You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Indra Pramana <in...@sg.or.id> on 2016/04/03 14:48:56 UTC
Adding a new CloudStack management server
Dear all,
We are running CloudStack 4.2.0 and all this while we are running on just
one management server. We intend to add another new management server for
redundancy. These are parts of the documentation touching on how to add
another new management server:
http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.8/management-server/#additional-management-servers
http://docs.cloudstack.apache.org/en/latest/administration_guide.html?highlight=management%20server%20load#management-server-load-balancing
- Can I confirm that for multiple management servers, a load balancing
server or device is compulsory? Can multiple management servers still work
without load balancing and still achieve HA?
- What do people normally use to setup the load balancing for the
management servers? Is a server running haproxy sufficient?
- Once the second management server and the load balancer has been setup, I
believe we would need to change the management IP to the VIP (virtual IP)
of the load balancer, what are the things that need to be changed?
Any help is greatly appreciated.
Looking forward to your reply, thank you.
Cheers.
-ip-
Re: Adding a new CloudStack management server
Posted by Indra Pramana <in...@sg.or.id>.
Hi ilya,
Good day to you, and thank you for your reply.
I am quite confused after reading the documentation on how to implement
SSL/TLS on haproxy -- it seems that there are 2 methods on how haproxy
handles SSL, either SSL Termination (haproxy terminates/decrypts the SSL
connection and sending unencrypted connections to the CloudStack management
server) or SSL pass-through (haproxy redirects the SSL connection to the
Cloudstack management server). Since I implemented HTTPS (and disabled HTTP
connection) to the management server, can I confirm that I should use the
pass-through method for this case?
If anyone can point me to any further documentation on how to implement
haproxy LB to load balanced CloudStack management servers running on HTTPS
(TLS/SSL) mode, it will be very appreciated.
Looking forward to your reply, thank you.
Cheers.
On Thu, Apr 14, 2016 at 2:31 PM, ilya <il...@gmail.com> wrote:
> You need another cert for the proxy host.
>
> In theory, all you could have done it with 1 SSL cert in front of
> ha-proxy, then restrict communication to 8080 via iptables from MS to
> ha-proxy.
>
> Though, ideally - SSL accross the board is better.
>
> With that said, get one more cert for ha-proxy..
>
> On 4/13/16 11:06 PM, Indra Pramana wrote:
> > Hi ilya and all,
> >
> > Good day to you, and thank you for your reply.
> >
> > Yes, I was able to access the second management server using http. To
> > resolve the problem, I ended up purchasing another SSL certificate for
> the
> > second management server, and after converting to PKS12 format and enable
> > SSL on server.xml and tomcat6.conf, I managed to access the GUI of the
> > second management server, thanks.
> >
> > Now the issue is on the haproxy load balancer. Each management server can
> > be accessed via https without any issue, but accessing it through the
> > haproxy load balancer gives the same SSL error message. I am running just
> > one haproxy server at the moment.
> >
> > https://first-management-server:8080/client/ - OK
> > https://second-management-server:8080/client/ - OK
> >
> > https://haproxy-server:8080/client/ - not OK
> >
> > Below is my haproxy.cfg configuration, I set the configuration based on
> > blog article Sadhu has provided:
> >
> >
> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-balancer.html
> >
> > Note that the UI (public facing) and the VM (hypervisor facing) are on
> > different NICs/networks since we are using private networks for our
> > hypervisors.
> >
> > Public network: X.X.X.0/28
> > Private network: Y.Y.Y.0/24
> >
> > ====
> > listen cloudstack_ui_8080 X.X.X.7:8080
> > bind X.X.X.7:8080
> > mode http
> > balance source
> > server first-management-server X.X.X.12:8080 cookie A check
> > server second-management-server X.X.X.11:8080 cookie B check
> >
> > listen cloudstack_systemvm_8250 Y.Y.Y.8:8250
> > bind Y.Y.Y.8:8250
> > mode tcp
> > option tcplog
> > balance source
> > server first-management-server Y.Y.Y.3:8250 maxconn 32 check
> > server second-management-server Y.Y.Y.6:8250 maxconn 32 check
> > ====
> >
> > Can advise what I might have missed out on the configuration?
> >
> > Looking forward to your reply, thank you.
> >
> > Cheers.
> >
> >
> > On Thu, Apr 14, 2016 at 1:26 PM, ilya <il...@gmail.com>
> wrote:
> >
> >> Indra
> >>
> >> Both MGMT servers should be accessed via web browser.
> >>
> >> However in your case, since you did not enable SSL on second server as
> >> evident by port 8080, you need to use http header and not https.
> >>
> >> Try http://second-management-server:8080/client/
> >>
> >> Also, you can get away with single SSL for both MGMT servers by using
> >> "alias" as a Subject Alternate Name when you create Certificate Signing
> >> Request.
> >>
> >> Regards
> >> ilya
> >>
> >> On 4/12/16 10:14 PM, Indra Pramana wrote:
> >>> Dear all,
> >>>
> >>> I have managed to add the second CloudStack management server and add
> it
> >>> into the cluster. Based on the management server logs, we can see that
> >> the
> >>> second management server is being added. I haven't configured the
> haproxy
> >>> LB yet, however I noted that I am not able to access the second
> >> management
> >>> server's GUI, is it normal?
> >>>
> >>> https://second-management-server:8080/client/
> >>>
> >>> ====
> >>> Secure Connection Failed
> >>>
> >>> An error occurred during a connection to second-management-server:8080.
> >> SSL
> >>> received a record that exceeded the maximum permissible length. (Error
> >>> code: ssl_error_rx_record_too_long)
> >>>
> >>> The page you are trying to view cannot be shown because the
> >>> authenticity of the received data could not be verified.
> >>> Please contact the website owners to inform them of this problem.
> >>> ====
> >>>
> >>> Is this due to SSL, i.e. I need to purchase the SSL certificate for
> this
> >>> second management server, similar to the first management server?
> >>>
> >>> Looking forward to your reply, thank you.
> >>>
> >>> Cheers.
> >>>
> >>>
> >>> On Mon, Apr 11, 2016 at 10:03 PM, Sanjeev Neelarapu <
> >>> sanjeev.neelarapu@accelerite.com> wrote:
> >>>
> >>>> There is no restriction on which interface to use for LB. Make sure
> you
> >>>> pick the NIC from same network for both the management servers.
> >>>>
> >>>> Best Regards,
> >>>> Sanjeev N
> >>>> Chief Product Engineer, Accelerite
> >>>> Off: +91 40 6722 9368 | EMail: sanjeev.neelarapu@accelerite.com
> >>>>
> >>>>
> >>>> -----Original Message-----
> >>>> From: Indra Pramana [mailto:indra@sg.or.id]
> >>>> Sent: Monday, April 11, 2016 7:26 PM
> >>>> To: users@cloudstack.apache.org
> >>>> Subject: Re: Adding a new CloudStack management server
> >>>>
> >>>> Dear all,
> >>>>
> >>>> Our management server has two NICs, one internal-facing to the
> >> hypervisor
> >>>> hosts and another one Internet-facing for our billing system and
> console
> >>>> users to connect to. If we want to add another management server and
> >> load
> >>>> balance them, does it mean that we need to load balance both the
> >>>> internal-facing and the Internet-facing NICs?
> >>>>
> >>>> Looking forward to your reply, thank you.
> >>>>
> >>>> Cheers.
