Duration 45:54
16+
Play
Video

Citrix Synergy TV - SYN222 - Deploying Application Delivery Management for the enterprise and...

Zaheer Mohammed
Technical Support Engineer at Citrix
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 23 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN222 - Deploying Application Delivery Management for the enterprise and...
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
627
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

About the talk

Topic: IT

Citrix Application Delivery Management (ADM) provides a single platform to manage, monitor, and troubleshoot Citrix Networking platforms deployed on-premises or in the cloud. This session will help you master key deployment best practices for Citrix ADM with high availability and disaster recovery and show you how to quickly diagnose and address the no data error using the No Data diagnostic utility. You will leave this session with the expertise needed to deploy Citrix ADM according to enterprise requirements and troubleshoot the most common challenges efficiently.Note: This session will be available for on-demand viewing post-event on Citrix Synergy TV.

Share

All right. Good afternoon guys, thank you for attending. This is one of the last few sessions of synergy. So want to say thank you to everyone for 00:04 taking the time to actually attend. My name is Mo. I'm actually one of the escalation Engineers for all of our networking products, which is going to 00:12 be the netscaler ATC ATM and SD win just so we can get the garbage out of the way the old names netscaler. I'm going to use 00:20 it. I have been with Citrix long enough like stuck in my head EDM was warmly and mass probably going to use that and haven't we also ask me when I'm 00:30

going to call at this point. So let's go ahead and start. So the presentation today is going to be the point at which stadium for an Enterprise 00:39 environment. So What I started with citric cycle started off as a Frontline engineer. So obviously Frontline you're feeling calls from customers 00:49 working cases. And one of the things that I learned working in front line is you have to set expectations. So that's what I'm going to try to do 00:58 today. I'm actually going to try to set the expectation that I'll do my best to convey the information to you as best as I can based on the amount of 01:05

time that I have. I may not be able to go into his my death or answer all the questions. We do have access to the product managers for the product. So 01:12 if any off chance that I'm not able to answer it they will be able to out to feel the questions for us. So let's jump in so obviously if you've heard 01:20 of the product, you know a little bit about it. If you haven't probably the first question you going to ask his is what is ATM. So the easiest way for 01:28 me to answer this besides getting into the actual technical components. Excetera is taxi describe how I use the product so you may not realize this 01:37

but I'm actually the Citrix admin for one of the most complex convoluted and dine. Environments and Citrix. It's actually my Citrix lab. 01:46 It's it's a rough World in there. All right. Now, I'm running a a clustered environment with three active active clusters for Citrix 01:56 netscaler atc's. I'm running several aha. Several stand-alone nodes and that's just my ATC infrastructure. In addition to that. I have a server 02:05 infrastructure with the domain controller Exchange Server storefront Etc. I'm pretty proud of it. I use it 02:15

to testing as a customer you called and you have an issue. What I'll do is I'll actually take it throw to my lab that way I can determine are you 02:25 hitting a bug? Are you hitting a configure shoe or are you hitting something that's expected expected Behavior? Debugging sings What would typically 02:34 happen is I'll get a case on Monday. Also debugging it. I'll put it in my lab try to reproduce it. In addition to having access to my lab other 02:44 Engineers have access to my lab other Engineers on both the escalation and on the Frontline teams, so I'll be bug things. They'll be bug things at the 02:51

end of the week things aren't the way they should be working. What will happen is I'll expect a log into my Netgear ABCs and I should see this but 03:01 come Friday things have changed folks. It's nasty things and it said I'm seeing something like this and rushleigh lucky that the image is in the 03:10 correct position there many times with the inner image is actually inverted and the username and password fields are to the laughter completely off 03:17 the screen. So what do I do? I actually how use ATM for this particular use case. So which Citrix ATM you can actually create configuration 03:24

jobs the configuration jobs. What they do is I create a static and flute for each one of my net scalars and in my environment and I also have a 03:34 firmware that I want all of my notes to be on using a configuration job. I'm able to actually push out the static and fake to my notes and I'm also 03:44 either able to upgrade or downgrade to the no to the bill that I wanted to be on. So at the end of the week when things aren't working the job runs on 03:52 Saturday or Sunday, depending on when I have it scheduled come Monday morning. I log back in everything is back to the way it was. That's just one of 04:01

