How to Configure NLB for a Service Tier（如何为服务层配置 NLB）

发布日期： 2016年7月

适用于： System Center 2012 SP1 - Virtual Machine Manager,System Center 2012 R2 Virtual Machine Manager,System Center 2012 - Virtual Machine Manager

<_caps3a_sxs _xmlns3a_caps="https://schemas.microsoft.com/build/caps/2013/11"><_caps3a_sxstarget locale="zh-CN">在 Virtual Machine Manager (VMM) 中，服务是一组一起配置和部署、并作为单个实体进行管理的虚拟机，例如，多层业务线应用程序的部署。 在 VMM 中使用以下过程为服务模板的一层或多层配置 Microsoft 网络负载平衡 (NLB)。 例如，你可以配置用于 Web 层和中间业务逻辑层的负载平衡器。在运行 Linux 的服务层中，不能使用 NLB。在配置有网络虚拟化的 VM 网络中，不能使用 NLB。对于以上这两种配置，可改为使用硬件负载平衡，如Configuring Load Balancing in Virtual Machine Manager Overview中所述。要支持 NLB，必须满足几个先决条件。 其中包括与构造相关的先决条件、特定操作系统要求以及要进行负载平衡的虚拟机所需的配置设置。在部署服务之前，必须为层配置负载平衡器。 部署服务后，你不能通过更新服务来添加负载平衡器。帐户要求 要配置构造先决条件，你必须是管理员或委派的管理员。 委派的管理员只能配置其用户角色作用域内的先决条件。 要将负载平衡器添加到服务模板，或要满足虚拟机模板系统先决条件，你必须是管理员、委派的管理员或者是作用域中具有创作操作的自助服务用户角色成员。构造先决条件在开始此过程之前，请确保满足以下先决条件：为 NLB 创建虚拟 IP (VIP) 模板。 有关详细信息，请参阅How to Create VIP Templates for Network Load Balancing (NLB)（如何创建用于网络负载平衡 (NLB) 的 VIP 模板）https://go.microsoft.com/fwlink/p/?LinkID=221547。创建包含一个或多个网络站点的逻辑网络。 确保用户将在其中部署服务的网络站点具有一个或多个关联的 IP 子网（你可以从这些子网创建静态 IP 地址池）。 此外，请确保将每个网络站点与可能会在其中部署服务的主机组或其父主机组之一相关联。有关详细信息，请参阅How to Create a Logical Network（如何创建逻辑网络）https://go.microsoft.com/fwlink/p/?LinkID=212420。创建与用户将在其中部署服务的网络站点相关联的静态 IP 地址池。 这些池必须与用户将在其中部署服务的网络站点相关联。 IP 地址池必须包含可分配给负载平衡器的一个虚拟 IP (VIP) 地址保留范围，以及一个将放置在负载平衡器后面的虚拟机范围。VIP 的地址以及虚拟机专用 IP 地址可来自于相同池或不同池。 但是，VIP 地址和专用虚拟机 IP 地址必须位于同一子网内。有关详细信息，请参阅How to Create IP Address Pools（如何创建 IP 地址池）https://go.microsoft.com/fwlink/p/?LinkID=212422。在可能会部署服务的每个主机上，确保主机上的物理网络适配器被配置为将由服务层使用的同一逻辑网络。 例如，如果该层将使用后端逻辑网络, 则后端逻辑网络必须与主机上的物理适配器相关联。 有关详细信息，请参阅How to Configure Network Settings on a Hyper-V Host（如何在 Hyper-V 主机上配置网络设置）https://go.microsoft.com/fwlink/p/?LinkID=212537。虚拟机模板先决条件当你使用“创建 VM 模板向导”为要通过 NLB 进行负载平衡的服务层创建虚拟机模板时，或当你具有要使用的现有虚拟机模板时，请验证是否满足以下先决条件：下表仅列出了 NLB 所需的设置。 根据你的虚拟机要求配置其他设置。 有关如何为服务层创建虚拟机模板的信息，请参阅How to Create a Virtual Machine Template。NLB 要求更多信息确保虚拟硬盘的操作系统是适当的版本，如下面的“详细信息”中所列。其中一个要求是在来宾操作系统中安装 NLB 功能。 对于 VMM，要通过 System Center 2012 安装功能，必须将来宾操作系统设置为 Windows Server 2008 R2。 从 System Center 2012 SP1 开始，必须将来宾操作系统设置为不早于 Windows Server 2008 R2 的服务器操作系统。NLB 功能包含在除 HPC Edition 外的所有 Windows Server 2008 R2 版本中。 它在所有版本的 Windows Server 2012 和 Windows Server 2012 R2 中提供。将网络适配器配置为使用具有静态 IP 地址分配、静态 MAC 地址的逻辑网络，并启用 MAC 地址欺骗（具体取决于要将服务部署到的虚拟机监控程序）。在“创建 VM 模板”向导的“配置硬件”页上（或现有虚拟机模板属性中的“硬件配置”选项卡上），单击网络适配器，然后执行以下操作：如果使用硬件配置文件，请在硬件配置文件中配置这些设置。在“连接”下，单击“已连接到”，然后选择满足本主题“构造要求”部分所述要求的所需逻辑网络。单击“静态 IP (来自静态 IP 池)”将网络适配器配置为使用静态 IP 地址。 在“IP 协议版本”列表中，选择正确的 IP 协议版本，例如“仅 IPv4”。在“MAC 地址”下，单击“静态”。如果要将服务部署到基于 Windows Server 2008 R2 的 Hyper-V 主机（带有或不带 Service Pack 1），则还必须为 NLB 启用 MAC 地址欺骗，才能正常工作。 否则，服务部署将失败。 但是，在（不带 Service Pack 1 的）System Center 2012 中，不能使用虚拟机模板中的“启用 MAC 地址欺骗”复选框或相关联的硬件配置文件来配置此设置。 在创建模板后，你必须使用 VMM 命令行界面配置此设置，或在用于模板的硬件配置文件中进行配置。要更新虚拟机模板，请使用以下语法，其中 VMTemplate01 表示虚拟机模板的名称：PS C:\> $VMTemplate = Get-SCVMTemplate -Name "VMTemplate01" PS C:\> $VirtNetworkAdapter = Get-SCVirtualNetworkAdapter -VMTemplate $VMTemplate PS C:\> Set-SCVirtualNetworkAdapter -VirtualNetworkAdapter $VirtNetworkAdapter -EnableMACAddressSpoofing $True要更新硬件配置文件，请使用以下语法，其中 HWProfile01 表示虚拟硬件配置文件的名称：PS C:\> $HWProfile = Get-SCHardwareProfile | where { $_.Name -eq "HWProfile01" } PS C:\> $VirtNetworkAdapter = Get-SCVirtualNetworkAdapter -HardwareProfile $HWProfile PS C:\> Set-SCVirtualNetworkAdapter -VirtualNetworkAdapter $VirtNetworkAdapter -EnableMACAddressSpoofing $True不为虚拟机模板或关联硬件配置文件（用于向具有基于 Service Pack 2 的 Hyper-V 主机、Citrix XenServer 主机或 VMware ESX 主机的 Windows Server 2008 部署服务）启用 MAC 地址欺骗。设置管理员密码在“创建 VM 模板向导”的“配置操作系统”页上（或现有虚拟机模板的属性的“OS 配置”选项卡中），在“常规设置”下，单击“管理员密码”。 指定本地管理员帐户的密码，或为本地管理员帐户选择运行方式帐户。如果你使用来宾操作系统配置文件，请在配置文件中配置管理员帐户设置。配置虚拟机以加入域在“创建 VM 模板向导”的“配置操作系统”页上（或现有虚拟机模板的属性的“OS 配置”选项卡中），在“网络”下，配置虚拟机以加入域。 这包括用于加入域的凭据。如果你使用来宾操作系统配置文件，请在配置文件中配置域设置。