TESTING & INTEGRATION GROUP SOLUTION GUIDE



Similar documents
Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide

Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide

AppDirector Load balancing IBM Websphere and AppXcel

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

TESTING & INTEGRATION GROUP SOLUTION GUIDE

Radware s AppDirector. And. Microsoft Exchange Integration Guide

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM System with VMware View

Microsoft Windows 2008 Media Server Load Balancing with Radware AppDirector.

Radware s AppDirector. And. Microsoft Exchange Integration Guide

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway

DEPLOYMENT GUIDE DEPLOYING F5 WITH VMWARE VIRTUAL DESKTOP INFRASTRUCTURE (VDI)

Deploying the BIG-IP System v10 with VMware Virtual Desktop Infrastructure (VDI)

Oracle Communication Service Load Balancing with Radware SIP Director.

Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.

Radware AppDirector and Juniper Networks Secure Access SSL VPN Solution Implementation Guide

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with Microsoft Windows Server 2008 R2 Remote Desktop Services

DEPLOYMENT GUIDE. Deploying the BIG-IP LTM v9.x with Microsoft Windows Server 2008 Terminal Services

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH MICROSOFT WINDOWS SERVER 2008 TERMINAL SERVICES

Load Balancing VMware Horizon View. Deployment Guide

DEPLOYMENT GUIDE Version 1.0. Deploying F5 with the Oracle Fusion Middleware SOA Suite 11gR1

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

Microsoft Lync Server Overview

DEPLOYMENT GUIDE DEPLOYING F5 WITH MICROSOFT WINDOWS SERVER 2008

Deploying the BIG-IP LTM system and Microsoft Windows Server 2003 Terminal Services

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with IBM WebSphere 7

Load Balancing for Microsoft Office Communication Server 2007 Release 2

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with Oracle Fusion Middleware Identity Management 11gR1

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

NEFSIS DEDICATED SERVER

TESTING & INTEGRATION GROUP SOLUTION GUIDE

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

Secure Web Appliance. Reverse Proxy

Deployment Guide July-2015 rev. A. Deploying Array Networks APV Series Application Delivery Controllers with VMware Horizon View

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

Load Balancing Microsoft Sharepoint 2010 Load Balancing Microsoft Sharepoint Deployment Guide

Radware s AppDirector and Oracle Siebel Customer Relationship Management (CRM) 8.1 Implementation Guide

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP SYSTEM WITH MICROSOFT INTERNET INFORMATION SERVICES (IIS) 7.0

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Deploying the Barracuda Load Balancer with Microsoft Exchange Server 2010 Version 2.6. Introduction. Table of Contents

ALOHA Load-Balancer. Microsoft Exchange 2010 deployment guide. Document version: v1.4. ALOHA version concerned: v4.2 and above

DEPLOYMENT GUIDE CONFIGURING THE BIG-IP LTM SYSTEM WITH FIREPASS CONTROLLERS FOR LOAD BALANCING AND SSL OFFLOAD

Deploying the BIG-IP System with Oracle E-Business Suite 11i

Deploying F5 with Microsoft Remote Desktop Services

Deployment Guide AX Series with Citrix XenApp 6.5

Deployment Guide Microsoft IIS 7.0

Introduction to Mobile Access Gateway Installation

Load Balancing VMware Horizon View. Deployment Guide

Load Balancing Microsoft Terminal Services. Deployment Guide

Remote Desktop Services Overview. Prerequisites. Additional References

Load Balancing Oracle Application Server (Oracle HTTP Server) Quick Reference Guide

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with Apache Tomcat and Apache HTTP Server

DEPLOYMENT GUIDE Version 1.3. Deploying F5 with VMware ESX Server

Deployment Guide Oracle Siebel CRM

Overview of WebMux Load Balancer and Live Communications Server 2005

Snapt Balancer Manual

Set Up a VM-Series Firewall on the Citrix SDX Server

Owner of the content within this article is Written by Marc Grote

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

Microsoft Lync 2010 Deployment Guide

vrealize Automation Load Balancing

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365

Alteon Application Switch Microsoft SharePoint 2013 Integration Guide

Jeff Schertz MVP, MCITP, MCTS, MCP, MCSE

Application Note. Active Directory Federation Services deployment guide

Availability Digest. Redundant Load Balancing for High Availability July 2013

Load Balancing Bloxx Web Filter. Deployment Guide

F-Secure Messaging Security Gateway. Deployment Guide

CumuLogic Load Balancer Overview Guide. March CumuLogic Load Balancer Overview Guide 1

