4.3.2 Cloud Proxy Load Balancing
Configurations with multiple cloud proxies require an external network load balancer to direct traffic among the clustered proxies. The replicated traffic can come from the internet as well as internally from the cloud. Due to the amount of traffic, VMware recommends having dedicated load balancers for each replication direction.
Both the public cloud proxy VIP endpoint (URI) for to-the-cloud tunnel termination and the internal IP address VIP for from-the-cloud traffic (used by ESXi host-based replication) must be specifically configured in vCloud Director either with the vcav CLI or with a vCloud API call (see
Appendix F – Undocumented HybridSettings vCloud API for more detail):
• vcav CLI, provided by the vCloud Availability for vCloud Director installer appliance:
vcav vcd set-cloud-proxy
\\ --to-the-cloud-address=<cloud-proxy-fqdn>
\\ --from-the-cloud-address=<from-cloud-IP>
\\ --vcd=<vcd instance>
• vCloud API:
PUT /api/admin/hybrid/settings
Headers:
Accept: application/*+xml;version=6.0
Content-Type: application/vnd.vmware.vcloud.hybridSettings+xml
Body:
<HybridSettings xmlns="http://www.vmware.com/vcloud/v1.5">
<CloudProxyBaseUriOverride>wss://<cloud-proxy-fqdn>:443/socket/cloudProxy</CloudProxyBaseUriOverride> <CloudProxyFromCloudTunnelHostOverride><from-cloud-IP></CloudProxyFromCloudTunnelHostOverride>
</HybridSettings>
Table 4. Example of Load Balancer Configuration
Attribute | Specification |
Cloud Proxy FQDN (TCP 443) | <public VIP> |
From Cloud IP (TCP 31031) | <internal VIP> |
Application type | HTTPS |
SSL mode | SSL passthrough |
Persistence | SSL Session ID |
Pool members | <CP1 internal IP> <CP2 internal IP> |
Pool health check | TCP |
Pool algorithm | LEASTCONN |
Pool TCP ports | 443 and 31031 |
Table 5. From-the-Cloud Specific Cloud Proxy Configuration
Attribute | Cloud Proxy 1 | Cloud Proxy 2 |
Public IP | <CP1 public IP> | <CP2 public IP> |
Internal IP | <CP1 internal IP> | <CP2 internal IP> |
Fully Qualified Domain Name | <FQDN CP1> | <FQDN CP2> |
DNAT | DNAT: CP#N public IP:TCP 443 > CP#N internal IP:TCP 443 |
global.properties: cloudproxy.reverseconnection.fqdn= | <FQDN CP1>:443
| <FQDN CP2>:443
|