启用网络负载平衡功能在“创建 VM 模板向导”的“配置操作系统”页上（或现有虚拟机模板的属性的“OS 配置”选项卡中），执行以下操作：如果你使用来宾操作系统配置文件，请在配置文件中配置这些设置。在“角色和功能”下，单击“功能”。选中“网络负载平衡”复选框。（可选）在“远程服务器管理工具”下，选中“网络负载平衡工具”复选框。 网络负载平衡工具包括“网络负载平衡管理器”管理单元、用于管理网络负载平衡的 Windows PowerShell 工具以及 Nlb.exe 和 Wlbs.exe 命令行工具。Windows Server 2008 R2 操作系统或 Windows Server 2012 操作系统的服务器核心安装中未提供 NLB 工具。 因此，如果你使用服务器核心安装，请不要选择此选项，否则服务部署将失败。 （如果你使用服务器核心安装，并收到指出必须选择 NLB 和 NLB 工具功能的验证错误消息，请确保你已选择 NLB 功能。 可以忽略有关 NLB 工具的警告消息部分，因为这不是必需的。）在虚拟机模板满足虚拟机模板先决条件后，创建将使用虚拟机模板的服务模板。 以下过程假定你具有现有服务模板。 有关如何创建服务模板的信息，请参阅How to Create a Service Template。将 NLB 负载平衡器添加到服务层打开一个满足本主题的“虚拟机模板先决条件”部分中所述先决条件的现有服务模板。 为此，请执行以下步骤：打开“库”工作区。在“库”窗格中，展开“模板”，然后单击“服务模板”。在“模板”窗格中，单击要打开的服务模板。在“服务模板”选项卡上的“操作”组中，单击“打开设计器”。“Virtual Machine Manager 服务模板设计器”将打开，其中将显示服务模板。单击用于表示要进行负载平衡的层的虚拟机模板。 在虚拟机模板详细信息窗格中，选中“可以横向扩展此计算机层”复选框，并配置实例数目。在“主页”选项卡上的“服务模板组件”组中，单击“添加负载平衡器”。仅当在“构造”工作区中定义了 VIP 模板时，在此操作才可用。 仅具有完整权限的管理员或委派的管理员才可以配置 VIP 模板。确保为 NLB 选择正确的 VIP 模板。 为此，请执行以下步骤：单击已添加到服务映射的负载平衡器对象（可通过 VIP 模板名称识别） 。在负载平衡器详细信息中，在“负载平衡器 VIP 配置文件”列表中根据需要选择不同的 VIP 模板。验证“负载平衡器型号”字段是否显示“网络负载平衡 (NLB)”。为服务层配置负载平衡器与虚拟网络适配器的连接。在“主页”选项卡上的“工具”组中，单击“连接器”工具以将其选中。在服务映射中，单击与负载平衡器关联的“服务器连接”对象，然后单击“NIC”对象（例如，单击后端逻辑网络的网络适配器）。 会将负载平衡器连接到网络适配器。单击“NIC”对象以在详细信息区域中显示其属性。 验证 IPv4 地址类型、IPv6 地址类型或这两种类型（具体取决于逻辑网络配置）是否为静态的，以及 MAC 地址类型是否为静态的。为负载平衡器配置客户端连接以使用正确的逻辑网络。 在“连接器”工具仍处于选中状态的情况下，在服务映射上单击与负载平衡器关联的“客户端连接”对象，然后单击逻辑网络对象。 例如，单击后端逻辑网络。 会将负载平衡器连接到逻辑网络。对于 NLB 部署，与客户端连接关联的逻辑网络和与步骤 5 中的服务器连接关联的 NIC 的逻辑网络必须相同。保存已更新的服务模板设置。 在“主页”选项卡上的“服务模板”组中，单击“保存并验证”。部署服务后，VMM 从静态 IP 地址池中定义的保留范围中自动选择虚拟 IP 地址，并将其分配给负载平衡服务层。 要使用户能够连接到服务，必须执行以下操作：具有完整权限的管理员或委派的管理员必须确定 VMM 已分配给负载平衡器的虚拟 IP 地址。确定虚拟 IP 地址后，域名系统 (DNS) 管理员必须手动创建虚拟 IP 地址的 DNS 条目。 虚拟 IP 地址的 DNS 条目应是用户将指定以连接到服务的名称，例如 ServiceName.contoso.com。有关详细信息，请参阅 How to Determine the Virtual IP Address for a Service。How to Add Networking Components to a Service Template How to Configure a Hardware Load Balancer for a Service Tier How to Deploy a Service <_caps3a_sxssource locale="en-US">In Virtual Machine Manager (VMM), a service is a set of virtual machines that are configured and deployed together and are managed as a single entity—for example, a deployment of a multi-tier line-of-business application. Use the following procedure to configure Microsoft Network Load Balancing (NLB) for one or more tiers of a service template in VMM. For example, you might configure a load balancer for a Web tier and for a middle business logic tier.In service tiers running Linux, NLB cannot be used.With VM networks configured with network virtualization, NLB cannot be used.For both of the previous configurations, hardware load balancing can be used instead, as described in Configuring Load Balancing in Virtual Machine Manager Overview.To support NLB, there are several prerequisites that must be met. These include fabric-related prerequisites, and specific operating system requirements and configuration settings that are required for the virtual machines that you want to load balance.You must configure a load balancer for a tier before you deploy a service. After you deploy a service, you cannot add a load balancer by updating the service.Account requirements To configure the fabric prerequisites, you must be an administrator or a delegated administrator. Delegated administrators can only configure the prerequisites that are within the scope of their user role. To add a load balancer to a service template, or to complete the virtual machine template prerequisites, you must be an administrator, a delegated administrator, or a member of a self-service user role that has the Author action in their scope.Fabric PrerequisitesBefore you begin this procedure, make sure that the following prerequisites are met:Create a virtual IP (VIP) template for NLB. For more information, see How to Create VIP Templates for Network Load Balancing (NLB)https://go.microsoft.com/fwlink/p/?LinkID=221547.Create