Load balancing for app volume manager is achieved by configuring an L7 virtual service with HTTPS application profile. App Volumes servers do not support connections for the same client originating from different source IP addresses. In the case where the virtual service is deployed as an Active/Active scale out, it is possible that multiple connections from the same client are processed by different Service Engines. As each Service Engine uses a distinct SNAT IP, the servers may see multiple connections for the same client with a different source IP, resulting in authentication failures. To address this issue, use either one of the options given below:

To configure an L7 virtual service with HTTPS application profile,

Procedure

  1. Create Custom Health Monitor for UAG as shown below:

  3. Install the SSL certificate Required for L7 VIP.
    Note:

    For this set up, a certificate named Horizon_Certificate has been installed. You can install a different certificate for the app volume manager.

  4. Creating the App Volume Manager Pool -
    1. From the Avi Load Balancer UI, navigate to Applications > Pools.
    2. Click Create Pool.
    3. Click SET Cloud & VRF and select the vCenter cloud from the Cloud drop-down menu. Enter VRF Context and click SET.
    4. Enter the following details in the Create Pool screen:

      Field

      Value

      Default Server Port

      443

      Load Balance Algorithm

      Least Connections

      Persistence Profile

      System-Persistence-Client-IP.

      Analytics Profile

      Systems-Analytics-Profile




    5. To bind the monitor, click Health Monitor tab and select the HTTPS Health Monitor that was created.
    6. Click SSL tab and select System-Standard as the SSL Profile.
    7. Enter Server IP Address and click Add.
    8. Click Save.
  5. Creating Application Profile
    1. From the UI, navigate to Templates > Profiles > Application.
    2. Click Create.
    3. Enter the Name of the profile.
    4. Select the Type as HTTP.
    5. Ensure Connection Multiplex is disabled.
    6. Click Save.
  6. Creating L7 Virtual Service
    1. From the UI, navigate to Applications > Virtual Services.
    2. Click Create Virtual Service > Advanced Setup.
    3. In the New Virtual Service screen, enter the virtual service name and other details.
    4. Under VIP Address, enter the IPv4 VIP Address.
    5. Select the Application Profile that was created.
    6. Under Service Port, click Switch to Advanced and add 443 as the Port select SSL.
    7. Under Pool, select the pool that was created for app volumes.
    8. Under SSL Settings, select System-Standard as the SSL Profile and select the SSL Certificate.
    9. Click Next.
    10. Navigate to Step4: Advanced and click Save.