ADC

Configure automatic domain based service group scaling

A domain based service group consists of members whose IP addresses are obtained by resolving the domain names of servers that are bound to the service group. The domain names are resolved by a name server whose details you configure on the appliance. A domain based service group can also include IP-address based members.

The process of name resolution for a domain based server might return more than one IP address. The number of IP addresses in the DNS response is determined by the number of address (A) records configured for the domain name, on the name server. Even if the name resolution process returns multiple IP addresses, only one IP address is bound to the service group. To scale up or scale down a service group, you need to manually bind and unbind other domain based servers to and from the service group, respectively.

However, you can configure a domain based service group to scale automatically based on the complete set of IP addresses returned by a DNS name server for a domain based server. To configure automatic scaling, when binding a domain based server to a service group, enable the automatic scaling option. Following are the steps for configuring a domain based service group that scales automatically:

  • Add a name server for resolving domain names. For more information about configuring a name server on the appliance, see Adding a Name Server.
  • Add a domain-based server. For information about adding a domain-based server, see Configuring a server object.
  • Add a service group and associate the domain based server to the service group, with the Autoscale option set to DNS. For information about adding a service group, see Configuring Service Groups.

When a domain based server is bound to a service group and the automatic scaling option is set on the binding, a UDP monitor and a TCP monitor are automatically created and bound to the domain based server. The two monitors function as resolvers. The TCP monitor is disabled by default, and the appliance uses the UDP monitor to send DNS queries to the name server to resolve the domain name. If the DNS response is truncated (has the TC flag set to 1), the appliance falls back to TCP and uses the TCP monitor to send the DNS queries over TCP. Thereafter, the appliance continues to use only the TCP monitor.

The DNS response from the name server might contain multiple IP addresses for the domain name. With the automatic scaling option set, the appliance polls each of the IP addresses by using the default monitor, and then includes in the service group only those IP addresses that are up and available. After the IP address records expire, as defined by their time-to-live (TTL) values, the UDP monitor (or the TCP monitor, if the appliance has fallen back to using the TCP monitor) queries the name server for domain resolution and includes any new IP addresses in the service group. If an IP address that is part of the service group is not present in the DNS response, the appliance removes that address from the service group after gracefully closing existing connections to the group member, a process during which it does not allow any new connections to be established with the member. If a domain name that resolved successfully in the past results in an NXDOMAIN response, all the service group members associated with that domain are removed.

Static (IP-address based) members and dynamically scaling domain based members can coexist in a service group. You can also bind members with different domain names to a service group with the automatic scaling option set. However, each domain name associated with a service group must be unique within the service group. You must enable the automatic scaling option for each domain based server that you want to use for automatic service group scaling. If an IP address is common to one or more domains, the IP address is added to the service group only once.

Important

  • DNS Autoscale is supported in a cluster deployment.
  • Path monitoring for Autoscale service groups is not supported in cluster deployment.

To configure a service group to scale automatically by using the command line interface

At the command prompt, type the following commands to configure the service group and verify the configuration:

add servicegroup <serviceGroupName> <serviceType> -autoscale DNS
<!--NeedCopy-->

Example

In the following example, server1 is a domain based server. The DNS response contains multiple IP addresses. Five addresses are available and are added to the service group.

> add serviceGroup servGroup -autoScale YES
 Done
> sh servicegroup servGroup
       servGroup - HTTP
        State: ENABLED  Monitor Threshold : 0
              . . .
              . . .
        1)   192.0.2.31:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        2)   192.0.2.32:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        3)   192.0.2.36:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        4)   192.0.2.55:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.

        5)   192.0.2.80:80   State: UP       Server Name: server1 (Auto scale)    Server ID: None Weight: 1

                Monitor Name: tcp-default       State: UP
                Probes: 2       Failed [Total: 0 Current: 0]
                Last response: Success - TCP syn+ack received.
 Done
<!--NeedCopy-->

To configure a service group to scale automatically by using the configuration utility

  1. Navigate to Traffic Management > Load Balancing > Service Groups.
  2. Create a service group, and set the Autoscale mode to DNS.

Overwriting TTL values

Note:

This option is supported from NetScaler 12.1 build 51.xx and later.

