Product Documentation
ADC
14.1 - Current Release 13.1 13.0 12.1
View PDF

Configure a GSLB service group

May 2, 2023
Contributed by: 
S C

Service group enables you to manage a group of services as easily as a single service. If you enable or disable any option for a service group, the option gets enabled or disabled for all the members of the service group. For example, you can apply this feature to options such as Compression, Health monitoring, and Graceful shutdown.

After creating a service group, you can do any of the following:

  • Bind the service group to a virtual server.
  • Add services to the service group.
  • Bind monitors to the service groups.

Important

If the load balancing virtual server is either in a GSLB node itself or is in a child node (in parent-child deployment) and no monitors are bound to the GSLB service, then make sure the following:

The GLSB service group IP address, port number, and protocol match the virtual server that the service is representing. Else, the service state is marked as DOWN.

The NetScaler supports the following types of GSLB service groups.

  • IP address based service groups
  • Domain name based service groups
  • Domain name based autoscale service groups

GSLB domain name based autoscale service groups

The NetScaler hybrid and multi-cloud global server load balancing (GSLB) solution enables customers to distribute application traffic across multiple data centers in hybrid clouds, multiple clouds, and on-premises. The NetScaler GSLB solution supports various load balancing solutions, such as the NetScaler load balancer, Elastic Load Balancing (ELB) for AWS, and other third-party load balancers. Also, the GSLB solution performs global load balancing even if the GSLB and load balancing layers are independently managed.

In cloud deployments, users are given a domain name as a reference when accessing the load balancing solution for management purposes. It is recommended that external entities do not use the IP addresses that these domain names resolve to. Also, the load balancing layers scale up or down based on the load, and the IP addresses are not guaranteed to be static. Therefore, it is recommended to use the domain name to refer to the load balancing endpoints instead of IP addresses. This requires the GSLB services to be referred using the domain name instead of IP addresses and it must consume all the IP addresses returned for the load balancing layer domain name and have a representation for the same in GSLB.

To use domain names instead of IP addresses when referring to the load balancing endpoints, you can use the domain name based service groups for GSLB.

Monitor GSLB domain name based service groups

The NetScaler appliance has two built-in monitors that monitor TCP-based applications; tcp-default and ping-default. The tcp-default monitor is bound to all TCP services and the ping-default monitor is bound to all non-TCP services. The built-in monitors are bound by default to the GSLB service groups. However, it is recommended to bind an application specific monitor to the GSLB service groups.

Recommendation for setting the trigger monitors option to MEPDOWN

The Trigger Monitors option can be used to indicate if the GSLB site must use the monitors always, or use monitors when metrics exchange protocol (MEP) is DOWN.

The Trigger Monitors option is set to ALWAYS by default.

When the Trigger Monitors option is set to ALWAYS, each GSLB node triggers the monitors independently. If each GSLB node triggers the monitors independently, then each GSLB node might operate on different set of GSLB services. This might result in discrepancies in the DNS responses for the DNS requests landing on these GSLB nodes. Also, if each GSLB node is monitoring independently, then the number of monitor probes reaching the load balancer entity increases. The persistence entries also become incompatible across the GSLB nodes.

Therefore, it is recommended that the Trigger Monitors option on the GSLB site entity is set to MEPDOWN. When the Trigger Monitors option is set to MEPDOWN, the load balancing domain resolution and monitoring ownership lies with the local GSLB node. When the Trigger Monitors option is set to MEPDOWN, the load balancing domain resolution and subsequent monitoring is done by the local GSLB node of a GSLB service group. The results are then propagated to all other nodes participating in GSLB by using the metrics exchange protocol (MEP).

Also, whenever the set of IP addresses associated with a load balancing domain are updated, it is notified through MEP.

Limitations of GSLB service groups

  • For a load balancing domain, the IP address that is returned in the DNS response is generally the public IP address. The private IP address cannot be applied dynamically when the load balancing domain is resolved. Therefore, public IP port and private IP port for the GSLB domain name based autoscale service groups IP port bindings are the same. These parameters cannot be set explicitly for the domain name based autoscale service groups.
  • Site persistence, DNS views, and clustering are not supported for GSLB service groups.

