NSX Manager: auto provisioning of Citrix ADC instances

Overview

Citrix Application Delivery Management (ADM) integrates with VMware network virtualization platform to automate the deployment, configuration, and management of Citrix ADC services. This integration abstracts away the traditional complexities associated with physical network topology, enabling vSphere/vCenter admins to programmatically deploy Citrix ADC services faster.

During load-balancing service insertion and deletion on VMware NSX Manager, Citrix ADM dynamically provisions and destroys the Citrix ADC instances. This dynamic provisioning requires the Citrix ADC VPX license assignments to be automated in Citrix ADM. When the Citrix ADC licenses are uploaded to the Citrix ADM, Citrix ADM performs the role of license server.

Prerequisites

  • Citrix ADM, version 12.1 setup in high availability and installed on ESX.

  • Citrix ADC VPX, version 12.1

  • Citrix ADC VPX licenses for Citrix ADC VPX instances, version 12.1

  • Install VMware ESXi version 4.1 or later with hardware that meets the minimum requirements.

  • Install VMware Client on a management workstation that meets the minimum system requirements.

  • Install VMware OVF Tool (required for VMware ESXi version 4.1) on a management workstation that meets the minimum system requirements.

High-Availability Deployment of Citrix ADM and Citrix ADC Instances

To provision the Citrix ADM HA setup, install the Citrix ADM image file that you have downloaded from the Citrix download site. For more information on how to provision Citrix ADM HA set up, see Deploying Citrix ADM in High Availability.

Setting up Citrix ADM HA Endpoint Details

To integrate VMware NSX manager with Citrix ADM that is deployed in a HA mode, you must first enter the virtual IP address of the load balancing Citrix ADC instance. You must also upload the certificate file that is present on the Citrix ADC load balancing virtual server to the Citrix ADM file system.

To provide load balancing configuration information in Citrix ADM:

  1. In Citrix ADM HA node, navigate to System > Deployment.

  2. Click HA Settings in the top-right corner, and in MAS-HA Settings page, click MAS-HA Endpoint Details.

    localized image

  3. On MAS-HA Endpoint Details page, upload the same certificate that is already present on the load balancing Citrix ADC instance.

  4. Enter the virtual IP address of the load balancing Citrix ADC instance and click OK.

    localized image

Registering VMware NSX Manager with Citrix ADM

When you set up two Citrix ADM servers in high availability, the two server nodes are in active-passive mode. Log on to the primary Citrix ADM server node to register VMware NSX manager with Citrix ADM in HA, to create a communication channel between them.

To register VMware NSX manager with Citrix ADM in HA:

  1. In the primary Citrix ADM server node, navigate to Orchestration > SDN Orchestration > VMware NSX Manager.

  2. Click Configure NSX Manager Settings.

  3. On Configure NSX Manager Settings page, set the following parameters:
    1. NSX Manager IP Address - IP address of NSX Manager.

    2. NSX Manager Username - Administrative user name of NSX Manager.

    3. Password - Password of the administrative user of NSX Manager.

  4. In Citrix ADM account used by NSX Manager section, set the Citrix ADC Driver Password for the NSX Manager.

  5. Click OK.

Uploading Licenses in Citrix ADM

Upload the Citrix ADC VPX licenses to Citrix ADM, so that Citrix ADM can automatically assign licenses to the instances during orchestration with NSX.

To install license files on Citrix ADM:

  1. In Citrix ADM, navigate to Networks > Licenses.

  2. In License Files section, select one of the following options:

    1. Upload license files from a local computer - If a license file is already present on your local computer, you can upload it to the Citrix ADM. To add license files, click Browse and select the license file (.lic) that you want to add. Then click Finish.

    2. Use License Access Code - Citrix emails the License Access Code (LAC) for the licenses that you purchase. To add license files, enter the LAC in the text box and then click Get Licenses.

      Note

      At any time, you can add more licenses to the Citrix ADM from the License Settings.

      localized image

Uploading Citrix ADC VPX Images in Citrix ADM

Add the Citrix ADC images to Citrix ADM, so that the Citrix ADM uses these images as defined in the service package.

