6 Replies Latest reply on Jun 10, 2015 6:22 AM by appsensebigot

    Load Balanced Management Servers

    duberyy_wotsit Apprentice
      Hi,

      I have load balanced my two management servers. e.g.

      VIP = APPMC
      Management Server 1 = APPMC01
      Management Server 2 = APPMC02

      This is working fine but in the console should I only have the VIP listed under failover servers or should I still include the FQNDs of the real servers as well?

      Also since deploying the config using the best practice guidelines I can now only connect to the servers using the VIP, if I try to connect using their existing FQDNs it fails with a 401 auth error.  Is this expected behavior?

      Thanks
        • 1. Re: Load Balanced Management Servers
          BChriscoli Expert
          Having the Servers in the list wont affect it. It means that should the VIP fail, the CCA will be able to connect to the first available.

          As for the 401 auth errors, that is expected as it expects the traffic to be coming from the VIP rather than a direct connection.
          If I remember rightly (but cant test right now), you could add the FQDN to the SPN for the account your using for the app pools.
          • 2. Re: Load Balanced Management Servers
            GusMcCabe Rookie
            Yeah, we had to do that (add the FQDN to the SPN).

            James Rankin has an excellent guide on how to do it.

            http://appsensebigot.blogspot.co.uk/2013/08/configuring-citrix-netscalers-for-load.html
            • 3. Re: Load Balanced Management Servers
              BChriscoli Expert
              Don't trust the blogs as far as I can throw them. Constantly having to be corrected and the number of support cases raised (because of them and by Mr Rankin himself).
              I gave up in the end.

              The whole "ACA" stuff is silly.
              • 4. Re: Load Balanced Management Servers
                duberyy_wotsit Apprentice

                BChriscoli wrote:

                 

                Having the Servers in the list wont affect it. It means that should the VIP fail, the CCA will be able to connect to the first available.

                As for the 401 auth errors, that is expected as it expects the traffic to be coming from the VIP rather than a direct connection.
                If I remember rightly (but cant test right now), you could add the FQDN to the SPN for the account your using for the app pools.



                Thanks I will do that, I only added the VIPs to the SPN so makes sense...
                • 5. Re: Load Balanced Management Servers
                  duberyy_wotsit Apprentice
                  Quick update to say that adding the FQDNs to the SPN made this work correctly when not using the VIPs.  Would be useful if this was clearer in the load balancing best practice guide.
                  • 6. Re: Load Balanced Management Servers
                    appsensebigot Rookie
                    Wow, thanks Bryan, I don't remember anywhere claiming that my blogging work was some sort of technical authority, in fact I try to wherever possible remind people that they shouldn't just use things they find in the blogosphere in production environments and should always test thoroughly.

                    All I'm trying to do is document bits of stuff around the whole virtualization arena that I and other people might hopefully find useful. I don't just concentrate on AppSense any more and I'm putting a lot of work in to try and broaden stuff out, it takes a lot of time up but if people can find some hints or tips that prove useful then that's all I'm after.

                    I am always trying to review articles and improve/rehash them where possible, but I do have other things to do as well. If people are logging support cases because of my supposed stupidity, then that's more fool them for deploying what they find on the blogosphere to production. As I said, I always try to put a disclaimer in to say that you shouldn't do anything without testing it thoroughly.