Configure High Availability for VMware SSO using vShield Edge – Part 2

In Part 1 went through the process of deploying the vShield Edge, next we configure the SSO virtual servers

Configure vShield Edge SSO Virtual Server.

Select the newly deployed Edge and click Actions.

Select Manage

vs1

Select the Load Balancer tab.

Click the plus sign to add a pool.

On the Name & Description screen, enter SSO as the name for this pool.

Click Next.

addpool

On the Services screen, enable HTTPS.

Set the Balancing Method to LEAST_CONN.

Enter 7444 as the port number.

Click Next.

serv

On the Health Check screen, change the Monitor Port to 7444.

Click Next.

health

On the Members screen, click the plus sign to add members to this pool.

Enter the IP address of the SSO1 server.

Click Add, to add it to the pool.

Repeat this step for the SSO2 server.

Click Next.

memb

Click Finish to complete the pool creation.

IMPORTANT: Click Publish Changes in the green bar.

pub

Click the Enable button to enable to pool.

enable

IMPORTANT: Click Publish Changes in the green bar.

pub

Click the Virtual Servers link.

vss

Click the plus sign to add a virtual server.

Enter a name for the virtual server. E.g.. ssl001.localdomain

Enter SSO as the description.

Enter the IP address.

Select the SSO pool.

Enable HTTPS and change the port to 7444.

Select SSL_SESSION_ID as Persistent Method

Click Add.

.virt2

IMPORTANT: Click Publish Changes in the green bar.

pub

Make sure you create a DNS entry in local DNS for the SSO VIP

 

Configure vShield Edge Web Client Virtual Server.

We’re also going to configure the vShield Edge to act as a load balancer for Web Client Service.

Select the new deployed Edge and click Actions.

Select Manage.

vs1

Select the Load Balancer tab.

Click the plus sign to add a pool.

On the Name & Description screen, enter WebClient as the name for this pool.

Click Next.

webcli

On the Services screen, enable HTTPS.

Set the Balancing Method to LEAST_CONN.

Enter 9443 as the port number.

Click Next.

On the Health Check screen, change the Monitor Port to 9443.

Click Next.

ht2

On the Members screen, click the plus sign to add members to this pool.

Enter the IP address of the SSO1 server.

Click Add, to add it to the pool.

Repeat this step for the SSO2 server.

Click Next.
Note SSO1 and SSO2 must have vSphere WebClient software installed.

mem2

Click Finish to complete the pool creation.

IMPORTANT: Click Publish Changes in the green bar

pub

Click the Enable button to enable to pool.

enable

IMPORTANT: Click Publish Changes in the green bar.

pub

Click the Virtual Servers link

setts2

Click the plus sign to add a virtual server.

Enter a name for the virtual server. E.g.

Enter Webclient as the description.

Enter the virtual IP address.

Select the WebClient pool.

Enable HTTPS and change the port to 9443.

Select SSL_SESSION_ID as Persistent Method

Click Add.

wc2

IMPORTANT: Click Publish Changes in the green bar.

pub

 You should now be able to access the SSO service and Web Client using the Virtual IP address, you can check the health of the pools on the ‘Load Balancer’ tab.  In part 3 we will complete the configuration on the SSO servers.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s