-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add two regions app lb example (#78)
Add two regions app lb example
- Loading branch information
D Schwabe
committed
Sep 6, 2018
1 parent
302084c
commit 1a9bca2
Showing
8 changed files
with
484 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
<html> | ||
<head> | ||
<meta content="text/html; charset=ISO-8859-1" http-equiv="content-type"><title>Home</title> | ||
<link href='https://fonts.googleapis.com/css?family=Poiret One' rel='stylesheet' type='text/css'> | ||
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"> | ||
</head> | ||
<body> | ||
|
||
<div class=container> | ||
<div class=page-header> | ||
<div style="font-family: Poiret One; font-size: 1.5em; letter-spacing: 0.3em;"> | ||
|
||
<?php | ||
echo "<br>"; | ||
echo "<h1> AnyApp (stateless)</h1>"; | ||
echo "<br>"; | ||
echo "Backend server: "; | ||
echo "<br>"; | ||
echo gethostname() . " (" . $_SERVER["SERVER_ADDR"] . ")"; | ||
echo "<br>"; | ||
?> | ||
|
||
</div> | ||
</div> | ||
</div> | ||
</body> | ||
</html> | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# Two Regions application behind LoadBalancer | ||
|
||
## Overview | ||
|
||
Using this template you can launch a simple application setup split over two regions and behind a load-balancer. You only need to enter your ssh key in the parameter | ||
section of the `masterstack.yaml` template. | ||
The stack overview shows the FIP(s) as well as the security group assignment command example in the outputs section. | ||
|
||
![network topology](img/tworegionsapplbhorizonstackoutput.png) | ||
|
||
## Usage | ||
|
||
### Initial launch | ||
|
||
- Configure your ssh key in the parameter of the `masterstack.yaml` template. | ||
- Create a stack with this template: `openstack stack create -t masterstack.yaml <new stackName>` | ||
- Once the stack creation has finished and every resource was built the LB port requires a security group. The command how to assign the security group to the LB port is shown in the output section of the masterstack. It needs to be executed in region dbl, since the load-balancer runs there. | ||
|
||
## Code organisation | ||
|
||
The file masterstack.yaml references the resources in region.yaml and balancer.yaml via heat substacks. | ||
|
||
## Parameters | ||
|
||
**app_port** | ||
Defines the app port used for instances. | ||
|
||
**lb_port** | ||
Defines the port used for the load-balancer. | ||
|
||
**ssh_keys** | ||
Defines the ssh keys to be used for instances. | ||
|
||
**image** | ||
Defines the image to be used for instances. | ||
|
||
**public_network** | ||
References the external network connected to the internet. | ||
|
||
## Outputs | ||
|
||
**assign_sec_group_cli** | ||
Provides the command that can be used to assign the security group to the load-balancer port to make it available from the outside. | ||
|
||
**region1** | ||
Public IP to access backend in region1 (cbk) | ||
|
||
**region2** | ||
Public IP to access backend in region2 (dbl) | ||
|
||
**balancer** | ||
Public IP of the loadbalancer in region2 (dbl) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,141 @@ | ||
heat_template_version: 2016-04-08 | ||
|
||
description: loadbalancer using backends defined in other stacks | ||
|
||
parameters: | ||
|
||
app_port: | ||
type: number | ||
lb_port: | ||
type: number | ||
public_network: | ||
type: string | ||
description: Network used by the load balancer | ||
