Product Overview - Kemp 360 Central
Contents
1 Overview
1.1 Platforms Supported
The application delivery fabric consists of two components - the Kemp 360 Central instance for licensing/management and the individual ADC instances. Licenses may be issued to ADC instances on any supported platform from a single Kemp 360 Central.
Platform | Kemp 360 Central | LoadMaster |
Hyper-V | Y | Y |
VMware (OVF) | Y | Y |
KVM | Y | Y |
XEN | Y | Y |
Oracle VirtualBox | Y | Y |
Microsoft Azure | Y | Y |
Azure Government | Y | Y |
Amazon Web Services (AWS) | Y | Y |
AWS GovCloud | Y | Y |
1.2 Requirements
A Kemp 360 Central instance is required to license LoadMaster Metered or Pooled ADCs and to provide monitoring and management and can be deployed on any supported platform.
To permanently license Kemp 360 Central for Metered or Pooled Licensing, you need a Kemp ID and an Order or Contract ID. If you do not have an Order or Contract ID, you will get a trial license.
LoadMaster instances may be deployed on any platform that can communicate with the Kemp 360 Central instance.
Operational Requirements
- To license Kemp 360 Central for Metered or Pooled Licensing, you need a Kemp ID and an Order or Contract ID.
Technical Requirements
- A supported hypervisor or cloud platform
- Bi-directional communication between Kemp 360 Central and managed LoadMaster instances over TCP/443 (TCP/8443 for Azure/AWS)
- Syslog traffic from LoadMaster to Kemp 360 Central over UDP/514 (optional)
- Kemp 360 Central to have Simple Mail Transfer Protocol (SMTP) communication to a local SMTP server over TCP/25. This is optional if no notifications are required and Metered Licensing reporting is through HTTPs to ALSI (Kemp licensing and reporting services)
- Kemp 360 Central to have access to a DNS resolver over TCP/UDP/53
- Kemp 360 Central to have access to ALSI through TCP/443
- LoadMaster instances can be accessed through a routable network or through a network address translation (NAT) device
For the best UI performance, we recommend using the Chrome browser. If you experience any UI rendering issues with Kemp 360 Central and you are using a browser add-on, check the documentation for the add-on you have installed to see if they are recommended for use with frames. If not, disable the add-on when using the Kemp 360 Central UI.
1.3 Check the Virtual Machine Settings
Note that since Version 1.25.2, the default minimum Virtual Machine provisioning requirements for new installs have been updated as follows:
Resource | V1.24 and earlier firmware | V1.25.2 and later firmware |
CPU | Two cores | Four cores |
RAM | 4 GB | 8 GB |
Disk Storage | 40 GB | 250 GB |
Upgrades to Version 1.25.2 and later releases will not update existing Virtual Machine resources. To modify your current Virtual Machine configuration to conform to the above minimum values, contact Kemp Support.
2 Installation
2.1 Overview
The following steps should be followed to deploy an operational Metered or Pooled Licensing environment.
2.2 Obtain the Software
Kemp 360 Central and LoadMaster are delivered as Virtual Machine (VM) images for hypervisor platforms and are available in the cloud marketplaces for Amazon Web Services (AWS) and Azure.
Local licensing requires a special build of LoadMaster. If you are deploying a LoadMaster for local licensing from cloud marketplaces (AWS/Azure), select the Metered Licensing options. For all other platforms, the images can be downloaded from the following locations:
3 Deploy Kemp 360 Central
3.1 Installation
The platform-specific deployment guides for Kemp 360 Central are available on the Kemp Support site. The only deviation from these guides for Metered Licensing is as follows:
- When you encounter the licensing screen, enter the Order ID, which is either the Contract ID provided by Kemp or the Product Key provided during trial registration
The following Kemp 360 Central Deployment Guides are available on the Kemp Support site:
When presented with the licensing screen during installation, enter the Order or Contract ID along with your Kemp ID credentials. This licenses the Kemp 360 Central instance as a Metered Licensing and reporting server.
If you have no Order or Contract ID, the only option available to you is to download a trial version of the product. During the trial period, you can license and manage up to five Metered Licensed LoadMasters and monitor up to 25 pre-licensed LoadMasters. You can switch to a permanent license at any stage during the trial period by re-licensing Kemp 360 Central with a valid Order or Contract ID.
There are three options for licensing: online, offline, and manual. For more information, refer to the Activation and Initial Login section of the Feature Description Kemp 360 Central on the Kemp Documentation page.
After licensing, set the password for the admin user. The admin user is the default user on Kemp 360 Central and has all privileges. Additional user entities can be created with role-based access.
