Hybrid Cloud GSLB
A hybrid cloud configuration as a Global Server Load balancer (GSLB) between two regions residing in the same or different cloud or on-premise environments. It provides flexibility to implement disaster recovery site.
It requires atleast two Thunder instances in each region or location. One instance serves as the master controller, while the other functions as the site device. It is possible to configure multiple site devices, but it is recommended to have a minimum of three site devices to ensure seamless failover and effective disaster recovery.
Both regions should maintain an equivalent number of resources, whether hosted in the cloud or on-premise.
To create and install three thunder instances in any one region use Thunder-3NIC-3VM template. The same template can be used to install Thunder instances in another region.
Architectural References
Refer to the following for architectural references:
- AWS-to-AWS
- AWS-to-On-Premises (any)
- On-Premise-to-On-Premise (any)
Region 1 and Region 2 both are in AWS cloud.
Figure 39 : AWS-to-AWS Cloud
Region 1 is in AWS cloud and Region 2 is on-premise or vice versa.
Figure 40 : AWS-to-On-Premise
Region 1 and Region 2 are on-premises.
Figure 41 : On-Premise-to-On-Premise
GSLB Deployment Topology
Figure 42 shows the GSLB deployment topology having two regions, Region 1 and Region 2. Both the regions must have identical number of resources:
- One GSLB controller
This Thunder instance acts as a DNS server that directs clients to reach the active load balancer.
GLSB controller of Region 1 is considered as the 'Master' and Region 2 is considered as a 'Member'. - Two site devices
These Thunder instances act as a load balancer and send traffic to the server.
Each site device may have multiple app or web servers configured and route the traffic accordingly.
Figure 42 : Hybrid Cloud GSLB Deployment Topology
Configure Hybrid Cloud GSLB
A Hybrid Cloud GSLB configuration requires two regions and each region should host three Thunder instances.
To configure hybrid cloud GSLB, perform the following:
- Create three vThunder instances if not already created. For more information, see Thunder-3NIC-3VM.
-
Download A10-vThunder_ADC-CONFIGURATION > HYBRID-CLOUD-GSLB folder from GitHub.
- From the Start menu, open the command prompt and navigate to the downloaded template.
-
Open the HYBRID_CLOUD_CONFIG_GSLB_PARAM.json with a text editor.
NOTE: Each parameter has a default value mentioned in the parameter file which can be modified as required. -
Configure the following parameters:
Table 18 : JSON Parameters Resource Name
Description
Master Controller
Specify the Master Controller Parameter Details for Region 1.
Master Controller is the first vThunder instance in Region 1 and it could be any vThunder instance.
"masterConfigDetails":{ "controllerMngmtPublicIp":"Public IP of Management Interface of Location1 Controller", "controllerPassword":"vThunder’s Login password of Location1 Controller", "controllerSecPrivateIpData1":"Secondary Pvt IP of DataSubnet1 of Location1 Controller", "site1MngmtPublicIp":"Public IP of Management Interface of Location1 Site1", "site1Password":"vThunder’s Login password of Location1 Site1 vThunder", "site2MngmtPublicIp":"Public IP of Management Interface of Location1 Site2", "site2Password":"vThunder’s Login password of Location1 Site2 vThunder", "site1SecPrivateIpData1":"Secondary Pvt IP of DataSubnet1 of Location1 Site1 vThunder", "site1SecPublicIpData1":"Secondary Public IP of DataSubnet1 of Location1 Site1 vThunder", "site2SecPrivateIpData1":"Secondary Pvt IP of DataSubnet1 of Location1 Site2 vThunder", "site2SecPublicIpData1":"Secondary Public IP of DataSubnet1 of Location1 Site2 vThunder", "server1PrivateIp":"Private Ipv4 address of server1 of Location1", "server2PrivateIp":"Private Ipv4 address of server2 of Location1" },Member Controller
Specify the Member Controller Parameter Details for Region 2.
Member Controller is the first vThunder instance in Region 2 and it could be any vThunder instance.
