This section describes how to configure the advanced settings for an SE group: Advanced HA & Placement, Security, and Log Collection and Streaming Settings. Advanced configuration options are not mandatory. The options discussed in this section are specific to an SE group created under the Default-Cloud.
Procedure
- UnderAdvanced HA & Placement, configureBuffer Service Engines. This is the excess capacity provisioned for HA failover. In elastic HA N+M mode, this is capacity is expressed as M, an integer number of buffer service engines. It actually translates into a count of potential virtual service placements. To calculate that count, NSX Advanced Load Balancermultiplies M by the maximum number of virtual services per SE. For example, if one requests two buffer SEs, (M=2) and the max_VS_per_SE is 5, the count is 10. If max SEs/group is not reached, NSX Advanced Load Balancer will spin up additional SEs to maintain the ability to perform 10 placements.
- Select a management network to use for the Service Engines as the Override Management Network. If the SEs require a different network for management than the Controller, then select the network here. The SEs will use their management route to establish communications with the Controllers. This option is only available if the SE group’s overridden management network is DHCP-defined. An administrator’s attempt to override a statically-defined management network (Infrastructure > Cloud > Network) will not work due to not allowing a default gateway in the statically-defined subnet.
- Enter the Default Gateway.
- In the field Sacale per Virtual Service, enter the maximum number of active Service Engines for the virtual service. A pair of integers determine the minimum and number of active SEs onto which a single virtual service may be placed. With native SE scaling, the greatest value one can enter as a maximum is 4; with BGP-based SE scaling, the limit is much higher, governed by the ECMP support on the upstream router.
- Select CPU socket Affinity for NSX Advanced Load Balancer to allocate all cores for SE VMs on the same socket of a multi-socket CPU. Appropriate physical resources need to be present in the ESX Host. If not, then SE creation will fail and manual intervention will be required.
CPU socket Affinity is applicable only for vCenter environments.
- Select Dedicated dispatcher CPU to dedicate the core that handles packet receive or transmit from the network to just the dispatching function. This option is particularly helpful in case of a group whose SEs have three or more vCPUs.
- Select the HSM Group under the section Security. Hardware security module (HSM) is an external security appliance used for secure storage of SSL certificates and keys. The HSM group dictates how Service Engines can reach and authenticate with the HSM. To know how to configure HSM in NSX Advanced Load Balancer, see Hardware Security Module (HSM).
- Under Log Collection and Streaming Settings, configure the following.
- Enter Significant Log Throttle to define the number of significant log entries generated per second per core on an SE. Set this parameter to zero to disable throttling of the UDF log.
- Enter
UDF Log Throttle
to define the number of user-defined (UDF) log entries generated per second per core on an SE. UDF log entries are generated due to the configured client log filters or the rules with logging enabled. The default value is 100 log entries per second. Set this parameter to zero to disable throttling of the UDF log. - Enter
Non-Significant Log Throttle
to define the number of non-significant log entries generated per second per core on an SE. - Enter the Number of Streaming Threads (1 to 100) to use for log streaming.
- Click Save.