Free load balancer (possible connection broker) for VDI
17 August 2007
Looking for an alternative (free) Connection Broker solution I stumbled across Crossroads.
It is a little application that will run on pretty much any current Linux/OSX build, and will load balance specific IP’s, ports.
Just because I wanted something quick and easy to test this on, I downloaded Ubuntu Desktop 6.0.6 LTS to try it out on.
Download Crossroads here. I chose the 1.48 build, as it is the latest stable (at the time of this writing).
So, download it, to your Linux system, and unpack it, and install it.
I downloaded/copied it to /tmp, and installed it as follows:
Unpacking the archive
root@ubuntu:/tmp# gunzip crossroads-stable.tar.gz
root@ubuntu:/tmp# tar –xvf crossroads-stable.tar
root@ubuntu:/tmp# cd crossroads-1.48
Compiling/Installing Crossroads
(make sure you have a C compiler like gcc installed)
root@ubuntu:/tmp/crossroads-1.48# make install
root@ubuntu:/tmp/crossroads-1.48# touch /etc/crossroads.conf
Basic Configuring of Crossroads
edit /etc/crossroads.conf (with the below configuration)
Starting Crossroads
/usr/local/bin/crossroads start
Checking the status of Crossroads
/usr/local/bin/crossroads status
Stopping Crossroads
/usr/local/bin/crossroads stop
Keep in mind, this is just a rudimentary implementation of Crossroads in a Connection Broker capacity.
The Crossroads documentation gives more parameters and information to have it start automatically at different run levels, allowed from/denied from, etc.
Additionally, the default Makedef.def is setup for a maximum of 20 connections. So, before you compile it, adjust the number accordingly.
The config file (/etc/crossroads.conf) also has many additional settings, that can customize the connections, including things such as allowed/denied addresses, etc.
The Web Interface
There is also a web gui that will display connections/etc.
To start it up, run /usr/local/bin/crossroads-mgr start PORT
So if you run /usr/local/bin/crossroads-mgr start 80, you should see something like this:
Now, in a production environment, I'd recommend creating a hardened Linux VM, and really tweaking /etc/crossroads.conf to get the best performance and security.
This could be a really viable solution in a small environment where costs play a significant factor.
As can be seen it really isn't hard to do, doesn't take long, and (by reading the docs) can be locked down enough to be a cheap (free) solution.
It is a little application that will run on pretty much any current Linux/OSX build, and will load balance specific IP’s, ports.
Just because I wanted something quick and easy to test this on, I downloaded Ubuntu Desktop 6.0.6 LTS to try it out on.
Download Crossroads here. I chose the 1.48 build, as it is the latest stable (at the time of this writing).
So, download it, to your Linux system, and unpack it, and install it.
I downloaded/copied it to /tmp, and installed it as follows:
Unpacking the archive
root@ubuntu:/tmp# gunzip crossroads-stable.tar.gz
root@ubuntu:/tmp# tar –xvf crossroads-stable.tar
root@ubuntu:/tmp# cd crossroads-1.48
Compiling/Installing Crossroads
(make sure you have a C compiler like gcc installed)
root@ubuntu:/tmp/crossroads-1.48# make install
root@ubuntu:/tmp/crossroads-1.48# touch /etc/crossroads.conf
Basic Configuring of Crossroads
edit /etc/crossroads.conf (with the below configuration)
I set the "maxconnections" to 1, because if I have XP/Vista desktops on the backend, I don't want someone attempting to connect to one that already has an active connection.
service rdp {
port 3389;
revivinginterval 15;
backend one {
server 10.1.1.100:3389;
maxconnections 1;
setserverheader "X-Real-IP: %r";
trafficlog /tmp/backend.1.log;
}
backend two {
server 10.1.1.101:3389;
maxconnections 1;
setserverheader "X-Real-IP: %r";
trafficlog /tmp/backend.2.log;
}
}
Starting Crossroads
/usr/local/bin/crossroads start
Checking the status of Crossroads
/usr/local/bin/crossroads status
Stopping Crossroads
/usr/local/bin/crossroads stop
Keep in mind, this is just a rudimentary implementation of Crossroads in a Connection Broker capacity.
The Crossroads documentation gives more parameters and information to have it start automatically at different run levels, allowed from/denied from, etc.
Additionally, the default Makedef.def is setup for a maximum of 20 connections. So, before you compile it, adjust the number accordingly.
The config file (/etc/crossroads.conf) also has many additional settings, that can customize the connections, including things such as allowed/denied addresses, etc.
The Web Interface
There is also a web gui that will display connections/etc.
To start it up, run /usr/local/bin/crossroads-mgr start PORT
So if you run /usr/local/bin/crossroads-mgr start 80, you should see something like this:
Now, in a production environment, I'd recommend creating a hardened Linux VM, and really tweaking /etc/crossroads.conf to get the best performance and security.
This could be a really viable solution in a small environment where costs play a significant factor.
As can be seen it really isn't hard to do, doesn't take long, and (by reading the docs) can be locked down enough to be a cheap (free) solution.
Labels: VMware
