Configure a Load Balancer and Virtual Host

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

When adding a load balancer, you must configure a virtual hostname, IP address, and listening port. The load balancer acts as the virtual host providing an entry point to the demilitarized zone (DMZ). You must configure the virtual host before you can install a web tier.

If your deployment has a load balancer, the virtual hostname must resolve to the public IP address of the load balancer.

If your deployment does not have a load balancer, the virtual hostname must resolve to the public IP address of your web tier.

If you change the name of the load balancer or use another load balancer, you must change the virtual hostname accordingly.

Before you begin 

  • You must be a Super Admin.

  • The virtual hostname must be configured in the Domain Name System (DNS) to point to the load balancer.

Procedure 

  1. In the Operations Console on the primary instance, click Deployment Configuration > Virtual Host & Load Balancing.

  2. If prompted, enter your Super Admin User ID and password.

  3. On the Virtual Host & Load Balancing page, do the following:

    1. Select Configure a virtual host and load balancers.

    2. Enter a fully qualified virtual hostname unique to the deployment.

    3. (Optional) Change the default port number.

    4. Enter up to two load balancer IP addresses. If you are not using a load balancer, leave the IP address blank.

    5. Click Add.

  4. Click Save.

    The system saves the virtual hostname and key material in the keystore file.

  5. On the confirmation page, read Mandatory Next Steps.

  6. Click Done.

After you finish 

In the Operations Console, perform the appropriate mandatory next steps.

  • If you updated load balancer details, you must reboot the primary and replica instances. In the Operations Console, click Maintenance > Reboot Appliance and reboot each instance.

  • If you updated the virtual hostname, generate a new integration script for each web-based application using RBA, and then redeploy the integration scripts.

  • If the deployment includes a web tier, update the web tier. In the Operations Console, click Deployment Configuration > Web-Tier Deployments > Manage Existing. Click the update link for each web tier.

  • If the deployment includes a web tier, replace the certificate on the load balancer and on the firewall with the virtual host certificate.

  • If the deployment uses dynamic seed provisioning, update the hostname and port for the CT-KIP URL with the hostname and port that you specified for the virtual host. In the Security Console, go to Setup > System Settings. Click Tokens.

  • If the deployment uses the RSA Self-Service Console, update the Self-Service Console URL with the hostname and port you specified for the virtual host. In the Security Console, go to Setup > Self-Service Settings. Click E-Mail Notifications for User Account Changes.

Related Concepts

Web-Tier Deployments

 

 


Attachments

    Outcomes