Dell EMC ECS

1 Introduction

The DELL EMC Elastic Cloud Storage (ECS) is a rack-based, flexible, and expandable object storage solution. The ECS is configured through a Web Management Interface frontend (HTTPS). In combination with a KEMP load balancer, an ECS can provide object storage using the protocols S3, Atmos, SWIFT, and Network File System (NFS) in addition to the Web Management Interface. Other protocols such as CAS are also possible but are published without load balancers.

1.1 Document Purpose

This deployment guide provides instructions on how to configure the KEMP LoadMaster to load balance DELL EMC ECS services using KEMP LoadMaster application templates.  This guide should only be used as a reference for the load balancing configuration of ECS services because each environment is unique and may have different requirements.  This guide outlines the load balancing configuration using the default ECS ports using KEMP LoadMaster application templates, but unique ports can also be leveraged based on the environment. 

This guide outlines the configuration of VSs based on best practices. When SSL/TLS offloading is not required, Layer 4 is used to pass the traffic back to the ECS nodes. Transparency is automatically enabled when using Layer 4. This sends the original source IP address to the Real Servers. For more information, see the Transparency document on the KEMP Documentation page. Using Layer 4 has the following requirements:

  • The LoadMaster must be set up in a two-ARM configuration.
  • ECS nodes must use the KEMP LoadMaster as the default gateway.
  • All connections to the ECS environment must be initiated from a different subnet.

Contact KEMP Support for any questions regarding configuration options.

1.2 Intended Audience

Anyone interested in configuring the KEMP LoadMaster to load balance Dell EMC ECS.

 

2 Template

KEMP has developed a template containing our recommended settings for this workload. You can install this template to help when creating Virtual Services (VSs) because it automatically populates the settings. This is quicker and easier than manually configuring each VS. If needed, changes can be made to any of the VS settings after using the template.

Download released templates from the Templates section on the KEMP Documentation Page: .

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description on the KEMP Documentation Page.

3 Dell EMC ECS

Dell EMC ECS is a software-defined object storage solution that can be deployed as a complete storage appliance or leverage supported standard hardware. Dell EMC ECS consists of the following components:

  • ECS Portal and Provisioning Services
  • Data Services
  • Storage Engine
  • Fabric
  • Infrastructure
  • Hardware

The following table provides a list of the Dell EMC ECS default ports and protocols used for accessing the storage.

ECS Protocol

Transport Protocol or Daemon Service

Port

S3

HTTP

9020

HTTPS

9021

Atmos

HTTP

9022

HTTPS

9023

Swift

HTTP

9024

HTTPS

9025

 

NFS

Portmap

111

Mountd, nfsd

2049

Lockd

10000

 

image12.png

4 LoadMaster Global Settings

Before setting up the Virtual Services, the following global settings should be configured to support the workload.

4.1 Enable Subnet Originating Requests Globally

It is best practice to enable the Subnet Originating Requests option globally.

In a one-armed setup (where the Virtual Service and Real Servers are on the same network/subnet) Subnet Originating Requests is usually not needed. However, enabling Subnet Originating Requests should not affect the routing in a one-armed setup.

In a two-armed setup where the Virtual Service is on network/subnet A, for example, and the Real Servers are on network B, Subnet Originating Requests should be enabled on LoadMasters with firmware version 7.1-16 and above.

When Subnet Originating Requests is enabled, the LoadMaster routes traffic so that the Real Server sees traffic arriving from the LoadMaster interface that is in that network/subnet and not the Virtual Service address.

When Subnet Originating Requests is enabled globally, it is automatically enabled on all Virtual Services. If the Subnet Originating Requests option is disabled globally, you can choose whether or not to enable Subnet Originating Requests on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to System Configuration > Miscellaneous Options > Network Options.

2. Select the Subnet Originating Requests check box.

5 LoadMaster Virtual Services

This step-by-step setup of VSs leverages the KEMP Application Template for Dell EMC ECS.

The table in each section outlines the settings configured by the application template. You can use this information to manually configure Virtual Services or using KEMP LoadMaster Application Programming Interface (API) and automation tools.

5.1 S3 Virtual Services

The following section outlines the configuration options for using S3 with Dell EMC ECS.

