Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

Configure GSLB to Access an HTTP Virtual Service on Oracle Cloud VMware Solution SDDC through NSX ALB over the Internet

Introduction

In this tutorial series, we successfully deployed and configured NSX Advanced Load Balancer (formerly known as Avi Networks) controllers, set up DNS virtual services to host DNS records for the HTTP Nginx virtual service. This service is accessible both externally over the internet and internally for our users.

In this tutorial, we are expanding our deployment. Our set up consists of Oracle Cloud VMware Solution Software-Defined Data Center (SDDC) running in regions: Frankfurt and Ashburn, each with its NSX ALB (Avi) controllers deployed. Our plan is to host the Nginx HTTP service on the Frankfurt and Ashburn SDDCs respectively. With the HTTP service reachable over the internet, our goal is to direct end users to the nearest HTTP virtual service region, whether it is Frankfurt or Ashburn, based on their location.

This is the sixth tutorial, where we will deploy and configure Global Server Load Balancing (GSLB) on the NSX Advanced Load Balancer (NSX ALB). Both the Frankfurt and Ashburn regions will participate in GSLB as regions. For more information, see VMware NSX Advanced Load Balancer GSLB Guide.

Objective

• Deploy and configure GSLB service on the NSX ALB. Administrators will be able to deploy and access an HTTP virtual service via a domain name for external users based on their location, ensuring redirection to the closest region.

Prerequisites

• NSX ALB (Avi) controllers has been deployed on both the regions: Frankfurt and Ashburn with non overlapping addresses, see Tutorial 1: Deploy VMware NSX Advanced Load Balancer on Oracle Cloud VMware Solution SDDC

• Set up DMZ on Oracle Cloud VMware Solution SDDC on both the Frankfurt and Ashburn regions, see A Detailed Guide to Deploy a DMZ on NSX-T for Oracle Cloud VMware Solution.

• Configure DRG remote peering on Oracle Cloud Infrastructure (OCI) as NSX ALB (Avi) controllers in Frankfurt and Ashburn region, both should be able to communicate with each other, see Remote VCN Peering through an Upgraded DRG.

Task 1: Update the Domain Name servers

For this tutorial, we are using the domain demoocvs.xyz from GoDaddy. OCI public DNS zone will manage this domain demoocvs.xyz DNS records. To create a public zone on OCI, follow the steps:

1. Log in to the OCI tenancy, navigate to Networking, DNS Management and click Zones.

2. In Public Zones, click Create public zone and enter the Domain as demoocvs.xyz.

   

3. Copy the RDATA entries and enter them as Nameservers on the GoDaddy portal.

   

   

4. As the GSLB set up is accessible over the internet, we need to reserve public IP’s - two from Frankfurt region and two from Ashburn region. For this tutorial, we are reserving four public IP’s as each DNS and HTTP virtual service in Frankfurt and Ashburn region will need them. For more information, see Reserving a Public IP Address.

   VMware NSX Advanced Load Balancer GSLB set up requires a subdomain. In our set up, we will use oracle.demoocvs.xyz for the same. NSX ALB DNS virtual services in Frankfurt and Ashburn regions will have DNS entries and will act as Nameserver for subdomain oracle.demoocvs.xyz.

   We will point subdomain oracle.demoocvs.xyz to NSX ALB DNS virtual services and assign public IP too. Add the A records and then NS records.

   We are assigning the public IP on the OCI zone so that it knows where to forward the traffic. Same DNS records will be created on the NSX ALB DNS virtual service later.

   

Task 2: Configure NSX ALB (Avi) Controllers

We must follow Tutorial 5: Configure HTTP Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for Internet-Based Access of this series to configure NSX ALB (Avi) controllers. In Tutorial 5: Configure HTTP Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for Internet-Based Access, we dynamically created DNS records on the virtual service, however this is strictly internet facing. Here we will create static DNS records with public IP’s.

Follow Task 2 of Tutorial 5: Configure HTTP Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for Internet-Based Access however, DNS profile is not needed. This is because we will set up static IP addresses (DNS entries). During cloud connector set up, we will not add the DNS profile, rest of the steps will be same.

Note: Make sure that the steps are followed for both Frankfurt and Ashburn regions.

Task 3: Configure and Deploy DNS Virtual Service in the Frankfurt and Ashburn Regions

Follow Task 3 of Tutorial 5: Configure HTTP Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for Internet-Based Access without the DNS application domain. All the other steps will remain the same. We need to deploy DNS virtual service in both the Frankfurt and Ashburn regions.

Once the DNS virtual service has been deployed, we need to edit it and add static IP’s. As we mentioned, GSLB subdomain that is oracle.demoocvs.xyz Name server will be the DNS virtual service.

