2. VMware AVI Global Server Load-Balancer
This is possibly one of the most undocumented integrations in our Horizon Stack. And we look forward to sharing this exciting lab with you.
Part 1 Setting up Global DNS
Adding DNS Entries.
In this section, we will create DNS Entries for both Site1 and Site2.
These DNS Entries will be used as VIP in AVI GSLB Configurations later.
Corp DNS Eritres |
Entity Description |
IP Address |
---|---|---|
dns-a.euc-livefire.com |
Corp DNS for Site1 | 172.16.20.101 |
dns-b.euc-livefire.com |
Corp DNS for Site2 |
172.16.50.101 |
- On your ControlCenter server
- From the desktop Shortcut or TaskBar,
- Launch DNS
- From the DNS Manager
- Expand Forward Lookup Zones on the left hand side of DNS Menu
- Expand euc-livefire.com
- Expand Forward Lookup Zones on the left hand side of DNS Menu
- From the DNS Manager
- Launch DNS
- From the desktop Shortcut or TaskBar,
- In the DNS Manager Window
-
Right Click on euc-livefire.com
- Select New Host (A or AAAA)...
-
Right Click on euc-livefire.com
- In the New Host Window
- In the Name
-
Type dns-a
- In the IP address:
- Type 172.16.20.101
- Click Add Host
- Type 172.16.20.101
- In the IP address:
-
Type dns-a
- In the Name
- Repeat the steps to add Worker Node for Site-1 in the DNS Record
- In the New Host Window
- In the Name
-
Type dns-b
- In the IP address:
- Type 172.16.50.101
- Click Add Host
- Close the new host window.
- Click Add Host
- Type 172.16.50.101
- In the IP address:
-
Type dns-b
- In the Name
- In the New Host Window
- In the DNS Manager Console
- Verify the following
- That all entries are added in the DNS record as shown in the image above.
- That your entries are created in the euc-livefire.com Forward Lookup Zones
- That all entries are added in the DNS record as shown in the image above.
- Verify the following
Creating Delegation.
In this section, we will create Delegation using the DNS created in Section 1 for Site1 and Site2
- In the DNS Manager Window
-
Right Click on euc-livefire.com
- Select New Delegation...
-
Right Click on euc-livefire.com
- In the New Delegation Wizard
- Click Next
- In the New Delegation Wizard
- Under Delegated domain
-
Type
-
corp
- Fully qualified domain name (FQDN), should show:
-
corp.euc-livefire.com
- Click Next
-
corp.euc-livefire.com
- Fully qualified domain name (FQDN), should show:
-
corp
-
Type
- Under Delegated domain
- In the Name Servers
- Click Add
- In Server fully qualified domain name (FQDN):
- Type
-
dns-a.euc-livefire.com
- Click Resolve
-
Note: It will NOT resolve unless we create the GSLB
- Click OK
-
dns-a.euc-livefire.com
- Type
- In the Name Servers
-
Click Add Again
- In Server fully qualified domain name (FQDN):
- Type
- dns-b.euc-livefire.com
-
Note: It will NOT resolve unless we create the GSLB
- Click Resolve
- Click OK
- Click Resolve
- Type
- In Server fully qualified domain name (FQDN):
-
Click Add Again
- In New Delegation Wizard
- Click Next
- Click Finish
- Click Next
- The Corp Delegation should look like shown in the picture above
Part 2 Setting Up AVI GSLB
Site Configuration.
In this section, we do Site Configuration in AVI
- On your ControlCenter Server
- Open your Chrome Browser for Site-1
- In the Address bar, Enter or browse from the bookmark
- To https://avicontroller.euc-livefire.com
- Under Username, enter admin and VMware1!VMware1! as the password
- Click Login
- Under Username, enter admin and VMware1!VMware1! as the password
- To https://avicontroller.euc-livefire.com
- In the Address bar, Enter or browse from the bookmark
- Open your Chrome Browser for Site-1
- In the NSX-ALB Console
- Navigate to Infrastructure > GSLB > Site Configuration
- Click on the Pen symbol on the right to enable GSLB
- In the New GSLB Configuration Window
- Name: GSLB
- Username: admin
- Password: VMware1!VMware1!
