Categories

Archive

May 2025
M T W T F S S
 1234
567891011
12131415161718
19202122232425
262728293031  

Most viewed posts

KEMP Virtual LoadMaster – Configuration

12 April 2012
Comments off
Reading Time: 4 minutes

As written in the previous post, there are two vNIC in the VLM appliance, because there are two different scenarios of network topologies (well described in the LoadMaster Installation & Configuration Guide at pages 12-13): one-armed (similar to a bastion host firewall configuration) or two-armed (similar to a firewall dual-homed).

Looking at those configurations, and comparing with Linux Virtual Server, seems that the forward methods (Direct Server Return and NAT) are bounded with the network topology. But for VLM there is no correlation and you can use the preferred forward methods (although DRS remain the common solution in the 1-armed and NAT in the 2-armed). The only limit is when is choose the L7 load balanced, in this case only the NAT method can be used.

The first step for the appliance configuration is connect to it using a web browser or the console and using the default credential (bal/1fourall). You can use both the network interfaces (by default the management is active on both) and the documentation tells that can be auto-configured with DHCP (but in my environment this has not work, and was not clear which IP has been set… in this case the VMware Tools integration was a good source of information). Although there is a default IP for eth0 (192.168.1.101), I’ve switch to the console come that is really fast and easy (just follow the Quick Setup menu).

One note about the network configuration: either the conventional four-octet method (such as 255.255.255.0 for a Class C) or the CIDR format (where the Class C would be represented as /24) are supported. But in my case only the CIDR has worked well, with the other (maybe I’ve just used a wrong format) the interfaces has not been configured at all.

At this point is now possible use the web management interfaces with a standard browser (I’ve tried both with MSIE and Firefox without issues). Note that you cannot use it until you do not change the standard password!

The web interface is quite simple and smart with a powerful statistics page that include several counters and also the status of the servers and the services.

As you can notice, by the menu entries, the management interface is all around the load balancing features. All other features are just sub-menu or options. I think that this organization if quite clear and service oriented.

The official guide is quite complete, but exist also a contextual help (in my opinion it’s not so intuitive), using a tool-tip that can be displayed by pointing the mouse on a option and wait some seconds:

HA Configuration

As written in the previous post, this appliance use 2 vCPU  (although I’ve tested with a single vCPU and for small load it work well), for this reason VMware FT is not usable to improve is availability. The reboot time is quite slow, so for simple environment maybe VMware HA could be enough.

But of business-critical or environment with really high availability level a specific configuration can be used to have a HA “cluster” of two VLM in a active/standby configuration (more details are available in the LoadMaster Installation & Configuration Guide at pages 14-17).

VMware none

KEMP Virtual LoadMaster – Installation

11 April 2012
Comments off
Reading Time: 3 minutes

KEMP Virtual LoadMaster (VLM) is available in three format: one for Microsoft Hyper-V (just a zip with all the required files) and two for VMware (one for vSphere and one for Workstation format). All are quite small (less than 40MB), so really fast to download and deploy.

I have tried the the vSphere version that is just a compressed file with a folder including an OFV and a VMDK file. Really simple to deploy as most of the virtual appliances (maybe a single file could be more simple).

The Step 1 is get the software from the virtual-loadbalancer download site and select the hypervisor platform:

The Step 2 depend on the type of source, but basically is just deploy and power-on the virtual appliance. TheVLM will obtain a DHCP address (strange but in my case, on ESXi 5 it has not work) or a statically assigned 192.168.1.101. At this point you can access the VLM using HTTPS:// or via VMware console and you will be prompted for a license key. On the same screen, an Access Code will be displayed. Record that Access Code for Step 3.

The Step 3 is just obtain a license key, also for the trial mode. Note that is generated on the Access Code that probably depend on some environment information (for sure the vNIC MAC Addresses, if you change them the appliance will restart in default setting without the license). The virtual hardware version seems not relevant to the activation (I’ve upgrade the appliance to v8 without any issues).

Now some configurations are needed in the guest level as described in the Quick start guide (the user and the password are also documented here).

