SUM307: NetScaler VPX Implementation and Troubleshooting Harvey Miller – Senior Escalation Engineer May 11, 2010
Jan 14, 2016
SUM307: NetScaler VPX Implementation and Troubleshooting Harvey Miller – Senior Escalation EngineerMay 11, 2010
• Introduction to NetScaler VPX
• Installation and Licensing
• Troubleshooting
• Use Cases
Citrix Confidential - Do Not Distribute
Agenda
Introduction to NetScaler VPX
App delivery without the expensive tin
- Maxwell Cooter, TechWorld
Citrix Confidential - Do Not Distribute
• Virtual NetScaler appliance
• Hardware requirements
• Hypervisors Supported
• Differences between VPX and hardware
Citrix Confidential - Do Not Distribute
Introduction to NetScaler VPX
• XenServer
• XenCenter
• XenConvert
Citrix Confidential - Do Not Distribute
XenServer components
XenServer Architecture
Xen Hypervisor
DomUDom0
NS VPXLinux
Drivers PV Drivers
Client ServerL2 /L3
eth1 eth0
L2/L3
DomU
Guest OS
Citrix XenServer
Citrix Confidential - Do Not Distribute
VM Mechanism
Binary Translation – Sensitive/Privileged CPU Instructions are replaced with hypervisor code or calls “on the fly”
• Advantages: Unmodified Guest OS, No special hardware
• Disadvantages: Performance
Paravirtualization – The Guest OS is modified so that privileged/sensitive instructions are replaced with calls to the hypervisor
• Advantages: Performance, no special hardware required, relatively easy for hypervisor
• Disadvantages: Guest OS must be modified
Hardware assisted – Sensitive/Privileged CPU Instructions executed by the Guest OS trap out to the hypervisor
• Each processor vendor brands and implements this differently.• Intel: “VT-x”• AMD: “AMD-V”
• Advantages: Unmodified Guest OS, Relatively easy for hypervisor
• Disadvantages: Special hardware required
Hypervisor Architecture - XenServer
Xen Hypervisor
DomainU DomainUDomain0
XenCenterClient
GuestOS2NS VPXLinux
Xen daemon(s)
DriversPV Drivers
Xen Tools
• Bare metal. • Managed by “Domain0”• Domain 0 manages network and storage I/O of guest VMs• Hardware drivers run in Domain0• Paravirtualized Guest OS or hardware assist VMs only – no Binary Translation
Citrix Confidential - Do Not Distribute
Xen Hypervisor
NS VPX: Internals
Dom0 (Linux) DomU (NS VPX )
CPU Scheduler Memory
PV Front endDrivers
Real Drivers
Back-endDrivers Virtual CPU Virtual CPU
Virtual Memory Virtual Memory
Xen Tools
Xen daemon(s)
Citrix Confidential - Do Not Distribute
• Virtual hardware assist
• CPUs
• Memory
• NIC
Citrix Confidential - Do Not Distribute
Hardware requirements
Differences between VPX and hardware
Features of VPX Features of Hardware
Citrix Confidential - Do Not Distribute
• Tagged VLANs not supported
• No LACP
• No hardware assists
• No nCore support (yet)
• Only version 9.1 & up
• Full L2 support
• Hardware assists
• nCore with MPX models
• All versions compatible with hardware
Installation and Licensing
Setting the VM memory and VCPUs for the NetScaler VPX
Citrix Confidential - Do Not Distribute
Installation
Citrix Confidential - Do Not Distribute
Identifying the VPX from the CLI and GUI
• 1 Mbps
• 20 Mbps
• 1000 Mbps
• Standard
• Enterprise
• Platinum
• http://support.citrix.com/article/ctx122426
Citrix Confidential - Do Not Distribute
NetScaler VPX
• Free license
• Unlimited VMs• XenConvert (P2V and V2V)• Centralized multi-server manangement console• Live motion• Virtual infrastructure patch management• Intelligent server maintenance mode
Citrix Confidential - Do Not Distribute
XenServer licenses
• Citrix Essentials
• High Availability• Advanced server virtualization management• Intelligent workload placement• Rapid provisioning of new VMs
Citrix Confidential - Do Not Distribute
XenServer licenses (continued)
Troubleshooting
• Issues dealing with Networking
• Tracing
• Log file locations
Citrix Confidential - Do Not Distribute
TroubleShooting VPX
• CPU from XenCenter is 100%
• VPX shows lower values
• Which is right?
Citrix Confidential - Do Not Distribute
Why is my CPU so high?
Citrix Confidential - Do Not Distribute
XenCenter View
Citrix Confidential - Do Not Distribute
NetScaler VPX view
Lack of proper license while adding SSL certificates
NetScaler VPX missing a valid license
Some examples of problems with the license file(s)
The shell command `cat /var/log/license.log` reveals a missing license:
The shell command `cat /var/log/license.log` reveals an invalid license:
The shell command `cat /var/log/license.log` reveals an expired license:
Using Tagged VLANs With the NetScaler VPX
Citrix Confidential - Do Not Distribute
XenServer Host (Dom0)
Virtual Machines (DomU)
Trunk Port(tagged VLANs)
ExternalSwitch
Virtual Switches
Vlan 1Vlan 53Vlan 128
NetScaler VPX
UntaggedVLANs
1/2 1/3 1/4 Virtual Interfaces
Identifying the NetScaler VPX interfaces
Reboot messages in the logs
Citrix Confidential - Do Not Distribute
Reboot messages in the logs
Citrix Confidential - Do Not Distribute
Reboot messages in the logs
Citrix Confidential - Do Not Distribute
Use Cases
• Lab Environment
• Proof of Concept
• Separation of traffic
• Real world simulation
Citrix Confidential - Do Not Distribute
Use Cases
Real World Simulation
Citrix Confidential - Do Not Distribute
Virtual NetScalersVirtual Server
Virtual Router
North America
Europe
Asia
Africa
HyperVisor Real World
• NetScaler Licensing: CTX122426
• NetScaler VPX 9.1 FAQ CTX12191
• NetScaler setup and configuring CTX124306
• How to video: importing and configuring CTX122721
• Importing VPX on ESX CTX123683
• Support.citrix.com (search for VPX)
• Forums
Citrix Confidential - Do Not Distribute
Additional Resources
Before you leave…
• Session surveys are available online at www.citrixsummit.com starting Thursday, May 13• Provide your feedback and pick up your complimentary Starbucks or iTunes giftcard at the
registration desk
• Download presentations starting Friday, May 21, from your My Schedule Tool located in your My Synergy Microsite event account
Questions/Comments?
Citrix Confidential - Do Not Distribute