NetScaler Insight – Initial Configuration
Before starting this article, I want to give a big thanks to Neha Harit at Citrix for assisting me in getting access to the initial beta, providing me with some helpful info and most importantly being patient and waiting for this blog post to be released! Thanks Neha.
NetScaler Insight v1.0 (Beta) is a XenServer virtual appliance that is used to collect and analyze traffic information for both ingress and egress of NetScaler (MPX and VPX) appliances. Here are some high level points on the product:
- No requirement for an external database
- View performance of applications for the last 5 minutes, 1 hour, 1 day, 1 week and 1 month
- Simple navigation
- Multiple NetScaler instance monitoring
- Quick configuration
- Ships as a XenServer virtual appliance
The foundations of Insight can be found within AppFlow, an open standard that Citrix not only implement on NetScaler, but also developed. Insight configures all aspects of AppFlow for any vServer that is to be monitored, plus also configuring the AppFlow settings for the NetScaler. Currently Content Switching and Load Balancing vServers are supported for monitoring via Insight.
Installation and Configuration
Insight v1.0 ships as a XenServer (only) virtual appliance and is available from MyCitrix (login required):
As with NetScaler, the appliance runs on FreeBSD under the hood.
System requirements are listed as:
- RAM = 2GB minimum, 3GB recommended
- vCPU = 2 or more
- Storage – 120gb, 240gb rec
- vNIC = 2
- Throughput = 1gbps
One thing to note though is that although the above are listed as the requirements, this is not what the XVA actually sets. It actually sets:
- vCPU = 1
- RAM = 2GB
- Disk = 120GB
- vNIC = 1
Citrix also recommend increasing the CPU priority to “highest” for the virtual machine, this is to reduce latency and ensure best performance:
Personally I would not set this initially and then revisit this later if required. All being well, on a well-designed XenServer solution there should not be too much need to increase the priority of this.
Once the virtual appliance has been downloaded you will see an XVA file similar to the below:
Importing the XVA file can be completed by either using the XenServer import wizard or by double clicking the XVA file and proceeding through the steps.
Once imported the appliance will show an initial configuration screen, which will look very familiar for anyone who has ever configured a Citrix virtual appliance:
Complete the initial configuration and then select option 5 to save the configuration – this will then restart the appliance.
Insight is managed and accessed via a web based GUI, again for anyone who has worked with NetScaler 10 this will look very familiar:
The default credentials are “nsroot/nsroot”.
Once logged on you will be presented with an initial welcome page, providing a brief overview of what the appliance can do for your NetScaler environment:
Selecting the “get started” option will present you with a very simple setup screen, all that is required here is the NSIP of the NetScaler device that Insight will be used to monitor:
Note that the appliance must be running an nCore version of NetScaler 9.3 or later.
Insight will then initiate communication with the NetScaler and present a list of vServers that can be enabled for Insight monitoring. To enable monitoring just select each vServer and either right click and select “Enable AppFlow” or click the “Enable AppFlow” button at the bottom of the screen. Note that anything that is marked as DOWN or Out of Service cannot have AppFlow monitoring enabled.
When you initiate monitoring for a vServer, AppFlow will request an expression that it should use to capture analytical information, there are some pre-built expressions also:
For my lab I have a DNS alias named “citrix” that directs to the load balanced web interface vServer, as such I have set an expression that looks for the HTTP request containing the hostname “citrix” – HTTP.REQ.HOSTNAME.CONTAINS(“citrix”)
Once you have enabled AppFlow for at least one vServer, Insight will add itself in as an AppFlow collector in to the NetScaler that is being monitored:
An AppFlow policy will also be added, including the expression that was added earlier and an action to be invoked if the request generates a TRUE value when compared to the expression:
The action specifies which AppFlow collector the data should be sent to, in this case this will be the NetScaler Insight appliance.
The final piece of the configuration is the binding of the AppFlow policy to the virtual server object:
Insight completes all of these steps for you, making the configuration nice and simple.
When traffic is then generated you can see the policy generating hits:
In the lab I generated hits by launching many sessions using “citrix” as the URL to connect to.
Adding Additional vServers to NetScaler Insight
If you wish to add additional vServers in to Insight then select the “configuration” tab from the GUI and then click the IP address of the NetScaler that is hosting the vServer, this will present the configuration screen.
Selecting the appliance will allow you to see a list of vServers that are available for enabling/disabling of AppFlow monitoring.
NetScaler Insight is quick to configure and completes many (often manual) tasks for AppFlow monitoring, whilst also allowing deep inspection of traffic – the reporting function of Insight will be covered in the second part of this article.
Prior to Insight there were limited options for AppFlow monitoring tools, however this tool has the potential to fit in to any NetScaler deployment and be of particular value when organisations are looking to understand their traffic in a more granular manner, plus the reporting capabilities will provide metrics that can be used to determine when expansion is required and identify where possible bottlenecks are occurring.
Shipping the appliance as an XVA is a great bonus for anyone running XenServer, I suspect that Citrix may later release appliances for other Hypervisors, but that is just a suspicion at this stage.
How do you access the appliance GUI? I type in the IP address in my browser but I get nothing. Does it use port 80 or 443 or some other port? I can ping the appliance but I cannot telnet to port 80 or 443?
Pretty cool guys. GJ. Are the Netscaler appliances using IPFIX to convey the information to Insight?