In this blog post, I would like to write up the procedure for setting up an NSX Edge Load Balancer for a VMware Identity Manager cluster. Like discussed in this post and this post, NSX Edge Load Balancers will be all over the place in a Workspace ONE platform environment. And this is one place…
I am also working on testing the available persistence configuration of Workspace ONE NSX Edge load balancers (heads up to a blog post), and adding to the NSXHorizonJumpstart script more Workspace ONE firewall sections and load balancing configuration. If only my new year’s resolution was to grow four extra brains and hands, this would be published a little faster….
Identity Manager, Hmmmm?
For the Workspace ONE user access or identity management service, VMware Identity manager (IDM) is needed. And not just user access, also the application catalog. It is the layer your users sessions will hit first (well after enrolling their devices). And with that presumably, some availability requirements, insert a cluster of IDM ergo a High Available IDM. A cluster of IDM is a minimum of 3 nodes and this needs a load balancer. But how? Well after the first node is deployed, you will configure IDM to have an external database, for active-active on an MSSQL Always-On. When that is running an identity source should be configured, for example, connected to an Active Directory. And have a load balancer setup and FQDN filled. Then after a correct configuration shut down the node and clone to an identity manager cluster.
Need some more information on the steps than the above TL;DR? Read on