Move your VMware and KVM applications to the cloud without making any changes

  • February 20, 2015

Upgrade testing NetScaler VPX: How to guide

Load-balancers are common place today. Enterprises use it to distribute the traffic between multiple back-end servers - web servers, dns servers or SharePoint. With every new release of a load-balancer, IT infrastructure teams are left scrambling for resources to upgrade test the newer version before deploying it in production. Recreating a high fidelity version of the production environment can be challenging and expensive. But it shouldn’t be! Nested virtualization provides the ability to create a high fidelity copy of the production environment (with same networking and storage overlay as production) in a matter of minutes. This post chronicles my experiences in getting a NetScaler VPX running on AWS and Google Cloud using Ravello - a nested virtualization platform.

NetScaler VPX in my Data Center

I have a NetScaler VPX running in my Data Center with the following topology -

In this setup, when I point my web-browser at the NetScaler Virtual IP (, it passes the HTTP GET request to one of the web-servers on the Subnet IP (, and once the request has been serviced, relays the response back to the web-browser that initiated the request. The web-servers (WS1 and WS2) are essentially Ubuntu LAMP servers running a php that displays the hostname of the server when responding to the request.

Recreating high-fidelity NetScaler environment in Ravello

Recreating an upgrade test environment in Ravello involved four key steps -

  1. Downloading the NetScaler VPX that I wanted to upgrade test
  2. Uploading my VMs (web-servers and NetScaler VPX downloaded) to Ravello
  3. Defining application environment for NetScaler and web-servers
  4. Copying NetScaler config (ns.conf) from one in my Data Center Netscaler to the one uploaded to Ravello

Here are the steps in more detail.

1. Downloading NetScaler for upgrade test

I downloaded the NetScaler VPX 10.1 running on KVM that I wanted to upgrade-test from the Citrix downloads portal. Next, I untar-ed the package to get to the contents. Of particular interest were the the raw image (NSVPX-KVM-10.1-124.13_nc.raw) and the NSVPX-KVM.xml that contained the meta data for the NetScaler VM and the interface types enabled. Of particular interest were the following xml snippets that indicate the MAC address that NetScaler expects for the management interface, and the specific controller/bus types for network interfaces (virtio) and disk (virtio).

2. Uploading VMs

Once I had the NetScaler image (raw) downloaded and web-server VMs (vmdk), I proceeded to upload them to Ravello. I renamed the raw file extension to qcow before I began.

Uploading VMs using Ravello VM Uploader was a breeze. I was prompted with multiple options, and I chose the third option to upload my QCOW and VMDK images. Ravello’s user interface kept me updated on the upload progress.

3. Defining application environment for NetScaler and web-servers

Once my VMs were uploaded to VM Library, Ravello prompted me to verify each of the VM settings.

