4. VMware AVI Global Server Load-Balancer
This is possibly one of the most undocumented integrations in our Horizon Stack. And we look forward to sharing this exciting lab with you.
Part 1 Setting up Global DNS
Adding DNS Entries.
In this section, we will create DNS Entries for both Site1 and Site2.
These DNS Entries will be used as VIP in AVI GSLB Configurations later.
| Corp DNS Eritres |
Entity Description |
IP Address |
|---|---|---|
| dns-a.euc-livefire.com |
Corp DNS for Site1 | 172.16.20.101 |
| dns-b.euc-livefire.com |
Corp DNS for Site2 |
172.16.50.101 |
- On your ControlCenter server
- From the desktop Shortcut or TaskBar,
- Launch DNS
- From the DNS Manager
- Expand Forward Lookup Zones on the left hand side of DNS Menu
- Expand techseals.co
- Expand Forward Lookup Zones on the left hand side of DNS Menu
- From the DNS Manager
- Launch DNS
- From the desktop Shortcut or TaskBar,
- In the DNS Manager window
-
select on techseals.co
-
right-click
- select New Host (A or AAAA)...
-
right-click
-
select on techseals.co
- In the New Host window
- In the Name area
-
type dns-a
- In the IP address:
- type 172.16.20.101
- click Add Host
- In the DNS window
- select OK
- type 172.16.20.101
- In the IP address:
-
type dns-a
- In the Name area
- Repeat the steps to add Worker Node for Site-1 in the DNS Record
- In the New Host window
- In the Name area
-
type dns-b
- In the IP address:
- Type 172.16.50.101
- Click Add Host
- In the DNS window
- select OK
- to close the New Host window.
- select Done
- In the DNS window
- Click Add Host
- Type 172.16.50.101
- In the IP address:
-
type dns-b
- In the Name area
- In the New Host window
- In the DNS Manager Console
- Verify the following
- That all entries are added in the DNS record as shown in the image above.
- That your entries are created in the techseals.co Forward Lookup Zones
- Verify the following
Creating Delegation.
In this section, we will create Delegation using the DNS created in Section 1 for Site1 and Site2
- In the DNS Manager Window
-
right click on techseals.co
- Select New Delegation...
-
right click on techseals.co
- In the New Delegation Wizard
- Click Next
- In the New Delegation Wizard
- under Delegated Domain Name
- type
-
corp
- the Fully qualified domain name (FQDN), should show:
-
corp.techseals.co
- click Next
-
corp.techseals.co
- the Fully qualified domain name (FQDN), should show:
-
corp
- type
- under Delegated Domain Name
- In the Name Servers window
- click Add
- In the Server fully qualified domain name (FQDN): field
- type
-
dns-a.techseals.co
-
click Resolve
- click OK
-
click Resolve
-
dns-a.techseals.co
- type
Note: It will NOT resolve unless we create the GSLB
- In the Name Servers window
- click Add
- In Server fully qualified domain name (FQDN): area
- type
-
dns-b.techseals.co
- click Resolve
- click OK
- click Resolve
-
dns-b.techseals.co
- type
- In Server fully qualified domain name (FQDN): area
- click Add
Note: It will NOT resolve unless we create the GSLB
- In New Delegation Wizard
- click Next
- Click Finish
- click Next
- The Corp Delegation should look like shown in the picture above
Part 2 Setting Up AVI GSLB
Site Configuration.
In this section, we do Site Configuration in AVI
- On your ControlCenter Server
- Open your Chrome Browser for Site-1
- In the Address bar, Enter or browse from the bookmark
- To https://avicontroller.techseals.co.
- under the Username area,
- enter admin
- under Password area,
- enter Pa$$w0rd
- under the Username area,
- click LOG IN
- To https://avicontroller.techseals.co.