3.2 Initial Configuration of Kemp 360 Central
Once licensed, you are requested to input details on LoadMasters to be added. As no Metered Licensing LoadMasters are deployed, this stage can be skipped.
You are also prompted for an SMTP relay to deliver alerts by email. This can be configured at this stage or skipped for later configuration.
There are a number of system settings on Kemp 360 Central that are optional. Full details on configuration is available in the Kemp 360 Central Feature Description document on the Kemp Support site.
System Setting | Comment |
NTP Time Server | An NTP server is not mandatory. Using an external time server ensures that the system time on Kemp 360 Central (and LoadMaster instances) is correct and synchronized with the wider infrastructure. |
SMTP Relay | An SMTP relay is not mandatory. If configured, notifications may be set by email and email may be used to deliver usage data to Kemp. |
Role Based Access | In addition to the default admin user, other users and groups can be added and configured for role-based access. |
Scheduled Reporting | The system can autogenerate reports and deliver them by email. An SMTP relay is required for this feature. |
Your Kemp 360 Central system is now ready to license metered LoadMaster instances.
Please observe the following restrictions when upgrading from Version 1.x to Version 2:
To upgrade to Version 2.0, you must re-accept the End User License Agreement (EULA)
To upgrade to Version 2.3, you must be running Version 2.0.
4 Deploy Locally Licensed LoadMaster ADC Instances
4.1 Installation
LoadMaster instances can be deployed on Hyper-V, VMware, XEN, KVM, and VirtualBox hypervisors and on the Azure and AWS public clouds. A Kemp 360 Central Licensing server can license LoadMasters on any platform as long as there is IP connectivity between the LoadMaster and Kemp 360 Central.
The hypervisor versions can be downloaded from https://kemptechnologies.com/spla-download and the Azure and AWS versions are available in the respective marketplaces as License Agreement Based LoadMaster (MELA).
In the Azure MarketPlace, select License Agreement Based LoadMaster (MELA/SPLA) from the dropdown list under Plans + Pricing.
In the AWS Marketplace, select License Agreement Based LoadMaster for AWS (MELA).
Guidelines on how to deploy LoadMaster for each platform are available in the Kemp Resource Library.
- LoadMaster Installation Guide for Hyper-V
- LoadMaster Installation Guide for VMware (ESX, ESXi, and vSphere)
- LoadMaster Installation Guide for KVM
- LoadMaster Installation Guide for XEN
- LoadMaster Installation Guide for Oracle VirtualBox
- LoadMaster for Azure Feature Description
- LoadMaster for AWS Feature Description
4.2 License the LoadMaster ADCs
For metered licensing, the LoadMaster license is provided by Kemp 360 Central.
Ensure you select Kemp 360 Central Licensing as the license method (select Local Activation for pre 7.2.43 releases). Selection of any other licensing method may result in a non-metered license being assigned.
You are now prompted for the Host and Port of the Kemp 360 Central instance deployed earlier.
When Kemp 360 Central Licensing is selected, a screen (similar to the one above) appears. If this screen does not appear, you are not using the correct version of the LoadMaster. Contact a Kemp representative if this is the case.
1. Type the IP address or FQDN of Kemp 360 Central in the Host text box.
2. Type the Port to access Kemp 360 Central on in the Port text box.
3. Click Activate.
The LoadMaster contacts the Kemp 360 Central server on the IP address and port specified and requests a license.
The LoadMaster is now licensed against Kemp 360 Central, thus using one of the available licenses.
5 Manage the LoadMaster ADCs with Kemp 360 Central
5.1 Add the Licensed LoadMaster Instances
In addition to providing licensing, LoadMaster instances can be managed by Kemp 360 Central. Newly licensed LoadMasters are added to the management domain automatically after you enter your Kemp 360 credentials.
Newly licensed LoadMasters are listed in the Kemp 360 Central UI in the networks list and can be identified by the icon below.
To add the LoadMaster for management, select the LoadMaster and click the edit icon in the bottom left of the screen.
This prompts for the LoadMaster credentials and optionally allows a nickname to be assigned.
When deploying on cloud platforms, the LoadMaster instance is behind a network address translation (NAT) and has a public IP and a private IP. Use the Public IP when adding the LoadMaster instance to Kemp 360 Central.
For Azure and AWS LoadMasters, the port must be set to 8443.
Once added, the Kemp 360 Central system can monitor and manage the LoadMaster.