> >>>>
> >>>>
> >>>> On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id>
> wrote:
> >>>>
> >>>>> Thanks Glenn and Suresh.
> >>>>>
> >>>>> Cheers.
> >>>>>
> >>>>>
> >>>>> On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu
> >>>>> <su...@accelerite.com>
> >>>>> wrote:
> >>>>>
> >>>>>> As Glenn told ,it will work well with haproxy .I found nice blog
> >>>>>> from psiclouds ,hope this might be useful to you.
> >>>>>>
> >>>>>>
> >>>>>>
> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-bala
> >>>>>> ncer.html
> >>>>>>
> >>>>>> regards
> >>>>>> Sadhu
> >>>>>> Chief Product Engineer, Accelerite
> >>>>>> Suresh.sadhu@accelerite.com
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> -----Original Message-----
> >>>>>>
> >>>>>> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
> >>>>>> Sent: Monday, April 4, 2016 3:09 AM
> >>>>>> To: users@cloudstack.apache.org
> >>>>>> Subject: RE: Adding a new CloudStack management server
> >>>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>> I would also recommend using a load balancing with Cloudstack if you
> >>>>>> want to run multiple management servers HA proxy is the preferred
> >>>>>> choice (works very well for us)
> >>>>>>
> >>>>>> Once you have added the second server you need to change the
> >>>>>> management server ip in the global setting (search for host) and
> also
> >>>>>> the management ip in all the cloudstack agents to the new vip ,
> >>>>>> restart cloudstack
> >>>>>>
> >>>>>> I would all suggest setting up two haproxy's one primary and the
> >>>>>> other secondary using keepalived for redundancy of your haproxy
> >>>>>> servers
> >>>>>>
> >>>>>> Regards
> >>>>>> Glenn
> >>>>>>
> >>>>>>
> >>>>>> Regards,
> >>>>>>
> >>>>>> Glenn Wagner
> >>>>>>
> >>>>>> glenn.wagner@shapeblue.com
> >>>>>> www.shapeblue.com
> >>>>>> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
> >>>>>> 7130South Africa @shapeblue
> >>>>>>
> >>>>>> -----Original Message-----
> >>>>>> From: Indra Pramana [mailto:indra@sg.or.id]
> >>>>>> Sent: Sunday, 03 April 2016 2:49 PM
> >>>>>> To: users@cloudstack.apache.org
> >>>>>> Subject: Adding a new CloudStack management server
> >>>>>>
> >>>>>> Dear all,
> >>>>>>
> >>>>>> We are running CloudStack 4.2.0 and all this while we are running on
> >>>>>> just one management server. We intend to add another new management
> >>>>>> server for redundancy. These are parts of the documentation touching
> >>>>>> on how to add another new management server:
> >>>>>>
> >>>>>>
> >>>>>>
> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en
> >>>>>> /4.8/management-server/#additional-management-servers
> >>>>>>
> >>>>>>
> http://docs.cloudstack.apache.org/en/latest/administration_guide.html
> >>>>>>
> ?highlight=management%20server%20load#management-server-load-balancin
> >>>>>> g
> >>>>>>
> >>>>>> - Can I confirm that for multiple management servers, a load
> >>>>>> balancing server or device is compulsory? Can multiple management
> >>>>>> servers still work without load balancing and still achieve HA?
> >>>>>> - What do people normally use to setup the load balancing for the
> >>>>>> management servers? Is a server running haproxy sufficient?
> >>>>>> - Once the second management server and the load balancer has been
> >>>>>> setup, I believe we would need to change the management IP to the
> VIP
> >>>>>> (virtual IP) of the load balancer, what are the things that need to
> be
> >>>> changed?
> >>>>>>
> >>>>>> Any help is greatly appreciated.
> >>>>>>
> >>>>>> Looking forward to your reply, thank you.
> >>>>>>
> >>>>>> Cheers.
> >>>>>>
> >>>>>> -ip-
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> DISCLAIMER
> >>>>>> ==========
> >>>>>> This e-mail may contain privileged and confidential information
> which
> >>>>>> is the property of Accelerite, a Persistent Systems business. It is
> >>>>>> intended only for the use of the individual or entity to which it is
> >>>>>> addressed. If you are not the intended recipient, you are not
> >>>>>> authorized to read, retain, copy, print, distribute or use this
> >>>>>> message. If you have received this communication in error, please
> >>>>>> notify the sender and delete all copies of this message. Accelerite,
> >>>>>> a Persistent Systems business does not accept any liability for
> virus
> >>>> infected mails.
> >>>>>>
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>> DISCLAIMER
> >>>> ==========
> >>>> This e-mail may contain privileged and confidential information which
> is
> >>>> the property of Accelerite, a Persistent Systems business. It is
> >> intended
> >>>> only for the use of the individual or entity to which it is addressed.
> >> If
> >>>> you are not the intended recipient, you are not authorized to read,
> >> retain,
> >>>> copy, print, distribute or use this message. If you have received this
> >>>> communication in error, please notify the sender and delete all copies
> >> of
> >>>> this message. Accelerite, a Persistent Systems business does not
> accept
> >> any
> >>>> liability for virus infected mails.
> >>>>
> >>>
> >>
> >
>
Re: Adding a new CloudStack management server
Posted by ilya <il...@gmail.com>.
You need another cert for the proxy host.
In theory, all you could have done it with 1 SSL cert in front of
ha-proxy, then restrict communication to 8080 via iptables from MS to
ha-proxy.
Though, ideally - SSL accross the board is better.
With that said, get one more cert for ha-proxy..
On 4/13/16 11:06 PM, Indra Pramana wrote:
> Hi ilya and all,
>
> Good day to you, and thank you for your reply.
>
> Yes, I was able to access the second management server using http. To
> resolve the problem, I ended up purchasing another SSL certificate for the
> second management server, and after converting to PKS12 format and enable
> SSL on server.xml and tomcat6.conf, I managed to access the GUI of the
> second management server, thanks.
>
> Now the issue is on the haproxy load balancer. Each management server can
> be accessed via https without any issue, but accessing it through the
> haproxy load balancer gives the same SSL error message. I am running just
> one haproxy server at the moment.
>
> https://first-management-server:8080/client/ - OK
> https://second-management-server:8080/client/ - OK
>
> https://haproxy-server:8080/client/ - not OK
>
> Below is my haproxy.cfg configuration, I set the configuration based on
> blog article Sadhu has provided:
>
> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-balancer.html
>
> Note that the UI (public facing) and the VM (hypervisor facing) are on
> different NICs/networks since we are using private networks for our
> hypervisors.
>
> Public network: X.X.X.0/28
> Private network: Y.Y.Y.0/24
>
> ====
> listen cloudstack_ui_8080 X.X.X.7:8080
> bind X.X.X.7:8080
> mode http
> balance source
> server first-management-server X.X.X.12:8080 cookie A check
> server second-management-server X.X.X.11:8080 cookie B check
>
> listen cloudstack_systemvm_8250 Y.Y.Y.8:8250
> bind Y.Y.Y.8:8250
> mode tcp
> option tcplog
> balance source
> server first-management-server Y.Y.Y.3:8250 maxconn 32 check
> server second-management-server Y.Y.Y.6:8250 maxconn 32 check
> ====
>
> Can advise what I might have missed out on the configuration?
>
> Looking forward to your reply, thank you.
>
> Cheers.
