Dell EMC ECS

1 Introduction

The DELL EMC Elastic Cloud Storage (ECS) is a rack-based, flexible, and expandable object storage solution. The ECS is configured through a Web Management Interface frontend (HTTPS). In combination with a KEMP load balancer, an ECS can provide object storage using the protocols S3, Atmos, and SWIFT in addition to the Web Management Interface. Other protocols such as CAS are also possible but are published without load balancers.

1.1 Document Purpose

This deployment guide provides instructions on how to configure the KEMP LoadMaster to load balance DELL EMC ECS services using KEMP LoadMaster application templates.  This guide should only be used as a reference for the load balancing configuration of ECS services because each environment is unique and may have different requirements.  This guide outlines the load balancing configuration using the default ECS ports using KEMP LoadMaster application templates, but unique ports can also be leveraged based on the environment. 

This guide outlines the configuration of VSs using Layer 7. Some environments may have the ability to leverage Layer 4, which can improve performance. Contact KEMP Support for any questions regarding configuration options.

1.2 Intended Audience

Anyone interested in configuring the KEMP LoadMaster to load balance Dell EMC ECS.

 

2 Template

KEMP has developed a template containing our recommended settings for this workload. You can install this template to help when creating Virtual Services (VSs) because it automatically populates the settings. This is quicker and easier than manually configuring each VS. If needed, changes can be made to any of the VS settings after using the template.

Download released templates from the Templates section on the KEMP documentation page: http://kemptechnologies.com/documentation.

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description on the KEMP Documentation Page.

For steps on how to manually add and configure each of the VSs using the recommended settings, refer to the steps in this document.

3 Dell EMC ECS

Dell EMC ECS is a software-defined object storage solution that can be deployed as a complete storage appliance or leverage supported standard hardware. Dell EMC ECS consists of the following components:

  • ECS Portal and Provisioning Services
  • Data Services
  • Storage Engine
  • Fabric
  • Infrastructure
  • Hardware

The following table provides a list of the Dell EMC ECS default ports and protocols used for accessing the storage.

ECS Protocol

Transport Protocol or Daemon Service

Port

S3

HTTP

9020

HTTPS

9021

Atmos

HTTP

9022

HTTPS

9023

Swift

HTTP

9024

HTTPS

9025

 

NFS

Portmap

111

Mountd, nfsd

2049

Lockd

10000

 

3 Dell EMC Elastic Cloud Storage.png

4 LoadMaster Global Settings

Before setting up the Virtual Services, the following global settings should be configured to support the workload.

4.1 Enable Subnet Originating Requests Globally

It is best practice to enable the Subnet Originating Requests option globally.

In a one-armed setup (where the Virtual Service and Real Servers are on the same network/subnet) Subnet Originating Requests is usually not needed. However, enabling Subnet Originating Requests should not affect the routing in a one-armed setup.

In a two-armed setup where the Virtual Service is on network/subnet A, for example, and the Real Servers are on network B, Subnet Originating Requests should be enabled on LoadMasters with firmware version 7.1-16 and above.

When Subnet Originating Requests is enabled, the LoadMaster routes traffic so that the Real Server sees traffic arriving from the LoadMaster interface that is in that network/subnet and not the Virtual Service address.

When Subnet Originating Requests is enabled globally, it is automatically enabled on all Virtual Services. If the Subnet Originating Requests option is disabled globally, you can choose whether or not to enable Subnet Originating Requests on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to System Configuration > Miscellaneous Options > Network Options.

2. Select the Subnet Originating Requests check box.

5 LoadMaster Virtual Services

This step-by-step setup of VSs leverages the KEMP Application Template for Dell EMC ECS.

The table in each section outlines the settings configured by the application template. You can use this information to manually configure Virtual Services or using KEMP LoadMaster Application Programming Interface (API) and automation tools.

5.1 S3 Virtual Services

The following section outlines the configuration options for using S3 with Dell EMC ECS.

5.1.1 S3 HTTP

The following are the steps involved and the recommended settings to configure the S3 HTTP using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 1 1 S3 HTTP.png

2. Type a valid Virtual Address.

3. Select the S3-HTTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9020 is entered.

9. Click Add This Real Server.

5.1.1.1 S3 HTTP Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9020

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

Real Server Check Method

TCP Connection Only

Checked Port

9020

5.1.2 S3 HTTPS Offload

The following are the steps involved and the recommended settings to configure the S3 HTTPS Offload using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 1 2 S3 HTTPS Offload.png

2. Type a valid Virtual Address.

3. Select the S3-HTTPS-Offload template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9020 is entered.

12. Click Add This Real Server.

5.1.2.1 S3 HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These setting can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9021

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9020

5.1.3 S3 HTTPS Reencrypt

The following are the steps involved and the recommended settings to configure the S3 HTTPS Reencrypt using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 1 3 S3 HTTPS Reencrypt.png

2. Type a valid Virtual Address.

3. Select the S3-HTTPS-Reencrypt template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9021 is entered.

12. Click Add This Real Server.

5.1.4 S3 HTTPS Reencrypt Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools

Option

Value

VS Port

9021

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

SSL Reencrypt

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9021

5.2 Atmos Virtual Services

The following section outlines the configuration options for using Atmos with Dell EMC ECS.

