. The Application Container: Template - Options screen appears.
In this page, you can select options to enable or disable certain privileges to the self-service end user.
Complete the following fields:
Name
Description
Enable Self-Service Power
Management of VMs checkbox
If checked, enables self-service power management of VMs.
Cisco UCS Director Application Container Guide, Release 5.1
12
Implementing Load Balancing
Creating an Application Container Using a Template
Name
Description
Enable Self-Service Resizing of
VMs checkbox
If checked, enables self-service resizing of VMs.
Enable Self-Service VM Snapshot If checked, enables self-service VM snapshot management.
Management checkbox
Enable VNC Based Console Access If checked, enables self-service VNC based console access.
checkbox
Step 17
Step 18
Step 19
Enable Self-Service Deletion of
Containers checkbox
If checked, enables self-deletion of containers.
Technical Support Email
Addresses field
The technical support email address. A detailed technical email is sent to one or
more email addresses entered into this field after a container is deployed.
Click Next. The Application Container: Template - Setup Workflows screen appears. Complete the following field:
Name
Description
Container Setup Workflow
drop-down list
Choose a workflow to establish the application container.
Click Next to complete the creation of the application container template and review the Summary screen.
Note
Notice the inclusion of a Load Balancing Criteria Summary
entry.
Click Submit.
Creating an Application Container Using a Template
Once you create a application container template you can use the template administrator to create other
application containers. If you want to create a template for use in a VSG environment, see Creating an
Application Template for a VSG.
Cisco UCS Director Application Container Guide, Release 5.1
13
Implementing Load Balancing
Creating an Application Container Using a Template
Note
Step 1
Step 2
Step 3
Step 4
Step 5
An application container must use a unique VLAN for its own network. There can be no other port group
on (VMware) vCenter using it.
Choose Policies > Application Containers.
Click the Application Container Templates tab.
Choose a template.
Click Create Container.
In the Create container from template dialog box, complete the following fields:
Name
Description
Container Name drop-down list
The name of the container. This name must be unique.
Container Label field
The label for the container.
Group drop-down list
Choose a user group.
Tenant drop-down list
Choose a tenant.
Step 6
Click Submit. The Submit Result dialog box appears.
Note
Remember to make a note of the service request presented in the Submit Result prompt.
Step 7
Click OK.
Note
You can view the progress of the container being created by viewing the details of the service request.
Step 8
Click the Application Containers tab.
The new container appears in the Application Containers pane.
Cisco UCS Director Application Container Guide, Release 5.1
14
Implementing Load Balancing
Initiating a Service Request
Initiating a Service Request
Note
Load Balancing is only supported on Fenced Virtual Containers.
Step 1
Step 2
Step 3
Step 4
Step 5
On the menu bar, choose Organization >Service Request.
Click on the Advanced Filter button (far right side of interface).
Choose Request Type from the Search drop-down list.
Enter Advanced in the Test field.
Click Search.
Step 6
Click the Fenced Container Setup workflow.
About Citrix Netscaler Load Balancing
Cisco UCS Director allows for the creation of application containers that utilize Citrix Netscaler load balancers.
The example in this section uses a ASAv gateway. The entire process is summarized below:
• Create a tiered application gateway policy (with ASAv defined as the gateway type)
• Create a Virtual Infrastructure Policy (referring to the previously gateway policy)
• Create an application container template using a virtual infrastructure policy (referring to the previously
created policy)
• Create an application container from a template
Also, once an application container is created you can change the container configuration to use a different
gateway and load balancer.
Cisco UCS Director Application Container Guide, Release 5.1
15
Implementing Load Balancing
About Citrix Netscaler Load Balancing
Cisco UCS Director Application Container Guide, Release 5.1
16