setting up Load Balancer on Oracle Cloud Infrastructure

Goal

The goal of this blog is to setup a high availability architecture on Oracle cloud infrastructure by using OCI Load Balancer that constantly monitors servers in different availability domains once the server in one AD goes down it automatically starts picking App from a different AD, traditionally this is very important that one of the centers might have power failure or a natural calamity and you want your servers from other region to start taking load, here is how you do it on Oracle cloud

Architecture Diagram

Setting 2 Oracle Linux Machines as HTTP Servers in 2 different Availability Domains

Create or Re-use Existing Compartment

Create a new Virtual Cloud Network , with default setup by selecting 2nd radio button, we will name this VCN as BlrLoadBalancerVCN

Click on Create Virtual Cloud Network

Create Oracle Linux Instance 1 in Availability Domain 1

from the list of Available VMs we will select OEL 7.4 Shape VM Standard 1.1   

we will name this machine as webserver1

Create Oracle Linux Instance 2 in Availability Domain 2

we will name this machine as webserver2

So now we have 2 machines running under 1 VCN, now its time to do some house keeping work on these machines

Connect with Putty, Update , Install HTTPD Server and Open port 80

Use Private Key, Public IP and opc as user to login

[opc@webserver1 ~]$ sudo yum -y update
Loaded plugins: langpacks, ulninfo
ksplice-uptrack                                          |  951 B     00:00
ol7_UEKR4                                                | 1.2 kB     00:00
ol7_addons                                               | 1.2 kB     00:00
ol7_developer                                            | 1.2 kB     00:00
ol7_developer_EPEL                                       | 1.2 kB     00:00 
..... 
Updated:
  cloud-init.x86_64 0:0.7.9-9.el7_4.6                   dhclient.x86_64 12:4.2.5-58.0.1.el7_4.3
  dhcp-common.x86_64 12:4.2.5-58.0.1.el7_4.3            dhcp-libs.x86_64 12:4.2.5-58.0.1.el7_4.3
  iptables.x86_64 0:1.4.21-18.3.el7_4                   kernel-tools.x86_64 0:3.10.0-693.21.1.el7  

Complete!
  
[opc@webserver1 ~]$ sudo yum -y install httpd
Loaded plugins: langpacks, ulninfo
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-67.0.1.el7_4.6 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-67.0.1.el7_4.6 for package: httpd-2.4.6-67.0.1.el7_4.6.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-67.0.1.el7_4.6.x86_64

Dependencies Resolved

=======================================================================================================================
 Package                    Arch                  Version                              Repository                 Size
=======================================================================================================================
Installing:
 httpd                      x86_64                2.4.6-67.0.1.el7_4.6                 ol7_latest                1.2 M
Installing for dependencies:
 apr                        x86_64                1.4.8-3.el7_4.1                      ol7_latest                103 k

Transaction Summary
=======================================================================================================================
Install  1 Package (+4 Dependent packages)

Total download size: 1.5 M
Installed size: 4.3 M
Downloading packages:
(1/5): apr-1.4.8-3.el7_4.1.x86_64.rpm                                                           | 103 kB  00:00:00
(2/5): apr-util-1.5.2-6.0.1.el7.x86_64.rpm                                                      |  91 kB  00:00:00
(3/5): httpd-tools-2.4.6-67.0.1.el7_4.6.x86_64.rpm                                              |  87 kB  00:00:00
(4/5): mailcap-2.1.41-2.el7.noarch.rpm                                                          |  30 kB  00:00:00
(5/5): httpd-2.4.6-67.0.1.el7_4.6.x86_64.rpm                                                    | 1.2 MB  00:00:00
-----------------------------------------------------------------------------------------------------------------------
Total                                                                                  7.5 MB/s | 1.5 MB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : apr-1.4.8-3.el7_4.1.x86_64                                                                          1/5
  Installing : apr-util-1.5.2-6.0.1.el7.x86_64                                                                     2/5
  Installing : httpd-tools-2.4.6-67.0.1.el7_4.6.x86_64                                                             3/5
  Installing : mailcap-2.1.41-2.el7.noarch                                                                         4/5
  Installing : httpd-2.4.6-67.0.1.el7_4.6.x86_64                                                                   5/5
  Verifying  : httpd-tools-2.4.6-67.0.1.el7_4.6.x86_64                                                             1/5
  Verifying  : apr-util-1.5.2-6.0.1.el7.x86_64                                                                     2/5
  Verifying  : mailcap-2.1.41-2.el7.noarch                                                                         3/5
  Verifying  : httpd-2.4.6-67.0.1.el7_4.6.x86_64                                                                   4/5
  Verifying  : apr-1.4.8-3.el7_4.1.x86_64                                                                          5/5

Installed:
  httpd.x86_64 0:2.4.6-67.0.1.el7_4.6

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7_4.1      apr-util.x86_64 0:1.5.2-6.0.1.el7     httpd-tools.x86_64 0:2.4.6-67.0.1.el7_4.6
  mailcap.noarch 0:2.1.41-2.el7
Complete!
[opc@webserver1 ~]$ sudo firewall-cmd --permanent --add-port=80/tcp
success
[opc@webserver1 ~]$ sudo firewall-cmd --reload
success 
[opc@webserver1 ~]$ sudo su 
[opc@webserver1 ~]$ sudo systemctl start httpd
[root@webserver1 opc]# echo 'This is webserver 1' >>/var/www/html/index.html
[root@webserver1 opc]# echo 'This is webserver 2' >>/var/www/html/index.html 

This should now run a http server at port 80 with index.html on public IP address as we have opened that port

Create a new Security List

We will name our Security List as LB Security List and remove all rules , we will add them later

Create Route Table

We will name our route table as LB Route Table

Create Subnets

If you look at the architecture there are 2 subnets under each availability domain , we will create both of them

Create LB Subnet 1 under LB Security List

Create LB Subnet 2 under LB Security List

this is how the Subnets will look like , we can ignore the default subnets that have been already created.

Create 100 MBPS Elastic Load Balancer and attach the 2 Subnets  

We will create a new Load Balancer Blr_ElasticLoadBalancer and attach LB Subnet 1 and LB Subnet 2 over it

Setup Round Robin on the load Balancer by creating Backend Sets

We can name this Load Balancer Backend as Blr_ELB_Backend 

Click on Edit Backend Sets 

MOST Important : Copy the OCID from the 2 VMs that we had created earlier webserver1 and webserver2

 

Setup a Listener on Port 80

We can name the Listener as LB Listener

So , the listener will listen to the machines running in 2 ADs and monitor health check , if one of the machine is down then it will not be included in the round robin access of machines

and also Listener LB Listener is tied to Load Balancer Backend Blr_ELB_Backend

Setup Security List

Click on Edit All rules, we will get Option to setup Ingress and Egress rules

Ingress rule will have CIDR 0.0.0.0/0 TCP Port 80

Egress rule will have CIDR 10.0.0.0/24 TCP Port 80 and 10.0.1.0/24 TCP Port 80

Save the rules

Reality check of High Availability

Copy the Public IP address of Load Balancer and type it on the Browser bar 

http://loadbalancerip:80/ this should point to webserver1 , once the page is refreshed this should point to next server webserver2

Conclusion : We are able to setup 2 http webservers on oracle linux machines , each of them in separate availability zone , this was under a load balancer which had a listener that would periodically monitor the health of servers running, when one goes down the other will be automatically available , there by ensuring business continuity with highly available architecture ,

check this URL and refresh page , http://129.213.73.91/ 

Author : Madhusudhan Rao