6 Configure Application Delivery on LoadMaster
Client traffic is decrypted/encrypted on the LoadMaster and passed unencrypted to the application servers on port 80. It is assumed that the LoadMaster is configured with a single IP address in the guidelines below.
1. Login to the LoadMaster UI by opening a https session (port 443 default/8443 on Azure/AWS) on the LoadMaster IP address. The default username is bal and the password is what was set earlier when the LoadMaster was provisioned.
2. In the navigation menu, select Virtual Services and the Add New option.
3. Set the Virtual Address to the IP address of the LoadMaster instance.
4. Set the port to 443 because you want to handle SSL traffic.
5. Type a service name (optional) and click Add this Virtual Service.
6. Expand the SSL Properties section.
7. Select the SSL Acceleration Enabled check box. The LoadMaster generates a self-signed certificate for the SSL service that can be replaced with a trusted certificate if required.
8. Add the web application servers. With LoadMaster, the application servers are referred to as Real Servers.
9. In the Real Servers section, select Add New.
10. Specify the Real Server IP address and port. The other settings may be left as default.
11. Repeat for each Real Server you want to add.
You should now be able to send traffic through the load balancer on port 443, which is then forwarded to the Real Servers. For further guidance on configuring service options, consult the Kemp guide to configuring an SSL virtual service. Detailed documentation on LoadMaster configuration and features is available from the Kemp Resource Library.
7 Making the Most of Kemp 360 Central
7.1 About Metered Licensing
Kemp Metered Licensing allows the creation of an application delivery fabric that contains LoadMaster Application Delivery Controller (ADC) instances that are licensed for metered usage. If you are deploying a trial, the number of Metered Licenses available is limited to five and they will only stay active for a limited time period. Full support is available during the trial period.
If you are deploying a metered licensing subscription, Metered Licensing licenses as many LoadMaster instances as required and charges monthly in arrears based on measured usage.
7.2 Scaling for High-Volume Environments
The LoadMaster instances licensed under Metered Licensing have no license limits on performance and are only limited by the underlying infrastructure. This provides the capability to scale within a single instance, which may be sufficient for many environments. LoadMaster instances may also be clustered to provide scale-out capability. With clustering, multiple LoadMaster instances operate in parallel to deliver virtual services with individual instances being able to scale to the maximum capability of the underlying infrastructure. Additional cluster members may be added or removed on demand to provide the desired capacity.
To evaluate scaling using clustering, consult the LoadMaster Clustering documentation.
7.3 Multi-Platform ADC Deployment
Within the Kemp 360 application delivery fabric, ADC instances may be deployed, managed, and licensed across multiple hypervisors and clouds from a single Kemp 360 Central providing a single unified view of all ADC resources regardless of location.
A quick way to evaluate this multi-platform support is to deploy a LoadMaster instance on desktop-based hypervisor or on a public cloud such as Azure or AWS.
Within Kemp 360 Central, all ADC resources, across all platforms, are available and may be monitored and managed.
7.4 Service Monitoring and Analysis
Kemp 360 Central is Kemp's management and monitoring platform, which also acts as the licensing and metering service for Metered Licensing. LoadMaster ADCs under Metered Licensing may be monitored and managed from Kemp 360 Central. The Global Dashboard provides a snapshot of the health and status of the application delivery fabric.
The widgets on the Global Dashboard provide a quick view of the status and link to the underlying detail.
- Device Health - Status of the ADC instance
- Local Licenses - Number of ADC instances licensed for Metered Licensing
- Support Subscription Expiry - Total number of local and non-local subscriptions
- Top Utilization - List of busiest ADC instances
- Log Summary - Breakdown of ADC log events by status
- VS Status - Summary of Virtual Service status
- Real Server Status - Summary of the application server status
- Administratively Disabled - Displays the number of Real Servers and Virtual Services that are administratively disabled
- Active Connections - Displays the total number of active connections for all managed devices
- WAF Statistics - Displays the number of configured WAF services and the number of alerts and events in the past 24 hours
7.5 Evaluation - ADC High Availability
For resilience, ADC instances are normally deployed as High Availability (HA) pairs. With LoadMaster HA, one instance is active while the other is in standby. In the event of a failure, the standby instance assumes the active role resulting in no service disruption.
To configure high availability on LoadMaster, consult the High Availability documentation.
With metered licensing, HA is essentially free because the HA pair is considered a single unit for billing purposes. Usage traffic is reported separately for both units. Evaluation of HA capabilities is as simple as turning off the primary LoadMaster, which automatically promotes the secondary LoadMaster as the active ADC.
Last Updated Date
This document was last updated on 02 September 2020.