Configure automatic domain based service group scaling

A domain based service group consists of members whose IP addresses are obtained by resolving the domain names of servers that are bound to the service group. The domain names are resolved by a name server whose details you configure on the appliance. A domain based service group can also include IP-address based members.

The process of name resolution for a domain based server might return more than one IP address. The number of IP addresses in the DNS response is determined by the number of address (A) records configured for the domain name, on the name server. Even if the name resolution process returns multiple IP addresses, only one IP address is bound to the service group. To scale up or scale down a service group, you need to manually bind and unbind additional domain based servers to and from the service group, respectively.

However, you can configure a domain based service group to scale automatically on the basis of the complete set of IP addresses returned by a DNS name server for a domain based server. To configure automatic scaling, when binding a domain based server to a service group, enable the automatic scaling option. Following are the steps for configuring a domain based service group that scales automatically:

  • Add a name server for resolving domain names. For more information about configuring a name server on the appliance, see Adding a Name Server.
  • Add a domain based server. For information about adding a domain based server, see Adding a Server.
  • Add a service group and associate the domain based server to the service group, with the autoscale option set to DNS. For information about adding a service group, see Configuring Service Groups.

When a domain based server is bound to a service group and the automatic scaling option is set on the binding, a UDP monitor and a TCP monitor are automatically created and bound to the domain based server. The two monitors function as resolvers. The TCP monitor is disabled by default, and the appliance uses the UDP monitor to send DNS queries to the name server to resolve the domain name. If the DNS response is truncated (has the TC flag set to 1), the appliance falls back to TCP and uses the TCP monitor to send the DNS queries over TCP. Thereafter, the appliance continues to use only the TCP monitor.

The DNS response from the name server might contain multiple IP addresses for the domain name. With the automatic scaling option set, the appliance polls each of the IP addresses by using the default monitor, and then includes in the service group only those IP addresses that are up and available. After the IP address records expire, as defined by their time-to-live (TTL) values, the UDP monitor (or the TCP monitor, if the appliance has fallen back to using the TCP monitor) queries the name server for domain resolution and includes any new IP addresses in the service group. If an IP address that is part of the service group is not present in the DNS response, the appliance removes that address from the service group after gracefully closing existing connections to the group member, a process during which it does not allow any new connections to be established with the member. If a domain name that resolved successfully in the past results in an NXDOMAIN response, all the service group members associated with that domain are removed.

Static (IP-address based) members and dynamically scaling domain based members can coexist in a service group. You can also bind members with different domain names to a service group with the automatic scaling option set. However, each domain name associated with a service group must be unique within the service group. You must enable the automatic scaling option for each domain based server that you want to use for automatic service group scaling. If an IP address is common to one or more domains, the IP address is added to the service group only once.

Important

  • DNS autoscale is supported in a cluster deployment.
  • Path monitoring for autoscale servicegroups is not supported in cluster deployment.

To configure a service group to scale automatically by using the command line interface

At the command prompt, type the following commands to configure the service group and verify the configuration:

add serviceGroup <serviceGroupName> -autoScale (YES | NO)

show serviceGroup <serviceGroupName>

Example

In the following example, server1 is a domain based server. The DNS response contains multiple IP addresses. Five addresses are available and are added to the service group.

> add serviceGroup servGroup server1 80 -autoScale YES
 Done
> sh servicegroup servGroup
       servGroup - HTTP
        State: ENABLED  Monitor Threshold : 0
              . . .
              . . .
        1)   192.0.2.31:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        2)   192.0.2.32:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        3)   192.0.2.36:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        4)   192.0.2.55:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        5)   192.0.2.80:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.
 Done

To configure a service group to scale automatically by using the configuration utility

  1. Navigate to Traffic Management > Load Balancing > Service Groups.
  2. Create a service group, and set the autoscale mode to DNS.

Overwriting TTL values

Note: This option is supported from Citrix ADC 12.1 build 51.xx and later.

Citrix ADC appliance is configured to periodically query the DNS server for any update in SRV record associated with the application during application startup. By default, the periodicity for this query depends on the TTL published in the SRV record. In microservice or cloud world application, deployments change more dynamically. As a result, proxies have to be quicker in absorbing any changes to application deployment. Therefore, users are recommended to set the domain based service TTL parameter explicitly to a value that is lower than the SRV record TTL and is optimal for your deployment. You can overwrite the TTL value by two methods:

  • While binding a member to the service group
  • Setting the TTL value globally by using the set lb parameter command.

In case the TTL value is configured both while binding service group member and also globally, then the TTL value specified while binding the service group member takes precedence. If the TTL value is not specified either while binding a service group member or at the global level, the DBS monitor interval is derived from the TTL value in the DNS response.

Overwriting the TTL values using the CLI

  • To overwrite the TTL value while binding, at the command prompt, type:

     bind serviceGroup <serviceGroupName> (<serverName> [-dbsTTL <secs>])
    

    Example:

     bind servicegroup svc_grp_1 web_serv -dbsTTL 10
    
  • To overwrite the TTL value globally, at the command prompt, type:

     set lb parameter [-dbsTTL <secs>]
    

    Example:

     set lb parameter -dbsTTL 15
    

Overwriting the TTL values using the GUI

To overwrite the TTL value while binding:

1. Navigate to Traffic Management > Load Balancing > Service Groups.

2. In Service Groups page, select the service group that you have created and click Edit.

3. In Load Balancing Service Groups page, click Service Group Members.

4. In Service Group Members Binding page, select the server that you have created and click Edit.

5. In Domain Based Service TTL, enter the TTL value.

To overwrite the TTL value at the global level:

1. Navigate to Traffic Management > Load Balancing > Change Load Balancing Parameters.

2. In Domain Based Service TTL, enter the TTL value.

Note: If the domain based server TTL value is set to 0, then the TTL value from the data packet is used.

Specifying different name servers for service group and domain name bindings

Note: This option is supported from Citrix ADC 12.1 build 51.xx and later.

You can configure different name servers for different domain names in a specific group. Setting the nameServer parameter is optional while binding a DBS server to the service group. When a nameserver is not specified while binding a member to the service group, the globally configured nameserver is considered.

Specifying name servers while binding a server to service groups using the CLI

At the command prompt, type:

bind serviceGroup <serviceGroupName> (<serverName> [-nameServer <ip_addr>] [-dbsTTL <secs>])

Example:

bind servicegroup svc_grp_1 web_serv  -ns.nameserver.com 10.102.27.155 -dbsTTL 10

Specifying name servers while binding a server to service groups using the GUI

1. Navigate to Traffic Management > Load Balancing > Service Groups.

2. In Service Groups page, select the service group that you have created and click Edit.

3. In Load Balancing Service Groups page, click Service Group Members.

4. In Service Group Members Binding page, select the server that you have created and click Edit.

5. In Name Server, specify the nameserver name to which the query for bound domain needs to be sent.