the use cases for how I use the product but let's go ahead and set the agenda for what we're going to try to accomplish today. So we're obviously 04:09 going to go over the the basics for 8 p.m. We're going to discuss some of the common deployment types touch on some of the best practices for 04:17 installation and upgrades but the best practices for insulation on upgrades aren't there fluid that they will have an impact on ATM, but you can also 04:25 use some of these things for other agencies in their environments. We're going to go ahead and touch briefly on pool licensing this custody the SL 04:35

dashboard specific to expired SSL certificates, and we're also going to talk about some comments, but we shouldn't scenarios that we that we've dealt 04:44 with Pacific Stadium, let's go ahead and just jump into what what that is so I can see the product is going to be a solution for managing 04:52 your Citrix appointments that includes your ABCs your gateway Azure SQL anything it's applied the Floyd on Premarin the fog it's going to give you the 05:02 opportunity to actually manage Monitor and troubleshoot your entire Global infrastructure from a single unified pan. It's going to provide you the 05:11

capabilities to quickly set up the ploy manage application delivery with Rich analytics. It's going to give you insight into your the health of your 05:20 infrastructure, but also give you insight into what's happening with your user side traffic things. Like I see it rtt. Bandwidth consumption things 05:29 like that. Why use ATM so obviously the game visibility into infrastructure virtual apps desktops users 05:36 reduce the operational costs using things like animator jobs, in addition of operational cost most of us. I'm sure have changed windows at 2 in the 05:46

morning and I see wake me up at 2 in the morning to to work on upgrading a server work on deploying a loan on something like that. It's painful 05:56 because you'll start at 2 and you may not finish until the next day because you have to test everything make sure it works using something like the 06:05 configuration jobs takes care of it for you and you get an email or an alert in your slack channel is none simplified SSL certificate management. And 06:11 this is this is a huge one because of the dashboard. I'll show you what it works or how it works because it'll definitely save you some time. And 06:21

again, it's going to give you insight into a DC infrastructure and functionality. Chuck, deployment types reciprocating in so 06:27 we're going to have three of them simplest one is going to be the Standalone deployment very very simple as can be a single server. Everything is 06:37 integrated into that single server. We're also going to have an h a deployment. So each one of these deployments is going to be directly dependent on 06:44 the size of your infrastructure and what you're trying to accomplish with the product how the analytics how much does Analytics mean to excetera. So 06:54

obviously with an HSA if any of you were familiar with an 80 seeds it's going to be the same thing that you can have a primary and a secondary node, 07:01 and you're also going to be utilizing that a floating IP to communicate to the note. 3rd deployment type is going to be Disaster Recovery. It's going 07:07 to be an HOA deployment. But in addition to that you're going to have a third node a stand-alone. I was sitting at a disaster recovery site in the off 07:15 chance that you're the host for your primary node goes down the hose for your secondary nail goes down. You still have your Dr. Know that you can 07:23

actually push traffic to get your data back. One of the things with with ATM is currently vmotion is not supported Nam for 6:15 07:32 p.m. Looking at the Standalone simplest deployment when you're doing a stand-alone knowed everything for the initial 07:42 deployment of Citrix ATM is actually to be done to get a CLI. So there's there's an appointment script that you're going to run what you lose. You'll 07:51 actually go in there and you'll actually first stand-alone owed you select the single-serve option. The database for the Standalone mode is integrated 07:59

Consolidated if that one single instance and for the deployment script you go ahead and go ahead and run it. With an h a deployment 08:07 what's going to happen is obviously going to have a primary and a secondary no to the pear. The primary note is really going to be the no that's going 08:16 to be accessible. You can actually use the management IP for the ATM to get into the primary node, or you can actually use the floating IP actually 08:25 get into it. I'm the synchronization between the databases between the primary and secondary node happens by physical replication and the the database 08:33

itself on the secondary note is helium me they read replica mode. For a shade of function one of the keys here is you have to actually have a port 08:42 open. There has to be a clear line of communication with respect and heartbeat for a chat actually function. You also need a port 5454 08:50 for database synchronization and also 22 Disaster Recovery, if you were infrastructure needs to run ATM 09:00 in Disaster Recovery, you're looking again at two nodes Aha and then obviously the third node the key With Disaster Recovery is it say currently it's 09:10

