Go to main content

Configuring an Oracle® Solaris 11.3 System as a Router or a Load Balancer

Exit Print View

Updated: December 2018
 
 

How to Configure an ILB in the Zone of Compute Node2

The following steps shows the configuration of the non-global zone network for Compute Node2 and it is assumed that the global zone network is already configured.

  1. Become an administrator.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

  2. Create VNICs for the ILB zone.
    # dladm create-vnic -l net0 ilb_vnic1
    # dladm create-vnic -l net1 ilb_vnic2
    # ipadm create-ip net1
    # ipadm create-addr -T static -a 192.0.2.12 net1/v4static
  3. Configure virtual network interface in the global zone to host the VIP such that backend application servers can accept client packets forwarded by ILB.
    # ipadm create-vni vipvni0
    # ipadm create-addr -T static -a 203.0.113.3/27 vipvni0/v4
  4. Create the zone ilbzone1.
    global# zonecfg -z ilbzone1
    Use 'create' to begin configuring a new zone.
    zonecfg:ilbzone1> create
    zonecfg:ilbzone1> add net
    zonecfg:ilbzone1> set physical=ilb_vnic1
    zonecfg:ilbzone1:anet> end
    zonecfg:ilbzone1> create
    zonecfg:ilbzone1> add net
    zonecfg:ilbzone1> set physical=ilb_vnic2
    zonecfg:ilbzone1:anet> end
    zonecfg:ilbzone1> commit
    zonecfg:ilbzone1> exit
  5. Install and boot ilbzone1.
    global# zoneadm -z ilbzone1 install
    global# zoneadm -z ilbzone1 boot
  6. Log in to zone1 and configure the load balancer in the zone.
    global# zlogin -C ilbzone1
    ilbzone1# pkg install ilb
    ilbzone1# svcadm enable ilb
    
    ilbzone1# ilbadm create-healthcheck -h hc-timeout=3,hc-count=2,hc-interval=8,\
    hc-test=tcp hc1
    
    ilbzone1# ilbadm create-servergroup -s server=192.0.2.12,192.0.2.15 swiftgroup
    
    ilbzone1# ilbadm create-rule -ep -i vip=203.0.113.3,port=8080,protocol=tcp \ 
    -m lbalg=roundrobin,type=DSR,pmask=23 -h hc-name=hc1,hc-port=8080 -t conn-drain=70, \
    nat-timeout=70,persist-timeout=70 -o servergroup=swiftgroup swiftrule
    
    ilbzone1# ilbadm create-rule -ep -i vip=203.0.113.3,port=22,protocol=tcp \
    -m lbalg=roundrobin,type=DSR,pmask=23 -h hc-name=hc1,hc-port=22 \
    -t conn-drain=70,nat-timeout=70,persist-timeout=70 -o servergroup=swiftgroup sshrule
  7. Configure VRRP routers in the zone.
    ilbzone1# pkg install vrrp
    ilbzone1# svcadm enable vrrp
    ilbzone1# vrrpadm create-router -V 1 -I ilb_vnic1 -p 255 -A inet -T l3 \
     -a 203.0.113.3/27 vrrp1
    ilbzone1# vrrpadm create-router -V 2 -I ilb_vnic2 -p 255 -A inet -T l3 \
     -a 192.0.2.1/27 vrrp2