Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Product Overview - Kemp 360 Central

1 Overview

1.1 Platforms Supported

The application delivery fabric consists of two components - the Kemp 360 Central instance for licensing/management and the individual ADC instances. Licenses may be issued to ADC instances on any supported platform from a single Kemp 360 Central.

Platform Kemp 360 Central LoadMaster
Hyper-V Y Y
VMware (OVF) Y Y
KVM Y Y
XEN Y Y
Oracle VirtualBox Y Y
Microsoft Azure Y Y
Azure Government Y Y
Amazon Web Services (AWS) Y Y
AWS GovCloud Y Y

1.2 Requirements

A Kemp 360 Central instance is required to license LoadMaster Metered or Pooled ADCs and to provide monitoring and management and can be deployed on any supported platform.

To permanently license Kemp 360 Central for Metered or Pooled Licensing, you need a Kemp ID and an Order or Contract ID. If you do not have an Order or Contract ID, you will get a trial license.

LoadMaster instances may be deployed on any platform that can communicate with the Kemp 360 Central instance.

Operational Requirements

  • To license Kemp 360 Central for Metered or Pooled Licensing, you need a Kemp ID and an Order or Contract ID.
       

Technical Requirements

  • A supported hypervisor or cloud platform
  • Bi-directional communication between Kemp 360 Central and managed LoadMaster instances over TCP/443 (TCP/8443 for Azure/AWS)
  • Syslog traffic from LoadMaster to Kemp 360 Central over UDP/514 (optional)
  • Kemp 360 Central to have Simple Mail Transfer Protocol (SMTP) communication to a local SMTP server over TCP/25. This is optional if no notifications are required and Metered Licensing reporting is through HTTPs to ALSI (Kemp licensing and reporting services)
  • Kemp 360 Central to have access to a DNS resolver over TCP/UDP/53
  • Kemp 360 Central to have access to ALSI through TCP/443
  • LoadMaster instances can be accessed through a routable network or through a network address translation (NAT) device

Requirements.png

For the best UI performance, we recommend using the Chrome browser. If you experience any UI rendering issues with Kemp 360 Central and you are using a browser add-on, check the documentation for the add-on you have installed to see if they are recommended for use with frames. If not, disable the add-on when using the Kemp 360 Central UI.

1.3 Check the Virtual Machine Settings

Note that since Version 1.25.2, the default minimum Virtual Machine provisioning requirements for new installs have been updated as follows:

Resource V1.24 and earlier firmware V1.25.2 and later firmware
CPU Two cores Four cores
RAM 4 GB 8 GB
Disk Storage 40 GB 250 GB

Upgrades to Version 1.25.2 and later releases will not update existing Virtual Machine resources. To modify your current Virtual Machine configuration to conform to the above minimum values, contact Kemp Support.

2 Installation

2.1 Overview

The following steps should be followed to deploy an operational Metered or Pooled Licensing environment.

Overview.png

 

2.2 Obtain the Software

Kemp 360 Central and LoadMaster are delivered as Virtual Machine (VM) images for hypervisor platforms and are available in the cloud marketplaces for Amazon Web Services (AWS) and Azure.

Local licensing requires a special build of LoadMaster. If you are deploying a LoadMaster for local licensing from cloud marketplaces (AWS/Azure), select the Metered Licensing options. For all other platforms, the images can be downloaded from the following locations:

3 Deploy Kemp 360 Central

3.1 Installation

The platform-specific deployment guides for Kemp 360 Central are available on the Kemp Support site. The only deviation from these guides for Metered Licensing is as follows:

  • When you encounter the licensing screen, enter the Order ID, which is either the Contract ID provided by Kemp or the Product Key provided during trial registration

The following Kemp 360 Central Deployment Guides are available on the Kemp Support site:

When presented with the licensing screen during installation, enter the Order or Contract ID along with your Kemp ID credentials. This licenses the Kemp 360 Central instance as a Metered Licensing and reporting server.

If you have no Order or Contract ID, the only option available to you is to download a trial version of the product. During the trial period, you can license and manage up to five Metered Licensed LoadMasters and monitor up to 25 pre-licensed LoadMasters. You can switch to a permanent license at any stage during the trial period by re-licensing Kemp 360 Central with a valid Order or Contract ID.

image337.png

 

There are three options for licensing: online, offline, and manual. For more information, refer to the Activation and Initial Login section of the Feature Description Kemp 360 Central on the Kemp Documentation page.

