Configure on-prem agents for multisite deployment

In the earlier versions of Citrix ADM, Citrix ADC instances deployed in remote data center(s) could be managed and monitored from Citrix ADM running in a primary data center. NetScaler instances sent data directly to the primary Citrix ADM that resulted in consumption of WAN (Wide Area Network) bandwidth. Additionally, processing of analytics data utilizes CPU and memory resources of primary Citrix ADM.

Customers have their data centers located across the globe. Agents play a vital role in following scenarios where the customers can choose:

  • to install agents in remote data centers so that there is reduction in WAN bandwidth consumption.

  • to limit the number of instances directly sending traffic to primary Citrix ADM for data processing.

Note

  • Installing agents for instances in remote data center is recommended but not mandatory. If required, users can directly add NetScaler instances to primary Citrix ADM.

  • If you have installed agents for the remote datacenter(s), then the communication between the agents and the primary site is through floating IP address. For more information, see port.

  • You can install agents and apply pooled licenses to the instances at the remote data center(s). In this scenario, the communication between the primary site and the remote data center(s) is through the floating IP address.

In Citrix ADM 12.1, instances can be configured with agents to communicate with the primary Citrix ADM located in a different data center.

Note

On-prem agents for multisite deployment is supported only with Citrix ADM high availability deployment.

Agents work as an intermediary between the primary Citrix ADM and the discovered instances across different data centers. Following are the benefits of installing agents:

  • The instances are configured to agents so that the unprocessed data is sent directly to agents instead of primary Citrix ADM. Agents do the first level of data processing and send the processed data in compressed format to the primary Citrix ADM for storage.

  • Agents and instances are co-located in the same data center so that the data processing is faster.

  • Clustering the agents provides redistribution of NetScaler instances on agent failover. When one agent in a site fails, traffic from NetScaler instances is switched to another available agent in the same site.

Note

The number of agents to be installed per site depends on the traffic being processed. Currently, Citrix has validated two agents per site for agent failover scenario. Citrix recommends that you install at least two agents per site, so that the traffic flows to another agent in case of an agent failover.

Architecture

The following figure shows NetScaler instances in two data centers and Citrix ADM high availability deployment using multisite agent-based architecture.

localized image

The primary site has the Citrix ADM nodes deployed in a high availability configuration. The NetScaler instances in the primary site are directly registered with the Citrix ADM.

In the secondary site, agents are deployed and registered with the Citrix ADM server in the primary site. These agents work in a cluster to handle continuous flow of traffic in case an agent failover occurs. The NetScaler instances in the secondary site are registered with the primary Citrix ADM server through agents located within that site. The instances send data directly to agents instead of primary Citrix ADM. The agents process the data received from the instances and send it to the primary Citrix ADM in a compressed format. Agents communicate with the Citrix ADM server over a secure channel and the data sent over the channel is compressed for bandwidth efficiency.

Get started

  • Install the agent in a data center

    • Register the agent

    • Add the agent

  • Add NetScaler instances

    • Add new instance

    • Update an existing instance

Install the agent in a data center

You can install and configure the agent, to enable communication between the primary Citrix ADM and the managed NetScaler instances in another data center.

You can install an agent on the following hypervisors in your enterprise data center:

  • Citrix XenServer

  • VMware ESXi

  • Microsoft Hyper-V

  • Linux KVM Server

Note

On-prem agents for multisite deployment is supported only with Citrix ADM high availability deployment.

Before you begin installing the agent, ensure you have the required virtual computing resources that the hypervisor must provide for each agent.

Component Requirement
RAM 8 GB
  Note: Citrix recommends that you increase the default value to 32 GB for better performance.
Virtual CPU 2 CPUs
  Note: Citrix recommends that you increase the default value to 8 CPUs for better performance.
Storage space 30 GB
Virtual Network Interfaces 1
Throughput 1 Gbps

Ports

For communication purposes, the following ports must be open between the agent and Citrix ADM on-prem server.

Type Port Details
TCP 8443, 7443, 443  For outbound and inbound communication between agent and the Citrix ADM on-prem server.

The following ports must be open between the agent and NetScaler Instances.

Type Port Details
TCP 80 For NITRO communication between agent and NetScaler or NetScaler SD-WAN instance.
TCP 22 For SSH communication between agent and NetScaler or NetScaler SD-WAN instance. For synchronization between Citrix ADM servers deployed in high availability mode.
UDP 4739 For AppFlow communication between agent and NetScaler or NetScaler SD-WAN instance.
ICMP No reserved port To detect network reachability between Citrix ADM and NetScaler instances, SD WAN instances, or the secondary Citrix ADM server deployed in high availability mode.
SNMP 161, 162 To receive SNMP events from NetScaler instance to agent.
Syslog 514 To receive syslog messages from NetScaler or NetScaler SD-WAN instance to agent.
TCP 5557 For logstream communication between agent and NetScaler instances. 

