Autoscale configuration

Citrix Application Delivery and Management manages all the Citrix ADC VPX clusters in AWS. Citrix Application Delivery and Management accesses the AWS resources using the Cloud Access Profile.

Prerequisites

This section describes the prerequisites that you must complete in AWS and Citrix Application Delivery and Management before you configure autoscaling Citrix ADC VPX instances.

This document assumes the following:

  1. You already possess an AWS account.
  2. You have created an Identity and Access Management (IAM) user with all administrative permissions.

Set up AWS components

Perform the following tasks in AWS before autoscaling Citrix ADC VPX instances in Citrix Application Delivery and Management:

  1. Create subnets.
  2. Create security groups.
  3. Subscribe to Citrix ADC VPX license in AWS.
  4. Create IAM roles.
  5. Register the DNS domain.

Tip

You can use AWS CloudFormation Templates to automate the AWS prerequisites step for the Citrix ADC autoscaling.

For more information on how to create VPC, subnet, and security groups, refer the AWS documentation.

Create subnets

Create three subnets in your VPC - one each for the management, client, and server connections. Specify an IPv4 CIDR block from the range that is defined in your VPC for each of the subnets. Specify the availability zone in which you want the subnet to reside. Create all the three subnets in each of the availability zones where servers are present.

  • Management. Existing subnet in your Virtual Private Cloud (VPC) dedicated for management. Citrix ADC must contact AWS services and requires internet access. Configure a NAT gateway and add a route table entry to allow internet access from this subnet.

    Note

    Ensure to open 27000 and 7279 ports in Citrix Application Delivery and Management. These ports are used to check out Citrix ADC licenses from Citrix Application Delivery and Management. For more information, see Ports.

  • Client. Existing subnet in your Virtual Private Cloud (VPC) dedicated for the client side traffic. Typically, Citrix ADC receives client traffic for the application via a public subnet from the internet. Associate the client subnet with a route table which has a route to an Internet gateway. This Subnet allows Citrix ADC to receive application traffic from the internet.

  • Server. Existing subnet in your Virtual Private Cloud (VPC) dedicated for server side traffic. ADC sends traffic to the back-end application servers through this subnet. All your application servers that receive application traffic must be present in this subnet. If the servers are outside this subnet, the application traffic is received through the subnet’s gateway.

Create security groups

Create a security group to control inbound and outbound traffic in the Citrix ADC VPX instance. Create rules for both incoming and outgoing traffic that you want to control in the Citrix Autoscale groups. You can add as many rules as you want.

  • Management. Existing security group in your account dedicated for management of Citrix ADC VPX. Inbound rules are allowed on the following TCP and UDP ports.
    • TCP: 80, 22, 443, 3008–3011, 4001, 27000, 7279
    • UDP: 67, 123, 161, 500, 3003, 4500, 7000

    Ensure that the security group allows the Citrix Application Delivery and Management agent to be able to access the VPX.

  • Client. Existing security group in your account dedicated for client side communication of Citrix ADC VPX instances. Typically, inbound rules are allowed on the TCP ports 80 and 443. And, the 60000 port is required to monitor the health of ADC instances.

  • Server. Existing security group in your account dedicated for server-side communication of Citrix ADC VPX. Typically, it blocks all inbound rules and allows outbound rules to reach the entire VPC.

Subscribe to Citrix ADC VPX license in AWS

  1. Go to the AWS marketplace.
  2. Log on with your credentials.
  3. Search for Citrix ADC VPX Customer Licensed, Premium, or Advanced edition.

    CitrixADClicenses1

  4. Subscribe to Citrix ADC VPX Customer Licensed, Premium Edition, or Citrix ADC VPX Advanced Edition licenses.

Note

If you want the ADC instances in the Autoscale group to check out the licenses from the Citrix Application Delivery and Management, ensure the following:

  • The required ADC licenses are available in the Citrix Application Delivery and Management.
  • The Citrix ADC VPX Customer Licensed product is subscribed.

Create IAM roles

Create IAM entities that grant permission to Citrix Application Delivery and Management and ADC instances to perform operations on your AWS account. The Citrix Application Delivery and Management creates or deletes the following from your AWS account:

  • Citrix ADC EC2 instances
  • Cloud LoadBalancers
  • Route53

Note

Ensure that the role names start with “Citrix-ADM-“ and the instance profile name starts with “Citrix-ADC-.”

Create IAM entities for Citrix Application Delivery and Management:

Create an IAM role so that you can establish a trust relationship between your AWS account and the Citrix’s AWS account with a IAM policy that provides permissions for Citrix Application Delivery and Management to perform operations on your AWS account.

