vCenter HA: Configure NetScaler for Platform Services Controllers

This post is part of a series on deploying Highly Available vCenter and Platform Services Controllers.

Part 1: vCenter HA: Deploy External Platform Services Controller

Part 2: vCenter HA: Configure NetScaler for External Platform Services Controllers

Part 3: vCenter HA: Replace Certificates for Platform Services Controllers

Part 4: vCenter HA: Connect Platform Services Controllers to Active Directory

Part 5: vCenter HA: Deploy vCenter

Part 6: vCenter HA: Replace Certificates for vCenter

Part 7: vCenter HA: License vCenter

Part 8: vCenter HA: Add and Configure Hosts and Clusters

Part 9: vCenter HA: Add and Configure Datastores and Datastore Clusters

Part 10: vCenter HA: Add and Configure Distributed Switches

Part 11: vCenter HA: Configure vCenter HA

Part 12+: Advanced Tasks (Coming soon)

Here we are going to be configuring Citrix NetScalers to load balance our Platform Services Controllers.

I am using NS11.0 for my code version. It is mostly HTML5 which is amazing. Java is a no go for me.

Select an IP and configure the DNS settings to point at your load balanced FQDN.

Open your browser and point it at the NetScaler web interface. Log in once you are there.

Click the Configuration tab.

Click the Plus on Traffic Management.

Click the Plus on Load Balancing.

Click Servers.

Click Add.

Enter the name for the server.

Enter the IP address.

Click Create.

Do this for both Platform Services Controllers.

Your screen will look like this minus the blackout.

Click Services.

Click Add.

Enter a service name.

Select the radio button for Existing Server.

Use the drop down to select the Server.

Choose TCP for the protocol.

Set port 80.

Click OK.

This is what your services will look like when you are complete.

One trick on this code version. If you select the first service you added and click Add again, it will use that service as a template. All of the Add screens are like that from what I can tell.

Here is the list of all of the services you need to configure.

PSC01     Port:80     Protocol: TCP

PSC01     Port:389     Protocol: TCP

PSC01     Port:443     Protocol: TCP

PSC01     Port:636     Protocol: TCP

PSC01     Port:2012     Protocol: TCP

PSC01     Port:2014     Protocol: TCP

PSC01     Port:2020     Protocol: TCP

PSC01     Port:7444     Protocol: TCP

PSC02     Port:80     Protocol: TCP

PSC02     Port:389     Protocol: TCP

PSC02     Port:443     Protocol: TCP

PSC02     Port:636     Protocol: TCP

PSC02     Port:2012     Protocol: TCP

PSC02     Port:2014     Protocol: TCP

PSC02     Port:2020     Protocol: TCP

PSC02     Port:7444     Protocol: TCP

A couple notes for this piece. I referenced the following places for the load balancing information:

VMware KB: 2147014

SET.VMware Validated Design for SDDC Technical Materials R4.0.1 – SDDC (This requires a login from a VMware partner)

The curious thing is that these two documents are different. The KB references six ports and the VVD references two ports with NSX load balancers.

I have seven ports. Port 80 and 7444 are included by me, but I don’t think port 80 is necessary per se. I’m still trying to figure out what all needed to be load balanced. I’m doing an update to this article because while I was installing vSphere Data Protection, I realized that 7444 wasn’t load balanced. There may be more that VMware just didn’t include. I was actually troubleshooting certificate issues and I ran across an HTTP link pointing at the load balanced name and the logs were flooded with errors on it. I can’t find the link anymore, but if you don’t do it you can surf the logs and find it pretty easily.

After you have configured those services, you can create service groups. I won’t go over this here, but its possible and its an easy way to organize.

Click Virtual Servers.


Click Add.

Enter a name.

Select TCP.

Enter the IP address for the VIP not a specific server.

Enter 80.

Click OK.

Click No Load Balancing Virtual Server Service Binding.

Under Select Service, click the Right Arrow   >

Check the box on both of the services for port 80.

Click Select.

Click Bind.

Click Continue.

Click Done.

Repeat for all service pairs.

All of your virtual servers should not be up and available.

Click Persistency Groups.

Click Add.

Enter group name.

Under Persistent, use the drop down to select SouceIP.

Use 1440 minutes for the timeout period.

Click Add.

Select all of the virtual servers you created.

Click OK.

Click Create.

Now you have finished the load balancer configuration for NetScalers.

There are some other things you can configure such as health monitors and service groups, but I will let you figure that out.


Next Post:  vCenter HA: Replace Certificates for Platform Services Controllers

Leave a Reply