Deep Dive on GSLB with VMware NSX Advanced Load Balancer (Avi Networks)
•Transferir como PPTX, PDF•
1 gostou•1,433 visualizações
This document provides an overview and demonstration of global server load balancing (GSLB) capabilities with VMware NSX Advanced Load Balancer (Avi Networks). The summary includes: - GSLB allows load balancing traffic across multiple data centers and cloud environments based on factors like geo-location, network topology, and site availability. - The GSLB configuration is synchronized between controller clusters with one acting as the leader, and health monitoring can be done both in the data and control planes. - A DNS virtual service provides resolution for defined domain names and is placed on GSLB service engines for high availability across sites. - Features like active/active sites, geo-location routing, and public/private address
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Deep Dive on GSLB with VMware NSX Advanced Load Balancer (Avi Networks)
Semelhante a Deep Dive on GSLB with VMware NSX Advanced Load Balancer (Avi Networks) (20)
Mais de Avi Networks
Mais de Avi Networks (20)
Último
Último (20)
Deep Dive on GSLB with VMware NSX Advanced Load Balancer (Avi Networks)
- 1. Confidential │ ©2019 VMware, Inc. Deep-dive on GSLB with VMware NSX Advanced Load Balancer (Avi Networks) Avi Tech Corner Episode 11 G. Wesley Robertson SE, NSBU 10/24/19
- 2. Confidential │ ©2019 VMware, Inc. Agenda 2 Platform Overview DNS / GSLB 101 Avi GSLB Solution Use Cases Demo Q&A
- 3. Confidential │ ©2019 VMware, Inc. 3 BARE METAL VIRTUALIZED CONTAINERSON PREMISES PUBLIC CLOUDVIRTUALIZED CONTAINERS INTELLIGENCE ELASTICITY AUTOMATIONMULTI-CLOUD SEPARATE CONTROL & DATA PLANE VMware NSX Advanced Load Balancer (Avi Networks) Modern, Scalable, Multi-Cloud Architecture CONTROLLER SERVICE ENGINE
- 4. Confidential │ ©2019 VMware, Inc. 4 DNS 101 Standard DNS Query LDNS 1 .com avi.com 3 A Record Root Avi DNS 1. Client requests recursive DNS lookup for www.avi.com from local DNS. 2. LDNS does not have answer, sends a new iterative query to root. Root does not have answer, sends NS record for avi.com name server. 3. LDNS sends new iterative query to avi.com, the authoritative nameserver for Avi.com, which responds with the A record. 4. LDNS returns A record to client. Client initiates application connection to IP for www.avi.com
- 5. Confidential │ ©2019 VMware, Inc. 5 GSLB 101 DNS Query with GSLB Response 1. Client requests DNS lookup for www.avi.com from local DNS. 2. LDNS does not have answer, sends a new query to root. Root does not have answer, sends NS record for avi.com name server. 3. LDNS sends new query to avi.com nameserver, which responds with NS record for delegated subdomain. 4. LDNS sends new query to www.avi.com nameserver (Avi GSLB), which responds with an A record for one of the two sites. 5. LDNS returns A record to client. Client initiates application connection to IP for www.avi.com LDNS 1 .com avi.com 3 NS Record Root Avi DNS Data Center 1 10.1.1.1 www.avi.com Data Center 2 20.2.2.2 Avi GSLB
- 6. Confidential │ ©2019 VMware, Inc. 6 Virtual service GSLB service Listens for IP:Port Domain name Points to (one or more) Pools (one or more) Global pools Pool contains Server IP:Ports VS or Server IPs GSLB Service Hierarchy A global service is essentially the same concept as a virtual service Local Load Balancing GSLB service Virtual services (or servers) Global pool Virtual service Servers Pool Global Load Balancing • Site (Data Center): Location where apps may be deployed. A DC may or may not have Avi in that location. • Federation: Some objects can be marked as federated, such as health checks, and will be replicated across Avi Vantage / Controller clusters
- 7. Confidential │ ©2019 VMware, Inc. 7 Active Leader Site - DC 1 VS-A1 VS-B1 DNS VS-A4 DNS All GSLB configuration is performed at the “Leader” Controller “Leader” Controller syncs the configuration to all the “Follower” sites Active Follower Site - AWS Admin VS-B3 Active Follower Site - DC 2 VS-A2 DNS Passive Follower Site Azure VS-B2 VS-A3 • Leader site • Follower site • Active • Passive Definitions GSLB Object Model