  1. In AWS, click Services. In the left side navigation pane, select IAM > Roles, and click Create role.

  2. You are connecting your AWS account with the AWS account in Citrix Application Delivery and Management. So, select Another AWS account to allow Citrix Application Delivery and Management to perform actions in your AWS account.

  3. Type in the 12-digit Citrix Application Delivery and Management AWS account ID. The Citrix ID is 835822366011. You can leave the external ID blank now. Later you must edit the IAM role. Specify the external ID provided by Citrix Application Delivery and Management during the cloud access profile creation in Citrix Application Delivery and Management.

    Cloud-access-profile1

  4. Click Permissions.
  5. In Attach permissions policies page, click Create policy.
  6. You can create and edit a policy in the visual editor or by using JSON.

    The list of permissions from Citrix for Citrix Application Delivery and Management is provided in the following box:

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "tag:GetResources",
                "tag:TagResources",
                "tag:UntagResources",
                "tag:getTagKeys",
                "tag:getTagValues",
                "ec2:DescribeInstances",
                "ec2:UnmonitorInstances",
                "ec2:MonitorInstances",
                "ec2:CreateKeyPair",
                "ec2:ResetInstanceAttribute",
                "ec2:ReportInstanceStatus",
                "ec2:DescribeVolumeStatus",
                "ec2:StartInstances",
                "ec2:DescribeVolumes",
                "ec2:UnassignPrivateIpAddresses",
                "ec2:DescribeKeyPairs",
                "ec2:CreateTags",
                "ec2:ResetNetworkInterfaceAttribute",
                "ec2:ModifyNetworkInterfaceAttribute",
                "ec2:DeleteNetworkInterface",
                "ec2:RunInstances",
                "ec2:StopInstances",
                "ec2:AssignPrivateIpAddresses",
                "ec2:DescribeVolumeAttribute",
                "ec2:DescribeInstanceCreditSpecifications",
                "ec2:CreateNetworkInterface",
                "ec2:DescribeImageAttribute",
                "ec2:AssociateAddress",
                "ec2:DescribeSubnets",
                "ec2:DeleteKeyPair",
                "ec2:DisassociateAddress",
                "ec2:DescribeAddresses",
                "ec2:DeleteTags",
                "ec2:RunScheduledInstances",
                "ec2:DescribeInstanceAttribute",
                "ec2:DescribeRegions",
                "ec2:DescribeDhcpOptions",
                "ec2:GetConsoleOutput",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeNetworkInterfaceAttribute",
                "ec2:ModifyInstanceAttribute",
                "ec2:DescribeInstanceStatus",
                "ec2:ReleaseAddress",
                "ec2:RebootInstances",
                "ec2:TerminateInstances",
                "ec2:DetachNetworkInterface",
                "ec2:DescribeIamInstanceProfileAssociations",
                "ec2:DescribeTags",
                "ec2:AllocateAddress",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeHosts",
                "ec2:DescribeImages",
                "ec2:DescribeVpcs",
                "ec2:AttachNetworkInterface",
                "ec2:AssociateIamInstanceProfile",
                "ec2:DescribeAccountAttributes",
                "ec2:DescribeInternetGateways"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "VisualEditor0"
        },
        {
            "Action": [
                "iam:GetRole",
                "iam:PassRole",
                "iam:CreateServiceLinkedRole"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "VisualEditor1"
        },
        {
            "Action": [
                "route53:CreateHostedZone",
                "route53:CreateHealthCheck",
                "route53:GetHostedZone",
                "route53:ChangeResourceRecordSets",
                "route53:ChangeTagsForResource",
                "route53:DeleteHostedZone",
                "route53:DeleteHealthCheck",
                "route53:ListHostedZonesByName",
                "route53:GetHealthCheckCount"
                "route53:ListResourceRecordSets",
                "route53.AssociateVPCWithHostedZone",
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "VisualEditor2"
        },
        {
            "Action": [
                "iam:ListInstanceProfiles",
                "iam:ListAttachedRolePolicies",
                "iam:SimulatePrincipalPolicy",
                "iam:SimulatePrincipalPolicy"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "VisualEditor3"
        },
        {
            "Action": [
                "ec2:ReleaseAddress",
                "elasticloadbalancing:DeleteLoadBalancer",
                "ec2:DescribeAddresses",
                "elasticloadbalancing:CreateListener",
                "elasticloadbalancing:CreateLoadBalancer",
                "elasticloadbalancing:RegisterTargets",
                "elasticloadbalancing:CreateTargetGroup",
                "elasticloadbalancing:DeregisterTargets",
                "ec2:DescribeSubnets",
                "elasticloadbalancing:DeleteTargetGroup",
                "elasticloadbalancing:ModifyTargetGroupAttributes",
                "elasticloadbalancing:DescribeLoadBalancers",
                "ec2:AllocateAddress"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "VisualEditor4"
        }
      ]
    }
    
