VMware vRealize Orchestrator can be configured to work in two server modes: Standalone and Cluster. To increase the availability of the VMware vRealize Orchestrator services both in standalone and cluster mode, you can put the Orchestrator behind a reverse proxy, such as Apache and Nginx.
Although VMware™ does not take any responsibility, nor provide any support for configuration of such load balancer, we hereby provide the following as an example on how to connect VLA against VMware vRealize Orchestrator running in cluster mode, using Nginx.
Download and set up Nginx to connect to vRealize Orchestrator cluster
Assuming your cluster has 3 nodes: vroclstr1.saplab.vmw.com, vroclstr2.saplab.vmw.com, vroclstr3.saplab.vmw.com reachable through vro.saplab.vmw.com
Download and install Nginx on your operating system by using the preferred package manager (dpkg, rpm, exe-installer).
Create a new file /etc/nginx/sites-available/vco with content as shown in example below.
upstream vro { server vroclstr1.saplab.vmw.com:8281 max_fails=1 fail_timeout=600s; server vroclstr2.saplab.vmw.com:8281 max_fails=1 fail_timeout=600s; server vroclstr3.saplab.vmw.com:8281 max_fails=1 fail_timeout=600s; } server { listen 8281 ssl; server_name vro.saplab.vmw.com; root /var/www; index index.html index.htm; try_files $uri/index.html @proxy; underscores_in_headers on; keepalive_timeout 100; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; location @proxy { proxy_next_upstream error timeout http_503; proxy_set_header Host $host:$server_port; proxy_set_header Server-Port $server_port; proxy_set_header Real-IP $remote_addr; proxy_set_header Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Forwarded-Proto $scheme; proxy_set_header Forwarded-Server $host; proxy_set_header Frowarded-Port $server_port; proxy_set_header Connection 'Keep-Alive'; add_header vco-server $upstream_addr; proxy_pass https://vro; proxy_send_timeout 600; proxy_read_timeout 600; } }
Create soft-link to activate your configuration:
ln -s /etc/nginx/sites-available/vco /etc/nginx/sites-enabled/default
Add within
http
section of file /etc/nginx/nginx.conf## # SSL ## ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_prefer_server_ciphers on;
Restart Nginx
The above example contains SSL settings, assuming that the server.cer and server.key files are at their proper location. For more information about Nginx and SSL, see the Nginnx wiki.