To allow the cloud site to remain operational in case the Tunnel Service becomes unavailable, VMware Cloud Director Availability can operate a couple of Tunnel Service instances in active-active mode per each Cloud Service instance. Since only one Tunnel Service can operate in one Tunnel Appliance, deploy and configure a second Tunnel Appliance in the Cloud Director site for High Availability (HA).

All incoming and outgoing replication management and data traffic passes through the Tunnel Appliance in the Cloud Director site. If this Tunnel Appliance becomes unavailable for some reason, the paired remote sites cannot communicate with this cloud site, causing disruption for all replications.

Second Tunnel Appliance:
VMware Cloud Director Availability 4.6 and later can use an optional additional Tunnel Appliance deployed and configured in the Cloud Director site behind an external load balancer. While both Tunnel Service instances are operational, all incoming/outgoing data/management traffic balances between them. If one Tunnel Service instance becomes unavailable, the local and the remote traffic automatically prefer the operational Tunnel Service, provided that both* sites run version 4.6 or later. For information about the deployment architecture, see Deploying Two Active-Active Tunnel Appliance Instances.
Active-active mode:
The following table shows each hop and the order of processing of the incoming and the outgoing external traffic between Internet and the two active-active Tunnel Appliance instances and the order of processing of the internal traffic between the two active-active Tunnel Appliance instances and the Cloud Director Replication Management Appliance and the Replicator Appliance instances:
Traffic direction Incoming traffic order of processing and hops Outgoing traffic order of processing and hops
The external traffic, in the order of processing:
  1. Internet > Public Service Endpoint:443/TCP.
  2. TCP load balancer:443/TCP > network address translation >:8048/TCP.
  3. Both Tunnel Appliance instances:8048/TCP.
  1. Both Tunnel Appliance instances.
  2. Firewall (network address translation).
  3. Public Service Endpoint > Internet.
Internal traffic:
  1. Both Tunnel Appliance instances.
  2. Cloud Director Replication Management Appliance and Replicator Appliance instances.
  1. Cloud Director Replication Management Appliance and Replicator Appliance instances.
  2. TCP load balancer.
  3. Both Tunnel Appliance instances.
For a diagram of the hops and the direction of the traffic, see Deploying Two Active-Active Tunnel Appliance Instances.
Load balancer configuration:
VMware Cloud Director Availability can operate with any external load balancer configured in application mode: TCP. The load balancer must not have TLS/SSL termination proxy, must not perform HTTPS/SSL inspection, and must not use session affinity also known as sticky sessions. The load balancer can choose any of the two active-active Tunnel appliances by using, for example, the round-robin algorithm. For load balancer you can use, for example, haproxy, avi lb, or others without TLS termination. For information about the connectivity between the services and TLS termination, see VMware Cloud Director Availability Services Connectivity.

As a provider, first configure your TCP load balancer to route the incoming TCP connections towards TCP port 8048 of each of the two Tunnel Appliance instances. Also, ensure that both Tunnel Appliance instances can still make outgoing TCP connections to remote sites, similarly to previous versions with a single Tunnel Appliance. Once the load balancer is configured and routes the incoming and outgoing traffic to and from both Tunnel Appliance instances, enter its IP address in the VMware Cloud Director Availability configuration by following this procedure.

Note:
  • VMware Cloud Director Availability does not monitor the TCP load balancer health nor its connectivity.
  • Two Tunnel Service instances can operate only in Cloud Director sites.
  • The Tunnel Service instances behind the load balancer operate in an active-active mode. Neither Tunnel Appliance is primary or secondary as both Tunnel Appliance instances are considered equal for data routing purposes and do not perform flexible data routing.
  • Incoming data bandwidth throttling operates differently with dual Tunnel Appliance instances configured. The throughput value limit applies to each Tunnel Appliance, and since traffic is balanced between both, the aggregate incoming traffic may reach up to twice the configured individual Tunnel Appliance throughput. If one of the Tunnel Appliance instances reaches its cap while the other does not, the busy Tunnel Appliance cannot borrow from the quota of the other.
  • * If only one site is running VMware Cloud Director Availability 4.6 with dual Tunnel Service:
    • Paired cloud sites running earlier versions, for example VMware Cloud Director Availability 4.4 or 4.5, operate as previously when paired with a site running dual Tunnel Service instances, while both instances are operational. If one instance is down, these sites can experience management traffic issues. However, the data channel automatically recovers and the replication traffic continues without any intervention.
    • Paired on-premises sites running version 4.4 or 4.5, may in some cases experience connectivity issues when one of the Tunnel Service instances in the cloud site is not operational.

Prerequisites

  • Verify that all the appliances of VMware Cloud Director Availability 4.6 are successfully deployed, with two Tunnel Appliance instances ready for configuring the second one. For information about deploying all of the appliances, see Deploying the appliances in the Cloud Director site.
  • Verify that as a provider you deploy a load balancer, configured only in TCP mode for both Tunnel Appliance instances. For information about all its prerequisites, see the Load balancer section.
  • Do not register one and the same Tunnel Service instance in the Cloud Service twice.

Procedure

  1. Log in to the management interface of the Cloud Director Replication Management Appliance.
    1. In a Web browser, go to https://Appliance-IP-Address/ui/admin.
    2. Select Appliance login or SSO login and enter the root or the single sign-on user credentials.
    3. Click Login.
  2. In the left pane under Configuration, click Settings.
  3. Under Tunnel settings next to Tunnel HA, click Setup.
  4. In the Tunnel HA TCP Balancer window, configure the addresses of your TCP load balancer and the second Tunnel Service, then click OK.
    Option Description
    TCP Balancer address Enter the IP-address of your load balancer and ensure that it meets all prerequisites. For more information, see the Load balancer section.

    This is the IP address of the load balancer which resolves to the FQDN of the Public Service Endpoint of VMware Cloud Director Availability.

    Port Enter the TCP-port. This is the port from the Public Service Endpoint.

    Tunnel Service Endpoint address

    		 Enter the IP-address of the second Tunnel Appliance instance that you deployed.
    Note: The first Tunnel Appliance instance is already configured during the initial configuration of VMware Cloud Director Availability. For more information see Configure the Cloud Service in the Cloud Director site.
    Appliance user root
    Password Enter the password of the root user of the second Tunnel Appliance instance.

Results

The configured load balancer starts forwarding all the incoming TCP requests to both Tunnel Appliance instances by using the round robin algorithm. Each Tunnel Service instance then passes them to the remaining services of VMware Cloud Director Availability.

What to do next

You can test that restarting either one of the Tunnel Appliance instances does not interrupt the replications while the other instance is operational.