"memberConfigDetails":{ "controllerMngmtPublicIp":"Public IP of Management Interface of Location2 Controller", "controllerPassword":"vThunder’s Login password of Location2 Controller", "controllerSecPrivateIpData1":"Secondary Pvt IP of DataSubnet1 of Location2 Controller", "site1MngmtPublicIp":"Public IP of Management Interface of Location2 Site1", "site1Password":"vThunder’s Login password of Location2 Site1 vThunder", "site2MngmtPublicIp":"Public IP of Management Interface of Location2 Site2", "site2Password":"vThunder’s Login password of Location2 Site2 vThunder", "site1SecPrivateIpData1":"Secondary Pvt IP of DataSubnet1 of Location2 Site1 vThunder", "site1SecPublicIpData1":"Secondary Public IP of DataSubnet1 of Location2 Site1 vThunder", "site2SecPrivateIpData1":"Secondary Pvt IP of DataSubnet1 of Location2 Site2 vThunder", "site2SecPublicIpData1":"Secondary Public IP of DataSubnet1 of Location2 Site2 vThunder", "server1PrivateIp":"Private Ipv4 address of server1 of Location2", "server2PrivateIp":"Private Ipv4 address of server2 of Location2" },SLB Server Ports
Specify the SLB server ports for site devices.
"slbServerPortList1": { "value": [ { "port-number": 80, "protocol": "tcp", "health-check-disable":1 } ] }, "slbServerPortList2": { "value": [ { "port-number": 80, "protocol": "tcp", "health-check-disable":1 } ] }, "slbServerPortList3": { "value": [ { "port-number": 80, "protocol": "tcp", "health-check-disable":1 } ] }, "slbServerPortList4": { "value": [ { "port-number": 80, "protocol": "tcp", "health-check-disable":1 } ] },Service Group
Specify the SLB Service groups for site devices.
"serviceGroupList1": { "value": [ { "name":"sg", "protocol":"tcp", "health-check-disable":0, "member-list": [ { "port":80 } ] } ] }, "serviceGroupList2": { "value": [ { "name":"sg", "protocol":"tcp", "health-check-disable":0, "member-list": [ { "port":80 } ] } ] }, "serviceGroupList3": { "value": [ { "name":"sg", "protocol":"tcp", "health-check-disable":0, "member-list": [ { "port":80 } ] } ] }, "serviceGroupList4": { "value": [ { "name":"sg", "protocol":"tcp", "health-check-disable":0, "member-list": [ { "port":80 } ] } ] },Virtual Server
Specify the SLB virtual server for site devices.
The virtual server default name is “vs1”.
"virtualServerList1": { "virtual-server-name": "vs1", "metadata": { "description": "virtual server is using VIP from ethernet 1 secondary subnet" }, "value": [ { "port-number":80, "protocol":"tcp", "auto":1, "service-group":"sg" } ] }, "virtualServerList2": { "virtual-server-name": "vs1", "metadata": { "description": "virtual server is using VIP from ethernet 1 secondary subnet" }, "value": [ { "port-number":80, "protocol":"tcp", "auto":1, "service-group":"sg" } ] }, "virtualServerList3": { "virtual-server-name": "vs1", "metadata": { "description": "virtual server is using VIP from ethernet 1 secondary subnet" }, "value": [ { "port-number":80, "protocol":"tcp", "auto":1, "service-group":"sg" } ] }, "virtualServerList4": { "virtual-server-name": "vs1", "metadata": { "description": "virtual server is using VIP from ethernet 1 secondary subnet" }, "value": [ { "port-number":80, "protocol":"tcp", "auto":1, "service-group":"sg" } ] },Service IP
Specify the GSLB service IP address for controller.
"serviceipList1": { "node-name": "vs1", "value": [ { "port-num": 80, "port-proto": "tcp" } ] }, "serviceipList2": { "node-name": "vs2", "value": [ { "port-num": 80, "port-proto": "tcp" } ] }, "serviceipList3": { "node-name": "vs3", "value": [ { "port-num": 80, "port-proto": "tcp" } ] }, "serviceipList4": { "node-name": "vs4", "value": [ { "port-num": 80, "port-proto": "tcp" } ] },Sites
Specify the GSLB Site Details for controller
A site is the vThunder instance in a region.
"siteList1": { "site-name": "eastus_1", "vip-name": "vs1", "device-name": "slb1", "geo-location": "North America,United States" }, "siteList2": { "site-name": "eastus_2", "vip-name": "vs2", "device-name": "slb2", "geo-location": "North America,United States" }, "siteList3": { "site-name": "eastus2_1", "vip-name": "vs3", "device-name": "slb3", "geo-location": "North America.United States.California.San Jose" }, "siteList4": { "site-name": "eastus2_2", "vip-name": "vs4", "device-name": "slb4", "geo-location": "North America.United States.California.San Jose" },Geo location
Specify the system geo location details for controller.
"geolocation": { "geo-location-iana": "0", "geo-location-geolite2-city": "1", "geolite2-city-include-ipv6": "0", "geo-location-geolite2-country": "0" },dnsPolicy
Specify the GSLB DNS policy for controller.
