locked
Two APP V server in Load Balance with Database RRS feed

  • Question

  • Hi,

    I have App V 4.6 SP1,

    I plan to configure high availability to the management server by adding a second management server and configure Load balancing by hardware load balancer,

     

    My question is, Is it to connect both servers to the same SQL database is the Microsoft best practice ? OR there is any other possible scenarios ?

    And is it port 554 is enough to load balance by Hardware load balancer? Or any additional ports are required?   

     

    Also I have another question, for sequencing office 2010,

    I try to sequence office 2010, it is successful published to clients, but it ask the user to activate the office copy ,

    ·I already use office 2010 toolkit for appv, on sequencer and clients use the following CMD to provide the CD key,

    msiexec /i OffVirt.msi 32-bit:ADDLOCAL=Click2runMapi,Click2runOWSSupp,Click2runWDS,OSpp,OSpp_Core PIDKEYS=XXXXX-XXXXX-XXXXX-XXXXX USEROPERATIONS=1 PROPLUS=1

    There is any way to prevent the activation from client side ? , as I use MAK keys (not KMS) , as I found tool VAMT 2.0 but I’m not sure to use it,


    Tamer Tawfik Almoayyed Computers
    Sunday, August 14, 2011 5:36 AM

Answers

  • See these two knowledgebase article which describe networking in App-V:



    This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
    Monday, August 15, 2011 9:52 AM
    Moderator
  • Hi,

    You are correct, I have two local content directories replicating each other using DFS-R. And distributing the OSD/ICO files with HTTP, also load balanced using the same loadbalancer. Within the management console each package points towards the Virtual IP of the loadbalancer. This ensures fail-over if one of the server is down. (remember to set default content path to http://ARecordofVirtualIPofLoadbalancer/)

    Each sever is connected to the same DB, this enables them to use the same configuration and logging information.

    I loadbalanced to complete tcp/ip stack using stick connections. Use a TCP probe on port 554 on each server to verify if service is still active. 

    Greets,

    It might also be possible to enable DFS-Namespace to ensure HA of the share. But i haven't tried this.

    Monday, August 15, 2011 8:44 AM
  • Yes indeed i loadbalanced all tcp/ip ports. I did this because RTSP opens a dynamic higher port on the server side. If you do not load balance the complete stack using sticky connections your loadbalancer needs to look inside the RTSP package to find out the higher port range number for each connection. Using a sticky connection is the easy way.

    The TCP probe is configured to probe TCP port 554 on each server to find out if the server is still alive. If the loadbalancer does not receive a correct response this server is considered offline. And all traffic passes to the other server. 

    As for the ping, this is probably a setting on your LoadBalancer I do get response.

     

    Also i have configured IIS on each server and published using a virtual directory all the OSD and ICO files. So I did not configure \\UNCPath anywhere, SMB is not as easy to configure. The default content share is something like this: http://virtualIPofLoadbalancer/

    In each package: http://virtualIPofLoadbalancer/packagename/packagename.osd and http://virtualIPofLoadbalancer/packagename/packagename.ico

    Tip! Make sure you have entered the OSD mimetype into IIS. 

    The URL you enter in each package should also be possible to surf to using a webbrowser, this way you can test your loadbalancing solution.

    Hope this helps. I can post screenshots monday if you like.

    Greets and have a nice weekend.

     

    p.s. this links are interesting also: http://support.microsoft.com/kb/932017 http://support.microsoft.com/kb/932018
    Friday, August 19, 2011 7:27 PM
  • We will posting an updated KB for this with the next week with regards to the of Microsoft's WLBS/NLB.

    The App-V Management server will need to be configured to run under a service account and each App-V server will need to use the same one. In addition, SPNs for the App-V servers will all need to be registered using that same service account.

    We do recommend DFS for content redundancy.

    You will then need to install and configure the NLB service on each server and create the virtual name for the NLB cluster. You must create a DNS record for this virtual name. For this process follow the below link:
    http://technet.microsoft.com/en-us/library/cc770689(WS.10).aspx
    You can choose to leave all of ports open to the NLB cluster but you can restrict the ports in the NLB to only answer to specific ports if you prefer (for RTSP + Range for RTP and RCP.)

     


    Steve Thomas, SSEE, Microsoft
    App-V/MED-V/SCVMM/SCCM/AppCompat
    http://madvirtualizer.wordpress.com/
    The App-V Team blog: http://blogs.technet.com/appv/
    The MED-V Team Blog: http://blogs.technet.com/medv
    The SCVMM Team blog: http://blogs.technet.com/scvmm/

    “This posting is provided "AS IS" with no warranties, and confers no rights. User assumes all risks.”
    Wednesday, August 31, 2011 6:57 PM

All replies

  • Concerning your loadbalancing questions. Yes it is possible to loadbalance using 2 servers and the same database. This is the way to do it. Only loadbalancing 554 is not enough however, RTSP opens another port in a higher range. I've used sticky connections on my loadbalancer this works perfectly.

