This page is dedicated to track operator's data on how users utilize load balancing. What their deployments/configurations look like.
- 1 Uses cases
- 1.1 SSL Termination
- 1.2 L7 Scriptability
- 1.3 High Availability
- 1.4 Service VMs
- 1.5 Health Monitor
- 1.6 Stats
- 1.7 Pool Members
- 1.8 Connection Rate Limiting
- 1.9 Vendor Passthrough
- 1.10 User priorities
- 1.11 Integration with Metering
- 1.12 Monitoring
- 1.13 Feature Requests
This has already been proposed and in the process of being accepted. Neutron/LBaaS/SSL.
Ability to upload and apply the SSL certificates to VIP.
Define a flexible API which allows for L7 Scripting.
- Ability to insert Certificate Information into HTTP Headers.
- SSL client authentication with OCSP (Online Certificate Status Protocol).
Ability to define an active/active or active/standby cluster of load balancers. This will be realized differently depending on the backend driver. For example Citrix implements this with a middlewear API server [| Netscaler Control Center].
Ability to find whether Loadbalancer is configured as HA Pair, If HA, need a way to find Active LB and apply changes only on it first and on successful completion, sync configuration to Stand-by LB
Would it make sense to take advantage of these blueprints as it relates to LBaaS?
Health Monitor for DNS (Current requirement page lists only HTTP/HTTPS/TCP/ICMP etc)
Stats for each pool associated with the VIP as well as aggregated stats.
Ability to list vip, service groups and servers with their status (UP/Down etc)
Service Down Page / Backup Server(s)
The ability to mark a member or members as backups to be used only when all other pool members are down. (https://bugs.launchpad.net/neutron/+bug/1241759) This lets you setup an "apology" server.
Note: If the need is for an "apology" message where all servers are down, than this should be the requirement. A backup server is one way to implement it This should also be a "tenant" requirement.
kfox1111 - For our use case, the apology server would be too complicated to be just an apology feature of the load balancer I think. Differnet parts of the server need different pages. But I can see for simple use cases, being able to load a couple of files (css,html,image) into lbaas and have it deal with apology itself might be nice. Another use case is apology ssh servers. I want to set up a ssh server with a banner saying things are down and not permitting login. Probably a feature that should not be provided by the load balancer then?
Connection Rate Limiting
Ability to define and apply connection rate-limit per vip, vip port, individual server/server-port with option to set actions like drop, log etc.
Ability to define and apply maximum allowed connection to a vip or server (eg: conn-limit in A10)
Will there always be a standardized API no matter which backend driver is used? How do we account for functionality in Netscaler that may not exist in HAProxy (contrived example)?
- kfox1111 - Most useful to us: High Availability, Backup Servers. Least useful Service VM's for load balancing (Our setup has 10gig network nodes and 1 gig compute nodes. haproxy on network nodes therefore greatly pereferable)
Integration with Metering
Usage metering collection
Loadbalancer are monitored to make sure they work
- Ability to define Source NAT (define nat-pool etc.) and to apply nat-pool to VIP
- TCP and UDP session idle-timeout options and ability to apply this to VIP or Server
- Ability to upload and apply the SSL certificates to VIP
- Support for other load balancer algorithms (eg: service-least-connection in A10)
- LB statistics and notification to be available for ceilometer
- Option to pass proprietory LB commands to the driver
- Anycast route injection to the upstream router based on overall VIP health. Need a way to pass this option to the driver -- (Priority - High)
- Source IP address transparent to real servers
- Ability to pass any vendor specific data for l2 and l3 dsr