Best practices EC2 setup

Back

This document describes the settings of LBL ADCs in EC environments2 (Amazon AWS).

The document is intended to be a reference to best utilize the functionality of the Elastic IP in geographical environments in high reliability and to support the auto scaling of application components.

Prerequisites

The installation of the modules LBL ADC in EC Environment2 is facilitated by the use of the images Amazon available as template Amazon Machine Images (AMI).

The systems to choose from can be both of derivation CentOS is lead Ubuntu.

Depending on the functionality EC2 that you are going to use the Virtual Appliance LBL ADC should have appropriate qualifications to successfully perform the Apis of management.

In general LBL ADC will use the following APIS:

EC2 Elastic IP

Ec2-assign-private-IP-addresses

Ec2-associated-address

Ec2-unassign private–IP-addresses

EC2 Auto Scaling 

Ec2 describe-instances

EC2 Installation Diagram

The diagram of the installation is summarized below and provides in this configuration two LBL ADC with an address Elastic IP that will be managed by LBL ADC. Before starting the installation make sure that you have all the elements and prepare a scheme similar to that proposed with IP addresses and identifiers EC2 for cards and for the instances.

LBL ADC installation and update

РEnter as the root user on the virtual appliance in the Amazon EC2

– Verify that the system has access to the Internet in order to be able to perform the download

– A positioning in the root directory

# Cd /

РCreate the directory /share and modify  permissions

# Mkdir /share

# Chmod 777 /share

 

РUpload in the directory /share of virtual appliance packages taken from www.oplon.net:

List packages:

-- Jdk-8u66-Linux-x64.tar.gz

-- The jce_policy-8.zip

-- LBLLoadBalancer_aai_009_00y_00x.zip

-- LBLLoadBalancer_datawarehouse_009_00y_00x.zip

-- LBLManagementConsole_aai_009_00y_00x.zip

-- LBLSetup_aai_009_00y_00x.zip

-- LBL_INSTALL_UPDATE_FROM_009001000_TO_00900y00x.sh

 

РNavigate to /share and run as root (sudo -s):

# Sh LBL_INSTALL_UPDATE_FROM_009001000_TO_00900y00x.sh

– The system update will require you to run the backup before proceeding with the update if there is a setup preexisting LBL

РIf present the file jce_policy-8.zip, the updater will ask you to confirm the installation JCE Stength Unlimited jurisdiction

–¬†Attention:¬†If before installation, to the request to update the operating system is required to respond with y (yes) to adapt the operating system available from Amazon

– Once you have finished the installation or upgrade set or check the address management and if the login and password administrative and delegated are set. If presets you will notice 3 stars *** in password fields

РAt the end of the updating exit from the graphical interface (logout) and fall to regain the full use of the start of the tools through icons.

РMake sure that the daemon LBL has been inserted in the programs to be run at departure. If it had not been inserted in the programs to be run at startup the program /etc/init.d/S96LBLVirtualApplianceStarter has already been set by the shell installation and then it is sufficient to perform

# Runlevel

N 3

# Cd /etc/rc3.d

# Ln -s ../init.d/S96LBLVirtualApplianceStarter S96LBLVirtualApplianceStarter

# Reboot

 

LBL ADC & EC2 Elastic IP

To enable functionality LBL ADC & EC2 Elastic IP from root go in lblhome and in legacy directory bin change the normal operation network with the management EC2 Elastic IP.

# Lblhome

# Pwd

/TCOProject/bin/LBL/LBL_HOME

# Cd legacyBin/Linux/

# Cp LBLNetwork.sh LBLNetwork.sh.org

# Cp LBLNetworkEC2.sh LBLNetwork.sh

# Vi LBLNetwork.sh

… Search and fill with the names interfaces, network and password all commands:

-- Ec2-assign-private-IP-addresses

-- Ec2-associated-address

-- Ec2-unassign private--IP-addresses

 

The commands you can also try them from line of commando to make sure that you have completed the setup correctly.