- In the Address bar, Enter or browse from the bookmark
- Open your Chrome Browser for Site-1
- In the NSX-ALB Console
- Navigate to Infrastructure > GSLB > Site Configuration
- click on the Pen symbol on the right to enable GSLB
- In the New GSLB Configuration window
- enter and validate the following entries, next to:
- Name: GSLB
- Username: admin (Default)
- Password: Pa$$w0rd (Default)
- IP Address: 192.168.210.71 (Default)
- Port: 443 (Default)
- GSLB Subdomain: techseals.co
- Client Group Ip Address Type : Public (Default)
- click Save
- enter and validate the following entries, next to:
- The Site Configuration should look as shown in the pic above.
Configure Geo Profile.
Since our Multi-Site lab is in same physical location, we need to update the AVI GEO DB with a custom configuration file so that client request coming from Site1 should be denoted as Bangalore and client request coming from Site 2 as Seattle.
- In the AVI admin page
- go to
-
Infrastructure > Upload Geo Files
-
under Please select the Geo files to upload
- click Select File
-
navigate to Desktop > Software >AVI
- select newgeo.tar.gz file
-
to upload the file
- click Open
- From the dropdown menu
- select AVI as a format as shown in the Button 4
- click Upload File
-
navigate to Desktop > Software >AVI
- click Select File
-
under Please select the Geo files to upload
-
Infrastructure > Upload Geo Files
- go to
- Once the upload is complete
- It should denote as Upload Complete 100%
- Under Infrastructure
- Navigate to Geo Profile
- In the Geo Profile tab
- Click CREATE
- In the Geo Profile tab
- Navigate to Geo Profile
- In New Geo Profile window
- under General
- Name : NewGeo
- under Entries
- from the File Name dropdown
- select newgeo.tar.gz file which we uploaded in Part 2: Section 2: Step 1
- Priority : 10 (default)
- Format: AVI (default)
- click SAVE
- from the File Name dropdown
- under General
- Once the Geo Profile is saved
- It should look as shown in the Pic Above
We will now create VIPs (virtual IP address) using the DNS entries we configured in Part 1 for Site 1 and Site 2
- In the AVI Admin page
- go to Application > VS VIPs
- to create a DNS VIP for Site1
- click CREATE
- In the Create VS VIP Page
- under General:
- enter under Name :
- DNS1-VIP1
- click ADD
- In the Edit VIP: 1 window
- under General
-
validate Enable VIP checkbox is checked
- below Private IP :
- enter 172.16.20.101
- below Private IP :
- click SAVE
-
validate Enable VIP checkbox is checked
- in the Create VS VIP Page
- click SAVE
- under General
- In the VS VIPs, page
- to create DNS VIP for Site2
- click CREATE
- to create DNS VIP for Site2
- In the Create VS VIP Page
- Under General type
- Name : DNS2-VIP1
- Click ADD
- Under General type
- In the Edit VIP: 1 page
- under General
- update the following:
-
next to Enable VIP
- select the checkbox
-
next to Enable VIP
-
below Private IP :
- enter 172.16.50.101
- in the bottom right corner
- click SAVE
- in the Create VS VIP Page
- click SAVE
- update the following:
- under General
- The VS VIPs Page should look as shown in the pic above
In this section we create Virtual Service for Site1
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
- In the Virtual Services area
- to the top right,
- select CREATE VIRTUAL SERVICE
- select Advanced Setup.
- select CREATE VIRTUAL SERVICE
- to the top right,
- In the New Virtual Service wizard
-
Step 1: Settings area
- Enter the following under:
-
Name*
- type DNS1
-
VS VIP *
- select the dropdown,
- select DNS1-VIP1
- select the dropdown,
-
Name*
- Enter the following under:
-
Step 1: Settings area
- To the Right of VIP Address
- under Profile
- Application Profile : System-DNS
-
Note:
- You will notice, TCP/UDP Profile automatically changes to System-UDP-Per-pkt
- under Profile
- Under Service Port
- confirm Services is set to 53
-
in the bottom right corner
- select Next
-
in the bottom right corner
- confirm Services is set to 53
- In the Virtual Service
- The warning message shows as
- You may want to select pool
- Ignore the message and proceed forward.