a manual process. So any off since the primary site those now and both of those in the primary side goes down. What you would actually have to do is 09:18 you have to go to the Standalone mode and you would run the script on the screen and this would actually allow it to to start getting the analytics. 09:27 It won't actually pick up traffic until you run the run the script. If you're doing a 09:34 multi Datacenter deployment what's going to happen is you'll actually have your primary data center with your your Citrix ATM infrastructure built out 09:43

whether it's going to be stand-alone aha or Ada deployment. In addition to that say you have a second data center instead of putting the entire 80 09:51 infrastructure in that data center. You can actually use the agents. The agent is it's a smaller install and all it's going to do is actually going to 10:00 send data to ATM. So you're still going to be able to get the analytics but in addition to the actual agent, there's yet another option on the ATC 10:08 itself there something called an indoor agent the caveat to use me. The end of agent is a lot of the web inside security inside HDX insights not 10:18

included when using the the Indonesian on the ATC itself. With the Citrus ATM product by 10:27 defaulted as 120 gigs of space. Depending on the the size of your infrastructure may be necessary to bump that up. You can actually for 10:36 a single server deployment. You can add one disc for h a u I really need to add a disc for each node in the pair. So obviously have 10:46 a reciprocal node for functionality. Now there are some deployments out there. They're still using we called 10:56

Legacy products that's going to be Citrix Command Center in Citrix inside Center. With ATM and actually gives you the opportunity to migrate 11:06 your infrastructure from inside Center and Command Center to ATM. So instead of having to completely rebuild at all the nodes in and do all the tasks 11:16 excetera. You can actually go ahead and do the migration process. If you're using an older version of stay Command Center and you're running something 11:25 below five. 248. To you'll actually needs to upgrade first and then you can actually run the migration to to ATM. Elegant communication 11:32

between Command Center and ATM is give me Nitro bass. So you want a clear line of communication with respect to the ports and protocols to allow the 11:42 migration to function. The operating profits that this is the slide it is with a DM but it can 11:50 also be some of the thought process this year can actually be applied to the netscaler ATC products. Upgrading ATMs, it's a very simple 12:00 process you simply login go to system administration on the right side of the screen. You see the upgrade box, you hit the upgrade box. It's going to 12:10

take you to where you can actually select the software image same Principle as an ADC. You'll go ahead and you you can download the image that you 12:19 want to upgrade to. Do I need okay. and yep, a process begins with operating a 12:28 ATM is It is a process that I feel requires patience. So in theory say your username and password and it's rude and it's true. Those are the default 12:37 credentials for the process for the for the product. Obviously. I'm hoping you change your credentials from Anna Street to something else but there 12:46

are many instances where you actually run the upgrade down on ATM and you have a large infrastructure. You have a large database you have a lot going 12:55 on on the road after about 10 or 15 minutes. You noticed that you can't login. It looks like the upgrade went through successfully, but you still 13:02 can't login you try and his food and his food over and over and over again and you still can't login inevitable you get frustrated you open a case 13:09 with support support gets on the phone with the first thing we do you find a login I'll send it works. Typically it's not something you were doing 13:16

wrong. It's going to be a subsystem was probably slowing starting and the amount of time you waited to call support waiting on the phone with support. 13:25 Someone on subsystem started up you were able to actually login Upgrading you in an h8 appointment. You can upgrade accessing 13:33 out of the active node in the in the Lord Nelson fear. And again the upgrades that depends on the size of the infrastructure the speed of length in 13:43 the size of dated the database. And after the upgrade I and a secondary starts you should continue to actually get data. 13:53

In the off chance that you're running the upgrade in and you feel like it's hung or you feel like something is not happening that it should these are 14:05 some of the logs that you can actually look at an ATM itself to see what's going on with the upright to see if if it's successful if it's failing if 14:12 you need to open a case with support and find out what's going on. With idiom once you initiated the 14:21 upgrade and you're not seeing any type of progress you want to try to avoid restarting the know you got to keep in mind that the product is is 14:30