To set and check the controls are needed the values that replace the keyword in red below listed with the values previously obtained from the diagram

Environment Variables to check on User Instance ami

JAVA_HOME=/usr/lib/jvm/jre; export JAVA_HOME

EC2_AMITOOL_HOME=/opt/AWS/amitools/EC2; export EC2_AMITOOL_HOME

EC2_HOME=/opt/AWS/apitools/EC2; export EC2_HOME

PATH=$PATH:/opt/AWS/bin; export PATH

Region= region EC2

Eni-99999999 = inteface id

XX_ADDRESS_XX=Elastic IP

XX_USER_KEY_XX = user key

XX_USER_PASSWORD_XX = user password

Ec2-assign-private-ip-addresses  --region eu-west-1 -n eni-99999999 --secondary-private-ip-address XX_ADDRESS_XX --allow-reassignment - OR XX_USER_KEY_XX -W XX_USER_PASSWORD_XX

Ec2-associated-address --region eu-west-1 -n eni-99999999 - eipalloc-99999999 --private-ip-address XX_ADDRESS_XX - OR XX_USER_KEY_XX -W XX_USER_PASSWORD_XX

Ec2-unassign private--IP-addresses --region eu-west-1 --network-interface eni-99999999 --secondary-private-ip-address XX_ADDRESS_XX - OR XX_USER_KEY_XX -W XX_USER_PASSWORD_XX

 

LBL ADC Internal Virtual IP and EC2 Elastic IP

To set the IP address EC2 Elastic IP is necessary to provide a virtual address inside, not eip but set by LBL ADC, which can be reached from all nodes that make up the cluster, for example the interface of heart-beat. We must therefore set up a virtual address that in reality it will serve as the management of the gateway EC2 Amazon that instead will not have a corresponding local address in the two virtual appliance.

<virtualAddressesMgr>

<virtualAddress enable="true"

Description="virtual address heart-beat"

Address="10.999.999.100"

Netmask="255.255.255.0"

HealthCheckPort="80"

HealthCheckSSL="false"

HealthCheckUriPath="/LBLHealthCheck">

<virtualInterface device="eth2"
DeviceName="eth2"/>

<publicNetworkHealthCheckPolicy>

<publicNetwork address="8.8.8.8"/>

<publicNetwork address="8.8.4.4"/>

</publicNetworkHealthCheckPolicy>

<backendNetworkHealthCheckPolicy>

<backendNetwork address="8.8.8.8"/>

<backendNetwork address="8.8.4.4"/>

</backendNetworkHealthCheckPolicy>

</virtualAddress>

<virtualAddress enable="true"

Description="virtual address elastic"

Address="192.168.43.114"

Netmask="255.255.255.0"

HealthCheckPort="80"

HealthCheckSSL="false"

HealthCheckUriPath="/LBLHealthCheck">

<virtualInterface device=""
DeviceName=""/>

<publicNetworkHealthCheckPolicy>

</publicNetworkHealthCheckPolicy>

<backendNetworkHealthCheckPolicy>

</backendNetworkHealthCheckPolicy>

</virtualAddress>

</virtualAddressesMgr>

 

LBL ADC setup endpoints

As endpoints will create many endpoints those who are expected to be managed.

The particularity of the services to manage is that the associative name and the host name must have a prefix, as in the example LBL_SERVER and a progressive numbering. Es 0000 00001 etc.

These names will be used by the system to associate the addresses of autoscaling that will be gradually generated and destroyed.

Other particularity is that all endpoints¬†¬†must have as its parameter “dhcp” set to true¬†to indicate that there will be an address variable.

LBL ADC setup services check

In the services check set many health check how many servers are believed to arrive to manage.

The particularity of the services to be monitored is that the associative name and the host name must have a prefix, as in the example LBL_SERVER and a progressive numbering. Es 0000 00001 etc.

These names will be used by the system to associate the addresses of autoscaling that will be gradually generated and destroyed.

Once put in execution module with startup “auto

LBL ADC setup endpoints scaling

To enable autoscaling is necessary to provide a shell that executes the request through the EC2 API that show the list of addresses of the servers that are currently available.

Es. /TCOProject/bin/addresslist.sh:

Aws EC2 describe-instances --region eu-west-1 --instance-ids $(aws autoscaling describe-auto-scaling-instances --region eu-west-1 --output text --query "AutoScalingInstances[?AutoScalingGroupName== The prd-nginx-asg'].InstanceId") --query "Reservations[*].Instances[*].{IP:PrivateIpAddress}" --output text

 

Make executable the shell:

# Chmod 700 /TCOProject/bin/addresslist.sh

 


Once the test of the shell through the interface graphics go in modules endpoints scaling and compile the following parameters:

OS cmd = TCOProject/bin/addresslist.sh

Prefix = LBL_SERVER

Num. Format = %04d (this value will give as a result of server names LBL_SERVER0000)

 

Once put in execution module with startup “auto