Load Balancer User Guide

Load Balancer User Guide V1.5 (2015.09) KT

Contents 1.1 Purpose... 3 1.2 Scope... 3 1.3 KT ucloud server load balancing operating method... 3 1.4 Features of load balancer... 4 2 Preparation/Method for load balancer request... 4 2.1 Preparation for product request... 4 2.2 Product request... 6 2.3 Product change... 9 2.4 Product cancellation and deletion... 10 2.5 Service use check... 11 2.6 Request for exclusive load balancer... 14 2.7 Request for SSL load balancer... 15 2.8 Service consulting and error reporting... 18 3 Technical aspects of load balancer... 19 3.1 Method of load balancing... 19 3.2 Features of ucloudbiz load balancer... 20 3.3 Multiport of load balancer IP(VIP)... 20 3.4 TCP OFFLOAD (automatically applied when using HTTP service type)... 21 3.5 How to identify Client IP on server(ex: Apache Web Server)... 23 3.6 HTTP-related load balancer type... 23 4 FAQ on new load balancer... 24

1. Outline This document is to describe how to use load balancing, a supplementary service of KT ucloud server. 1.1 Purpose This document aims to explain how to request, set and execute KT ucloud server s load balancing service on portal to enable to use the service. 1.2 Scope This document describes load distribution on VM by using the supplementary service of load balancing in KT CLOUD environment. The scope of this document is as follows. How to request/cancel and create/delete load balancing How to make setting for load balancing 1.3 KT ucloud server load balancing operating method Load Balancing is a technology to distribute client s request to multiple servers (customer VM) to optimize resource use. Overload is incurred to a restricted number of servers which provide service to multiple clients and it may deteriorate server performance. When receiving a request, KT ucloud server Load Balancing transmits the request to a server which can best handle the client s request by using load distributing technology to prevent bottleneck state.

As shown in the figure, Client goes through VIP to access service. VIP is distributed to Customer Account IP/port(PUBLIC IP/PORT) through preset Load Balancing option. Request distributed to each port reaches each service through virtual router which works as NAT function and it responds to client s request. 1.4 Features of load balancer Item Security Acceptance Service Perfo rman ce Othe rs Feat ure Superb performance in defending SynAttack Load balancer is proper for medium/large size client that requires high performance. Load balance provides HTTP/HTTPS(Bridge)/TCP/FTP load balancing. It realizes web server derating by using TCP Offload (when using HTTP method). It provides Client IP by using http header(x-forwarded-for) (when using HTTP method). 2 Preparation/Method for load balancer request Here is how to make preparation and request for load balancer service. 2.1 Preparation for product request Access http://ucloudbiz.olleh.com and go to Product introduction -> Network -> Load balancer -> Request product. Would you request load balancer service? shows up and then click OK.

Would you request load balancer service? shows up and then click OK.

Preparation for service request completed 2.2 Product request Click cloud console at the top right on the portal.

Click load balancer tab on service tap at bottom left and check load balancer in use and applied server list. Enter load balancer information.

Load balancer creation Check the request detail - Check the request with load balancer s name.

2.3 Product change Select a load balancer to be changed and click change. Enter changed information and make request. Confirm the change and click Request

Product changed completed 2.4 Product cancellation and deletion Select a load balancer to be deleted from list. Click Action and select Delete

Confirm the load balancer to be deleted and click Delete. 2.5 Service use check Service use_network traffic statistics(collected daily)

Service use_alarm history and setting(alarm threshold setting and information on alarm reception) Excessive rate prevented by setting traffic threshold (weekly/monthly traffic-based setting)

Receiver setting upon occurrence of alarm Checking service use rate

2.6 Request for exclusive load balancer Request flat rate system on load balancer list. Service provision progresses through a person in charge of LB after entering basic information. Request for flat rate system is supported when MPX customer s Session is less than 1 million and the customer wants exclusive bandwidth guarantee. (Usage-based system is provided by default.)

2.7 Request for SSL load balancer Create load balancer for SSL. 1. Enter a load balancer name and check duplication. 2. Allocate IP and set LB port. 3. Select LB for SSL.(https) 4. Set load balancer policy. 5. Select an option for how to check server status. 6. Select a server and add it. 7. Put the request. Select SSL authentication certificate menu.

Enter authentication certificate. Click authentication certificate button. 1. Enter a name for authentication certificate as you want and check duplication. 2. Enter domain s personal key using texts with no blank. When entering the authentication certificate with text, the text should not be of any form. If you open the authentication certificate with an editor like wordpad, paste it on notepad to delete its format. 3. Enter the domain s authentication certificate using texts with no blank. 4. Make input using texts with no blank only when there is a medium key. - If the personal key includes password, it should be deleted. #cp www.keywww.key.org ->Backup for original authentication certificate #openssl rsa in www.key out new.key -> Delete password. Apply the authentication certificate to load balancer.

Double click the authentication certificate button. SSL Select the authentication certificate and click apply button.

2.8 Service consulting and error reporting Consulting on ucloud biz products and error reporting is done through phone call and bulletin board. 1) FAQ and manual You can see user manuals and FAQ through FAQ bulletin board and archive of ucloud biz portal s customer center. 2) Phone inquiry You can make inquiry for products through ucloud biz customer center (080-2580-005). 3) Consulting via bulletin board After writing down your inquiry and error situation on KT Cloud Portal s bulletin board, you can see a response for it. Cloud technical expert gives technical support regarding the matter.