    <!--NeedCopy-->
    
  7. Copy and paste the list of permissions in the JSON tab and click Review policy.
  8. In the Review policy page, type a name for the policy, enter a description, and click Create policy.

    Note

    Ensure that the name starts with “Citrix-ADM-.”

  9. In the Create Role page, enter the name of the role.

    Note

    Ensure that the role name starts with “Citrix-ADM-.”

Create IAM entities for ADCs created by Citrix Application Delivery and Management:

Create an IAM role with a IAM policy that provides permissions for an ADC to perform operations on your AWS account. This role is attached to ADC instances that will be created by Citrix Application Delivery and Management thereby enabling ADCs to access your account.

  1. In AWS, click Services. In the left side navigation pane, select IAM > Roles, and click Create role.

Similarly, create a profile for the Citrix ADC instances by providing a different name starting with “Citrix-ADC-“.

Ensure that you select AWS service > EC2,

  1. In Attach permissions policies page, click Create policy.

  2. You can create and edit a policy in the visual editor or by using JSON.

Create role

The list of permissions from Citrix for Citrix ADC instances is provided in the following box:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "VisualEditor0",
      "Effect": "Allow",
      "Action": [
        "iam:GetRole",
        "iam:SimulatePrincipalPolicy",
        "autoscaling:*",
        "sns:*",
        "sqs:*",
        "cloudwatch:*",
        "ec2:AssignPrivateIpAddresses",
        "ec2:DescribeInstances",
        "ec2:DescribeNetworkInterfaces",
        "ec2:DetachNetworkInterface",
        "ec2:AttachNetworkInterface",
        "ec2:StartInstances",
        "ec2:StopInstances"
      ],
      "Resource": "*"
    }
  ]
}
<!--NeedCopy-->

Register the DNS domain

Ensure that you have registered the DNS domain for hosting your applications.

Assess the number of elastics IPs (EIP) required in your network.

The number of EIPs required varies based on whether you are deploying DNS based autoscaling or NLB based autoscaling. To increase the number of EIPs, create a case with AWS.

  • For DNS based autoscaling, the number of EIPs required per availability zone is equal to the number of applications multiplied by the maximum number of VPX instances you want to configure in the Autoscale groups.
  • For NLB based autoscaling, the number of EIPs required is equal to the number of applications multiplied by the number of availability zones in which the applications are getting deployed.

Assess the instance limit requirements:

When assessing instance limits, ensure that you consider space requirements for Citrix ADC instances also.

Set up Citrix Application Delivery and Management components

Perform the following tasks in AWS before you Autoscale Citrix ADC VPX instances in Citrix Application Delivery and Management:

  1. Provision Citrix Application Delivery and Management agent on AWS.
  2. Create a site.
  3. Attach the site to a Citrix Application Delivery and Management agent.

Provision Citrix Application Delivery and Management agent on AWS

The Citrix Application Delivery and Management agent works as an intermediary between the Citrix Application Delivery and Management and the discovered instances in the data center or on the cloud.

  1. Navigate to Infrastructure > Instances > Agents.

  2. Click Provision.

  3. Select AWS and click Next.

  4. In the Cloud Parameters tab, specify the following:

    • Name - specify the Citrix Application Delivery and Management agent name.

    • Site - select the site you have created to provision an agent and ADC VPX instances.

    • Cloud Access Profile - select the cloud access profile from the list.

    • Availability Zone - Select the zones in which you want to create the Autoscale groups. Depending on the cloud access profile that you have selected, availability zones specific to that profile are populated.

    • Security Group - Security groups control the inbound and outbound traffic in the Citrix ADC agent. You create rules for both incoming and outgoing traffic that you want to control.

    • Subnet - Select the management subnet where you want to provision an agent.

    • Tags - Type the key-value pair for the Autoscale group tags. A tag consists of a case-sensitive key-value pair. These tags enable you to organize and identify the Autoscale groups easily. The tags are applied to both AWS and Citrix Application Delivery and Management.