- The warning message shows as
- Leave the Pool Drop Down as Blank
- Click Next
- Under Step 2: Polices
- Leave it default and Click Next
- Under Step 3 : Analytics
- Leave it default and Click Next
-
Under Step 4: Advanced
- Leave it default and Click Next
-
Under Step 5 : DNS Records
- Leave it default and Click SAVE
In this section we create Virtual Service for Site 2
- In the NSX-ALB Console
- navigate to Applications > Virtual Services
- In the Virtual Services area
- in the top right, select CREATE VIRTUAL SERVICE
- select Advanced Setup.
- in the top right, select CREATE VIRTUAL SERVICE
- In the Virtual Services area
- navigate to Applications > Virtual Services
- In the New Virtual Service wizard
-
Step 1: Settings area
- Enter the following under:
-
Name*
- type DNS2
-
VS VIP *
- select the dropdown,
- select DNS2-VIP1
- select the dropdown,
-
Name*
- Enter the following under:
-
Step 1: Settings area
- To the Right of VIP Address
- under Profile
- Application Profile : System-DNS
-
Note:
- You will notice, TCP/UDP Profile automatically changes to System-UDP-Per-pkt
- under Profile
- Under Service Port
- Confirm Services is set to 53
- select Next
- Confirm Services is set to 53
- In the New Virtual Service:DNS2 wizard
- Under Step 2: Polices
- Leave it default
- Ignore the warning message, You may want to select a Pool
- click Next
- Ignore the warning message, You may want to select a Pool
- under Step 3 : Analytics
- leave it default
- click Next
- leave it default
-
under Step 4: Advanced
- leave it default
- click Next
- leave it default
-
under Step 5 : DNS Records
- leave it default
- click SAVE
- leave it default
- Leave it default
- Under Step 2: Polices
- Once both DNS1 and DNS2 are configured
- The Virtual Services Should look as shown in the Pic above
Linking Virtual Service With GSLB Site Configuration
- In the AVI-ALB console
- select the Infrastructure tab
- in the left menu
- select GSLB > expand
- in the expanded menu
- select Site Configuration
- in the expanded menu
- select GSLB > expand
- in the left menu
- under Active Members (Continuous Replication)
- to edit the GSLB
- In line with GSLB
- click on Pen Icon
- In line with GSLB
- to edit the GSLB
- select the Infrastructure tab
- In the Edit GSLB Site Page
- click on Save and Set DNS Virtual Services
- It will redirect you to Edit GSLB Site to link DNS Virtual Service to Subdomains
- click on Save and Set DNS Virtual Services
- In the Edit GSLB Site page
- enter the following:
- below DNS Virtual Service :
- type DNS1
- below Subdomains :
-
from the dropdown
- select techseals.co
-
from the dropdown
- to add Site2 DNS
- below the DNS Virtual Service : area
- click on + Add DNS VS
- below the DNS Virtual Service : area
- below DNS Virtual Service :
- enter the following:
-
In the Edit GSLB Site Page
- In the Edit GSLB Site page
- enter the following:
- below the second instance of DNS Virtual Service :
- type DNS1
- below the second instance of DNS Virtual Service :
- below the second instance of Subdomains :
- from the dropdown
- select techseals.co
- select Save
- from the dropdown
In this section we create GSLB Services
- In the NSX-ALB Console
- Navigate to Applications > GSLB Services
- In the GSLB Services area
- to the top right, select CREATE
- select Advanced Setup.
