Centric connect.engage.succeed

GSLB between Azure and AWS

Geschreven door Randolph Widjaja - 29 augustus 2017

Randolph Widjaja
In March 2017, Citrix announced that Citrix NetScaler VPX appliances are fully supported in the Microsoft Azure cloud. But didn’t Microsoft already have a version of Citrix NetScaler VPX appliances in their marketplace? Yes, indeed they did. However, since March of this year, they also support Citrix NetScaler Global Site Load Balancing (GSLB) services. With GSLB you can create load balancing between the cloud and on-premise data centres, but also between cloud providers, like Amazon AWS. This multi-cloud platform support is very important if you want to ensure continuity of the business applications in the cloud, especially when you read stories about connectivity interruptions, or even lost server configuration at certain cloud providers.

With the Citrix NetScaler GSLB feature, you can create multi-site load balancing services for different kinds of applications, from load balancing simple websites to business-critical applications like SAP, for example. But how do we configure it? Before I start to explain how we configure GSLB services between the two biggest cloud providers Amazon AWS and Microsoft Azure, you’ll need some background on how Citrix NetScaler GSLB services works.

The difference between normal load balancing and Citrix NetScaler GSLB services is that the GSLB services can be located at different geographical locations connected over the internet. This is not the case with normal load balancing services, however, which need to be located in the same data centre, or in different data centres connected over the VPN. Citrix NetScaler GSLB services handle the incoming traffic and, using the Metric Exchange Protocol (MEP), calculate which data centre or cloud provider is best for handling the client requests to the back end. Different criteria can be selected or combined, for example the least-loaded data centre, closest data centre or quickest response to the client’s request.

Normal load balancing vs Citrix NetScaler GSLB services

Source: https://docs.citrix.com/en-us/netscaler/11-1/gslb/how-gslb-works.html

So now that we know how GSLB services work, we can set up Citrix NetScaler GSLB services in Amazon AWS and Microsoft Azure. First, we’re going to deploy a Citrix NetScaler VPX appliance in Microsoft Azure. You can find a lot of blogs and how-to guides for deploying Citrix NetScaler VPX appliances in Microsoft Azure and Amazon AWS, including deep dives into how it works in the cloud. So, I’ll only go over the general matters you encounter when deploying Citrix NetScaler VPX appliances.

For this blog, we’re going to load balance the two web servers, one on Microsoft Azure and one on Amazon AWS. The first step is to deploy the web servers in the cloud and connect the local web servers to the NetScaler appliances. You configure the websites to connect to the SNIP IP address of the NetScaler appliances. For this purpose I created two different website portals.

Now, we are going to deploy the NetScaler appliance in the Microsoft Azure cloud. Search for the Citrix NetScaler appliances in Microsoft Azure Marketplace. When you search in the marketplace in the Azure portal, you’ll find different Citrix NetScaler VPX versions; select “NetScaler 11.1 VPX Bring your Own License”. To prevent any issues with load balancing or any other Citrix NetScaler services, it’s important that the versions you select on both cloud platforms are virtually the same.

Microsoft Azure Marketplace

After you have selected the version, configure a static Public IP address: this is needed for accessing the console without searching for the new dynamic Public IP address after each reboot.

For accessing the Citrix NetScaler virtual appliance, Microsoft Azure automatically configures the firewall for SSH access on port 22; but if you want access to the GUI console you have to add HTTPS on port 443 to the network security group.

Accessing the Citrix NetScaler virtual appliance

Install the Citrix licence for Citrix NetScaler and configure the standard deployment steps on the NetScaler appliances. If you need help, you can google it for further assistance.

The next step is to configure the GSLB feature, and we start by enabling the GSLB feature, including load balancing, with SSH, typing in “enable ns feature gslb,lb” or using the GUI console.

Configure GSLB feature

First, we configure the security groups to allow the ports that are needed for accessing the website and NetScaler GSLB services. We configure the GSLB site, GSLB Services and GSLB vServers. You can find more background information about configuring GSLB here: https://support.citrix.com/article/CTX128999.