a logical network, with one or more associated network sites. Ensure that the network sites where users will deploy the service have one or more associated IP subnets that you can create static IP address pools from. Also, ensure that you associate each network site with the host group or one of its parent host groups where the service may be deployed.For more information, see How to Create a Logical Networkhttps://go.microsoft.com/fwlink/p/?LinkID=212420.Create static IP address pools that are associated with the network sites where users will deploy the service. The pools must be associated with the network sites where users will deploy the service. The IP address pools must contain a reserved range of virtual IP (VIP) addresses that can be assigned to the load balancer, and a range for the virtual machines that will be placed behind the load balancer.The addresses for the VIPs and the dedicated IP addresses for the virtual machines can be from the same pool or from different pools. However, the VIP address and the dedicated virtual machine IP addresses must all be in the same subnet.For more information, see How to Create IP Address Poolshttps://go.microsoft.com/fwlink/p/?LinkID=212422.On each host where the service may be deployed, ensure that a physical network adapter on the host is configured to use the same logical network that the service tier will use. For example, if the tier will use the BACKEND logical network, the BACKEND logical network must be associated with a physical adapter on the host. For more information, see How to Configure Network Settings on a Hyper-V Hosthttps://go.microsoft.com/fwlink/p/?LinkID=212537.Virtual Machine Template PrerequisitesWhen you use the Create VM Template wizard to create a virtual machine template for a service tier that you want to load balance by using NLB, or if you have an existing virtual machine template that you want to use, verify that the following prerequisites are met:The following table lists only the required settings for NLB. Configure other settings according to your virtual machine requirements. For information about how to create a virtual machine template for a service tier, see How to Create a Virtual Machine Template.NLB RequirementsMore InformationEnsure that the operating system for the virtual hard disk is an appropriate version, as listed under “More information.”One of the requirements is that you install the NLB feature in the guest operating system. To install features through VMM, for System Center 2012, the guest operating system must be set to Windows Server 2008 R2. Starting with System Center 2012 SP1, the guest operating system must be set to a server operating system no earlier than Windows Server 2008 R2.The NLB feature is included with all editions of Windows Server 2008 R2 except for HPC Edition. It is included with all editions of Windows Server 2012 and Windows Server 2012 R2.Configure the network adapter to use a logical network with static IP address assignment, static MAC addresses, and, depending on the hypervisor that you want to deploy the service to, enable MAC address spoofing.On the Configure Hardware page of the Create VM Template wizard (or the Hardware Configuration tab in the properties of an existing virtual machine template), click a network adapter, and then do the following:If you are using a hardware profile, configure these settings in the hardware profile.Under Connectivity, click Connected to, and then select the desired logical network that meets the requirements that are outlined in the “Fabric Requirements” section of this topic.Click Static IP (from a static IP pool) to configure the network adapter to use a static IP address. In the IP protocol version list, select the correct IP protocol version, for example, IPv4 only.Under MAC Address, click Static.If you want to deploy the service