Follow the steps in this guide to deploy the Barracuda Load Balancer ADC to increase the scalability and reliability of your Citrix XenApp and XenDesktop deployment.
Terminology
Term | Definition |
---|---|
Fully Qualified Domain Name (FQDN) | The unique name for a specific computer or host that can resolve to an IP address (e.g., www.example.com). |
Service | A combination of a virtual IP address and one or more TCP/UDP ports that the Barracuda Load Balancer ADC listens on. Traffic arriving on the specified port(s) is directed to one of the real servers associated with a service. |
VIP | Virtual IP address. In the Barracuda Load Balancer ADC deployment, the VIP address is added to the service on the Barracuda Load Balancer ADC. |
Product Versions and Prerequisites
To deploy Citrix XenApp and XenDesktop 7.x with the Barracuda Load Balancer ADC, you need the following:
- Barracuda Load Balancer ADC version 5.1 or higher
- Citrix XenApp 7.x or XenDesktop 7.x
- Windows Server 2012 or later
You must also complete the following tasks:
- Install your Barracuda Load Balancer ADC(s), connect to the web interface, and activate your subscription(s).
- To deploy Citrix XenApp and/or XenDesktop with high availability, you must cluster your Barracuda Load Balancer ADCs. For more information, see High Availability.
Barracuda Load Balancer ADC Service Options
On the Barracuda Load Balancer ADC, create services for the types of traffic that are supported by your Citrix servers. Depending on the traffic type, you can create Instant SSL, HTTP, or HTTPS services.
Scenario | Service Options |
---|---|
Citrix servers support traffic over HTTP only | Create the CITRIX_HTTP service. |
Citrix servers support traffic over HTTPS only | Create the CITRIX_HTTPS service. |
Citrix servers support traffic over HTTP and HTTPS | If you want to offload SSL to the ADC and redirect HTTP traffic to an HTTPS service, create the CITRIX_INSTSSL service, otherwise create a combination of the CITRIX_HTTP service and CITRIX_HTTPS service. |
Step 1. Configure the XenApp and XenDesktop Servers
Set up at least two Citrix XenApp and XenDesktop servers in a server group configuration and license both servers. Ensure that the Citrix Store Front is properly configured. HTTP is enabled by default. If you want to use HTTPS or Instant SSL, first make the appropriate changes to the internal and external access links.
Step 2. Create Services on the Barracuda Load Balancer ADC
Step 2A. Create Citrix StoreFront Service
Add services according to the type of traffic supported by your Citrix servers.
- Log into the Barracuda Load Balancer ADC as the administrator.
- If you want to create an HTTPS or Instant SSL service, go to the BASIC > Certificates page and import the same certificate you configured for the Citrix servers.
- Go to the BASIC > Services page.
For each type of service that you add from Table 1, click Add Service and enter the values in the corresponding fields
Table 1. Available Services
Name | Type | IP Address | Port | Session Timeout | Server Monitor |
---|---|---|---|---|---|
CITRIX_HTTP | HTTP | VIP address for the Citrix service For example: 10.5.7.193 | 80 | 0 |
|
CITRIX_HTTPS | HTTPS | VIP address for the Citrix service For example: 10.5.7.193 | 443 | 0 |
|
CITRIX_INSTSSL | INSTANT_SSL | VIP address for the Citrix service For example: 10.5.7.193 | Port: 443 HTTP Redirect Port: 80 | 0 |
|
- Specify these settings in the Load Balancing section:
- For Algorithm, select Least Requests.
- For Persistence Type, select Cookie Insert.
- Enter a name for the cookie and configure the cookie settings that appear.
- In the Persistence Time field, enter 1200.
- Click Create.
Step 2B. Create Display Service
Name | Type | IP Address | Port | Session Timeout | Server Monitor |
---|---|---|---|---|---|
CITRIX_DISPLAY | TCPPROXY | VIP address for the Citrix service For example: 10.5.7.193 | 2598 | 0 | Testing method: TCP PORT check |
Specify these settings in the Load Balancing section:
- For Algorithm, select Weighted Round Robin.
- For Persistence Type, select None.
Step 3. Configure Citrix XenApp Server
After adding your Citrix XenApp servers to your service, you should configure Citrix Xen App/Desktop deployment settings for client to send XenApp traffic ADC to external users/internal users.
- Navigate to ADVANCED > System Configuration > StoreFront Settings.
- Specify the details for the following fields.
- Secure Web Connection Service - Select one of the service CITRIX_HTTP/ CITRIX_HTTPS/CITRIX_INSTSSL as the storefront secure web connection service.
- ICA Display Service - Select CITRIX_DISPLAY as the display service.
- ICA Display Service Public IP - The public IP of the display service when the service is configured on a private network on ADC.
- ICA Address Search Pattern - The IP address followed by this pattern in the ICA file that is used to persist the traffic to the Xen App/Desktop servers. The default value is Address=.
- Dual ADC Storefront Configuration - Select No.
- Click Save
Step 4. Add the Real Servers
Add your Citrix servers to your services. Configure each Citrix server as follows:
On the BASIC > Services page, verify that the correct service for the server is displayed.
- Click Add Server.
- Enter the IP address and port of the server.
- If you are adding the server to an CITRIX_HTTP or CITRIX_INSTSSL service, use Port 80.
- If you are adding the server to an CITRIX_HTTPS service, use Port 443.
- If the server is part of a cluster, specify whether it is a Backup server and enter its Weight for the load balancing algorithm.
- If you are adding the server to an HTTPS service, enable SSL.
- Set Servers uses SSL to On. If you do not enable the server to use SSL, unencrypted traffic is passed to the server because the Barracuda Load Balancer ADC decrypts incoming traffic in order to maintain session persistence using HTTP cookies.
- Select the Certificate that you uploaded for the Citrix server.
- Click Create.
Step 5. Configure DNS
Create an A record to point to the VIP address that you set on the Barracuda Load Balancer ADC for the Citrix XenApp and XenDesktop service.
For example, if you want to use the name citrix and your domain is barracuda.com, your A record would appear as follows:
Name | IP Address |
---|---|
citrix.barracuda.com | 10.5.7.193 |
Step 6. Verify Your Configuration
Go to the Citrix Store Front site by using the name that you set in the A record, and verify that you can log in and use the applications.
For example: citrix.barracuda.com/StoreWeb
Next Steps
You can configure authentication and access control for your applications. For more information, see Access Control.