Automation starts with the initial deployment of the solution, configuration of that solution and continues throughout the life of the solution. In this walk-through I will deploy a new LoadMaster into Azure from the Marketplace, license it, set several system options and create a new Virtual Service to support my workload, all from PowerShell. The steps outlined in this could also be triggered from one of the many automation and orchestration tools on the market. These can tools provide a zero-touch deployment and configuration of solutions.
To start off there are a few prerequisites:
- Azure PowerShell Module
- Azure Subscription
- KEMP PowerShell Module
- KEMP ID
- LoadMaster ARM Template
Deploy LoadMaster in Azure
Microsoft Azure provides several ways to automate the deployment of solutions in the cloud. In this example the use of PowerShell in combination with Azure Resource Manager (ARM) Templates will be utilized. KEMP has produced and published several ARM Templates in Github that customers can download and use when designing and deploying solutions. In this example, the “kemp-loadmaster-basic-deploy” template will be used and includes two files:
- Create-VLM-BYOL-SKU.json
- VLM-BYOL-SKU-Parameters.json
The VLM-BYOL-SKU-Parameters.json must be updated to include the unique parameters for each deployment. In this example I will use the following values:
{
“$schema”: “https://schema.management.azure.com/schemas/2015-05-01/deploymentParameters.json#”,
“contentVersion”: “1.0.0.0”,
“parameters”: {
“vmName”: {
“value”: “VLM-Automate”
},
“newStorageAccountName”: {
“value”: “vlmautomatestore”
},
“dnsNameForPublicIP”: {
“value”: “VLM-Automate-PIP”
},
“balPassword”: {
“value”: “VLM8965Automate!”
},
“vmSize”: {
“value”: “Standard_A1”
},
}
}
- The Azure PowerShell Module must be imported to proceed to the next steps.
- Use the Add-AzureRMAccount to authenticate to the Azure Subscription.
- Select the Azure Subscription to use for the deployment.
- Select-AzureRMSubscription -Subscriptionname “My Subscription”
- Create a new Resource Group if necessary.
- New-AzureRMResourceGroup -name Automate-RG -Location “East US”
- Deploy the KEMP LoadMaster via ARM Template.
- New-AzureRmResourceGroupDeployment -Name Automate-VLM -ResourceGroupName Automate-RG -TemplateFile C:\ARM\Create-VLM-BYOL-SKU.json -TemplateParameterFile C:\ARM\VLM-BYOL-SKU-Parameters.json
- The deploy takes about 3 minutes and the Public IP Address (PIP) is presenting within the PowerShell. This will be used to license and configure the LoadMaster in the next steps.
License the LoadMaster
The LoadMaster must now be licensed and once again this can be accomplished via the KEMP PowerShell Module. Since many of the PowerShell cmdlets will use the same values, it is best to simplify the task by leveraging variables.
- The KEMP PowerShell module must be imported prior to running these cmdlets. Instructions on installing the LoadMaster module can be found at here:
- Set the following variables in PowerShell
a. LoadMaster IP address obtained from the Output above.
i. $LoadMasterIP=”52.226.132.12”
b. Your KEMP ID
i. $KEMPID=”MyKEMPID@company.com”
c. Your KEMP ID Password
i. $KEMPIDPW=”MySecretPassword!”
d. The LoadMaster bal credentials
i. $creds=get-credential
This will prompt for username which is “bal” and the password used in the ARM template parameters file.
- Test the connection to the LoadMaster and confirm True is returned from the cmdlet.
- Test-LMServerConnection -ComputerName $LoadMasterIP -Port 8443
- Test-LMServerConnection -ComputerName $LoadMasterIP -Port 8443
- Initialize the connection to the LoadMaster using the $LoadMasterIP and $creds variable.
