thecloudxpert

VCAP6-NV Deploy - Objective 3.1 - Configure and Manage Logical Load Balancing

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Published on 30 July 2017 by Christopher Lewis. Words: 543. Reading Time: 3 mins.

Skills and Abilities

Objective 3.1 - Configure and Manage Logical Load Balancing

  • Configure the appropriate Load Balancer model for a given application topology.
  • Configure SSL off-loading.
  • Configure a service monitor to define health check parameters for a specific type of network traffic.
  • Optimize a server pool to manage and share backend servers.
  • Configure an application profile and rules.
  • Configure virtual servers.

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Configure the appropriate Load Balancer model for a given application topology

VMware NSX provides two types of Load Balancer, Layer 4 (packet-based) and Layer 7 (socket-based). All NSX LBs are created as Layer 7 unless the Enable Acceleration checkbox as part of the deployment, then a Layer 4 LB created.

There are two types of VMware NSX LB deployment modes, Proxy Mode (one-arm) and Transparent Mode (inline). For more information see the VMware NSX Design Guide .

How to enable and configure an VMware NSX Load Balancer, see HOWTO: Configure VMware NSX Load Balancing

Configure SSL off-loading

There are a few steps to configuring SSL Off-loading:

  1. Upload the Certificate Chain SSL Certificate.
  2. Upload the SSL Certificate (or generate a self-signed one) and Private Key.
  3. Configure an Application Profile for SSL Offloading.
  4. Assign the Profile to a Virtual Server.

The following steps assume you have logged into VMware vCenter and can locate the appropriate ESG and that Load Balancing is already enabled.

Upload the Certificate Root CA & SubCA SSL Certificate

Navigate to Networking and Security > NSX Edges > [ESG Name] > Manage > Settings > Certificates.

Click Add(+).

Select CA Certificate.

Copy the contents of the CA Certificate file (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----).

Click OK.

Upload the SSL Certificate (or generate a self-signed one) and Private Key.

Click Add(+).

Select Certificate.

Copy the contents of the Certificate file (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and the RSA Key file (including -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----).

Click OK.

Configure an Application Profile for SSL Offloading

Navigate to Networking and Security > NSX Edges > [ESG Name] > Manage > Load Balancer > Application Profiles.

Click Add(+).

Enter the Name for the new Application Profile and select HTTPS from the Type dropdown.

Select Service Certificates and check the Configure Service Certificate checkbox.

Select the appropriate Service Certificate and click CA Certificates.

Check the checkbox of the corresponding CA Certificate.

Click OK.

Assign the Profile to a Virtual Server

This is no different from the normal process of assigning an Application Profile to a Virtual Server. Therefore, see HOWTO: Configure VMware NSX Load Balancing .

Configure a service monitor to define health check parameters for a specific type of network traffic

I believe I have provided sufficient guidance in the HOWTO: Configure VMware NSX Load Balancing post.

Optimize a server pool to manage and share backend servers

I believe I have provided sufficient guidance in the HOWTO: Configure VMware NSX Load Balancing post.

Configure an application profile and rules

I believe I have provided sufficient guidance in the HOWTO: Configure VMware NSX Load Balancing post.

Configure virtual servers

I believe I have provided sufficient guidance in the HOWTO: Configure VMware NSX Load Balancing post.

Published on 30 July 2017 by Christopher Lewis. Words: 543. Reading Time: 3 mins.


Blog Categories: VMware NSX NSX-V Certification
Related Post(s):
Recent Posts:
  • Creating a Custom Resource Action - Part 1: Getting Started & API Discovery
  • Operating a Private Cloud - Part 3: Creating a Pricing Card in VMware Aria Automation
  • Operating a Private Cloud - Part 2: Creating a Pricing Card in VMware Aria Operations
  • Operating a Private Cloud - Part 1: Understanding Pricing Cards in VMware Aria
  • Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 5

    • Blog Categories:
    active directory 6 aria automation 9 aria automation orchestrator 1 aria operations 2 aws 2 blog 1 career 1 certificate authority 5 certificates 5 certification 91 cloud management 1 cloudnativecon 1 community 1 fun 1 general 9 hands on labs 1 home lab 2 kubecon 1 kubernetes 1 microsoft 7 nsx 45 nsx v 41 powercli 8 powershell 6 professional 1 reviews 1 vcap 48 vcap6 2 vcenter server 4 vcix 2 vexpert 9 vmug 5 vmware 99+ vmware aria 1 vmware aria automation 9 vmware aria automation orchestrator 1 vmware aria operations 3 vmware cloud 3 vmware cloud director 1 vmware explore 2 vmware identity manager 2 vmworld 36 vrealize automation 81 vrealize automation saltstack config 1 vrealize business 2 vrealize log insight 1 vrealize operations 1 vrealize operations manager 5 vrealize orchestrator 13 vrealize suite 14 vrealize suite lifecycle manager 20 vsan 5 vsphere 9 windows 6
    Top Tags:
    active directory 6 api 18 barcelona 24 certificates 11 certification 7 howto 42 microsoft 7 multi tenancy 9 nsx v 43 platform services controller 8 powercli 8 powershell 7 psc 6 vcap 8 vcap6 45 vcap6 cma 47 vcap6 nv 37 vcix6 nv 36 vexpert 19 vmug 8 vmware 99+ vmware aria 10 vmware aria automation 9 vmworld 35 vmworld 2016 13 vmworld 2017 9 vra 13 vrealize automation 74 vrealize operations 8 vrealize orchestrator 21 vrealize suite lifecycle manager 11 vrslcm 20 vsan 7 vsphere 12