Configure vCNS Edge Load Balancer for vROps HA Cluster

coverIn the previous part we have created a 2-node vRealize Operations 6 High Availability cluster. With its new architecture, vROps unified UI is expected to get lots of HTTPS requests traffic so it only makes sense to load balancing it, no?!

Virtualization, storage and network admins, NOC teams, application owners and more are your potential vROps users. With VMware consistent UI improvement initiative and HTML5 roadmaps, the need to use network load balancers is always something one should consider.

With that been said, the good old vCloud Networking and Security (vCNS) Edge (aka vShield Edge) is considered a valid load balancer device for our vROps cluster solution.

In this post I will not go over the details on how to deploy the vCNS appliance, instead I will focus more on the Edge deployment and load balancing configuration. If you want to learn the basics, jump over to “THEITHOLLOW” by Eric Shanks where he did a very nice and simple “getting started” guide.

Lab Physical Edge Deployment Diagram

In the figure below you can see my Edge deployment diagram. Remember, this is just a lab environment and probably not even close to a datacenter deployment topology – it is here only for some visualization.

Diagram

Edge Deployment

Log in to your vCNS, select you datacenter object and under the Network Virtualization tab click on Edges. You are now ready to start the deployment wizard.

00Remember, this just my lab environment and for that reason I’ve decided not to go wild – Compact mode without enabling HA is good enough for me.

01

02

03

04Configure your external uplink vNIC by choosing the proper vSwitch/vDS portgroup and configuring its IP, Subnet and default gateway.

06

06.1

06.2

07In real life, it is unlikely you will configure your firewall with “any-any” rule and so as I. Later we will configure the proper HTTP/HTTPS Allow rule but for now I am leaving it to deny the default traffic policy.

08

09At this point, the Edge appliance will be deployed in your vCenter.

10

11After the deployment has finished, we need to start manage the edge appliance and configure the internal network vNIC, load balancer group and FW rules.

12

Internal vNIC Configurations

Within the “Configure” tab select “Interfaces” and edit “vNIC1” which will be our Internal Edge interface.

Once again, select the vSwtich/vDS portgroup and assign the right IP and subnet.

13

14

15Load Balancer Configurations

Now that you have both your external and internal interfaces in place it’s time to do some LB magic.

Go over to “Load Balancer” tab and under “Pools” click the Plus button to add a new pool. For the purpose of this post I went with the default Services and Health Check parameters.

15.1

16

17

18Add your vROps cluster nodes as new members in the pool.

19

20

21After creating the pool we need to enable the LB service and publish the changes we have made.

23

24The next step after creating the pool is to assign a Virtual Server to the pool. For those of you who are new to load balancers terminology, Virtual Server represent the virtual IP or VIP.

Go over to “Load Balancer” tab and under “Virtual Servers” click the Plus button to add a new VS.

24.1In the “Existing Pool” dropdown, select the pool we have just created and remember we are load balancing both HTTP and HTTPS requests so make sure those are selected as well.

25The LB part is now done – we have both our pool and VIP in place. At this point you will notice that the Edge have created the proper NAT rules in order to support the configurations.

26Firewall Configurations

The last step is to allow HTTP and HTTPS traffic to go through the Edge Firewall.

Under the “Firewall” tab, click the Plus button to add a new FW rule and configure it to accept HTTP and HTTPS request. I’ve created a very basic rule “any to any” rule but outside my lab environment I would have probably change it to be more specific when it comes to source and destination.

27Does it really work?!

That’s it, all that is left now is to open your browser and enter the vROps cluster Virtual Server IP.

If you want a proof that this entire procedure works and the load balancer kicks-in, go to the “Statistic” tab and notice how LB traffic is starting to work in the second you hit the VIP URL.

28

29

Congratulations, you now have 2-node vROps High Availability cluster behind a vCNS Edge Load Balancer  🙂 

2 Comments

1 Trackback / Pingback

  1. Outline of Installing vR Ops 6 | Notes from MWhite

Leave a Reply