1. Verification started by asking for a name for the NetScaler
2. Clicking ‘Next’, I entered the amount of resources (VCPUs and Memory) that I want my NetScaler VPX to run on. Please note NetScaler KVM needs a minimum of 2 VCPUs to boot up. Any less, and NetScaler will not be able to turn on.
3. Clicking ‘Next’, I was taken to the Disk tab. I chose the ‘VirtIO’ as the controller for Disk (based on the ‘VirtIO’ bus for disk we had seen in the xml snippet above). Also, I deleted any additional disks (<1MB size) that showed up on this screen, so that I was only left with the 20 GB NetScaler disk.
4. Clicking ‘Next’ I landed at Network tab. Here, I turned off “Auto MAC” and entered the MAC address copied from the xml snippet above, and choose VirtIO as the device type (based on xml snippet). The NetScaler boots up with a management interface with IP / netmask / gateway by default - I entered these values on this tab. Don’t worry, you will get the chance to change it once NetScaler boots up. Click Public IP radio button, and check “Even without external services”.
5. Clicking ‘Next’, I created two services (http and ssh) on the management IP. This essentially opened up the corresponding ports for external access in Ravello. Clicking ‘Finish’, my NetScaler VM was ready for deployment.
6. I created an Application (Applications > Create Application) on Ravello titled ‘NetScaler-Verify’ and dragged and dropped my NetScaler VM on canvas. Next, I clicked ‘Publish’ to run it on AWS. Once the NetScaler booted up, I pointed my web-browser at the Public IP listed in the ‘Summary’ tab.
7. On my web-browser, I was prompted with the NetScaler’s management login screen. My NetScaler VPX with factory settings was up and running on AWS. I logged in using default credentials (nsroot/nsroot) to apply NetScaler license.
8. Next I dragged and dropped my web-server VMs on Ravello’s application canvas that I had created earlier.
9. I proceeded to configure my web-server settings in Ravello. I was prompted with similar screens as those with NetScaler. General tab allowed me to name the web-server
10. Clicking Next allowed me to allocate the resources (vCPU and Memory) for my web-server to run on.
11. Storage tab was already populated with correct disk size and controller.
12. Clicking Next, I was taken to the Network tab. Here I entered my web-server’s IP address, netmask, and under the ‘Advanced’ settings configured a VLAN tag 102. I will use this VLAN tag on the second web-server’s interface and also on the NetScaler’s internal Subnet IP to put them all under the same VLAN.
13. Under ‘Services’ tab, I didn’t configure any services. This web-server is an internal entity and hence shouldn’t have any access outside of the VLAN. I repeated the similar configuration steps for my second web-server, and published my Application to AWS using Ravello.
14. To generate HTTP requests, I uploaded a Windows VM to Ravello, and went through a similar configuration exercise as with the web-servers. Under the Network tab in Advanced section for the Windows VM, I set the VLAN Tag 101 to put it on a different network from the web-servers.
15. To simplify the test setup, I also configured the Windows to have a static IP and configured the gateway to be the external subnet IP ( that will be configured on the NetScaler

4. Copying NetScaler configuration

With my Ravello environment ready, the next step was to configure the NetScaler on Ravello. The configuration steps (1-7) above were geared towards getting the NetScaler running in ‘factory mode’ so that I could get to the point of copying the NetScaler configuration (ns.conf) from my Data Center to the NetScaler on Ravello using the public IP associated.

1. I used scp to copy the NetScaler configuration (ns.conf) from my Data Center NetScaler to the one running on Ravello at the public IP for the management interface on NetScaler’s Summary tab (see step 6 above).
2. Next, I modified Ravello’s NetScaler VM settings to reflect the 3 IPs and interfaces present in my Data Center NetScaler’s ns.conf corresponding to management, external and internal interfaces. Please note the VLAN tags under “Advanced” for my NetScaler Subnet IPs for internal ( and external interfaces ( correspond to the VLAN tags we had set up for web-servers (102) on internal network and Windows VM (101) on the external network. This helps us separate the external and internal networks. The Virtual IP ( is tied to the external subnet IP ( on NetScaler.
3. I rebooted the NetScaler for the new configuration to take effect. Once it was back up again, I was able to login to NetScaler’s management interface using the public IP, and navigate to the interfaces & IP addresses to confirm they were active.
4. Here is a quick view of my overall network setup at the end of this exercise.

Verifying that NetScaler works

To confirm that NetScaler is working, I opened a web-browser on the Windows client on the external network, and pointed it to my Virtual IP. Note the HTTP GET request being answered by one of the two web-servers in a round-robin fashion when I hit refresh (evidenced by hostname returned by the php script).

Clone and version control NetScaler deployment

Ravello allowed me to take a ‘Blueprint’ of my NetScaler application. Blueprint is akin to taking a snapshot of the entire NetScaler infrastructure including the VMs, networking and storage, and saving it. Using the Blueprint as a template, I was able to spin up multiple clones of my NetScaler environment at the click of a button. Further, when I made changes to my NetScaler infrastructure, I was able to save it as yet another Blueprint – this was like a version control for my entire infrastructure! This feature proved extremely helpful when facing any issues and one wants to be able to revert to last blueprint-ed working state.


Ravello’s nested virtualization and overlay networking provides a straightforward easy way to use public cloud to upgrade test a new NetScaler version before deploying it in production environment – using the same VMs you would deploy in your Data Center. Just sign up for a free Ravello trial, and drop us a line – we can share the NetScaler config referenced, and also help you get your NetScaler VPX running ‘as-is’ in Ravello in no time.

[video url="https://www.youtube.com/watch?v=U518cOb6ggE"]

[slideshare id=46237089&doc=netscalersmartlabsinthecloud-150324150726-conversion-gate01]

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.