  5. Click Finish.

Alternatively, you can install the Citrix Application Delivery and Management agent from the AWS marketplace. For more information, see Installing Citrix Application Delivery and Management agent on AWS.

Create a site

Create a site in Citrix Application Delivery and Management and add the details of the VPC associated with your AWS role.

  1. In Citrix Application Delivery and Management, navigate to Infrastructure > Sites.
  2. Click Add.
  3. Select the service type as AWS and enable Use existing VPC as a site.
  4. Select the cloud access profile.
  5. If the cloud access profile doesn’t exist in the field, click Add to create a profile.

    1. In the Create Cloud Access Profile page, type the name of the profile with which you want to access AWS.
    2. Type the ARN associated with the role that you have created in AWS.
    3. Copy the autogenerated External ID to update the IAM role.
  6. Click Create.

  7. Again click Create to create the site.

  8. Update the IAM role in AWS using the auto-generated External ID:

    Cloud-access-profile

    1. Log in to your AWS account and navigate to the role that you want to update.

    2. In the Trust relationships tab, click Edit trust relationship and append the following condition within the Statement block:

      "Condition": {
        "StringEquals": {
          "sts:ExternalId": "<External-ID>"
        }
      }
      <!--NeedCopy-->
      

    Enabling external ID for a IAM role in AWS allows you to connect to a third-party account. The external ID increases the security of your role.

    The details of the VPC, such as the region, VPC ID, name and CIDR block, associated with your IAM role in AWS are imported in Citrix Application Delivery and Management.

Attach the site to a Citrix Application Delivery and Management agent

  1. In Citrix Application Delivery and Management, navigate to Infrastructure > Instances > Agents.

  2. Select the agent for which you want to attach a site.

  3. Click Attach Site.

  4. Select the site from the list that you want to attach.

  5. Click Save.

Step 1: Initialize Autoscale configuration in Citrix Application Delivery and Management

  1. In Citrix Application Delivery and Management, navigate to Infrastructure > Public Cloud > Autoscale Groups.
  2. Click Add to create Autoscale groups. The Create AutoScale Group page appears.
  3. Enter the following details.

    • Name. Type a name for the Autoscale group.
    • Site. Select the site that you have created to provision the Citrix ADC VPX instances on AWS.
    • Cloud Access Profile. Select the cloud access profile.

      Note

      If the cloud access profile does not exist in the field, click Add to create a profile.

      • Type the ARN associated with the role that you have created in AWS.
      • Type the external ID that you provided while creating an Identity and Access Management (IAM) role in AWS. Depending on the cloud access profile that you select, the availability zones are populated.
    • Citrix ADC Profile. Select the ADC profile from the list. This profile will be used by Citrix Application Delivery and Management whenever it requires to log on to the instance.

    • Traffic Distribution Mode. The Load Balancing using NLB option is selected as default traffic distribution mode. If applications are using UDP traffic, then select DNS using AWS route53.

      Note

      After the Autoscale configuration is set up, new availability zones cannot be added or existing availability zones cannot be removed.

    • Enable AutoScale Group. Enable or disable the status of the ASG groups. This option is enabled, by default. If this option is disabled, autoscaling is not triggered.

    • Availability Zones. Select the zones in which you want to create the Autoscale groups. Depending on the cloud access profile that you have selected, availability zones specific to that profile are populated.

    • Tags. Type the key-value pair for the Autoscale group tags. A tag consists of a case-sensitive key-value pair. These tags enable you to organize and identify the Autoscale groups easily. The tags are applied to both AWS and Citrix Application Delivery and Management.

      Create-autoscale-group1

  4. Click Next.

Step 2: Configure Autoscale parameters

  1. In the AutoScale Parameters tab, enter the following details.
  2. Select one or more than one of the following threshold parameters whose values must be monitored to trigger a scale-out or a scale-in.
    • Enable CPU Usage Threshold: Monitor the metrics based on the CPU usage.
    • Enable Memory Usage Threshold: Monitor the metrics based on the memory usage.
    • Enable Throughput Threshold: Monitor the metrics based on the throughput.

      Note

      • Default minimum threshold limit is 30 and maximum threshold limit is 70. However, you change modify the limits.
      • Minimum threshold limit must be equal or less than half of the maximum threshold limit.
      • More than one threshold parameters can be selected for monitoring. In such cases, a scale-in is triggered if at least one of the threshold parameters is above the maximum threshold. However, a scale-in is triggered only if all the threshold parameters are operating below their normal thresholds.