DNS virtual service in both the Frankfurt and Ashburn regions will have public IP associated with them. We have reserved the public IP on OCI that we need to map with each DNS virtual service. We need to configure DNS records on both DNS virtual services in Frankfurt and Ashburn region.

• frankfurtdns virtual service is assigned public IP 158.101.188.xx.

• ashburndns virtual service is assigned public IP 141.148.59.xx.

Task 4: Configure and Deploy HTTP Virtual Service

Follow Task 4 of Tutorial 5: Configure HTTP Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for Internet-Based Access without the DNS application domain. We need to deploy the HTTP virtual service (Web virtual service) on both Frankfurt and Ashburn regions.

After deploying the HTTP virtual service, we need to map it to the public IP, this is required as it is accessible over the internet. The DNS virtual service needs to know about the HTTP virtual service and will maintain its DNS record. We will manually add DNS record on both DNS virtual services in Frankfurt and Ashburn regions. The HTTP virtual service is part of the GSLB deployment, so the Fully Qualified Domain Name (FQDN) will be as per GSLB subdomain that is oracle.demoocvs.xyz.

• frankfurtweb virtual service is assigned public IP 138.2.172.xx.

• ashburnweb virtual service is assigned public IP 129.80.182.xx.

Task 5: Map Public IP with DNS and HTTP Virtual Service Private IP

We have secured the public IP through the OCI portal and set up corresponding DNS entries on both the NSX ALB DNS virtual services in both the Frankfurt and Ashburn regions and on the OCI public zone for demoocvs.xyz. The next step is to map the public IP’s with appropriate private IP for the DNS and HTTP virtual service. To set up mapping, see Learn How to Attach a Public IP to a Guest VM in Oracle Cloud VMware Solution.

• frankfurtdns has public IP 158.101.188.xx and private IP (virtual service IP) 172.28.11.151.

• frankfurtweb has public IP 138.2.172.xx and private IP 172.28.11.152.

After mapping the IP frankfurtweb.oracle.demoocvs.xyz will be reachable over nslookup and from a browser.

Repeat the steps for Ashburn region.

Task 6: Set up GSLB and Connect both the Regions

Both frankfurtweb.oracle.demoocvs.xyz and ashburnweb.oracle.demoocvs.xyz are accessible over the internet and are responding from their respective backend servers.

Now, we need to set up GSLB on the NSX ALB (Avi) controller.

1. Log in to the NSX ALB (Avi) controller on the Frankfurt region, go to Infrastructure, GSLB and click Site Configuration.

   

2. To add Frankfurt region to new GSLB configuration, click Edit and enter the following information.

   • Name: Enter the region name.
   • Username and Password: Enter NSX ALB (Avi) controller credentials.
   • IP Address and Port: Enter IP address and port.
   • GSLB Subdomain: oracle.demoocvs.xyz.

   

3. Select the Client Group IP Address Type as Private and enter the private IP details.

   

4. Click Save and Set DNS Virtual Services, click on the DNS Virtual Service drop-down list, select Frankfurt DNS virtual service, and then click Save.

   

5. Repeat steps 1 to 4 and add the Ashburn region, click Add New Site.

   

6. In the Geo Profile window, click Create and enter the following details.

   • Name: Enter an appropriate name.
   • Under the GeoDB Entries, select the File Name as AviGeoDb.txt.gz and Format as Avi.

   

Task 7: Set up GSLB Service and Access the Website

1. Click Application, GSLB Service, Create, Advanced Setup, enter the following information and click Add Pool.

   • Name: global.
   • Application Name: www.
   • Groups Load Balancing Algorithm: Geo location-based.

   

2. In New GSLB Pool, enter the Name and Pool Members Load Balancing Algorithm as Geo.

   

3. Select the Frankfurt region web service as first pool member. In Pool Member section, enter the following information and click Add GSLB Pool Member.

   • Site Cluster Controller: Select the first pool member as Frankfurt.
   • Virtual Service: frankfurtweb.
   • Public IP(v4/v6) Address: Public IP associated with frankfurtweb virtual service that is 138.2.172.xx.
   • Geo Location Source From Geodb.

   

4. Repeat steps 1 to 3 to add Ashburn web virtual service and click Done to save the configuration.

   

The GSLB service status should change to green.

Acknowledgments

• Author - Vaibhav Tiwari (Cloud VMware Solutions Specialist)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

Configure GSLB to Access an HTTP Virtual Service on Oracle Cloud VMware Solution SDDC through NSX ALB over the Internet

F93339-01

February 2024

Copyright © 2024, Oracle and/or its affiliates.