- IP Address: 192.168.210.71 (Default)
- Port: 443 (Default)
- GSLB Subdomain: euc-livefire.com
- Client Group Ip Address Type : Public (Default)
- Click Save
- The Site Configuration should look as shown in the pic above.
Configure Geo Profile.
Since our Multi-Site lab is in same physical location, we need to update the AVI GEO DB with a custom configuration file so that client request coming from Site1 should be denoted as Bangalore and client request coming from Site 2 as Seattle.
- In the AVI admin page
- Go to
- Infrastructure > Upload Geo Files
-
Under Please select the Geo files to upload
- Click Select Files
- Navigate to Desktop > Software >AVI
- Select newgeo.tar.gz file
- Click Open to upload the file
- From the dropdown menu
- Select AVI as a format as shown in the Button 4
- Click Upload File
- Click Select Files
- Go to
- Once the upload is complete
- It should denote as Upload Complete 100%
- Under Infrastructure
- Navigate to Geo Profile
- In the Geo Profile tab
- Click CREATE
- In the Geo Profile tab
- Navigate to Geo Profile
- In New Geo Profile window
- Under General
- Name : NewGeo
- Under Entries
- From File Name Dropdown
- Select newgeo.tar.gz file which we uploaded in Part 2: Section 2: Step 1
- Priority : 10 (Default)
- Format: AVI (Default)
- Click SAVE
- From File Name Dropdown
- Under General
- Once the Geo Profile is saved
- It should look as shown in the Pic Above
Create VIP using the IPs we configured in Part 1 for Site 1 and Site 2
- In the AVI Admin Page
- Go to Application > VS VIPs
- Click CREATE to create DNS VIP for Site1
- In the Create VS VIP Page
- Under General type
- Name : DNS1-VIP1
- Click ADD
- Under General type
- In Edit VIP: 1
- Under General
- validate Enable VIP checkbox is checked
- Private IP : 172.16.20.101
- Click SAVE
- Click SAVE again in the Create VS VIP Page
- Under General
- In the VS VIPs, page
- Click CREATE to create DNS VIP for Site2
- In the Create VS VIP Page
- Under General type
- Name : DNS2-VIP1
- Click ADD
- Under General type
- In Edit VIP: 1
- Under General
- Enable VIP checkbox
- Private IP : 172.16.50.101
- Click SAVE
- Click SAVE again in the Create VS VIP Page
- The VS VIPs Page should look as shown in the pic above
In this section we create Virtual Service for Site1
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
- In the Virtual Services area
- To the top right, select CREATE VIRTUAL SERVICE
- Select Advanced Setup.
- In the New Virtual Service wizard
-
Step 1: Settings area
- Enter the following under:
-
Name*
- type DNS1
-
VS VIP *
- Select the dropdown,
- Select DNS1-VIP1
- Select the dropdown,
-
Name*
- Enter the following under:
-
Step 1: Settings area
- To the Right of VIP Address
- Under Profile
- Application Profile : System-DNS
-
Note:
- You will notice, TCP/UDP Profile automatically changes to System-UDP-Per-pkt
- Under Profile
- Under Service Port
- Confirm Services is set to 53
- In the Virtual Service
- The warning message shows as
- You may want to select pool
- Ignore the message and proceed forward.
- The warning message shows as
- Leave the Pool Drop Down as Blank
- Click Next
- Under Step 2: Polices
- Leave it default and Click Next
- Under Step 3 : Analytics
- Leave it default and Click Next
-
Under Step 4: Advanced
- Leave it default and Click Next
-
Under Step 5 : DNS Records
- Leave it default and Click SAVE
In this section we create Virtual Service for Site 2
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
- In the Virtual Services area
- To the top right, select CREATE VIRTUAL SERVICE
- Select Advanced Setup.
