Global Site

Displaying present location in the site.

We Tried Building HA Cluster on Google Cloud Platform (Windows/Linux): Overview

EXPRESSCLUSTER Official Blog

October 28th, 2021

Machine translation is used partially for this article. See the Japanese version for the original article.

Introduction

We tried building HA clusters using EXPRESSCLUSTER on Google Cloud Platform (hereinafter called "GCP").

EXPRESSCLUSTER can make redundant instances provided in cloud environments. Click popuphere for the EXPRESSCLUSTER Setup Guides in the cloud environment.

GCP offers a number of networking services, including the Virtual Private Cloud (hereinafter called "VPC"). This networking service includes services called Google Cloud DNS (hereinafter called "Cloud DNS") and Google Cloud Load Balancing (hereinafter called "Cloud Load Balancing").
In this time, we will introduce the HA cluster configurations using Cloud DNS and Cloud Load Balancing to switch between the virtual machines that constitute the HA cluster.

For building procedure of the HA cluster configurations, see this popuparticle.

Contents

1. GCP and Redundancy

GCP is a public cloud service provided by Google. GCP offers more than 100 services including virtual machines and storages.

For example, if you create a server on GCP, use a virtual machine service called Google Compute Engine (hereinafter called "GCE").
Users can run servers by creating instances from GCP console, gcloud command line (gcloud is the CLI tool for GCP resources) , etc., and installing applications on instances.
An instance is a virtual machine hosted by Google's infrastructure.

The main features of GCE are as follows:

  • Create instances with optimal amounts of vCPU and memory
  • Start running instances quickly
  • Pricing is based on per-second usage
GCP defines the Service Level Agreements(hereinafter called "SLA") for each service. For the SLA of GCE, Google defines the Monthly Uptime Percentage is 99.99% or more, which users can access to the running instances.
However, to meet the SLA, instances must be placed in two or more Zones (Zones are deployment areas for GCP resources within each Region). This means that the instance must be redundant.

[Reference]
popupGoogle Cloud
popupGoogle Cloud Platform Service Level Agreements
popupGeography and regions

2. HA Cluster Configureations

This time, we built HA clusters that can be accessed from clients in the same VPC network on GCP.

  • * In this configurations, ha clusters cannot be accessed from clients outside the VPC network (e.g., on the Internet or on an on-premises environment).
  • * Depending on the GCP service settings, clients outside the VPC network will be available to access the HA cluster.
For access from outside the VPC network, see popuphere for Cloud DNS and popuphere for Cloud Load Balancing.

The followings are two configurations as HA clusters with EXPRESSCLUSTER on GCP.

  • HA cluster with Cloud DNS
  • HA cluster with Cloud Load Balancing(an Internal TCP Load Balancer)
  • * For HA cluster with Cloud Load Balancing, Google Cloud virtual IP resource supports only TCP-protocol-based health checks, cannot respond to health checks by an External TCP Network Load Balancer. Therefore, use an Internal TCP Load Balancer instead of an External TCP Network Load Balancer.

The OS, kernel, and EXPRESSCLUSTER version that we confirmed in this time are as follows.

Windows
  • OS            :Windows Server 2019 Datacenter
  • EXPRESSCLUSTER:EXPRESSCLUSTER X 4.3(Internal Version 12.30)
Linux
  • OS            :Red Hat Enterprise Linux 8.2
  • kernel        :4.18.0-193.28.1.el8_2.x86_64
  • EXPRESSCLUSTER:EXPRESSCLUSTER X 4.3(Internal Version 4.3.0-1)

2.1 HA Cluster with Cloud DNS

The following is the HA cluster with Cloud DNS to switch the destination of the HA cluster.

Google Cloud DNSzoomLarger view

How to switch the destinations of HA cluster with Cloud DNS

  • 1. Control records registered in Cloud DNS from EXPRESSCLUSTER and switch destinations.
  • 2. The clients access to the active instance by accessing the DNS name of the record registered in Cloud DNS.

2.2 HA Cluster with Cloud Load Balancing(Internal TCP Load Balancing)

The following is the HA cluster with Cloud Load Balancing to switch the destination of the HA cluster.

Google Cloud Load BalancingzoomLarger view

How to switch the destinations of HA cluster with Cloud Load Balancing

  • 1. Control the port that Cloud Load Balancing uses the health check from EXPRESSCLUSTER and switch the destinations.
  • 2. Cloud Load Balancing forwards communication to the instance with successful backend health checks.
  • 3. The clients access to the active instance by accessing the frontend IP address of Cloud Load Balancing.