>
>
> On Thu, Apr 14, 2016 at 1:26 PM, ilya <il...@gmail.com> wrote:
>
>> Indra
>>
>> Both MGMT servers should be accessed via web browser.
>>
>> However in your case, since you did not enable SSL on second server as
>> evident by port 8080, you need to use http header and not https.
>>
>> Try http://second-management-server:8080/client/
>>
>> Also, you can get away with single SSL for both MGMT servers by using
>> "alias" as a Subject Alternate Name when you create Certificate Signing
>> Request.
>>
>> Regards
>> ilya
>>
>> On 4/12/16 10:14 PM, Indra Pramana wrote:
>>> Dear all,
>>>
>>> I have managed to add the second CloudStack management server and add it
>>> into the cluster. Based on the management server logs, we can see that
>> the
>>> second management server is being added. I haven't configured the haproxy
>>> LB yet, however I noted that I am not able to access the second
>> management
>>> server's GUI, is it normal?
>>>
>>> https://second-management-server:8080/client/
>>>
>>> ====
>>> Secure Connection Failed
>>>
>>> An error occurred during a connection to second-management-server:8080.
>> SSL
>>> received a record that exceeded the maximum permissible length. (Error
>>> code: ssl_error_rx_record_too_long)
>>>
>>> The page you are trying to view cannot be shown because the
>>> authenticity of the received data could not be verified.
>>> Please contact the website owners to inform them of this problem.
>>> ====
>>>
>>> Is this due to SSL, i.e. I need to purchase the SSL certificate for this
>>> second management server, similar to the first management server?
>>>
>>> Looking forward to your reply, thank you.
>>>
>>> Cheers.
>>>
>>>
>>> On Mon, Apr 11, 2016 at 10:03 PM, Sanjeev Neelarapu <
>>> sanjeev.neelarapu@accelerite.com> wrote:
>>>
>>>> There is no restriction on which interface to use for LB. Make sure you
>>>> pick the NIC from same network for both the management servers.
>>>>
>>>> Best Regards,
>>>> Sanjeev N
>>>> Chief Product Engineer, Accelerite
>>>> Off: +91 40 6722 9368 | EMail: sanjeev.neelarapu@accelerite.com
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Indra Pramana [mailto:indra@sg.or.id]
>>>> Sent: Monday, April 11, 2016 7:26 PM
>>>> To: users@cloudstack.apache.org
>>>> Subject: Re: Adding a new CloudStack management server
>>>>
>>>> Dear all,
>>>>
>>>> Our management server has two NICs, one internal-facing to the
>> hypervisor
>>>> hosts and another one Internet-facing for our billing system and console
>>>> users to connect to. If we want to add another management server and
>> load
>>>> balance them, does it mean that we need to load balance both the
>>>> internal-facing and the Internet-facing NICs?
>>>>
>>>> Looking forward to your reply, thank you.
>>>>
>>>> Cheers.
>>>>
>>>>
>>>> On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id> wrote:
>>>>
>>>>> Thanks Glenn and Suresh.
>>>>>
>>>>> Cheers.
>>>>>
>>>>>
>>>>> On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu
>>>>> <su...@accelerite.com>
>>>>> wrote:
>>>>>
>>>>>> As Glenn told ,it will work well with haproxy .I found nice blog
>>>>>> from psiclouds ,hope this might be useful to you.
>>>>>>
>>>>>>
>>>>>> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-bala
>>>>>> ncer.html
>>>>>>
>>>>>> regards
>>>>>> Sadhu
>>>>>> Chief Product Engineer, Accelerite
>>>>>> Suresh.sadhu@accelerite.com
>>>>>>
>>>>>>
>>>>>>
>>>>>> -----Original Message-----
>>>>>>
>>>>>> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
>>>>>> Sent: Monday, April 4, 2016 3:09 AM
>>>>>> To: users@cloudstack.apache.org
>>>>>> Subject: RE: Adding a new CloudStack management server
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I would also recommend using a load balancing with Cloudstack if you
>>>>>> want to run multiple management servers HA proxy is the preferred
>>>>>> choice (works very well for us)
>>>>>>
>>>>>> Once you have added the second server you need to change the
>>>>>> management server ip in the global setting (search for host) and also
>>>>>> the management ip in all the cloudstack agents to the new vip ,
>>>>>> restart cloudstack
>>>>>>
>>>>>> I would all suggest setting up two haproxy's one primary and the
>>>>>> other secondary using keepalived for redundancy of your haproxy
>>>>>> servers
>>>>>>
>>>>>> Regards
>>>>>> Glenn
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Glenn Wagner
>>>>>>
>>>>>> glenn.wagner@shapeblue.com
>>>>>> www.shapeblue.com
>>>>>> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
>>>>>> 7130South Africa @shapeblue
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Indra Pramana [mailto:indra@sg.or.id]
>>>>>> Sent: Sunday, 03 April 2016 2:49 PM
>>>>>> To: users@cloudstack.apache.org
>>>>>> Subject: Adding a new CloudStack management server
>>>>>>
>>>>>> Dear all,
>>>>>>
>>>>>> We are running CloudStack 4.2.0 and all this while we are running on
>>>>>> just one management server. We intend to add another new management
>>>>>> server for redundancy. These are parts of the documentation touching
>>>>>> on how to add another new management server:
>>>>>>
>>>>>>
>>>>>> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en
>>>>>> /4.8/management-server/#additional-management-servers
>>>>>>
>>>>>> http://docs.cloudstack.apache.org/en/latest/administration_guide.html
>>>>>> ?highlight=management%20server%20load#management-server-load-balancin
>>>>>> g
>>>>>>
>>>>>> - Can I confirm that for multiple management servers, a load
>>>>>> balancing server or device is compulsory? Can multiple management
>>>>>> servers still work without load balancing and still achieve HA?
>>>>>> - What do people normally use to setup the load balancing for the
>>>>>> management servers? Is a server running haproxy sufficient?
>>>>>> - Once the second management server and the load balancer has been
>>>>>> setup, I believe we would need to change the management IP to the VIP
>>>>>> (virtual IP) of the load balancer, what are the things that need to be
>>>> changed?
>>>>>>
>>>>>> Any help is greatly appreciated.
>>>>>>
>>>>>> Looking forward to your reply, thank you.
>>>>>>
>>>>>> Cheers.
>>>>>>
>>>>>> -ip-
>>>>>>
>>>>>>
>>>>>>
>>>>>> DISCLAIMER
>>>>>> ==========
>>>>>> This e-mail may contain privileged and confidential information which
>>>>>> is the property of Accelerite, a Persistent Systems business. It is
>>>>>> intended only for the use of the individual or entity to which it is
>>>>>> addressed. If you are not the intended recipient, you are not
>>>>>> authorized to read, retain, copy, print, distribute or use this
>>>>>> message. If you have received this communication in error, please
>>>>>> notify the sender and delete all copies of this message. Accelerite,
>>>>>> a Persistent Systems business does not accept any liability for virus
>>>> infected mails.
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> DISCLAIMER
>>>> ==========
>>>> This e-mail may contain privileged and confidential information which is
>>>> the property of Accelerite, a Persistent Systems business. It is
>> intended
>>>> only for the use of the individual or entity to which it is addressed.
