This section documents prerequisites to start consuming NSX Advanced Load Balancer with Cloud Services.

Prerequisites

The following are the prerequisites to register a NSX Advanced Load Balancer Controller with NSX Advanced Load Balancer Cloud Services.

  1. NSX Advanced Load Balancer cluster deployment - You can download the Controller software by following this KB article.

  2. Ability to register a NSX Advanced Load Balancer Controller with NSX Advanced Load Balancer Cloud Services. This capability is granted by any of:

    1. Having an active subscription for NSX Advanced Load Balancer with Cloud Services

    2. Having an active trial for NSX Advanced Load Balancer with Cloud Services

    3. Having an active NSX Advanced Load Balancer serial key license purchased before Dec 31 2021 - Refer to Legacy Addons for more details.

    Note:

    VMware serial key licenses would only allow a limited set of services offered by NSX Advanced Load Balancer Cloud Services.

  3. Connectivity between NSX Advanced Load Balancer Controllers and NSX Advanced Load Balancer Cloud Services portal.

  4. Configure FQDNs for the NSX Advanced Load Balancer Controllers before registering with Cloud Services.

Table 1. Connectivity Requirements (Ports and Protocols)

Source

Destination URL

Destination Port(s)

Reason

Browser

portal.avipulse.vmware.com

443

Customer access to NSX Advanced Load Balancer Cloud Services portal

Browser

customerconnect.vmware.com

443

VMware IDP used for authentication

NSX Advanced Load BalancerControllers

portal.avipulse.vmware.com

443

Deliver services from NSX Advanced Load Balancer Cloud Services

Enhance Security by configuring a forward Proxy to access NSX Advanced Load Balancer Cloud Services

Customers can enable a Forward Proxy to proxy all traffic between the Controller and NSX Advanced Load Balancer Cloud Services. This allows further security control and visibility. NSX Advanced Load Balancer Controllers natively support integrating with a Forward Proxy.

The following are the three modes of using a Forward Proxy for NSX Advanced Load Balancer Cloud Services traffic:

  • No Proxy — All Cloud Services are directly accessed without any proxy from the Controller.

  • System Proxy — All Cloud Services will be accessed through the configured Forward Proxy from the Controller. This Forward Proxy will be used system wide for all services configured to utilize a Forward Proxy..

  • Split Proxy — All Cloud Services will be accessed through the configured Forward Proxy from the Controller. This Forward Proxy will be dedicated to be used to access NSX Advanced Load Balancer Cloud Services. There can be another Forward Proxy configured at the system level for all other services requiring a Forward Proxy.

The following section demonstrates how to configure a Forward Proxy on the NSX Advanced Load Balancer Controller using CLI:

System Proxy

[admin:controller]: > configure systemconfiguration
[admin:controller]: systemconfiguration> proxy_configuration
[admin:controller]: systemconfiguration:proxy_configuration> host <FORWARD_PROXY_IP_OR_FQDN>
[admin:controller]: systemconfiguration:proxy_configuration> port <FORWARD_PROXY_PORT>
[admin:controller]: systemconfiguration:proxy_configuration> username <FORWARD_PROXY_USER>
[admin:controller]: systemconfiguration:proxy_configuration> password <FORWARD_PROXY_PASSWORD>
[admin:controller]: systemconfiguration:proxy_configuration> save
[admin:controller]: systemconfiguration> save
[admin:controller]: > configure albservicesconfig
[admin:controller]: albservicesconfig> no use_split_proxy
Overwriting the previously entered value for use_split_proxy
[admin:controller]: albservicesconfig> no split_proxy_configuration
[admin:controller]: albservicesconfig> save

Split Proxy:

[admin:controller]: > configure albservicesconfig
[admin:controller]: albservicesconfig> use_split_proxy
Overwriting the previously entered value for use_split_proxy
[admin:controller]: albservicesconfig> split_proxy_configuration
[admin:controller]: albservicesconfig:split_proxy_configuration> host <FORWARD_PROXY_IP_OR_FQDN>
[admin:controller]: albservicesconfig:split_proxy_configuration> port <FORWARD_PROXY_PORT>
[admin:controller]: albservicesconfig:split_proxy_configuration> username <FORWARD_PROXY_USER>
[admin:controller]: albservicesconfig:split_proxy_configuration> password <FORWARD_PROXY_PASSWORD>
[admin:controller]: albservicesconfig:split_proxy_configuration> save
[admin:controller]: albservicesconfig> save