Topic of the Day – Load Balancing VMware Cloud Director 10.4.x multi cell deployment. For this deployment I am using 3 VCD Cells, they consist of Small Size ( 2vCPU and 12GB, these are not recommended specifications for a production appliance – Per VMware.)
This walkthrough will show you how to load balancer the appliances only, we are not integrating NSX ALB into VMware Cloud Director for Tenants to consume, stay tuned for a future walkthrough for VCD and NSX ALB Integration!
What you will need:
- Multiple VCD Appliances
- Certificate with multiple SANs ( I used my wildcard cert)
- Certificates and Public Addresses configured already on all VCD Appliances
- 4 DNS A Records, 1 A Record Pointing to VIP IP address of ALB VS Pool, 3 A Records for individual appliances
More information on VMware Cloud Director 10.4.1 Certificate Implementation here
Lets login to NSX ALB, Go to Virtual Services and top right click on “Create Virtual Service”
-> Advanced Setup
Select your NSX Cloud which we will deploy the VIP pool
Select VRF Context, which for my deployment I am used my t1-edge-01-m01-gw, which is my Tier 1 Router attached to my primary Tier-0.
Next we will configured Virtual Service VIP for our Service Engine for ALB.
Attach the VsVIP to your Tier 1 Logical Router
Add a Virtual IP that is free from within your VIP Pool that is pre-allocated manually or can be via IPAM Dynamically. For my implementation I am setting the IP address statically.
Click Save -> Then it will take us back to the main page where we are deploying the Virtual Service
Next step we will set the Profile of our Virtual Service to the following
- System-TCP-Proxy
- System-L4-Application
(Side topic, VMware Cloud Director works better with a Layer 4 Load Balancer, there are issues that occur if a Layer 7 HTTP load balancer is utilized)
Now that our Profile is set, next we will create our Pool. I named my “VMware-Cloud-Director-Appliances-Pool”
The Following Settings that should be set are:
- Default Server Port: 443
- Least Connections (can use other Algorithms based on your needs)
- Tier1 Logical Router – t1-edge01-m01-gw (this is my Tier1)
- Servers – Created IP Address Group
- Health Monitor
- SSL – System-Standard, (Service Edge Client Certificate)
- Any other settings will depend on your implementation
Once all settings have been configured, now we will hit save and proceed to the last page “Advanced”
Ensure to select your Service Engine Group, or ALB will deploy it on the default group and might cause issues.
After you have the AVI Service Engine deploying, now you can go to VCD, and setup Public Addresses – Pre reqs are that you need to have VCD SSL CA Signed or Self Signed already configured and just need to enabled Public Addresses for the Web Portal and API.
That’s it! Very simple implementation to utilize VMware NSX Advanced Load Balancer and Load Balance VMware Cloud Director Appliances!