default: ext-net | ||
backend1: | ||
type: string | ||
description: FIP used from region 1 (cbk) | ||
backend2: | ||
type: string | ||
description: FIP used from region 2 (dbl) | ||
|
||
resources: | ||
|
||
syseleven_net: | ||
type: OS::Neutron::Net | ||
properties: | ||
name: syseleven-net | ||
|
||
syseleven_subnet: | ||
type: OS::Neutron::Subnet | ||
depends_on: [ syseleven_net ] | ||
properties: | ||
name: syseleven_subnet | ||
dns_nameservers: | ||
- 8.8.8.8 | ||
- 4.4.4.4 | ||
network: { get_resource: syseleven_net } | ||
ip_version: 4 | ||
cidr: 192.168.2.0/24 | ||
allocation_pools: | ||
- {start: 192.168.2.10, end: 192.168.2.250} | ||
|
||
syseleven_router: | ||
type: OS::Neutron::Router | ||
properties: | ||
external_gateway_info: { "network": { get_param: public_network }} | ||
|
||
router_subnet_connect: | ||
type: OS::Neutron::RouterInterface | ||
depends_on: [ syseleven_router, syseleven_subnet ] | ||
properties: | ||
router: { get_resource: syseleven_router } | ||
subnet: { get_resource: syseleven_subnet } | ||
|
||
|
||
sec_group: | ||
type: OS::Neutron::SecurityGroup | ||
properties: | ||
rules: | ||
- remote_ip_prefix: 0.0.0.0/0 | ||
protocol: tcp | ||
port_range_min: { get_param: lb_port } | ||
port_range_max: { get_param: lb_port } | ||
|
||
monitor: | ||
type: OS::Neutron::LBaaS::HealthMonitor | ||
depends_on: [ pool ] | ||
properties: | ||
delay: 3 | ||
type: TCP | ||
timeout: 2 | ||
max_retries: 3 | ||
pool: { get_resource: pool } | ||
|
||
pool: | ||
type: OS::Neutron::LBaaS::Pool | ||
depends_on: [ listener ] | ||
properties: | ||
lb_algorithm: ROUND_ROBIN | ||
protocol: TCP | ||
listener: { get_resource: listener } | ||
|
||
listener: | ||
type: OS::Neutron::LBaaS::Listener | ||
depends_on: [ loadbalancer ] | ||
properties: | ||
loadbalancer: { get_resource: loadbalancer } | ||
protocol: TCP | ||
protocol_port: { get_param: lb_port } | ||
|
||
loadbalancer: | ||
depends_on: [ router_subnet_connect ] | ||
type: OS::Neutron::LBaaS::LoadBalancer | ||
properties: | ||
vip_subnet: { get_resource: syseleven_subnet } | ||
|
||
floating_ip: | ||
type: OS::Neutron::FloatingIP | ||
depends_on: [ loadbalancer ] | ||
properties: | ||
floating_network: { get_param: public_network } | ||
port_id: { get_attr: [ loadbalancer, vip_port_id ] } | ||
|
||
pool_member1: | ||
type: OS::Neutron::LBaaS::PoolMember | ||
depends_on: [ pool, syseleven_subnet ] | ||
properties: | ||
pool: { get_resource: pool } | ||
address: { get_param: backend1 } | ||
protocol_port: { get_param: app_port } | ||
subnet: { get_resource: syseleven_subnet } | ||
|
||
pool_member2: | ||
type: OS::Neutron::LBaaS::PoolMember | ||
depends_on: [ pool, syseleven_subnet ] | ||
properties: | ||
pool: { get_resource: pool } | ||
address: { get_param: backend2 } | ||
protocol_port: { get_param: app_port } | ||
subnet: { get_resource: syseleven_subnet } | ||
|
||
outputs: | ||
|
||
lb_fip: | ||
value: { get_attr: [ floating_ip, floating_ip_address ] } | ||
lb_network_port: | ||
value: { get_attr: [ loadbalancer, vip_port_id ] } | ||
lb_secgroup: | ||
value: { get_resource: sec_group } | ||
assign_sec_group: | ||
value: | ||
str_replace: | ||
template: openstack port set --security-group SECGROUP LBPORT | ||
params: | ||
SECGROUP: { get_resource: sec_group } | ||
LBPORT: { get_attr: [ loadbalancer, vip_port_id ] } | ||
description: > | ||
This command can be used to connect security groups to the | ||