- to the top right, select CREATE
- In the GSLB Services area
- Navigate to Applications > GSLB Services
- In the New GSLB Service area
- configure the following
- below the Name : area
- type GSLB-Service
- below the Application Name : area
- type corp
- below Subdomain :
- validate that techseals.co is selected (default)
- below Groups Load Balancing Algorithm :
- from the dropdown
- select Geo location-based
- from the dropdown
- below the Name : area
- configure the following
- In the New GSLB Service Page
- Scroll down to GSLB pools
- to the right
- click Add Pool >
- It opens the New GSLB Pool window
- click Add Pool >
- to the right
- Scroll down to GSLB pools
- In the New GSLB Pool Window
- Enter the following
- under the Name : area
- type GSLB-Service-Pool
-
under Priority :
- validate the value is 10 (default)
- under the Pool Members Load Balancing Algorithm : area
- from the dropdown
- select Geo
- from the dropdown
- under the Pool Members Fallback Load Balancing Algorithm :
- from the dropdown
- select Consistent Hash
- from the dropdown
- Leave everything else as default
- under the Name : area
- scroll down to Pool Member
- Enter the following
- In the New GSLB Pool Window
- under Pool Member heading
- validate and configure the following
- ensure the Virtual Service radio button is selected
- below Site Cluster Controller :
- from the dropdown
- select GSLB
- from the dropdown
- below Site Cluster Controller :
- below Virtual Service :
- from the dropdown
- Horizon-UAG-Site-1
- below Virtual Service :
- below Ratio:
- 1 (default)
- below Geo Location Source :
-
from the drop down
- select User Configured
-
from the drop down
- below Name :
- type Bangalore
- below Latitude
- type 12
- below Longitude :
- type 77
- below Site Cluster Controller :
- Leave everything else as Default
- Ensure the settings matches as per screenshot above
- ensure the Virtual Service radio button is selected
- validate and configure the following
- To add Site2
- scroll down
- click on Add GSLB Pool Member
- scroll down
- under Pool Member heading
an extension of the same interface appears (scroll down)
- In the New GSLB Pool Window
- under the Description blank box
- next to Virtual Service
- ensure the radio button is selected
- below Site Cluster Controller :
- from the dropdown
- select GSLB
- (notice the Virtual Service box now appears)
- select GSLB
- from the dropdown
- below Virtual Service :
- from the dropdown
- select Horizon-UAG-Site-2
- from the dropdown
- ensure that below Ratio:
- 1 (default) is the value
- below Geo Location Source :
-
from the dropdown
- select User Configured
-
from the dropdown
- under Name :
- enter Seattle
- under Latitude :
- enter 47
-
under Longitude :
- enter -122
- Leave everything else as Default
- Ensure the settings matches as per screenshot above
- next to Virtual Service
- scroll down
- click Done
- under the Description blank box
- Ensure All the settings matches as per the screenshot above
- click Save
- Settings should match as per the screenshot above
- To Show the status as Green, it would take 2 to 3 minutes
- refresh your screen
- To Show the status as Green, it would take 2 to 3 minutes
Part 3 Testing the GSLB
Validate the configurations by enabling advance logging in AVI
- If required login to NSX-ALB Console
- On your ControlCenter Server
- Open your Chrome Browser for Site-1
- In the Address bar, Enter or browse from the bookmark
- To https://avicontroller.techseals.co.com
- Under Username, enter admin and VMware1!VMware1! as the password
- Click Login
- Under Username, enter admin and VMware1!VMware1! as the password
- To https://avicontroller.techseals.co.com
- In the Address bar, Enter or browse from the bookmark
- Open your Chrome Browser for Site-1
- On your ControlCenter Server
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
-
To the left of DNS1, select the checkbox.
-
On the right hand side of DNS1.
- Click the pencil icon to edit the DNS1.
-
On the right hand side of DNS1.
-
To the left of DNS1, select the checkbox.
- Navigate to Applications > Virtual Services
- In Edit Virtual Service: DNS1
- Go to Analytics
- Enable Non-significant logs
- Click Save
- Go to Analytics
- In the NSX-ALB Console
- Navigate to Applications > Virtual Services
- To the left of DNS2, select the checkbox.
- On the right hand side of DNS2.
- Click the pencil icon to edit the DNS2.
- On the right hand side of DNS2.
- To the left of DNS2, select the checkbox.