      Create-autoscale-group3

    • Keep a Spare Node for faster Scale Out: This option helps to achieve faster scale-out. Citrix Application Delivery and Management provisions a spare node before the scale-out action occurs and shuts it down. When the scale-out action occurs for the Autoscale group, the Citrix Application Delivery and Management starts the spare node that is already provisioned. As a result, it reduces the time taken for scale-out.

    • Minimum Instances. Select the minimum number of instances that must be provisioned for this Autoscale group.
    • By default, the minimum number of instances is equal to the number of zones selected. You can increment the minimum instances by multiples of the number of zones.
    • For example, if the number of availability zones is 4, the minimum instances is 4 by default. You can increase the minimum instances by 8, 12, 16.
    • Maximum Instances. Select the maximum number of instances that must be provisioned for this Autoscale group.
    • The maximum number of instances must be greater than or equal to the minimum instances value. The maximum number of instances that can be configured is equal to the number of availability zones multiplied by 32.
    • Maximum number of instances = number of availability zones * 32
    • Drain Connection Timeout (minutes). Select the drain connection timeout period. During scale-in, once an instance is selected for deprovisioning, Citrix Application Delivery and Management removes the instance from processing new connections to the Autoscale group and waits until the specified time expires before deprovisioning. This option allows existing connections to this instance to be drained out before it gets deprovisioned.
    • Cooldown period (minutes). Select the cooldown period. During scale-out, the cooldown period is the time for which evaluation of the statistics has to be stopped after a scale-out occurs. This scale-out ensures organic growing of instances of an Autoscale group by allowing current traffic to stabilize and average out on the current set of instances before the next scaling decision is made.
    • DNS Time To Live(seconds). Select the amount of time (in seconds) that a packet is set to exist inside a network before being discarded by a router. This parameter is applicable only when the traffic distribution mode is DNS using AWS route53.
    • Watch-Time (minutes). Select the watch-time duration. The time for which the scale parameter’s threshold has to stay breached for a scaling to happen. If the threshold is breached on all the samples collected in this specified time then a scaling happens.

    Create-autoscale-group4

  3. Click Next.

Step 3: Configure licenses for provisioning Citrix ADC instances

Select one of the following modes to license Citrix ADC instances that are part of the Autoscale Group:

  • Using Citrix Application Delivery and Management: While provisioning Citrix ADC instances, the Autoscale group checks out the licenses from the Citrix Application Delivery and Management.

  • Using the AWS Cloud: The Allocate from Cloud option uses the Citrix product licenses available in the AWS marketplace. While provisioning Citrix ADC instances, the Autoscale group uses the licenses from the marketplace.

    If you choose to use licenses from the AWS marketplace, specify the product or license in the Provision Parameters tab.

For more information, see Licensing Requirements.

Use licenses from Citrix Application Delivery and Management

  1. In the License tab, select Allocate from Citrix Application Delivery and Management.

  2. In License Type, select one of the following options from the list:

    • Bandwidth Licenses: You can select one of the following options from the Bandwidth License Types list:

      • Pooled Capacity: Specify the capacity to allocate for every new instance in the Autoscale group.

        From the common pool, each ADC instance in the Autoscale group checks out one instance license and only as much bandwidth is specified.

      • VPX Licenses: When a Citrix ADC VPX instance is provisioned, the instance checks out the license from the Citrix Application Delivery and Management.

    • Virtual CPU Licenses: The provisioned Citrix ADC VPX instance checks out licenses depending on the number of active CPUs running in the Autoscale group.

    Note

    When the provisioned instances are removed or destroyed, the applied licenses return to the Citrix Application Delivery and Management license pool. These licenses can be reused to provision new instances during the next Autoscale.

  3. In License Edition, select the license edition. The Autoscale group uses the specified edition to provision instances.

  4. Click Next.

Step 4: Configure cloud parameters

  1. In the Cloud Parameters tab, enter the following details.

    • IAM Role: Select the IAM role that you have created in AWS. An IAM role is an AWS identity with permission policies that determine what the identity can and cannot do in AWS.

    • Instance Type: Select the EC2 instance type.

      Note

      The recommended instance type for the selected product is auto-populated, by default.

    • Hyper Threading: This option is enabled by default. If you disable this option, the ADC instance gets provisioned with a single thread in each CPU core.

    • AWS AMI ID: Enter the AMI ID specific to the region that you have selected.

    • Origin Server: When application servers and ADC instances are on different VPCs, provide the CIDR block of a VPC where you have application servers.

