6. Setting up a dual node Sun X2100 HA load balancing cluster with Apache 2 and BalanceNG

We all know that Solaris is nowadays more or less history. Nevertheless, this example shows a basic and important principle and core idea that can be easily adapted to all other operating systems: Running two machines that have two physical connections, one for load balancing with BalanceNG and the other for the actual service form a two-node cluster load-balancing to itself.

The Network Setup

Both X2100 are connected to a switch twice, where the bge0 interface is configured as usual and the nge0 interface is being used exclusively by BalanceNG in DSR Direct Server Return) mode.

The network schematic view is as follows:

Example dual X2100 setup on an Ethernet switch

Preparing Apache2 on both Nodes

The following steps enable the Solaris 10 Apache2:

# cd /etc/apache2
# cp httpd-std.conf httpd.conf
# vi httpd.conf # (uncommenting the "Group nogroup" line)
# svcadm enable svc:/network/http:apache2

Installation of BalanceNG

BalanceNG comes as a platform independent package for Solaris, the installation steps are as follows:

# gunzip BalanceNG-4.xxx-Solaris-pkg.gz
# pkgadd -d BalanceNG-4.xxx-Solaris-pkg

The following packages are available:
  1  BalanceNG     BalanceNG - Software IP Load Balancer
                   (i386+SPARC) 4.xxx

Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:

Note: Install BalanceNG with “pkgadd -G” to the global zone only if there are any Solaris 10 non-global zones active.

The following question has to be answered with “yes” as follows:

This package contains scripts which will be executed with super-user
permission during the process of installing this package.

Do you want to continue with the installation of  [y,n,?] y

Create the Loopback Aliases for Direct Server Return

Create on both nodes the file /etc/hostname.lo0:1 containing the virtual server IP address (172.17.2.64 in this example) with the following contents:

172.17.2.64/32

Please verify that there are no specific netmask setting in /etc/netmasks.

After a reboot the loopback alias is set as follows (verified by ifconfig):

$ ifconfig lo0:1
lo0:1: flags=2001000849  mtu 8232 index 1 inet 172.17.2.64 netmask ffffffff 

BalanceNG Licensing

The nodeid of the BalanceNG host can be retrieved that way:

# bng start
BalanceNG: starting up ...
# bng control
BalanceNG: connected to PID 14598
bng# show nodeid
 11:22:33:44:55:66
bng# ... bye
#

The license is activated by the “license” configuration command:

# bng control
BalanceNG: connected to PID 14598
bng# license TEST0611021 972bd16262ab0ae4cd2627f1203166d8
bng#

The licensing can be verified as follows:

# bng control
BalanceNG: connected to PID 14598
bng# show license
 status: valid full license
 serial: TEST0611021
 nodeid: 11:22:33:44:55:66
 type "show version" for version and Copyright information
bng#

The Configuration Files

Node A

//        configuration taken ...
//        BalanceNG ...
hostname  NodeA
set       localdsr 1
interface nge0
vrrp      {
          vrid 14
          priority 201
          network 1
}
network 1 {
          addr 172.17.2.0
          mask 255.255.255.0
          real 172.17.2.61
          interface nge0
}
register  network 1
enable    network 1
server    1 {
          ipaddr 172.17.2.64
          port 80
          protocol tcp
          method session
          targets 1,2
}
register  server 1
enable    server 1
target    1 {
          ipaddr 172.17.2.90
          port 80
          protocol tcp
          ping 3,10
          tcpopen 80,3,10
          dsr enable
}
target    2 {
          ipaddr 172.17.2.91
          port 80
          protocol tcp
          ping 3,10
          tcpopen 80,3,10
          dsr enable
}
register  targets 1,2
enable    targets 1,2
//        end of configuration

Node B

//        configuration taken ...
//        BalanceNG ...
hostname  NodeB
set       localdsr 1
interface nge0
vrrp      {
          vrid 14
          priority 200
          network 1
}
network 1 {
          addr 172.17.2.0
          mask 255.255.255.0
          real 172.17.2.62
          interface nge0
}
register  network 1
enable    network 1
server    1 {
          ipaddr 172.17.2.64
          port 80
          protocol tcp
          method session
          targets 1,2
}
register  server 1
enable    server 1
target    1 {
          ipaddr 172.17.2.90
          port 80
          protocol tcp
          ping 3,10
          tcpopen 80,3,10
          dsr enable
}
target    2 {
          ipaddr 172.17.2.91
          port 80
          protocol tcp
          ping 3,10
          tcpopen 80,3,10
          dsr enable
}
register  targets 1,2
enable    targets 1,2
//        end of configuration

Testing

After having started both BalanceNG nodes the following tests should succeed:

  • “bng status” should show “running” on both nodes,
  • “show license” in BalanceNG interactive mode (“bng control”) should display a valid licensing,
  • “show log” should display no errors or warnings,
  • “show vrrp” reveals which node is the VRRP master,
  • “show targets” should display both targets as “operational”,
  • connecting to port 80 on the server 1 virtual IP address (172.17.2.64) should succeed (initiated from a testing client in the same network),
  • “show sessions” should display the session created by connecting to the virtual server.