- In the New Virtual Service wizard
-
Step 1: Settings area
- Enter the following under:
-
Name*
- type DNS2
-
VS VIP *
- Select the dropdown,
- Select DNS2-VIP1
- Select the dropdown,
-
Name*
- Enter the following under:
-
Step 1: Settings area
- To the Right of VIP Address
- Under Profile
- Application Profile : System-DNS
-
Note:
- You will notice, TCP/UDP Profile automatically changes to System-UDP-Per-pkt
- Under Profile
- Under Service Port
- Confirm Services is set to 53
- Leave the Pool Drop Down as Blank
- Click Next
- Under Step 2: Polices
- Leave it default and Click Next
- Under Step 3 : Analytics
- Leave it default and Click Next
-
Under Step 4: Advanced
- Leave it default and Click Next
-
Under Step 5 : DNS Records
- Leave it default and Click SAVE
- Once both DNS1 and DNS2 are configured
- The Virtual Services Should look as shown in the Pic above
Linking Virtual Service With GSLB Site Configuration
- In the AVI-ALB Console
- Go to Infrastructure > expand
- select Site Configuration
- Under Active Members (Continuous Replication)
- Next to gslb we created earlier section
- Click on Pen Icon to edit the GSLB
- Next to gslb we created earlier section
- Go to Infrastructure > expand
- In the Edit GSLB Site Page
- Click on Save and Set DNS Virtual Services
- It will redirect you to Edit GSLB Site to link DNS Virtual Service to Subdomains
- In the Edit GSLB Site Page
- DNS Virtual Service : DNS1
- Subdomains : euc-livefire.com
- Click + Add DNS VS to add Site2 DNS
-
In the Edit GSLB Site Page
- DNS Virtual Service : DNS2
- Subdomains : euc-livefire.com
- Click Save
In this section we create GSLB Services
- In the NSX-ALB Console
- Navigate to Applications > GSLB Services
- In the GSLB Services area
- To the top right, select CREATE
- Select Advanced Setup.
- In the New GSLB Service area configure
- Name : gslb-service
- Application Name : corp
- Subdomain : .euc-livefire.com (default)
- Groups Load Balancing Algorithm : Geo location-based
- In the New GSLB Service Page
- Scroll down to GSLB Pools
-
To the right
-
Click Add Pool >
- It opens New GSLB Pool window
-
Click Add Pool >
- In the New GSLB Pool Window
-
Enter the follow
- Name : GSLb-Service-Pool
- Priority : 10 (default)
- Pool Members Load Balancing Algorithm : Geo
- Pool Members Fallback Load Balancing Algorithm : Consistent Hash
- Leave everything else as default
- scroll down to Pool Member
-
Enter the follow
- In the New GSLB Pool Window
- Under Pool Member
- Ensure Virtual Service radio button is selected
- Site Cluster Controller : gslb
- Virtual Service : Horizon-UAG-L7-Site-1
- Ratio: 1 (default)
- Geo Location Source : User Configured
- Name : Bangalore
- Latitude 12
-
Longitude : 77
- Leave everything else as Default
- Ensure the settings matches as per screenshot above
- To add Site2
- Click Add GSLB Pool Member
- Under Pool Member
- In the New GSLB Pool Window
- Under Pool Member
- Ensure Virtual Service checkbox is selected
- Site Cluster Controller : gslb
- Virtual Service : Horizon-UAG-L7-Site-2
- Ratio: 1 (default)
- Geo Location Source : User Configured
- Name : Seattle
- Latitude : 47
- Longitude : -122
- Leave everything else as Default
- Ensure the settings matches as per screenshot above
- Click Done
- Under Pool Member
- Ensure All the settings matches as per the screenshot above
- Click Save
- Settings should match as per the screenshot above
- To Show the status as Green, it would take 2 to 3 minutes
Part 3 Testing the GSLB
Validate the configurations by enabling advance logging in AVI
- If required login to NSX-ALB Console
- On your ControlCenter Server
- Open your Chrome Browser for Site-1
- In the Address bar, Enter or browse from the bookmark
- To https://avicontroller.euc-livefire.com
- Under Username, enter admin and VMware1!VMware1! as the password
- Click Login
- Under Username, enter admin and VMware1!VMware1! as the password
- To https://avicontroller.euc-livefire.com
- In the Address bar, Enter or browse from the bookmark
- Open your Chrome Browser for Site-1
- On your ControlCenter Server
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
-
To the left of DNS1, select the checkbox.