database-driven. So if you restart the no drinking upgrade you restart the nail during a maintenance. You could potentially corrupt database one of 14:38 the key points with doing the upgrade is backups will jump in the back in a second. But again, as I was previously stating 14:45 I log into anise root and its fruit while the upgrade is still running so I can work. 14:55 best practices for the for the upgrade Citrix ATM Citrix ABC they give you the opportunity to 15:07 create a battle. They actually give you the opportunity to back up on the Note itself. One of the big things that we've actually seen is Forecastle a 15:16

food log into the product run the backup and then do whatever maintenance they have to do upgrade database maintenance add remove Apple 15:26 policies excetera to do. Is actually download the backup. So you run the backup on the Note itself, you hit the bathroom 15:35 restore button. You create a backup you do everything. I was selling something happens while you're working. You can't get back in. Where's the backup 15:45 Domino's what happened didn't download the back up. So the back of does you no good when you do the backup on the ATM and also on the 80s you and I 15:54

guess I like this man that the both notes are both our products. If you're going to do the backup on the note to self download the backup to a jump 16:03 box download the back of your laptop wherever it is, but in addition to that ATM, obviously the merchandise product if you're doing the arm from 16:10 deployment if you have ATM in VMware to hyper-v xenserver, in addition to doing the backup on the Note itself back it up on your hypervisor. 16:17 Create a clone. Checkpoint create a snapshot. I'm not saying something is going to go wrong, but my thought process being an it for this long as 16:27

always err on the side of caution. I've learned to work. As opposed to work hard and that's why it seemed to work out. All upgrades 16:36 should be done from the GUI. It can be done from the sea lice for a stand-alone node. I should really be avoided for an H A bill. Because it will 16:46 create issues. But again, the product itself was designed to be gooey driven with the exception of the initial deployment. Everything else should be 16:55 done from the gray. Expected the operating to take a few minutes and I'll try to be patient. So let's 17:03

go ahead and jump into one of the features. So pull licensing. Put Licensing in in the ATM. It's 17:13 it's actually it's a licensing framework that comprises of a common man with. An instance pool. That's actually hosting served by 17:23 ATM. The easiest way to think of this is before your license you throw your your your van with your total bandwidth in it and a giant pool and then 17:33 you obviously add your 80s dance instructor to ATM what's going to happen is that the ABCs are able to check on the license as it needs it and check 17:41

out as much bandwidth as it needs it in the off chance that you have five knows that are added to the ATM and the bandwidth usage has fluid a changes 17:48 over time. It can actually check in and I'll check back out van with overtime as it needs it. From this common 17:58 pool again a each ATC incense in your data center regardless of its actual platform or form factor. This is going to include things obviously like in 18:08 your virtual infrastructure hyper-v xenserver, but also on SD x's and npxs are going to be able to check out the license. It's not as she can be 18:17

bouncing the host ID. Is it previously was All the license file is going to be again not bound. And when the resources are no longer 18:26 needed or able to go back into the pool and be available to another node. 18:36 Top for pool licensing the key here is it's going to give you the opportunity to actually maximize your bandwidth utilization. It's going to ensure 18:47 that instances are not allocated. It's been with in excess of the requirements the ability of an ATC to actually check out licenses and van with in 18:55

and out of pool. Also enables you to automate instance provisioning. You can increase or decrease the man was allocated to an incense at running time 19:05 without actually impacting customer site traffic. And you can transfer licenses in the pool from OneNote to another. 19:13 So one of the other features in This Is Us is probably one of the cooler features besides the configuration job is going to be SSL dashboard. So 19:26 working in front line one of the easiest and more common cause that we would get would be a sub one where the administrator 19:36

wakes up in the morning and is entire infrastructure is out but no one can login. No one obviously he's able to launch desktops. Everything works. If 19:45 you're bypassing the ATC and you're going directly to store first, but obviously bypassing the 80s in going there directly to store security issue. 19:53 What happened is that it midnight the night before typically it happens almost always at midnight the night before certificates expire. 20:01 What we normally see is the the guy that works on the ATC today may not be the guy that works on it two years ago when the certificate was purchased 20:11

it. Maybe they didn't even document this with the fact that certificate was purchased or is expiring expires at midnight use administrator. 20:19 You weren't aware of it. You login and nothing is working you call support and I've gotten these calls. One of them are distinctly remember. I 20:30 actually got the call while my computer is rebooting. I spoke to the customer and I was actually able to fix the issue while my computer is rebooting 20:37 because that's how common of an issue it is using the ATM dashboard for SSL. Completely remove that so if you take a look at the 20:45

