Configure a GSLB service group

Service group enables you to manage a group of services as easily as a single service. For example, if you enable or disable an option, such as compression, health monitoring, or graceful shutdown, for a service group, the option gets enabled or disabled for all the members of the service group.

After creating a service group, you can bind it to a virtual server, and you can add services to the group. You can also bind monitors to the service groups.

Important

If the load balancing virtual server is either in a GSLB node itself or is in a child node (in parent-child deployment) and no monitors are bound to the GSLB service, then make sure the following:

The GLSB service group IP address, port number, and protocol match the virtual server that the service is representing. Else, the service state is marked as DOWN.

The NetScaler supports the following types of GSLB service groups.

  • IP address based service groups
  • Domain name based service groups
  • Domain name based autoscale service groups

GSLB domain name based autoscale service groups

The NetScaler hybrid and multi-cloud global server load balancing (GSLB) solution enables customers to distribute application traffic across multiple data centers in hybrid clouds, multiple clouds, and on premises. The NetScaler GSLB solution supports various load balancing solutions, such as the NetScaler load balancer, Elastic Load Balancing (ELB) for Amazon Web Services (AWS), and other third-party load balancers. Also, the GSLB solution performs global load balancing even if the GSLB and load balancing layers are independently managed.

In cloud deployments, users are given a domain name as a reference when accessing the load balancing solution for management purposes. It is recommended that external entities do not use the IP addresses that these domain names resolve to. Also, the load balancing layers scale up or down based on the load, and the IP addresses are not guaranteed to be static. Therefore, it is recommended to use the domain name to refer to the load balancing endpoints instead of IP addresses. This requires the GSLB services to be referred using the domain name instead of IP addresses and it must consume all the IP addresses returned for the load balancing layer domain name and have a representation for the same in GSLB.

To use domain names instead of IP addresses when referring to the load balancing endpoints, you can use the domain name based service groups for GSLB.

Monitor GSLB domain name based service groups

The NetScaler appliance has two built-in monitors that monitor TCP-based applications; tcp-default and ping-default. The tcp-default monitor is bound to all TCP services and the ping-default monitor is bound to all non-TCP services. The built-in monitors are bound by default to the GSLB service groups. However, it is recommended to bind an application specific monitor to the GSLB service groups.

Recommendation for setting the trigger monitors option to MEPDOWN

The Trigger Monitors option can be used to indicate if the GSLB site must use the monitors always, or use monitors when metrics exchange protocol (MEP) is DOWN.

The Trigger Monitors option is set to ALWAYS by default.

When the Trigger Monitors option is set to ALWAYS, each GSLB node triggers the monitors independently. If each GSLB node triggers the monitors independently, then each GSLB node might operate on different set of GSLB services. This might result in discrepancies in the DNS responses for the DNS requests landing on these GSLB nodes. Also, if each GSLB node is monitoring independently, then the number of monitor probes reaching the load balancer entity increases. The persistence entries also become incompatible across the GSLB nodes.

Therefore, it is recommended that the Trigger Monitors option on GSLB site entity is set to MEPDOWN. When the Trigger Monitors option is set to MEPDOWN, the load balancing domain resolution and monitoring ownership lies with the local GSLB node. When Trigger Monitors option is set to MEPDOWN, the load balancing domain resolution and subsequent monitoring is done by the local GSLB node of a GSLB service group. The results are then propagated to all other nodes participating in GSLB by using the metrics exchange protocol (MEP).

Also, whenever the set of IP addresses associated with a load balancing domain are updated, it is notified through MEP.

Limitations of GSLB service groups

  •  For a load balancing domain, the IP address that is returned in the DNS response is generally the public IP address. The private IP address cannot be applied dynamically when the load balancing domain is resolved. Therefore, public IP port and private IP port for the GSLB domain name based autoscale service groups IP port bindings are the same. These  parameters cannot be set explicitly for the domain name based autoscale service groups.
  • Site persistence, DNS views, and clustering are not supported for GSLB service groups.