- Initialize-LmConnectionParameters -Address $LoadMasterIP -LBPort 8443 -Credential $creds
- Initialize-LmConnectionParameters -Address $LoadMasterIP -LBPort 8443 -Credential $creds
- This cmdlet will set a new variable simulating the reading of the End User License Agreement (EULA)
- $readeula=Read-LicenseEULA -LoadBalancer $LoadMasterIP -Credential $creds
- This cmdlet is step one of the acceptance of the End User License Agreement (EULA)
- $confirmeula = Confirm-LicenseEULA -Magic $readeula.Data.Eula.MagicString -LoadBalancer $LoadMasterIP -Credential $creds
- This cmdlet is step two of the acceptance of the End User License Agreement (EULA)
- Confirm-LicenseEULA2 -Magic $confirmeula.Data.Eula2.MagicString -Accept yes -LoadBalancer $LoadMasterIP -Credential $creds
- Confirm-LicenseEULA2 -Magic $confirmeula.Data.Eula2.MagicString -Accept yes -LoadBalancer $LoadMasterIP -Credential $creds
- Get the available license types by logging into KEMP’s Licensing portal.
- <Get-LicenseType -KempId $KEMPID -Password $KEMPIDPW -LoadBalancer $LoadMasterIP -Credential $creds
- <Get-LicenseType -KempId $KEMPID -Password $KEMPIDPW -LoadBalancer $LoadMasterIP -Credential $creds
- Request the available license from KEMP’s licensing portal.
- Request-LicenseOnline -LoadBalancer $LoadMasterIP -Credential $creds -KempId $KEMPID -Password $KEMPIDPW
- Request-LicenseOnline -LoadBalancer $LoadMasterIP -Credential $creds -KempId $KEMPID -Password $KEMPIDPW
- Use the same password that was entered in the $creds variable and ARM parameters file.
- Set-LicenseInitialPassword -Passwd KEMP2Automate#$ -LoadBalancer $LoadMasterIP -Credential $creds
- Set-LicenseInitialPassword -Passwd KEMP2Automate#$ -LoadBalancer $LoadMasterIP -Credential $creds
- Enable the KEMP LoadMaster API interface to manage and configure the appliance.
- Enable-SecAPIAccess -LoadBalancer $LoadMasterIP -lbport 8443 -Credential $creds
- Enable-SecAPIAccess -LoadBalancer $LoadMasterIP -lbport 8443 -Credential $creds
- Confirm the connection to the KEMP LoadMaster by requesting the version.
- Get-LmParameter -LoadBalancer $LoadMasterIP -Credential $creds -LBPort 8443 -Param version
- Get-LmParameter -LoadBalancer $LoadMasterIP -Credential $creds -LBPort 8443 -Param version
Configure options on the LoadMaster
The LoadMaster is licensed and ready for configurations to be applied. In this step, a few networking options will be set using the PowerShell module. These are just examples as there are many options based on requirements.
- Set the LoadMaster to accept non-local Real Servers
- Set-LMOptions -LMGroup NetworkOptions -LMOption NonLocalRS -LMValue 1 -LMPublicIP $LoadMasterIP
- Set-LMOptions -LMGroup NetworkOptions -LMOption NonLocalRS -LMValue 1 -LMPublicIP $LoadMasterIP
- Set the LoadMaster option Subnet Originating Requests
Configure Virtual Services on the LoadMaster
With the LoadMaster options set, it is time to configure our Virtual Service to publish our workload. The Virtual Service consists of a Name, Virtual IP Address, Protocol, and Port for the workload. Additional configuration options can be set based on the workload requirements.
- Create a new Virtual Service
- New-AdcVirtualService -VirtualService 10.0.0.4 -VSPort 80 -VSProtocol tcp -nickname Automate-VS1
- New-AdcVirtualService -VirtualService 10.0.0.4 -VSPort 80 -VSProtocol tcp -nickname Automate-VS1
- Add Real Servers to the newly created Virtual Service
- New-AdcRealServer -RealServer 10.0.0.18 -RealServerPort 80 -VirtualService 10.0.0.4 -VSPort 80 -VSProtocol tcp
- New-AdcRealServer -RealServer 10.0.0.18 -RealServerPort 80 -VirtualService 10.0.0.4 -VSPort 80 -VSProtocol tcp
KEMP’s PowerShell is a critical component of automation that can deliver the speed, consistency, and agility that every business requires. In today’s world of IT, it is relatively clear:
“If it can’t be automated, you don’t need it”