I configured an extra network interface connected to the Citrix NetScaler appliances. In Microsoft Azure, this can’t be done with the GUI console, only with PowerShell. To do this, I used the following script I found on the web:


$VMname = ‘(VM)’
$VMRG =  ‘(ResourceGroup)’

# NIC Name
$NICName = ‘(NICName)’

#NIC Resource Group
$NICResourceGroup = ‘NICResourceGroup)’
#Get the VM
 $VM = Get-AzureRmVM -Name $VMname -ResourceGroupName $VMRG

#Add the second NIC
 $NewNIC =  Get-AzureRmNetworkInterface -Name $NICName -ResourceGroupName $NICResourceGroup
 $VM = Add-AzureRmVMNetworkInterface -VM $VM -Id $NewNIC.Id

# Show the Network interfaces

#we have to set one of the NICs to Primary, i will set the first NIC in this example
$VM.NetworkProfile.NetworkInterfaces.Item(0).Primary = $true

#Update the VM configuration (The VM will be restarted)
Update-AzureRmVM -VM $VM -ResourceGroupName $VMRG 
Next, I connected a public IP address to the network interface.

Now we are going to configure the Citrix NetScaler appliance and web server in Amazon AWS. Search in the AWS Marketplace for the “Citrix NetScaler VPX - Customer Licensed”.

How to configure Citrix NetScaler appliance and web server in Amazon AWS

Deploy the correct version and select the instance type. I opted for M4.large, but you can choose another instance type between m3 and m4 if you prefer.

Select instance type

For AWS, the Network & Security GUI interface is a bit different compared to that of Microsoft Azure. We create a security group to allow port 80 and port 443 for accessing the website. Create a network interface and place this in the same zone as the Citrix NetScaler appliance. Create an Elastic IP address and associate it with the newly created network interface; this creates a public IP address associated with the network interface. Now we can add the configured network interface to the NetScaler. I also created policy-based routing to redirect the website traffic to the newly added network interface.

Configure the GSLB in active/passive mode and each site will work as a backup for the other site. I configured an FQDN and connected to one of the GSLB public IP addresses configured on the Citrix NetScaler appliances. We configure the GSLB services on the NetScaler appliances, and now we can play around with stopping one of the web servers on the two sites. If one of the website services fails, the GSLB services will redirect you to the other site.

The Citrix NetScaler GSLB feature in the cloud is working. You do, however, need to tweak here and there to get it working, but once it’s properly configured it does work. So, we’ve got it working for Azure and AWS, and now we’re just waiting for Google to fully support Citrix NetScaler VPX appliances. This feature will help companies to load balance their business applications over multiple sites in the cloud or on-premise. And the more cloud providers that support this, the better.

Important message regarding this blogpost

During my writing I received the following message from AWS Marketplace:

Thank you for subscribing to "NetScaler VPX - Customer Licensed".

We are writing to inform you that, as of August, 28, 2017, Citrix Systems, Inc. will no longer offer "NetScaler VPX - Customer Licensed, version 12.0-51.24" to new subscribers on AWS Marketplace. If you are subscribed to this version as a current subscriber, your use and subscription is unaffected and you can continue to create new instances, and any running instances will not be affected in any way. However, Citrix Systems, Inc. will only provide applicable support through November 27, 2017. You can continue to use this product version after this date, but it will no longer be supported by Citrix Systems, Inc..

If you have any questions or concerns please feel free to contact Citrix Systems, Inc. directly at http://support.citrix.com.

Thank you,

--The AWS Marketplace Team


Other NetScaler VPX versions are still available on AWS Marketplace and looks like only the BYOL version will not be supported anymore by Citrix.

About Randolph

Craft Expert Randolph Widjaja is part of the Cloud team within Craft, the development programme for IT professionals (powered by Centric). If you would like to follow his blog, sign up for Craft updates.

Want to know more about Craft, the development programme for IT professionals? Check out the website!


Schrijf een reactie
  • Captcha image
  • Verzenden