In discussing, Nick and Brendan shared that they had some internal CCS documents with sample configurations using NetScaler Load Balancing and Global Server Load Balancing, but the story wasn’t quite complete. I decided to take on the task of fully documenting out a resilient solution I am calling the Bulletproof Citrix Licensing Server Infrastructure. The configuration involves using NetScaler Load Balancing and Global Server Load Balancing, along with a PowerShell Script I created called CtxLicChk.ps1. Big thanks to Nick, Brendan, and Vic, for brainstorming a couple ideas and providing the sample configurations. Accept the Terms and Conditions above to download the Configuration Guide, Visio, and CtxLicChk.ps1 PowerShell Script or continue reading to learn more!
Overview
In medium to large organizations, there are many business reasons why the Citrix Licensing server (‘license server’) component of a Citrix XenApp/XenDesktop infrastructure should be centralized. For example, when seasonal bursts exist within departments or geographic regions, a central license server offers manageability benefits as the segregated peaks become normalized across the various groups consuming licenses. When license servers are segregated (departmentalized, regionalized, or decentralized), peak usage can create additional Citrix Administrator operational overhead in allocating, revoking, reallocating, and managing the license files installed in various license servers and usage groups. License usage trending also becomes difficult in segregated environments as usage data must be aggregated and reported across groups or disparate license servers. For these reasons and others, organizations centralize the Citrix license server to avoid operational overhead, simplify compliance and usage reporting.
When the license server is centralized, a fairly obvious single point of failure risk exists. Citrix Licensing involves a grace period whereby clients/servers that lose communication with the license server are protected, allowing the clients/servers to continue operations as if they were still in communication with the license server. In practice, the grace period is a good feature, however there are instances when Citrix Licensing may cause service interruptions to occur. An example is a scenario known as the Citrix Licensing black hole, whereby the Citrix Licensing services and ports are up and responding to licensing requests, however no licenses are available to be issued or obtained. This can occur if the administrator fails to load license files properly, or in more rare instances that are difficult to reproduce (Windows OS patches, antivirus definition updates or scans, etc.). For this reason, many organizations define process and policy for semi-automatic/manual license server recovery including: Clustering the licensing service, creating a cold standby with licenses preloaded, backing up license files, and performing virtual machine snapshots of the license server. These and other options are valid (and less complex), but offer a less resilient and robust option.
To help overcome this limitation and identify service interruptions before they occur, Citrix offers a Citrix Licensing server monitoring tool called the Citrix License Check Utility (CtxLicChk.exe) that can be obtained from the following support article: http://support.citrix.com/article/CTX123935. This utility is intended to be used in conjunction with the Independent Management Architecture (IMA) based Health Monitoring and Recovery feature available with Citrix Presentation Server 4.x, XenApp 5.x, and XenApp 6.x. At the time of writing this guide, the Health Monitoring and Recovery feature is not yet available in the FlexCast Management Architecture (FMA) based Citrix XenApp/XenDesktop 7.x platform. However, using Microsoft Windows PowerShell, running this utility can be automated to provide additional resiliency to a Citrix Licensing server infrastructure. Accompanying this guide is CtxLicChk.ps1, a PowerShell script that can perform regular Citrix Licensing health checks using CtxLicChk.exe, report license allocation failures using SMTP e-mail alerts, and stop the Citrix Licensing service if license allocation fails.
When combined with Citrix NetScaler Load Balancing and Global Server Load Balancing (GSLB), a bulletproof Citrix Licensing server infrastructure can be achieved. When the Citrix Licensing service is stopped on the primary license server, NetScaler Load Balancing and GSLB can be used to fail over licensing communication to a warm standby backup license server. In the examples herein, two Data Centers (DC1 and DC2) are configured with local Citrix license servers, NetScaler Load Balancing, and NetScaler Global Server Load Balancing provided from each Data Center. Under normal conditions only the license server in Data Center 1 is active and primary. In the event of failures such as the primary license server, NetScaler Load Balancing Virtual Server IP (VIP), or Data Center connectivity, Citrix licensing traffic will be directed to the backup license server in Data Center 2.
Global Server Load Balancing is not a requirement if local resiliency within a single Data Center is sufficient. The examples below show NetScaler configurations for both local Load Balancing as well as GSLB. If GSLB is not a licensed feature or required for cross Data Center resiliency, local Load Balancing can be configured using the samples below. In this case, the second set of NetScaler pair configurations and GSLB specific sections can be dismissed.
Most importantly, if configured according to the examples provided in this guide, this bulletproof Citrix Licensing server infrastructure complies with Citrix’s product End User License Agreements (EULAs). According to the EULAs, multiple Citrix Licensing servers may exist and have allocated licenses installed, provided only one Citrix Licensing server is active and others are warm standby backup license servers. Compliance to this requirement is fairly simple to validate in the event of a licensing audit using the configuration provided in this guide.
