Guide to Providing a highly available Citrix StoreFront Service using NetScaler GSLB

Guide to Providing a highly available Citrix StoreFront Service using NetScaler GSLB

Guide to Providing a highly available Citrix StoreFront Service using NetScaler GSLB

This post has already been read 6686 times!

When doing any Citrix deployment you will almost always start with (or near enough start with) a Citrix StoreFront build.

You will build your StoreFront primary server, add your certificate, customize the look and feel, then add additional servers to your StoreFront cluster to make it highly available.  That’s where the issue lies generally, whilst this does make the configuration highly available (in that it’s replicated across multiple servers) it does not make the service itself highly available as the users will need to remember multiple server names in order to access their apps and desktops.  This is where you need to implement a load balancer to balance the traffic across your StoreFront servers and drop them should they become unavailable.

In this article I am going to take it a step further and fail from site to site should you loose an entire datacenter.  I will provide single datacenter high availability using local load balancers, provide multiple datacenter high availability using global server load balancing as well as provide capacity failover using a NetScaler feature called spillover.

The overall build we are going for is shown below (click on the image for a larger view).

overall design

Overview

An overview of what we are trying to achieve is:

  • 2 HA NetScaler clusters at each site, this allows for single NetScaler Failures within the datacenter
  • 2 delegated adns listeners, one at each site, these handle the DNS requests for the storefront shared dns name
  • 2 StoreFront Load Balanced clusters consisting of 2 servers.  One at each site.  This provides local StoreFront Server Failure HA
  • 2 GSLB Services, Primary and Failover, providing site to site StoreFront failure

Assumptions

Before starting this guide the following assumptions are being made:

  • Your 4 StoreFront Servers are built and in a Server Group within the Citrix StoreFront console
  • All StoreFront Servers are in the same domain
  • Your StoreFront config is complete and replicated across the servers
  • You have 4 free IP Addresses (2 for the ADNS Listeners and 2 for the Load Balancers – 2 addresses at each site)
  • You have the NetScaler HA clusters built at both sites
  • You have a dns name ready for the StoreFront service – in this case “storefront.bretty.me.uk”
  • You have configured the StoreFront base URL to point to the shared DNS name

Guide

NOTE: A number of these steps will need to be done on BOTH pairs of NetScalers – I will state where this is the case and where it is different.

Setting up the ADNS Listeners

First thing you are going to want to do is set up the ADNS listeners on the NetScalers to respond to the new StoreFront dns name.

Log into your NetScaler, navigate to Traffic Management, Load Balancing, Services.

01 - ands

Click add and fill out the service name, IP Address for the service (One of the free addresses) and select the protocol.

02 - adns details

Click ok.

Repeat this on both NetScaler Pairs in both Datacenters.

Thats it – you now have 2 ADNS listeners running at both Datacenters.

Delegate the DNS Responsibility

Next you will want to delegate the responsibility of the dns record to the NetScalers.  To do this log into your DNS Server, select the namespace that you want the delegated record to reside (bretty.me.uk) right click and create a new delegated record.  When asked for the servers you want to delegate the responsibility to add in the 2 IP Addresses for the new ADNS Listeners you have just created.

Create the Local Datacenter StoreFront Load Balancers

 

I am not going to re-invent the wheel on this, especially when I will only be re-hashing something that someone else has already written an excellent blog article on.

Robin Hobo has written a great article on installing and configuring StoreFront and creating the NetScaler load balancers and this can be found here.  Follow this document and once complete you should have a load balanced pair of StoreFront Servers.  You will need to create a Load Balanced Pair at EACH Datacenter.  This will give you the capability to fail over between datacenters if one were to fail.

Create the GSLB Sites

Navigate to Traffic Management, GSLB, Sites.

10 - gslb sites

Click on add and add your first GSLB site (LOCAL).  Give it an IP Address and set the type to LOCAL.

11 - local site

Click OK then click on Add again.  This time you will add the REMOTE Site.  Make sure you enter the IP Address for the remote Datacenter.

12 - remote site

Navigate to Traffic Management, GSLB, Services.

13 - gslb services

Click Add and fill out the details for your Local StoreFront Load Balanced Cluster.  Select Virtual Server and point the Service to your Local Load Balancer.

14 - local service

Click on OK and bind a HTTP monitor to the service.

Click Add again and fill out the details for your Remote StoreFront Load Balanced Cluster.  Select New Virtual Server and enter the IP Address for the Remote Load Balancer.

15 - remote service

Click on OK and bind a HTTP monitor to the service.

At this point you have 2 GSLB Services pointing to your 2 Load Balanced StoreFront Clusters, one in each Datacenter.  Now for the fun bit, linking it all together and providing a full HA solution for StoreFront.

Navigate to Traffic Management, GSLB, Virtual Servers

16 - gslb vs

You need to add 2 Virtual Servers.  One for the local Datacenter and one for the remote.  Its easier to start with the remote datacenter as when creating the local one you want to set the remote as a failover partner.  Its easier if its elready created!

Click add and give the GSLB Server a name and a service type.

01 - remote gslb general

Click ok, then click the + arrow next to Service

02 - remote service

Click to bind a service and bind your failover StoreFront service to the GSLB Server

03 - bind failover

You now need to create the primary GSLB StoreFront Service

Click add and give the GSLB Server a name and a service type.

04 - primary gslb

Click the + Arrow next to Service, Domains, Backup Virtual Server, Persistence and Spillover

02 - remote service

First, bind your primary StoreFront service to the GSLB server

05 - primary service bind

Next add the domain name that the GSLB Server is responsible for, in this case storefront.bretty.me.uk

06 - dns name

Select the Backup Virtual Server from the list provided.  You can select to disable the primary when it goes down.  This means that when the primary datacenter fails the service will fail over to the secondary site and remain there even if the primary comes back online.

07 - backup vs

Next set the persistence options.

08 - persistence

Finally set the spillover options – in this case I am re-directing users to the failover datacenter if the connections creep over 100.

09 - spillover

Click on Done.

NOTE:  You will now need to repeat this process on the second pair of NetScalers in the remote Datacenter.

That’s it, you now have a fully redundant StoreFront implementation.

Hope this helps some of you out, as always please share and comment.

Laters,

b@m

 

 

4 thoughts on “Guide to Providing a highly available Citrix StoreFront Service using NetScaler GSLB

  1. Peter

    Hello, nice work.

    But i think something is missing, if the storefront of local datacenter fails, the session authentication profile, where storefront FQDN address is configured on the webinterface address, will not work, because it is down and there is no session with the remote storefront cluster site configured on the webinterface address. In this case the GSLB failover config here is useless, without this config, i think.

    Thank you.

  2. Peter

    Thanks for answer. Yes, of course, ADNS will redirect. But what about domain binding? If i already have a domain binding for NETSCALER Failo over, how do i bind it to Storefront? Netscaler 11 return error: this domain is already bound to a gslb server. I suppose you cant have more that one failover for multidatacenters?

  3. Peter

    I found it, you need to simply bind the storefront gslb services to the already created GSLB server, and dont create new virtual servers, because you have already one associated to the netscalers service. Now youy only need to add the storefront services. This way you have netscaler and storefront failover.

Leave a Reply

Your email address will not be published. Required fields are marked *