Since NSX 6.4.5 you are able to configure a load balancer from the HTML5 client. In the below case, i’ll configure an NSX edge to load balance traffic between my connection servers.
Step 1 : Deploy a NSX Edge
In networking and Security, clic on NSX Edges and AddConfigure a name and a host name for your NSX Edge, in my case i’ll do not use HA.Configure a username and a password, take care that the policy is more restrictive than usual.For lab purpose, compact deployment will be far enoughConfigure an interface where the edge will communicate, this ip will handle the VIP for your loadbalancer.Configure a gatewayAgain for lab purpose, i’ll use a default policy which allow all traffic.
Step 2 : Configure the load balancer
First of all, enable the load balancer service on your edge
Step 3 : Create an application profile
In a first time, i’ll do not use any certificate. Each broker will show its own self signed certificate.
Configure SSL Passtrough, and use SSL Session ID for the persistence mode
Step 4 : Create a new pool containing my two broker
Use IP-HASH algorithm, and the default https rules for monitoring trafficAdd your brokers in members, and configure port 443.
Step 5 : Create a virtual server
Create a virtual server, with https protocol and redirecting to the previously created Horizon pool
Step 6 optionnal : Add a self signed certificate
Go back in the configure tab of your Edge, select certificates, in the CSR Actions, clic generate certificateSelect your previously generated CSR and select self sign certificate. Go back into your application profile and select HTTPS End to End instead of SSL passtrough. Self your self signed certificate on the Client and Server side.In my case, you can see that the horizon certificate is presented, not the broker one.
Hi Florian, I’ve configured this LB and works fine only with source ip persistence.
If I set the SSL Session ID the connection is timed out.
The other issue is setting the end to end in the app profile with the NSX self generated certificate, the connection is timed out again.
Hi Florian, I’ve configured this LB and works fine only with source ip persistence.
If I set the SSL Session ID the connection is timed out.
The other issue is setting the end to end in the app profile with the NSX self generated certificate, the connection is timed out again.