Topology
The following is an example topology covered in more details throughout this guide. Click to enlarge:
In the full configuration guide, the following sections are covered (23 pages total):
Overview
Topology
Prerequisites
– Summary of Prerequisites
– NetScaler GSLB Introduction
Citrix Licensing Server Prerequisites
Citrix Licensing Server Configuration
– Disable Strict Name Checking
– Copy SSL Certificate and Key Files
– CtxLicChk.ps1 PowerShell Script Configuration
– CtxLicChk.ps1 PowerShell Script (Revision 1.0)
– Creating a Scheduled Task for CtxLicChk.ps1
Citrix NetScaler Configuration
– Configuration Overview and Key Configuration Details
– Enable the NetScaler Features in Both Data Centers
– Configure Authoritative DNS for NetScalers in Data Center 1
– Configure Authoritative DNS for NetScalers in Data Center 2
– Configure CTXLICDC1 Load Balancing vserver for NetScalers in Data Center 1
– Configure CTXLICDC2 Load Balancing vserver for NetScalers in Data Center 1
– Configure CTXLICDC1 Load Balancing vserver for NetScalers in Data Center 2
– Configure CTXLICDC12 Load Balancing vserver for NetScalers in Data Center 2
– Configure CTXLIC Global Server Load Balancing on NetScalers in Both Data Centers
Microsoft Domain Naming Service (DNS) Delegation Configuration
– Configure Microsoft DNS for delegated subdomain for Authoritative DNS
Configuring XenApp/XenDesktop 7.x
– Configure the XenApp/XenDesktop 7.x Site to use GSLB DNS record for Citrix Licensing
Configuration and Failover Validation
– Failure of the Citrix Licensing Service
– Failure to Obtain a Citrix License
– Failure of the NetScaler Load Balancing VIP
– Failure of a Data Center
Return to the top to Accept the Terms and Conditions and Download the Configuration Guide, Visio, and CtxLicChk.ps1 PowerShell Script.
If you have any questions, comments, or simply want to leave feedback, feel free to use the comments section below!
Thanks and enjoy,
— @youngtech
Nice work, Dane. So glad we finally got this all lab’ed up and documented. Great stuff.
-Nick
Thanks Nick!
Great stuff as usual, thanks for throwing this out there!
Thanks Bryan!
Great article, thanks a lot
Thanks Shejoor!
[…] Dane Young – Creating a Bulletproof Citrix Licensing Server Infrastructure using NetScaler Global Server Load Bal…. Here is a summary of the configuration steps. See the blog post for detailed configuration […]
Is the link still valid?
Yes, the link works. Click the Accept checkbox to have the link presented.
Dear Dane,
great article and great documentations. I would like to ask you :
in case that we have only one subnet, one DataCenter and not using GSLB, is it possible to have in the same subnet two Citrix License Server (not domain joined) with different ip address but with the same NetBios Name ?
Which could be the right configuration for two Citrix License Server sitting in the same subnet?
Regards
Christian
Hi Christian,
Yes, this would absolutely work. In this case you would only need the code samples for the local load balancing on NetScaler, you wouldn’t need the section covering GSLB.
If you need any assistance getting this setup, feel free to reach out to me at dane@itvce.com. Happy to help,
Thanks,
@youngtech
Awesome work Dane!
[…] into a ton of detail here (since Dane has already done a fantastic job documenting the solution and all the details here), but a few quick comments on how the solution works at a […]
Sorry clicked on Accept but not link to download.
It should be all set now. Please try again.
–@youngtech
Hi There,
I’m not able to get the download link once I check the acceptance policy.
Is it possible to email me the link please?
Many Thanks,
Pavan
It should be all set now. Please try again.
–@youngtech
I don’t see the download? Thanks
It should be all set now. Please try again.
–@youngtech
Hi Dane, your guide looks crusty but I just can’t download it. I tried several browsers, ticked the Accept option but still no download link 🙁
It should be all set now. Please try again.
–@youngtech
The first of its kind.
Gr8 Work.
Thanks.
[…] Dane Young – Creating a Bulletproof Citrix Licensing Server Infrastructure using NetScaler Global Server Load Bal…. Here is a summary of the configuration steps. See the blog post for detailed configuration […]
Excelent. I will apply this for my project.
[…] Dane Young – Creating a Bulletproof Citrix Licensing Server Infrastructure using NetScaler Global Server Load Bal…. Here is a summary of the configuration steps. See the blog post for detailed configuration […]
I am not able to download. Can someone provide me Configuration Guide, Visio, and CtxLicChk.ps1 PowerShell Script.
[…] Dane Young – Creating a Bulletproof Citrix Licensing Server Infrastructure using NetScaler Global Server Load Bal…. Here is a summary of the configuration steps. See the blog post for detailed configuration […]
Hi Dane
I tried and even signed up fro sharefile, when I click on link it brings me to sharefile logon still no good. Is there anything that I am missing here.
Thanks
Ed