Exercise 7: Tasks
Exercise 8: Load balancing
Exercise 1: SSL Certificates
Estimated time to complete this exercise: 10 minutes.
Step Action
1. From the Operations Console, click Monitoring.
2. Expand Comtrade Citrix Netscaler and select Topology.
3. Expand NS1.training.lab, SSL and Certificate.
Step Action
4. Select the ns-server-certificate Icon.
5. Observe the Detail View information at the bottom of the screen. Scroll to the end and note the Certificate validity date.
6. Right-click Certificate and select Health Explorer.
Step Action
7. In the Health Explorer window, click the X next to Scope is only unhealthy child monitors.
8. Expand Configuration – ns-server-certificate (object), right-click SSL Expiration Configuration State Monitor and click Monitor Properties.
9. In the Monitor Properties window, click the Overrides tab.
Step Action
10. Click the Override… button and select For the object:ns-server-certificate.
11. Please note the check box for Override next to Warning Threshold is checked and the value for the Override value is 10000 (the default is 20).
Note: This threshold the number of days before the certificate expires to generate a warning alert. We are setting this to 10,000 days just to generate an alert for this exercise.
Step Action
12. Since we have already created an override for this threshold we will not have to create a new Management Pack to store the threshold. If we were changing a different monitor or rule we would want to create a new MP to store the modified value.
This is done by selecting “New” near the bottom of the screen under
“Management Pack”. This will allow you to create a new Management Pack to keep your override values.
Note: by creating a separate Management Pack for your override values, this allows the values to take effect even if the NetScaler MP is updated to a newer version.
13. Click Next then Create (wait a few minutes to for the system to create the new MP).
Then select Apply followed by OK.
14. Go to the Alert View and observe the SSL certificate alert. It may take a few minutes for the alert to appear.
15. Open the alert and review the alert details
16. Open the NetScaler topology view and observe warning on the SSL Certificate Icon
Exercise Summary
This lab reviewed the monitoring of the SSL certificates and their expiration date. Also this lab shows you how easy it is to modify a threshold using the SCOM console.
Exercise 2: Network
Overview
This section is to show you how easy it is check the health status of Interfaces, IPs and VLANs on your NetScaler Appliance. This exercise will show you how to check Network interface cards on your NetScaler Appliance.
Step by step guidance
Estimated time to complete this exercise: 10 minutes.
Step Action
1. In the NetScaler topology view, expand Network and then expand Interface.
Step Action
2. Observe status of an interface card by selecting a card and observing the Detail view in the bottom of the screen. Scroll down to read all information.
3. Expand the IP folder and then expand the IPv4 folder.
4. Observe all the IPs monitored and review the Details View for information.
Step Action
5. Expand the VLAN folder, and then VLAN 1 folder.
6. Observe the VLAN components monitored and review the Details View for information.
Exercise Summary
This lab shows the networking components that are monitored on the NetScaler device.
Exercise 3: Access Gateway
Overview
This exercise demonstrates monitoring of the NetScaler Gateway functionality and its performance.
Step by step guidance
Estimated time to complete this exercise: 10 minutes.
Step Action
1. In the NetScaler topology view, expand the Access Gateway folder and the Virtual Server folder.
2. Expand the NG-VIP virtual server component. Right-click the 192.168.10.11_LDAP server and select Health Explorer.
3. Click the X next to Scope is only unhealthy child monitors. Observe different monitors the close the Health Explorer window.
4. Highlight the NG-VIP Virtual server and run the Performance View in the task pane on the right side of the window. You may have to expand the Task Pane.
5. Expand the Counter column to the full size and then check the Show box for Current AAA User.
6. This graph show number of users connected to the NetScaler using VPN. Currently no users are connected.
7. Close the Performance view window.
Exercise Summary
There are many performance statics that are available through the NetScaler MP. Take a few minutes to explore some of these metrics.
Exercise 4: System Settings
Overview
This exercise demonstrates monitoring and alerting on changes to any of critical NetScaler system settings. Any change to these settings will trigger alert that informs you about the change.
Step by step guidance
Estimated time to complete this exercise: 10 minutes.
Step Action
1. In the NetScaler topology view, expand the System folder and the Memory Pool folder.
2. Explore the Memory Pools sections.
3. Drill down and observe Settings for the different objects.
Notice that all of the settings are uploaded and can be viewed. These settings can also be viewed from the NetScaler Plug-in (separate views for each configuration type).
4. On the Student Desktop, launch Internet Explorer and navigate to: http://192.168.10.2
5. Login as nsroot with password nsroot.
6. From the Configuration tab, expand System and click on Settings.
7. Select Change TCP parameters.
8. Scroll down to the bottom of the TCP section and uncheck the SYN Attack Detection check box.
9. Scroll to the bottom of the page and click OK.
10. Return to the Operations Console in the Remote Desktop Connection Manger window.
11. Under Comtrade Citrix Netscaler, open the Alerts view.
12. Notice the new alert indicating the configuration change. Click this alert and view the alert details.
Exercise Summary
Knowing when a setting has been changed is important to make sure that it is an authorized
change. Also having all of the settings available to view saves time from having to go to a separate tool to view the configuration.
Exercise 5: Appliance Availability
Overview
This exercise demonstrates monitoring and alerting on NetScaler availability. If the appliance becomes unavailable, down or unreachable, alert will be triggered to inform you about the outage.
Step by step guidance
Estimated time to complete this exercise: 15 minutes.
Step Action
1. From the Operations Console, switch to the Netscaler Appliances view and observe the status of the NetScaler Appliance.
2. From the Student Desktop, launch Citrix XenCenter.
3. In XenCenter, click Add New Server and enter the following information:
Server: <Use the Server IP address from the lab launch page>
User name: <Use the User name from the lab launch page>
Password: <Use Password from the lab launch page>
Click Add.
4. Select the NS1 VM and click the Networking tab.
5. From the Networking tab, click Deactivate.
6. Return to the Operations Console in the Remote Desktop Connection Manager window and open the Alerts view under Comtrade Citrix Netscaler.
7. Several new alerts will appear in the Active Alerts section. Double-click the NetScaler Appliance Availability alert to view it.
8. Review the Alert details.
9. Switch back to XenCenter.
10. Click the Activate button.
11. Return to the Operations Console inside the Remote Desktop Connection Manager window. Close the Alert Properties window. After several minutes, you will notice the alerts clearing.
Exercise Summary
This exercise highlights that the MP monitors the availability of the appliance. Early detection can be critical to minimize any outage or in the case of a High Availability configuration, minimize having a single point of failure.