VMware

NSX Load Balancer Tales

Redirecting VRealize Automation Traffic to Maintenance Page in Two Different Use Cases

In highly available architectures, every service in VRealize Automation (VRA) is behind a load balancer. This ensures that traffic is evenly distributed across multiple servers and helps maintain high availability. However, there may be situations when all the servers in the VRA appliance pool are down, and users need to be redirected to a maintenance page. In this blog post, we will explore two use cases where we need to redirect VRA traffic to a maintenance page. We will also discuss how to implement these use cases using simple application rules in NSX load balancers.

Use Case 1: All Servers in the VRA Appliance Pool are Down

In this use case, we want to redirect users to a maintenance page when all the servers in the VRA appliance pool are down. To achieve this, we need to create an HTTP server that can serve a simple HTML page with a custom index.html file. We will install Apache Apache and enable SSL to serve the page over HTTPS. The URL for the maintenance page should be similar to the VRA login URL, with the difference being the path to the custom index.html file.

To redirect users to the maintenance page, we need to create application rules in NSX load balancers that check the availability of VRA appliances. If there are no servers up and running in the VRA appliance pool, the rule will redirect users to the maintenance page. The application rule is written using HAProxy syntax and checks if there are any servers up and running in the VRA appliance pool using an access control list (ACL). If the pool is down, the ACL becomes true, and the rule redirects users to the maintenance page.

Use Case 2: Scheduled Maintenance

In this use case, we want to restrict access to VRA during scheduled maintenance. To achieve this, we can create an application rule that uses ACL to restrict IPs accessing VRA virtual servers by matching the source IP of the request. The rule will allow only VRA components and management servers to access VRA virtual servers during scheduled maintenance. All other IPs will be redirected to the maintenance page.

Implementation Using Simple Application Rules in NSX Load Balancers

To implement these use cases, we need to create simple application rules in NSX load balancers. These rules are written using HAProxy syntax and manipulate traffic at the load balancer side. Here are the steps to create the application rules:

1. Create an HTTP server that can serve a simple HTML page with a custom index.html file.

2. Install Apache Apache and enable SSL to serve the page over HTTPS.

3. Create an ACL to restrict access to VRA virtual servers during scheduled maintenance.

4. Create application rules in NSX load balancers that check the availability of VRA appliances. If there are no servers up and running in the VRA appliance pool, the rule will redirect users to the maintenance page.

5. Link the application rules to the virtual server of the VRA appliances.

When a user tries to connect to the VRA portal, it will make a request using the virtual IP assigned to the load balancer virtual server. The virtual server has a pool of servers associated with it, and the traffic is directed to the servers based on the application rules. If all the servers in the VRA appliance pool are down, the application rule will redirect users to the maintenance page.

Conclusion

In this blog post, we explored two use cases where we need to redirect VRealize Automation traffic to a maintenance page. We discussed how to implement these use cases using simple application rules in NSX load balancers. By creating an HTTP server that can serve a simple HTML page with a custom index.html file and creating application rules that check the availability of VRA appliances, we can ensure that users are redirected to a maintenance page when all the servers in the VRA appliance pool are down or during scheduled maintenance. Happy patching!