Citrix ADC VPX on AWS

You can launch a Citrix ADC VPX instance on Amazon Web Services (AWS). The Citrix ADC VPX appliance is available as an Amazon Machine Image (AMI) in AWS marketplace. A Citrix ADC VPX instance on AWS enables you to use AWS Cloud computing capabilities and use Citrix ADC load balancing and traffic management features for their business needs. The VPX instance supports all the traffic management features of a physical Citrix ADC appliance, and it can be deployed as standalone instances or in HA pairs. For more information on VPX features, see the VPX data sheet.

Getting started

Before you get started with your VPX deployment, you must be familiar with the following information:

Deploy a Citrix ADC VPX instance on AWS

In AWS, the following deployment types are supported for VPX instances:

Licensing

A Citrix ADC VPX instance on AWS requires a license. The following licensing options are available for Citrix ADC VPX instances running on AWS:

AWS terminology

Here is a brief description of the terms used in this document. For more information, see AWS Glossary.

Term Definition
Amazon Machine Image (AMI) A machine image, which provides the information required to launch an instance, which is a virtual server in the cloud.
Elastic Block Store Provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud.
Simple Storage Service (S3) Storage for the Internet. It is designed to make web-scale computing easier for developers.
Elastic Compute Cloud (EC2) A web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.
Elastic Load Balancing (ELB) Distributes incoming application traffic across multiple EC2 instances, in multiple Availability Zones. This increases the fault tolerance of your applications.
Elastic network interface (ENI) A virtual network interface that you can attach to an instance in a Virtual Private Cloud (VPC).
Elastic IP (EIP) address A static, public IPv4 address that you have allocated in Amazon EC2 or Amazon VPC and then attached to an instance. Elastic IP addresses are associated with your account, not a specific instance. They are elastic because you can easily allocate, attach, detach, and free them as your needs change.
Instance type Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instance types comprise varying combinations of CPU, memory, storage, and networking capacity and give you the flexibility to choose the appropriate mix of resources for your applications.
Identity and Access Management (IAM) An AWS identity with permission policies that determine what the identity can and cannot do in AWS. You can use an IAM role to enable applications running on an EC2 instance to securely access your AWS resources.IAM role is required for deploying VPX instances in a high-availability setup.
Internet Gateway Connects a network to the Internet. You can route traffic for IP addresses outside your VPC to the Internet gateway.
Key pair A set of security credentials that you use to prove your identity electronically. A key pair consists of a private key and a public key.
Route tables A set of routing rules that controls the traffic leaving any subnet that is associated with the route table. You can associate multiple subnets with a single route table, but a subnet can be associated with only one route table at a time.
Security groups A named set of allowed inbound network connections for an instance.
Subnets A segment of the IP address range of a VPC that EC2 instances can be attached to. You can create subnets to group instances according to security and operational needs.
Virtual Private Cloud (VPC) A web service for provisioning a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define.
Auto Scaling A web service to launch or terminate Amazon EC2 instances automatically based on user-defined policies, schedules, and health checks.
CloudFormation A service for writing or changing templates that create and delete related AWS resources together as a unit.

VPX-AWS support matrix

The following tables list the supported VPX model and AWS regions, instance types, and services.

Table 1: Supported VPX models on AWS

Supported VPX model
Citrix ADC VPX standard/Enterprise/Platinum Edition - 200 Mbps
Citrix ADC VPX standard/Enterprise/Platinum Edition - 1000 Mbps
Citrix ADC VPX standard/Enterprise/Platinum Edition - 3 Gbps
Citrix ADC VPX standard/Enterprise/Platinum Edition - 5 Gbps
Citrix ADC VPX standard/Advanced/Premium - 10 Mbps
Citrix ADC VPX Express - 20 Mbps
Citrix ADC VPX - Customer Licensed

Table: 2 Supported AWS regions

Supported AWS regions
US West (Oregon) Region
US West (N. California) Region
US East (Ohio) Region
US East (N. Virginia) Region
Asia Pacific (Mumbai) Region
Asia Pacific (Seoul) Region
Canada (Central) Region
Asia Pacific (Singapore) Region
Asia Pacific (Sydney) Region
Asia Pacific (Tokyo) Region
Canada (Central) Region
China (Beijing) Region
EU (Frankfurt) Region
EU (Ireland) Region
EU (London) Region
EU (Paris) Region
South America (São Paulo) Region

Table 3: Supported AWS instance types

Supported AWS instance types
m3.large, m3.large, m3.2xlarge
c4.large, c4.large, c4.2xlarge, c4.4xlarge, c4.8xlarge
m4.large, m4.large, m4.2xlarge, m4.4xlarge, m4.10xlarge

Table 4: Supported AWS Services

Supported AWS services
#EC2
#Lambda
#S3
#VPC
#route53
#ELB
#Cloudwatch
#AWS AutoScaling
#Cloud formation
Simple Queue Service (SQS)
Simple Notification Service (SNS)
Identity & Access Management (IAM)

For higher bandwidth, Citrix recommends the following instance types:

Instance type Bandwidth Enhanced networking (SR-IOV)
M4.10x large 3 Gbps and 5 Gbps Yes
C4.8x large 3 Gbps and 5 Gbps Yes

How a Citrix ADC VPX instance on AWS works

The Citrix ADC VPX instance is available as an AMI in AWS marketplace, and it can be launched as an EC2 instance within an AWS VPC. The Citrix ADC VPX AMI instance requires a minimum of 2 virtual CPUs and 2 GB of memory. An EC2 instance launched within an AWS VPC can also provide the multiple interfaces, multiple IP addresses per interface, and public and private IP addresses needed for VPX configuration. Each VPX instance requires at least three IP subnets:

  • A management subnet
  • A client-facing subnet (VIP)
  • A back-end facing subnet (SNIP, MIP, and so on)

Citrix recommends three network interfaces for a standard VPX instance on AWS installation.

AWS currently makes multi-IP functionality available only to instances running within an AWS VPC. A VPX instance in a VPC can be used to load balance servers running in EC2 instances. An Amazon VPC allows you to create and control a virtual networking environment, including your own IP address range, subnets, route tables, and network gateways.

Note: By default, you can create up to 5 VPC instances per AWS region for each AWS account. You can request higher VPC limits by submitting Amazon’s request form http://aws.amazon.com/contact-us/vpc-request.

Figure 1. A Sample Citrix ADC VPX Instance Deployment on AWS Architecture

AWS-architecture

Figure 1 shows a simple topology of an AWS VPC with a Citrix ADC VPX deployment. The AWS VPC has:

  1. A single Internet gateway to route traffic in and out of the VPC.
  2. Network connectivity between the Internet gateway and the Internet.
  3. Three subnets, one each for management, client, and server.
  4. Network connectivity between the Internet gateway and the two subnets (management and client).
  5. A standalone Citrix ADC VPX instance deployed within the VPC. The VPX instance has three ENIs, one attached to each subnet.

Additional References

Blogs

Videos

How to deploy Citrix ADC in AWS

Customer case studies