5.1.1 S3 HTTP

The following are the steps involved and the recommended settings to configure the S3 HTTP using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image16.png

2. Type a valid Virtual Address.

3. Select the S3-HTTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9020 is entered.

9. Click Add This Real Server.

5.1.1.1 S3 HTTP Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9020

VS Protocol

tcp

Service Type

Generic

Force L4

Enabled

Scheduling Method

Least Connection

Real Server Check Method

TCP Connection Only

Checked Port

9020

5.1.2 S3 HTTPS Offload

The following are the steps involved and the recommended settings to configure the S3 HTTPS Offload using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image31.png

2. Type a valid Virtual Address.

3. Select the S3-HTTPS-Offload template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9020 is entered.

12. Click Add This Real Server.

5.1.2.1 S3 HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9021

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

least connection

SSL Acceleration

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9020

5.1.3 S3 HTTPS  

The following are the steps involved and the recommended settings to configure the S3 HTTPS using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image18.png

2. Type a valid Virtual Address.

3. Select the S3-HTTPS template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9021 is entered.

9. Click Add This Real Server.

5.1.3.1 S3 HTTPS Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9021

VS Protocol

tcp

Service Type

Generic

Force L4

Enabled

Scheduling Method

least connection

Real Server Check Method

TCP Connection Only

Checked Port

9021

5.2 Atmos Virtual Services

The following section outlines the configuration options for using Atmos with Dell EMC ECS.

5.2.1 Atmos HTTP

The following are the steps involved and the recommended settings to configure the Atmos HTTP using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image32.png

2. Type a valid Virtual Address.

3. Select the Atmos-HTTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9022 is entered.

9. Click Add This Real Server.

5.2.1.1 Atmos HTTP Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9022

VS Protocol

tcp

Service Type

Generic

Force L4

Enabled

Scheduling Method

least connection

Real Server Check Method

TCP Connection Only

Checked Port

9022

5.2.2 Atmos HTTPS Offload

The following are the steps involved and the recommended settings to configure the Atmos HTTPS Offload using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image22.png

2. Type a valid Virtual Address.

3. Select the Atmos-HTTPS-Offload template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9022 is entered.

12. Click Add This Real Server.

5.2.2.1 Atmos HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9023

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

least connection

SSL Acceleration

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9022

5.2.3 Atmos HTTPS

The following are the steps involved and the recommended settings to configure the Atmos HTTPS using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image23.png

2. Type a valid Virtual Address.

3. Select the Atmos-HTTPS template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9023 is entered.

9. Click Add This Real Server.

5.2.3.1 Atmos HTTPS Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These setting can be used if doing a manual configuration or leveraged with scripts and automation tools

Option

Value

VS Port

9023

VS Protocol

tcp

Service Type

Generic

Force L4

Enabled

Scheduling Method

Least Connection

Real Server Check Method

TCP Connection Only

Checked Port

9023

5.3 Swift Virtual Services

The following section outlines the configuration options for using Swift with Dell EMC ECS.

5.3.1 Swift HTTP

The following are the steps involved and the recommended settings to configure the Swift HTTP using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image33.png

2. Type a valid Virtual Address.

3. Select the Swift-HTTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9024 is entered.

9. Click Add This Real Server.

5.3.1.1 Swift HTTP Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9024

VS Protocol

tcp

Service Type

Generic

Force L4

Enabled

Scheduling Method

least connection

Real Server Check Method

TCP Connection Only

Checked Port

9024

5.3.2 Swift HTTPS Offload

The following are the steps involved and the recommended settings to configure the Swift HTTPS Offload using the application template. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image5.png

2. Type a valid Virtual Address.

3. Select the Swift-HTTPS-Offload template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the SSL Properties section.

6. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

7. Click Set Certificate.

8. Expand the Real Servers section.

9. Click Add New.

10. Enter the Real Server Address.

11. Confirm that Port 9024 is entered.

12. Click Add This Real Server.

5.3.2.1 Swift HTTPS Offload Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template.  These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9025

VS Protocol

tcp

Service Type

Generic

Subnet Originating Address

Enabled

Scheduling Method

least connection

SSL Acceleration

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

TCP Connection Only

Checked Port

9024

5.3.3 Swift HTTPS

The following are the steps involved and the recommended settings to configure the Swift HTTPS using the application template:

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image26.png

2. Type a valid Virtual Address.

3. Select the Swift-HTTPS template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 9025 is entered.

9. Click Add This Real Server.

5.3.3.1 Swift HTTPS Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

9025

VS Protocol

tcp

Service Type

Generic

Force L4

Enabled

Scheduling Method

least connection

Checked Port

9025

5.4 ECS Web Interface Virtual Services

The following section outlines the configuration options for using ECS Web Interface with Dell EMC ECS.

