Best practices to configure a node in network load balancing
Explains how to configure a node in a network load balancing cluster.
In a typical network load balancing deployment, the network load balancer acts as a proxy to the nodes within the cluster. Because Content Manager requires traffic to be encrypted over ssl and https schema endpoints, special attention is required regarding the SSL certificate used to configure the Web role.
The certificate subject name must match the host name of the endpoints that the clients will be using. When a network load balancer (or any other proxy) is what the clients target, then the target hostname is e.g. lb.ish.example.com (where ish refers to an example related to Content Manager, and lb specifies it further as a load balancing server). For example, the web client targets an endpoint like https://lb.ish.example.com/ISHCM/ and the web service client targets an endpoint like https://lb.ish.example.com/ISHWS/Wcf/API25/Application.svc. The lb.ish.example.com is completely independent from the server name of each node, but it forces the certificate used to configure the Web role to have this subject name. This means that a proper certificate has to be created based on the balancer's properties and shared on each Front end server before installation.
Also multiple Front end server nodes mean multiple Full text indexing roles. To force each server to deliver the same results for each search request, we need to redirect them to consume the same Full text indexing role instance in the cluster. Typically, this means that the Full text indexing role is fully active on one of the nodes and disabled on the other nodes.
In the diagram below we can identify the shared certificate used by all Front end server nodes and that only one Full text indexing role is used as the repository.
Figure 1. Content Manager network load balancing deployment.
For more advanced network load balancing deployments you may even have to specialize one of the Front end server to execute only the Full text indexing role. Although the node has the Web role still active, it is not part of the cluster and it never receives requests. In this case all balanced nodes are equal with regards to throughput and are not affected by the execution of the Full text indexing role.
Figure 2. Specialized Content Manager network load balancing deployment.