to a Windows Server 2008 R2-based Hyper-V host (with or without Service Pack 1), you must also enable MAC address spoofing for NLB to work correctly. If you do not, service deployment will fail. However, in System Center 2012 (without Service Pack 1) you cannot use the Enable spoofing of MAC addresses check box in the virtual machine template or the associated hardware profile to configure this setting. Instead, you must use the VMM command shell to configure this setting after you create the template, or in the hardware profile that you use for the template.To update a virtual machine template, use the following syntax, where VMTemplate01 represents the name of the virtual machine template:PS C:\> $VMTemplate = Get-SCVMTemplate -Name "VMTemplate01" PS C:\> $VirtNetworkAdapter = Get-SCVirtualNetworkAdapter -VMTemplate $VMTemplate PS C:\> Set-SCVirtualNetworkAdapter -VirtualNetworkAdapter $VirtNetworkAdapter -EnableMACAddressSpoofing $TrueTo update a hardware profile, use the following syntax, where HWProfile01 represents the name of the virtual hardware profile:PS C:\> $HWProfile = Get-SCHardwareProfile | where { $_.Name -eq "HWProfile01" } PS C:\> $VirtNetworkAdapter = Get-SCVirtualNetworkAdapter -HardwareProfile $HWProfile PS C:\> Set-SCVirtualNetworkAdapter -VirtualNetworkAdapter $VirtNetworkAdapter -EnableMACAddressSpoofing $TrueDo not enable MAC address spoofing for a virtual machine template or an associated hardware profile that will be used to deploy a service to a Windows Server 2008 with Service Pack 2-based Hyper-V host, a Citrix XenServer host, or a VMware ESX host.Set the administrator passwordOn the Configure Operating System page of the Create VM Template wizard (or the OS Configuration tab in the properties of an existing virtual machine template), under General Settings, click Admin Password. Either specify the password of the local administrator account or select a Run As account for the local administrator account.If you are using a guest operating system profile, configure the administrator account settings in the profile.Configure the virtual machine to join a domainOn the Configure Operating System page of the Create VM Template wizard (or the OS Configuration tab in the properties of an existing virtual machine template), under Networking, configure the virtual machine to join a domain. This includes the credentials to join the domain.If you are using a guest operating system profile, configure the domain settings in the profile.Enable the Network Load Balancing featureOn the Configure Operating System page of the Create VM Template wizard (or the OS Configuration tab in the properties of an existing virtual machine template), do the following:If you are using a guest operating system profile, configure these settings in the profile.Under Roles and Features, click Features.Select the Network Load Balancing check box.Optionally, under Remote Server Administration Tools, select the Network Load Balancing Tools check box. Network Load Balancing Tools include the Network Load Balancing Manager snap-in, Windows PowerShell tools for managing Network Load Balancing, and the Nlb.exe and Wlbs.exe command-line tools.The NLB tools are not available in a Server Core installation of the Windows Server 2008 R2 operating system or the Windows Server 2012 operating system. Therefore, do not select this option if you are using a Server Core installation, or service deployment will fail. (If you are using a Server Core installation, and you receive a validation error message saying that you must select NLB and the NLB tools feature, make sure that you have the NLB feature selected. You can ignore the part of the warning message about NLB tools as it is not required.)After you have a virtual machine template that meets the virtual machine template prerequisites, create a service template that uses