In a HA cluster with Cloud Load Balancing, EXPRESSCLUSTER controls the probe port (port for health checks) as follows:

  • When the group resource for probe port control is active, start a probe port control process for health checks from Cloud Load Balancing.
  • When the group resource for probe port control is inactive, stop the probe port control process for health checks from Cloud Load Balancing.

2.3 Building HA Clusters

An overview of building HA clusters is as follows:

  • 1. Create a VPC network
    Create a VPC network, subnet.
    In addition, set up firewall rules to communicate with instances for the HA cluster.
  • 2. Create instances
    Create instances for the HA cluster.
  • 3. Set up Cloud DNS/Cloud Load Balancing
    Set up Cloud DNS or Cloud Load Balancing.
    - For Cloud DNS
    Create a zone. Select Private for the zone type.
    Add a record set.

    - For Cloud Load Balancing
    Set up firewall rules that allow communication for health checks.
    Create the instance groups that you want to specify for the backend of Cloud Load Balancing.
    Add each instance to the instance groups.
    Create Cloud Load Balancing. Select TCP Load Balancing - internal only(Only between my VMs) for load balancer type.
  • 4. Building HA clusters
    Install EXPRESSCLUSTER on the instances, and build the HA cluster.
    This time, we have registered the following in the failover group.
    • Mirror disk resource
    • Google Cloud DNS resource(*)
    • Google Cloud virtual IP resource(*)
  • * HA cluster with Cloud DNS and HA cluster with Cloud Load Balancing(an Internal TCP Load Balancer) have different resources to register.
For HA cluster with Cloud DNS
Google Cloud DNS resource rewrites recordsets in the zone you created.
Google Cloud DNS resource is available in EXPRESSCLUSTER X 4.3 or later.

For HA cluster with Cloud Load Balancing(an Internal TCP Load Balancer)
Google Cloud virtual IP resource controls the probe port.
Google Cloud virtual IP resource is available in EXPRESSCLUSTER X 4.2 or later.

When building each HA cluster cofiguration, we referred to the following in the settings of each GCP service, such as VPC networks and instances creation.

[Reference]
popupVirtual Private Cloud - How-to guides
popupCompute Engine - How-to guides
popupCloud DNS – Manage zones
popupCloud DNS – Manage records
popupCloud Load Balancing - Setting up Internal TCP/UDP Load Balancing

3. Notes

Machine image

If you want to use a public image for the machine image that you choose when you create the instance, you should install, update, or downgrade packages, to meet EXPRESSCLUSTER system requirements, after you create the instance.
Also, check whether OS and kernel versions meeting EXPRESSCLUSTER system requirements and use the supported machine images. For not meeting EXPRESSCLUSTER system requirements, upgrade/version down the OS or Kernel.
See below for EXPRESSCLUSTER system requirements.

[Reference]
popupSystem Requirements - EXPRESSCLUSTER X for WindowspopupSystem Requirements - EXPRESSCLUSTER X for Linux

Identity and Access Management (IAM)

HA cluster with Cloud DNS requires instances granted permission to control GCP resources. Use Identity and Access Management (IAM) to grant permissions to instances to control GCP resources.
Before you build an HA cluster, make sure that you can do the following by using the gcloud command from your instance:

  • Add or remove DNS records
  • View DNS records

Identity and Access Management (IAM) settings were based on the following:

[Reference]
popupIAM - How-to guides

Shared VPC

Shared VPC allows clients belonging to another project in the same VPC to access your cluster.
In GCP, all resources used by users belong to the project. Typically, resources belonging to different projects access each other over the Internet.
The VPC network has a function called Shared VPC that shares a single VPC network between each project.
Resources belonging to one project in a Shared VPC can access resources belonging to another project without going over the Internet.

Shared VPC is available in both HA cluster with Cloud DNS and HA cluster with Cloud Load Balancing.
However, in HA cluster with Cloud Load Balancing, the GCP specification prevents clients in different regions from accessing the HA cluster.

[Reference]
popupVirtual Private Cloud - Shared VPC overview
popupCloud Load Balancing - Internal TCP/UDP Load Balancing overview

Conclusion

This time, we tried to build an HA cluster using EXPRESSCLUSTER on GCP.
For building procedure of the HA cluster configurations, see this popuparticle.
If you consider introducing the configuration described in this article, you can perform a validation with the popuptrial module of EXPRESSCLUSTER. Please do not hesitate to contact us if you have any questions.