This section details the basic configuration steps for setting up GSLB Service using the NSX Advanced Load Balancer UI.
To configure a basic GSLB service using NSX Advanced Load Balancer UI:
Procedure
- Navigate to Applications > GSLB Services.
- Click Create and select the Basic Setup option. The following is the New GSLB Service screen for Active/Active mode:
Use the available drop-down menu to select load balancing algorithm and fallback load balancing algorithm for pool members.Note:In this example, Pool Members Load Balancing Algorithm is set as Round Robin.
The fallback algorithm option is available while creating a GSLB service using the Basic option.
Group Type selection is available with Groups Load Balancing Algorithmdrop-down menu, which is displayed only if Active-Active mode is selected.
The following table explains the various configuration entities for GSLB service:
Field Name
Description
Name
This is a reference to the global application hosted on NSX Advanced Load Balancer.
Application Name
This field concatenated with the sub-domain forms the FQDN of the application
Subdomain
This drop-down menu is prepopulated with the sub-domains associated with the GSLB configuration. Add to or remove from the set by navigating to Infrastructure > GSLB > Site Configuration.
Note:To support aliasing, a GSLB service can have one or more FQDNs associated with it. For example,
www.foo.com
andwww.foo.us
can point to the same GSLB service. Aliasing avoids the need to create multiple identical GSLB services.
Health Monitor
This field determines which monitor must be used by the DNS SE to generate the synthetic traffic, for monitoring the health of GSLB pool members and mark them
UP
orDOWN
. For more details on GSLB health monitor, see GSLB Health Monitors.Use the Create option to create a custom monitor. You can also navigate to Templates > Profiles > Health Monitors to define a custom monitor to use with the global application.
Health Monitor Scope
By default, health monitors assess the health of all GSLB pool members including NSX Advanced Load Balancer virtual services or third-party VIPs.
Select only members that are not part of NSX Advanced Load Balancer, if the data path monitoring of NSX Advanced Load Balancer members is redundant to the control path health monitoring.
Controller Health Status
Control-plane health monitor is used to assess health of Avi member services by collecting virtual service health status from their local Avi Controllers. This option is irrelevant to external virtual services, whose health can only be assessed via data-path health checks.
Note:The knob to turn on/off the control plane health monitoring has been deprecated. The control-plane health monitoring will always be present irrespective of the knob.
Select Group Type
Select the behavior for pools. If the default value of Active-Active is selected, one of four load balancing algorithms can be selected.
Groups Load Balancing Algorithm
The load balancing algorithm picks a GSLB pool within the GSLB service list of available pools. Select one of the two algorithms, namely, priority or geolocation-based.
Site Persistence
Select this check box to enable site persistence for the GSLB service. For more details, see GSLB Site Cookie Persistence.
Topology Policy
When enabled, topology policy rules are used first for member selection. If no valid member is found using the topology policy rules, configured GSLB algorithms for pool selection and member selection are used.
Site Cookie Application Persistence Profile
This field is displayed if Site Persistence check box is selected. Click Create to launch an editor to create a new Site Cookie Application Persistence profile.
The application persistence profile is used with GSLB site cookie persistence.
PKI Profile
PKI Profile used to validate the SSL certificate presented by a server.
Minimum number of Servers
The minimum number of members to which traffic must be distributed.
The GSLB service minimum members parameter modifies the first step in the selection process by considering the number of member services that are
UP
within a given GSLB service pool. If the count ofUP
services drops below the minimum number of members for a pool, traffic is not directed to the pool, even though it might otherwise have been selected (based on its priority or proximity).If non-zero, this value ranges from 1 to 65535. Zero is a special case that disables limiting. The
min_members
is similar to themin_servers
for pool groups.Consider the following set-up:
Two GSLB pools
P1 - 4 members of priority 10.
P2 - 3 members of priority 5.
min_members
value is set to 3.
If P1 has at least 3 members up, only P1 is chosen. If the number of servers which are in upstate in P1 goes below 3, P1 and P2 are selected equally.
Pool Members Load Balancing Algorithm
For Active-Active pool configurations, choose a load balancing algorithm that will pick a local member within the GSLB services list of available members.
The following are the options:
Round Robin (the default)
Consistent Hash
Geo
Topology
Preference Order
Note:Based on the value selected for Pool Members Load Balancing Algorithm, an additional field can be displayed. If option Consistent Hash is selected, an additional field, namely, Pool Members Load Balancing Algorithm Mask is displayed. If option Geo is selected, an additional field, namely, Pool Members Fallback Load Balancing Algorithm is displayed.
IP Address or Virtual Service
Choose Virtual Service for identifying a native NSX Advanced Load Balancer virtual service. If the IP Address is selected, a different set of options will appear.
Choose IP Address to identify an external GSLB pool member. For more information, see GSLB in an AWS Multi-Region, Multi-AZ Deployment and Integrating with Third-Party GSLB Site.
Note:For third-party members, a third-party Controller is optional, irrespective of whether it is redundantly configured or not. If you have selected the IP Address option, skip the following steps.
Add GSLB Pool Member
After the first member service has been defined for the GSLB pool, click this to create an additional one.
- Configuring Pool Member by Virtual Service:
For the default selection of Virtual Service for Pool Member configuration, the following fields are displayed.
Option Description Field
Description
Site Cluster Controller
To identify a native NSX Advanced Load Balancer virtual service, you need to select its Controller through this field. If a controller name has to be displayed in the drop-down menu, the Controller must be pre-configured.
Virtual Service
This field only appears after a site Cluster Controller has been selected. Select a pre-configured virtual service from the drop-down menu.
Public IP(v4/v6) Address
This is an alternative IP address for the pool member. In normal deployments, the VIP of the third-party service is a private IP address. It gets configured in the IP field of the GSLB service. In this field you can identify the public IP address for the VIP. It will get translated to the private IP by a firewall. Client DNS requests coming from within the intranet must have the private IP served in the A record, and external requests must be served the public IP address.
For more information, see NAT-aware Public-Private GSLB Configuration.
Description
Add a comment if required.
- Configuring Pool Member by IP Address:
If IP Address was selected in the above steps to identify an external pool member, the above alternative display appears. Fill in the following fields instead of the options listed in step 3.
Option Description Field
Description
IP(v4/v6) Address or FQDN
Pool member can also be configured using an IP address or an FQDN name instead of referring to a Virtual Service. IP address or FQDN is generally used for external GSLB pool members. If a GSLB pool member is configured with an FQDN (Fully qualified domain name), the controller resolves the FQDN to an IP address.
Public IP(v4/v6) Address
This is an alternative IP address for the pool member. In normal deployments, the VIP of the third-party service is a private IP address. It gets configured in the IP field of the GSLB service. In this field you can identify the public IP address for the VIP. It gets translated to the private IP by a firewall. Client DNS requests coming in from within the intranet must have the private IP served in the A record, while requests from outside must be served the public IP address.
Third-party Site Cluster Controller
From the drop-down menu, select the third-party site name to which the third-party VIP has to be associated.
Description
Add description, if required.