RSS 

How To: Create a HA Pair using Citrix NetScaler

In this AskSupport How To video you will learn how to Create a HA Pair using Citrix NetScaler

Tags: technical support netscaler how to
Views: 4,199
Rating: 5

Transcript : Hi. I’m Ronan O’Brien from Citrix Tech Support Readiness. Today I’m going to show you how to create a HA pair from two NetScaler appliances. A little bit about HA pairing first. The logic that we use at the moment, as of November 2009, is that we have one active and one passive member. Okay? So I have my active member here. So this is going to be…this is going to be…this is what I want to be my primary. And here I have my proposed secondary here online. So I…this is a…this could be, for example, a box. If you want to upgrade the hardware in your HA pair, you would remove one of the…physically remove one of the boxes. You would then remove it from the config on your primary, and you would install the new hardware, and then you would be at this stage here. So you…in a HA pair you have two…the two most important IP addresses here are the NetScaler IPs. These must be unique. Okay? The systems must also be able to communicate with each other over these IP addresses. Okay? So I have put, on the left-hand side of the screen, we have the proposed primary on the left. And on the right, we have the proposed secondary. I’ve also opened these up in the configuration here, where on the left tab, we have the proposed primary, on the right tab, we have the proposed secondary. So I choose System and High Availability. We can see we have node …we have the node ID 0, which is I always what I call the south node. So node ID 0 is always, when you do a sho node command, it is the box that you’re running it on will be node 0. On the other system, the proposed primary, I look at the High Availability node, and we see node 0 and this IP address here. We can do this via the CLI or the gooey. Okay? So I’ll just show the command I would use on the CLI. The first thing we have to be aware of, is that when we join them in a HA pair is that there is a negotiation. Okay? Which one is going to take the primary. I know that this is the one I want it to…I want to be primary. But how do we make sure that that’s what actually happens? Okay? The first bit of logic, which decides which is the primary, is the system which has most recently been rebooted. Okay? Sorry. That will be the secondary. It’s important to get that right. So the system that has been most recently rebooted will be the secondary. So I do uptime from here? No. So I just drop into the shell and type: uptime. All right? I go to my other box and drop into the shell and type: uptime. So I can see here this is up for 39 minutes, and this is up for 12 minutes. Okay? So, that’s not good. All right? That means that if we just join the HA pair as it is, or as it stands, this system here is going to take the primary, because it’s been up longer. So we need to make sure…we need to make sure that we can avoid that from happening. So, let’s see how we go about that. I’m going to use the gooey for doing this just because there’s a few little added benefits to doing that. Here, on what I want to be the primary, okay, I’m going to say STAY PRIMARY as the mode, that’s the high availability status. Okay? And I can leave these two enabled for the moment. So I select OK. The equivalent command on the CLI would be set ha node minus…sorry set node minus hastatus STAYPRIMARY. That’s the command we use there. Okay? I can enter send command again. It doesn’t have any impact. On this…the proposed secondary, I’m going to say STAY SECONDARY. That’s the mode I’m going to use. Okay? So now I’m forcing it to go by a particular behavior. If I didn’t do this, because of the uptime, this box here would take primary, the proposed primary would lose its configuration, and that would be not a great situation to be in. So we now have the correct modes, the correct state has been set for both boxes. Now we just need to add the node. So, I’m going to go to my proposed primary. I’m going to click Add. And now I just put…have to provide the IP address. Okay? Now you can see here Configure remote system to participate in High Availability setup. That means I don’t have to do anything more on this system here. Okay? We have as well here, which is very important, Turn off HA monitoring on interfaces or channels that are down. Okay? So we have to assume, at this point in time, that we are happy with our interface configuration. So I’m going to click Close there for a second, and let’s just go onto here in interface section, and we can see that all of the interfaces are disabled. They don’t have enabled selected. That means that we’re not going to worry about HA monitoring on these particular interfaces for the moment. If they were enabled, that would mean that, if there was a HA failover event, what would happen there is packets would not be seen on those interfaces. And the system would then deem the appliance to be unhealthy in that case, which would cause a failover event, which we want to avoid. (Several seconds of the audio is missing. It comes back at this point.) HA to either node knows that this is an issue and would automatically correct that for us. Okay. So I’m just going to click OK at this point. And I’m going to go back to interfaces, and we’ll see that has changed those for us. I’m leaving…here we are…so HA monitoring has been turned off on the following interface channels. That’s fine. Click OK. And we can see now, this is still stay primary, and the secondary we’ve added is stay secondary. Let’s go back to our interfaces and just verify that they’ve all been added correctly…or changed correctly. I’m going to hit refresh. Okay, so now we have to go back and look at the secondary. So, the secondary is on stay secondary and stay primary. Let’s just change this to enabled. Okay, now it’s going to actively participate in HA. Has a node state of up on our secondary. I now go back to my primary. Actively participate in HA. Click OK. And now this is up as well. Now, what else has happened at this point? You know I did sho IP here. Okay? And I’m going to do sho IP again. This, remember, this is the secondary box I’m connected to. We see now it has these other IP addresses. The full configuration has been synchronized across. It now has the correct configuration, and is now simply in the passive mode, monitoring the primary, ready to step in whenever the primary is deemed unhealthy, or disappears off the network for whatever reason. It’ll step in. It’ll garp out for these IP addresses, which it owns, which it will then own. The system will then start to pass traffic. Okay? At this point we can do a simple…you can do some simple tests. You have the virtual servers which are up and running. Our primary. 10.96.196.53. Just do a quick test. So this is a redirect. Those errors, I have an application of firewall turned on. Let’s just disable that. And we go back. So that’s why I redirected here, because I’m using a…our firewall was configured. So, and here we have just a test page. So this is my…is the Vserver here. So you could do a test on this, make sure it’s up and running. Looks good. Okay. Now, we can issue a force failover. This can be issued from either primary or secondary. Okay? So, on the secondary box, I’m logged on here. I’m going to issue the force failover. It’s started. We can see now, this was the secondary IP. It’s now the primary. I go back to my IP. I hit refresh. It hits the Vserver. Everything’s still working. Okay. So it’s…you should do a test like that before you go live, issue a force failover command. It’s good practice, just to make sure that the licenses, that, you know, everything is as it should be, before going live. It’s a good final test to do. So that’s basically how to create a HA pair, how to test that it’s up and running. If you have any questions, please don’t be afraid to click the link below at the bottom of this page, or use our forums, which are linked from support.citrix.com, to ask any questions.

anonymous - Excellent. Clear and concise. Very clear audio.. would be great if you could have your audio recording setup used by the rest of the CitrixTV presenters.

Log In