Load Balance AppV 5.1 using Citrix ADC 11.x/12.x

Pre-requisite tasks

Step 1: Launch Active Directory User & Computers, Create a new Computer account in the Correct OU (in my case LAB\Lab Servers\VCS\Appv

PRE1

Step 2: Launch DNS Server Name > Forward Lookup Zone > LAB.LOCAL. Enter the below information and click Add Host

  • Name: LAB-APPV
  • IP Address: 192.168.0.96 (this will be a VIP Address created later in the article)

PRE2

Step 3: Run the following in Powershell (run as administrator) command to enable Kerberos for the LB Computer Account.

setspn -a http/lab-appv:50001 LAB\LAB-APPV
setspn -a http/lab-appv:50002 LAB\LAB-APPV
setspn -a http/lab-appv:50003 LAB\LAB-APPV
setspn -a http/lab-appv.lab.local:50001 LAB\LAB-APPV
setspn -a http/lab-appv.lab.local:50002 LAB\LAB-APPV
setspn -a http/lab-appv.lab.local:50003 LAB\LAB-APPV

PRE3

 

Add Load Balance Configuration

Step 1: Browse to Traffic Management > Load Balancing > Servers

sf1

Step 2: At Server, Click Add

sf2

Step 3: Enter Name and IP Address below, then click create

  • Name: LAB-APV1
  • IP Address: 192.168.0.43

APPV-LB

Step 4: Click Add again under Server, Enter Name and IP Address below, then click create

  • Name: LAB-APPV2
  • IP Address: 192.168.0.44

APPV-LB2

Step 5: The two server will now be add to server page.

APPV-LB3.PNG

 

Step 9: Browse to Traffic Management > Load Balancing > Service Groups

sf8

Step 10: Add the following info on basic setting, click OK

  • Name: LAB-SVG-APPV-MGT
  • Protocol: TCP

APPV-LB4

Step 11: Click No Service Group Members under services and groups section

APPV-LB5.PNG

Step 12: Choose Server Based, then Click to Select

APS-LBSVC-23

Step 13: Under Select Server Choose LAB-APPV1 , Add Port 50001 , click create and then repeat step 9/10 for LAB-APPV2

 

Step 14: Click OK at Load Balancing Service Group Main Page to create Service Group.

APPV-LB9

Step 15: Select Monitors from Advanced Setting, Click No Service Group to Monitor Bindings

APS-LBSVC-25.PNG

Step 16:

APS-LBSVC-26

Step 17: Select TCP Monitor, Click Select

APPV-LB10

Step 18: Select Bind with weight left at 1

APPV-LB12

Step 21: Click Done to complete service group

APPV-LB13.PNG

Step 22: Repeat Step 9-14 with the additional appv ports for administrators:

Service Group:-

  • Name: LAB-SVG-APPV-PUB
  • Protocol: TCP
  • Port: 50002
  • Server Members : LAB-APPV1, LAB-APPV2
  • Monitor : TCP
  • No Threshold
  • Name: LAB-SVG-APPV-REP
  • Protocol: TCP
  • Port: 50003
  • Server Members : LAB-APPV1, LAB-APPV2
  • Monitor : TCP
  • No Threshold

 

APPV-LB14

Step 24: Browse to Traffic Management\Load Balancing\Virtual Server, Click Add

Step 25: Enter the following information. Click Ok

  • Name: LAB-VSRV-APPV-MGT
  • Protocol: TCP
  • IP Address: 192.168.0.96
  • Port: 50001

APPV-LB15.PNG

Step 26: Select No Load Balancing Virtual Server ServiceGroup

APPV-LB16.PNG

Step 27: Under ServiceGroup Binding, Click to Select

APS-LBSVC-34

Step 28: Select LAB-SVG-APPV-MGT and Click Select

APPV-LB17

Step 29: Click Bind

APPV-LB18

Step 30: Click Continue,then select Method from Advanced Setting

Step 31: Set the following information, then click OK, Then click Done

  • Load Balancing Method: Least Connection
  • Backup LB: Round Robin

APPV-LB19.PNG

Step 32: Repeat Step 24-31

AppV Publishing Service

VServer & Service Group

  • Name: LAB-VSRV-APPV-PUB
  • Protocol: TCP
  • IP Address: 192.168.0.96
  • Port: 50002
  • Service Group: LAB-SVG-APPV-MGT

Persistence

  • None required, leave Least Connection for Method

AppV Reporting Service

VServer & Service Group

  • Name: LAB-VSRV-APPV-REP
  • Protocol: TCP
  • IP Address: 192.168.0.96
  • Port: 50003
  • Service Group: LAB-SVG-APPV-REP

Persistence

  • None required, leave Least Connection for Method

Step 53: Confirm all 3 Virtual Servers appear Up.

APPV-LB20

Test & confirm Load Balance

Step 1: Access the AppV Management http://lab-appv:50001

Step 2: Confirm the AppV Management Console loads and packages are shown.

APPV-LB21.PNG

Step 3: Access the AppV Management http://lab-appv:50002 with a user that had packages assigned (in my case LAB\ctxuser1

Step 4: Confirm on accessing the webpage that the packages that are assigned are listed on the <Packages> </Packages>

APPV-LB22

Step 5: Access the AppV Management http://lab-appv:50003 with a user that had packages assigned (in my case LAB\ctxuser1

Step 6: Confirm on accessing the webpage the below screen appears. The method not allowed is ok as it is expecting other information in the request.

APPV-LB23

4 comments

  1. Hi David.
    thank you for your article. It works fine.

    When we change to ssl, bind the certificate to the virtual server, to the iis on the app-v Server, create the dns record, it doesn´t work. Can you recommend us the best practise to use ssl for this szenario?

    Thank you in advance
    Gérard

    1. Hi Gerard,

      Are you binding the certificate to the three separate websites? To do this you’ll need to re-configure each existing website to another port , then r-bind to select https, existing port configured during installation and then selecting the certificate. Repeat then for each of the website and then remove the http binding.

      Nothing on the load balancing configuration needs to be change.

      i’ll publish an article on how this is done if that helps.

Leave a Reply