     

     

    Monday, August 15, 2011 8:15 AM
  • Hi,

     

    Thanks for reply,

     

    But the case now, I already tried to point the two management server to the same database, but the problem that both servers are pointed to the same content folder as OSD and ICO files,

     

    So in case if this content folder is on SRV1, and this server is down, so there is will get the package will fail, and doesn’t start automatically on the other node, although if you use DFS replication (to get replicated copy from content folder to be on SRV2),

     

    So if SRV1 fail, you have to go manual to each package and redirect the OSD and ICO files to the replicated content folder on SRV2, but I don’t thinks it is the best practice,

     

     

    Also, I tried to get each management server use dedicated SQL database, and it is working fine, and it is automatically failover from node to other, but I’m not sure it is recommended by Microsoft or not, As I think at any time may be the two servers will not updated to each other, as each one using different database, (please clarify that point),

     

     

    And regarding to port, as I understand , I have to load balance port 445 only and enable sticky connections only, OR I have to do more modifications ?


    Tamer Tawfik Almoayyed Computers
    Monday, August 15, 2011 8:36 AM
  • Hi,

    You are correct, I have two local content directories replicating each other using DFS-R. And distributing the OSD/ICO files with HTTP, also load balanced using the same loadbalancer. Within the management console each package points towards the Virtual IP of the loadbalancer. This ensures fail-over if one of the server is down. (remember to set default content path to http://ARecordofVirtualIPofLoadbalancer/)

    Each sever is connected to the same DB, this enables them to use the same configuration and logging information.

    I loadbalanced to complete tcp/ip stack using stick connections. Use a TCP probe on port 554 on each server to verify if service is still active. 

    Greets,

    It might also be possible to enable DFS-Namespace to ensure HA of the share. But i haven't tried this.

    Monday, August 15, 2011 8:44 AM
  • See these two knowledgebase article which describe networking in App-V:



    This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
    Monday, August 15, 2011 9:52 AM
    Moderator
  • HI,

     

    In management console I point the OSD file to \\Load Balancer virual IP\content\*.osd and doing same for ICO file, but when I refresh the package on client, it disappeared and gone ,

     

    Also I configured the default content path to http://ARecordofVirtualIPofLoadbalancer  

     

    I have A record in DNS with the Virtual IP of Load balancer, and Network team configured that virtual IP on load balance appliance,

    But when I ping the virtual name, it resolve the virtual IP, but didn’t reply , is it correct behavior as load balancer configurations?

     

    Please advise,


    Tamer Tawfik Almoayyed Computers
    Monday, August 15, 2011 10:56 AM
  • Hi Luc,

     

    I didn’t get what you mean with ( I loadbalanced to complete tcp/ip stack using stick connections. Use a TCP probe on port 554 on each server to verify if service is still active.)

     

    You mean that ,you load balanced the full TCP/IP ports ? if I wasn’t misunderstand !  

     

    As I used Application virtualization server RTSP 554, so please let me know which ports I have to load balanced more than RTSP 554 port


    Tamer Tawfik Almoayyed Computers
    Thursday, August 18, 2011 10:08 AM
  • Yes indeed i loadbalanced all tcp/ip ports. I did this because RTSP opens a dynamic higher port on the server side. If you do not load balance the complete stack using sticky connections your loadbalancer needs to look inside the RTSP package to find out the higher port range number for each connection. Using a sticky connection is the easy way.

    The TCP probe is configured to probe TCP port 554 on each server to find out if the server is still alive. If the loadbalancer does not receive a correct response this server is considered offline. And all traffic passes to the other server. 

    As for the ping, this is probably a setting on your LoadBalancer I do get response.

     

    Also i have configured IIS on each server and published using a virtual directory all the OSD and ICO files. So I did not configure \\UNCPath anywhere, SMB is not as easy to configure. The default content share is something like this: http://virtualIPofLoadbalancer/

    In each package: http://virtualIPofLoadbalancer/packagename/packagename.osd and http://virtualIPofLoadbalancer/packagename/packagename.ico

    Tip! Make sure you have entered the OSD mimetype into IIS. 

    The URL you enter in each package should also be possible to surf to using a webbrowser, this way you can test your loadbalancing solution.

    Hope this helps. I can post screenshots monday if you like.

    Greets and have a nice weekend.

     

    p.s. this links are interesting also: http://support.microsoft.com/kb/932017 http://support.microsoft.com/kb/932018
    Friday, August 19, 2011 7:27 PM
  • Hi Luc,

     

    Thanks for your reply,

     

    Yes sure you can post all screen shots related to IIS package configuration, and step by step ,for what I have to do to get access of package by iis .


    Tamer Tawfik Almoayyed Computers
    Monday, August 22, 2011 8:49 AM
  • We will posting an updated KB for this with the next week with regards to the of Microsoft's WLBS/NLB.