>> If
>>>> you are not the intended recipient, you are not authorized to read,
>> retain,
>>>> copy, print, distribute or use this message. If you have received this
>>>> communication in error, please notify the sender and delete all copies
>> of
>>>> this message. Accelerite, a Persistent Systems business does not accept
>> any
>>>> liability for virus infected mails.
>>>>
>>>
>>
>
Re: Adding a new CloudStack management server
Posted by Indra Pramana <in...@sg.or.id>.
Hi ilya and all,
Good day to you, and thank you for your reply.
Yes, I was able to access the second management server using http. To
resolve the problem, I ended up purchasing another SSL certificate for the
second management server, and after converting to PKS12 format and enable
SSL on server.xml and tomcat6.conf, I managed to access the GUI of the
second management server, thanks.
Now the issue is on the haproxy load balancer. Each management server can
be accessed via https without any issue, but accessing it through the
haproxy load balancer gives the same SSL error message. I am running just
one haproxy server at the moment.
https://first-management-server:8080/client/ - OK
https://second-management-server:8080/client/ - OK
https://haproxy-server:8080/client/ - not OK
Below is my haproxy.cfg configuration, I set the configuration based on
blog article Sadhu has provided:
http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-balancer.html
Note that the UI (public facing) and the VM (hypervisor facing) are on
different NICs/networks since we are using private networks for our
hypervisors.
Public network: X.X.X.0/28
Private network: Y.Y.Y.0/24
====
listen cloudstack_ui_8080 X.X.X.7:8080
bind X.X.X.7:8080
mode http
balance source
server first-management-server X.X.X.12:8080 cookie A check
server second-management-server X.X.X.11:8080 cookie B check
listen cloudstack_systemvm_8250 Y.Y.Y.8:8250
bind Y.Y.Y.8:8250
mode tcp
option tcplog
balance source
server first-management-server Y.Y.Y.3:8250 maxconn 32 check
server second-management-server Y.Y.Y.6:8250 maxconn 32 check
====
Can advise what I might have missed out on the configuration?
Looking forward to your reply, thank you.
Cheers.
On Thu, Apr 14, 2016 at 1:26 PM, ilya <il...@gmail.com> wrote:
> Indra
>
> Both MGMT servers should be accessed via web browser.
>
> However in your case, since you did not enable SSL on second server as
> evident by port 8080, you need to use http header and not https.
>
> Try http://second-management-server:8080/client/
>
> Also, you can get away with single SSL for both MGMT servers by using
> "alias" as a Subject Alternate Name when you create Certificate Signing
> Request.
>
> Regards
> ilya
>
> On 4/12/16 10:14 PM, Indra Pramana wrote:
> > Dear all,
> >
> > I have managed to add the second CloudStack management server and add it
> > into the cluster. Based on the management server logs, we can see that
> the
> > second management server is being added. I haven't configured the haproxy
> > LB yet, however I noted that I am not able to access the second
> management
> > server's GUI, is it normal?
> >
> > https://second-management-server:8080/client/
> >
> > ====
> > Secure Connection Failed
> >
> > An error occurred during a connection to second-management-server:8080.
> SSL
> > received a record that exceeded the maximum permissible length. (Error
> > code: ssl_error_rx_record_too_long)
> >
> > The page you are trying to view cannot be shown because the
> > authenticity of the received data could not be verified.
> > Please contact the website owners to inform them of this problem.
> > ====
> >
> > Is this due to SSL, i.e. I need to purchase the SSL certificate for this
> > second management server, similar to the first management server?
> >
> > Looking forward to your reply, thank you.
> >
> > Cheers.
> >
> >
> > On Mon, Apr 11, 2016 at 10:03 PM, Sanjeev Neelarapu <
> > sanjeev.neelarapu@accelerite.com> wrote:
> >
> >> There is no restriction on which interface to use for LB. Make sure you
> >> pick the NIC from same network for both the management servers.
> >>
> >> Best Regards,
> >> Sanjeev N
> >> Chief Product Engineer, Accelerite
> >> Off: +91 40 6722 9368 | EMail: sanjeev.neelarapu@accelerite.com
> >>
> >>
> >> -----Original Message-----
> >> From: Indra Pramana [mailto:indra@sg.or.id]
> >> Sent: Monday, April 11, 2016 7:26 PM
> >> To: users@cloudstack.apache.org
> >> Subject: Re: Adding a new CloudStack management server
> >>
> >> Dear all,
> >>
> >> Our management server has two NICs, one internal-facing to the
> hypervisor
> >> hosts and another one Internet-facing for our billing system and console
> >> users to connect to. If we want to add another management server and
> load
> >> balance them, does it mean that we need to load balance both the
> >> internal-facing and the Internet-facing NICs?
> >>
> >> Looking forward to your reply, thank you.
> >>
> >> Cheers.
> >>
> >>
> >> On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id> wrote:
> >>
> >>> Thanks Glenn and Suresh.
> >>>
> >>> Cheers.
> >>>
> >>>
> >>> On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu
> >>> <su...@accelerite.com>
> >>> wrote:
> >>>
> >>>> As Glenn told ,it will work well with haproxy .I found nice blog
> >>>> from psiclouds ,hope this might be useful to you.
> >>>>
> >>>>
> >>>> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-bala
> >>>> ncer.html
> >>>>
> >>>> regards
> >>>> Sadhu
> >>>> Chief Product Engineer, Accelerite
> >>>> Suresh.sadhu@accelerite.com
> >>>>
> >>>>
> >>>>
> >>>> -----Original Message-----
> >>>>
> >>>> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
> >>>> Sent: Monday, April 4, 2016 3:09 AM
> >>>> To: users@cloudstack.apache.org
> >>>> Subject: RE: Adding a new CloudStack management server
> >>>>
> >>>> Hi,
> >>>>
> >>>> I would also recommend using a load balancing with Cloudstack if you
> >>>> want to run multiple management servers HA proxy is the preferred
> >>>> choice (works very well for us)
> >>>>
> >>>> Once you have added the second server you need to change the
> >>>> management server ip in the global setting (search for host) and also
> >>>> the management ip in all the cloudstack agents to the new vip ,
> >>>> restart cloudstack
> >>>>
> >>>> I would all suggest setting up two haproxy's one primary and the
> >>>> other secondary using keepalived for redundancy of your haproxy
> >>>> servers
> >>>>
> >>>> Regards
> >>>> Glenn
> >>>>
> >>>>
> >>>> Regards,
> >>>>
> >>>> Glenn Wagner
> >>>>
> >>>> glenn.wagner@shapeblue.com
> >>>> www.shapeblue.com
> >>>> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
> >>>> 7130South Africa @shapeblue
> >>>>
> >>>> -----Original Message-----
> >>>> From: Indra Pramana [mailto:indra@sg.or.id]
> >>>> Sent: Sunday, 03 April 2016 2:49 PM
> >>>> To: users@cloudstack.apache.org
> >>>> Subject: Adding a new CloudStack management server
> >>>>
> >>>> Dear all,
> >>>>
> >>>> We are running CloudStack 4.2.0 and all this while we are running on
> >>>> just one management server. We intend to add another new management
> >>>> server for redundancy. These are parts of the documentation touching
> >>>> on how to add another new management server:
> >>>>
> >>>>
> >>>> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en
> >>>> /4.8/management-server/#additional-management-servers
> >>>>
> >>>> http://docs.cloudstack.apache.org/en/latest/administration_guide.html
> >>>> ?highlight=management%20server%20load#management-server-load-balancin
> >>>> g
> >>>>
> >>>> - Can I confirm that for multiple management servers, a load
> >>>> balancing server or device is compulsory? Can multiple management
> >>>> servers still work without load balancing and still achieve HA?