screen here, obviously we can go we're going to have to go the long way. So you right now we're at networks. You going to go to SL dashboard, but if 20:55 you look at the center to the screen where it actually says certificate to Madison number one under expired easiest thing to do if you got one cert 21:02 that's expired. You actually click on the number one. It's going to take you to the cert and it's going to give you the opportunity to update the 21:09 shirt at that time, but let's go long way. So we're going to go to networks. We going to go to SSL dashboards. This is the actual SL dashboard. You 21:14

can actually see the search that are expiring Now search expiring in a week 30 days, except you go ahead and click on expired. And again, it'll take 21:22 you to the cert in this case the store that I actually installed his name expired for this example. So you go ahead and you just check the box and 21:31 this is going to take you to the update certificate option. Go ahead and select the current version of certain you need to update. 21:40 So one of the things that I actually did with testing for these is I set up a slack channel. So instead of having to get email alerts I was actually 21:50

able to get updates about what the product is doing in my slap channel. So for some reason in this case to start expired, I kept getting alerts in the 21:59 Syfy channel is expired II updated it. I got to load said it was updated. So it it gave me the opportunity to actually streamline a lot of my things 22:06 where you slap a lot. I was able to see updates from the product in Slack. So let's go ahead and talk about 22:14 troubleshooting a couple of common issues in a DM. From the standpoint of support whenever you was a customer you have an issue 22:23

what'll happen is you'll call him to support and then support is going to ask for support Bob support files. Got a lot of stuff in it and we have to 22:32 look at all the laws on the product. So the first logs in to be the control off this is actually going to initialize actually give us information 22:42 about initialize monitors and other processes and the database it's actually were responsible for restarting processes and subsystems is if it fails 22:49 the other a process the other log rather is going to be the service this is going to be for API request Turlock is 23:00

going to be the inventory long. This is where we're going to get a lot of information about what's happening on because this is going to give us 23:10 information about the inventory with respect you ATM or ATC is new SD Wings, excetera actually runs a complete inventory every 30 minutes by 23:17 default and it gathers think like statistics about CPU memory excetera. The Masa config log is going to provide us process 23:26 configuration request and it gets that it gets from the surface processes. The events log is going to trigger until events on mass and 23:36

actually also reporting syslog data. Add the data collector log is going to be for SNMP traps. 23:46 And the next to all the F decoder and the F analytics are going to be for Apple pictures. 23:57 Purple August going to be for a performance statistics. MC Lyte log is going to be for C license to 6. So once we 24:07 we dug into laws were able to kind of figure out what's going on on the Node and provide the recommendation with respect to a resolution. The no 24:17 data issue. So if if you guys I assume of ran ATM or inside Center Command Center at one point, scenario is you 24:27

add your instance your dad uatc to ATM. Everything is set up correctly. You're able to maybe get satistics on the Note itself. You're able to see 24:36 member you're able see CPU usage, but you can't see anything about your users. You're not getting any feedback on who's logging in what desktops are 24:45 being launched. You have no idea what's happening with respect to the noted noted the issue. We've actually come up with an easier way to troubleshoot 24:53 that there's actually a an indoor diagnostic for no data. And it's actually going to give you antibiotics provide you information about why you're not 25:02

getting analytics or statistics from from the ABC. So let's take a look at the the no data dashboard. So when you run the actual diagnostic, 25:11 it'll give you in my case for reasons. If you're looking at their it's saying there issues with the collectors or issues with licenses as to why I'm 25:21 not getting any date of the actual diagnostic runs by default every 12 hours and a generator diagnostic report for issues that are found on specific 25:30 analytic features, the diagnostic report provides the sources of the issue with types of the issue and that corrective actions that you can actually 25:40

take to address them. If one of the common issues we've seen is where apple is misconfigured. So when you deploy ATM and 25:49 you actually want to start getting analytics beautiful afro, the correct place to be the falling apple is going to be from ATM at cell. If you're not 25:59 getting any data take a look at where you look for that flow. Did you actually log into the ABC in script script out the a football to yourself? 26:07 Probably not the best way to do that go ahead and go back into actual ATM and you can actually go to analytics and you can push out an apple policy 26:16