load balancer port. The LB is accessible from the outside once | ||
the security group is assigned. | ||
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
heat_template_version: 2016-04-08 | ||
|
||
description: This template launches application instances in two regions behind a LoadBalancer. | ||
|
||
parameters: | ||
|
||
app_port: | ||
type: number | ||
default: 80 | ||
description: Port used by the servers | ||
lb_port: | ||
type: number | ||
default: 80 | ||
description: Port used by the load balancer | ||
image: | ||
type: string | ||
description: Image used by instances | ||
default: "Ubuntu 18.04 LTS sys11 optimized - 2018-08-13" | ||
ssh_keys: | ||
type: comma_delimited_list | ||
description: SSH-Key injected into instances | ||
default: | ||
- 'ssh-rsa REPLACE_THIS_WITH_YOUR_OWN_SSH_PUBLIC_KEY email_or_comment_are_optional' | ||
- 'ssh-rsa YOU_CAN_SPECIFY_MULTIPLE_SSH_PUBLIC_KEYS_LIKE_THIS it_is_still_optional' | ||
|
||
resources: | ||
|
||
region1: | ||
type: OS::Heat::Stack | ||
properties: | ||
context: | ||
region_name: cbk | ||
template: { get_file: region.yaml } | ||
parameters: | ||
backend_name: | ||
list_join: [ '-', [ { get_param: "OS::stack_name" }, 'region1']] | ||
app_port: { get_param: app_port } | ||
image: { get_param: image } | ||
ssh_keys: { get_param: ssh_keys } | ||
|
||
region2: | ||
type: OS::Heat::Stack | ||
properties: | ||
context: | ||
region_name: dbl | ||
template: { get_file: region.yaml } | ||
parameters: | ||
backend_name: | ||
list_join: [ '-', [ { get_param: "OS::stack_name" }, 'region2']] | ||
app_port: { get_param: app_port } | ||
image: { get_param: image } | ||
ssh_keys: { get_param: ssh_keys } | ||
|
||
balancer: | ||
type: OS::Heat::Stack | ||
depends_on: [ region1, region2 ] | ||
properties: | ||
context: | ||
region_name: dbl | ||
template: { get_file: balancer.yaml } | ||
parameters: | ||
backend1: { get_attr: [ region1, outputs, fip1 ] } | ||
backend2: { get_attr: [ region2, outputs, fip1 ] } | ||
app_port: { get_param: app_port } | ||
lb_port: { get_param: lb_port } | ||
|
||
# PLACEHOLDER ################ | ||
# Currently it is not possible to get sec group association working with HEAT | ||
# sec_group_association: | ||
# type: OS::Heat::Stack | ||
# depends_on: [ balancer ] | ||
# properties: | ||
# context: | ||
# region_name: dbl | ||
# template: { get_file: sec_group_attach.yaml } | ||
# parameters: | ||
# lb_network_port: { get_attr: [ balancer, outputs, lb_network_port ] } | ||
# lb_secgroup: { get_attr: [ balancer, outputs, lb_secgroup ] } | ||
# PLACEHOLDER ################ | ||
|
||
outputs: | ||
|
||
region1: | ||
value: { get_attr: [ region1, outputs, fip1 ] } | ||
description: Public IP to access backend in region1 (cbk) | ||
region2: | ||
value: { get_attr: [ region2, outputs, fip1 ] } | ||
description: Public IP to access backend in region2 (dbl) | ||
balancer: | ||
value: { get_attr: [ balancer, outputs, lb_fip ] } | ||
description: Public IP of the loadbalancer in region2 (dbl) | ||
assign_sec_group: | ||
value: | ||
str_replace: | ||
template: openstack port set --security-group SECGROUP LBPORT | ||
params: | ||
SECGROUP: { get_attr: [ balancer, outputs, lb_secgroup ] } | ||
LBPORT: { get_attr: [ balancer, outputs, lb_network_port ] } | ||
description: > | ||
This command can be used to connect security groups to the | ||
load balancer port. The LB is accessible from the outside once | ||
the security group is assigned. | ||
Oops, something went wrong.