> >>>> - What do people normally use to setup the load balancing for the
> >>>> management servers? Is a server running haproxy sufficient?
> >>>> - Once the second management server and the load balancer has been
> >>>> setup, I believe we would need to change the management IP to the VIP
> >>>> (virtual IP) of the load balancer, what are the things that need to be
> >> changed?
> >>>>
> >>>> Any help is greatly appreciated.
> >>>>
> >>>> Looking forward to your reply, thank you.
> >>>>
> >>>> Cheers.
> >>>>
> >>>> -ip-
> >>>>
> >>>>
> >>>>
> >>>> DISCLAIMER
> >>>> ==========
> >>>> This e-mail may contain privileged and confidential information which
> >>>> is the property of Accelerite, a Persistent Systems business. It is
> >>>> intended only for the use of the individual or entity to which it is
> >>>> addressed. If you are not the intended recipient, you are not
> >>>> authorized to read, retain, copy, print, distribute or use this
> >>>> message. If you have received this communication in error, please
> >>>> notify the sender and delete all copies of this message. Accelerite,
> >>>> a Persistent Systems business does not accept any liability for virus
> >> infected mails.
> >>>>
> >>>
> >>>
> >>
> >>
> >>
> >> DISCLAIMER
> >> ==========
> >> This e-mail may contain privileged and confidential information which is
> >> the property of Accelerite, a Persistent Systems business. It is
> intended
> >> only for the use of the individual or entity to which it is addressed.
> If
> >> you are not the intended recipient, you are not authorized to read,
> retain,
> >> copy, print, distribute or use this message. If you have received this
> >> communication in error, please notify the sender and delete all copies
> of
> >> this message. Accelerite, a Persistent Systems business does not accept
> any
> >> liability for virus infected mails.
> >>
> >
>
Re: Adding a new CloudStack management server
Posted by ilya <il...@gmail.com>.
Indra
Both MGMT servers should be accessed via web browser.
However in your case, since you did not enable SSL on second server as
evident by port 8080, you need to use http header and not https.
Try http://second-management-server:8080/client/
Also, you can get away with single SSL for both MGMT servers by using
"alias" as a Subject Alternate Name when you create Certificate Signing
Request.
Regards
ilya
On 4/12/16 10:14 PM, Indra Pramana wrote:
> Dear all,
>
> I have managed to add the second CloudStack management server and add it
> into the cluster. Based on the management server logs, we can see that the
> second management server is being added. I haven't configured the haproxy
> LB yet, however I noted that I am not able to access the second management
> server's GUI, is it normal?
>
> https://second-management-server:8080/client/
>
> ====
> Secure Connection Failed
>
> An error occurred during a connection to second-management-server:8080. SSL
> received a record that exceeded the maximum permissible length. (Error
> code: ssl_error_rx_record_too_long)
>
> The page you are trying to view cannot be shown because the
> authenticity of the received data could not be verified.
> Please contact the website owners to inform them of this problem.
> ====
>
> Is this due to SSL, i.e. I need to purchase the SSL certificate for this
> second management server, similar to the first management server?
>
> Looking forward to your reply, thank you.
>
> Cheers.
>
>
> On Mon, Apr 11, 2016 at 10:03 PM, Sanjeev Neelarapu <
> sanjeev.neelarapu@accelerite.com> wrote:
>
>> There is no restriction on which interface to use for LB. Make sure you
>> pick the NIC from same network for both the management servers.
>>
>> Best Regards,
>> Sanjeev N
>> Chief Product Engineer, Accelerite
>> Off: +91 40 6722 9368 | EMail: sanjeev.neelarapu@accelerite.com
>>
>>
>> -----Original Message-----
>> From: Indra Pramana [mailto:indra@sg.or.id]
>> Sent: Monday, April 11, 2016 7:26 PM
>> To: users@cloudstack.apache.org
>> Subject: Re: Adding a new CloudStack management server
>>
>> Dear all,
>>
>> Our management server has two NICs, one internal-facing to the hypervisor
>> hosts and another one Internet-facing for our billing system and console
>> users to connect to. If we want to add another management server and load
>> balance them, does it mean that we need to load balance both the
>> internal-facing and the Internet-facing NICs?
>>
>> Looking forward to your reply, thank you.
>>
>> Cheers.
>>
>>
>> On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id> wrote:
>>
>>> Thanks Glenn and Suresh.
>>>
>>> Cheers.
>>>
>>>
>>> On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu
>>> <su...@accelerite.com>
>>> wrote:
>>>
>>>> As Glenn told ,it will work well with haproxy .I found nice blog
>>>> from psiclouds ,hope this might be useful to you.
>>>>
>>>>
>>>> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-bala
>>>> ncer.html
>>>>
>>>> regards
>>>> Sadhu
>>>> Chief Product Engineer, Accelerite
>>>> Suresh.sadhu@accelerite.com
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>>
>>>> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
>>>> Sent: Monday, April 4, 2016 3:09 AM
>>>> To: users@cloudstack.apache.org
>>>> Subject: RE: Adding a new CloudStack management server
>>>>
>>>> Hi,
>>>>
>>>> I would also recommend using a load balancing with Cloudstack if you
>>>> want to run multiple management servers HA proxy is the preferred
>>>> choice (works very well for us)
>>>>
>>>> Once you have added the second server you need to change the
>>>> management server ip in the global setting (search for host) and also
>>>> the management ip in all the cloudstack agents to the new vip ,
>>>> restart cloudstack
>>>>
>>>> I would all suggest setting up two haproxy's one primary and the
>>>> other secondary using keepalived for redundancy of your haproxy
>>>> servers
>>>>
>>>> Regards
>>>> Glenn
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Glenn Wagner
>>>>
>>>> glenn.wagner@shapeblue.com
>>>> www.shapeblue.com
>>>> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
>>>> 7130South Africa @shapeblue
>>>>
>>>> -----Original Message-----
>>>> From: Indra Pramana [mailto:indra@sg.or.id]
>>>> Sent: Sunday, 03 April 2016 2:49 PM
>>>> To: users@cloudstack.apache.org
>>>> Subject: Adding a new CloudStack management server
>>>>
>>>> Dear all,
>>>>
>>>> We are running CloudStack 4.2.0 and all this while we are running on
>>>> just one management server. We intend to add another new management
>>>> server for redundancy. These are parts of the documentation touching
>>>> on how to add another new management server:
>>>>
>>>>
>>>> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en
>>>> /4.8/management-server/#additional-management-servers
>>>>
>>>> http://docs.cloudstack.apache.org/en/latest/administration_guide.html
>>>> ?highlight=management%20server%20load#management-server-load-balancin
>>>> g
>>>>
>>>> - Can I confirm that for multiple management servers, a load
>>>> balancing server or device is compulsory? Can multiple management
>>>> servers still work without load balancing and still achieve HA?
>>>> - What do people normally use to setup the load balancing for the
>>>> management servers? Is a server running haproxy sufficient?
>>>> - Once the second management server and the load balancer has been
>>>> setup, I believe we would need to change the management IP to the VIP
>>>> (virtual IP) of the load balancer, what are the things that need to be
>> changed?
>>>>
>>>> Any help is greatly appreciated.