and go ahead and pick which gateways were downstairs excetera. You need to get Apple data on the troubleshooting and know that issue. 26:24 We always try to start off with the simplest things. So all the config for Apple again must be done or really should be done on a damaged 26:33 not be done on the ATC start looking at things like the ports make for the correct ports are open to determine. Why are we not getting any data to 26:43 ATM from the ATC? When I'm troubleshooting and no data, Sanaya, what I like to do is I like 26:53

to streamline what I'm looking at. So instead of looking at an entire collector file from ATC and ATM to see what's happening. I like to turn that 27:02 down a little bit. So what else did we do is on the ABC itself, I'll go and I'll log in and create a new directory. So I don't know bar. I'll create a 27:11 support underscore testing directory. And what I like to do is one of the laws I like to look at it from hits. So if I'm not getting any data or the 27:18 actual policies even being hit so I'll go ahead and I'll run in enes Kanter man to actually generate so I can log home kits and what I'll do is I'll 27:27

actually I'll put that to the directory that I created. So I just have two or three minutes to look at instead of a full collector file in addition to 27:35 that. You can actually do this with your log files. So you can run this against your natural logs and it's not lock iMessages hdb are laws H-E-B act 27:44 as far as pretty much every log on the ATC and ATM you can go ahead and lock run this again. And you're going to get a small subset of the laws 27:52 instead of a huge spin. So it's easier to kind of focus in one of the other things that we like to go. Look at for a no data scenario on the ATM is 28:01

are we getting traffic easiest way to do that is going to run a trace on a DM to see if if that's what's keeping us back as far as getting Analytics. 28:10 Obviously ATM being database database-driven every now and again, the database citation needs to be maintained. Previous illness what 28:23 would happen? If you have to call support if you were having what would be considered a database issue support without the debug it determine if it is 28:33 a database issue and then we would have to do a lot of processor. Does it have to be ran through to to get a resolution now without with a d and 28:40

there's actually an invalid database script that allows you to do a lot of this maintenance yourself. So the database can actually become corrupt over 28:49 time. It'll actually grow and create space issues. This can cause issues with logging into the CLI or logging into the GUI. 28:58 So let's go and take a look at the the database maintenance tool. So the database Municipal self. It's it's actually only ran from the sea lie, one of 29:13 the other cool things that I like about it is it does look like an old school video game and fish you guys are familiar with him, you'll go and log 29:21

into the shelf for the for ATM to go to the MPS or actually go ahead Mass on a scooter cover e and then you'll run the script. So once you run the 29:29 script again, everything is CLI driven. so once 29:38 this actually goes through it'll actually provide you with with what is eating up space and provide your direction into what you can and can't delete 29:48 to potentially clear up the space. So here we can see what analytics is doing purports excetera. So one of the options there is going to be the 29:57

system catalog. So Citrix ATM includes user tables known as the system catalog the system catalog cuz I feel location in 30:07 ATM databases where it's a relational database management system stores things like schema metadata such as information about the tables and columns 30:17 and internal records the tables in the system catalog. I like a regular tables and they can accumulate and inflate overtime creating dead rose and 30:26 therefore eventually needs periodic cleanup When you were if you need to use the database maintenance tool one of the keys here is you don't want to 30:36

actually do anything that interrupted because you are manipulating the daily basis points or anything that interrupted the note shutting down losing 30:45 access excetera connection create a corruption and corrupt all of your data. So this goes back to one of the things that I actually indicated about 30:52 doing the upgrades and maintenance on the Node create a backup create a snapshot. Checkpoint just in case 31:01 so let's go ahead and I initially open with how I use the product actually on amazing things. So let's take a look at what you can actually do when 31:12

your automating something on ATM. So what this automation demos going to show you it's actually we're going to be installing a certificate we're going 31:21 to be creating a load balancer. We're going to buy the shirt and then the boy that to another ATC my thought process and doing this was in theory say 31:29 you have an environment that you have 40 or 50 shirts. What I wanted to do is if you obviously have to go through and pick the specific certain you 31:38 need on the ATC kind of decrease the potential risks of using automation. So what I did is I logged into my ATC. I created a subdirectory the SSL 31:46

