Load balancing is a feature that is implemented in most Citrix NetScaler environments. Load balancing allows you to load balance different backend servers with the same purpose, for example, a web shop. A large web shop requires more than one web server because of the heavy load from visiting users. With load balancing, Citrix NetScaler will load balance the traffic between the visiting servers and the several backend servers. Besides load balancing, Citrix NetScaler can also monitor the backend server if, for example, the web server responds with HTTP Error code 200.
In order to configure the load balancing service in Citrix NetScaler, you need the following:
The IP address and server name are 10.0.10.234
for webserver01
and 10.0.10.125
for webserver02
.
LB_SG_WebServer
.LB_SRV_WebServer01
and LB_SRV_WebServer02
.WebServer
responds with an HTTP 200 error.LB_VS_WebServer
. This virtual server name is only for your own information; choose a virtual server name that recognizes the service it's providing.https://www.abc.com
. The DNS record was IP address: 192.168.12.87
.LB_SG_WebServer
.COOKIEINSERT
.Backup persistence
If the primary persistence can't be set, the backup persistence will be used, if configured. Use logical names for load balancing backend servers, services, service groups, and load balancing virtual servers. I prefer this so that it's always recognizable what the purpose of the item is. Some examples are LB_VS_ServiceName
or LB_S_WebServer
for a service, LB_SG_WebServers
for service groups, and LB_SRV_ServerName
for a backend server name.
So, in the default configuration, the user only has a web browser session with Citrix NetScaler, and Citrix NetScaler proxies the request to the backend server. Therefore, if the backend servers and Citrix NetScaler are in a demilitarized zone, the only firewall port from other networks should be the listen port of the load balancing virtual server.
With active/active, you load balance at least two backend machines with the same functionality. To configure active/active load balancing, it's necessary to create services or service groups for all backend servers that will be used for load balancing. While configuring active/active with different weights, I recommend that you use services instead of service groups, because you need to adjust the weight per service. Configuring active/active load balancing requires at least two services or service groups. Adjusting the weight while configuring the load balancing will change the percentage of traffic that will be sent to the backend server. Services or service groups with higher values can handle more requests; services or service groups with lower values can handle fewer requests. Assigning weights to services or service groups allows the Citrix NetScaler appliance to determine how much traffic each load-balanced server can handle and, therefore, balance the load more effectively.
In order to use active/active load balancing, it's necessary to configure the right persistence based on the requirement. In the following table, you can find all the persistence types available in Citrix NetScaler. This table also shows which persistence type will be available for a certain protocol:
Persistence type |
HTTP |
HTTPS |
TCP |
UDP/IP |
SSL_Bridge |
SSL_TCP |
RTSP |
SIP_UDP |
---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Setting a SOURCEIP
persistence type for the load balancing vserver LB_VS_WebServer
through the command line can be done using this command:
set lb vserver LB_VS_WebServer -persistenceType SOURCEIP
In order to use the load balancing feature in a proper way, you should always select the right load balancing algorithms. Citrix NetScaler has a lot of built-in load balancing algorithms. These algorithms can be configured during the configuration of the load balancing virtual server and could be different from other load balancing virtual servers. The default load balancing algorithm is least connection. The different algorithms have been explained here:
So, after you have chosen the correct persistence type and algorithm, you can build the load balancing virtual server.
Citrix NetScaler also supports active/passive load balancing. This basically means that you have an active load balancing virtual server and another load balancing virtual server that will be used for passive load balancing. So, when all the services or service groups on the primary load balancing virtual server stop running, Citrix NetScaler will automatically will contact the backup load balancing virtual server. This functionality is widely used in environments with two different data centers, where one data center is passive. When the backend servers in the active load balancing virtual servers come back online, they will be the primary backend servers again instead the backend servers.
Citrix StoreFront is the replacement of Citrix Web Interface, which will end on June 30, 2018, if you have the software maintenance or subscription advantage. Otherwise, the end of life would be August 24, 2016. Besides, Citrix StoreFront allows you to work with the full-blown Citrix Receiver instead of only Receiver for Web. In order to load balance StoreFront, it is necessary that you install and configure Citrix StoreFront. To use the full-blown Citrix Receiver, it's necessary to configure Citrix StoreFront with an SSL certificate. This SSL certificate can be an internal certificate created by your own certificate authority, or it can be from a public certificate authority. When you are using your own certificate authority, for example, Microsoft, all clients will automatically trust the SSL certificate. Clients outside the Active Directory should install the root certificate to work with Citrix StoreFront and the full-blown Citrix Receiver.
In the following figure, you can find the most commonly used configuration for the load balancing of StoreFront:
Citrix NetScaler is a good load balancer for the Citrix StoreFront environment. It contains a monitor for checking whether the StoreFront store is running and fully functional. This monitor is way better than the regular HTTPS monitor, because Citrix NetScaler also verifies that StoreFront is healthy. A lot of other vendors / load balancers can't do this because they don't have the value that is needed. Also, make sure you use service groups instead of services. Because the StoreFront monitor isn't the default monitor, the first step in load balancing Citrix StoreFront is to create the monitor.
Go to Traffic Management | Load Balancing | Monitors, and click on Add. Select Type as STOREFRONT
from the list, and go to the Special Parameters tab. Fill in the Store Name field, as shown in the following screenshot. The store name can be found in the StoreFront console under the Store menu. Also add the monitor name and click on Create, as shown here:
The monitor can also be created using a command-line interface. The command required would be as follows:
add lb monitor storefront_ssl STOREFRONT -storename myStore -storefrontacctservice YES -secure YES
Downloading the example code
You can download the example code files from your account at http://www.packtpub.com for all the Packt Publishing books you have purchased. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
The best way to create a load balancing environment is by starting from the bottom and going towards the top in the menu structure. In this way, you can create a decent name instead of the default names:
COOKIEINSERT
and a timeout value from 0
. The value 0 means that there is no expiry time. By configuring another timeout value, for example, 2 minutes, the user can connect to another StoreFront server. When this happens, the user needs to log in again, because there is no session available. As backup persistence, select SOURCEIP
with the proper timeout. The timeout can't be zero and must be at least 2 minutes. When using the SSL protocol, we also need to add the certificate that is required for the load balancing virtual server.When using Citrix StoreFront through SSL, configure the base URL and the load balancing virtual server, but bind the backend servers through HTTP. When you are using this deployment, Citrix NetScaler will be used as SSL offload functionality. However, please be aware that the credentials will be sent in plain text between Citrix NetScaler and the backend environment.
If you get the Cannot complete your request warning after connecting, there could be many reasons for it. For some explanations and fixes, refer to http://support.citrix.com/article/CTX133904.