High availability load balancing (HALB) in Parallels RAS is a functionality that load balances RAS Secure Gateways. The load balancer is built into a Parallels HALB appliance, which is a preconfigured virtual machine with the operating system installed and all relevant settings configured.
HALB is deployed in Parallels RAS on a Site level. You can have multiple HALB configurations per one RAS Site, which are called Virtual Servers. Each Virtual Server has its own IP address (called Virtual IP or VIP) and is assigned one or more HALB appliances (also called HALB devices in the Virtual Server context) that perform the actual load balancing. An HALB Virtual Server is a virtual representation of HALB devices. It provides traffic distribution to HALB devices when they are properly configured. Since the IP address of a specific Virtual Server is the single point of contact for the client software, it is recommended to have at least two HALB devices per Virtual Server for redundancy. Multiple HALB devices assigned to a Virtual Server can run simultaneously, one acting as the primary and others as secondary. The more HALB devices a Virtual Server has, the lower the probability that end users will experience downtime. The Virtual Server is assigned the IP address of the primary HALB device, which is shared with secondary HALB devices. Should the primary HALB device fail, a secondary is promoted to primary and takes its place using the same IP address for client connections.
Setting up High Availability Load Balancing consists of the following steps:
Deploying one or more Parallels HALB appliances (devices).
Configuring one or more Virtual Servers in the RAS Console.
Deploying a Parallels HALB appliance
1. To download a Parallels HALB appliance, visit Download Links .
There are several available formats:
- HALB Appliance OVA
- HALB Appliance VHD
- HALB Appliance VMDK
The appliance type that you need to download depends on the hypervisor that you are using. The Parallels HALB appliance is available for the following hypervisors:
- Microsoft Hyper-V
Please note that other hypervisors may also be used, but support is provided as best effort. The Parallels RAS HALB appliance uses the Open Virtualization Platform (OVA) format, which is natively supported by various hypervisor.
2. Creating a Virtual Machine
For VMware, the appliance can be imported with either the OVA or zipped VMDK appliance file. If deployed via the OVA file, the VM is created already configured.
Alternatively, deployment via the VMDK file deploys the VM without preconfigured specifications. The minimum specifications for this VM are outlined below:
- Single-core CPU (multiple cores are not supported)
- 256 MB RAM
- One network card
For Microsoft Hyper-V, create a new Virtual machine with minimal required resources and attach a VHD to IDE Controller of it.
3. HALB device first boot configuration
- Choose DHCP or StaticIP type (in this KB Static will be used)
- Specify network parameters
- Optionally, mailbox notification could be configured
- HALB device is ready to be configured from the RAS Console
- Advanced menu contains the following:
- Networking - reconfigure network parameters of this device
- Rescan - rescan the Appliance services state, since there aren't refresh automatically
- Reset - used to reset the exsited Applicance config due to glitch or adding it to a different HALB virtual server.
Adding a HALB Virtual Server
To add a HALB virtual server:
- In the RAS console, navigate to Farm > <Site> > HALB.
- On the Virtual Servers tab in the right pane, click Tasks > Add. The HALB Configuration wizard opens.
- Make sure the Enable HALB option is selected.
- Type a name for this virtual server and an optional description.
- In the Public address field, type a public FQDN or IP addresses of this server. This is used by the Preferred routing functionality for redirecting client connections.
- In the Virtual IP section, specify the virtual IP address properties which will be used for incoming client connections by a HALB device that you will assign to this Virtual Server later.
- In the Settings section, select one or more of the following options. Note that at least one "LB" option must be selected. If you skip an option at this time, you can add it later in the virtual server properties dialog:
- LB Gateway Payload: Enables load balancing of normal (unsecured) gateway connections.
- LB SSL Payload: Enables load balancing of SSL connections.
- Client Management: Enables management of Windows client devices connected through HALB.
- Click Next.
Configure load balancing Non-SSL connections:
- Set the port number used by HALB devices to forward traffic to RAS Secure Gateways. The port is configured on a gateway. The default port is 80.
- In the Gateways list, select a RAS Secure Gateway to be load balanced. Please note that only one IP address per gateway can be used. If you have more than one entry for the same gateway with different IP addresses, you can select just one
Configure load balancing for SSL connections:
- Set the port number used by HALB devices to forward SSL traffic to RAS Secure Gateways. The port is configured on a gateway. The default port is 443.
- Select the SSL mode from Passthrough or SSL Offloading. By default, SSL connections are tunneled directly to gateways (referred to as Passthrough) where the SSL decryption process is performed.
The SSL Offloading mode requires an SSL certificate to be assigned to HALB. When you select it, click Configure and specify the following:
- Accepted SSL Version: Select an SSL version.
- Cipher Strength: Select the cipher strength of your choice. To specify a custom cipher, select Custom and then specify the cipher in the Cipher field.
- The Use ciphers according to server preference option is ON by default. You can use client preferences by disabling this option.
- Certificates: Select a desired certificate. For the information on how to create a new certificate and make it appear in this list.
The <All matching usage> option will use any certificate configured to be used by HALB.
When you create a certificate, you specify the "Usage" property where you can select "Gateway", "HALB", or both. If this property has the "HALB" option selected, it can be used with HALB. Please note that if you select this option, but not a single certificate matching it exists, you will see a warning and will have to create a certificate first.
Select a gateway to be load balanced. Note that only one IP address per gateway can be used.
Configure Windows client device management, select a gateway that will manage Windows client devices. Note that only one IP address per gateway can be used.
To assign HALB devices to the Virtual Server:
- Click Tasks > Add and select or specify a HALB device. If you haven't deployed any HALB devices (appliances) yet, you can still save the Virtual Server configuration and assign HALB devices to it later. At least two HALB devices are recommended per Virtual Server. HALB device priority is set by positioning a device in the list. The device at the top is the primary HALB device. Devices under it are secondary HALB devices. To promote a device to primary, simply move it to the top of the list.
- The appliance which was configured earlier, appeared due to auto-discover feature of RAS Console. If there is no appliance, please enter IP address manually.
- After adding the appliance, RAS Console will configure automatically.
- HALB device status OK, it's also possible to delete it and refresh list (RAS Console will ping an appliance to check the status)
Finally, click Finish to save the Virtual Server settings and close the wizard. The new virtual server will appear in the list in the RAS Console and ready to use.