Introducing the Microsoft IIS deployment guide

Networking and High Availability

Using IIS Application Request Routing to Publish Lync Server 2013 Web Services

Testing and Integration Group Deploying Alteon NG with Citrix XenDesktop

Deploying Microsoft SharePoint Services with Stingray Traffic Manager DEPLOYMENT GUIDE

Microsoft SharePoint 2010 Deployment with Coyote Point Equalizer

Load Balancing Microsoft Remote Desktop Services. Deployment Guide

Load Balancing Trend Micro InterScan Web Gateway

Load Balancing Microsoft Lync 2010 Load Balancing Microsoft Lync Deployment Guide

VMware View 5.0 and Horizon View 6.0 DEPLOYMENT GUIDE

Radware s AppDirector and IBM s Lotus Domino Integration Guide

Guide to the LBaaS plugin ver for Fuel

Configuring Citrix NetScaler for IBM WebSphere Application Services

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

Networking and High Availability

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP system v10 with Microsoft Exchange Outlook Web Access 2007

Owner of the content within this article is Written by Marc Grote

Installing and Using the vnios Trial

Introduction to the EIS Guide

Network Load Balancing

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH ADOBE ACROBAT CONNECT PROFESSIONAL

Load Balancing McAfee Web Gateway. Deployment Guide

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with the Zimbra Open Source and Collaboration Suite

Deployment Guide Microsoft Exchange 2013

Configuring the BIG-IP system for FirePass controllers

Transcription:

TESTING & INTEGRATION GROUP SOLUTION GUIDE AppDirecor optimizing the delivery of VMware View 4.5 Contents INTRODUCTION... 2 RADWARE APPDIRECTOR... 2 VMWARE VIEW... 2 RADWARE APPDIRECTOR AND VMWARE VIEW SERVER ARCHITECTURE... 3 IMPORTANT IMPLEMENTATION NOTES... 4 CONFIGURATION... 5 APPDIRECTOR ACTIVE CONFIGURATION... 5 APPDIRECOR STANDBY CONFIGURATION... 13 VMWARE VIEW CONNECTION SERVERS... 15 CONFIGURE VMWARE VIEW GLOBAL SETTINGS... 15 TECHNICAL SOLUTION GUIDE DATE: Thursday, January 06, 2011 Version: 1.0 Author Elad Kurzweil

Introduction Implementing VMware View in an organization introduces a new set of challenges for IT, pushing its infrastructure to its limits and challenging its current administration policies. VMware View requires that an organization meet SLA commitments and provide QoE assurances. The inability to comply with these requirements will result in user frustration and loss of user productivity. This guide presents a basic integration solution in which Radware s load balancing and acceleration product, AppDirector, is set up in front of a VMware View environment to ensure its availability and performance in order to meet SLA and QoE requirements. Radware AppDirector Radware offers an array of solutions that address the challenges presented by VMware View. AppDirector delivers performance improvement, availability assurance and acceleration of content delivery to clients using VMware View by utilizing load-balancing, health checks and Web acceleration capabilities, while ensuring session persistency between clients and servers. The advantages of using AppDirector in such a deployment are: Load balancing the VMware View cluster of VMware View servers using high availability (HA) and traffic management. Health monitoring of the VMware View servers, indicating which servers are up or down Hardware HA with two AppDirectors One IP (VIP) that the VMware View client connects to VMware View Deliver rich, personalized virtual desktops to any device with all the benefits of centralized enterprise desktop management. The VMware View portfolio of products lets IT run virtual desktops in the datacenter while giving end users a single view of all their applications and data in a familiar, personalized environment on any device at any location. Get greater flexibility, reliability, efficiency and security managing desktops and applications from the datacenter. Lower costs by centralizing management, administration and resources Increase security by moving data from desktop devices into the datacenter Improve business agility with faster provisioning and user flexibility with universal access 2

Radware AppDirector and VMware View Server Architecture FIGURE 1 TESTED CONFIGURATION 3