NetScaler appliance is configured to periodically query the DNS server for any update in the SRV record associated with the application during application startup. By default, the periodicity for this query depends on the TTL published in the SRV record. In microservice or cloud world application, deployments change more dynamically. As a result, proxies have to be quicker in absorbing any changes to application deployment. Therefore, users are recommended to set the domain based service TTL parameter explicitly to a value that is lower than the SRV record TTL and is optimal for your deployment. You can overwrite the TTL value by two methods:

  • While binding a member to the service group
  • Setting the TTL value globally by using the set lb parameter command.

In case the TTL value is configured both while binding the service group member and also globally, then the TTL value specified while binding the service group member takes precedence. If the TTL value is not specified either while binding a service group member or at the global level, the DBS monitor interval is derived from the TTL value in the DNS response.

Overwriting the TTL values using the CLI

  • To overwrite the TTL value while binding, at the command prompt, type:

     bind serviceGroup <serviceGroupName> (<serverName> [-dbsTTL <secs>])
     <!--NeedCopy-->
    

    Example:

     bind servicegroup svc_grp_1 web_serv -dbsTTL 10
     <!--NeedCopy-->
    
  • To overwrite the TTL value globally, at the command prompt, type:

     set lb parameter [-dbsTTL <secs>]
     <!--NeedCopy-->
    

    Example:

     set lb parameter -dbsTTL 15
     <!--NeedCopy-->
    

Overwriting the TTL values using the GUI

To overwrite the TTL value while binding:

  1. Navigate to Traffic Management > Load Balancing > Service Groups.

  2. In Service Groups page, select the service group that you have created and click Edit.

  3. In Load Balancing Service Groups page, click Service Group Members.

  4. In Service Group Members Binding page, select the server that you have created and click Edit.

  5. In Domain Based Service TTL, enter the TTL value.

To overwrite the TTL value at the global level:

  1. Navigate to Traffic Management > Load Balancing > Change Load Balancing Parameters.

  2. In Domain Based Service TTL, enter the TTL value.

Note:

If the domain based server TTL value is set to 0, then the TTL value from the data packet is used.

Specifying different name servers for service group and domain name bindings

Note:

This option is supported from NetScaler 12.1 build 51.xx and later.

You can configure different name servers for different domain names in a specific group. Setting the nameServer parameter is optional while binding a DBS server to the service group. When a nameserver is not specified while binding a member to the service group, the globally configured nameserver is considered.

Specifying name servers while binding a server to service groups using the CLI

At the command prompt, type:

bind serviceGroup <serviceGroupName> (<serverName> [-nameServer <ip_addr>] [-dbsTTL <secs>])
<!--NeedCopy-->

Example:

bind servicegroup svc_grp_1 web_serv  -ns.nameserver.com 10.102.27.155 -dbsTTL 10
<!--NeedCopy-->

Specifying name servers while binding a server to service groups using the GUI

  1. Navigate to Traffic Management > Load Balancing > Service Groups.

  2. In Service Groups page, select the service group that you have created and click Edit.

  3. In Load Balancing Service Groups page, click Service Group Members.

  4. In Service Group Members Binding page, select the server that you have created and click Edit.

  5. In Name Server, specify the nameserver name to which the query for the bound domain must be sent.

Auto delayed TROFS

You can configure graceful movement of members in a service group to the TROFS state when IP addresses are removed from the DNS response. When the auto delayed TROFS option is enabled, NetScaler waits for the highest response timeout across all monitors attached to the service group before moving the members to TROFS state.

This option is useful when a new set of IP addresses replaces the existing ones completely and the connectivity must be verified before adding the new IP addresses.

Note:

The -autoDelayedTrofs option is supported from NetScaler 13.1 build 37.xx and later.

Configure auto delayed TROFS using the CLI

At the command prompt, type the following command:

add serviceGroup <serviceGroupName>@ <serviceType> [-autoScale <autoScale>] [-autoDelayedTrofs ( YES | NO)]
<!--NeedCopy-->

Example

> add serviceGroup sg1 HTTP -autoScale DNS -autoDelayedTrofs YES
<!--NeedCopy-->

Configure auto delayed TROFS using the GUI

  1. Navigate to Traffic Management > Load Balancing > Service Groups.
  2. In AutoScale Mode, select DNS.
  3. In Auto Delayed Trofs, select YES.

Note:

The Auto Delayed Trofs option is enabled only if you select DNS in AutoScale Mode.

Configure auto delayed TROFS using GUI

Configure automatic domain based service group scaling