Configure and manage GSLB service groups by using the CLI

To add a GSLB service group:

add gslb serviceGroup <serviceGroupName>@ <serviceType> [-autoScale ( DISABLED | DNS )] -siteName <string>
<!--NeedCopy-->

Example:

add gslb serviceGroup Service-Group-1 http -autoScale DNS -siteName Site1
<!--NeedCopy-->

To bind a GSLB service group to a virtual server:

bind gslb serviceGroup <serviceGroupName> ((<IP>@ <port>) | <serverName>@ | (-monitorName <string>@))
<!--NeedCopy-->

Example:

bind gslb serviceGroup Service-Group-1 203.0.113.2
bind gslb serviceGroup Service-Group-1 S1 80
bind gslb serviceGroup** Service-Group-1 -monitorName Mon1
<!--NeedCopy-->

To unbind a GSLB service group to a virtual server:

unbind gslb serviceGroup <serviceGroupName> ((<IP>@ <port>) | <serverName>@ | -monitorName <string>@)
<!--NeedCopy-->

Example:

unbind gslb serviceGroup Service-Group-1 -monitorName Mon1
<!--NeedCopy-->

To set parameters for a GSLB service group:

set gslb serviceGroup <serviceGroupName>@ [(<serverName>@ <port> [-weight <positive_integer>] [-hashId <positive_integer>] [-publicIP <ip_addr|ipv6_addr|*>] [-publicPort <port>]) | -maxClient <positive_integer> | -cip ( ENABLED | DISABLED ) | <cipHeader> | -cltTimeout <secs> | -svrTimeout <secs> | -maxBandwidth <positive_integer> | -monThreshold <positive_integer> | -downStateFlush ( ENABLED | DISABLED )] [-monitorName <string> -weight <positive_integer>] [-healthMonitor ( YES | NO )] [-comment <string>] [-appflowLog ( ENABLED | DISABLED )]
<!--NeedCopy-->

To unset parameters from a GSLB service group:

unset gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port> [-weight] [-hashId] [-publicIP] [-publicPort]] [-maxClient] [-cip] [-cltTimeout] [-svrTimeout] [-maxBandwidth] [-monThreshold] [-appflowLog] [-monitorName] [-weight] [-healthMonitor] [-cipHeader] [-downStateFlush] [-comment]
<!--NeedCopy-->

To enable a GSLB service group

enable gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port>]
<!--NeedCopy-->

Example:

enable gslb serviceGroup SG1 S1 80
<!--NeedCopy-->

To disable a GSLB service group

disable gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port>] [-delay <secs>] [-graceFul ( YES /| NO )]
<!--NeedCopy-->

Example:

disable gslb serviceGroup SRG2 S1 80
<!--NeedCopy-->

Note

The service group that has to be disabled must be a DBS service group and not an autoscale service group.

To remove a GSLB service group:

rm gslb serviceGroup <serviceGroupName>
<!--NeedCopy-->

Example:

rm gslb serviceGroup Service-Group-1
<!--NeedCopy-->

To view the statistics of a GSLB service group:

stat gslb serviceGroup [<serviceGroupName>]
<!--NeedCopy-->

Example:

stat gslb serviceGroup Service-Group-1
<!--NeedCopy-->

To view the properties of a GSLB service group:

show gslb serviceGroup [<serviceGroupName>  -includeMembers]
<!--NeedCopy-->

Example:

show gslb serviceGroup SG1
show gslb serviceGroup -includeMembers
<!--NeedCopy-->

Enable or disable GSLB service group members

You can selectively enable or disable an individual member of a GSLB (DNS-based) service group instead of enabling or disabling the entire service group. This feature is available in both autoscale service groups and non-autoscale service groups. Therefore, managing a GSLB service group is made easier.

For example, you have a requirement to avoid traffic to a particular server on a GSLB site. Let’s say, 10 GSLB services or servers (S1 to S10) are bound to a service group (SG1). You want to disable only service 5 (S5), that is avoid traffic to server 5. Without this feature, you have to separately bind services S1 to S4 and services S6 to S10. This process becomes tedious in a large GSLB service group where you have to disable or enable large number of services. With this feature, you can directly disable service 5 (S5) without impacting other services in the service group.

