Session Recording

Configure load balancing in an existing deployment

This article guides you through the process of adding load balancing nodes using Citrix ADC in an existing Session Recording deployment. The following servers are used as an example throughout the process. You can also deploy and load-balance Session Recording in Azure.

  • Session Recording

    Host Name Server Role OS IP Address
    SRServer1 Session Recording Server Windows Server 10.63.32.55
    LBDC Domain controller Windows Server 10.63.32.82
    TSVDA Session Recording Agent Windows Server 10.63.32.215
    SRSQL Session Recording Database and the file server Windows Server 10.63.32.91

    All Session Recording components and the domain controller share a domain, for example, lb.com. The domain administrator account, for example, lb\administrator, is used for server logon.

  • Citrix ADC

    Host Name Server Role Management IP Address (NSIP) Subnet IP Address (SNIP)
    Netscaler Citrix ADC VPX instance 10.63.32.40 10.63.32.109

    For more information, see Deploy a Citrix ADC VPX instance.

Step 1: Create shared folders on the file server

  1. Log on to the file server by using a domain administrator account, for example, lb\administrator.

  2. Create a folder to store recordings and name the folder SessionRecording, for example, C:\SessionRecording. Share the Read/Write permission of the folder with a Session Recording Server. Using SRServer1 as an example, type LB\SRSERVER1$. The dollar sign $ is required.

    Sharing permissions of a folder

    Sharing permissions of a folder to a target server

  3. Create a subfolder within the SessionRecording folder and name the subfolder share, for example, C:\SessionRecording\share.

    Sharing permissions of a folder

  4. Create another folder to restore archived recordings and name the folder SessionRecordingsRestored, for example, C:\ SessionRecordingsRestored. Share the Read/Write permission of the folder with a Session Recording Server. Using SRServer1 as an example, type LB\SRSERVER1$. The dollar sign $ is required.

  5. Create a subfolder within the SessionRecordingsRestored folder and name the subfolder share, for example, C:\ SessionRecordingsRestored\share.

Step 2: Configure an existing Session Recording Server to support load balancing

This step describes how to configure an existing Session Recording Server to support load balancing. Step 7 details the procedure of adding more Session Recording Servers to your existing deployment.

  1. Log on to a Session Recording Server by using a domain administrator account.

  2. Open Session Recording Server Properties.

    Session Recording Server Properties

  3. Add the Universal Naming Convention (UNC) paths created in Step 1 to store and restore recording files, in this example, \\SRSQL\SessionRecording\share and \\SRSQL\SessionRecordingRestored\share. SRSQL is the host name of the file server.

    Note:

    The Session Recording Player cannot play files under a path that contains a drive letter or a dollar sign ($) unless you install the player and the Session Recording Server on the same machine.

    Add UNC paths

  4. Add a value to the Session Recording Server registry key at HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\Server.

    Value name: EnableLB
    Value data: 1 (D_WORD, meaning enable)

    Add a registry key value

  5. Restart the Citrix Session Recording Storage Manager service.

Step 3: Configure load balancing in Citrix ADC

There are two ways to configure load balancing in Citrix ADC - TCP passthrough and SSL offloading.

Configure load balancing through TCP passthrough

The following topologies show how to configure load balancing through TCP passthrough.

  • If you are using the Python-based WebSocket server (Version 1.0):

    Configure load balancing through TCP passthrough

  • If you are using the WebSocket server hosted in IIS (Version 2.0):

    Configure load balancing through TCP passthrough

To configure load balancing through TCP passthrough, complete the following steps:

  1. Log on to your Citrix ADC VPX instance.

  2. Navigate to Configuration > System > Settings > Configure Basic Features.

    Configure Basic Features

  3. Select Load Balancing and click OK.

    Select Load Balancing

  4. Add load balancing servers.

    Navigate to Traffic Management > Load Balancing > Servers and click Add.

    Add load balancing servers

    Type the name and IP address of a Session Recording Server and then click Create. For example:

    Create a load balancing server

    Click the save icon in the upper right corner to save your changes.