About the VM it is basically and hardened Ubuntu Linux (32 bit) with 1 GB of vRAM (usage may depend by the type of services) and two vCPU. This choice probably is required for some services like SSL offload and/or proxy and/or IDS, but of course make not possible use VMware FT for a high availability environment (but don’t worry because there are specific configuration to have two VLM in HA configuration). About the disk it will be deployed as a thin disk of 512 MB and it will start will really few space (note the used space and remember that 1 GB is the VM swap file). About the virtual networking two vNIC are defined to be used in different type of configuration (described in the next post).

Note that VMware Tools are missing and this is (IMHO) a big lack, considereing that they can help also in the VM management (like snapshot or guest shutdown/reboot). For the shutdown seems that also the web procedure does not really power-down the VM (you have to force the shutdown from vSphere Client).

One curious think that I’ve notice during the reboot/shutdown test is that the browser keept the authentintication, so probably it is stored in some cookies or persisten session data.

For more information about the KEMP LoadMaster see the previous post.

General none

KEMP Virtual LoadMaster – Introduction

10 April 2012
Comments off
Reading Time: 3 minutes

KEMP’s LoadMaster family of affordable, yet feature rich application delivery controllers and server load balancer appliances automatically and intelligently manage user traffic and applications, to deliver website integrity for small-to-medium sized businesses (SMB) and managed service providers.

KEMP LoadMaster is an hardened Linux appliance that provide several features:

  • Server Load Balancing for TCP/UDP based protocols
  • NAT-based forwarding or Direct Server Return (DSR) configurations
  • Layers 4-7 Load Balancing
  • Layer 7 Content Switching
  • Server Persistence
  • Windows Terminal Services load balancing and persistence with Session Directory integration
  • SSL Termination/Offload/Acceleration
  • Application Front-end (Caching, Compression and IPS security)
  • Advanced, App-Transparent Caching Engine for HTTP/HTTPS protocols
  • Optimized Compression for Static and Dynamic HTTP/HTTPS Content
  • Layer 7 Intrusion Prevention System (IPS), SNORT-Rule (HTTP) Compatible
  • Configurable S-NAT support
  • Web User Interface (WUI) for easy administration & configuration
  • Industry leading price/performance value
  • Supports cloning and relocating with native Virtualization Framework management tools

The load balancing is based on a customized version of Linux Virtual Server. But several other deaemons implement features like proxy, L7, IDS, …

There are both physical and virtual version of the appliance (see also the full comparison). For the virtual edition the main difference is:

  • VLM-100: Max. 100 Mbps Throughput, max. 100 SSL TPS, everything else unrestricted. Actual performance will depend on allocated resources to Virtual Machine.
  • VLM-1000: Up to 1000 SSL TPS, everything else unrestricted. Actual performance will depend on allocated resources to Virtual Machine.

Note that there are several distributors, but also some big hardware vendors sell KEMP solution (for example see this page on the Dell Accessories catalog… maybe a sign for a possible future acquisition?)

Why a load balancer?

For enterprise architecture, a load balancer is the external solution needed to provide a better availability (and scalability) level for a service. Actually several services may require a load balancer in their architecture, for example:

  • VMware View: require load balancers both for the Security Servers and the View Connection Servers
  • Exchange: require load balancers for some roles, like the CAS
  • Terminal Server/RDS Host: although it can use the Windows solution (NLB), it can use also external load balancers.

Why KEMP?

This could be a good question, especially for the virtual appliance. There are already a lot of similar solutions (some also free) and also VMware has some similar appliance integrated with vSphere (vShield Zones /vShied Edge).

One simple reason could be that most of the appliance are most firewall oriented (included vShield solutions), with really limited feature at load balancing side. In most cases they can still can be used just for the firewall part. VLM focus is on load balancing, that mean also several paper and documentation and recommendation for different type of application (for example, for Exchange see: Differences in Exchange Load Balancing recommendations by Microsoft and vendors).

The other features covered by VLM are usually the complementary part, like SSL acceleration, proxy, application check and protection, … and this make the KEMP solution a good appliance for all applications that need those services.

Finally there could be also the reason related to the platform: actually KEMP support both VMware and Hyper-V and this could be good value in multi-hypervisors enviroments.

