How to Configure NLB for a Service Tier
Updated: May 13, 2016
Applies To: System Center 2012 SP1 - Virtual Machine Manager, System Center 2012 R2 Virtual Machine Manager, System Center 2012 - Virtual Machine Manager
In Virtual Machine Manager (VMM), a service is a set of virtual machines that are configured and deployed together and are managed as a single entity—for example, a deployment of a multi-tier line-of-business application. Use the following procedure to configure Microsoft Network Load Balancing (NLB) for one or more tiers of a service template in VMM. For example, you might configure a load balancer for a Web tier and for a middle business logic tier.
- In service tiers running Linux, NLB cannot be used.
- With VM networks configured with network virtualization, NLB cannot be used.
For both of the previous configurations, hardware load balancing can be used instead, as described in Configuring Load Balancing in VMM Overview.
To support NLB, there are several prerequisites that must be met. These include fabric-related prerequisites, and specific operating system requirements and configuration settings that are required for the virtual machines that you want to load balance.
You must configure a load balancer for a tier before you deploy a service. After you deploy a service, you cannot add a load balancer by updating the service.
Account requirements To configure the fabric prerequisites, you must be an administrator or a delegated administrator. Delegated administrators can only configure the prerequisites that are within the scope of their user role. To add a load balancer to a service template, or to complete the virtual machine template prerequisites, you must be an administrator, a delegated administrator, or a member of a self-service user role that has the Author action in their scope.
Before you begin this procedure, make sure that the following prerequisites are met:
Create a virtual IP (VIP) template for NLB. For more information, see How to Create VIP Templates for Network Load Balancing (NLB).
Create a logical network, with one or more associated network sites. Ensure that the network sites where users will deploy the service have one or more associated IP subnets that you can create static IP address pools from. Also, ensure that you associate each network site with the host group or one of its parent host groups where the service may be deployed.
For more information, see How to Create a Logical Network.
Create static IP address pools that are associated with the network sites where users will deploy the service. The pools must be associated with the network sites where users will deploy the service. The IP address pools must contain a reserved range of virtual IP (VIP) addresses that can be assigned to the load balancer, and a range for the virtual machines that will be placed behind the load balancer.
The addresses for the VIPs and the dedicated IP addresses for the virtual machines can be from the same pool or from different pools. However, the VIP address and the dedicated virtual machine IP addresses must all be in the same subnet.
For more information, see How to Create IP Address Pools.
On each host where the service may be deployed, ensure that a physical network adapter on the host is configured to use the same logical network that the service tier will use. For example, if the tier will use the BACKEND logical network, the BACKEND logical network must be associated with a physical adapter on the host. For more information, see How to Configure Network Settings on a Hyper-V Host.
Virtual Machine Template Prerequisites
When you use the Create VM Template wizard to create a virtual machine template for a service tier that you want to load balance by using NLB, or if you have an existing virtual machine template that you want to use, verify that the following prerequisites are met:
The following table lists only the required settings for NLB. Configure other settings according to your virtual machine requirements. For information about how to create a virtual machine template for a service tier, see How to Create a Virtual Machine Template.
|NLB Requirements||More Information|
|Ensure that the operating system for the virtual hard disk is an appropriate version, as listed under “More information.”||One of the requirements is that you install the NLB feature in the guest operating system. To install features through VMM, for System Center 2012, the guest operating system must be set to Windows Server 2008 R2. Starting with System Center 2012 SP1, the guest operating system must be set to a server operating system no earlier than Windows Server 2008 R2. Note: The NLB feature is included with all editions of Windows Server 2008 R2 except for HPC Edition. It is included with all editions of Windows Server 2012 and Windows Server 2012 R2.|
|Configure the network adapter to use a logical network with static IP address assignment, static MAC addresses, and, depending on the hypervisor that you want to deploy the service to, enable MAC address spoofing.||On the Configure Hardware page of the Create VM Template wizard (or the Hardware Configuration tab in the properties of an existing virtual machine template), click a network adapter, and then do the following: Note: If you are using a hardware profile, configure these settings in the hardware profile.
1. Under Connectivity, click Connected to, and then select the desired logical network that meets the requirements that are outlined in the “Fabric Requirements” section of this topic.
2. Click Static IP (from a static IP pool) to configure the network adapter to use a static IP address. In the IP protocol version list, select the correct IP protocol version, for example, IPv4 only.
3. Under MAC Address, click Static. Important: If you want to deploy the service to a Windows Server 2008 R2-based Hyper-V host (with or without Service Pack 1), you must also enable MAC address spoofing for NLB to work correctly. If you do not, service deployment will fail. However, in System Center 2012 (without Service Pack 1) you cannot use the Enable spoofing of MAC addresses check box in the virtual machine template or the associated hardware profile to configure this setting. Instead, you must use the VMM command shell to configure this setting after you create the template, or in the hardware profile that you use for the template.