Configure and manage GSLB service groups by using the CLI

Operation CLI Command
To add a GSLB service group add gslb serviceGroup <serviceGroupName>@ <serviceType> [-autoScale ( DISABLED | DNS )] -siteName <string>
  Example: add gslb serviceGroup Service-Group-1 http -siteName Site1 -autoScale DNS
To bind a GSLB service group to a virtual server bind gslb serviceGroup <serviceGroupName> ((<IP>@ <port>) | <serverName>@ | ((-monitorName <string>@
  Example: bind gslb serviceGroup Service-Group-1 203.0.113.2; bind gslb serviceGroup Service-Group-1 S1 80; bind gslb serviceGroup Service-Group-1 -monitorName Mon1
To unbind a GSLB service group to a virtual server unbind gslb serviceGroup <serviceGroupName> ((<IP>@ <port>) | <serverName>@ | -monitorName <string>@)
  Example:unbind gslb serviceGroup Service-Group-1 -monitorName Mon1
To set parameters for a GSLB service group set gslb serviceGroup <serviceGroupName>@ [(<serverName>@ <port> [-weight <positive_integer>] [-hashId <positive_integer>] [-publicIP <ip_addr|ipv6_addr|*>] [-publicPort <port>]) | -maxClient <positive_integer> | -cip ( ENABLED | DISABLED ) | <cipHeader> | -cltTimeout <secs> | -svrTimeout <secs> | -maxBandwidth <positive_integer> | -monThreshold <positive_integer> | -downStateFlush ( ENABLED | DISABLED )] [-monitorName <string> -weight <positive_integer>] [-healthMonitor ( YES | NO )] [-comment <string>] [-appflowLog ( ENABLED | DISABLED )]
To unset parameters from a GSLB service group unset gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port> [-weight] [-hashId] [-publicIP] [-publicPort]] [-maxClient] [-cip] [-cltTimeout] [-svrTimeout] [-maxBandwidth] [-monThreshold] [-appflowLog] [-monitorName] [-weight] [-healthMonitor] [-cipHeader] [-downStateFlush] [-comment]
To enable a GSLB service group enable gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port>]
  Example:enable gslb serviceGroup SG1 S1 80
To disable a GSLB service group disable gslb serviceGroup <serviceGroupName>@ [<serverName>@ <port>] [-delay <secs>] [-graceFul ( YES /| NO )]
  Example:disable gslb serviceGroup SRG2 S1 80
  Note: The service group that has to be disabled must be a DBS service group and not an autoscale service group.
To remove a GSLB service group rm gslb serviceGroup <serviceGroupName>
  Example:rm gslb serviceGroup Service-Group-1
To view the statistics of a GSLB service group stat gslb serviceGroup [<serviceGroupName>]
  Example:stat gslb serviceGroup Service-Group-1
To view the properties of a GSLB service group show gslb serviceGroup [<serviceGroupName> -includeMembers]
  Example: show gslb serviceGroup SG1; show gslb serviceGroup -includeMembers

Changes to the existing GSLB CLI commands

The following table lists some of the changes that are done to the existing GSLBs commands after the introduction of the GSLB service groups.

CLI Command Change
bind gslb vserver The service group name is added to the bind command.
  Example:bind gslb vserver <name> ((-serviceName <string> [-weight <positive_integer>] ) | <serviceGroupName>@ | | (-domainName <string> [-TTL <secs>] [-backupIP<ip_addr|ipv6_addr|*>] [-cookieDomain <string>] [-cookieTimeout <mins>][-sitedomainTTL <secs>]) | (-policyName <string>@ [-priority<positive_integer>] [-gotoPriorityExpression <expression>] [-type REQUEST | RESPONSE )]))
unbind gslb vserver The service group is added to the unbind command.
Example: unbind gslb vserver <name> (-serviceName <string> <serviceGroupName> @ /(-domainName <string> [-backupIP] [-cookieDomain]) | -policyName <string>@)
show gslb site When this command is executed, the GSLB service groups are also displayed.
show gslb vs When this command is executed, the GSLB service groups are be displayed.
stat gslb vs When this command is executed, the GSLB service groups statistics are also displayed.
show lb monitor bindings When this command is executed the GSLB service group bindings are also displayed.

Configure GSLB service groups by using the GUI

  1. Navigate to Traffic Management > GSLB > Service Groups.
  2. Create a service group and set the AutoScale Mode to DNS.

Tip

For deployment scenario and example configuration of GSLB service groups, see the following topics:

Configure a GSLB service group