A department requiring server load balancing (SLB) or server failover capability will be provided with a dedicated A10 Thunder server load balancer partition at any of the sites providing the service.
All SLB sites are configured to be high availability services. Services targeting site independent can leverage the global server load balancing (GSLB) features built into the SLB service.
If located in the same physical site a SLB partition can be provided configured in multiple ways:
- Placed on the same network as the hosts to be balanced
- Placed on a new subnet to use for dedicated services
- Placed in parallel with the bSecure firewall service, with one connection to an unprotected network and one on the protected network. This allows for higher performance communications on specific ports while still receiving the general security of the firewall service
The SLB partitions are configured as a layer 3 device allowing full content proxy at layers 3, 4, and 7 as well as network address translation (NAT).
The appliances are fully redundant, ensuring that the loss of one appliance, one switch, or one router will not impact service. In the event of a SLB failure the other member of the cluster will automatically take over full service.
bIT Network Services will manage hardware and software upgrades, and will create the initial configuration for a departmental SLB partition. Department administrators will be responsible for managing their individual instances.
Three SLB sites are available for department use:
- Earl Warren Data Center slb7.net.berkeley.edu
- San Diego Super Computer Co-location Facility slb6.net.berkeley.edu
- Campus slb4.net.berkeley.edu (note: Campus service only provides GSLB functions and does not support local SLB services)
The load balancers are only manageable from the UC Berkeley Campus network and the bSecure Remote Access Service (GlobalProtect), but the services provided by the SLB can me configured as accessable to the Internet - if the service calls for it.