You can provision one or more NetScaler instances on the SDX appliance by using Management Service. The number of instances that you can install depends on the license you have purchased. If the number of instances added is equal to the number specified in the license, the Management Service does not allow provisioning more NetScaler instances.
To provision NetScaler instances on the SDX appliance,
- You need to define an admin profile to attach to the NetScaler instance. This profile specifies the user credentials that are used by the Management Service to provision the NetScaler instance and later, to communicate with the instance to retrieve configuration data. You can also use the default admin profile.
- Next, you need to upload the .xva image file to the Management Service.
- After uploading the .xva file, you can begin adding NetScaler instances using the Management Service. The Management Service implicitly deploys the NetScaler instances on the SDX appliance and then downloads configuration details of the instances.
When you add NetScaler instances from the Management Service, you need to provide values for some parameters, and the Management Service implicitly configures these settings on the NetScaler instances.
Typically, the Management Service and the management address (NSIP) of the NetScaler VPX instance are in the same subnetwork, and communication is over a management interface. However, if the Management Service and the instance are in different subnetworks, you have to specify a VLAN ID at the time of provisioning a NetScaler VPX instance, so that the instance can be reached over the network when it starts. If your deployment requires that the NSIP not be accessible through any interface other than the one selected at the time of provisioning the VPX instance, select the NSVLAN option.
Citrix recommends the default setting—NSVLAN not selected. You cannot change this setting after you have provisioned the NetScaler instance.
Note: For a high availability setup (active-active or active-standby), Citrix recommends that you configure the two NetScaler instances on different SDX appliances. Make sure that the instances in the setup have identical resources, such as CPU, memory, interfaces, packets per second (PPS), and throughput.
The host name assigned to the NetScaler instance.
The NetScaler IP (NSIP) address at which you access a NetScaler instance for management purposes. A NetScaler instance can have only one NSIP. You cannot remove an NSIP address.
The subnet mask associated with the NSIP address.
The default gateway that you must add on the NetScaler instance if you want access through SSH or the configuration utility from an administrative workstation or laptop that is on a different network.
The alternate IP address for the static route in VPX that should be used to establish connection with the Management Service, if the default route is not available.
The .xva image file that you need to provision. This file is required only when you add a NetScaler instance.
Specifies the license you have procured for the NetScaler. The license could be Standard, Enterprise, and Platinum or Secure Web Gateway.
Note: * indicates required fields.
The profile you want to attach to the NetScaler instance. This profile specifies the administrator (nsroot) user credentials that are used by the Management Service to provision the NetScaler instance and later, to communicate with the instance to retrieve configuration data. The user credentials used in this profile are also used while logging on to the NetScaler instance by using the GUI or the CLI. It is recommended that you change the default password of the admin profile. This is done by creating a new profile with a user-defined password. For more information, see Creating Admin Profiles above.
Add a description or comments related to the administrator profile.
Total Memory (MB)*
The total memory allocated to the NetScaler instance.
Number of SSL chips assigned to the NetScaler instance. SSL chips cannot be shared. The instance is restarted if you modify this value.
The total throughput allocated to the NetScaler instance. The total used throughput should be less than or equal to the maximum throughput allocated in the SDX license. If the administrator has already allocated full throughput to multiple instances, no further throughput can be assigned to any new instance.
Packets per second*
The maximum number of packets that the instance can receive per second.
Assign a dedicated core or cores to the instance, or the instance shares a core with other instance(s). If you select shared, then one core is assigned to the instance but the core might be shared with other instances if there is a shortage of resources. Reboot affected Instances if CPU cores are reassigned. Restart the instances on which CPU cores are reassigned to avoid any performance degradation.
From NetScaler SDX release 11.1.x.x (MR4), if you are using SDX 25000xx platform, you can assign a maximum of 16 cores to an instance. Also, if you are using SDX 2500xxx platform, you can assign a maximum of 11 cores to an instance.
Note: For an instance, the maximum throughput that you configure is 180 Gbps.
The following table lists the supported NetScaler VPX, Single bungle image version, and the number of cores you can assign to an instance:
The user name for the NetScaler instance administrator. This user has superuser access, but does not have access to networking commands to configure VLANs and interfaces.
The password for the instance administrator's user name.
The password for the instance administrator's user name.
The access allowed to the NetScaler instance administrator.
Allow L2 Mode
Allow L2 mode on the NetScaler instance. Select this option before you log on to the instance and enable L2 mode. For more information, see Allowing L2 Mode on a NetScaler Instance.
Note: If you disable L2 mode for an instance from the Management Service, you must log on to the instance and disable L2 mode from that instance. Failure to do so might cause all the other NetScaler modes to be disabled after you restart the instance
Select to associate the management channel to the instance.
Specify a VLAN ID for the management channel member interfaces.
This specifies the network interfaces assigned to a NetScaler instance. You can selectively assign interfaces to an instance. For each interface, if you select Tagged, specify a VLAN ID.
Important: The interface IDs of interfaces that you add to an instance do not necessarily correspond to the physical interface numbering on the SDX appliance. For example, if the first interface that you associate with instance 1 is SDX interface 1/4, it appears as interface 1/1 when you log on to the instance and view the interface settings, because it is the first interface that you associated with instance 1.
- If a non-zero VLAN ID is specified for a NetScaler instance interface, all the packets transmitted from the NetScaler instance through that interface will be tagged with the specified VLAN ID. If you want incoming packets meant for the NetScaler instance that you are configuring to be forwarded to the instance through a particular interface, you must tag that interface with a VLAN ID and ensure that the incoming packets specify that VLAN ID.
- For an interface to receive packets with multiple VLAN tags, you must specify a VLAN ID of 0 for the interface, and you must specify the required VLAN IDs for the NetScaler instance interface.
An integer that uniquely identifies the VLAN. Minimum value: 2. Maximum value: 4095.
Specify a list of VLAN IDs that can be associated with a NetScaler instance.
The IPv4 VRID that identifies the VMAC. Possible values: 1 to 255. For more information, see Configuring VMACs on an Interface.
The IPv6 VRID that identifies the VMAC. Possible values: 1 to 255. For more information, see Configuring VMACs on an Interface.
MAC Address Mode
Assign a MAC address. Select from one of the following options:
- Default—XenServer assigns a MAC address.
- Custom—SDX Administrator assigns a MAC address. The SDX administrator can use this setting to override the generated MAC address.
- Generated—Generate a MAC address by using the base MAC address set earlier. For information about setting a base MAC address, see Assigning a MAC Address to an Interface.
Specify a MAC address that overrides the generated MAC address. Used with the Custom mode setting.
A VLAN to which the subnet of the NetScaler management IP (NSIP) address is bound. The NSIP subnet is available only on interfaces that are associated with the NSVLAN. Select this check box if your deployment requires that the NSIP not be accessible through any interface other than the one you select in the VLAN Settings dialog box. This setting cannot be changed after the NetScaler instance is provisioned.
- HA heartbeats will be sent only on the interfaces that are part of the NSVLAN.
- You can configure an NSVLAN only from VPX XVA build 9.3-53.4 and later.
Important: If NSVLAN is not selected, running the "clear config full" command on the VPX instance deletes the VLAN configuration.
Designate all interfaces associated with the VLAN as 802.1q tagged interfaces.
Note: If you select tagged, make sure that management interfaces 0/1 and 0/2 are not added.
Bind the selected interfaces to the VLAN.
For more information about how to provision a NetScaler VPX instance, see this video.