5.2.1 Atmos HTTP

The following are the steps involved and the recommended settings to configure the Swift HTTP using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 2 1 Atmos HTTP.png

2. Type a valid Virtual Address.

3. Select the Atmos-HTTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9022 is entered.

9. Click Add This Real Server.

5.2.1.1 Atmos HTTP Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools

Option

Value

VS Port

9022

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

Real Server Check Method

TCP Connection Only

Checked Port

9022

5.2.2 Atmos HTTPS Offload

The following are the steps involved and the recommended settings to configure the Atmos HTTPS Offload using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 2 2 Atmos HTTPS Offload.png

2. Type a valid Virtual Address.

3. Select the Atmos-HTTPS-Offload template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9023 is entered.

12. Click Add This Real Server.

5.2.2.1 S3 HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools

Option

Value

VS Port

9023

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9022

5.2.3 Atmos HTTPS Reencrypt

The following are the steps involved and the recommended settings to configure the Atmos HTTPS Reencrypt using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 2 3 Atmos HTTPS Reencrypt.png

2. Type a valid Virtual Address.

3. Select the Atmos-HTTPS-Reencrypt template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9023 is entered.

12. Click Add This Real Server.

5.2.3.1 S3 HTTPS Reencrypt Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools

Option

Value

VS Port

9023

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

SSL Reencrypt

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9023

5.3 Swift Virtual Services

The following section outlines the configuration options for using Swift with Dell EMC ECS.

5.3.1 Swift HTTP

The following are the steps involved and the recommended settings to configure the Swift HTTP using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 3 1 Swift HTTP.png

2. Type a valid Virtual Address.

3. Select the Swift-HTTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9024 is entered.

9. Click Add This Real Server.

5.3.1.1 Swift HTTPS Reencrypt Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9024

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

Real Server Check Method

TCP Connection Only

Checked Port

9024

5.3.2 Swift HTTPS Offload

The following are the steps involved and the recommended settings to configure the Swift HTTPS Offload using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 3 2 Swift HTTPS Offload.png

2. Type a valid Virtual Address.

3. Select the Swift-HTTPS-Offload template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9024 is entered.

12. Click Add This Real Server.

5.3.2.1 Swift HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9025

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9024

5.3.3 Swift HTTPS Reencrypt

The following are the steps involved and the recommended settings to configure the Swift HTTPS Reencrypt using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 3 3 Swift HTTPS Reencrypt.png

2. Type a valid Virtual Address.

3. Select the Swift-HTTPS-Reencrypt template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9025 is entered.

12. Click Add This Real Server.

5.3.3.1 Swift HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These setting can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9025

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

SSL Reencrypt

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9025

5.4 ECS Web Interface Virtual Services

The following section outlines the configuration options for using Swift with Dell EMC ECS.

5.4.1 ECS Web Interface

The following are the steps involved and the recommended settings to configure the ECS Web Interface using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

5 4 1 ECS Web Interface.png

2. Type a valid Virtual Address.

3. Select the ECS Web Interface template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Click View/Modify Services and select the ECS Web Interface Virtual Service on port 443.

6. Expand the SSL Properties section.

7. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

8. Click Set Certificates.

9. Expand the Real Servers section.

10. Click Add New.

11. Enter the Real Server Address.

12. Confirm that Port 443 is entered.

13. Click Add This Real Server.

5.4.1.1 ECS Web Interface Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These setting can be used if doing a manual configuration or leveraged with scripts and automation tools

Option

Value

VS Port

443

VS Protocol

tcp

Service Type

HTTP-HTTP/2-HTTPS

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

SSL Reencrypt

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

443

6 Troubleshooting

Refer to the sections below for details on some common issues seen when load balancing the Dell EMC ECS workload.

6.1 Connections Rejected

When using a non-default tcp port or offloading for ECS services, you must ensure the Real Server port is correct. This is a common mistake when configuring the Real Servers when the Virtual Services port is different from the Real Server port. See the table in the Dell EMC ECS Section of this document for the required Real Server ports for Dell EMC ECS.

7 References

Some resources on Dell EMC ECS are listed below:

Dell EMC ECS Solutions

A useful, related KEMP document is listed below:

SSL Accelerated Services, Feature Description on the KEMP Documentation page.

Last Updated Date

This document was last updated on 25 September 2018.

Was this article helpful?

0 out of 0 found this helpful

Comments