>>>>
>>>> Looking forward to your reply, thank you.
>>>>
>>>> Cheers.
>>>>
>>>> -ip-
>>>>
>>>>
>>>>
>>>> DISCLAIMER
>>>> ==========
>>>> This e-mail may contain privileged and confidential information which
>>>> is the property of Accelerite, a Persistent Systems business. It is
>>>> intended only for the use of the individual or entity to which it is
>>>> addressed. If you are not the intended recipient, you are not
>>>> authorized to read, retain, copy, print, distribute or use this
>>>> message. If you have received this communication in error, please
>>>> notify the sender and delete all copies of this message. Accelerite,
>>>> a Persistent Systems business does not accept any liability for virus
>> infected mails.
>>>>
>>>
>>>
>>
>>
>>
>> DISCLAIMER
>> ==========
>> This e-mail may contain privileged and confidential information which is
>> the property of Accelerite, a Persistent Systems business. It is intended
>> only for the use of the individual or entity to which it is addressed. If
>> you are not the intended recipient, you are not authorized to read, retain,
>> copy, print, distribute or use this message. If you have received this
>> communication in error, please notify the sender and delete all copies of
>> this message. Accelerite, a Persistent Systems business does not accept any
>> liability for virus infected mails.
>>
>
Re: Adding a new CloudStack management server
Posted by Indra Pramana <in...@sg.or.id>.
Dear all,
I have managed to add the second CloudStack management server and add it
into the cluster. Based on the management server logs, we can see that the
second management server is being added. I haven't configured the haproxy
LB yet, however I noted that I am not able to access the second management
server's GUI, is it normal?
https://second-management-server:8080/client/
====
Secure Connection Failed
An error occurred during a connection to second-management-server:8080. SSL
received a record that exceeded the maximum permissible length. (Error
code: ssl_error_rx_record_too_long)
The page you are trying to view cannot be shown because the
authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
====
Is this due to SSL, i.e. I need to purchase the SSL certificate for this
second management server, similar to the first management server?
Looking forward to your reply, thank you.
Cheers.
On Mon, Apr 11, 2016 at 10:03 PM, Sanjeev Neelarapu <
sanjeev.neelarapu@accelerite.com> wrote:
> There is no restriction on which interface to use for LB. Make sure you
> pick the NIC from same network for both the management servers.
>
> Best Regards,
> Sanjeev N
> Chief Product Engineer, Accelerite
> Off: +91 40 6722 9368 | EMail: sanjeev.neelarapu@accelerite.com
>
>
> -----Original Message-----
> From: Indra Pramana [mailto:indra@sg.or.id]
> Sent: Monday, April 11, 2016 7:26 PM
> To: users@cloudstack.apache.org
> Subject: Re: Adding a new CloudStack management server
>
> Dear all,
>
> Our management server has two NICs, one internal-facing to the hypervisor
> hosts and another one Internet-facing for our billing system and console
> users to connect to. If we want to add another management server and load
> balance them, does it mean that we need to load balance both the
> internal-facing and the Internet-facing NICs?
>
> Looking forward to your reply, thank you.
>
> Cheers.
>
>
> On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id> wrote:
>
> > Thanks Glenn and Suresh.
> >
> > Cheers.
> >
> >
> > On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu
> > <su...@accelerite.com>
> > wrote:
> >
> >> As Glenn told ,it will work well with haproxy .I found nice blog
> >> from psiclouds ,hope this might be useful to you.
> >>
> >>
> >> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-bala
> >> ncer.html
> >>
> >> regards
> >> Sadhu
> >> Chief Product Engineer, Accelerite
> >> Suresh.sadhu@accelerite.com
> >>
> >>
> >>
> >> -----Original Message-----
> >>
> >> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
> >> Sent: Monday, April 4, 2016 3:09 AM
> >> To: users@cloudstack.apache.org
> >> Subject: RE: Adding a new CloudStack management server
> >>
> >> Hi,
> >>
> >> I would also recommend using a load balancing with Cloudstack if you
> >> want to run multiple management servers HA proxy is the preferred
> >> choice (works very well for us)
> >>
> >> Once you have added the second server you need to change the
> >> management server ip in the global setting (search for host) and also
> >> the management ip in all the cloudstack agents to the new vip ,
> >> restart cloudstack
> >>
> >> I would all suggest setting up two haproxy's one primary and the
> >> other secondary using keepalived for redundancy of your haproxy
> >> servers
> >>
> >> Regards
> >> Glenn
> >>
> >>
> >> Regards,
> >>
> >> Glenn Wagner
> >>
> >> glenn.wagner@shapeblue.com
> >> www.shapeblue.com
> >> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
> >> 7130South Africa @shapeblue
> >>
> >> -----Original Message-----
> >> From: Indra Pramana [mailto:indra@sg.or.id]
> >> Sent: Sunday, 03 April 2016 2:49 PM
> >> To: users@cloudstack.apache.org
> >> Subject: Adding a new CloudStack management server
> >>
> >> Dear all,
> >>
> >> We are running CloudStack 4.2.0 and all this while we are running on
> >> just one management server. We intend to add another new management
> >> server for redundancy. These are parts of the documentation touching
> >> on how to add another new management server:
> >>
> >>
> >> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en
> >> /4.8/management-server/#additional-management-servers
> >>
> >> http://docs.cloudstack.apache.org/en/latest/administration_guide.html
> >> ?highlight=management%20server%20load#management-server-load-balancin
> >> g
> >>
> >> - Can I confirm that for multiple management servers, a load
> >> balancing server or device is compulsory? Can multiple management
> >> servers still work without load balancing and still achieve HA?
> >> - What do people normally use to setup the load balancing for the
> >> management servers? Is a server running haproxy sufficient?
> >> - Once the second management server and the load balancer has been
> >> setup, I believe we would need to change the management IP to the VIP
> >> (virtual IP) of the load balancer, what are the things that need to be
> changed?
> >>
> >> Any help is greatly appreciated.
> >>
> >> Looking forward to your reply, thank you.
> >>
> >> Cheers.
> >>
> >> -ip-
> >>
> >>
> >>
> >> DISCLAIMER
> >> ==========
> >> This e-mail may contain privileged and confidential information which
> >> is the property of Accelerite, a Persistent Systems business. It is
> >> intended only for the use of the individual or entity to which it is
> >> addressed. If you are not the intended recipient, you are not
> >> authorized to read, retain, copy, print, distribute or use this
> >> message. If you have received this communication in error, please
> >> notify the sender and delete all copies of this message. Accelerite,
> >> a Persistent Systems business does not accept any liability for virus
> infected mails.
> >>
> >
> >
>
>
>
> DISCLAIMER
> ==========
> This e-mail may contain privileged and confidential information which is
> the property of Accelerite, a Persistent Systems business. It is intended
> only for the use of the individual or entity to which it is addressed. If
> you are not the intended recipient, you are not authorized to read, retain,
> copy, print, distribute or use this message. If you have received this
> communication in error, please notify the sender and delete all copies of
> this message. Accelerite, a Persistent Systems business does not accept any
> liability for virus infected mails.
>
RE: Adding a new CloudStack management server
Posted by Sanjeev Neelarapu <sa...@accelerite.com>.
There is no restriction on which interface to use for LB. Make sure you pick the NIC from same network for both the management servers.
