CloudCenter 4.8 has reached End of Life (EOL) as of November 14, 2018. See End of Support Notices for additional context.
AMQP_LB

The AMQP load balancing can be done through HAProxy, NGiNX, Apache2, or a cloud that is natively available to services, like AWS Elastic Load Balancer (ELB). To configure the load balancer service and ensure AMQP load balancing, be sure to listen on port 5671 and balance the request at 443 on both the AMQP_PRIMARY and AMQP_SECONDARY servers.

See AMQP Firewall Rules > AMQP_LB Ports for the complete list of ports that need to be open for your deployment.

If you configure a load balancer for any CloudCenter component, be aware that the firewalId is enabled by default and you must explicitly disable it to ensure that the CloudCenter component(s) can communicate with the load balancer. See Firewall Rules Overview for additional context.

The following load balancing configuration was performed on CentOS7.x VM with HAProxy for the AMQP VM.

  1. SSH into the VM instance using the key pair that you used to launch the VM.
  2. Install HAProxy as the root user.

    yum install -y haproxy
    
  3. Modify HAProxy config file as displayed in the following code block.

    vi /etc/haproxy/haproxy.cfg
    
    #configuration to listen on 5671 and loadbalance
    frontend amqps-in
        mode tcp
        log global
        bind *:5671
        default_backend amqps
    backend amqps
        mode tcp
        balance roundrobin
        option ssl-hello-chk
        server amqp1 <AMQP_PRIMARY>:5671 check
        server amqp2 <AMQP_SECONDARY>:5671 check
    
    #configuration to listen on 443 and loadbalance
    frontend gua-in
        mode tcp
        log global
        bind *:443
        default_backend guas
    backend guas
       mode tcp
       balance roundrobin
       option ssl-hello-chk
       server amqp1 <AMQP_PRIMARY>:443 check
       server amqp2 <AMQP_SECONDARY>:443 check backup
     
    #configuration to listen on 7788 and loadbalance
    frontend gua-wrk-in
        mode tcp
        log global
        bind *:7788
        default_backend gua-wrk
    backend gua-wrk
       mode tcp
       balance roundrobin
       server amqp1 <AMQP_PRIMARY>:7788 check
       server amqp2 <AMQP_SECONDARY>:7788 check backup
     
    #configuration to listen on 7789 and loadbalance
    frontend gua-rev-in
        mode tcp
        log global
        bind *:7789
        default_backend gua-rev
    backend gua-rev
       mode tcp
       balance roundrobin
       server amqp1 <AMQP_PRIMARY>:7789 check
       server amqp2 <AMQP_SECONDARY>:7789 check backup
  4. To bind to 5671 port you must disable SELinux – run the following command to disable SELinux.

    setenforce 0
    sed -i 's/=enforcing/=permissive/g' /etc/selinux/config*
    #This command ensures that SELINUX is disabled permanently and the changes are retained even in case of reboot 
  5. Start the HAProxy service and check the status, it should be active


    systemctl start haproxy
    systemctl status haproxy 
    
  6. Optionally, to view the HAProxy stats use the following configuration to access the HAProxy from a web browser. These stats allow you to view the status of the nodes from a web browser and allows admins to drain/stop nodes without accessing the VMs directly.

    https://myAMQP_LB_IP/haproxy_stats:9000

    listen stats 0.0.0.0:9000 #Listen on all IP's on port 9000
     mode http
     balance
     timeout client 5000
     timeout connect 4000
     timeout server 30000
    
    #This is the virtual URL to access the stats page
     stats uri /haproxy_stats
    
    #Authentication realm. This can be set to anything. Escape space characters with a backslash.
     stats realm HAProxy\ Statistics
    
    #The user/pass you want to use. Change this password!
     stats auth admin:<password>
    
    #This allows you to take down and bring up back end servers.
     #This will produce an error on older versions of HAProxy.
     stats admin if TRUE

You have successfully configured the AMQP instance! Proceed to the CCO (Required) section.

  • No labels
© 2017-2019 Cisco Systems, Inc. All rights reserved