    The App-V Management server will need to be configured to run under a service account and each App-V server will need to use the same one. In addition, SPNs for the App-V servers will all need to be registered using that same service account.

    We do recommend DFS for content redundancy.

    You will then need to install and configure the NLB service on each server and create the virtual name for the NLB cluster. You must create a DNS record for this virtual name. For this process follow the below link:
    http://technet.microsoft.com/en-us/library/cc770689(WS.10).aspx
    You can choose to leave all of ports open to the NLB cluster but you can restrict the ports in the NLB to only answer to specific ports if you prefer (for RTSP + Range for RTP and RCP.)

     


    Steve Thomas, SSEE, Microsoft
    App-V/MED-V/SCVMM/SCCM/AppCompat
    http://madvirtualizer.wordpress.com/
    The App-V Team blog: http://blogs.technet.com/appv/
    The MED-V Team Blog: http://blogs.technet.com/medv
    The SCVMM Team blog: http://blogs.technet.com/scvmm/

    “This posting is provided "AS IS" with no warranties, and confers no rights. User assumes all risks.”
    Wednesday, August 31, 2011 6:57 PM
  • Hi Steve,

    Why should the management servers run under a service account? I've got a loadbalanced environment working perfectly without the service accounts. Also I used dfs-Replication to replicate the content directory over the different nodes of the cluster. Do not confuse DFS namespace with replication. In the complete setup app-v will not use SMB as a protocol.

    Please advice why to use service accounts and why you do not recommend DFS. 

    Thanks.

    Wednesday, August 31, 2011 8:02 PM
  • The Service Account facilitates the Kerberos auth in the LB scenario. Please note using MSFT's LB scenario is only one option of many.

    Many customers still want to use SMB for ICON/OSD publishing even they are streaming via RTSP or another protocol.

    DFS is great for part of the picture.  Some Load Balancers do not require the specialized SPN configuration. Some administrators are also happy with fallback to NTLM as well, but I would not advise it.


    Steve Thomas, SSEE, Microsoft
    App-V/MED-V/SCVMM/SCCM/AppCompat
    http://madvirtualizer.wordpress.com/
    The App-V Team blog: http://blogs.technet.com/appv/
    The MED-V Team Blog: http://blogs.technet.com/medv
    The SCVMM Team blog: http://blogs.technet.com/scvmm/

    “This posting is provided "AS IS" with no warranties, and confers no rights. User assumes all risks.”
    Wednesday, August 31, 2011 8:10 PM
  • Ok, thnx for the quick answer :) I've used the machine account for the SPN's and also trusted the servers for delegation, this works great. (using Kerberos, not to happy with NTLM also)

    Also http is used for publishing due problems of SMB over the national WAN. http is easier to optimize in a WAN environment. A local streaming is used. 

    I looking forward to the updated KB article. 

    Wednesday, August 31, 2011 8:16 PM
  • HI Luc,

     

    Please share the details for IIS configurations, instead using SMB ! to publish OSD and ICO files,

     

    As end of the day I need to get the default content path is  http://ARecordofVirtualIPofLoadbalancer


    Tamer Tawfik Almoayyed Computers
    Sunday, September 4, 2011 4:25 AM
  • See this article for IIS publishing with App-V: http://blogs.technet.com/b/appv/archive/2010/06/14/a-guide-to-app-v-publishing-and-streaming-using-iis.aspx

    This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
    Sunday, September 4, 2011 8:10 AM
    Moderator
  • Hi All,

     

    I was wondering if anyone faced issue to install DFS replication on the same box (virtual machine) with NLB feature in 2008 R2 SP1,

     

    So with NLB only installed, I can ping NLB virtual name and IP, and also shares accessible by virtual name and IP,

     

    But after installed and configure DFS replication for content folder,  the NLB not reachable by virtual name or IP,

     

    So anyone face issue for combination NLB and DFS,

     

    http://support.microsoft.com/kb/873288   as regarding  to that article, i didn't find any problem in that article as limitation or restriction for pinging and accessing shares ,for NLB and DFS combinations,

    Also it is applied to server 2003, and i have server 2008 R2 SP1


    Best Regards, TT
    Monday, September 26, 2011 8:34 AM
  • Hello,

    I suggest you post this in a Windows server forum and as your own thread. This forum is dedicated for the product Microsoft Application Virtualization
    /Znack
    Monday, September 26, 2011 8:41 AM
  • Hello Znak,

     

    This post related to APP V, with NLB and DFS enabled on same virtual Box !!!


    Best Regards, TT
    Monday, September 26, 2011 8:46 AM
  • Do you have a minimum of 2 NICs?

    This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
    Monday, September 26, 2011 9:29 AM
    Moderator
  • Yes sure, 2 NIC, and using NLB NIC for cluster configurations, also static MAC address is enabled for NBL NIC (as it is VM)


    Best Regards, TT
    Monday, September 26, 2011 9:56 AM