Before you can configure HALB from the Parallels Remote Application Server console, you need to import an appliance with one of the following Hypervisor platforms:
VMware, Hyper-V, or Virtual Box. An appliance is a pre-configured virtual machine (including an operating system and other relevant settings).
Further information regarding hypervisor pre-requisites can be found here.
Stage 1: HALB Appliance Installation and Configuration
The HALB appliance should be imported on a hypervisor running on a machine within the same local network as Remote Application Server. Import the HALB appliance on a supported hypervisor according to the procedure below:
- Download the required HALB package (i.e. either the OVA, VMDK or VHD file) from the website.
- Unzip the VMDK or VHD file, if required.
- Import either the VMDK, OVA, or VHD file from the virtualization platform’s management console.
- Power up (boot) the new appliance.
- Adjust the network settings if necessary and click Apply to continue.
- The Configuration Console is displayed and the HALB appliance is ready to be added to a Remote Application Server farm.
Note: To change the HALB device login credentials, follow the procedure illustrated here based on best practices.
Stage 2: Adding an HALB Appliance from Remote Application Server
After the HALB appliance installation, the appliance has to be configured from a Remote Application Server farm.
Configure the HALB appliance according to the procedure below:
- Log in to the Console.
- Go to Farm > HALB.
- Add Virtual Servers and fill the required information.
- Enter the name of the virtual server, description, public IP, Virtual IP (shared IP). This is the IP that the clients will connect to. This will also be the floating IP used by the HALB appliances.
- For load balancing normal gateway connections, enable the LB Gateway Payload check box.
- For load balancing SSL connections, enable the LB SSL Payload check box.
- On the next screen, enable servers to load balance Gateway Payload and click next.
- On the next screen, enable servers to load balance SSL Payload.
- The mode selected in the Mode drop-down specifies where the SSL decryption process is performed. By default, the SSL connections are tunnelled directly to the gateways (referred to as passthroughs) where the SSL decryption process is performed.
- To set the SSL decryption process to be performed on the HALB appliance, select the SSL Offloading Mode and click Configure. This mode requires an SSL certificate installed on configured HALB appliances.
- From the window illustrated above, upload an SSL certificate to the HALB appliance for SSL offloading. This can be either a self-signed certificate or a certificate obtained from a registered certificate authority.
- (Optional) Tick the option Allow only strong ciphers to only allow the usage of certificates using strong encryption algorithms.
- Select the Accepted SSL Version from the options available in the drop-down.
- Click on certificates dropdown and select the generated certificates.
Alternatively, set up a certificate from a trusted authority according to the instructions below from certificates tab:
- Click on Generate certificate request.
- Fill in the details and click Save to bring up the certificate request window.
- Click Copy to copy the request. This certificate request should be sent to a certificate authority.
- Once you receive the SSL certificate from the certificate authority, click on the Import public key, browse for the certificate file containing the public key, and click Open.
- Click OK to save the settings.
Refer to the article for more information about certificates: SSL Certificate Management - Parallels Knowledge Base
On the next screen Add HALB devices to the virtual server and click on Finish.
- Finally, click Apply for the configuration to be applied to all added HALB appliances.
- Go to HALB Appliance, perform a rescan to pull the settings from the RAS Console.
- Now the HALB appliance will show all the services are in running state and the VIP from the RAS Console.