LoadMaster VLM Virtual Appliance – install and configure. KEMP Technologies is a load Balancing specialist offering both virtual and hardware-based solutions. For the virtual appliance, VMware vSphere, ESX, ESXi, Workstation, Player and Server along with Xen and Hyper-V are all currently supported. The virtual appliance can be downloaded HERE. Today we will focus on the installation and configuration of the Virtual LoadMaster (VLM) running on VMware vSphere 5.1. I'll walk you through the setup process which I was able to do in my small lab.
The product provides both L4 and L7 content switching, SSL Offload, Server and Application Health Checking, Persistence, Caching, Compression, IPS and much more. All the capabilities of the product can be found at the KEMP Technologies website: https://www.kemptechnologies.com.
I think it's a world premiere, to test this product on VMware vSphere 5.1 and I don't think that it's been validated yet by KEMP, but the VMware's 5.1 release is backwards compatible with virtual machines and appliances pre-configured to run on ESXi 4.x and 5.0 hosts. The packaging of the product for VMware vSphere is done with virtual hardware version 7 (vSphere 4.x), but it's not a real problem or handicap, since the virtual hardware can easily be upgraded once the appliance is fully setup.
As mentioned, KEMP Technologies also has version of the VLM for VMware Workstation or VMware Player available for download. While the setup is slightly different, documentation defining the process is available and easy to follow.
The product is packaged as an OVF file so when you download the single ZIP file, you'll find 2 files inside:
– vmdk disk file
– ovf configuration file
If you're running single ESXi host, you go to file menu and choose Deploy OVF template. Then you point to the ovf file and start the import.
The recommended disk type is thick, as the appliance consumes a very little space (only about 512 Mb). You'll end up with a new VM running on your existing virtual infrastructure. This VM will act the same way as you would use a hardware load balancer.
The next step would be to configure the appliance on your network, and ask for a trial license (or install a commercial license, if you are buying the product).
The product fetches an IP address from a DHCP server, if present on your network. But I prefer to configure a fixed IP to servers and VMs and active elements like this one. So, before you start the actual config, make sure that you create a DNS records (forward and reverse) for the VM on your DNS server. In my case I'm running my DNS server on a Windows 2008 VM which at the same time assures a role of domain controller for my small environment.
After the first start, the VM will present you with a screen where you'll be able to enter login/password combination (login: bal password: 1fourall ) and copy the access code in order to receive your license code from KEMP Technologies.
You can login via https://<IP_of_the_appliance> and enter the licence key there.
Note, that if for some reason you want to add new Network Adapters to a VLM then they must be of the same Adapter Type as those already configured on the VLM. The system uses E1000 as a virtual network adapter with static MAC address. There are two of them by default.
In case you want to use static IP address, or you network does not allow use of DHCP server, then you can configure static IP address for the product. In this case, you're asked to enter the license file when doing so.
Once the license entered, you can connect easily to the appliance by it's ip address preceded by https. So as I mentioned above, the connection string should look like this, and in my case I've connected to the appliance by pointing my web browser to: https://10.10.7.30
After a certificate security warning I've end-up with an administration screeen with menus on the right hand side. I was nicely supprised by the speed of the web interface. The web interface is quite basic, but it's build for speed!! Wow, nothing to do about with some slow webinterfaces of routers or switches… This interface is blazing fast and nice to work with.
There are a lot of use cases for a load balancer. There are many examples on the KEMP Technologies website, where you can have a look at some real cases of deployment of load balancers (physicals or virtuals).
The integrated SSL acceleration capabilities of KEMP LoadMasters enables the offloading of processor-intensive key encryption processing from the web servers to the load balancers. And so the webservers are free to process and handle more operations.
SSL requires intense cryptographic functions, and those functions can eat up a significant portion of the available CPU power available on the server. So instead of installing a certificate on your real servers (or VMs if you already fully virtulalized), you can use load balancer to handle all that. You can put the load balancer in front of your servers to handle all SSL requests.
Another example of using load balancer would be for using with Microsoft Terminal services, where the load balancer plays the role of connection broker, where it has the capability to reconnect the user back to the session if he/her was disconnected. It's called a Persistence Mode of Terminal Service. Nevertheless, KEMP does not support the use of their load balancing solution in conjunction with a Microsoft RDS Connection Broker as well. In this alternate configuration, the Persistence Mode would be set to Session Broker.
When configuring, the balancer recognizes when you specify a port 3389, and that the TS will be used for the service and chooses a “Remote Terminal” as a service type.
There is a possibility to disable a server configured in the TS farm, which gives you a time for maintenance window during business hours for example patching, reconfiguring, software installation etc…..
The network architecture
The VLM comes configured with 2 NICs and can be assigned additional ones as needed. Additionally, each NIC can be configured on multiple VLANs as required in your environment. In the simplest of configurations one of the NIC can be connected to the internal network, and the other one is the is the link to the outside world in what is commonly referred to as a “two-armed configuration”. So in case you'd want to implement a TS farm within the balancer you might be using a configuration like this.
You can see that I've created a TS service and associated three servers there. Click to enlarge.
But in the documentation there are different ways to architect the solution, especially interesting with HA features with two balancers in an active-passive configuration.
The ability of using a load balancer to distribute load across several physical (or virtual) servers makes many use cases possible where the need of offloading a power from supercharged webservers, or other kind of servers (MS exchange for example) occurs.
The product uses fast small linux distribution with small footprint. Being a virtual applicance has obviously the environmental advantage as well, where no additional electricity consumption is necessary.
In my small lab, I was able to achieve a simulation of traffic to smal 3 VMs with configured MS Terminal services. Being able scale up an ifrastructure like this, with more VMs as TS servers where users connects from remote offices or while on the road makes the product an ideal product for organizations which needs to grow their number of TS servers.
Layer 7 content switching enables the optimization of server traffic according to content type, like images, multimedia or applications. The SSL acceleration and offload capability gives a possibility of freeing capacity on overcharged webservers. The product provides a compression and cache to reduce latency and further optimizes the performance over the WAN links.
On the image below, a screenshot from the certificate signing request window.
A quick recall of all features of LoadMaster VLM balancer:
- Available for Microsoft Hyper-V, XEN and VMware
- L4 and L7 Server Load Balancing for TCP/UDP based protocols
- SSL Termination/Offload
- Layer 7 Content Switching
- Server and Application Health Checking
- Advanced, App-Transparent Caching Engine for HTTP/HTTPS protocols
- Optimized Compression for Static and Dynamic HTTP/HTTPS Content
- Layer 7 Intrusion Prevention System (IPS), SNORT-Rule (HTTP) Compatible
- Up to 1000 Virtual IPs (VIP) and 1000 Real Servers IPs
- NAT-based forwarding
- Support for Direct Server Return (DSR) configurations
- Support for MS Terminal Services with Session Reconnection Built-in
- Configurable S-NAT support
- Web User Interface (WUI) for easy administration & configuration
- Supports cloning and relocating with native Virtualization Framework management tools as well as intuitive backup/restore features.
You can download a 30 days trial of Virtual Load Balancer for VMware, Hyper-V or Xen from KEMP Technologies website.
Note: This product review was sponsored by KEMP Technologies.