Best Regards,
Sanjeev N
Chief Product Engineer, Accelerite
Off: +91 40 6722 9368 | EMail: sanjeev.neelarapu@accelerite.com
-----Original Message-----
From: Indra Pramana [mailto:indra@sg.or.id]
Sent: Monday, April 11, 2016 7:26 PM
To: users@cloudstack.apache.org
Subject: Re: Adding a new CloudStack management server
Dear all,
Our management server has two NICs, one internal-facing to the hypervisor hosts and another one Internet-facing for our billing system and console users to connect to. If we want to add another management server and load balance them, does it mean that we need to load balance both the internal-facing and the Internet-facing NICs?
Looking forward to your reply, thank you.
Cheers.
On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id> wrote:
> Thanks Glenn and Suresh.
>
> Cheers.
>
>
> On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu
> <su...@accelerite.com>
> wrote:
>
>> As Glenn told ,it will work well with haproxy .I found nice blog
>> from psiclouds ,hope this might be useful to you.
>>
>>
>> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-bala
>> ncer.html
>>
>> regards
>> Sadhu
>> Chief Product Engineer, Accelerite
>> Suresh.sadhu@accelerite.com
>>
>>
>>
>> -----Original Message-----
>>
>> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
>> Sent: Monday, April 4, 2016 3:09 AM
>> To: users@cloudstack.apache.org
>> Subject: RE: Adding a new CloudStack management server
>>
>> Hi,
>>
>> I would also recommend using a load balancing with Cloudstack if you
>> want to run multiple management servers HA proxy is the preferred
>> choice (works very well for us)
>>
>> Once you have added the second server you need to change the
>> management server ip in the global setting (search for host) and also
>> the management ip in all the cloudstack agents to the new vip ,
>> restart cloudstack
>>
>> I would all suggest setting up two haproxy's one primary and the
>> other secondary using keepalived for redundancy of your haproxy
>> servers
>>
>> Regards
>> Glenn
>>
>>
>> Regards,
>>
>> Glenn Wagner
>>
>> glenn.wagner@shapeblue.com
>> www.shapeblue.com
>> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
>> 7130South Africa @shapeblue
>>
>> -----Original Message-----
>> From: Indra Pramana [mailto:indra@sg.or.id]
>> Sent: Sunday, 03 April 2016 2:49 PM
>> To: users@cloudstack.apache.org
>> Subject: Adding a new CloudStack management server
>>
>> Dear all,
>>
>> We are running CloudStack 4.2.0 and all this while we are running on
>> just one management server. We intend to add another new management
>> server for redundancy. These are parts of the documentation touching
>> on how to add another new management server:
>>
>>
>> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en
>> /4.8/management-server/#additional-management-servers
>>
>> http://docs.cloudstack.apache.org/en/latest/administration_guide.html
>> ?highlight=management%20server%20load#management-server-load-balancin
>> g
>>
>> - Can I confirm that for multiple management servers, a load
>> balancing server or device is compulsory? Can multiple management
>> servers still work without load balancing and still achieve HA?
>> - What do people normally use to setup the load balancing for the
>> management servers? Is a server running haproxy sufficient?
>> - Once the second management server and the load balancer has been
>> setup, I believe we would need to change the management IP to the VIP
>> (virtual IP) of the load balancer, what are the things that need to be changed?
>>
>> Any help is greatly appreciated.
>>
>> Looking forward to your reply, thank you.
>>
>> Cheers.
>>
>> -ip-
>>
>>
>>
>> DISCLAIMER
>> ==========
>> This e-mail may contain privileged and confidential information which
>> is the property of Accelerite, a Persistent Systems business. It is
>> intended only for the use of the individual or entity to which it is
>> addressed. If you are not the intended recipient, you are not
>> authorized to read, retain, copy, print, distribute or use this
>> message. If you have received this communication in error, please
>> notify the sender and delete all copies of this message. Accelerite,
>> a Persistent Systems business does not accept any liability for virus infected mails.
>>
>
>
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Accelerite, a Persistent Systems business. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Accelerite, a Persistent Systems business does not accept any liability for virus infected mails.
Re: Adding a new CloudStack management server
Posted by Indra Pramana <in...@sg.or.id>.
Dear all,
Our management server has two NICs, one internal-facing to the hypervisor
hosts and another one Internet-facing for our billing system and console
users to connect to. If we want to add another management server and load
balance them, does it mean that we need to load balance both the
internal-facing and the Internet-facing NICs?
Looking forward to your reply, thank you.
Cheers.
On Wed, Apr 6, 2016 at 12:30 PM, Indra Pramana <in...@sg.or.id> wrote:
> Thanks Glenn and Suresh.
>
> Cheers.
>
>
> On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu <su...@accelerite.com>
> wrote:
>
>> As Glenn told ,it will work well with haproxy .I found nice blog from
>> psiclouds ,hope this might be useful to you.
>>
>>
>> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-balancer.html
>>
>> regards
>> Sadhu
>> Chief Product Engineer, Accelerite
>> Suresh.sadhu@accelerite.com
>>
>>
>>
>> -----Original Message-----
>>
>> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
>> Sent: Monday, April 4, 2016 3:09 AM
>> To: users@cloudstack.apache.org
>> Subject: RE: Adding a new CloudStack management server
>>
>> Hi,
>>
>> I would also recommend using a load balancing with Cloudstack if you want
>> to run multiple management servers HA proxy is the preferred choice (works
>> very well for us)
>>
>> Once you have added the second server you need to change the management
>> server ip in the global setting (search for host) and also the management
>> ip in all the cloudstack agents to the new vip , restart cloudstack
>>
>> I would all suggest setting up two haproxy's one primary and the other
>> secondary using keepalived for redundancy of your haproxy servers
>>
>> Regards
>> Glenn
>>
>>
>> Regards,
>>
>> Glenn Wagner
>>
>> glenn.wagner@shapeblue.com
>> www.shapeblue.com
>> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
>> 7130South Africa @shapeblue
>>
>> -----Original Message-----
>> From: Indra Pramana [mailto:indra@sg.or.id]
>> Sent: Sunday, 03 April 2016 2:49 PM
>> To: users@cloudstack.apache.org
>> Subject: Adding a new CloudStack management server
>>
>> Dear all,
>>
>> We are running CloudStack 4.2.0 and all this while we are running on just
>> one management server. We intend to add another new management server for
>> redundancy. These are parts of the documentation touching on how to add
>> another new management server:
>>
>>
>> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.8/management-server/#additional-management-servers
>>
>> http://docs.cloudstack.apache.org/en/latest/administration_guide.html?highlight=management%20server%20load#management-server-load-balancing
>>
>> - Can I confirm that for multiple management servers, a load balancing
>> server or device is compulsory? Can multiple management servers still work
>> without load balancing and still achieve HA?
>> - What do people normally use to setup the load balancing for the
>> management servers? Is a server running haproxy sufficient?
>> - Once the second management server and the load balancer has been setup,
>> I believe we would need to change the management IP to the VIP (virtual IP)
>> of the load balancer, what are the things that need to be changed?
>>
>> Any help is greatly appreciated.
>>
>> Looking forward to your reply, thank you.
>>
>> Cheers.
>>
>> -ip-
>>
>>
>>
>> DISCLAIMER
>> ==========
>> This e-mail may contain privileged and confidential information which is
>> the property of Accelerite, a Persistent Systems business. It is intended
>> only for the use of the individual or entity to which it is addressed. If
>> you are not the intended recipient, you are not authorized to read, retain,
>> copy, print, distribute or use this message. If you have received this
>> communication in error, please notify the sender and delete all copies of
>> this message. Accelerite, a Persistent Systems business does not accept any
>> liability for virus infected mails.
