In the last episode HomeLab Stage LXVII: Horizon with vGPU I have already mentioned the NSX-Advanced Load Balancer (NSX-ALB).
I am using NSX since the beginning (NSX-V) and I did all the evolution level up to the up to date version NSX(-T) 4.x.
Load Balancer is always a hugh topic, when implementing VMware EUC. They are needed nearly for all VMware products (Horizon, AppVolumes….).
But what kind of Load Balancer fits my requirements?
NSX-T Load Balancer
In the past, I was using the built in NSX-T Load Balancer solution, it worked for me pretty well.
But after attending a VMware LiveFire session, which I can strongly recommend to everyone, the decision was clear: I need AVI… NSX-ALB.
NSX-ALB Architecture
My use cases are VMware Horizon Internal users, VMware Horizon UAG for external access, VMware AppVolumes as well as a 3-Tier application for testing and customer demos.
The infrastructure is not too complicated, the NSX-ALB is based on AVI technology: Controller and Service Engines.
The Controller (Cluster) is communicating with the vCenter server and optional with the NSX-T Manager. You can deploy NSX-ALB without having anything from NSX deployed in your environment. The high availability concept is the same as with NSX-T Managers / Controllers. You can configure a standalone instance or a 3 node cluster including the virtual IP. It uses the same sharding function for utilization of each node.
NSX-ALB Requirements
OK, sound easy. What are the VM requirements for those controllers?
| CPU/Memory | 8 CPUs/24 GB | 16 CPUs/32 GB | 24 CPUs/48 GB |
| Base processes | 15 GB | 20 GB | 24 GB |
| Log analytics | 9 GB | 13 GB | 24 GB |
| Virtual Service Scale | 0 through 200 | 200 through 1,000 | 1,000 through 5,000 |
| Service Engine Scale | 0 through 100 | 100 through 200 | 200 through 250 |
Please remember: You can start with a standalone controller appliance, because the requirements maybe too high for a small HomeLab…
NSX-ALB & Infoblox
One special feature which I really like is the Infoblox IPAM and DNS integration of NSX-ALB. I am using this solution since years and I love it!
My Infoblox grid cluster is configured for DHCP, DNS, TFTP etc…
Inside NSX-ALB the IPAM and DNS configuration points to my Infoblox, which makes the creation of new load balancing instances super easy and perfect integrated.
NSX-ALB for Internal Horizon Users
My starting option was to migrate the internal Horizon connection server load balancer from NSX-T to NSX-ALB. This setup is a pretty straight forward process.
Creating a Virtual Service IP (which is served from the Infoblox), a Virtual Service, a Server Pool and a Health Monitor, that´s it.
Typically, for internal clients, the primary protocol (for authentication) will be load balanced between connection servers while the secondary protocols (Blast, PCoIP or RDP) are routed directly to the virtual desktops or RDS hosts, bypassing the load balancer.
NSX-ALB for External Horizon Users
Horizon traffic from external clients on the internet first lands on UAG via the load balancer, the traffic reaches connection servers via UAG. The primary protocol traffic is sent to the connection server and the secondary protocols are sent directly to the virtual desktops or RDS hosts.
I have implemented two different Service Engine Groups (SEGs), each group has 2 Service Engines inside, with active/active HA configuration.
NSX-ALB AppVolumes
Load balancing for app volume manager can be achieved by configuring an L7 virtual service with HTTPS application profile.
App Volumes servers do not support connections for the same client originating from different source IP addresses.
NSX-ALB for 3-tier Apps
One thing I really liked at the LiveFire training / workshop was the 3-tier demo. I built it for myself to show HTTP, HTTPS and redirect features for demos.
Virtual Services & Virtual Service IP configured, with CA based SSL certificate
Two Pools, one for HTTP and one for HTTPS
NSX-ALB Analytics
The best part of NSX-ALB is the integrated analytics feature. How to analyze what is causing issues within an environment could be a real challenge!
The GUI gives you a quick overview:
The issue here is not the client to the load balancer, or the server itself, it is the App!
When digging deeper, you can see that the App response is 2.6s! Troubleshooting VMware Horizon, AppVolumes or any 3-tier application is really easy.
I really like the NSX-ALB solution, which is a big step forward compared to the default NSX-T load balancing. The documentation is good, the community around AVI is amazing. Try it out by yourself!
Stay tuned for the next episodes of my HomeLab journey…. #HomeLabKing
Here is the next episode: HomeLab Stage LXIX: vSAN ESA