After licensing, set the password for the admin user. The admin user is the default user on Kemp 360 Central and has all privileges. Additional user entities can be created with role-based access.

3.2 Initial Configuration of Kemp 360 Central

Once licensed, you are requested to input details on LoadMasters to be added. As no Metered Licensing LoadMasters are deployed, this stage can be skipped.

You are also prompted for an SMTP relay to deliver alerts by email. This can be configured at this stage or skipped for later configuration.

There are a number of system settings on Kemp 360 Central that are optional. Full details on configuration is available in the Kemp 360 Central Feature Description document on the Kemp Support site.

System Setting Comment
NTP Time Server An NTP server is not mandatory. Using an external time server ensures that the system time on Kemp 360 Central (and LoadMaster instances) is correct and synchronized with the wider infrastructure.
SMTP Relay An SMTP relay is not mandatory. If configured, notifications may be set by email and email may be used to deliver usage data to Kemp.
Role Based Access In addition to the default admin user, other users and groups can be added and configured for role-based access.
Scheduled Reporting The system can autogenerate reports and deliver them by email. An SMTP relay is required for this feature.

Your Kemp 360 Central system is now ready to license metered LoadMaster instances.

Please observe the following restrictions when upgrading from Version 1.x to Version 2:
To upgrade to Version 2.0, you must re-accept the End User License Agreement (EULA)
To upgrade to Version 2.3, you must be running Version 2.0.


4 Deploy Locally Licensed LoadMaster ADC Instances

4.1 Installation

LoadMaster instances can be deployed on Hyper-V, VMware, XEN, KVM, and VirtualBox hypervisors and on the Azure and AWS public clouds. A Kemp 360 Central Licensing server can license LoadMasters on any platform as long as there is IP connectivity between the LoadMaster and Kemp 360 Central.

The hypervisor versions can be downloaded from https://kemptechnologies.com/spla-download and the Azure and AWS versions are available in the respective marketplaces as License Agreement Based LoadMaster (MELA).

image357.png

In the Azure MarketPlace, select License Agreement Based LoadMaster (MELA/SPLA) from the dropdown list under Plans + Pricing.

image17.png

In the AWS Marketplace, select License Agreement Based LoadMaster for AWS (MELA).

Guidelines on how to deploy LoadMaster for each platform are available in the Kemp Resource Library.

4.2 License the LoadMaster ADCs

For metered licensing, the LoadMaster license is provided by Kemp 360 Central.

image79.png

Ensure you select Kemp 360 Central Licensing as the license method (select Local Activation for pre 7.2.43 releases). Selection of any other licensing method may result in a non-metered license being assigned.

You are now prompted for the Host and Port of the Kemp 360 Central instance deployed earlier.

image59.png

When Kemp 360 Central Licensing is selected, a screen (similar to the one above) appears. If this screen does not appear, you are not using the correct version of the LoadMaster. Contact a Kemp representative if this is the case.

1. Type the IP address or FQDN of Kemp 360 Central in the Host text box.

2. Type the Port to access Kemp 360 Central on in the Port text box.

3. Click Activate.

The LoadMaster contacts the Kemp 360 Central server on the IP address and port specified and requests a license.

The LoadMaster is now licensed against Kemp 360 Central, thus using one of the available licenses.

5 Manage the LoadMaster ADCs with Kemp 360 Central

5.1 Add the Licensed LoadMaster Instances

In addition to providing licensing, LoadMaster instances can be managed by Kemp 360 Central. Newly licensed LoadMasters are added to the management domain automatically after you enter your Kemp 360 credentials.

Newly licensed LoadMasters are listed in the Kemp 360 Central UI in the networks list and can be identified by the icon below.

image84.png

To add the LoadMaster for management, select the LoadMaster and click the edit icon in the bottom left of the screen.

image10.png

This prompts for the LoadMaster credentials and optionally allows a nickname to be assigned.

012.png

When deploying on cloud platforms, the LoadMaster instance is behind a network address translation (NAT) and has a public IP and a private IP. Use the Public IP when adding the LoadMaster instance to Kemp 360 Central.

For Azure and AWS LoadMasters, the port must be set to 8443.

Once added, the Kemp 360 Central system can monitor and manage the LoadMaster.

6 Configure Application Delivery on LoadMaster

Client traffic is decrypted/encrypted on the LoadMaster and passed unencrypted to the application servers on port 80. It is assumed that the LoadMaster is configured with a single IP address in the guidelines below.

