Revision as of 20:54, November 9, 2016 by Sschlich (talk | contribs)
Jump to: navigation, search

Setting up the Load Balancer in a Multi-tenant Environment

Overview and Architecture

The solution uses a common Linux HA framework from http://clusterlabs.org. There are two components involved in this solution:

  • Cman uses corosync internally to provide a platform for membership, messaging, and quorum among the hosts.
  • Pacemaker is a cluster resource manager that controls where resources (processes) are executed. Pacemaker works with the processes like Apache httpd using resource agents to provide controls of the process such as start/stop/status.

The following diagram shows a primary/backup design to associate a single virtual IP address with httpd. Whenever the primary host fails, the virtual IP address and the httpd process can be automatically fail over to the backup host.

Gir-loadbalance.png

As a simple two host primary/backup solution, the hosts must be deployed on the same subnet that allows UDP multicast. This solution provides the same reliability as a network that hosts the two machines handling the virtual IP address.

Deploying the Load Balancer

Important
For load balancers used for Recording Processors, warm standby functionality must be disabled.

Prerequisites

  • Red Hat Enterprise Linux 6.
Tip
Network Manager can be enabled as part of the OS installation. To disable Network Manager, see Red Hat documentation.

Installing the OS

Install the required software using the following command: 

yum -y install httpd pacemaker cman pcs ccs resource-agents


Please note that any URL setup for the various GIR components described in the Multi-Tenant Deployment should now point to the respective loadbalancer URLs, e.g. 

RP url : <loadbalancer URL> t1/rp/api 
      / 
htcc.baseurl should point to the RWS loadbalancer url: <loadbalancer URL>/t1 
rcs.base_uri should point to <loadbalancer URL>/t1/rcs
Important
Only GIR releases post-8.5.210.02 with WDE support multi-tenancy.

Follow the instructions on this page and for each tenant create a separate/etc/httpd/conf.d/loadbalancer_tenantN.conf file.

In addition, provide each tenant with a separate balancer rule, ProxyPass and the following URI conventions:

  • Interaction Recording Web Services
  • http://loadbalancer/t1/api
  • http://loadbalancer/t1/internal-api
  • Recording Processor
  • http://loadbalancer/t1/rp
  • Recording Crypto Server
  • http://loadbalancer/t1/rcs
  • Interaction Receiver
  • http://loadbalancer/t1/interactionreceiver
  • WebDAV Server
  • http://loadbalancer/t1/webdav

On both servers, create the following files:

  • Create /etc/httpd/conf.d/serverstatus.conf and add the following text:

<Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from 127.0.0.1 </Location>

  • For each tenant, create /etc/httpd/conf.d/loadbalancer_tenantN.conf, and add the following text:

Important If your existing configuration already includes the loadbalancer rules in the /etc/httpd/conf/httpd.conf, skip this step.

The following lines starting with BalancerMember refer to the URL to the servers for Interaction Recording Web Services, Recording Processor, Recording Crypto Server, Interaction Receiver, and WebDAV server.

Provide each tenant with a separate balancer rule, ProxyPass and the following URI conventions:

loadbalancer_tenantN.conf
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED 
# Interaction Recording Web Services for tenant 1 <Proxy balancer://t1rws> BalancerMember http://t1rws1:8080  route=T1RWS1 BalancerMember http://t1rws2:8080 route=T1RWS2 BalancerMember http://t1rws3:8080  route=T1RWS3 ProxySet stickysession=ROUTEID </Proxy> ProxyPass /t1/api balancer://t1rws/api ProxyPass /t1/internal-api balancer://t1rws/internal-api 
# RP for tenant 1 <Proxy balancer://t1rp> BalancerMember http://t1rp1:8889 BalancerMember http://t1rp2:8889 </Proxy> ProxyPass /t1/rp/api balancer://t1rp/api 
# RCS for tenant 1 <Proxy balancer://t1rcs> BalancerMember http://t1rcs1:8008 connectiontimeout=10000ms route=T1RCS1 BalancerMember http://t1rcs2:8008 connectiontimeout=10000ms route=T1RCS2 </Proxy> ProxyPass /t1/rcs balancer://t1rcs/rcs stickysession=JSESSIONID ProxyPassReverseCookiePath "/rcs" "/t1/rcs" 
# Interaction Receiver for tenant 1 <Proxy balancer://t1sm> BalancerMember http://t1ir1 BalancerMember http://t1ir2 </Proxy> ProxyPass /t1/interactionreceiver balancer://t1sm/interactionreceiver 
# WebDAV for tenant 1 <Proxy balancer://t1webdav> BalancerMember http://t1webdav1 BalancerMember http://t1webdav2 status=H </Proxy> ProxyPass /t1/webdav/recordings balancer://t1webdav/recordings ProxyPass /t1/webdav/dest2 balancer://t1webdav/dest2

Multi-Tenant post-release 8.5.210.02 with WDE

Multi-tenant load balancing is supported only by release 8.5.210.02 (or later) with WDE.

Follow the instructions on this page and for each tenant create a separate/etc/httpd/conf.d/loadbalancer_tenantN.conf file.

In addition, provide each tenant with a separate balancer rule, ProxyPass and the following URI conventions:

  • Interaction Recording Web Services
  • http://loadbalancer/t1/api
  • http://loadbalancer/t1/internal-api
  • http://loadbalancer/t1/ui
  • Recording Processor
  • http://loadbalancer/t1/rp
  • Recording Crypto Server
  • http://loadbalancer/t1/rcs
  • Interaction Receiver
  • http://loadbalancer/t1/interactionreceiver
  • WebDAV Server
  • http://loadbalancer/t1/webdav

loadbalancer_tenantN.conf
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/"
env=BALANCER_ROUTE_CHANGED

# Web Server for tenant 1
<Proxy balancer://rws1>
BalancerMember http://rws1:8080 route=RWS1
BalancerMember http://rws2:8080 route=RWS2
BalancerMember http://rws3:8080 route=RWS3
ProxySet stickysession=ROUTEID
</Proxy>
ProxyPass /t1/api balancer://rws1/api
ProxyPass /t1/internal-api balancer://rws1/internal-api
ProxyPass /t1/ui balancer://rws1/ui

# RP for tenant 1
<Proxy balancer://rp1>
BalancerMember http://rp1:8889
BalancerMember http://rp2:8889
</Proxy>
ProxyPass /t1/rp/api balancer://rp1/api

# RCS for tenant 1
<Proxy balancer://rcs1>
BalancerMember http://rcs1:8008 connectiontimeout=10000ms route=RCS
BalancerMember http://rcs2:8008 connectiontimeout=10000ms route=RCS_b
</Proxy>
ProxyPass /t1/rcs balancer://rcs1/rcs stickysession=JSESSIONID

# Interaction Receiver for tenant 1
<Proxy balancer://sm1>
BalancerMember http://ir1
BalancerMember http://ir2 status=H
</Proxy>
ProxyPass /t1/interactionreceiver balancer://sm1/interactionreceiver

# WebDAV for tenant 1
<Proxy balancer://webdav1>
BalancerMember http://webdav1
BalancerMember http://webdav2 status=H
</Proxy>
ProxyPass /t1/webdav/recordings balancer://webdav1/recordings
ProxyPass /t1/webdav/dest2 balancer://webdav1/dest2
Comments or questions about this documentation? Contact us for support!