directory and I throw my certs in there. All I did for a DM was of one of the four t-shirts that I wanted to use that way in the option in the 31:54 options. You need to use another shirt down the road. All the shirts are in one single spot. So it's easier to work with so let's go ahead and jump in 32:04 so I care. What I'm doing is I'm logging into my netscaler ADC. We can go ahead and go to Shell. 32:11 So all the servants are stored in the Ennis configure SSL directory. So if you create a subdirectory an SSL called certs you can point to that if you 32:21

create a subdirectory anywhere else and you put your search you're not going to be able to point to it. So let's go ahead and go to the directory. 32:29 And we're going to create a search directory. So using winscp. What I did is I go ahead and I went ahead and I drop the sir that I was going to use 32:40 in. I got if you have four t-shirts, you can actually throw them all in this rectory and it's just going to act as a container. What we're going to do 32:46 is here we're going to log into actually ATM. Going to go ahead and go to networks. And if you're looking 32:55

at where it says instances, you can see that actually up to notes added. So what I'm going to do is I'm actually going to do the bill. On one node, 33:05 and I'm going to deploy to the other node. So we're going to go to configuration jobs and Roxy can open up the configuration templates. 33:12 We're going to go ahead and create a new template. And in this case. I'm just going to create a load balancer at a certain temp what I named Buzz test 33:24 test underscore lb. And one of the cool features is recording play 33:30

option. So what this will do is if you choose a recording play option, it'll actually send you to one of the ABCs that you have added in aviane. 33:40 And unless you record all the keystrokes. So the second that I hit record, it sends me over to my vx1000. My netscaler ATC view vx1000. So once I get 33:50 my ATC, that's why I'm actually going to start pushing through my command. So the first thing I'm going to do is I'm actually go ahead and install a 34:00 certificate traffic management SSL certs. Can I go to service ertz? 34:06

man and soul Again, my name in convention not complicated. So I'm using a pfx file. So 34:16 obviously that's going to be the same certainty. Password I think was probably on this route. 34:26 So obviously you can see the cert installed on the ATC. Going to go to traffic management get a load balancing go to Virtual servers. 34:39 I'm going to create a virtual server. It's obviously going to be a sale for for 3 non routable IP. Just a test. 34:49 I'm going to go ahead and point to my shirt. So I have a load balancer built out. I have a certificate install and balance of load Mauser. 35:01

So I'm going to go ahead and go back to ATM. I'm going to hit stop. And you'll notice it actually generated 22 command. So 35:11 the number itself is incorrect. The commands that I was actually using is going to be 8 but I wanted to leave the other two on the other commands in 35:20 there because when I was actually running the demo there were a lot of things that I actually have to do this to clean things up by a lot of tests low 35:28 downstairs a lot of other certificates that I need to to remove so I wanted to leave all the commands in there because it actually shows you how you 35:35

can modify the commands to automate your deployment. So if you need to change the IP address if you need to change the name excetera, you can do all 35:41 that from ATM. So we're going to go ahead and drive all the commands over and again, you're going to see all 22 a lot of removing and I'm buying you 35:50 things. I'm going to only turn this down to the relevant command. So it's going to be me adding load balancer adding this Earth installing mining it. 35:57 So now that we have the config built out and go ahead and find her to play. We're going to go to configuration job. 36:12

And we're going to create a job certain Square lb. I'm going to go ahead and drag the demands we need. 36:22 Andy's reate relevant commands Obviously, this is It's a smaller config that I'm working with. It's only a commands but you can use 36:35 this for as big as you need it to really do a very very robots deployment. So I actually 36:45 did the initial setup on 115 and National Employment on 157 going to go ahead and next. We're going to preview rollback commands, but 36:55

obviously add remove unbind binder the robot commands. Go ahead and next. 37:05 And for this in theory, if you have a maintenance window and you need to set up a load balancer and your your your company doesn't allow you to 37:18 actually set up load balancers or create anything during a workday. You got to listen to in the morning automate everything and it actually gives you 37:27 the the execution mode so you can schedule this for 2 in the morning. And again, if you have slack set up email set up an email alert or slack Alert 37:35

in your channel that things went through. I'm going to go ahead and do the deployment for now. Hit finish 37:44 and it actually feels upload Mauser installs and does everything for the serve for me. And if you need that fix check the details of the job. 37:53 The show you that you're running at 100% somebody take away service before doing 38:04 any type of maintenance on a DM before doing any type of upgrading or anything like that. Do your back up your due diligence create a backup on the no 38:13