Important Implementation Notes 1. The AppDirector offloads SSL and TCP processing from the Connection server. For that, it proxies all incoming connections and terminates the SSL and TCP connections from the clients. On the server side it manages a small number of TCP connections and maintains them open on behalf of multiple clients using clear HTTP as the transport protocol. Clients IPs are NATed behind the AppDirector. 2. Note: In case that the Connection server has to get the client IP as the source IP, the Client NAT configuration, the extended farm and server NAT settings and L4 HTTP policy settings should change. 3. Throughout this guide, reference is made to the Radware preconfigured certificate, but you can import a certificate or create a new certificate in AppDirector. For more information on exporting, importing, or creating a certificate, see the Radware AppDirector User Guide. 4. Make sure to deactivate the check box on the VMware View Administration management called Require SSL for client connections. See description below. Figure 1 illustrates the configuration that was tested, which includes the following work flow: 1. The remote clients connect to the VIP (AppDirecor IP) using the SSL protocol. 2. The AppDirector is the termination point of the SSL traffic, offloading SSL processing and forwarding only HTTP traffic to the VMware View Connection server. The AppDirector selects one of the VMware View Connection servers (according to the load balancing algorithm that is configured on the AppDirector) and redirects the specific session to the selected VMware View Connection server over HTTP. The AppDirector keeps a small number of TCP connections constantly open with the server to save the establishment and tear down of TCP connections on the servers. It uses its own IP as the source IP of these connections. 3. The VMware View Connection servers verify that the user is allowed to access a Virtual Desktop machine with the LDAP server (Active Directory). 4. If the user is allowed to connect to a Virtual Desktop, the VMware View Connection server chooses one of the ESX servers that the VM is running on. 5. All return traffic goes through the ESX server back to the VMware View Connection server, and back to the AppDirector over HTTP (port 80), and from the AppDirector to the Client over HTTPS (port 443). 4

Software and Hardware The following is a list of hardware and software tested to verify the interoperability of the presented solution: Microsoft Windows 2008 R2 x64bits Radware s AppDirector ODS1 v.2.30 (2 units) VMware View Connection Server, Agent and client v4.5 VMware vcenter 4.1 VMware ESX 4.1 Configuration APPDIRECTOR ACTIVE CONFIGURATION Network Configuration - Create IP 11.1.4.11/24 on port 1 - Create 192.168.5.1/24 on port 2 - Create default route to 11.1.4.254 Farm Configuration - Create a farm named vmware.view in AppDirector -> Farms -> Farm Table with these parameters, - Farm Name vmware.view - Aging Time - 36000 - Session mode RemoveOnSessionEnd-SPS - Dispatch Method - Cyclic - Connectivity checks No Checks - Create a farm named vmware.view.http.tunnel in AppDirector -> Farms -> Farm Table with these parameters: - Farm Name vmware.view.tunnel - Aging Time - 36000 - Session mode RemoveOnSessionEnd-SPS - Dispatch Method - Cyclic - Connectivity checks No Checks 5

Client NAT Configuration - Enable Client NAT in AppDirector -> NAT -> Client NAT -> Global Parameters with these parameters, - Client NAT Enable - Create Client NAT address table in AppDirector -> NAT -> Client NAT -> NAT Addresses with these parameters, - From IP 192.168.5.222 - To IP 192.168.5.222 - Create Client NAT Intercept addresses in AppDirector -> NAT -> Client NAT -> Intercept Addresses with these parameters, - From IP Client 0.0.0.0 - To Client IP 255.255.255.255 Extended Farm Configuration - Enable Client NAT address range in AppDirector -> FARM -> Extended Parameters with these parameters, - IPv4 Client NAT Address Range 192.168.5.222 Servers Configuration - Create a server named view.server.1 and attach it to the farm vmware.view in AppDirector -> Servers -> Application Servers -> Table with these parameters: - Server Name view.server.1 - Farm Name vmware.view - Server Address 192.168.5.11 - Client NAT Enable - Client NAT Address Range 192.168.5.222 - Create a server named view.server.2 and attach it to the farm vmware.view in AppDirector -> Servers -> Application Servers -> Table with these parameters: - Server Name view.server.2 - Farm Name vmware.view - Server Address 192.168.5.12 - Client NAT Enable - Client NAT Address Range 192.168.5.222 - Create a server named view.server.1 and attach it to the farm vmware.view.tunnel in AppDirector -> Servers -> Application Servers -> Table with these parameters: - Server Name view.server.1 - Farm Name vmware.view.tunnel - Server Address 192.168.5.11 6

