To avoid service disruption, the Kemp Load Balancer should be configured in HA mode to ensure business continuity in case of appliance failures.
The configuration of the Kemp LoadMaster in HA mode is pretty straightforward and it is the recommended design to be implemented in Horizon environments, especially where users connect from external.
Blog Series
Kemp Load Balancer for VMware Horizon deployment - pt.1
Kemp Load Balancer for VMware Horizon configuration - pt.2
Kemp Load Balancer for VMware Horizon configure HA - pt.3
Kemp Load Balancer configure HA
To configure the Kemp LoadMaster in HA mode you need two appliances.
Prerequisites
The LoadMaster HA configuration requires some prerequisites to work as expected.
- Multicast traffic must be allowed
- IGMP Snooping must be disabled
- ICMP Ping must be allowed
- Port 6973 must be allowed
Configure the Virtual Switch in vSphere
To allow the correct HA communication between Kemp appliances, you need to configure the vSphere Virtual Switch accordingly.
Edit both LAN and DMZ networks used by the Kemp and configure the Security area as follows:
- Promiscuous mode: Reject
- MAC address changes: Accept
- Forget transmits: Accept
In the Teaming and failover area set the following parameter:
- Notify switches: No
Configure the first Load Balancer
Login to the first Kemp appliance and access the System Configuration > HA and Clustering area.
Select HA Mode and click Confirm. HA is an active-passive configuration since only one Kemp at time is active. Although Clustering mode would be a better solution, it requires at least three LoadMasters and it could be a limit if you have budget constraints.
Since we are configuring the first appliance, select HA (First) Mode in the HA Mode drop-down menu.
Click OK to confirm.
Click OK to acknowledge the message about Shared IP addresses.
To implement Kemp in HA mode, you need to specify an additional IP Address labeled as HA Shared IP address that is identical for both Kemp appliances. This IP Address is used to access the Web User Interface (WUI) management page and routing.
You need to specify a HA Shared IP address for both eth0 and eth1 NIC interfaces using one LAN and one DMZ IP address. In addition, as best practice the Use for HA checks option should be enabled in all production interfaces.
Enter the IP Address and click Set Shared address.
Click OK to confirm.
Note that in the top-right of the screen there are now two indicator squares. They represent HA1 and HA2 and indicate the status of the HA pair (A is the active appliance). Since the second appliance has not yet joined the pair, the icon is red.
Enter the HA Partner IP Address (the IP of the second appliance) and click Set Partner address.
Click OK to confirm the configuration.
To apply the configuration, you need to reboot the appliance. Click Reboot Now.
Click Continue.
When the rebooted, the first appliance is now configured for HA mode. The green square indicates the active Kemp Load Balancer.
Access the WUI management page
From your preferred browser, enter the URL https://<kemp_HA_Shared_IP_Address> previously configured to access the WUI. Enter the bal credentials and click Login.
This is the WUI page where you can manage the system when HA mode is enabled.
Configure the second Load Balancer
Once the first appliance has been configured, you need to configure also the second Kemp to complete the HA pair. Login to the second LoadMaster and go to System Configuration > HA and Clustering area.
Select HA Mode and click Confirm.
Select HA (Second) Mode from HA Mode drop-down menu.
Click OK to confirm the configuration.
Click OK to acknowledge the information about Shared IP addresses.
Enter the same HA Shared IP address configured in the first appliance then click Set Shared address.
Click OK to confirm.
Enter the HA Partner IP Address (the IP of the first appliance) and click Set Partner address. Keep in mind to configure the HA Partner IP Address also for eth1.
Click OK to confirm.
To apply the configuration you need to reboot the appliance. Click Reboot Now.
Click Continue.
After rebooting the second appliance, access the Kemp LoadMaster's dashboard. Note that square indicators are now both green.
From the WUI you can specify which is the default server to use. Go to System Configuration > HA Parameters and select the desired value from the Switch to Preferred Server drop-down menu.
The Kemp Load Balancer is now configurated in HA mode ensuring service availability even if one Kemp appliance goes offline.
The HA Mode is recommended especially in Horizon environments with several users and external accesses to avoid disconnection if the Kemp connected to UAGs and Connection Servers experiences a failure.
thanks for the guide!!
i have not clearly understand why we have to change the vswitch setting.
can you please detail more about this configuration?
You need to change these vSwitch settings to allow Kemp HA between the two appliances. Without this change, HA is not working properly and both appliances think to be the master.