This blog post will be a two part series showing you step by step on how to load balance VMware Unified Access Gateway (UAG) using the VMware NSX. There are quite a few options such as F5, KEMP etc. available to do the load balancing of the UAG appliance but in this post we shall deep dive into NSX Load balancing. The objective in a production deployment is to load balance multiple UAG appliances deployed in the DMZ.
Load Balancing of multiple VMware UAG Appliances
There are plenty of guidance available on how to create the NSX Edge to do the load balancing. I am not going to cover those steps in this blog. Instead I will fast forward to the Load Balancing configurations required to do Unified Access Gateway.
Pre-Installation Checklist
This list should include everything that needs to be available BEFORE we start to install the UAG Load Balancer.
- A pair of UAG Appliances should be deployed
- The admin page of both the UAG appliances should be accessible
- Create a X-Large NSX Edge and make sure its deployed using HA (Active/Passive)
- Enable Syslog on the NSX Edge
- Reserve the VIP IP address used by NSX
Step-by-Step guide (Part1 – We shall cover Global Configuration, Application Profiles and Service Monitoring)
1. Configure the Load Balancing – Global Configuration
- Log into the Edge GW you need to configure and go to the Manage tab then the Load Balancer tab.
- Click on Global Configuration
2. Configure the Load Balancer – Application Profiles
- Overall we will be creating three Profiles – HTTPS, TCP and UDP as follows:
- Click on the green plus sign to add the HTTPS profile
- Click on the green plus sign to add the TCP profile
- Click on the green plus sign to add the UDP profile
3. Configure the Load Balancer – Service Monitoring
- Overall we will be creating three Service Monitors – HTTPS, TCP and UDP as follows:
- Click on the green plus sign to add the Access Point TCP Monitor. This one monitor will be used for all APs.
- Set the Name to default_tcp_monitor
- Set the Interval to 5
- Set the Timeout to 15
- Set the Max Retries to 3
- Set the Type to TCP
- Click Ok
- Click on the green plus sign to add the Access Point HTTP Monitor. This one monitor will be used for all APs.
Remaining configuration around the “Pools” and “Virtual Servers” to be continued in the NSX Load Balancing for VMware Unified Access Gateway – Part2
I hope you find these steps useful and don’t have to invent the wheel when it comes to NSX LB for VMware UAG.
Thanks,
Aresh
Recent Comments