- 8. Confidential │ ©2019 VMware, Inc. 8 GSLB Federation • Each Site has a local Controller cluster / Avi deployment • Both DCs have a GSLB Service Engine, tied to their respective Controllers • The GSLB configuration is synched between the two Controller clusters • One Controller cluster will be leader for GSLB configuration – All GSLB config changes must be made from the lead Controller – Config will be pushed to the remote Controller clusters – Other than GSLB-related config sync, Controller clusters have no other interaction Data Center 1 LLB SE GSLB SE LLB SE GSLB SE Lead Controller Controller Data Center 2
- 9. Confidential │ ©2019 VMware, Inc. 9 Health Monitors • Monitoring should be done across sites via data plane and control plane • Data plane monitoring – Active (synthetic) monitor send from GSLB SE to local and remote VS – By default, ALL DNS-VS SEs monitor ALL VS. Use Health monitor proxy/sharding to control monitor source and scale • Control plane monitoring – Controller in charge of SE/VS propagates health status to other Controller clusters Data Center 1 LLB SE GSLB SE LLB SE GSLB SE Lead Controller Controller Data Center 2 Control plane health exchange Data plane health monitors Back haul VPN X X
- 10. Confidential │ ©2019 VMware, Inc. 10 DNS Virtual Service for GSLB • DNS VS provides the resolution for defined domain names – authoritative name server(s) • DNS VS is placed on a Service Engine, within an SE Group – Avi recommends creating a new SE Group, and placing DNS VS into a dedicated SE group – For high availability, GSLB SEs should exist in more than one DC – Local SE redundancy is optional – If geo location LB is used, SEs should be given minimum of 4GB memory – As in any VS, you can associate a pool for load balancing non-GSLB queries (screening mode) Data Center 1 Global & Local LB SE GSLB SE LLB SE Lead Controller Controller Data Center 2
- 11. Confidential │ ©2019 VMware, Inc. 11 Managing 3rd-party Sites • A Controller may manage multiple clouds (data center 1 and 2 in the illustration) • Servers may be load balanced even though Avi is not deployed at that location (data center 3) – Common use case is a non-Avi load balancer – Only data plane health monitoring may be performed – Only one Avi GSLB needs to health check the 3rd party site Data Center 1 LLB SE LLB SE GSLB SE GSLB SE Controller Data Center 2 Data Center 3 (3rd-party site)
- 12. Confidential │ ©2019 VMware, Inc. 12 GSLB Features At-A-Glance Functionality • Active / Standby sites • Active / Active sites • Geo location based load balancing (Latt/Long) • Network Topology based load balancing • DNS Policy for advanced use cases • Public/Private Address Resolution • Full range of analytics and visibility • Site persistence – consistent hash LB, site cookie • Read/write EDNS/ECS (Think: XFF for DNS) Steps Required: 1. Turn on GSLB in Infrastructure > GSLB 2. Configure at least one Site 3. Point to or create a DNS virtual service as the GSLB listener 4. Create a global service which is a load balanced domain name DC1 DC2 X Site persistence can automatically correct a situation where a user is resolved to a different data center mid-session
- 13. Confidential │ ©2019 VMware, Inc. 13 IN ALL cases, resolve clients to the nearest Data Center location • For External Applications, use the Geo-ip database for clients, as well as custom geo mappings (Latt/Long) for sites • For Internal Applications, use a custom topology based on subnet mappings For internal applications, only accept queries from Internal clients Resolve Internal clients to Private addresses Resolve External clients to Public addresses Provide a fallback option based on site availability Make decisions based on the EDNS0/ECS “Client Subnet” header Vs the LDNS IP address Use case: Public/Private IP-aware, location-based decisioning GSLB Demo
- 14. Confidential │ ©2019 VMware, Inc. Thank You