- Client NAT Enable - Client NAT Address Range 192.168.5.222 - Create a server named view.server.2 and attach it to the farm vmware.view.tunnel in AppDirector -> Servers -> Application Servers -> Table with these parameters: - Server Name view.server.2 - Farm Name vmware.view.tunnel - Server Address 192.168.5.12 - Client NAT Enable - Client NAT Address Range 192.168.5.222 HTTP Policy Configuration - Create HTTP Policy named tcp.multiplexing in vmware.view in AppDirector -> Layer 4 Traffic Redirection -> HTTP Policies with these parameters: - Multiplex Back-End connections Enabled - Back-End Connection close idle timeout 36000 Layer 7 Configuration 1. Create a Layer 7 server persistency policy in AppDirector -> Layer 7 Server Persistency -> Text Match with these parameters: - Farm Name vmware.view - Application Port 0 - L4 Protocol TCP - Persistency Identifier JSESSIONID - Lookup Mode Text - Stop Chars - ;, (make sure not missing the 2 delimiters ;, ) - Learning Direction Server Reply - Ignore Server Reply Never - Inactivity Timeout - 36000 2. Create a Layer 7 server persistency policy in AppDirector -> Layer 7 Server Persistency -> Text Match with these parameters: - Farm Name vmware.view.tunnel - Application Port 0 - L4 Protocol TCP - Persistency Identifier tunnel? - Lookup Mode Text - Learning Direction No Learning - Ignore Server Reply Never - Inactivity Timeout - 36000 7

3. Create a Layer 7 Method in AppDirector -> Layer 7 Farm Selection -> Method with these parameters: - Method Name default - Method Type Regular Expression - Arguments EXP=. 4. Create a Layer 7 Method in AppDirector -> Layer 7 Farm Selection -> Method with these parameters: - Method Name tunnel - Method Type Text - Arguments TXT=tunnel? 5. Create a Layer 7 policy in AppDirector -> Layer 7 Farm Selection -> Policy with these parameters: - Policy Name Policy.HTTP - Policy Index 1 - First Method tunnel - Farm Name vmware.view.tunnel 6. Create a Layer 7 policy in AppDirector -> Layer 7 Farm Selection -> Policy with these parameters: - Policy Name Policy.HTTP - Policy Index 10 - First Method default - Farm Name vmware.view SSL Policy Configuration 7. Create an SSL policy in AppDirector -> L4 Traffic Redirection -> SSL Policy with these parameters: - Policy name HTTPS.policy - Certificate radware - Listening Server Port 80 - HTTP Redirection Conversion State - Enabled Note: Throughout this guide, reference is made to the radware pre-configured certificate, but you can import a certificate or create a new certificate in AppDirector. For more information on exporting, importing, or creating a certificate, see the AppDirector User Guide. 8

Layer 4 Configuration 1. Create a Layer 4 policy for HTTPS Traffic named VIEW.HTTPS in AppDirector -> Servers -> Server Table with these parameters: - Virtual IP 11.1.4.200 - L4 Protocol TCP - L4 Port 443 - Farm Name vmware.view - Application HTTPS - L7 Policy Policy.HTTPS - HTTP Policy - tcp.multiplexing - SSL Policy HTTPS.policy 2. Create a Layer 4 policy for HTTP Traffic named VIEW.HTTP in AppDirector -> Servers -> Server Table with these parameters: - Virtual IP 11.1.4.200 - L4 Protocol TCP - L4 Port 80 - Farm Name vmware.view - HTTP Policy - tcp.multiplexing - Application HTTP - L7 Policy Policy.HTTP 9

AppDirector Health Monitoring 1. Enable Health Monitoring in Health Monitoring -> Global Parameters. 2. Create a check for HTTP on server 192.168.5.11 in Health Monitoring -> Check Table with these parameters: - Check name VIEW.Server.1 - Method HTTP - Destination Host 192.168.5.11 - Arguments 1. Path / 2. HTTP Method GET 3. Match search string VMware 4. Match Mode String exists - Dest Port 80 3. Create a check for HTTP on server 192.168.5.12 in Health Monitoring -> Check Table with these parameters: - Check name VIEW.Server.2 - Method HTTP - Destination Host 192.168.5.12 - Arguments 1. Path / 2. HTTP Method GET 3. Match search string VMware 4. Match Mode String exists - Dest Port 80 4. Bind the check VIEW.Server.1 to Server vmware.view 192.168.5.11 in Health Monitoring -> Binding Table. 5. Bind the check VIEW.Server.2 to Server vmware.view - 192.168.5.12 in Health Monitoring -> Binding Table. 10