To upload Citrix ADC VPX Images in Citrix ADM:

  1. In Citrix ADM, navigate to Orchestration > SDN Orchestration > VMware NSX Manager > ESX NSVPX Images.

  2. Click Upload, and select the Citrix ADC VPX zip package from the local storage folder.

Creating Service Packages in Citrix ADM

Create service packages in Citrix ADM to define the set of SLAs, which states how the Citrix ADC resources are allocated.

To create service packages in Citrix ADM:

  1. In Citrix ADM, navigate to Orchestration > SDN Orchestration > VMware NSX Manager > Service Packages, and click Add to add a new service package.

  2. On Service Package page, in Basic Settings section, set the following parameters:

    1. Name - name of a service package

    2. Isolation Policy - select Dedicated

    3. Select Auto Provision

    4. Click Continue

  3. In the Auto Provision Settings section, select the recently uploaded Citrix ADC VPX zip package for deploying it on NSX platform, select the corresponding license, and click Continue.

    Note

    In High Availability section, check the box to provision Citrix ADC instances for HA.

    localized image

    Note

    The name of license displayed in the drop-down box shown in the figure above, VPX8000_Enterprise, 2number is an example and is explained as below:

    • VPX - the license is to deploy Citrix ADC VPX instances

    • 8000 - consumable bandwidth is 8GB

    • Enterprise - Citrix provides three types of licenses - Standard, Enterprise, and Platinum

    • 2number - two Citrix ADC VPX instances can be deployed by using this license

    The name of license displayed in the License drop-down box depends on the license that you have purchased from Citrix.

  4. Click Continue.

  5. The service package is published to NSX Manager. In NSX Manager, navigate to Service Definitions > Service Managers. You can view Citrix Citrix ADM as one of the service managers. This indicates that the registration is successful and bi-directional communication is established between the NSX manager and Citrix ADM.

    Note: For Citrix ADM in high availability deployment, the licenses are uploaded only in the Citrix ADM license server node. Note that the Citrix ADM nodes are in an active-passive mode.

Performing Load Balancer Service Insertion for Edge

Perform load balancer service insertion on the existing NSX Edge Gateway, that is, offload the load balancing function from NSX load balancer to Citrix ADC.

To insert load balancing service on NSX Edge Gateway:

  1. In NSX Manager, navigate to Home > Networking and Security > NSX Edges, and double-click to select the edge gateway that you have configured.

  2. Click Manage, and on the Load Balancer tab, select Global Configuration, and click Edit.

  3. Select Enable Load Balancer and Enable Service Insertion to enable them.

  4. In Service Definition, select the service package that was published to NSX Manager.

  5. Configure one virtual NIC for management interface, and one or more virtual NICs for data interfaces. Select the networks for management and data accordingly.

    Note

    Select IP Pool option in Primary IP Allocation mode. Citrix ADM does not support manual or DHCP allocation of IP addresses.

  6. Click the refresh icon to see the creation of the run time.

    Note

    Because you are deploying two Citrix ADC VPX instances in HA deployment, two run times are created in the NSX manager.

    You might have to refresh the screen to view the run times displayed on the screen.

  7. Select the run time, click Actions, and select Install from the pop-up menu. For HA, repeat this for the other run time also.

  8. When both the virtual machines start, the value of Status changes to “In Service” and that of Install State changes to “Enabled.”

    Note

    You might have to refresh the screen to view the change in status.

  9. In Citrix ADM, navigate to Orchestration > Requests to see progress details of completion of service insertion. You can see that a request to create and update the run time has come in to Citrix ADM. When the run time has been updated, select the request and click the Tasks button to view that Citrix ADM has been added in NSX Manager.

    For HA, there will be two requests to create and update two run times in Citrix ADM. When both run times have been updated, select both requests and click the Tasks button to view that two Citrix ADM HA nodes have been added in NSX Manager.

  10. In Citrix ADM, navigate to Orchestration > SDN Orchestration > VMware NSX Manager > Edge Gateways. In the right-hand side panel, you can view that the Citrix ADC VPX has been added to the NSX Edge Gateway.

    For HA, you can see that two Citrix ADC VPX instances in HA mode have been added to the NSX Edge Gateway.

  11. In Citrix ADM, navigate to Networks > Licenses >VPX Licenses. Select the Citrix ADC VPX license and the edition that you have installed.

