Find me in different places

Entries in Kemp (2)


Configuring Exchange 2013 with Powershell- Part 4: Kemp Load Balancer

I have been a little delayed in posting lately, I am hoping to finish all of the posts for Exchange 2013 now that CU 1 has been released and we can now actually deploy it.

I won't spend too much time talking about the load balancer themselves, but they are highly recomended by me, they are a small company and are quckly becoming the standard for Lync and Exchange.

To do the setup its really easy. Lets first setup our arrays

$kempurl = ""
[array]$kempVSIP = "", "", ""
[array]$kempVSPort = "443", "443", "25"
[array]$kempVSProt = "tcp", "tcp","tcp"
[array]$kempCheckPort = "https", "https", "smtp"
[array]$kempServiceType = "http", "http","gen"
[array]$kempVsDefaultGateway = "", ""
[array]$kempRealServerPort = "443", "443", "25"
[array]$kempcheckURL ="","","" #Make sure this has the same number of URLs as services being created, for SMTP leave null

and then another array of the IPs of our CAS

[array]$kempRealServers = "", ""

For this example I am just creating 3 virtual services, 1 for OWA, EAC, EWS, AS; 1 for Outlook Anywhere; and finally 1 for SMTP. Note that this is an example, There are definaly reasons to create seperate services for each directory. If you want to learn more I highly recommend listening to this epsoide of the UC Architects podcast with Greg Taylor.

Now lets get back to configuring, Before we continue, make sure you have already configured your load balancer and can get a simple connection first, look at this post for help connecting. Now lets add our new virtual services.

        $c = Get-Credential
        for($i = 0; $i -lt $kempVsIP.Length; $i ++) {

        $vs = $kempVsIP[$i]
        $port = $kempVsPort[$i]
        $name = $kempVsName[$i]
        $checkType = $kempCheckPort[$i]
        $defaultGateway = $kempVsDefaultGateway[$i]
        $servicetype = $kempServiceType[$i]
        $realserverport = $kempRealServerPort[$i]
        $checkurl = $kempcheckURL[$i]

            $uri = $kempurl+"/access/addvs?vs=$vs&port=$port&prot=$prot&NickName=""$name""&checktype=$checktype&checkport=$port&DefaultGW=$defaultgateway&VStype=$servicetype&ForceL7=yes&transparent=no"

            if($checkurl -ne ""){
                $uri += "&checkURL=$checkurl"

            $returnXML = Invoke-RestMethod -Uri $uri -Credential $c

            foreach($r in $kempRealServers){
                $uri = $kempurl+"/access/addrs?vs=$vs&port=$port&prot=$prot&rs=$r&rsport=$realserverport"

                Invoke-RestMethod -Uri $uri -Credential $c
            $uri = $kempurl+"/access/showvs?vs=$vs&port=$port&prot=$prot"
            $returnXML = Invoke-RestMethod $uri -Credential $c
            $status = $ReturnXML.Response| Select -ExpandProperty code
            if($status -eq "ok"){

So lets talk through this FOR loop, First, I found that trying to build the long string using the indexes of the arrays to cause inconsistant results, so I just set them to local variables then build the string. Next we just build the string and create the VS, add the check URL and the servers and thats it. Note that in this example we set Layer 7 transparency to off, there are many times where using L7 transparency will benifit your organization.

Thats it, the Kemp Technologies solution is pretty awesome and decently priced. If you haven't checked it out go download the demo here. Up next we will install Exchange 2013!


Setting up your Kemp Load Balancer for PowerShell

This is going to be a quick post about how to setup your Kemp Load Balancer to accept PowerShell commands.
In PowerShell V3 Microsoft added a new cmdlet called Invoke-RestMethod This command will make an HTTP post to whatever URL and then pass back the data. This lines up perfectly with Kemp releasing its RESTful API, To get the API documentation visit Kemp's site here

The first step is to upgrade your load balancer to the latest version. Kemp has been adding some new features recently so its helpful to be on the latest version. However 6.0-38 is the minimum version required

The main issue I ran into is that Kemp is requiring a https connection to make API calls. This cmdlet has an issue with self signed certs. Looking around I found a few posts of people having trouble, see here. One person here recommends creating a x509 cert but I was unable to get that to work. My workaround was using my third party wildcard cert and giving the load balancer an internal dns record instead of accessing it through the IP like the documentation suggests. My LB now has an internal dns pointer from to the management IP. Now I can make https REST calls to the dns name and it works like a charm.

So enough of talking lets get some data.
First lets set some variables

$kempurl = ""
$kempVSIP = "" #use a VIP of an existing service
$kempVSPort = "443" #the assigned port to the above VIP
$kempVSProt = "tcp" #the protocol of the Virtual Service
$c = Get-Credential # This is the credential to your load balancer

Now that we have our variables lets create a variable for the URL

$uri = $kempurl+"/access/showvs?vs=$kempVSIP&port=$kempVSPort&prot=$kempVSProt"

Now that we have our string created lets make the call

$returnXML = Invoke-RestMethod $uri -Credential $c

We use this command to see what we got back

$status = $ReturnXML.Response| Select -ExpandProperty code
 if($status -eq "ok"){ #Makes sure the post succeeded

If you want to see what the raw data looks like in your browser just type in $uri to show the URL and paste it in your browser so you can see all of the data in raw XML form.

To dig a little further you can just keep going down the tree, For example to get the Real Server IP addresses for a service just modify line 3 above to this:

$returnXML.Response.Success.Data.Rs | Select Addr

Or to get the Name of the Virtual Service:

$returnXML.Response.Success.Data | Select NickName

If you want to learn more about XML data in PowerShell I recommend reading through this


In the next post I will talk about how to create the Virtual Services we need for Exchange. But having this setup is critical to the next step

NOTE: PowerShell doesn't handle errors very well, mostly by throwing 503 errors. If you run into this type: $URI to get the URL and paste it into your browser, you will get a better explaination of what is going wrong, normally it is either an authentication issue, or it cannot find the virtual service.