the virtual machine template. The following procedure assumes you have an existing service template. For information about how to create a service template, see How to Create a Service Template.To add an NLB load balancer to a service tierOpen an existing service template that meets the prerequisites that are outlined in the “Virtual Machine Template Prerequisites” section of this topic. To do this, follow these steps:Open the Library workspace.In the Library pane, expand Templates, and then click Service Templates.In the Templates pane, click the service template that you want to open.On the Service Template tab, in the Actions group, click Open Designer.The Virtual Machine Manager Service Template Designer opens with the service template displayed.Click the virtual machine template that represents the tier that you want to load balance. In the virtual machine template details pane, select the This computer tier can be scaled out check box, and configure the number of instances.On the Home tab, in the Service Template Components group, click Add Load Balancer.This action is only available if VIP templates are defined in the Fabric workspace. Only a full administrator or delegated administrator can configure VIP templates.Make sure that the correct VIP template for NLB is selected. To do this, follow these steps:Click the load balancer object (identifiable by the VIP template name) that is added to the service map.In the load balancer details, in the Load Balancer VIP Profile list, select a different VIP template if needed.Verify that the Load Balancer Model field indicates Network Load Balancing (NLB).Configure the load balancer connection to a virtual network adapter for the service tier.On the Home tab, in the Tools group, click the Connector tool to select it.On the service map, click the Server connection object that is associated with the load balancer, and then click a NIC object (for example, click the network adapter for the BACKEND logical network). This connects the load balancer to the network adapter.Click the NIC object to display its properties in the detail area. Verify that the IPv4 address type, the IPv6 address type, or both types (depending on the logical network configuration) are static, and that the MAC address type is static.Configure the client connection for the load balancer to use the correct logical network. With the Connector tool still selected, on the service map, click the Client connection object that is associated with the load balancer, and then click a logical network object. For example, click the BACKEND logical network. This connects the load balancer to the logical network.For NLB deployments, the logical network that is associated with the client connection and the logical network of the NIC that is associated with the server connection in step 5 must be the same.Save the updated service template settings. On the Home tab, in the Service Template group, click Save and Validate.When the service is deployed, VMM automatically selects a virtual IP address from the reserved range that is defined in the static IP address pool, and assigns it to the load-balanced service tier. To enable users to connect to the service, the following must occur:A full administrator or delegated administrator must determine the virtual IP address that VMM assigned to the load balancer.After the virtual IP address is determined, a Domain Name System (DNS) administrator must manually create a DNS entry for the virtual IP address. The DNS entry for the virtual IP address should be the name that users will specify to connect to the service, for example ServiceName.contoso.com.For more information, see How to Determine the Virtual IP Address for a Service.How to Add Networking Components to a Service Template How to Configure a Hardware Load Balancer for a Service Tier How to Deploy a Service