-
On the right hand side of DNS1.
- Click the pencil icon to edit the DNS1.
-
On the right hand side of DNS1.
-
To the left of DNS1, select the checkbox.
- Navigate to Applications > Virtual Services
- In Edit Virtual Service: DNS1
- Go to Analytics
- Enable Non-significant logs
- Click Save
- Go to Analytics
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
- To the left of DNS2, select the checkbox.
- On the right hand side of DNS2.
- Click the pencil icon to edit the DNS2.
- On the right hand side of DNS2.
- To the left of DNS2, select the checkbox.
- Navigate to Applications > Virtual Services
- In Edit Virtual Service: DNS2
- Go to Analytics
- Enable Non-significant logs
- Click Save
- Go to Analytics
In the lab environment you have two sites. Each site has 3 separate vlans. There is an Internal, DMZ and External VLAN for each site. In Site 1, Windows 11 Client Desktop are configured with 192.168.110.10 DNS server address.
- On your ControlCenter server
- On the Desktop
- Open the Remote Desktops Folder
- Open Site1
- Launch W11Client-01a.rdp
-
Login as craig
- With the password VMware1!
- Open Site1
- Open the Remote Desktops Folder
- On the Desktop
- In W11Client-01a
-
Open Command Prompt from desktop
- In the Command Prompt, type
-
ping corp.euc-livefire.com and press enter
- You would notice the response from 172.16.20.100
- The above IP is the VIP for Site-1
- You would notice the response from 172.16.20.100
-
ping corp.euc-livefire.com and press enter
- In the Command Prompt, type
- Once the ping is complete, minimize W11Client-01a RDP Session
- Return to Control Center Desktop
-
Open Command Prompt from desktop
- On your ControlCenter server
- On the Desktop
- Open the Remote Desktops Folder
- Open Site2
- Launch W11Client-02a.RDP
- Login as Jackie
- With the password VMware1!
- Open Site2
- Open the Remote Desktops Folder
- On the Desktop
- In W11Client-02a
-
Open Command Prompt from desktop
- In the Command Prompt, type
-
ping corp.euc-livefire.com and press enter
- You would notice the response from 172.16.50.100
- The above IP is the VIP for Site-2
- You would notice the response from 172.16.50.100
-
ping corp.euc-livefire.com and press enter
- In the Command Prompt, type
- Once the ping is complete, minimize W11Client-02a RDP Session
- Return to Control Center Desktop
-
Open Command Prompt from desktop
- If required, login to NSX-ALB Console
- On your ControlCenter Server
- Open your Chrome Browser for Site-1
- In the Address bar, Enter or browse from the bookmark
- To https://avicontroller.euc-livefire.com
- Under Username, enter admin and VMware1!VMware1! as the password
- Click Login
- Under Username, enter admin and VMware1!VMware1! as the password
- To https://avicontroller.euc-livefire.com
- In the Address bar, Enter or browse from the bookmark
- Open your Chrome Browser for Site-1
- On your ControlCenter Server
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
- Click on DNS1
- Navigate to Applications > Virtual Services
- In Virtual Service: DNS1 window
- Go to Logs tab
- Click on Non-Significant Logs as shows in 2
- Note: If the logs are not seen, Click the refresh button as shown in 4
- Verify the Client IP
- It should match the DNS Server IP of Site 1
- 192.168.110.10
- Expand the + (Plus) Symbol as shown in 3
- Go to Logs tab
- Notice the following:
- Client IP
- Location
- Virtual Sevice IP
- GSLB Pool Name
- Service Engine
- Look the IP of DNS Server for Site2
- 192.168.210.10
- Note: If the logs are not seen, Click the refresh button.
- Expand the + (Plus) Symbol to the extreme right
- Notice the following:
- Client IP
- Location
- Virtual Sevice IP
- GSLB Pool Name
- Service Engine
This is the end of the GSLB Lab. Hope it helpful.
0 Comments
Add your comment