Load Balancer Introduction
Overview
Octavia is a scalable, operator-managed Layer 4-7 Load Balancer as a Service (LBaaS) for UNIQCloud. It provides key features to distribute incoming traffic across multiple backend instances:
- High Availability (HA): Active/standby or active/active configurations.
- Session Persistence: Ensures client requests are routed to the same backend server.
- Multiple Load Balancing Algorithms: Round Robin, Least Connections, Source IP, etc.
- Listener Types: Supports TCP, HTTP, HTTPS, and TERMINATED_HTTPS.
- Health Monitoring: Continuous probes to check backend server health.
CLIENT IP PASS-THROUGH (PROXY PROTOCOL)
To ensure the client IP address is passed through to the backend servers, you must configure the PROXY protocol (v2) on the listener. This is critical for applications that rely on the client's IP for logging, security, or session persistence.
Note that the backend servers must also be configured to parse the PROXY protocol header to extract the client IP.
Configuration Options
1. Session Persistence
Session persistence ensures that requests from the same client are always routed to the same backend server. The following types are supported:
- SOURCE_IP: Persistence based on the client's source IP address.
- HTTP_COOKIE: Persistence using HTTP cookies.
- APP_COOKIE: Persistence using application cookies.
Example: Enable Session Persistence for a Pool
openstack loadbalancer pool create \
--name my-pool \
--lb-algorithm ROUND_ROBIN \
--listener <listener-id> \
--protocol HTTP \
--session-persistence type=SOURCE_IP
2. High Availability (HA)
The Load Balancer supports active/standby and active/active HA configurations. HA is enabled by default for most deployments.
Example: Create an HA Load Balancer
openstack loadbalancer create \
--name my-ha-lb \
--vip-subnet-id <subnet-id> \
--provider octavia \
--availability-zone nova
3. Load Balancing Algorithms
The following algorithms are supported for distributing traffic among backend servers:
| Algorithm | Description |
|---|---|
| ROUND_ROBIN | Distributes requests sequentially across the backend servers. |
| LEAST_CONNECTIONS | Sends requests to the backend server with the fewest active connections. |
| SOURCE_IP | Uses a hash of the client's source IP to determine the backend server. |
| URI | Uses a hash of the request URI to determine the backend server. |
| HTTP_HEADER | Uses a hash of a specified HTTP header to determine the backend server. |
Example: Set Algorithm for a Pool
openstack loadbalancer pool create \
--name my-pool \
--lb-algorithm LEAST_CONNECTIONS \
--listener <listener-id> \
--protocol HTTP
4. Listener Types
A listener defines the port and protocol for incoming traffic to the load balancer. The following listener types are supported:
| Listener Type | Protocol | Port | Use Case |
|---|---|---|---|
| TCP | TCP | Any | Generic TCP load balancing (databases, custom applications). |
| HTTP | HTTP | 80 | Web traffic without encryption. |
| HTTPS | HTTPS | 443 | Encrypted web traffic (end-to-end encryption). |
| TERMINATED_HTTPS | HTTPS | 443 | Encrypted web traffic where the load balancer terminates SSL/TLS. |
| UDP | UDP | Any | UDP-based applications (DNS, VoIP). |
Example: Create a Listener
# Create an HTTP listener
openstack loadbalancer listener create \
--name my-http-listener \
--protocol HTTP \
--protocol-port 80 \
--loadbalancer <lb-id>
# Create a TERMINATED_HTTPS listener (SSL termination)
openstack loadbalancer listener create \
--name my-https-listener \
--protocol TERMINATED_HTTPS \
--protocol-port 443 \
--loadbalancer <lb-id> \
--default-tls-container-ref <tls-container-id>
5. PROXY Protocol (v2) Configuration
To ensure the client IP address is passed through to backend servers, configure the PROXY protocol (v2) on the listener:
openstack loadbalancer listener set \
--proxy-protocol \
<listener-id>
Complete Management Lifecycle
Create a Load Balancer with HTTP Listener and Pool
# Step 1: Create a load balancer
openstack loadbalancer create \
--name my-lb \
--vip-subnet-id <subnet-id> \
--provider octavia
# Step 2: Create an HTTP listener with PROXYv2 enabled
openstack loadbalancer listener create \
--name my-http-listener \
--protocol HTTP \
--protocol-port 80 \
--loadbalancer <lb-id>
openstack loadbalancer listener set \
--proxy-protocol \
<listener-id>
# Step 3: Create a pool with ROUND_ROBIN algorithm
openstack loadbalancer pool create \
--name my-pool \
--lb-algorithm ROUND_ROBIN \
--listener <listener-id> \
--protocol HTTP
# Step 4: Add backend servers (members) to the pool
openstack loadbalancer member create \
--name member1 \
--address <server-ip-1> \
--protocol-port 80 \
--subnet-id <subnet-id> \
--pool <pool-id>
openstack loadbalancer member create \
--name member2 \
--address <server-ip-2> \
--protocol-port 80 \
--subnet-id <subnet-id> \
--pool <pool-id>
# Step 5: Enable session persistence for the pool
openstack loadbalancer pool set \
--session-persistence type=SOURCE_IP \
<pool-id>
Delete a Load Balancer and Its Resources
# Step 1: Delete members from the pool
openstack loadbalancer member delete <member-id-1>
openstack loadbalancer member delete <member-id-2>
# Step 2: Delete the pool
openstack loadbalancer pool delete <pool-id>
# Step 3: Delete the listener
openstack loadbalancer listener delete <listener-id>
# Step 4: Delete the load balancer
openstack loadbalancer delete <lb-id>
# Alternative: Force delete a load balancer and all cascading resources
openstack loadbalancer delete --cascade <lb-id>
CLI Querying & Troubleshooting
Use the following table to debug common issues with Load Balancer instances:
| Issue | Possible Cause | Solution |
|---|---|---|
Load balancer stuck in PENDING_CREATE | Insufficient resources or network issues | Check logs and ensure sufficient quotas. |
| Listener fails to create | Invalid protocol or port | Verify the protocol and port are supported. |
| Backend servers not receiving traffic | Incorrect member configuration | Check member IPs, ports, and security groups. |
| Session persistence not working | Misconfigured persistence type | Verify the persistence type and backend support. |
| Client IP not visible to backend | PROXY protocol not enabled | Enable PROXYv2 on the listener and configure backend to parse it. |
# List all load balancers
openstack loadbalancer list
# Show details of a specific load balancer
openstack loadbalancer show <lb-id>