Agent Handlers for load balancing


To configure the following load balancing option using ePO 4.6:


Would a 3rd party load balancer be required?

The aim is to use AH's purely for load balancing, including the ePO server AH, with workload automatically distributed based on available Agent Handler resources. The only native options using AH groups seem to be to configure for failover using priorities and distribution using assignments.

Also, when setting an assignment using a group, a warning message appears: 'The custom handler list does not contain the primary agent handler', when the ePO server and all AH's are specified in the list. If the ePO server has to be specified again by design or best practice, it would be good to have confirmation of this.

The other option is to not use handler groups at all, but specify in the assignment 'Use all agent handlers'. From ePO help: 'The default value. This option uses all Agent Handlers in the handler list. The priority is determined automatically using load balancing'. Is this load balancing based on available Agent Handler resources, or random priority configured in the sitelist?

Maybe I'm wrong but I remeber some time ago we made a test with a customer setting only 1 AH assignement rule includeing all Agent Handlers and ePO and the Load Balancing was made by itself.

As this is not a cluster you don't need any third party load balancer

Hi Laszlo, thanks for your reply.

That's an option I was considering, but if possible, I'd like to find out if load balancing selection is calculated by resource usage (possibly by handler to handler negotiation) when using this configuration (one assignment / use all handlers), or randomization by client selection from the sitelist.

For a little more information, from these two excerpts or any other documentation I have, it's not clear whether a 3rd party load balancer is needed - if not, it didn't seem that selection by resource usage would work by relying on the priority set by the order of AH's listed in group properties.

So a 3rd party LB would only be required if you had Agent Handler servers configured as a cluster? Is that what McAfee documentation is referring to for 'automatic distribution of workload based on resource usage', rather than being a feature of ePO / AH's?

Note lines beginning with *'s

From ePO 4.6 Help:

Add/Edit Group page
Use this page to add or edit Agent Handler Groups.

Option definitions
Option Definition
Group Name  Specifies the name of the Agent Handler Group.
Included Handlers  Specifies details about this handler group, including:
* Use load balancer — Automatically distributes the work load of agent communication, based on available Agent Handler resources.
Virtual DNS Name — Specifies the Fully Qualified Domain Name (FQDN) agents use when communicating with this Agent Handler Group.
Virtual IP Address — Specifies the IP address agents use to communicate with this Agent Handler group.
Use custom handler list — Specifies which Agent Handler to use, and establishes handler priority within the group.

From ePO 4.6 Product Guide:

Setting up Agent Handler groups
Use this task to set up Agent Handler groups. Handler groups can make it easier to manage multiple
handlers throughout your network, and can play a role in your fallback strategy.
10 Setting up Agent Handlers
Working with Agent Handlers
104 McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide
For option definitions, click ? in the interface.
1 Click Menu | Configuration | Agent Handlers, then in Handler Groups, click New Group.
The Add/Edit Group page appears.
2 Specify the group name and the Included Handlers details, including:
* Click Use load balancer to use a third-party load balancer, then type the Virtual DNS Name and Virtual IP
address fields (both are required).
Click Use custom handler list to specify which Agent Handlers are included in this group.
When using a custom handler list, select the handlers from the Included
Handlers drop-down list. Use + and - to add and remove additional Agent
Handlers to the list (an Agent Handler can be included in more than one
group). Use the drag-and-drop handle to change the priority of handlers.
Priority determines which handler the agents try to communicate with first.
3 Click Save.