>>
>
>
Re: Adding a new CloudStack management server
Posted by Indra Pramana <in...@sg.or.id>.
Thanks Glenn and Suresh.
Cheers.
On Mon, Apr 4, 2016 at 1:01 PM, Suresh Sadhu <su...@accelerite.com>
wrote:
> As Glenn told ,it will work well with haproxy .I found nice blog from
> psiclouds ,hope this might be useful to you.
>
>
> http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-balancer.html
>
> regards
> Sadhu
> Chief Product Engineer, Accelerite
> Suresh.sadhu@accelerite.com
>
>
>
> -----Original Message-----
>
> From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
> Sent: Monday, April 4, 2016 3:09 AM
> To: users@cloudstack.apache.org
> Subject: RE: Adding a new CloudStack management server
>
> Hi,
>
> I would also recommend using a load balancing with Cloudstack if you want
> to run multiple management servers HA proxy is the preferred choice (works
> very well for us)
>
> Once you have added the second server you need to change the management
> server ip in the global setting (search for host) and also the management
> ip in all the cloudstack agents to the new vip , restart cloudstack
>
> I would all suggest setting up two haproxy's one primary and the other
> secondary using keepalived for redundancy of your haproxy servers
>
> Regards
> Glenn
>
>
> Regards,
>
> Glenn Wagner
>
> glenn.wagner@shapeblue.com
> www.shapeblue.com
> 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town
> 7130South Africa @shapeblue
>
> -----Original Message-----
> From: Indra Pramana [mailto:indra@sg.or.id]
> Sent: Sunday, 03 April 2016 2:49 PM
> To: users@cloudstack.apache.org
> Subject: Adding a new CloudStack management server
>
> Dear all,
>
> We are running CloudStack 4.2.0 and all this while we are running on just
> one management server. We intend to add another new management server for
> redundancy. These are parts of the documentation touching on how to add
> another new management server:
>
>
> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.8/management-server/#additional-management-servers
>
> http://docs.cloudstack.apache.org/en/latest/administration_guide.html?highlight=management%20server%20load#management-server-load-balancing
>
> - Can I confirm that for multiple management servers, a load balancing
> server or device is compulsory? Can multiple management servers still work
> without load balancing and still achieve HA?
> - What do people normally use to setup the load balancing for the
> management servers? Is a server running haproxy sufficient?
> - Once the second management server and the load balancer has been setup,
> I believe we would need to change the management IP to the VIP (virtual IP)
> of the load balancer, what are the things that need to be changed?
>
> Any help is greatly appreciated.
>
> Looking forward to your reply, thank you.
>
> Cheers.
>
> -ip-
>
>
>
> DISCLAIMER
> ==========
> This e-mail may contain privileged and confidential information which is
> the property of Accelerite, a Persistent Systems business. It is intended
> only for the use of the individual or entity to which it is addressed. If
> you are not the intended recipient, you are not authorized to read, retain,
> copy, print, distribute or use this message. If you have received this
> communication in error, please notify the sender and delete all copies of
> this message. Accelerite, a Persistent Systems business does not accept any
> liability for virus infected mails.
>
RE: Adding a new CloudStack management server
Posted by Suresh Sadhu <su...@accelerite.com>.
As Glenn told ,it will work well with haproxy .I found nice blog from psiclouds ,hope this might be useful to you.
http://psiclouds.blogspot.in/2015/03/haproxy-configuring-ha-load-balancer.html
regards
Sadhu
Chief Product Engineer, Accelerite
Suresh.sadhu@accelerite.com
-----Original Message-----
From: Glenn Wagner [mailto:glenn.wagner@shapeblue.com]
Sent: Monday, April 4, 2016 3:09 AM
To: users@cloudstack.apache.org
Subject: RE: Adding a new CloudStack management server
Hi,
I would also recommend using a load balancing with Cloudstack if you want to run multiple management servers HA proxy is the preferred choice (works very well for us)
Once you have added the second server you need to change the management server ip in the global setting (search for host) and also the management ip in all the cloudstack agents to the new vip , restart cloudstack
I would all suggest setting up two haproxy's one primary and the other secondary using keepalived for redundancy of your haproxy servers
Regards
Glenn
Regards,
Glenn Wagner
glenn.wagner@shapeblue.com
www.shapeblue.com
2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town 7130South Africa @shapeblue
-----Original Message-----
From: Indra Pramana [mailto:indra@sg.or.id]
Sent: Sunday, 03 April 2016 2:49 PM
To: users@cloudstack.apache.org
Subject: Adding a new CloudStack management server
Dear all,
We are running CloudStack 4.2.0 and all this while we are running on just one management server. We intend to add another new management server for redundancy. These are parts of the documentation touching on how to add another new management server:
http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.8/management-server/#additional-management-servers
http://docs.cloudstack.apache.org/en/latest/administration_guide.html?highlight=management%20server%20load#management-server-load-balancing
- Can I confirm that for multiple management servers, a load balancing server or device is compulsory? Can multiple management servers still work without load balancing and still achieve HA?
- What do people normally use to setup the load balancing for the management servers? Is a server running haproxy sufficient?
- Once the second management server and the load balancer has been setup, I believe we would need to change the management IP to the VIP (virtual IP) of the load balancer, what are the things that need to be changed?
Any help is greatly appreciated.
Looking forward to your reply, thank you.
Cheers.
-ip-
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Accelerite, a Persistent Systems business. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Accelerite, a Persistent Systems business does not accept any liability for virus infected mails.
RE: Adding a new CloudStack management server
Posted by Glenn Wagner <gl...@shapeblue.com>.
Hi,
I would also recommend using a load balancing with Cloudstack if you want to run multiple management servers
HA proxy is the preferred choice (works very well for us)
Once you have added the second server you need to change the management server ip in the global setting (search for host) and also the management ip in all the cloudstack agents to the new vip , restart cloudstack
I would all suggest setting up two haproxy's one primary and the other secondary using keepalived for redundancy of your haproxy servers
Regards
Glenn
Regards,
Glenn Wagner
glenn.wagner@shapeblue.com
www.shapeblue.com
2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town 7130South Africa
@shapeblue
-----Original Message-----
From: Indra Pramana [mailto:indra@sg.or.id]
Sent: Sunday, 03 April 2016 2:49 PM
To: users@cloudstack.apache.org
Subject: Adding a new CloudStack management server
Dear all,
We are running CloudStack 4.2.0 and all this while we are running on just one management server. We intend to add another new management server for redundancy. These are parts of the documentation touching on how to add another new management server:
http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.8/management-server/#additional-management-servers
http://docs.cloudstack.apache.org/en/latest/administration_guide.html?highlight=management%20server%20load#management-server-load-balancing
- Can I confirm that for multiple management servers, a load balancing server or device is compulsory? Can multiple management servers still work without load balancing and still achieve HA?
- What do people normally use to setup the load balancing for the management servers? Is a server running haproxy sufficient?
- Once the second management server and the load balancer has been setup, I believe we would need to change the management IP to the VIP (virtual IP) of the load balancer, what are the things that need to be changed?
Any help is greatly appreciated.
Looking forward to your reply, thank you.
Cheers.
-ip-