5.4.1 ECS Web Interface

The following are the steps involved and the recommended settings to configure the ECS Web Interface using the application template. An additional redirect Virtual Service is created to direct all traffic to HTTPS. SSL/TLS certificates should be added before creating this VS. The link to the SSL/TLS Accelerated Services guide can be found in the References Section.

1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

image27.png

2. Type a valid Virtual Address.

3. Select the ECS Web Interface template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Click View/Modify Services and select the ECS Web Interface HTTPS Re-encrypted Virtual Service on port 443.

6. Expand the SSL Properties section.

7. Select the certificate to use in the Available Certificates and click the “arrow” > to move it to Assigned Certificates.

8. Click Set Certificates.

9. Expand the Real Servers section.

10. Click Add New.

11. Enter the Real Server Address.

12. Confirm that Port 443 is entered.

13. Click Add This Real Server.

5.4.1.1 ECS Web Interface Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option

Value

VS Port

443

VS Protocol

tcp

Service Type

HTTP-HTTP/2-HTTPS

Subnet Originating Address

Enabled

Scheduling Method

Least Connection

SSL Acceleration

Enabled

SSL Reencrypt

Enabled

TLS1.0, TLS1.1, TLS1.2

Enabled

Cipher Set

Best Practices

Real Server Check Method

HTTPS Protocol

   

5.5 NFS Virtual Services

The following section outlines the configuration options for using NFS with Dell EMC ECS.

5.5.1 NFS Portmap

The following are the steps involved and the recommended settings to configure the NFS PortMap using the application template:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.

image28.png

2. Type a valid Virtual Address.

3. Select the NFS-Portmap template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 111 is entered.

9. Click Add This Real Server.

10. Add additional Real Servers.

5.5.1.1 NFS Portmap Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option Value
VS Port 111
VS Protocol tcp
Service Type Generic
Force L4 Enabled
Persistence Mode Source IP Address
Timeout 1 Day
Scheduling Method least connection
Real Server Check Method TCP Connection Only
Checked Port 111

5.5.2 NFS Mountd

The following are the steps involved and the recommended settings to configure NFS Mountd, nfsd using the application template:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.

image29.png

2. Type a valid Virtual Address.

3. Select the NFS Mountd template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Enter the Real Server Address.

8. Confirm that Port 2049 is entered.

9. Click Add This Real Server.

10. Add additional Real Servers.

5.5.2.1 NFS Mountd Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option Value
VS Port 2049
VS Protocol tcp
Service Type Generic
Force L4 Enabled
Persistence Mode Source IP Address
Timeout 1 Day
Scheduling Method least connection
Real Server Check Method TCP Connection Only
Checked Port 2049

5.5.3 NFS Lockd

The following are the steps involved and the recommended settings to configure the NFS Lockd using the application template:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.

image30.png

1. Type a valid Virtual Address.

2. Select the NFS-Lockd template in the Use Template drop-down list.

3. Click Add this Virtual Service.

4. Expand the Real Servers section.

5. Click Add New.

6. Enter the Real Server Address.

7. Confirm that Port 10000 is entered.

8. Click Add This Real Server.

9. Add additional Real Servers.

5.5.3.1 NFS Lockd Application Template Settings (optional)

This table outlines the configuration options set using the KEMP application template. These settings can be used if doing a manual configuration or leveraged with scripts and automation tools.

Option Value
VS Port 10000
VS Protocol tcp
Service Type Generic
Force L4 Enabled
Persistence Mode Source IP Address
Persistence Timeout 1 Day
Scheduling Method least connection
Real Server Check Method TCP Connection Only
Checked Port 10000

6 Troubleshooting

Refer to the sections below for details on some common issues seen when load balancing the Dell EMC ECS workload.

6.1 Connections Rejected

When using a non-default TCP port or offloading for ECS services, you must ensure the Real Server port is correct. This is a common mistake when configuring the Real Servers when the Virtual Services port is different from the Real Server port. See the table in the Dell EMC ECS Section of this document for the required Real Server ports for Dell EMC ECS.

7 References

Some resources on Dell EMC ECS are listed below:

Dell EMC ECS Solutions

Useful, related KEMP documents are listed below:

SSL Accelerated Services, Feature Description on the KEMP Documentation page.

Transparency, Feature Description on the KEMP Documentation page.

RESTful API, Interface Description on the KEMP Documentation page.

Last Updated Date

This document was last updated on 19 October 2018.

Was this article helpful?

0 out of 0 found this helpful

Comments