3 Technical aspects of load balancer 3.1 Method of load balancing Round robin Round robin performs Load Balancing by sequentially circulating client s request. Least Connection Least Connection executes Load Balancing on client s request by selecting a connection where there is the fewest Active connection of LB(LB) and server(vm1, VM2, VM3).

Hashing(Source IP Hash, Source IP Hash + Port)

Hash conducts load balancing by doing hash based on client s Source IP information and information on Source IP + Port. Hash is mainly used to make a request with the same information be subject to load balancing to the same server. Least response time A method to distribute load to a server with the quickest response. This method can be used only on HTTP service. 3.2 Features of ucloudbiz load balancer Comparison between the existing and the new products Class ificati on Existing load balancer(flat rate system) N e w load balancer(usagebased system) LB. method Monitoring RoundRobin SourceIPHash SourceIPPortHash LeastConnection Client Connection at the moment of looking up server status (UP/DOWN) RoundRobin SourceIPHash SourceIPPortHash LeastConnection LeastResponse Latency(TTFB) of server status lookup (UP/DOWN) Momentary request counts Momentary Client Connection Momentary server Connection Bandwidth used at the moment(mbps) Service type HTTP HTTP TCP HTTS(bridge) HTTPS FTP Bandwidth 100M/300M/500M : provided by portal 1G/3G : provided for exclusive LB Bandwidth used by customer Rate 100M/300M/500M flat rate system LB use : \20 / hour Data throughput : \ 6 / GB - SSL data throughput : \9 / GB Stability Duplex configuration (Active/Standby) Duplex configuration (Active/Standby)

3.3 Multiport of load balancer IP(VIP) Supporting multiport(multiple service ports supported for 1 VIP) As shown in the figure above, there can be multiple service ports (example: 80, 443) to 1 VIP (LB IP) and configuration can be made as follows. When there is a load balancer already requested by a user, a new load balancer can be requested with the same IP/different Port as that of the load balancer IP. Therefore, it enables to use multiple service ports on 1 VIP. 3.4 TCP OFFLOAD (automatically applied when using HTTP service type)

TCP Offload using TCP Multiplexing 1 3-way handshake progresses by LB(Load Balancer) responding to client s TCP request in place of server. 2 Client sends a request for Application. 3 LB creates server and TCP Connection. 4 Client s Application request is transmitted to server. 5 When client s additional request is received and TCP Connection between LB and server is idle, it is reused. 6 Client s multiple requests are processed through Connection between Server and LB. Benefits from using TCP Multiplexing - It optimizes client s every request by giving mutual independence to association between Transport Layer a n d application request(layer7). - It offloads Transport Layer Processing from Server or Cache and consequently, it dramatically reduces CPU user rate of Server. Server setting for TCP Offload (for Aparche2.0 web server user) - Set as KeepAlive On at /etc/httpd/conf/httpd.conf. - Apply the change by re-operating demon after saving. - Setting value changes to improve Aparche2.0 web server s performance (advisory)

Locat ion /etc/httpd/conf/httpd.conf Default value <IfModule prefork.c> StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000 </IfModule> After change <IfModule prefork.c> StartServers 256 MinSpareServers 50 MaxSpareServers 100 ServerLimit 8192 MaxClients 5000 MaxRequestsPerChild 4000 </IfModule>

Server setting for TCP Offload (for IIS 7.0 web server user) 1 Start Management tool IIS administrator Local PC POP Down Site folder Default Web Site 2 Http response header (top right) General header setting Check Keep HTTP connection and confirm. 3.5 How to identify Client IP on server(ex: Apache Web Server) Realized by automatically inserting client IP to HTTP header when selecting HTTP Service type User can identify it by changing %h format of apache2.conf file on web server (ex:apche2) to %{X-Forwarded-For} 3.6 HTTP-related load balancer type Screen to put request on portal

Use of each load balancer type - http: LB distributes http packet to web server. - https(bridge): LB distributes http security packet as it is. - https: LB decodes security packet with http packet and then processes distribution. Features of each load balancer type 4 FAQ on new load balancer I m using the existing load balancer model. How can I do migration to the newly released usage-based load balancer? Ucloudbiz customer is offering service with load balancer IP by using domain, migration can be conducted without suspension by using the domain in use.

1. Adjust TTL of currently used domain based on service feature (time period to retain connection) and migration schedule. 2. Make a request for usage-based load balancer. 3. Change IP registered on currently used domain. (Existing load balancer IP New load balancer IP) 4. After the traffic is entirely converted to the new load balancer, delete the existing load balancer. Domain TTL and registered IP change on number 1 and 4 can be applied at a place where you purchased the domain or on domain server you own. When service s user connection does not exceed 24 hours and TTL of the currently used domain is 24 hours, it takes 24 hours to do migration.) * applicable to TTL portal when using ucloudbizgslb How can I register the applied server on the new load balancer? I cannot see my server on the applied server. Ucloud server subject to port forwarding can only be registered as an applied server on load balancer. Server s port forwarding was set on load balancer but now, server s port forwarding can be made on ucloud server s network tab only and server which is subject to port forwarding with approved IP can only be applied on the load balancer tab.