Citrix ADC 13.0

Add back-end AWS Autoscaling service

Efficient hosting of applications in a cloud involves easy and cost-effective management of resources depending on the application demand. To meet increasing demand, you have to scale network resources upward. Whether demand subsides, you need to scale down to avoid the unnecessary cost of idle resources. To minimize the cost of running the application by deploying only as many instances as are necessary during any given time, you constantly have to monitor traffic, memory and CPU use, and so on. However, monitoring traffic manually is cumbersome. For the application environment to scale up or down dynamically, you must automate the processes of monitoring traffic and of scaling resources up and down whenever necessary.

Integrated with AWS Auto Scaling service, the Citrix ADC VPX instance provides the following advantages:

  • Load balance and management: Auto configures servers to scale up and scale down, depending on demand. The VPX instance auto detects Autoscale groups in the back-end subnet and allows a user to select the Autoscale groups to balance the load. All of this is done by auto configuring the virtual and subnet IP addresses on the VPX instance.
  • High availability: Detects Autoscale groups that span multiple availability zones and load-balance servers.
  • Better network availability: The VPX instance supports:
    • Back-end servers on different VPCs, by using VPC peering
    • Back-end servers on same placement groups
    • Back-end servers on different availability zones
  • Graceful connection termination: Removes Autoscale servers gracefully, avoiding loss of client connections when scale-down activity occurs, by using the Graceful Timeout feature.

Diagram: AWS Autoscaling service with a Citrix ADC VPX Instance

Autoscale topology

This diagram illustrates how the AWS Autoscaling service is compatible with a Citrix ADC VPX instance (Load balancing virtual server). For more information, see the following AWS topics.

Before you begin

Before you start using Autoscaling with your Citrix ADC VPX instance, you must complete the following tasks.

  1. Read the following topics:

  2. Create a Citrix ADC VPX instance on AWS according to your requirement.

    Note

    Citrix recommends the CloudFormation template for creating Citrix ADC VPX instances on AWS.

    Citrix recommends you create three interfaces: one for management (NSIP), one for client-facing LB virtual server (VIP), and one for subnet IP (NSIP).

  3. Create an AWS Autoscale group. If you don’t have an existing Autoscaling configuration, you must:

    a) Create a Launch Configuration

    b) Create an Autoscaling Group

    c) Verify the Autoscaling Group

    For more information, see http://docs.aws.amazon.com/autoscaling/latest/userguide/GettingStartedTutorial.html.

  4. In the AWS Autoscale group, you must specify at least one scale-down policy. The Citrix ADC VPX instance supports only the Step scaling policy. The Simple scaling policy and Target tracking scaling policy are not supported for Autoscale group.

Add the AWS Autoscaling service to a Citrix ADC VPX instance

You can add the Autoscaling service to a VPX instance with a single click by using the GUI. Complete these steps to add the Autoscaling service to the VPX instance:

  1. Log on to the VPX instance by using your credentials for nsroot.

  2. When you log on to the Citrix ADC VPX instance for the first time, you see the default Cloud Profile page. Select the AWS Autoscaling group from the drop-down menu and click Create to create a cloud profile. Click Skip if you want to create the cloud profile later.

    Points to keep in mind while creating a Cloud Profile: By default the CloudFormation Template creates and attaches the below IAM Role.

    {
    
        "Version": "2012-10-17",
    
        "Statement": \[
    
         {
    
                "Action": \[
    
                    "ec2:DescribeInstances",
    
                    "ec2:DescribeNetworkInterfaces",
    
                    "ec2:DetachNetworkInterface",
    
                    "ec2:AttachNetworkInterface",
    
                    "ec2:StartInstances",
    
                    "ec2:StopInstances",
    
                    "ec2:RebootInstances",
    
                    "autoscaling:\*",
    
                    "sns:\*",
    
                    "sqs:\*"
    
                “iam: SimulatePrincipalPolicy”
    
                “iam: GetRole”
    
                \],
    
                "Resource": "\*",
    
                "Effect": "Allow"
    
            }
    
        \]
    
    }
    

    Ensure the IAM Role of instance has proper permissions.

    • The virtual server IP address is autopopulated from the free IP address available to the VPX instance. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html#ManageMultipleIP
    • Autoscale group is prepopulated from the Autoscale group configured on your AWS account. http://docs.aws.amazon.com/autoscaling/latest/userguide/AutoScalingGroup.html.
    • While selecting the Autoscaling Group protocol and port, ensure your servers listen on those protocol and ports, and you bind the correct monitor in the service group. By default, the TCP monitor is used.
    • For SSL Protocol type Autoscaling, after you create the Cloud Profile the load balance virtual server or service group is down because of a missing certificate. You can bind the certificate to the virtual server or service group manually.
    • Select the Graceful Timeout option to remove Autoscale servers gracefully. If this option is not selected the server is the Autoscale group is removed immediately after the load goes down, which might cause service interruption for the existing connected clients. Selecting Graceful and giving a timeout means in the event of scale down. The VPX instance does not remove the server immediately but marks one of the servers for graceful deletion. During this period, the instance does not allow new connections to this server. Existing connection are served until the timeout occurs, and after timeout the VPX instance removes the server.

    Figure: Default Cloud Profile page

    Default Cloud Profile page

  3. After the first time logon if you want to create Cloud Profile, on the GUI go to System > AWS > Cloud Profile and click Add.

    Add Cloud Profile

    The Create Cloud Profile configuration page appears.

    Create Cloud Profile

    Cloud Profile creates a Citrix ADC load-balancing virtual server and a service group with members as the servers of the Autoscaling group. Your back-end servers must be reachable through the SNIP configured on the VPX instance.

After Creating Cloud Profile

Note

To view Autoscale-related information in the AWS console, go to EC2 > Dashboard > Auto Scaling > Auto Scaling Group.

Add back-end AWS Autoscaling service