General none

Top paying IT Certifications for 2012

9 April 2012
Comments off
Reading Time: 2 minutes

As written in a previous post, one of the possible criteria to value as good is a IT certification is correlate it to the real request on the IT world. Maybe is a material criteria, but it protect the investment and also make possible grow the skills of the certification (you must make practice or certifications just become useless).

The request  and the offer could be loosely estimated by the salaries: usually where are high it mean that the request is high and of offer maybe is not enough (or simple that the skill is value high).

continue reading…

vCertification ,

Some information about VCDX5

3 April 2012
Comments off
Reading Time: 2 minutes

Seems confirmed that Toronto (Ontario, Canada) VCDX defense will be the last for the VCDX4. It is schedule in the week of May 7 through 11, 2012, but the registration has closed some weeks ago (as usual to give the right time to analyse the applications).

Previously, by popular demand, the VCDX program has added another opportunities to attempt VCDX4 (as written also in the post “New (and last?) VCDX defense opportunity“).

But now, seems confirmed, on the VMware Community, that the next defense after Toronto will be a new type of VCDX (strange but is not yet called VCDX5, but VCD.next). Some interesting information are available still on a post on the VMware Community:

If you have a vSphere 5 based design that also includes a fully documented deployment of vCenter Site Recovery Manager, and/or a VMware View-based desktop deployment, and/or a VMware vCloud Director-based Private or Hybrid vCloud Solution, you may be better positioned than others to attempt the VCD.next credential.

If you are already a VCDX, the path to VCD.next will be announced in conjunction with the release of prerequisite certifications. If you have not yet achieved VCDX you may indicate your desire to pursue a VCD.next credential in 2012 by pre-registering.

vCertification ,

Dell announces intent to acquire Wyse Technology

2 April 2012
Comments off
Reading Time: < 1 minute

Dell today announced it has signed a definitive agreement to acquire Wyse Technology, the global leader in cloud client computing, to significantly extend its desktop virtualization offerings. After the recent AppAssure and SonicWall acquisition is a new move to increase the solutions portfolio: the addition of Wyse will expand Dell’s desktop virtualization capabilities and provide new solutions and services opportunities for the full range of Dell’s enterprise offerings.

Wyse’s assets will add to Dell’s existing desktop virtualization offerings, Desktop Virtualization Solution Simplified and Desktop Virtualization Solution Enterprise, and its recent Desktop as a Service (DaaS) partnership with Desktone.

Could be interesting see what will happen to existing Optiplex FX solution that provide similar features of Wyse solutions.

As the press release notes, the transaction was approved by the board of directors of each company. Additional terms of the transaction were not disclosed. The transaction remains subject to customary conditions and is expected to close in the second quarter of Dell’s FY13.

DellTechnologies

VMware View 5.0.1 upgrade path

26 March 2012
Comments off
Reading Time: 2 minutes

As written, VMware has release a week ago the new version of VMware View 5.0.1 (with the new build 640055), as also the new version of vSphere 5.0U1.

Note that the VMware Composer remain the same 2.7.0 (build 481620) of previous version. As report in the VMware View 5.0 Installation Guide (page 10), the VMware Composer is compatible with vSphere 5.0 and later, so it is just a piece that will not need any upgrade.

Actually the View documentation is not changes to reflect the new version, it remain a simple 5.0 version. So the Upgrade Guide can help to perform the upgrade from a major release (see also my post Upgrade path to vSphere 5 – The View 5 part), but not too much for the 5.0 to 5.0.1 upgrade.

Actually I’ve verified different paths and the result remain just the same:

  • upgrade the View Manager part (all the Connection Server)
  • upgrade the View Secure Server (is just a new reinstallation, require a new pairing and will drop all the connection on it)
  • upgrade the vSphere part from 5.0 to 5.0 U1 (and be done also as a first step without issue)
  • upgrade the VMware Tools and then the View Agent on the master images
  • recompose the pools
  • upgrade the other parts

The vCenter Server upgrade does not break any Composer functionally, so you do not really to reinstall or repair his installation.

The only issue that I’ve got was with a Windows XP pool: in this case using the order VMware Tools -> View Agent break some VMware Tools components that become not updated. In right way (to resolve the issue) was first the new View Agent and then the VMware Tools.

VMware ,
© 2025-2011 vInfrastructure Blog | Disclaimer & Copyright