HA Citrix License Server via NetScaler (No MS Clustering please)
August 2, 2012 9 Comments
Working with large and complex Citrix environments, I always thought on how you can best HA your Citrix license server. Now in days with many XenApp/XenDesktop deployments running with Citrix Provisioning (PVS), you license server becomes very important to have redundancy. But how? there are several options, Citrix recommends MS Clustering. I’m no fan of MS clustering at all, so naturally the thought of two standalone servers with a Netscaler loadbalancer should work. With license service running on Windows, you have to activate licenses twice, because the licenses are tied to the hostname. Now, Citrix has released License Server VPX running a Linux appliance, which allows you to use the same hostname on two appliances, but with different IPs!. No need to have duplicate license files.
All you have to do is to create a load balanced vServer on your Netscaler, point to the license server ports on both appliances, and then add weight to one appliance to be in compliance with license count.
The other option is to create a VIP pointing to a single host, then create a back up VIP pointing to the secondary license server and bind the back up VIP to your primary. This will ensure all traffic goes to a single license server, and fail over only if the primary license server fails or you need to perform some sort of maintenance.
Ex:
XenApp Farm points to VIP: 10.10.68.10
VIP on NetScaler: 10.10.68.10
License Server VPX 1 (hostname ctxlic): 10.10.68.11
License Server VPX 2 (hostname ctxlic): 10.10.68.12
Weight set to 1 on VPX 2
Weight set to 2 on VPX 1
Set TCP monitor for this load balancer to ensure it is monitoring TCP 27000 traffic. Then you use the load balancer VIP as the License server in XenApp/XenDesktop/AG, etc configurations and you are done!
Daniel Ruiz - Blog 
Very good Article. I like Option #2 – One VIP per License server and bind backup VIP to the Primavy VIP; this way we garantee license count on the active VIP… Thanks
I like that option as well Juan…
Could this setup also be applied using 2 Windows servers with unique hostnames?
Example: Netscaler VIP pointing to each of the WIndows servers, and then XenApp host pointing to the VIP.
Do the XenApp hosts care what the hostname is if they are using the IP address?
Jaz, you could set up 2 windows servers, however you will need to make sure that you split the licenses with the correct hostnames from your mycitrix.com site, then place them correctly under each license server. This could create a bit of administrative overhead, specially when you renew your Subscription Advantage and/or need to update licenses.
If you are using a hardware loadbalancer such as the NetScalers, I would add weight on your VIP config to route traffic to a single host. The other option which works great, is to set up a back up VIP and bind it to your primary VIP. The way this would work, set up a service (not a service group) attached to each individual host. Meaning, service1 = license_server1, service2 = license_server2, then set your primary VIP where the XenApp/XenDesktop, etc hosts point to, to only bind to your primary service, then create another VIP to bind to service2, and finally bind the secondary VIP as a backup to your primary VIP. This will ensure ALL traffic is always routed to your primary license server, and will only route to the secondary license server if the primary box goes down.
So…
vip1 -> service1 -> license_server1
vip2 -> service2 -> license_server2
vip2 is binded as a back of to vip1
XenApp Farm points to vip1
Hope this helps…
Daniel
Pingback: Provisioned XenApp servers halt when the license server is unavailable « Daniel Ruiz – Blog
Pingback: Why is Citrix refusing License Server VPX support for vSphere? | Ingmar Verheij - The dutch IT guy
At Firewalls our department allowed port 27000 and 7279
I have problem to add this vip to XenApp server, still warning “Citrix Presentation Server cannot contact license server…” First I testing on XenApp5 and when will be OK I will test on XenApp6.5.
Configuration made on NetScaler 10:
A)
vip1 (on port 27000) -> service1 (on port 27000) -> license_server1
vip2 (on port 27000) -> service2 (on port 27000) -> license_server2
vip2 is binded as a back of to vip1
XenApp Farm points to vip1
B)
vip1 (on port 7279) -> service1 (on port 27000) -> license_server1
vip2 (on port 7279) -> service2 (on port 27000) -> license_server2
vip2 is binded as a back of to vip1
XenApp Farm points to vip1
C)
vip1 (on port *) -> service1 (on port *) -> license_server1
vip2 (on port *) -> service2 (on port *) -> license_server2
vip2 is binded as a back of to vip1
XenApp Farm points to vip1
…etc. I tried all combintions without success.
I will be happy for any advice.
Marek Jones
Marek… thanks for posting your comment. I suggest you check the FW configuration. Remember the source of the allowed traffic needs to be the SNIP of the network where the VIP lives, and not the actual VIP.
Go to the NetScaler and determine what the SNIP is for VIP1. Then allow 27000 and 7279 from SNIP to the License Servers
Hope this helps
Daniel
Dear Daniel, thanks for your advice, but we don’t using SNIP, but now I have solutions:
A)
The scenario which is NOT working for me [NetScaler 10.0 Buid 75.7.nc] is this:
vip1 (on port *) -> service1 (on port * or 27000 or 7279) -> license_server1
etc…
B)
What is working for me is only this:
vip1 [10.21.197.30] (on port 27000) -> service1 (on port 27000) -> license_server1
vip2 [10.21.197.31] (on port 27000) -> service2 (on port 27000) -> license_server2
vip3 [10.21.197.30] (on port 7279) -> service3 (on port 7279) -> license_server1
vip4 [10.21.197.31] (on port 7279) -> service4 (on port 7279) -> license_server2
vip2 is binded as a back of to vip1
vip4 is binded as a back of to vip3
XenApp Farm points to vip1
Marek Jones