Hi Andrija,
We use your second option – “create a LB (single public IP and thus single DNS
A entry), BUT do loadbalancing on top of 1000 backend public IPs”.
This depends on which load balancer you use and what functions this has
available – but in our case, we simple set up the full public range as possible
load balancer targets, with health checks that simply determine which IP
addresses actually host a CPVM.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 10/05/2018, 22:48, "Andrija Panic" <andrija.pa...@gmail.com> wrote:
Hi Rohit,
thx a lot for sharing that - here, if I understand correctly, you relly on
the static IP (range) for the systemVM (4.11) - right - and then use LB on
top of that...
But any viable solution for pre-4.11 releases, where CPVM can get any of
the public IPs - LB is possible but even worse than DNS wildcard (because
infinite backends / proxy targets) since we have bunch of possible public
IP that systemVM can get...
Thx again
Andrija
dag.sonst...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 9 May 2018 at 18:45, Rohit Yadav <rohit.ya...@shapeblue.com> wrote:
> Hi Andrija,
>
>
> I'm running a small CI/homelab where I've solved the console proxy access
> using `consoleproxy.url.domain` global setting to fill in a non-wildcard
> domain like lab.yadav.cloud.
>
>
> Next, on the server I use apache2 which can be thought as some LB, as it
> proxies the request on: /aa
>
>
> ProxyPass /ajax http://<console proxy ip:port>/ajax
> ProxyPassReverse /ajax http://<console<http://%3Cconsole/> proxy
> ip:port>/ajax
>
> ProxyPass /ajaximg http://<console<http://%3Cconsole/> proxy
> ip:port>/ajaximg
> ProxyPassReverse /ajaximg http://<console<http://%3Cconsole/>
> proxy ip:port>/ajaximg
>
> ProxyPass /resource http://<console<http://%3Cconsole/> proxy
> ip:port>/resource
> ProxyPassReverse /resource http://<console<http://%3Cconsole/>
> proxy ip:port>/resource
>
> For any guest VM, I get to access the console proxy via the same domain as
> the mgmt server which proxies to the CPVM IP. In 4.11 there is also a new
> option to dedicate a public IP (range) to systemvms in a way could be
> useful to fix public IP - dns mapping.
>
>
> For this to work, on 4.11 I made this change:
>
> https://github.com/apache/cloudstack/commit/392f62dae0f59b3b00437d61ab8cee
> 0ebfb9e60a
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Andrija Panic <andrija.pa...@gmail.com>
> Sent: Sunday, May 6, 2018 4:10:24 AM
> To: users
> Subject: Anyone using LB to solve Console Proxy DNS..
>
> Hi,
>
> instead of using DNS A records in form x-y-w-z.domain.com --> x.y.w.zz,
> there is another way as stated in CWIKI to fix an IP/A record in DNS that
> will point to single public IP of the LB, and this LB should do
> loadbalancing across all public IPs that could be potentially assigned to
> CPVM... or something like that..
>
> Anyone using it, and care to share LB setup - specifically I would like to
> know if I understand the requirement above ^^^ - to do LB on top of many
> public IPS..
>
> Example:
> I have more than 1000 public IPs and CPVM can in theory get ANY of these
> 1000 IPs, so here solution is to either:
>
> - create 1000 DNS A records in from x-y-w-z.domain.com and access CPVM by
> some of those 1000 A records..
> - create a LB (single public IP and thus single DNS A entry), BUT do
> loadbalancing on top of 1000 backend public IPs...
>
> Not sure which solution is worse to be honest, but I currently use the
> first one :) on a dedicated domain for Console Proxy... although when CPVM
> is destroyed, the same public IP is usually recycled, so it mostly keeps
> the same always...
>
> Thx for any opinions.
>
> --
>
> Andrija Panić
>
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
--
Andrija Panić
