We have deployed cloud director 10.2.1( appliances) in a multi- cell configuration and its being protected behind NSX Advance Load Balancer which is configured in "in-line mode".
We are able to access the Portal fine from external and internal using the VIP IP however we are not able to connect to webconsole of the virtual Machines running in cloud.
Since its an appliance for the console proxy we have defined the external url with port 8443
on Load Balancer there are two services which are created.
1. one for portal access on port 443. We have applied the signed certificates and it is working fine.
2. 2nd service is created for port 8443 on the same public IP with no certs applied but application profile is L4 based.
I can successfully telnet on port 8443 from outside which tells me that communication is fine however console access does not work at all.
if anyone have configured AVI laod Balancer to protect Cloud Director appliances. I have not seen any official documentation giving any refrence of VCD behind AVI.
any ideas what could be wrong?
1.Please confirm that you are not terminating the console proxy sessions in AVI LB?
2.If you are using WAF, kindly limit to learning mode for Console proxy VIP.
I have done the config in the suggested way but may be I am missing something. Are you able to share an example config how exactly that is done at AVI service.
Since we are using cloud director appliance, same public IP is being is used for http portal as well a consoleproxy on 8443. attached is a screenshot of the AVI service config for console-proxy showing service config and vmrc pool config.
Apologize for the late reply. Screenshots are not clear :), please do provide me the precise snippet. Also, can you confirm if you access direct VCD Cell IP and access console is it working?