This long blog post will describe how we can build a load-balancer on VMware Cloud on AWS.
Any business application that requires a minimum level of scale or resiliency would require a load-balancer. As our customers continue to migrate applications to VMware Cloud on AWS (or spin up some new ones from scratch), many of them would ask me how we can provide load-balancing capabilities for applications running on VMware Cloud on AWS.
While VMware Cloud on AWS leverages network virtualization through NSX-T to provide virtual networking, edge firewalling, distributed firewalling, L3 VPN, L2 VPN ; the load-balancing feature of NSX-T is currently not offered within VMware Cloud on AWS (as of February 2019).
This post will be updated with the NSX-T load-balancer when this option will be available.
We therefore need to explore other ways to offer load-balancing within VMware Cloud on AWS. Two options are available today:
- Use the AWS Elastic Load-Balancers.
- Deploy a 3rd Party Load-Balancer (F5, AVI Network, etc…) in a VM-form factor and attach it in one-arm mode.
I started by building a very simple web farm with three Windows web servers on VMware Cloud on AWS.
The first option has been fairly well documented by Brian Graf in his blog post: UNDERSTANDING VMC INTEGRATIONS WITH AWS SERVICES – PART 3 – VMWARE AND AMAZON APPLICATION LOAD BALANCERS
Without repeating the great work Brian has done, I used an AWS Elastic Load Balancer to balance traffic towards my web farm through the Elastic Network Interface (remember – details about the ENI can be found here). I monitor the health of my web farm with health checks checking the responsiveness of each ‘real server’ over TCP 80.
Try it yourself – go on http://elbvip.vmc.ninja and you should hit on one of the three web servers. Given the way the AWS ELB is built, you might be stuck to one of them (unlike the other option I will suggest which offer options such as round-robin).
Leveraging the AWS ELB is a fine option – it’s reasonably well-priced, it leverages the high-throughput and free-of-charge connection through the ENI and it’s very simple to set up (you can be done in 15 minutes).
Alternatively, you can look at implementing a load-balancer as a virtual appliance within VMware Cloud on AWS. The benefits are that the traffic does not need to hairpin between the ‘native AWS’ side and VMware Cloud on AWS. You can also leverage your existing enterprise-grade load-balancers (from the likes of F5).
I decided to explore a different option and leverage AVI Networks, a relatively recent software-defined load-balancing company who not only provides enterprise-grade load-balancing but the ability to do multi-cloud load-balancing across VMs, native cloud instances and containers. Pretty funky.
With zero knowledge of the platform and some support from Dan Watson, it only took me a couple of days to install the AVI Controller (where all the intelligence lives) and the AVI Service Engine (essentially the load-balancer that does all the work) within VMware Cloud on AWS.
I built a virtual AVI LB and attached one of its network interface to the web segment where my web farm is based (I attached the management network interface of the LB to a dedicated management segment). The AVI LB connects up to the AVI Controller and picks up the configuration from the controller.
I created a pool of servers (the 3 web servers) and a Virtual Service (the Virtual IP) that monitors and load-balances the traffic between my server pool.
Check http://avivip.vmc.ninja/ to check out traffic load-balanced by virtual LB to a web farm on VMC on AWS.
I was very impressed by the level of application performance and visibility through the AVI Service Engine:
And that’s it! I hope you found this blog useful – do let me know if you have any feedback.
Once we have the NSX-T Load-Balancer option ready, there will be another solid option for customers to implement load-balancing within VMware Cloud on AWS.