VRRP Configuration 1. Enable VRRP in AppDirector -> Redundancy -> Global Configuration with these parameters: - IP Redundancy Admin Status VRRP - Interface Grouping Enable - ARP with interface grouping Send - Backup Fake ARP Enable - Backup Interface Grouping Enable 2. Create Virtual Router interfaces in AppDirector -> Redundancy -> VRRP -> Virtual Router Table with these parameters: - IF Index 1 - VR ID 1 - Priority 255 (Highest number is Active device) - Primary IP 11.1.4.11 - Leave all other options as default 3. Create Virtual Router interfaces in AppDirector -> Redundancy -> VRRP -> Virtual Router Table with these parameters: - IF Index 2 - VR ID 2 - Priority 255 (Highest number is Active device) - Primary IP 192.168.5.1 - Leave all other options as default 4. Create Associated IP Addresses in AppDirector -> Redundancy -> VRRP -> Associated IP Addresses with these parameters: - IF Index 1, VR ID 1, Associated IP 11.1.4.11 - IF Index 1, VR ID 1, Associated IP 11.1.4.200 - IF Index 2, VR ID 2, Associated IP 192.168.5.1 11

Mirroring Configuration 1. Enable Mirroring in AppDirector -> Redundancy -> Mirroring -> Active Device Parameters with these parameters: - Client Table Mirroring Enable - Session Id Table Mirroring Enable 2. Add Mirror device in AppDirector -> Redundancy -> Mirroring -> Mirror Device Parameters with these parameters: - Mirror Device IP 192.168.5.2 12

APPDIRECOR STANDBY CONFIGURATION Network Configuration - Create IP 11.1.4.12/24 on port 1 - Create 192.168.5.2/24 on port 2 - Create default route to 11.1.4.254 Auto Generating the Backup Configuration from the Primary AppDirector 1. From the web interface menu of the Primary AppDirector, select File -> Configuration -> Receive from Device and choose Backup (Active-Backup) save the file on your computer and call it AppDirector.backup.txt. 2. Open the browser on the AppDirector backup device and upload the saved configuration (AppDirector.backup.txt) in File -> Configuration -> Send to Device 3. Reboot the AppDirector Backup device VRRP Configuration 5. Enable VRRP in AppDirector -> Redundancy -> Global Configuration with these parameters: - IP Redundancy Admin Status VRRP - Interface Grouping Enable - ARP with interface grouping Send - Backup Fake ARP Enable - Backup Interface Grouping Enable 6. Create Virtual Router interfaces in AppDirector -> Redundancy -> VRRP -> Virtual Router Table with these parameters: - IF Index 1 - VR ID 1 - Priority 255 (Highest number is Active device) - Primary IP 11.1.4.12 - Leave all other options as default 7. Create Virtual Router interfaces in AppDirector -> Redundancy -> VRRP -> Virtual Router Table with these parameters: - IF Index 2 - VR ID 2 - Priority 255 (Highest number is Active device) - Primary IP 192.168.5.2 - Leave all other options as default 8. Create Associated IP Addresses in AppDirector -> Redundancy -> VRRP -> Associated IP Addresses with these parameters: - IF Index 1, VR ID 1, Associated IP 11.1.4.11 - IF Index 1, VR ID 1, Associated IP 11.1.4.200 - IF Index 2, VR ID 2, Associated IP 192.168.5.1 13

Mirroring Configuration 3. Enable Mirroring in AppDirector -> Redundancy -> Mirroring -> Active Device Parameters with these parameters: - Mirroring Status - Enable 4. Add Mirror device in AppDirector -> Redundancy -> Mirroring -> Mirror Device Parameters with these parameters: - Mirror Device IP 192.168.5.1 14

VMware View Connection Servers CONFIGURE VMWARE VIEW GLOBAL SETTINGS In this scenario AppDirecor terminates the SSL traffic and works with HTTP on the VMware View Connection servers. By default, the VMware View Connection servers are configured to work in SSL mode. To disable the SSL mode: 1. Log into VMware View administration 2. Select the Configuration tab 3. In Global Configuration, click Edit. 4. Deselect Require SSL for client connections and View Administrator. 5. Create the same configuration for all servers. 6. Go to View Configuration > Servers and edit each connection server, add the External URL name https://view.mycomapny.com:443 (this will be the name that the clients are pointing to) 15

16

Technical Support Radware offers technical support for all of its products through the Radware Certainty Support Program. Please refer to your Certainty Support contract, or the Radware Certainty Support Guide available at: http://www.radware.com/content/support/supportprogram/default.asp. For more information, please contact your Radware Sales representative or: U.S. and Americas: (866) 234-5763 International: +972(3) 766-8666 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information