Planning and Preparation for Load Balancing as a Service in VMware Cloud Director #
Before you start implementing the Load Balancing as a Service in VMware Cloud Director solution, you must set up an environment that has a specific compute, storage, and network configuration and that provides external services to the components of the solution.
To implement load balancing as a service with VMware Cloud Director, your software versions must meet the requirements specified in the VMware Product Interoperability Matrix.
Before you deploy NSX Advanced Load Balancer, you must provide sufficient compute and storage resources to meet the footprint requirements of the Controller cluster and the Service Engines.
This load balancing as a service solution is based on several management virtual appliances that require to be deployed in a management infrastructure. Latency requirements are critical to guarantee proper functioning and performance:
- Latency among Avi controllers – Less than 10 ms
- Latency between any Avi SE to any Avi Controller – Less than 75 ms recommended
- Latency between Avi Controller and NSX-T Manager – Less than 10 ms recommended
- Best practice is to co-locate in the same port group/management infrastructure as NSX-T
- Latency between Avi Controller and VMware Cloud Director – Best practice is to have have VCD cells in the same management infrastructure as NSX-T manager and Avi Controller
The Avi Controller and service engines use several ports for management and control communication: Protocol Ports Used by Avi Vantage for Management Communication.
The firewall should allow traffic for these ports.
The solution comprises of the Avi Controller which uses APIs to interface with the NSX-T manager and vCenter to discover the infrastructure. It also manages the lifecycle and network configuration of the service engines.
The NSX-T Cloud is the object that permits the integration with the NSX-T manager and the vCenter server(s).
The user accounts configured on the Avi Controller require the following roles and permissions for the integration to work successfully:
When using an NSX-T Cloud, the Avi Controller uploads the service engine image to the content library on the vCenter server and uses this to create new virtual machine every time a new service engine is required. The content library must be created on vCenter before configuring the NSX-T cloud.
The first network adapter of the service engine VM is reserved for management connectivity, and the remaining 9 data interfaces (network adapter 2 to 10) for the service engine VM to the VIP or data segment.
The Avi SE management interface can be connected to an overlay (recommend) or a VLAN logical segment. When connected to an overlay segment, it also needs a tier-1 gateway to provide external connectivity to be able to reach the Avi controller management IP. It is recommended to have a dedicated tier-1 gateway and segment for Avi service engine management.
If VLAN-backed logical segments are used instead of overlay transport zone for the management network in the NSX-T Cloud, refer to this page: NSX-T VLAN Logical Segment.
Regardless of the solution (overlay or VLAN segment for the SE management network), the NSX-T topology must be created upfront the NSX-T Cloud configuration. In the case of overlay segment for the SE management network:
- Create a tier-1 gateway that will be used to connect the SE management network.
- Create 2 overlay segments: one for the management network, and one as a dummy data network segment.
- Enable DHCP Server at the tier-1 gateway level and configure DHCP on the management segment.
More details here: Configuring Management Networking for SE.
Next Steps #
One the environment is ready, you can proceed with the VMware NSX Advanced Load Balancer deployment and configuration in combination with VMware Cloud Director to provide Load Balancing as a Service: Load Balancing as a Service in VMware Cloud Director.