Note:

Configure HTTP Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for Internal Users

Introduction

In this series, we have covered the deployment and configuration of NSX Advanced Load Balancer (formerly known as Avi Networks) controllers, along with the set up of a DNS virtual service.

This is the fourth tutorial and focuses on the deployment of an HTTP virtual service on the NSX Advanced Load Balancer (NSX ALB) within the Oracle Cloud VMware Solution Software-Defined Data Center (SDDC).

RackWare RMM BYOL

Objectives

Prerequisites

Task 1: Verify a Web Server Accessibility

We have deployed three Nginx web servers connected to Oracle Cloud VMware Solution NSX-T overlay web segment. The servers are reachable directly via their IP address.

RackWare RMM BYOL

RackWare RMM BYOL

Task 2: Deploy HTTP Virtual Service

For the web servers, we will deploy HTTP virtual service. After deploying the HTTP virtual service, web servers will be accessible in a round robin method.

  1. Log in to the NSX ALB (Avi) controller portal, navigate to Applications, Virtual Services, Create Virtual Service and click Advanced Setup.

    RackWare RMM BYOL

  2. In the Select Cloud window, select NSX-T as Cloud connector and click Next.

  3. Enter the Virtual Service Name and select the Application Profile as System-HTTP.

  4. Click on the VS VIP drop-down list, Create VS VIP and select Tier1 Logical Router as Tier-1.

    RackWare RMM BYOL

  5. In the VIP window, click Add. Keep the default options and enter avi-vs as VIP Address Allocation Network, the associated CIDR block as IPv4 Subnet and then click Save.

    RackWare RMM BYOL

  6. In the DNS section, click Add and keep the default configurations and then click Save. We are publishing HTTP virtual service with the Application Domain name nginx. Click Save again on the VS-VIP window.

    RackWare RMM BYOL

  7. In the Pool section, click on the Pool drop-down list and then Create Pool.

    RackWare RMM BYOL

  8. Keep other details as default and select the Load Balance Algorithm as Round Robin.

    RackWare RMM BYOL

  9. Select Tier1 Logical Router as Tier-1. Scroll down and add the backend nginx web servers via IP address.

    RackWare RMM BYOL

  10. In Health Monitor section, click Add and select Name as System-HTTP. Click Save and then Next.

    RackWare RMM BYOL

  11. In the Analytics section, select Log all headers and update non-significant log duration to 0 to keep all the non-significant logs and then click Next to finish the wizard.

    RackWare RMM BYOL

After this nginx virtual service should report healthy status.

RackWare RMM BYOL

Task 3: Verify DNS Records

After creating HTTP virtual service, the web servers should be accessible over virtual service IP address. Within a couple of minutes the DNS entry for the HTTP virtual service should automatically get created. To verify the DNS entry for the HTTP virtual service, follow these steps:

Navigate to Application, DNS Virtual Service and click DNS Records. We should see the DNS entries mapped against their respective virtual services.

RackWare RMM BYOL

Task 4: Set up DNS forwarder to access HTTP Virtual Service via Domain Name

The virtual service is in green or available state and it is accessible over IP address. It is currently not accessible via domain name as we need to point the corporate DNS server to 172.24.10.101 (DNS virtual service IP) for domain demoocvs.xyz.

If we manually try to resolve the URL to point to the DNS virtual service IP, it should work as the DNS virtual service holds the DNS records.

RackWare RMM BYOL

  1. Set up DNS forwarding from the Oracle Cloud VMware Solution VCN

    To establish connectivity from Oracle Cloud VMware Solution NSX-T overlay segment to OCI VCN subnet, see Connecting an SDDC to Other Resources in the VCN.

    1. Log in to the OCI tenancy, navigate to Networking, Virtual Cloud Networks, click the appropriate VCN and then DNS resolver.

    2. Click Endpoints, Create Endpoints and enter the following information.

      • Name: Enter name as forwarder.
      • Endpoints: select endpoint as Forwarding.
      • Select the Oracle Cloud VMware Solution provisioning subnet.

    3. Click Rules and Manage rules.

      RackWare RMM BYOL

    This will enable communication from OCI instances to NSX ALB virtual service hosted domain.

    RackWare RMM BYOL

  2. Set up Name Resolution from VM’s residing on the Oracle Cloud VMware Solution NSX-T Overlay Segment

    To set up DNS service IP on NSX-T and create a Fully Qualified Domain Name (FQDN) DNS Zone to create a forwarder, see Enable DNS resolution for public URLs from Oracle Cloud VMware Solution NSX-T Overlay Segment.

    This will set up the connectivity via domain name.

    RackWare RMM BYOL

  3. Set up Name Resolution from On-premises Data Center

    To establish connectivity from on-premises network to the NSX-T overlay segment using Oracle Cloud VMware Solution wizard, see Connecting an SDDC to an On-premises Network.

    Enable Conditional Forwarders on the on-premises DNS server. This should enable access to the Avi domain from on-premises network.

    RackWare RMM BYOL

Next Steps

To configure HTTP virtual service on the NSX ALB on Oracle Cloud VMware Solution for internet based access, see Tutorial 5: Configure HTTP Virtual service on the NSX Advanced Load Balancer (Avi)on Oracle Cloud VMware Solution for Internet-based access.

Acknowledgments

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.