Setting up a Layer 7 VIP that connects back to your MinIO server
Check out my demo for the nuts and bolts of how to do this:
For those who want some notes for reference, here's the transcript...Enjoy!
Transcript
"Hi guys, welcome, welcome, welcome. Today we're going to be looking at MinIO and how to load balance that using our load balancer.
So what we're going to do is we're going to have a look at setting up a Layer 7 VIP,
which will connect back to our MinIO servers. So hopefully, if you're looking at this video, you've already got MinIO, and you've already set that up. But we do have a guide if you need it on how it actually works, and how we use Layer 7 load balancing across the four nodes in particular. So if you're reading this, and you've got to the website and found the deployment guide, this is the kind of thing we're going to be working through today, in essence.
So we're going to set up a Layer 7 VIP, and we're going to add some ports to that VIP, and add a health check, which is this one down here. We're not going to do an SSL termination. Not today. But we'll make sure that it does actually work. And then maybe we will do the SSL termination. But I've done a video on SSL terminations already, so it's pretty much exactly the same. So go back and watch that one if you've not already watched it. So let's go and have a look then at setting up this particular VIP in question...
So I'm gonna go to cluster configuration, virtual services. And then we're gonna go back to Layer 7 virtual services. And what we need to sort out here is a name - so this is my name, I've already got kind of structured out how I want it to be. So let me get my document. So we're gonna call this MinIO cluster. And then we're going to add VIP IP address. We're going to change this port to 9000. We're gonna keep HTTP mode for now, which is fine. And we're going to click update (hopefully that's going to update okay). There we go.
And we're going to reload HAProxy. Make sure that really loads okay. Once we've done that, we're gonna go into virtual services. We're going to scroll down, and we're gonna go to modify our MinIO cluster. And here we're gonna add our health check, which is down here. We're gonna do a negotiate HTTP head. Yeah, that one, request system sustained. So the health check itself is gonna be ready. And there's nothing else to fill in as far as I can remember from the guide, so it's just that update. You can double-check that if you need to. But as I said, it is in the guide.
And if we go back here, it does actually show us so VIPs, nodes further up. Further up it just says HTTP mode, update, modify the VIP. Negotiate HTTP head. Quest to send - and there we go.
For HTTP 200, Okay. So we leave it blank, and then it kind of does that. So we don't need to add it. Leave it all blank. Advanced - ah - we do need to set these timeouts though so I nearly forgot we do need to go off and enable the check. So we need to make sure that we do set those. I think that's one thing that I always forget when I do this, which is, so we go back down, I don't need to reload it this part, I'm just gonna go to MinIO, go to advanced, other, and make sure that we set the timeout. Just make sure we get that smoothed onto the other screen real quick. So I can make sure I get the right time timeout box and set that for 10 minutes. And that's it. And then we just click Update.
Then we can define our reps. Okay, let's reload that HAProxy. In real servers, for our MinIO cluster, we need to add some real servers. So we're gonna call this IP address first. Think it's 150. So node one, you don't need to add any ports, don't need to encrypt to the back end. We just update, and then we're gonna go for two secondary server that we want to add to it. That's going to be 51. Update. No need to add any ports. We're just going to reload that to make sure that that loads off. Okay, which is good.
Let's go to System Overview real quick. A quick look at that. There we go. We've got our MinIO node connected, it's health checking. Just go and check the servers. We know the servers are running anyway because these are my MinIO servers over here. One and two. Now I'm going to add a couple of extra ports. And the reason why (and it's not covered in the Guide) is to get access to our web UI. And I can use either that address, right, which is 151, or 150, which is my server. Or on this particular port (I know some people don't like it, and I guess if we're SSL terminating maybe I'd do it slightly differently, and I'd probably have one port or what have you) but for my own purposes, I'm going to add another port which is 49... (let me just get this over here and get this out of the way so I can actually edit this VIP real quick; let's go up to cluster configuration, Layer 7 virtual services; go down to our MinIO VIP down here)...and we're going to add this second port which is 49.... was it 49798. So I'm gonna add the second port, and update. I'll show you why I'm gonna do that in a second. Just going to reload that (got a new port in there) so we got that port added to our VIP. So if we go to HTTP://192.168.1.160 (I think it's 160), and then that port 49798. Hopefully, we got our ports right, have we? Oh no, it's not, it's 78, sorry - let me retype that. HTTP://192.168.78.160 - and then that port (49798). It's trying...it's trying. There we go. We now have access to our MinIO server, so I could log in....(I thought I'd set up a user here but I can't remember). It's a bit slow, but I think that's more my server today than anything else. Here we go. And we can see our buckets. So that's the reason why I've added a port in there. Normally you just do it on the one port, and then just do your SSL termination.
You could set up a separate VIP for your admins to log in or your users to log in if they want to get to the console window or upload stuff into particular buckets. So here I've got three buckets on my server, which means it's got three disks, which are writable. So essentially, that is how we set up load balancing for MinIO on a Loadbalancer.org device. So really, really simple. A simple Layer 7 VIP.
If you've watched my other videos on IS web servers, it's exactly the same as that. Doing exactly the same thing. So hopefully that works for you. And yeah, I'll catch you on the next one. Peace."