1. Login to the LoadMaster UI by opening a https session (port 443 default/8443 on Azure/AWS) on the LoadMaster IP address. The default username is bal and the password is what was set earlier when the LoadMaster was provisioned.

2. In the navigation menu, select Virtual Services and the Add New option.

009.png

3. Set the Virtual Address to the IP address of the LoadMaster instance.

4. Set the port to 443 because you want to handle SSL traffic.

5. Type a service name (optional) and click Add this Virtual Service.

SSLProperties-IntermediateCerts.png

6. Expand the SSL Properties section.

7. Select the SSL Acceleration Enabled check box. The LoadMaster generates a self-signed certificate for the SSL service that can be replaced with a trusted certificate if required.

8. Add the web application servers. With LoadMaster, the application servers are referred to as Real Servers.

9. In the Real Servers section, select Add New.

011.png

10. Specify the Real Server IP address and port. The other settings may be left as default.

11. Repeat for each Real Server you want to add.

You should now be able to send traffic through the load balancer on port 443, which is then forwarded to the Real Servers. For further guidance on configuring service options, consult the Kemp guide to configuring an SSL virtual service. Detailed documentation on LoadMaster configuration and features is available from the Kemp Resource Library.

7 Making the Most of Kemp 360 Central

7.1 About Metered Licensing

Kemp Metered Licensing allows the creation of an application delivery fabric that contains LoadMaster Application Delivery Controller (ADC) instances that are licensed for metered usage. If you are deploying a trial, the number of Metered Licenses available is limited to five and they will only stay active for a limited time period. Full support is available during the trial period.

If you are deploying a metered licensing subscription, Metered Licensing licenses as many LoadMaster instances as required and charges monthly in arrears based on measured usage.

7.2 Scaling for High-Volume Environments

The LoadMaster instances licensed under Metered Licensing have no license limits on performance and are only limited by the underlying infrastructure. This provides the capability to scale within a single instance, which may be sufficient for many environments. LoadMaster instances may also be clustered to provide scale-out capability. With clustering, multiple LoadMaster instances operate in parallel to deliver virtual services with individual instances being able to scale to the maximum capability of the underlying infrastructure. Additional cluster members may be added or removed on demand to provide the desired capacity.

To evaluate scaling using clustering, consult the LoadMaster Clustering documentation.

7.3 Multi-Platform ADC Deployment

Within the Kemp 360 application delivery fabric, ADC instances may be deployed, managed, and licensed across multiple hypervisors and clouds from a single Kemp 360 Central providing a single unified view of all ADC resources regardless of location.

A quick way to evaluate this multi-platform support is to deploy a LoadMaster instance on desktop-based hypervisor or on a public cloud such as Azure or AWS.

Within Kemp 360 Central, all ADC resources, across all platforms, are available and may be monitored and managed.

image159.png

7.4 Service Monitoring and Analysis

Kemp 360 Central is Kemp's management and monitoring platform, which also acts as the licensing and metering service for Metered Licensing. LoadMaster ADCs under Metered Licensing may be monitored and managed from Kemp 360 Central. The Global Dashboard provides a snapshot of the health and status of the application delivery fabric.

image369.png

The widgets on the Global Dashboard provide a quick view of the status and link to the underlying detail.

  • Device Health - Status of the ADC instance
  • Local Licenses - Number of ADC instances licensed for Metered Licensing
  • Support Subscription Expiry - Total number of local and non-local subscriptions
  • Top Utilization - List of busiest ADC instances
  • Log Summary - Breakdown of ADC log events by status
  • VS Status - Summary of Virtual Service status
  • Real Server Status - Summary of the application server status
  • Administratively Disabled - Displays the number of Real Servers and Virtual Services that are administratively disabled
  • Active Connections - Displays the total number of active connections for all managed devices
  • WAF Statistics - Displays the number of configured WAF services and the number of alerts and events in the past 24 hours

7.5 Evaluation - ADC High Availability

For resilience, ADC instances are normally deployed as High Availability (HA) pairs. With LoadMaster HA, one instance is active while the other is in standby. In the event of a failure, the standby instance assumes the active role resulting in no service disruption.

To configure high availability on LoadMaster, consult the High Availability documentation.

With metered licensing, HA is essentially free because the HA pair is considered a single unit for billing purposes. Usage traffic is reported separately for both units. Evaluation of HA capabilities is as simple as turning off the primary LoadMaster, which automatically promotes the secondary LoadMaster as the active ADC.

Last Updated Date

This document was last updated on 02 September 2020.


Comments