Add back-end AWS Autoscaling service

Efficient hosting of applications in a cloud involves easy and cost-effective management of resources depending on the application demand. To meet increasing demand, you have to scale network resources upward. Whether demand subsides, you need to scale down to avoid the unnecessary cost of idle resources. To minimize the cost of running the application by deploying only as many instances as are necessary during any given period of time, you have to constantly monitor traffic, memory and CPU use, and so on. However, monitoring traffic manually is cumbersome. For the application environment to scale up or down dynamically, you must automate the processes of monitoring traffic and of scaling resources up and down whenever necessary.

Integrated with AWS Auto Scaling service, the NetScaler VPX instance provides the following advantages:

  • Load balance and management: Auto configures servers to scale up and scale down, depending on demand. The VPX instance auto detects Auto Scale groups in the back-end subnet and allows user to select the Auto Scale groups to balance the load. All of this is done by auto configuring the virtual and subnet IP addresses on the VPX instance.
  • High availability: Detects Auto Scale groups that span multiple availability zones and load-balance servers.
  • Better network availability: The VPX instance supports:
    • Back-end servers on different VPCs, by using VPC peering
    • Back-end servers on same placement groups
    • Back-end servers on different availability zones
  • Graceful connection termination: Removes Auto Scale servers gracefully, avoiding loss of client connections when scale-down activity occurs, by using the Graceful Timeout feature.

Diagram: AWS Auto Scaling Service with a NetScaler VPX Instance

localized image

The above diagram illustrates how the AWS Auto Scaling service works with a NetScaler VPX instance (LB virtual server). For more information, see the following AWS topics.

Before you begin

Before you start using Auto Scaling with your NetScaler VPX instance, you should complete the following tasks.

  1. Read the following topics:

  2. Create a NetScaler VPX instances on AWS according to your requirement.


    Citrix recommends the CloudFormation template for creating NetScaler VPX instances on AWS.

    Citrix recommends you to create three interfaces: one for management (NSIP), one for client-facing LB virtual server (VIP), and one for subnet IP (NSIP).

  3. Create an AWS Auto Scale group. If you don’t have an existing Auto Scaling configuration, you need to:

    a) Create a Launch Configuration

    b) Create an Auto Scaling Group

    c) Verify the Auto Scaling Group

    For more information, see

  4. In the AWS Autoscale group, you must specify at least one scale-down policy. The NetScaler VPX instance supports only the Step scaling policy. The Simple scaling policy and Target tracking scaling policy are not supported for Autoscale group.

Add the AWS Auto Scaling service to a NetScaler VPX instance

You can add the Auto Scaling service to a VPX instance with a single click by using the GUI. Complete these steps to add the Auto Scaling service to the VPX  instance:

1. Log on to the VPX instance by using your credentials for nsroot.

2. When you log on to the NetScaler VPX instance for the first time, you see the default Cloud Profile page. Select the AWS auto scaling group from drop-down menu and click Create to create a cloud profile. Click Skip if you want to create the cloud profile later.

Points to keep in mind while creating a Cloud Profile: By default the CloudFormation Template creates and attaches the below IAM Role.


    “Version”: “20120-17”,

    “Statement”: [


            “Action”: [











              “iam: SimulatePrincipalPolicy”

             “iam: GetRole”


            “Resource”: “*”,

            “Effect”: “Allow”




Ensure the IAM Role of instance has proper permissions.

  • The virtual server IP address is autopopulated from the free IP address available to the VPX instance.
  • Auto Scale group is prepopulated from the Auto Scale group configured on your AWS account.
  • While selecting the Auto Scaling Group protocol and port, ensure your servers listen on those protocol and ports and you bind the correct monitor in the service group. By default, TCP monitor is used.
  • For SSL Protocol type Autos Scaling, after you create the Cloud Profile the load balance virtual server or service group will be down because of a missing certificate. You can bind the certificate to the virtual server or service group manually.
  • Select the Graceful Timeout option to remove Auto Scale servers gracefully.  If this option is not selected the server is the Auto Scale group is removed immediately after the load goes down, which might cause service interruption for the existing connected clients. Selecting Graceful and giving a timeout means in the event of scale down. The VPX instance does not remove the server immediately but marks one of the servers for graceful deletion. During this period, the instance does not allow new connections to this server. Existing connection are served till the timeout occurs, and after timeout the VPX instance removes the server.

Figure: Default Cloud Profile page

localized image

3. After first time logon if you want to create Cloud Profile,  on the GUI go to System > AWS > Cloud Profile and click Add.

localized image

The Create Cloud Profile configuration page appears.

localized image

Cloud Profile creates a NetScaler load-balancing (LB) virtual server (virtual server) and a service group with members (servers) as the servers of the Auto Scaling Group. Your back-end servers should be reachable through the SNIP configured on the VPX instance.

localized image


To view Auto Scale-related information in the AWS console, go to EC2 > Dashboard > Auto Scaling > Auto Scaling Group.

Add back-end AWS Autoscaling service