osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anyone using LB to solve Console Proxy DNS..


Hi Dag,

sorry for being a noob - but if you have 1000 (even 200 only) Public IPs,
do you have some special option (on your special LB)  to add :backend/proxy
target in a form of a CIDR range, or you need, like in HaProxy to make 1000
lines with 1000 possible server backedns... ?

Sorry for boring details, just trying to understand how you do it (pre 4.11
obviously) when you have a ton of public IPs...

Thx

On 11 May 2018 at 00:10, Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx> wrote:

> Hi Andrija,
>
> We use your second option – “create a LB (single public IP and thus single
> DNS A entry), BUT do loadbalancing on top of 1000 backend public IPs”.
> This depends on which load balancer you use and what functions this has
> available – but in our case, we simple set up the full public range as
> possible load balancer targets, with health checks that simply determine
> which IP addresses actually host a CPVM.
>
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
> On 10/05/2018, 22:48, "Andrija Panic" <andrija.panic@xxxxxxxxx> wrote:
>
>     Hi Rohit,
>
>     thx a lot for sharing that - here, if I understand correctly, you
> relly on
>     the static IP (range) for the systemVM (4.11) - right - and then use
> LB on
>     top of that...
>
>     But any viable solution for pre-4.11 releases, where CPVM can get any
> of
>     the public IPs - LB is possible but even worse than DNS wildcard
> (because
>     infinite backends / proxy targets) since we have bunch of possible
> public
>     IP that systemVM can get...
>
>     Thx again
>     Andrija
>
>
> Dag.Sonstebo@xxxxxxxxxxxxx
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>
>
>
> On 9 May 2018 at 18:45, Rohit Yadav <rohit.yadav@xxxxxxxxxxxxx> wrote:
>
>     > Hi Andrija,
>     >
>     >
>     > I'm running a small CI/homelab where I've solved the console proxy
> access
>     > using `consoleproxy.url.domain` global setting to fill in a
> non-wildcard
>     > domain like lab.yadav.cloud.
>     >
>     >
>     > Next, on the server I use apache2 which can be thought as some LB,
> as it
>     > proxies the request on: /aa
>     >
>     >
>     >         ProxyPass /ajax http://<console proxy ip:port>/ajax
>     >         ProxyPassReverse /ajax http://<console<http://%3Cconsole/>
> proxy
>     > ip:port>/ajax
>     >
>     >         ProxyPass /ajaximg http://<console<http://%3Cconsole/> proxy
>     > ip:port>/ajaximg
>     >         ProxyPassReverse /ajaximg http://<console<http://%
> 3Cconsole/>
>     > proxy ip:port>/ajaximg
>     >
>     >         ProxyPass /resource http://<console<http://%3Cconsole/>
> proxy
>     > ip:port>/resource
>     >         ProxyPassReverse /resource http://<console<http://%
> 3Cconsole/>
>     > proxy ip:port>/resource
>     >
>     > For any guest VM, I get to access the console proxy via the same
> domain as
>     > the mgmt server which proxies to the CPVM IP. In 4.11 there is also
> a new
>     > option to dedicate a public IP (range) to systemvms in a way could be
>     > useful to fix public IP - dns mapping.
>     >
>     >
>     > For this to work, on 4.11 I made this change:
>     >
>     > https://github.com/apache/cloudstack/commit/
> 392f62dae0f59b3b00437d61ab8cee
>     > 0ebfb9e60a
>     >
>     >
>     > - Rohit
>     >
>     > <https://cloudstack.apache.org>
>     >
>     >
>     >
>     > ________________________________
>     > From: Andrija Panic <andrija.panic@xxxxxxxxx>
>     > Sent: Sunday, May 6, 2018 4:10:24 AM
>     > To: users
>     > Subject: Anyone using LB to solve Console Proxy DNS..
>     >
>     > Hi,
>     >
>     > instead of using DNS A records in form x-y-w-z.domain.com -->
> x.y.w.zz,
>     > there is another way as stated in CWIKI to fix an IP/A record in DNS
> that
>     > will point to single public IP of the LB, and this LB should do
>     > loadbalancing across all public IPs that could be potentially
> assigned to
>     > CPVM... or something like that..
>     >
>     > Anyone using it, and care to share LB setup - specifically I would
> like to
>     > know if I understand the requirement above ^^^  - to do LB on top of
> many
>     > public IPS..
>     >
>     > Example:
>     > I have more than 1000 public IPs and CPVM can in theory get ANY of
> these
>     > 1000 IPs, so here solution is to either:
>     >
>     > - create 1000 DNS A records in from x-y-w-z.domain.com and access
> CPVM by
>     > some of those 1000 A records..
>     > - create a LB (single public IP and thus single DNS A entry), BUT do
>     > loadbalancing on top of 1000 backend public IPs...
>     >
>     > Not sure which solution is worse to be honest, but I currently use
> the
>     > first one :) on a dedicated domain for Console Proxy... although
> when CPVM
>     > is destroyed, the same public IP is usually recycled, so it mostly
> keeps
>     > the same always...
>     >
>     > Thx for any opinions.
>     >
>     > --
>     >
>     > Andrija Panić
>     >
>     > rohit.yadav@xxxxxxxxxxxxx
>     > www.shapeblue.com
>     > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>     > @shapeblue
>     >
>     >
>     >
>     >
>
>
>     --
>
>     Andrija Panić
>
>
>


-- 

Andrija Panić