    Click save

  5. For WebSocket server Version 1.0, add load balancing services of ports 80, 1801, 22334, and 443 for each Session Recording Server. For WebSocket server Version 2.0, add load balancing services of ports 80, 1801, and 443 for each Session Recording Server.

    Navigate to Traffic Management > Load Balancing > Services and click Add.

    Add load balancing services

    Type a name for each load balancing service you add. Choose Existing Server, select the IP address of your target Session Recording Server, select TCP as the server protocol, and type a port number. Click OK.

    Create a load balancing service

    Bind the TCP protocol monitor to each load balancing service.

    Bind the TCP protocol monitor

    Click the save icon in the upper right corner to save your changes.

    Save created services

    Tip:

    The load balancing service of port 22334 is required only for WebSocket server Version 1.0.

  6. Add load balancing virtual servers.

    For WebSocket server Version 1.0, complete the following steps to add load balancing virtual servers of ports 80, 443, 1801, and 22334. For WebSocket server Version 2.0, add load balancing virtual servers of ports 80, 443, and 1801. For example:

    Save virtual servers

    Navigate to Traffic Management > Load Balancing > Virtual Servers and click Add.

    Add virtual servers

    Add each virtual server with the Citrix ADC VIP address based on the TCP protocol. The Citrix ADC VIP address must be on the same subnet as the Session Recording components.

    Load balancing virtual server

    Bind each virtual server to the load balancing service of the same port. For example:

    Load balancing virtual server service binding

    Add a virtual server service binding

    Choose a load balancing method.

    Choose a load balancing method

    Configure persistence on each virtual server. We recommend you select SOURCEIP as the persistence type. For more information, see Persistence settings.

    Configure persistence

  7. Create a host record for the Citrix ADC VIP address on the domain controller.

    Create a host record

  8. To access the web player over HTTPS, ensure that a SAN certificate is available both on Citrix ADC and on each Session Recording Server. A SAN certificate contains the FQDNs of the Citrix ADC and of each Session Recording Server.

    SAN certificate

Configure load balancing through SSL offloading

The following topologies show how to configure load balancing through SSL offloading.

  • If you are using the Python-based WebSocket server (Version 1.0):

    Configure load balancing through SSL offloading

  • If you are using the WebSocket server hosted in IIS (Version 2.0):

    Configure load balancing through SSL offloading

  1. Log on to your Citrix ADC VPX instance.

  2. Navigate to Configuration > System > Settings > Configure Basic Features.

    Configure Basic Features

  3. Select SSL Offloading and Load Balancing and click OK.

    Select SSL Offloading and Load Balancing

  4. Add load balancing servers.

    Navigate to Traffic Management > Load Balancing > Servers and click Add.

    Add load balancing servers

    Type the name and IP address of a Session Recording Server and then click Create. For example:

    Create a load balancing server

    Click the save icon in the upper right corner to save your changes.

    Click save

  5. Add load balancing services for each Session Recording Server you added in the previous step.

    Add the following load balancing services for each Session Recording Server:

    • (Required only when you are using the WebSocket server Version 1.0) SSL load balancing service of port 22334 that binds to the TCP monitor
    • SSL load balancing service of port 443 that binds to the HTTPS monitor
    • TCP load balancing service of port 1801 that binds to the TCP monitor

    For example:

    Load balancing services for a server

    Navigate to Traffic Management > Load Balancing > Services and click Add.

    Add load balancing services

    (Required only when you are using the WebSocket server Version 1.0) Add an SSL load balancing service of port 22334 for each Session Recording Server. Type a name for the load balancing service, choose Existing Server, select the IP address of a Session Recording Server, select SSL as the server protocol, type port number 22334, and click OK.

    For example, see the following screen capture.

    Create an SSL load balancing service of port 22334

    Bind the TCP monitor to the SSL load balancing service you just added.