The default value of vrid is 0. The default priority for the first vThunder instance is 100, and for the second vThunder instance is 99 (100-1).
"dnsPolicy": { "policy-name": "a10", "type": "health-check, geographic" },GSLB Server
Specify the GSLB virtual server for controller.
The default value of vrid is 0. The default priority for the first vThunder instance is 100, and for the second vThunder is 99 (100-1).
"gslbserverList1": { "virtual-server-name": "gslb-server", "metadata": { "description": "gslb virtual server is using VIP from ethernet 1 secondary subnet" }, "value": [ { "port-number":53, "protocol":"udp", "gslb-enable": 1 } ] }, "gslbserverList2": { "virtual-server-name": "gslb-server", "metadata": { "description": "gslb virtual server is using VIP from ethernet 1 secondary subnet" }, "value": [ { "port-number":53, "protocol":"udp", "gslb-enable": 1 } ] },GSLB Protocol Status
Specify the GSLB protocol status for controller.
"gslbprotocolStatus": { "status-interval": 1 },GSLB Controller Protocol Status
Specify the GSLB group for controller.
"gslbcontrollerGroup1": { "name": "default", "priority": 255 }, "gslbcontrollerGroup2": { "name": "default", "priority": 100 },GSLB Zone
Specify the GSLB zone for controller.
"gslbzone": { "service-port": 80, "service-name": "www", "name" : "gslb.a10.com" },GSLB Zone
Specify the Network Gateway IP.
The default value of network gateway IP address is 10.0.1.1 as this is the first IP address of the default management subnet configuration.
The default value of the next network gateway IP address is 10.0.2.1 as this is the first IP address of the data-in subnet configuration.
"rib-list_region1": [ { "ip-dest-addr": "0.0.0.0", "ip-mask": "/0", "ip-nexthop-ipv4": [ { "ip-next-hop": "10.1.2.1" }, { "ip-next-hop": "10.1.1.1" } ] } ], "rib-list_region2": [ { "ip-dest-addr": "0.0.0.0", "ip-mask": "/0", "ip-nexthop-ipv4": [ { "ip-next-hop": "10.1.2.1" }, { "ip-next-hop": "10.1.1.1" } ] } ],Default Route
Specify the default route for vThunder instances.
"defaultroute1": { "next-hop1": "10.1.2.1", "next-hop2": "10.1.1.1" } - Verify if all the configurations in the HYBRID_CLOUD_CONFIG_GSLB_PARAM.json file are correct and save the changes.
-
Run the following command to configure GSLB:
PS C:\Users\TestUser\A10-vThunder_ADC-CONFIGURATION\HYBRID-CLOUD-GSLB> python ./HYBRID_CLOUD_CONFIG_GSLB_1.py -
If the Hybrid cloud is configured successfully, the following message is displayed:
Gathering public and private ip address for site devices.
---------------------------------------------------------
configured ethernet- 1 ip
configured ethernet- 2 ip
Configuring slb server for site: site1
Successfully Configured slb server for site: site1
Configuring service group for site: site1
Successfully Configured service group for site: site1
Successfully Configured virtual server for site: site1
Successfully Configured gslb site: site1
Successfully Configured default route: site1
Configurations are saved on partition: shared
-----------------------------------------------------------
configured ethernet- 1 ip
configured ethernet- 2 ip
Configuring slb server for site: site2
Successfully Configured slb server for site: site2
Configuring service group for site: site2
Successfully Configured service group for site: site2
Successfully Configured virtual server for site: site2
Successfully Configured gslb site: site2
Successfully Configured default route: site2
Configurations are saved on partition: shared
-----------------------------------------------------------
configured ethernet- 1 ip
configured ethernet- 2 ip
Configuring slb server for site: site3
Successfully Configured slb server for site: site3
Configuring service group for site: site3
Successfully Configured service group for site: site3
Successfully Configured virtual server for site: site3
Successfully Configured gslb site: site3
Successfully Configured default route: site3
Configurations are saved on partition: shared
-----------------------------------------------------------
configured ethernet- 1 ip
configured ethernet- 2 ip
Configuring slb server for site: site4
Successfully Configured slb server for site: site4
Configuring service group for site: site4
Successfully Configured service group for site: site4
Successfully Configured virtual server for site: site4
Successfully Configured gslb site: site4
Successfully Configured default route: site4
