Find me in different places
« Configuring Exchange 2013 with Powershell- Part 4: Kemp Load Balancer | Main | Configuring Exchange 2013 with PowerShell- Part 3: Storage »
Tuesday
Apr022013

Setting up your Kemp Load Balancer for PowerShell

This is going to be a quick post about how to setup your Kemp Load Balancer to accept PowerShell commands.
In PowerShell V3 Microsoft added a new cmdlet called Invoke-RestMethod This command will make an HTTP post to whatever URL and then pass back the data. This lines up perfectly with Kemp releasing its RESTful API, To get the API documentation visit Kemp's site here

The first step is to upgrade your load balancer to the latest version. Kemp has been adding some new features recently so its helpful to be on the latest version. However 6.0-38 is the minimum version required

The main issue I ran into is that Kemp is requiring a https connection to make API calls. This cmdlet has an issue with self signed certs. Looking around I found a few posts of people having trouble, see here. One person here recommends creating a x509 cert but I was unable to get that to work. My workaround was using my third party wildcard cert and giving the load balancer an internal dns record instead of accessing it through the IP like the documentation suggests. My LB now has an internal dns pointer from hlb.contoso.com to the management IP. Now I can make https REST calls to the dns name and it works like a charm.

So enough of talking lets get some data.
First lets set some variables

$kempurl = "https://hlb.contoso.com"
$kempVSIP = "10.0.0.25" #use a VIP of an existing service
$kempVSPort = "443" #the assigned port to the above VIP
$kempVSProt = "tcp" #the protocol of the Virtual Service
$c = Get-Credential # This is the credential to your load balancer


Now that we have our variables lets create a variable for the URL

$uri = $kempurl+"/access/showvs?vs=$kempVSIP&port=$kempVSPort&prot=$kempVSProt"

Now that we have our string created lets make the call

$returnXML = Invoke-RestMethod $uri -Credential $c

We use this command to see what we got back

$status = $ReturnXML.Response| Select -ExpandProperty code
 if($status -eq "ok"){ #Makes sure the post succeeded
     $returnXML.Response.Success.Data
 }

If you want to see what the raw data looks like in your browser just type in $uri to show the URL and paste it in your browser so you can see all of the data in raw XML form.

To dig a little further you can just keep going down the tree, For example to get the Real Server IP addresses for a service just modify line 3 above to this:

$returnXML.Response.Success.Data.Rs | Select Addr


Or to get the Name of the Virtual Service:

$returnXML.Response.Success.Data | Select NickName


If you want to learn more about XML data in PowerShell I recommend reading through this

 

In the next post I will talk about how to create the Virtual Services we need for Exchange. But having this setup is critical to the next step

NOTE: PowerShell doesn't handle errors very well, mostly by throwing 503 errors. If you run into this type: $URI to get the URL and paste it into your browser, you will get a better explaination of what is going wrong, normally it is either an authentication issue, or it cannot find the virtual service.

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments (1)

Great post Patch. I had documented how to ignore SSL with PowerShell here: http://blogs.technet.com/b/bshukla/archive/2010/04/12/ignoring-ssl-trust-in-powershell-system-net-webclient.aspx, however that doesn't work with PowerShell 3 Invoke-RestMethod either. Only option currently is to use a trusted SSL certificate. Looking forward to your follow-up post.

April 3, 2013 | Unregistered CommenterBhargav Shukla

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>