    Bind the TCP protocol monitor to the SSL load balancing service of port 22334

    Add an SSL load balancing service of port 443 for each Session Recording Server. Type a name for the load balancing service, choose Existing Server, select the IP address of a Session Recording Server, select SSL as the server protocol, type port number 443, and click OK.

    Create an SSL load balancing service of port 443

    Bind the HTTPS monitor to the SSL load balancing service you just added.

    Bind the HTTPS protocol monitor to the SSL load balancing service of port 443

    Add a TCP load balancing service of port 1801 for each Session Recording Server. Type a name for the load balancing service, choose Existing Server, select the IP address of a Session Recording Server, select TCP as the server protocol, type port number 1801, and click OK.

    Create an SSL load balancing service of port 1801

    Bind the TCP monitor to the TCP load balancing service you just added.

    Bind the TCP protocol monitor to the SSL load balancing service of port 1801

  6. (Required only when you are using the WebSocket server Version 1.0) Add an HTTP profile for each SSL load balancing service of port 22334.

    Navigate to System > Profiles > HTTP Profiles and click Add.

    Add HTTP profiles

    Select the Enable WebSocket connections check box and accept the other default settings.

    Enable WebSocket connections

    Type a name for the HTTP profile, for example, websocket_SSL.

    Go back to each SSL load balancing service of port 22334, for example, srv-1-22334. Click + Profiles.

    Add profiles

    Select the HTTP profile, for example, websocket_SSL, and click OK and then Done.

    Select a profile to add

  7. (Required only when you are using the WebSocket server Version 2.0) Add an HTTP profile for each SSL load balancing service of port 443.

  8. Create a host record for the Citrix ADC VIP address on the domain controller.

    Create a host record

  9. Add load balancing virtual servers.

    Add the following load balancing virtual servers with the Citrix ADC VIP address. The Citrix ADC VIP address must be on the same subnet as the Session Recording components.

    • (Required only when you are using the WebSocket server Version 1.0) load balancing virtual server of port 22334 based on SSL
    • load balancing virtual server of port 443 based on SSL
    • load balancing virtual server of port 1801 based on TCP

    For example, see the following screen capture.

    Load balancing virtual servers of three port numbers

    Navigate to Traffic Management > Load Balancing > Virtual Servers and click Add.

    Add virtual servers

    Add each virtual server with the Citrix ADC VIP address. Type a server name, select TCP or SSL, and select the relevant port number as described earlier.

    Virtual server of port 80

    Bind each virtual server to the load balancing service of the same port. For example:

    Bind to the load balancing service of the same port

    Tip:

    The load balancing service of port 22334 is required only when you are using the WebSocket server Version 1.0.

    Choose a load balancing method.

    Load balancing method

    Configure persistence on each virtual server. We recommend you select SOURCEIP as the persistence type. For more information, see Persistence settings.

    Configure persistence

    (Required only when you are using the WebSocket server Version 1.0) Add an HTTP profile for the load balancing virtual server of port 22334.

    Add an HTTP profile for the load balancing virtual server of port 22334

  10. Install a Subject Alternative Name (SAN) certificate in Citrix ADC.

    Obtain a SAN certificate in PEM format from a trusted Certificate Authority (CA). Extract and upload the certificate and private key files in Citrix ADC by navigating to Traffic Management > SSL > Server Certificate Wizard.

    For more information, see SSL certificates.

    Install a certificate

  11. Bind a SAN certificate to each SSL load balancing virtual server.

    Navigate to Traffic Management > Load Balancing > Virtual Servers, select an SSL load balancing virtual server, and click Server Certificate.

    Server certificate

    Add the previously mentioned SAN certificate and click Bind.

Step 4: Configure an existing Session Recording Agent to support load balancing

  1. Log on to the Session Recording Agent by using a domain administrator account.

  2. Open Session Recording Agent Properties.

  3. Complete this step if you use Microsoft Message Queuing (MSMQ) over TCP.

    Type the FQDN of your Citrix ADC VIP address in the Session Recording Server box.

