F5 Load Balancer Configuration for the HA Platform Services Controller ( PSC )

Pls check my previous blog on configuring the PSC  in HA and here we can see the F5 configuration for the load balancer.

Node 1: PSCSSO1.domain.local\10.10.10.1

Node2:PSCSSO2.domain.local\10.10.10.2

LB: PSCSSO.domain.local\10.10.10.3

We need to download the lb.p12 file from the ha Folder of one of the PSC Node.

Log in to the F5 BIG-IP configuration Web page.

Click System.

Open File Management, SSL Certificate List.

Click Import.

For Import Type, select PKCS 12.

Provide a descriptive Certificate Name. Browse for the Certificate downloaded earlier. Enter changeme for the Password. Click Import

certifcate

efd

gUntitled_censored

Click Local Traffic.

Open Profiles, SSL, Client.

Click Create.

Provide a descriptive Name.

Click Custom.

Choose the Certificate and Key installed earlier.

Enter the Passphrase for the certificate.

Click Add.

Scroll to the bottom and click Finished.

policys

F51

Untitlfed

Open Profiles, SSL, Server.

Click Create.

Provide a descriptive Name.

Click Custom.

Choose the Certificate and Key installed earlier.

Click Add.

Scroll to the bottom and click Finished.

sslserv

seed

dd

Open Nodes, Node List.

Click Create.

Add all Platform Services Controllers as a node. Use Repeat to speed up the process

nodeed

2ed

Do the same step for the second PSC

ffed

2efd.

Open Pools, Pool List.

Click Create.

Create six pools, one each for port 443, 2012, 2014, 2020, 389, and 636.

All pools have the same Configuration, tcp for monitoring, and Round Robin for Load Balancing Method.

Port-443

ff3ed

Port-2012

Untitleed

Port- 2014

ntitleed

Port-2020

ntleed

Port 636

rled

Port 389

rlged

Open Virtual Servers, Virtual Server List.

oled

Click Create.

All virtual servers—except the one for port 443—have the same configuration.

Provide a descriptive Name.

Enter the Destination Address.

For Service Port, enter 443.

For SSL Profile (Client), select the client profile created earlier.

For SSL Profile (Server), select the client profile created earlier.

For Source Address Translation, select Auto Map.

For the Default Pool, select the pool created for port 443.

For the Default Persistence Profile, select source_addr.

Click Finished.

pd

od

d3

All other ports: 2012, 2014, 2020, 389, and 636. All settings are the same, except there is no SSL Profile (Client) or SSL Profile (Server) and the Service Port and Default Pool should match. For example, if the Service Port is 2012, the Default Pool should be the pool set up for port 2012.

e5d

itled

Open Profiles, Persistence.

Click source_addr.

Check Match Across Services and click Update

e0d

After both Platform Services Controller nodes have been installed and configured, click Network Map and verify that all services are up (green).

Once the configuration is done then check the PSC load balancer by bringing down the active PSC node to make sure the traffic is routing to the another PSC Node.

In case if we are not going with any load-balancer then pls check the below link to automate the PSC Fail-over using the script

How to automatically repoint & failover VCSA to another replicated Platform Services Controller (PSC)?

Also I have written the Powershell Script to repoint the VC to the another replication partner PSC and download the script from the blog.

Reference :

http://www.vmware.com/files/pdf/techpaper/vmware-vcenter-server6-deployment-guide.pdf

http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2116281

http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2112736

Advertisements
This entry was posted in Certificate, High-Availability, Platform Services Controller (PSC ), Vcenter Appliance, vCSA 6.0, VMware and tagged , , , , . Bookmark the permalink.

One Response to F5 Load Balancer Configuration for the HA Platform Services Controller ( PSC )

  1. Thank you for the post about configuring the PSC in HA, you helped me a lot.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s