Register the agent

  1. Use the agent image file downloaded from the Citrix download site and import it in to your hypervisor. The naming pattern of the agent image file is as follows, MASAGENT-<HYPERVISOR>-<Version.no>. For example: MASAGENT-XEN-12.1-xy.xva

  2. From the Console tab, configure NetScaler MAS with the initial network configurations as displayed in the following image.

    localized image

  3. Enter the NetScaler MAS host name, IPv4 address, and gateway IPv4 address. Select option 7 to save and quit the configuration.

  4. To register the agent, enter /mps/register_agent_onprem.py. The NetScaler MAS agent registration credentials are displayed as shown in the following image.

  5. Enter the NetScaler MAS floating IP address and the user credentials.

    localized image

After the registration is successful, the agent restarts to complete the installation process.

After the agent restarts, access the Citrix ADM GUI, from the main menu go to Networks > Agents page to verify the status of the agent. The newly added agent is displayed in Up state.

localized image

Note

The Citrix ADM displays the version of the agent and also checks if the agent is on the latest version. The download icon signifies that the agent is not on the latest version and needs to be upgraded. Citrix recommends that you upgrade the agent version to the Citrix ADM version.

Add agent to site

  1. Select the agent and click Attach Site.

  2. In the Attach site page, select a site from the list or create a new site using the plus (+) button.

  3. Click Save.

    Note

    • By default, all newly registered agents are added to the default datacenter.

    • It is important to associate the agent with the correct site. In the event of an agent failure, the NetScaler instances assigned to it are automatically switched to other functioning agents in the same site.

    localized image

Add Citrix ADC instances

Instances are Citrix appliances or virtual appliances that you want to discover, manage, and monitor from Citrix ADM through agents. You can add the following Citrix appliances and virtual appliances to Citrix ADM or agents:

  • Citrix ADC MPX

  • Citrix ADC VPX

  • Citrix ADC SDX

  • Citrix ADC CPX

  • Citrix Gateway

  • Citrix Secure Web Gateway

  • Citrix SD-WAN WO

Add a new instance

  1. Navigate to Networks > Instances and select the instance type. For example, Citrix ADC.

  2. Click Add to add a new instance.

    localized image

  3. Check Enter Device IP Address and enter the IP address.

  4. From Profile Name, select the appropriate instance profile, or create a new profile by clicking the + icon.

    Note

    For each instance type, a default profile is available. For example, the ns-root-profile is the default profile for NetScaler instances.

  5. Select the Site with which you want to associate the instance.

    Note

    Based on the site selected, the list of agents  associated to that site is displayed. Ensure you select the Site with which you want to associate the instance.

    localized image

  6. Click to select the agent. From Agent page, Select the agent with which you want to associate the instance and then click OK.

    localized image

Update an existing instance to attach it to an agent

If an instance is already added to primary Citrix ADM, you can attach it to an agent by editing the adding instances workflow and selecting an agent.

  1. Navigate to Networks > Instances and select the instance type. For example, NetScaler ADC.

  2. Click Edit button to edit an existing instance.

  3. Click to select the agent.

  4. From Agent page, select the agent with which you want to associate the instance and then click OK.

Note

Ensure you select the Site with which you want to associate the instance.

Access the GUI of an instance to validate events

After the instances are added and agent is configured, access the GUI of an instance to check if the trap destination are configured.

In Citrix ADM, navigate to Networks > Instances. Under Instances, select the type of instance you want to access (for example, NetScaler VPX), and then click the IP address of a specific instance.

localized image

The GUI of the selected instance is displayed in a pop-up window.

By default, the agent is configured as the trap destination on the instance. To confirm, log on to the GUI of the instance and check the trap destinations.

Important

Adding an agent for NetScaler instances in remote datacenters is recommended but not mandatory.

In case you want to add the instance directly to the primary MAS, do not select an agent while adding instances.

Cluster the agent

The term Agent cluster refers to a mechanism wherein agents attached to a site are logically grouped, so that if one of the agents fails, the NetScaler devices sending traffic to it are automatically reconfigured to start sending traffic to the other healthy agent(s) in that group or site.

The advantage of having agents clustered in a remote site is that if one agent fails, it is detected by Citrix ADM and implicitly all the instances are redistributed to other available agents in that cluster.

For example, we have two agents 10.106.1xx.2x and 10.106.1xx.7x that are attached and operational in the Bangalore site as shown below.

localized image

If one agent goes down, Citrix ADM will detect it and displays the state as down.

The instances attached to that agent are automatically reconfigured to use the other agent from the same cluster for trap destination, syslog server, and so on.

Note

There will be some delay while reconfiguring the instances.

Configure on-prem agents for multisite deployment