I want to deploy muitiple vRA Cloud service ,but the F5 like load balancers is so expensive,can i use load balancer software nginx to deploy?and how to deploy?
nginx i am not sure , another option is VCNS , and you can create edge load balancer , VCNS is a part of VCOUD suite.
Is it free to deploy? MY load balance Is about to load-balancing muiti-vRealize Appliance ,not Networking .:smileyplain:@
I think, HariRajan was talking about the Load balancing part of the vCNS or now NSX, without the specific networking part.
You should be able to use another Load balancer plateform to load balance a vRealize infrastructure, however as far as I know only NSX and F5 are the recommended Load Balancer.
Here is an example of using KEMP as a load balancer : http://theithollow.com/2016/02/24/vrealize-automation-7-load-balancer-rules/ so you could use another Load Balancer than F5 or NSX.
Here are the documentation for using NSX or F5 as Loadbalancer which my help you to build the required rules for your own load balancer :
- https://www.vmware.com/pdf/vrealize-automation-load-balancing.pdf
- http://pubs.vmware.com/vra-70/topic/com.vmware.ICbase/PDF/vrealize-automation-70-load-balancing.pdf
I've been using a pair of HAProxy machines since late last year to front end my 7.0 environment. Both are fairly small machines, and I haven't had any issues.
We are not doing SSL termination, so you'll need to include the SAN's of all your machines in the SSL.
KeepaliveD is running on both nodes to provide some high availability.
Here is the haproxy config.
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
maxconn 2048
tune.ssl.default-dh-param 2048
tune.bufsize 65535
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
# --------------------
# Reference http://vcdxpert.com/?cat=55
# --------------------
defaults
log global
option http-server-close
retries 3
option redispatch
timeout connect 5000
timeout client 50000
timeout server 300000
maxconn 2048
# Redirect all vRA users to HTTPS
# frontend www-http
# bind *:80
# mode http
# reqadd X-Forwarded-Proto:\ http
# default_backend vra-backend
# Add stats
listen stats *:1936
mode http
stats enable
stats hide-version
stats realm Haproxy\ Statistics
stats uri /
stats auth haproxy:haproxy
#SSL passthrough SSL for portal users
frontend www-https
bind 10.1.2.150:443
mode tcp
default_backend vra-backend
# terminate vRA management
frontend 5480-https
bind 10.1.2.150:5480
mode tcp
default_backend vra-mgmt-backend
#SSL passthrough SSL for iaasweb
frontend iaasweb
bind 10.1.2.151:443
mode tcp
default_backend iaasweb
#SSL passthrough SSL for iaasmanager
frontend iaasapp
bind 10.1.2.152:443
mode tcp
default_backend iaasapp
# Add vRA backend server
backend vra-backend
option tcp-check
tcp-check connect ssl
tcp-check send GET\ /vcac/services/api/status\r\n
tcp-check expect rstring REGISTERED
balance roundrobin
stick-table type ip size 200k expire 30m
stick on src
mode tcp
server vra01 10.1.2.153:443 check verify none
server vra02 10.1.2.163:443 check verify none
# add vRA management
backend vra-mgmt-backend
balance roundrobin
stick-table type ip size 200k expire 30m
stick on src
mode tcp
server vrmgmt01 10.1.2.153:5480 check
server vrmgmt02 10.1.2.163:5480 check
# add IaaSWeb
backend iaasweb
option tcp-check
tcp-check connect ssl
tcp-check send GET\ /WAPI/api/status\r\n
tcp-check expect rstring REGISTERED
balance roundrobin
stick-table type ip size 200k expire 30m
stick on src
mode tcp
server iaasweb01 10.1.2.154:443 check verify none
server iaasweb02 10.1.2.155:443 check verify none
# add IaaSAPP
backend iaasapp
balance roundrobin
stick-table type ip size 200k expire 30m
stick on src
mode tcp
server iaasapp01 10.1.2.156:443 check
server iaasapp02 10.1.2.165:443 check
i am not familiar with HAproxy,Can you post more information in detail about the deploy steps. thanks a lot.
Refer below blog and vmware vcns documention for understanding its capability.
open902.com/vrealize-automation-7-enterprise-install