Traefik Load Balancing
Describes how to use the Traefik load balancer to distribute the Object Store load across multiple MOSS servers in a release 7.0.0 or later Data Fabric cluster.
Use the following steps to install and configure the Traefik binary:
- Install Traefik on a non-cluster node. You can access the binary from the Traefik website.
- Download the tar file, and extract it to a well-known
location:
tar -xvzf traefik_v2.7.1_linux_386.tar.gz
- Specify the Traefik configuration for the type of request (http or https) that you plan
to use. Traefik supports both static and dynamic configurations, and you must configure
both. For more information about static and dynamic configurations, see Traefik Configuration Introduction.
- Specify the Traefik configuration in the
/etc/traefik/traefik.yml
file. For example:entryPoints: web: address: ":80" api: dashboard: true insecure: true log: filePath: "/etc/traefik/traefik.log" level: debug providers: file: filename: "/etc/traefik/router.yml"
- Specify the router configuration in the
/etc/traefik/router.yml
file. Therouter.yml
file identifies the MOSS service and load balancer server details:# cat /etc/traefik/router.yml http: routers: moss-router: entryPoints: - "web" rule: PathPrefix("/") service: moss-service services: moss-service: loadBalancer: servers: - url: "http://m2-hux6k-34-n2.mip.storage.hpecorp.net:9000" - url : http://m2-hux6k-34-n4.mip.storage.hpecorp.net:9000
- Specify the static and dynamic configuration files as shown in the following
example.
For https requests, you must copy the
chain-ca.pem
file from the MOSS server to the Traefik client node and include the path for the config parameter in the static configuration file, as shown in theserversTransport section
:- Example of Static Configuration
File
/etc/traefik/traefik.yml: ============================ entryPoints: web: address: ":80" websecure: address: ":443" api: dashboard: true insecure: true log: filePath: "/etc/traefik/traefik.log" level: debug providers: file: directory: "/root/traefik/dynamic/" watch: true serversTransport: rootCAs: - /root/traefik/chain-ca.pem
- Example of Dynamic Configuration FilesFor https, two dynamic configuration files are required. Create a directory for these files, and place both files in the directory. For example:
# ls -rlth dynamic/ total 8.0K -rw-r--r-- 1 root root 390 Jun 26 23:57 router.yml -rw-r--r-- 1 root root 270 Jun 27 02:04 certificates.yaml
- Example of Static Configuration
File
- Specify the router configuration in the
/etc/traefik/router.yml
file. For example:dynamic/router.yml http: routers: moss-router: entryPoints: - "websecure" rule: PathPrefix("/") service: moss-service tls: true services: moss-service: loadBalancer: servers: - url: "https://m2-hux6k-34-n2.mip.storage.hpecorp.net:9000" - url : "https://m2-hux6k-34-n4.mip.storage.hpecorp.net:9000"
- Specify the certificates file:
dynamic/certificates.yaml =========================== tls: certificates: - certFile: /root/traefik/public.crt keyFile: /root/traefik/private.key stores: - default stores: default: defaultCertificate: certFile: /root/traefik/public.crt keyFile: /root/traefik/private.key
- Specify the Traefik configuration in the
- Start the Traefik binary:
./traefik
- Check the
/etc/traefik/traefik.log
to make sure there are no errors in loading the static or dynamic configuration files. - Send an http or https request to the MOSS server using the load balancer server in the
URL, and verify that the load is distributed across the specified nodes. For example:
import boto3 try: s3 = boto3.client('s3',endpoint_url='http:/<loadbalancer_serverhostname>:80', aws_access_key_id='<access_key>', aws_secret_access_key='<secret_key>', region_name='us-east-1', use_ssl=False, verify=False) resp = s3.put_object( Body = 'test putobject with loadbalancer', Bucket = 'bucket1', Key ='test_demo.txt' ) print(resp) except ClientError as e: print(e.response)
import boto3 try: boto3.setup_default_session(region_name='us-east-1') s3 = boto3.client('s3',endpoint_url='https://<loadbalancer_servername>:443/', aws_access_key_id='<access_key>', aws_secret_access_key='<secret_key>', region_name='us-east-1', use_ssl=True, verify="/root/traefik/chain-ca.pem") resp = s3.put_object( Body = 'test putobject with loadbalancer', Bucket = 'bucket2', Key ='secureobj4.txt' ) print(resp)