To update a virtual machine template, use the following syntax, where VMTemplate01 represents the name of the virtual machine template:
To update a hardware profile, use the following syntax, where HWProfile01 represents the name of the virtual hardware profile:
|Set the administrator password||On the Configure Operating System page of the Create VM Template wizard (or the OS Configuration tab in the properties of an existing virtual machine template), under General Settings, click Admin Password. Either specify the password of the local administrator account or select a Run As account for the local administrator account. Note: If you are using a guest operating system profile, configure the administrator account settings in the profile.|
|Configure the virtual machine to join a domain||On the Configure Operating System page of the Create VM Template wizard (or the OS Configuration tab in the properties of an existing virtual machine template), under Networking, configure the virtual machine to join a domain. This includes the credentials to join the domain. Note: If you are using a guest operating system profile, configure the domain settings in the profile.|
|Enable the Network Load Balancing feature||On the Configure Operating System page of the Create VM Template wizard (or the OS Configuration tab in the properties of an existing virtual machine template), do the following: Note: If you are using a guest operating system profile, configure these settings in the profile.
1. Under Roles and Features, click Features.
2. Select the Network Load Balancing check box.
3. Optionally, under Remote Server Administration Tools, select the Network Load Balancing Tools check box. Network Load Balancing Tools include the Network Load Balancing Manager snap-in, Windows PowerShell tools for managing Network Load Balancing, and the Nlb.exe and Wlbs.exe command-line tools. Important: The NLB tools are not available in a Server Core installation of the Windows Server 2008 R2 operating system or the Windows Server 2012 operating system. Therefore, do not select this option if you are using a Server Core installation, or service deployment will fail. (If you are using a Server Core installation, and you receive a validation error message saying that you must select NLB and the NLB tools feature, make sure that you have the NLB feature selected. You can ignore the part of the warning message about NLB tools as it is not required.)
After you have a virtual machine template that meets the virtual machine template prerequisites, create a service template that uses the virtual machine template. The following procedure assumes you have an existing service template. For information about how to create a service template, see How to Create a Service Template in VMM.
To add an NLB load balancer to a service tier
Open an existing service template that meets the prerequisites that are outlined in the “Virtual Machine Template Prerequisites” section of this topic. To do this, follow these steps:
Open the Library workspace.
In the Library pane, expand Templates, and then click Service Templates.
In the Templates pane, click the service template that you want to open.
On the Service Template tab, in the Actions group, click Open Designer.
The Virtual Machine Manager Service Template Designer opens with the service template displayed.
Click the virtual machine template that represents the tier that you want to load balance. In the virtual machine template details pane, select the This computer tier can be scaled out check box, and configure the number of instances.
On the Home tab, in the Service Template Components group, click Add Load Balancer.
This action is only available if VIP templates are defined in the Fabric workspace. Only a full administrator or delegated administrator can configure VIP templates.
Make sure that the correct VIP template for NLB is selected. To do this, follow these steps:
Click the load balancer object (identifiable by the VIP template name) that is added to the service map.
In the load balancer details, in the Load Balancer VIP Profile list, select a different VIP template if needed.
Verify that the Load Balancer Model field indicates Network Load Balancing (NLB).
Configure the load balancer connection to a virtual network adapter for the service tier.
On the Home tab, in the Tools group, click the Connector tool to select it.
On the service map, click the Server connection object that is associated with the load balancer, and then click a NIC object (for example, click the network adapter for the BACKEND logical network). This connects the load balancer to the network adapter.
Click the NIC object to display its properties in the detail area. Verify that the IPv4 address type, the IPv6 address type, or both types (depending on the logical network configuration) are static, and that the MAC address type is static.
Configure the client connection for the load balancer to use the correct logical network. With the Connector tool still selected, on the service map, click the Client connection object that is associated with the load balancer, and then click a logical network object. For example, click the BACKEND logical network. This connects the load balancer to the logical network.
For NLB deployments, the logical network that is associated with the client connection and the logical network of the NIC that is associated with the server connection in step 5 must be the same.
Save the updated service template settings. On the Home tab, in the Service Template group, click Save and Validate.
When the service is deployed, VMM automatically selects a virtual IP address from the reserved range that is defined in the static IP address pool, and assigns it to the load-balanced service tier. To enable users to connect to the service, the following must occur:
- A full administrator or delegated administrator must determine the virtual IP address that VMM assigned to the load balancer.
- After the virtual IP address is determined, a Domain Name System (DNS) administrator must manually create a DNS entry for the virtual IP address. The DNS entry for the virtual IP address should be the name that users will specify to connect to the service, for example ServiceName.contoso.com.
For more information, see How to Determine the Virtual IP Address for a Service.