Friday, July 12, 2013

Configuring Citrix NetScaler Load Balancing on AWS

Citrix NetScaler is a popular Load balancer in the Enterprise world. Hardware and virtualized NetScaler has been serving many popular enterprise online assets for years. NetScaler supports many load balancing algorithms like (Round robin, Least connection, source IP Hash etc..) + comes with many more features. Citrix Netscaler with its powerful load balancing capabilities serves many websites under it inside an enterprise setup. Citrix NetScaler is usually preferred in AWS by :

  • Enterprises which already have some partnership with Citrix and have some form of NetScaler licenses / agreements with Citrix
  • Enterprises which want proper support for their load balancing tier which other OSS LB providers were not able to meet
  • Enterprises which already have trained IT staff in Citrix products including NetScaler and do not want change
  • Enterprises which wants Load balance tier to provide them with Security, Performance in addition to wide variety of LB options.
In this article i am going to share the experience on configuring Citrix NetScaler in AWS cloud. Citrix NetScaler will be used inside public subnet of Amazon Virtual Private Cloud (VPC) and will load balance requests between 2 web/App EC2 instances running in private subnet of the Amazon VPC. The Web/App amazon EC2 are deployed in multiple subnets in Multi-AZ architecture inside the Amazon VPC. 

Following is the step by step configuration details for the same:
Step 1: Login to AWS market place using the console using IAM user account and Click Amazon EC2 tab and Click the Launch Instance option.

Step 2: Find the Citrix NetScaler Instance and choose the right instance based on your application load and features needed. For example:  if your application load will not exceed 10 Mbps and you need round robin load balancing, you can choose NetScaler Standard Edition 10 Mbps as your instance type. If your application has heavy load and you are planning to leverage other features of Netscaler like performance, security etc, you can choose NetScaler VPX Platinum Edition - 1000 Mbps option as well. To know more about Citrix NetScaler on Amazon refer link

Step 3: Click “Launch with EC2 Console” option and launch the Citrix NetScaler in suitable+available Amazon EC2 region of your choice.

Step 4: Select Amazon VPC IP range example: in our case, choose the public subnet for Citrix NetScaler EC2 instance and launch the EC2 Instance as shown in the below screen shots.

Step 5: Once the Instance status is “2/2 check passed”, attach one Amazon Elastic IP to Citrix NetScaler default ENI- Elastic Network Interface.
Step 6: Use the Amazon Elastic IP in your browser.Use the default user name and password “nsroot” and login into Citrix NetScaler console.
Step 7:Click configuration tab -> expand the Network and add the IP address  (The virtual IP address you have to configure for the load balancing)

Step 8: Expand the system option on the left panel and click the settings and click the “configure basic features” settings on the right panel. Citrix NetScaler offers many features like :

  • Integrated Caching, HTTP compression SSL offloading for performance
  • Content Filtering, Access Gateway, App Firewall, Authentication etc for Security

In this post we are going to explore only Load balancing feature, so select the “Load Balancing” and click OK.

Step 9: Select and expand the load balancing feature on the left panel and click the services.

Step 10: Click the “Add” button and give the web/app EC2 instance details to be load balanced. We have two Web/App EC2 with and in two subnets in Multi-AZ architecture. Both these web/app ec2 are attached to the NetScaler for Load Balancing. Illustrated in below screenshots.
Click “Create” , then check the service status is “UP”

Step 11: Click the “Virtual Servers” on the left panel.Type the Virtual Server name and the IP address, protocol and port number. Then select the service for the Web/App EC2 Servers.

Step 12: Select the “method assistance” tab and select the load balancing algorithms.   
The load balancing algorithm defines the criteria that the NetScaler appliance uses to select the service to which to redirect each client request. Different load balancing algorithms use different criteria. For example, the least connection algorithm selects the service with the fewest active connections, while the round robin algorithm maintains a running queue of active services, distributes each connection to the next service in the queue, and then sends that service to the end of the queue. Some load balancing algorithms are best suited to handling traffic on websites, others to managing traffic to DNS servers, and others to handling complex web applications used in e-commerce or on company LANs or WANs. The following table lists each load balancing algorithm that the NetScaler appliance supports, with a brief description of how each operates.

LEASTCONNECTION: Which service currently has the fewest client connections. This is the default load balancing algorithm.
ROUNDROBIN:Which service is at the top of a list of services. After that service is Selected for a connection, it moves to the bottom of the list.
LEASTRESPONSETIME: Which load balanced server currently has the quickest response time.
URLHASH:A hash of the destination URL.
DOMAINHASH:A hash of the destination domain.
DESTINATIONIPHASH:A hash of the destination IP address.
SOURCEIPHASH:A hash of the source IP address.
SRCIPDESTIPHASH:A hash of the client's IP address and port.
LEASTBANDWIDTH:Which service currently has the fewest bandwidth constraints.
LEASTPACKETS:Which service currently is receiving the fewest packets.
CUSTOMLOAD:Data from a load monitor.
TOKEN:The configured token.
LRTM:Fewest active connections and the lowest average response time.

The default is “least connection”.For simplicity purpose choose for “Round Robin” as your Load Balancing method for this post.

Then click create and check the status of the Virtual servers is “UP”. Note the method now is displayed as Round Robin.

Step 13: Now that the simple Load balancing configuration is completed in Amazon VPC, let us do a simple testing of our config till this stage. Go to the web browser in the Jump box provisioned in the VPC. Use the Virtual Server IP address of the Load balancer and check whether the web application is accessible

Step 14: In case you want to check the client request details, Login to NetScaler in CLI mode. Use the following command ”stat lb vserver NS-LB01”
Before user access the web application, load balancing service status is as follows:

After user accessed the web application, load balancing status is as follows:

Step 15: How to access the web application in public Internet ? Select the NetScaler Instance in EC2 console and select the “Managed Private IP Address” option.

Step 16: Click the “Assign a secondary private address” option and enter the IP Address and click the “Yes Update” option.

Step 17: Then go to Elastic IP window, select the Elastic IP Address (EIP) and right click the EIP and select the “Associate IP Address” 

Step 18:Select the NetScaler Instance on the “Instance” option, Select the IP Address from “Private IP Address” option and Click “Yes Associate”. The EIP will attach with the Secondary IP Address of NetScaler Instance.

Now Use the Elastic IP (Example: in your browser and access your application from Public Internet.

No comments:

Need Consulting help ?


Email *

Message *

All posts, comments, views expressed in this blog are my own and does not represent the positions or views of my past, present or future employers. The intention of this blog is to share my experience and views. Content is subject to change without any notice. While I would do my best to quote the original author or copyright owners wherever I reference them, if you find any of the content / images violating copyright, please let me know and I will act upon it immediately. Lastly, I encourage you to share the content of this blog in general with other online communities for non-commercial and educational purposes.