I’ve just recorded YouTube video on how to configure Windows NLB for K2 NLB cluster:
Please bear with uninspiring introduction where I’m clumsily trying to explain what is DNS round robin and excuse my overuse of interjection “so” which I noticed only after review of my recording – I will try to improve my presentation skills in the future 🙂 For now it is all down to “live demo” pressure 🙂
The one thing I didn’t touch on in this video is an Extended Affinity. Actually as soon as you configure timeout value available for Single or Network affinity in Multiple host filtering mode you start using Extended Affinity feature which was introduced in Windows Server 2008 R2.
Unfortunately I’m not aware about official K2 recommendations for K2 in terms of Extended Affinity (K2 documentation features screenshots from some old Windows Server version it seems) but it seems it is something you may want to leverage for K2 Workspace/SF/SP.
Also in video I was a bit imprecise in selecting Both protocols in Port rules as based on official documentation you only need TCP and your ports setup should look like this:
Configuration of port rules on the screenshot above assumes that both K2 blackpearl (K2 host server service) and K2 workspace are hosted on the same cluster.
Also I should note that, unfortunately I was not able to make Unicast mode work in VMware Workstation based environments as it is not as simple as just adding extra NIC but for testing purposes it may be sufficient to use Multicast. For production deployments you either use Multicast or if your network equipment allows IGMP Multicast for small/medium size environments. For large environments MSFT itself recommends to use more advancing load balancers (one of the most popular today are those from F5, and there are a lot of K2 deployments where F5 ADCs are being used).
Just for clarity I will also quote an old note from windowsitpro.com (from 2006 🙂 ) which clarifies this two NICs requirement for Unicast NLB quite neatly:
Unlike Microsoft Cluster service clusters, in which you should have separate NIC’s to separate regular traffic from the cluster heartbeat traffic, NLB members don’t need multiple NIC’s. However, many people still recommend two NICs in NLB servers, given the low cost of quality NIC’s. Additionally, multiple network cards are desirable in the following situations:
For inter-host communication between NLB cluster members when operating in uni-cast mode. With only one NIC NLB members are unable to communicate directly with each other.
If the NLB members connect to back end services, for example a Microsoft SQL Server database, it might be desirable to use separate NICs to separate the front and back end traffic.
You may also see the following error whenever you try to run NLB console directly from one of your NLB hosts:
This is known issue and you can safely ignore it. Just run NLB management console from your management workstation and you will not receive any errors then.
Links to related official K2 documentation:
Takeaways from this document:
“For a K2 Host Server cluster, use a Unicast operation mode and set the affinity to None. Since the K2 Host Server is a stateless machine, no affinity is necessary per session.”
“For a K2 Workspace Server cluster, use a Unicast operation mode and set the affinity to Single. You will want to ensure that the web pages retain an affinity to the web server during the session.”
“For a K2 for SharePoint Server cluster, use a Unicast operation mode and set the affinity to Single. You will want to ensure that the web pages retain an affinity to the web server during the session.
The same is true for all server clusters that host web based components (such as Process Portals, web services, web parts).”
“As mentioned in the Network Load Balancing Setup and Configuration topic, at least two network adaptors are required when the Unicast operation mode is selected.
Set up the NLB configuration to allow traffic through on the K2 Workflow (default of 5252) and K2 Hostserver (default of 5555) ports.”
Main takeaway here is the following:
“Traffic to and from a SharePoint site or the K2 Workspace involves a considerable amount of communication from the Web servers to the back-end servers running SQL Server; good connectivity between them is required. It is therefore recommended that Web servers be dual-homed:
One network adapter handling the incoming Web requests by using NLB
One network adapter acting as a normal server adapter to communicate to the server running SQL Server along with the other servers within the infrastructure, such as domain controllers for authentication purposes”
(4) K2 and Firewalls