      Important

      Set up AWS Transit Gateway or VPC peering between application servers VPC and ADC instances VPC.

      • For the VPC where the ADC instances are provisioned, update the route table and security group of the server subnet.
      • For the VPC where the application servers reside, update the route table and security group of the application servers.

      For more information, see AWS Transit Gateway and VPC peering.

    • IP’s in server subnet per node: Select the number of IP addresses in the server subnet per node for the security group.

      Create-autoscale-group5

    In this tab, you can also specify and configure the required NICs. Select Security Group and Subnet for each NIC.

    • Security Groups: Security groups control the inbound and outbound traffic in a Citrix ADC VPX instance. Select a security group for Management, Client, and Server traffic. For more information on management, client, and server security groups, see Security Groups.

    • Zones: The number of zones that are populated is equal to the number of availability zones that you have selected. For each zone, select the appropriate values for the subnets.

      You must have three separate subnets such as Management, client, and server subnet to Autoscale Citrix ADC subnets. Subnets contain the required entities for autoscaling. Select For more information, see Subnets.

      Create-autoscale-group6

  2. Click Finish.

    A progress window with the status for creating the Autoscale group appears. It might take several minutes for the creation and provisioning of Autoscale groups.

    Autoscale-configuration-step7

Step 5: Configure an application for the Autoscale group

  1. In Citrix Application Delivery and Management, navigate to Infrastructure > Public Cloud > Autoscale groups.

  2. Select the Autoscale group that you created and click Configure.

  3. In Configure Application, specify the following details:

    • Application Name - Specify the name of an application.

    • Access Type - You can use the Citrix Application Delivery and Management autoscaling solution to both external and internal applications. Select the required application access type.

    • FQDN Type - Select a mode of assigning domain and zone names.

      If you want to specify manually, select User-Defined. To automatically assign domain and zone names, select Auto-generated.

    • Domain Name - Specify the domain name of an application. This option is applicable only when you select User-defined FQDN type.

    • Zone of the Domain - Select the zone name of an application from the list. This option is applicable only when you select User-defined FQDN type.

      This domain and zone name redirects to the virtual servers in AWS. For example, if you host an application in app.example.com, the app is the domain name and example.com is the zone name.

    • Protocol - Select the protocol type from the list. The configured application receives the traffic depending on the selected protocol type.

    • Port - Specify the port value. The specified port is used to establish a communication between the application and the Autoscale group.

    • Auto Redirect HTTP traffic to HTTPS - Select this option to receive secured traffic to the application. Specify the HTTP port that you want to redirect.

    • ADC Configuration mode - Select the mode how you want to configure the application. You can either select StyleBooks or ADC CLI commands.

    Configure ASG applications

    If you want to configure an application using StyleBooks, select Yes in the confirmation window.

    Configure an application using StyleBooks

Note

Change the access type of an application if you want to modify the following details in the future:

  • FQDN Type
  • Domain Name
  • Zone of the domain

For more information to use StyleBooks or CLI commands, see Create an application configuration for the Autoscale group.

Upgrade Citrix ADC clusters

Manually upgrade the cluster nodes. You first upgrade the image of existing nodes and then update AMI from the Citrix Application Delivery and Management.

Important

Ensure the following during an upgrade:

  • No scale-in or scale-out is triggered.
  • No configuration changes must be performed on the cluster in the Autoscale group.
  • You keep a backup of the ns.conf file of the previous version. In case an upgrade fails, you can fall back to the previous version.

Perform the following steps to upgrade the Citrix ADC cluster nodes.

  1. Disable the Autoscale group on the MAS ASG portal.
  2. Select one of the clusters within the Autoscale groups for upgrade.
  3. Follow the steps documented in the topic Upgrading or downgrading the Citrix ADC cluster.

    Note

    • Upgrade one node in the cluster.
    • Monitor the application traffic for any failures.
    • If you encounter any issues or failures, downgrade the node that was previously upgraded. Else, continue with the upgrade of all nodes.
  4. Continue upgrading the nodes in all the clusters in the Autoscale group.

    Note

    If the upgrade for any cluster fails, downgrade all the clusters in the Autoscale group to the previous version. Follow the steps documented in the topic Upgrading or downgrading the Citrix ADC cluster.

  5. After successful upgrade of all clusters, update AMI on MAS ASG Portal. AMI must be of the same version as the image used for the upgrade.
  6. Edit the Autoscale group and type the AMI that corresponds to the upgraded version.
  7. Enable the Autoscale group on the Citrix Application Delivery and Management portal.