download it to a to a jump box create a snapshot create a checkpoint excetera. When deploying 38:22 ATM follow the guys so testing a lot of stuff the guides are really spot on if you deviate at step forward and try 38:32 to jump the step 7 thinking, you know, what's going on yet going to end up right back except for because the guys are definitely spawn on they do 38:42 work. They have been tested. So when you doing your initial appointment keep it and keep an eye on what's happening in the guide pool licensing is 38:48

going to give you the opportunity actually save time when allocating a license to each node. It's going to give you visibility into what your Note is 38:57 using as far as bandwidth allocation. And again Citrix ATM is a product in addition to giving you insight into the health of your actual a dcsd 39:05 when infrastructure. It's going to give you use your site analytics what's happening with your users say they're having latency. They're having issues 39:15 logging it. It's going to give you insight into what's happening and provide you Direction into troubleshooting and make it a little bit easier for 39:22

you. And these are some of the resources obviously we're going to start off with that with the system requirements and then upgrading digging into no 39:30 data things like that. I think we're going to open it up for Q&A. questions 39:39 the product management here if you guys have any questions, those are the best guys to answer if you want to download the go-ahead the slide 39:55 presentation use the bit ly link or use a QR code and be able to download 40:02 when you say single hop in double how many min? 40:21

So you talking to ATC department? So when you said double hop, so I was thinking presentation 40:42 about when you said that will help you want to we got to specify are you doing the true double hop, so, it's an actual double hop in ATC is going to 40:52 be gateway to Gateway. Are you hopping Gateway the Gateway or you going gateway to load balancer is Gateway load balancer is not a double hop You're 41:01 simply load balancing. Yes, a double hump. When you doing an ADC Build out is going to be gateway to Gateway. It's it's not to say it's an 41:08

uncommon appointment today. We do see it all the time, but it's going to be environment specific. 41:18 Yep. Yep. 41:31 That we may have to actually speak to the customer service 7 p.m. 41:43 I'm not actually from the product management. I'm from the G20 Meridian, but I think I'll be back in Witcher it in 41:56 licenses are sold out in increments of 10 by 10. You can go to a thousand. Rehab customers were already playing my 50000 + kind of 42:05 licenses. 42:15 What one more time if you don't use ATM? 42:29

Yeah, it'll create reports about what's happening on the ATM on the ATC. What were you looking for more help statistics or analytics about users? 42:40 It'll provide and what it's about what's happening with the user site traffic? Idiom keep an eye on it for you. 42:48 So if you if you set up a slack Channel if you saw that email alerts ATM is a product will actually provide you with you. You can set it up so you can 42:58 actually get alerts about what's happening with your ancestry. But the reporting feature itself, there's a tremendous amount of information you can 43:06

get. 43:14 Notepad. So if you actually take you to stop, if you open it up in notepad plus plus you can actually take all those commands and you should be able 43:27 to drop it right in there, but it's going to be the same thing where you can actually edited. 43:36 one more time It's going to actually be the last slide is going to show you what ports need to be open to allow app flow 43:49 to to work. I think it's 4739 for a flow for 4379 computer jobs in Nitro commands 43:58 for for 3:30. 44:08

Kinetic configuration the living in control like a little 44:30 bling the constellation in the ATM. So one of them are actually talked about is for because I can't in jobs where there's a 44:39 set of day like a man and then there is another factor which is basically a abstract and be off for the blind the concentration of each 44:49 set of table file location code or anywhere, right and Adrian 44:59 has has connectors to on Pandora Opera GitHub. 45:09 Yeah, you can set it up so you can set it up for automatically from GitHub 45:22

application for changes right as part of that. 45:27 You might be the change on the let's plan something for you. 45:36

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN222 - Deploying Application Delivery Management for the enterprise and...”
Available
In cart
Free
Free
Free
Free
Free
Free

Video

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “IT”?

You might be interested in videos from this event

September 28 2018
Moscow
16
122
app store, apps, development, google play, mobile, soft

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN222 - Deploying Application Delivery Management for the enterprise and...”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
505 conferences
19653 speakers
7164 hours of content