The Smartcrypt Manager supports being used in a network load balancer. This configuration will allow the Smartcrypt Manager to handle more load as the web traffic is evenly distributed to each of the Smartcrypt Manager instances. To successfully deploy a load balanced environment, addition software and system(s) configuration is required.
Network Load Balance Setup
- Several Windows servers on which the Smartcrypt Manager will be installed.
- Each system needs a distinct hostname and two network interfaces, each with a static IP address.
- An extra IP address not used by any server, and a public hostname which your clients will use.
Instructions on Setup
- Set up all Windows servers to run the Smartcrypt Manager, following the installation instructions.
- Install the Network Load Balancing feature on each server.
- Install Network Load Balancing Tools on each server.
- Run "
nlbmgr" to open the Network Load Balancing Manager.
Note - if you are using Windows Server Core environments for the Smart Manager, you will need to do the configuration from Windows Server GUI environment with Network Load Balancing Tools enabled.
- From the menubar in the Network Load Balancing Manager, choose Cluster > New.
- On the "Connect" page, type the hostname of one of the Smartcrypt Enterprise Manager instances; click Connect. Select "
Local Area Connection" in the list (Not "
Local Area Connection 2"). Click Next.
- At the "Host Parameters" page, confirm the IP address / subnet mask. Click Next.
- At the "Cluster IP Addresses" page, click Add and enter in the extra IP address. Click Next.
- At the "Cluster Parameters" page, confirm that the IP address matches what you entered on the previous page, type your public hostname in the "Full Internet Name" box. Choose the desired Cluster Operation Mode (Multicast or Unicast), and click Next.
- At the "Port Rules" page, click Edit and confirm that the settings are appropriate, then click Finish.
Notes: Under Filtering Mode, Select Single affinity to keep each client talking to the same Smartcrypt Manager instance. If you select Network, you need to use Memcached to provide a shared cache.
By default, Port Range forwards all TCP and UDP ports - you might want to narrow it down to just TCP 443.
- The cluster should now appear in the left pane. Right-click it and choose Add Host to Cluster.
- Repeat steps 5-6 above, specifying the next server.
- In the IIS Manager on each Smartcrypt Enterprise Manager, configure each IIS instance to use a specific Service Account (on Active Directory) for its Application Pool identity.