The purpose of this article is to provide guidance on configuring an F5 BIG-IP Load Balancer with the intention of using it to provide vSphere 6.5/6.7 Platform Services Controller (PSC) High Availability.

Note: VMware does not support the configuration or setup of the load balancer used to provide high availability within a vSphere environment. In the event that a non-certified load balancer is used, VMware reserves the right to not support the environment until a compatible load balancer is used.

Note: After upgrading from a previous version of vSphere 6.0 to vSphere 6.0 Update 2c you may need to reconfigure your load balancer as per the configuration below. 

1. Navigate to Network > VLAN > VLAN List > New VLAN (Create).
2. Provide a Name.
3. Under Resource > Interfaces, move Interface 1.1 to Untagged using the Add button.
4. Click Finished.

1. Navigate to Network > Interfaces > Interface List.
2. Select 1.2 and 1.3.
3. Click Disable.
   
   Note: These steps only using one Interface. You may require more than one active Interface.

1. Navigate to Network > Self-IP > New Self-IP.
2. Provide a Name.
3. Enter the IP Address and Netmask for the Self-IP.
4. In the VLAN/Tunnel section, select the VLAN created previously.
5. In the Port Lockdown section, select Allow Default.
6. Click Finished.
   
   Note: The Self-IP cannot exist on the same subnet as the F5 Management IP.

Create PSC WebSSO Service Monitors

1. Navigate to Local Traffic > Monitors > Create.
2. Provide a Name "psc-01-websso-health".
3. Select Type HTTPS.
4. Set an interval of 30 Seconds.
5. In the Send String field enter: GET /websso/HealthStatus HTTP/1.1\r\nHost:<psc-01-fqdn>\r\nConnection: Close\r\n\r\n
6. In the Receive String field enter 200.
7. In Alias Service Port enter 443.
8. Select Finished.
9. Navigate to Local Traffic > Monitors > Create.
10. Provide a Name "psc-02-websso-health".
11. Select Type HTTPS.
12. Set an interval of 30 Seconds.
13. In the Send String field enter: GET /websso/HealthStatus HTTP/1.1\r\nHost:<psc-02-fqdn>\r\nConnection: Close\r\n\r\n
14. In the Receive String field enter 200.
15. In Alias Service Port enter 443.
16. Select Finished.

Create PSC VMdir Service Monitors,

1. Navigate to Local Traffic > Monitors > Create.
2. Provide a Name "psc-ha-vmdir-health".
3. Select Type TCP.
4. Set an interval of 30 Seconds.
5. Leave the Send String field empty.
6. Leave the String field empty.
7. In Alias Service Port enter 389.
8. Select Finished.

1. Navigate to Local Traffic > Nodes > Node List > Create.
2. Provide a Name.
3. Provide the IP Address of the First PSC Node.
4. Under Health Monitors select Node Specific.
5. Move icmp and psc-01-websso-health and psc-ha-vmdir-health to the Active column using the << button.
6. Click Finished.
7. Navigate to Local Traffic > Nodes > Node List > Create.
8. Provide a Name.
9. Provide the IP Address of the First PSC Node.
10. Under Health Monitors select Node Specific.
11. Move icmp and psc-02-websso-health and psc-ha-vmdir-health to the Active column using the << button.
12. Click Finished.

1. Navigate to Local Traffic > Pools > Pool List > Create.
2. Provide a Name.
3. In the Health Monitors field, move tcp to Active using the << button.
4. In the Load Balancing Method field, select Round Robin.
5. In the New Members field, select Node List.
6. In the Address field, select your First PSC Node.
7. In the Service Port field, enter 443.
8. Under Priority, enter the value 10.
9. Click Add.
10. In the Address field, select your Second PSC Node.
11. In the Service Port field, enter 443.
12. Under Priority, enter the value 1.
13. Click Add.
14. Click Finished.
15. Repeat preceding steps for ports 389, 636, 2012, 2014, 2020.

1. Navigate to Local Traffic > Profiles > Persistence > Create.
2. Provide a Name.
3. Select Persistence Type > Source Address Affinity from the drop down menu.
4. Select Custom.
5. Enable Match across services.
6. Specify the Timeout value to be at least 28800.
7. Click Finish.

1. Navigate to Local Traffic > Virtual Servers > Virtual Server List > Create.
2. Provide a Name.
3. In the Destination Address field, input the Virtual IP to be used for the Load Balanced PSC FQDN.
4. In the Service Port field, enter a value of 443.
5. In the Source Address Translation field, select Auto Map.
6. In the Default Pool field, select the Pool for 443 created previously.
7. In the Default Persistence Profile field, select the persistence profile created previously.
8. Click Finished.
9. Create the VIP for remaining ports 389, 636, 2012, 2014, 2020.

1. Navigate to Local Traffic > Network Map.
2. Ensure that Each VIP contains the correct Pool and that the correct Pool contains the correct Node:Port assignment.