    Session Recording Server box

    On each Session Recording Server, add and set the IgnoreOSNameValidation DWORD value to 1 under HKEY_LOCAL_MACHINE\ SOFTWARE\Microsoft\MSMQ\Parameters.

  4. Complete this step if you use MSMQ over HTTP or HTTPS.

    (Skip if this step is done) Create a host record for the Citrix ADC VIP address on the domain controller.

    Create a host record for the Citrix ADC VIP address

    On each Session Recording Server, run the powershell.exe -file SrServerConfigurationSync.ps1 –Action AddRedirection – ADCHost <ADCHost> command to add redirections from Citrix ADC to the local host. <ADCHost> is the FQDN of the Citrix ADC VIP address. A redirection file, for example, sr_lb_map.xml is generated under C:\Windows\System32\msmq\Mapping.

    Add redirections

    Note: Change to the folder where SrServerConfigurationSync.ps1 resides when you run PowerShell.exe.

    Type the FQDN of your Citrix ADC VIP address in the Session Recording Server box. For example:

    Type the FQDN of your Citrix ADC VIP address

Step 5: Configure an existing Session Recording Player to support load balancing

On each machine where you installed the Session Recording Player component, add the Citrix ADC VIP address or its FQDN as the connected Session Recording Server.

Step 6: Check whether load balancing works for the configured, existing Session Recording Server

  1. Launch a Citrix virtual session.
  2. Check whether the session can be recorded.
  3. Check whether the web player and the Session Recording Player can play back the recording file.

Step 7: Add more Session Recording Servers

  1. Prepare a machine in the same domain and install only the Session Recording Server and Session Recording Administrator Logging modules on the machine.

    Install only the Session Recording Server and Session Recording Administrator Logging modules

  2. Use the same database names as the existing Session Recording Server. For example:

    Use the same database names

  3. Disable the network firewall on the machine.

  4. On the SQL Server where you installed the Session Recording Database, add all the Session Recording Server machine accounts to the shared Session Recording Database and assign them with the db_owner permission. For example:

    Add all the Session Recording Server machine accounts to the shared Session Recording Database

    Assign a database permission

  5. Share the Read/Write permission of the recording storage and restore folders, for example, SessionRecording and SessionRecordingsRestored, with the machine account of the new Session Recording Server, for example, LB\SRServer2$. The dollar sign $ is required.

  6. Repeat Step 3 to add load balancing services for the new Session Recording Server and edit existing virtual servers to add bindings to the load balancing services. There is no need to add more virtual servers. For example:

    A new Session Recording Server

    Add load balancing services for a new Session Recording Server

    Edit virtual servers

    Virtual server service binding

  7. Copy the Session Recording Authorization Console configuration file, SessionRecordingAzManStore.xml, from the existing Session Recording Server to the new Session Recording Server. The file lives in <Session Recording Server installation path>\App_Data.

  8. To use MSMQ over HTTP or HTTPS for the new Session Recording Server, complete the following steps to import registry settings of the currently functioning Session Recording Server.

    On the existing Session Recording Server, for example, SRServer1, run the powershell.exe -file SrServerConfigurationSync.ps1 –Action Export – ADCHost <ADCHost > command, where <ADCHost> is the FQDN of the Citrix ADC VIP address. An exported registry file, SrServerConfig.reg, is generated.

    Copy the SrServerConfig.reg file to the new Session Recording Server and run the powershell.exe -file SrServerConfigurationSync.ps1 –Action Import,AddRedirection – ADCHost <ADCHost> command. The EnableLB value is added to the registry key of the new Session Recording Server at HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\Server and a sr_lb_map.xml file is added under C:\Windows\System32\msmq\Mapping.

  9. Repeat the procedure to add another Session Recording Server.

Troubleshoot

  • Sessions are not recording when you use a CNAME record or an ALIAS record for a Session Recording Server. To address this issue, see the Microsoft documentation.

  • Recording files can be stored locally but cannot be stored in a Universal Naming Convention (UNC) path. To address this issue, change the start mode of the Citrix Session Recording Storage Manager service to Automatic (Delayed Start).