To enable a GSLB service group member by using CLI:

enable gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port>]
<!--NeedCopy-->

Note:

To enable a GSLB service group, provide only the service group name. To enable a member of a service group, in addition to the GSLB service group name, provide the name of the server that hosts the service, and the port number of the service.

Example:

enable gslb serviceGroup http_svc_group 10.102.27.153 80
<!--NeedCopy-->

To disable a GSLB service group or a member of the GSLB service group by using CLI:

disable gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port>]
<!--NeedCopy-->

Example:

disable gslb serviceGroup http_svc_group 10.102.27.153 80
<!--NeedCopy-->

Note:

To disable a GSLB service group, provide only the service group name. To disable a member of a service group, in addition to the GSLB service group name, provide the name of the server that hosts the service, and the port number of the service.

Changes to the existing GSLB CLI commands

The following are the changes that are done to the existing GSLB commands after the introduction of the GSLB service groups:

  • bind gslb vserver - The service group name is added to the bind command.

    Example:

     bind gslb vserver <name> ((-serviceName <string> [-weight <positive_integer>] ) | <serviceGroupName>@ | | (-domainName <string> [-TTL <secs>] [-backupIP<ip_addr|ipv6_addr|*>] [-cookieDomain <string>] [-cookieTimeout <mins>][-sitedomainTTL <secs>]) | (-policyName <string>@ [-priority<positive_integer>] [-gotoPriorityExpression <expression>] [-type REQUEST | RESPONSE )]))
 <!--NeedCopy-->

  • unbind gslb vserver - The service group is added to the unbind command.

    Example:

     unbind gslb vserver <name> (-serviceName <string> <serviceGroupName> @ /(-domainName <string> [-backupIP] [-cookieDomain]) | -policyName <string>@)
 <!--NeedCopy-->

  • show gslb site - When this command is run, the GSLB service groups are also displayed.

  • show gslb vs - When this command is run, the GSLB service groups are displayed.

  • stat gslb vs - When this command is run, the GSLB service groups statistics are also displayed.

  • show lb monitor bindings - When this command is run, the GSLB service group bindings are also displayed.

Configure GSLB service groups by using the GUI

  1. Navigate to Traffic Management > GSLB > Service Groups.
  2. Create a service group and set the AutoScale mode to DNS.

Configure site persistence for the GSLB service groups

You can configure site persistence for the IP address based and domain name based service groups. Site persistence is not supported for domain name based autoscale service groups.

To set site persistence based on HTTP cookies by using the CLI

  • For connection proxy persistence, you do not have to set the site prefix.

    At the command prompt, type:

     set gslb service group <serviceGroupName> [-sitePersistence <sitePersistence>]
 <!--NeedCopy-->

  • For HTTP redirect persistence, you must first set the site prefix for a member of the service group and then set the HTTPRedirect persistence parameter for the service group.

    At the command prompt, type:

     set gslb servicegroup <serviceGroupName>  <serviceGroup member name|Ip> <port>  [-sitePrefix <string>]

 set gslb servicegroup <serviceGroupName> [-sitePersistence <sitePersistence>]
 <!--NeedCopy-->

Examples:

  • Connection proxy persistence

     set gslbservicegroup sg1 -sitePersistence connectionProxy
 <!--NeedCopy-->

  • HTTP Redirect persistence

     set gslb servicegroup sg2 test1 80 -sitePrefix vserver-GSLB-1

 set gslb servicegroup sg2 -sitePersistence HTTPRedirect
 <!--NeedCopy-->

To set site persistence based on cookies by using the GUI

  1. Navigate to Traffic Management > GSLB > Services Groups and select the service group that you want to configure for site persistence (for example, servicegroup-GSLB-1).
  2. Click the Site Persistence section and set the persistence that meets your requirement.

Tip

For deployment scenario and example configuration of GSLB service groups, see the following topics:

Configure a GSLB service group
May 2, 2023
Contributed by: 
S C
May 2, 2023
Contributed by: 
S C

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.