says that we need 2 DNS A records (for both active and passive external ips).
We managed to set up vCenter HA, but we have issues with clients delay/timeout because of two DNS A records, with one of them being down (passive node).
So it works, but with issues. We're thinking about setting up load balancer in front of active/passive node.
also also saw the hint here VMware Knowledge Base to configure DNS with 2 A records, but this - as you said - does not work in 50% of your tries as the passive Node is down and won't answer requests.
Thus, I think the best way would be to hide both behind another load balancer, for example haproxy (with another service IP).
This is what I want to configure within the next days.
We also want to deploy VCHA in 2 different datacenters (with 2 different management IPs), so we still setup VCHA in "advanced mode" and "override management ip on failover". My plan is then to setup a high available (or use an already available) HAPROXY loadbalancer (in tcp mode) and forward all used ports by VCHA to the primary node and use the backup node as "backup"
This should look something like this (not yet tested)
bind <srv_ip>:443,<srv_ip>:8443: and all other ports
server vcha1 <ip_of_node_1> check
server vcha2 <ip_of_node_2> check backup
Then, only the "srv_ip" should be set within DNS to point to the FQDN of the VCHA.
One point not yet ready....how to check, if the "active" node is *really* gone? (which port to check?)
In the setup above....if the primary node is assumed "online" again, all requests will then go to the primary node, so the "check" is really important... We need a good way to see, if the active node is really down.
I do not yet have an idea.