- Navigate to Applications > Virtual Services
- In Edit Virtual Service: DNS2
- Go to Analytics
- Enable Non-significant logs
- Click Save
- Go to Analytics
In the lab environment you have two sites. Each site has 3 separate vlans. There is an Internal, DMZ and External VLAN for each site. In Site 1, Windows 11 Client Desktop are configured with 192.168.110.10 DNS server address.
- On your ControlCenter server
- On the Desktop
- Open the Remote Desktops Folder
- Open Site1
- Launch W11Client-01a.rdp
-
Login as Craig
- With the password Pa$$w0rd
- Open Site1
- Open the Remote Desktops Folder
- On the Desktop
- In W11Client-01a
-
Open Command Prompt from desktop
- In the Command Prompt, type
-
ping corp.techseals.co.com and press enter
- You would notice the response from 172.16.20.101
- The above IP is the VIP for Site-1
- You would notice the response from 172.16.20.101
-
ping corp.techseals.co.com and press enter
- In the Command Prompt, type
- Once the ping is complete, minimize W11Client-01a RDP Session
- Return to Control Center Desktop
-
Open Command Prompt from desktop
- On your ControlCenter server
- On the Desktop
- Open the Remote Desktops Folder
- open Site2
- launch W11Client-02a.RDP
- login as Malcolm
- with the password Pa$$w0rd
- login as Malcolm
- launch W11Client-02a.RDP
- open Site2
- Open the Remote Desktops Folder
- On the Desktop
- In W11Client-02a
-
Open Command Prompt from desktop
- In the Command Prompt,
- type ping corp.techseals.co and press enter
- You would notice the response from 172.16.50.100
- The above IP is the VIP for Site-2
- You would notice the response from 172.16.50.100
- type ping corp.techseals.co and press enter
- In the Command Prompt,
- Once the ping is complete, minimize W11Client-02a RDP Session
- Return to Control Center Desktop
-
Open Command Prompt from desktop
- If required, login to NSX-ALB Console
- On your ControlCenter Server
- Open your Chrome Browser for Site-1
- In the Address bar, enter or browse from the bookmark
- to https://avicontroller.techseals.co.com
- under Username,
- enter admin
- under Password,
- enter Pa$$w0rd
- click LOG IN
- enter Pa$$w0rd
- under Username,
- to https://avicontroller.techseals.co.com
- In the Address bar, enter or browse from the bookmark
- Open your Chrome Browser for Site-1
- On your ControlCenter Server
- In the NSX-ALB Console
- navigate to Applications > Virtual Services
- click on DNS1
- navigate to Applications > Virtual Services
- In the Virtual Service: DNS1 window
- in the top right-corner,
- select the pencil icon
- in the top right-corner,
- In the Edit Virtual Service:DNS1 window
- select the Analytics tab
- next to Non-significant logs
- select the checkbox
- next to Non-significant logs
- select the Analytics tab
- In the Edit Virtual Service:DNS1 window
- In the bottom right-corner
- select Save
- In the bottom right-corner
- In Virtual Service: DNS1 window
- select the Logs tab
- click on Non-Significant Logs as shows in 2
- verify the Client IP
- It should match the DNS Server IP of Site 1
- 192.168.110.10
- Expand the + (Plus) Symbol as shown in 3
- select the Logs tab
Note: If the logs are not seen, Click the refresh button as shown in 4
If refresh does not work , Ping again on Site 1
- Notice the following:
- Client IP
- Location
- Virtual Service IP
- GSLB Pool Name
- Service Engine
- Look at the IP of DNS Server for Site2
- 192.168.210.10
- Expand the + (Plus) Symbol to the extreme right
Note: If the logs are not seen, Click the refresh button as shown in 4
If refresh does not work , Ping again on Site 2
- Notice the following:
- Client IP
- Location
- Virtual Sevice IP
- GSLB Pool Name
- Service Engine
This is the end of the GSLB Lab. Hope it helpful.
0 Comments
Add your comment