Configurations are saved on partition: shared
-----------------------------------------------------------
Configuring controller devices
configured ethernet- 1 ip
configured ethernet- 2 ip
Successfully Configuring gslb server for controller: masterController
Successfully Configured ServiceIp for site: masterController
Successfully Configured ServiceIp for site: masterController
Successfully Configured ServiceIp for site: masterController
Successfully Configured ServiceIp for site: masterController
Successfully Configured site information for: masterController
Successfully Configured site information for: masterController
Successfully Configured site information for: masterController
Successfully Configured site information for: masterController
Successfully Configured gslb policy for: masterController
Successfully Configured gslb zone for: masterController
Successfully Configured gslb controller and status interval: masterController
Successfully Configured gslb controller group: masterController
Successfully Configured geo location: masterController
Successfully Configured default route: masterController
Configurations are saved on partition: shared
configured ethernet- 1 ip
configured ethernet- 2 ip
Successfully Configured gslb server for controller: memberController
Successfully Configured gslb controller group: memberController
Successfully Configured default route: memberController
Configurations are saved on partition: shared
Master Controller Parameter Details
|
Parameter |
Description |
Sample value |
|---|---|---|
|
controllerMngmtPublicIp |
Public IP of Management Interface of Region 1 Controller. |
|
|
controllerPassword |
vThunder instance Login password of Region 1 Controller. |
|
|
controllerSecPrivateIpData1 |
Secondary Private IP of Data Interface Subnet1 of Region 1 Controller. |
|
|
site1MngmtPublicIp |
Public IP of Management Interface of Region 1 Site1. |
|
|
site1Password |
vThunder instance Login password of Region 1 Site1. |
|
|
site2MngmtPublicIp |
Public IP of Management Interface of Region 1 Site2. |
|
|
site2Password |
vThunder instance Login password of Region 1 Site2. |
|
|
site1SecPrivateIpData1 |
Secondary Private IP of DataSubnet1 of Region 1 Site1 vThunder. |
|
|
site1SecPublicIpData1 |
Secondary Public IP of DataSubnet1 of Region 1 Site1 vThunder. |
|
|
site2SecPrivateIpData1 |
Secondary Private IP of DataSubnet1 of Region 1 Site2 vThunder. |
|
|
site2SecPublicIpData1 |
Secondary Public IP of DataSubnet1 of Region 1 Site2 vThunder. |
|
|
server1PrivateIp |
Private IPv4 address of Server1 of Region 1. |
|
|
server2PrivateIp |
Private IPv4 address of Server2 of Region 1. |
|
Member Controller Parameter Details
|
Parameter |
Description |
Sample value |
|---|---|---|
|
controllerMngmtPublicIp |
Public IP of Management Interface of Region 2 Controller. |
|
|
controllerPassword |
vThunder instance Login password of Region 2 Controller. |
|
|
controllerSecPrivateIpData1 |
Secondary Private IP of Data Interface Subnet1 of Region 2 Controller. |
|
|
site1MngmtPublicIp |
Public IP of Management Interface of Region 2 Site1. |
|
|
site1Password |
vThunder instance Login password of Region 2 Site1. |
|
|
site2MngmtPublicIp |
Public IP of Management Interface of Region 2 Site2. |
|
|
site2Password |
vThunder instance Login password of Region 2 Site2. |
|
|
site1SecPrivateIpData1 |
Secondary Private IP of DataSubnet1 of Region 2 Site1 vThunder. |
|
|
site1SecPublicIpData1 |
Secondary Public IP of DataSubnet1 of Region 2 Site1 vThunder. |
|
|
site2SecPrivateIpData1 |
Secondary Private IP of DataSubnet1 of Region 2 Site2 vThunder. |
|
|
site2SecPublicIpData1 |
Secondary Public IP of DataSubnet1 of Region 2 Site2 vThunder. |
|
|
server1PrivateIp |
Private IPv4 address of Server1 of Region 2. |
|
|
server2PrivateIp |
Private IPv4 address of Server2 of Region 2. |
|
Site Details
|
Site Name |
VIP Name |
Device Name |
GEO Location |
|---|---|---|---|
|
eastus_1 |
vs1 |
slb1 |
North America, United States |
|
eastus_2 |
vs2 |
slb2 |
North America, United States |
|
eastus2_1 |
vs3 |
slb3 |
North America.United States.California.San Jose |
|
eastus2_2 |
vs4 |
slb4 |
North America.United States.California.San Jose |
IP Routes
|
RIB List Of Region |
Destination IP Address |
Subnet Mask |
Next Hop |
|---|---|---|---|
|
Region 1 |
0.0.0.0 |
/0 |
10.1.20.1 |
|
Region 2 |
0.0.0.0 |
/0 |
10.1.20.1 |