    The Citrix ADC VPX instances that are in HA mode consume two licenses and the status is displayed on your screen as below.

    localized image

    When the service insertion is complete, you can use StyleBooks to configure the Citrix ADC instances in one of the following two methods:

Configuring Load Balancing Services on Citrix ADC VPX in VMware NSX Manager GUI

Perform the following task to enable configuration of load balancing services on the NSX Edge gateway device using built-in StyleBooks.

In NSX Manager, navigate to Home > Networking and Security > NSX Edges, and double-click to select the edge gateway that you have configured.

Creating pools and pool members

Create a pool of servers and members of different capacities.

  1. Click Manage, and on the Load Balancer tab, select Pools, and click “+” icon to add a new pool, and set the following parameters:

    1. Name - Name of the new pool

    2. Algorithm - Select an algorithm from the drop-down list base on which the pool will be selected.

    3. Monitors - Make sure the service monitor is set to default_http_monitor

    4. Members - Click “+” to add members to the pool and enter the required parameters in the New Member window.

      1. Name - Name of the member

      2. IP Address/ VC Container - Click Select to select the object from the available list or enter the IP address of the object.

  2. Click OK.

    Add as many members as required.

    localized image

Creating virtual servers

Create a set of virtual servers and assign a pool to each virtual server.

  1. Click Manage, and on the Load Balancer tab, select Virtual Servers, and click “+” icon to add a virtual server, and set the following parameters:

    1. Application profile - By default, the service profile that you created in Citrix ADM is displayed.

    2. Name -  Name of the virtual server.

    3. IP Address - Click Select to select an existing pool of IP addresses or create a new pool of IP addresses.

    4. Default pool - Select the default pool from the drop-down list.

  2. Click OK.

  3. In Citrix ADM, navigate to Orchestration > Requests to see progress details of completion of service creation on the selected Citrix ADC instance(s).

  4. In Citrix ADM, navigate to Applications > Configuration, and check that the “nsx-lb-mon” config pack has been created.

    localized image

Configuring Load Balancing Services on Citrix ADC VPX in Citrix ADM GUI

Deploy load balancer configurations on the Citrix ADC instance using Citrix ADM StyleBooks. For HA, the configuration is deployed on both Citrix ADC instances that are in HA.

To create configuration packs through StyleBooks:

  1. In Citrix ADM, navigate to Applications > Configuration > Create New, and select the HTTP/SSL LoadBalancing (with Monitors) StyleBook from the list. The StyleBook opens as a user interface page on which you enter the values for all the parameters defined in this StyleBook.

  2. Specify values for all the required parameters.

  3. Select the target Citrix ADC VPX instance that is provisioned in the NSX environment, and click Create to apply the configuration on the selected device. For HA deployment, select the instances that are in HA mode.

Verifying Creation of Virtual Servers and Service Groups in Citrix ADC VPX Instances

You can view that the service groups and virtual servers are created by loogin on to the Citrix ADC VPX instance.

To view the service groups and virtual servers:

  1. Log on to the Citrix ADC VPX instance. For HA deployment, you must log on to both Citrix ADC instances that are in HA.

  2. Navigate to Configuration > System > Networking. In the right pane, you can view the IP addresses that are added. Click the IP address hyperlink to see the details. You can see that the subnet IP address is same as the IP address of the web interface that was added in NSX.

  3. Next, navigate to Traffic Management > Load Balancing > Virtual Servers and view the virtual server details.

  4. Next, navigate to Service Groups and view the service group details.

  5. Finally, navigate to Configuration > System > Licenses to view the licenses that are applied to this instance.

Deleting Load Balancing Services

When the load balancing services are no longer required on the Citrix ADC VPX instances deployed on the NSX manager, you can delete the service insertions that were performed earlier.

To delete configuration and service insertion:

  1. In Citrix ADM, Navigate to Applications > Configuration, select the application configuration created, and then delete the configuration by clicking on the “X” icon.

  2. In NSX Manager, navigate to the edge gateway to which the Citrix ADC VPX instance is connected. Navigate to Manage > Load Balancer > Global Configuration, right-click on the runtime entry, and then click Unprovision. The virtual machine is rendered out of service.

  3. In Citrix ADM, navigate to Orchestration > Cloud Orchestration > Edge Gateways. Verify that the respective mapping of Edge gateway to deleted instance should not be present.