While prepping for a new XenMobile 10 deployment that required high availability, I started working with clustering the virtual appliance. With some guidance from the XenMobile team and some lab testing, I was able to get it working and verify the functionality. Since the documentation for XenMobile 10 clustering hasn’t been released yet, I thought I would share my experience for anyone else looking to do clustering in XenMobile 10.
In XenMobile 10, the architecture changes from XenMobile 9 where you had separate mobile device management servers running on Windows and App Controller virtual appliances to single virtual appliance that has both mobile device management and App Controller functionality. You no longer have to worry about the process of high availability of mobile device management servers or choose between high availability or clustering for App Controller virtual appliances. In XenMobile 10, clustering the XenMobile virtual appliance has been simplified!
Configuring XenMobile 10 Clustering
To configure clustering in XenMobile 10, first import/deploy the appliance on the supported hypervisor of your choice. You only need to import the virtual appliance once for the initial virtual appliance configuration. The appliance will be shutdown after initial configuration, cloned, and IP address changed as part of the clustering process.
After the virtual appliance is imported, power it on start the configuration. Logon with default credentials of admin for username and admin for the password. You will be prompted to change the password during the initial configuration.
Enter the following network information for the virtual appliance:
- IP Address
- Subnet Mask
- Gateway
- Primary DNS
- Secondary DNS
Confirm the settings to continue.
Generate a random passphrase to secure server data/for protection of the encryption keys.
Do not enable FIPS mode unless required.
For the Database connection, remote is required. We can are going to set up a connection to a remote SQL Server. Enter mi for Microsoft SQL.
Enter the following information to connect to the remote SQL Server:
- SSL Use
- Server
- Port
- Username
- Password
- Database Name
Commit the settings when completed.
XenMobile 10 has to create the database. If you try using a pre-created database like in previous versions, you will get errors. XenMobile needs to create the database so the credentials you use to connect to remote SQL Server need dbcreator role according to the product documentation, but have seen errors creating the database unless it has the sysadmin role.
Enable cluster.
Enter the XenMobile Server FQDN and commit the settings.
Use the default communication ports and commit the settings.
Use the same password for all the certificates, enter and re-enter the password, and commit the settings.
Use the default username or enter a new one, enter and re-enter the password, and commit the settings.
No to upgrade from previous release.
Once the configuration app and main app are restarted you will be prompted with a logon prompt. Log onto the XenMobile virtual appliance console with the credentials entered earlier during the initial system configuration.
Enter the Clustering Menu.
Show Cluster Status.
Notice the Current Node ID and Cluster Members information. At this time only this member should show.
Display Hazelcast Cluster.
Notice the Hazelcast Cluster Members. Yes, there is a typo in the console here. At this time only this member should show.
Cluster member white list.
Here you can enter the cluster members or leave blank for no access restriction. Enter the IP addresses comma separated with the no spaces. For example 192.168.1.1,192.168.1.2. Also the example shows you can enter a network. For example 192.168.1.0/24, but this will not work and will give you an error. This has been reported to the XenMobile team and should be removed in an upcoming update.
Shutdown the XenMobile virtual appliance by returning to the Main Menu, entering the System Menu, and choosing the Shutdown Server option.
Once the XenMobile virtual appliance is shutdown, a clone/copy needs to made. If you are using different hosts or clusters/resource pools that are not connected you can also export and import the virtual appliance.
When the clone/copy or export/import process is completed, power the virtual appliance. Make sure to leave the initial virtual appliance powered off. Log onto the virtual appliance.
Enter the Configuration Menu.
Network option and go ahead with the changes.
Change the network settings and reboot the virtual appliance to apply the updated network settings.
After the virtual appliance reboots, we need to check the cluster status and hazelcast cluster status. Log onto the virtual appliance.
Enter the Clustering Menu.
Show Cluster Status.
Notice the Current Node ID and Cluster Members information. At this time both cluster members should show.
Display Hazelcast Cluster.
Notice the Hazelcast Cluster Members. Yes, there is a typo in the console here. At this time only this member should show.
Power on the initial XenMobile virtual appliance at this time. Following the same steps above, check the cluster status and hazelcast cluster status.
Show Cluster Status.
Notice the Current Node ID and Cluster Members information. Both cluster members should show.
Display Hazelcast Cluster.
Notice the Hazelcast Cluster Members. Both members should show.
Check the second XenMobile virtual appliance cluster status and hazelcast cluster status again.
Show Cluster Status.
Notice the Current Node ID and Cluster Members information. Both cluster members should show.
Display Hazelcast Cluster.
Notice the Hazelcast Cluster Members. Both members should show.
Launch the web console by browsing to https://IP address:8443. The IP address can be either of the cluster members. Logon using the credentials entered earlier during the initial system configuration. By default the username is administrator and the password set during the initial system configuration.
Start the initial configuration.
Enter the Licensing information and click Next.
Click Import to import the APNs certificate.
Enter the following import information:
- Import – Keystore
- Keystore type – PKCS#12
- Use as – APNs
- Keystore file – Browse to your APNs PFX file
- Password – enter the PFX file password
Click Import.
Click OK.
Click Import to import the Server SSL certificate
Enter the following import information:
- Import – Keystore
- Keystore type – PKCS#12
- Use as – Server
- Keystore file – Browse to your PFX file
- Password – enter the PFX file password
Click Import.
Click Import to import the SSL Listener certificate.
Enter the following import information:
- Import – Keystore
- Keystore type – PKCS#12
- Use as – SSL Listener
- Keystore file – Browse to your PFX file
- Password – enter the PFX file password
Click Import.
Click OK.
Verify the certificates and click Next.
Enter the NetScaler Gateway information and click Next.
Enter the information to connect to LDAP/Active Directory and click Next.
The LDAP/Active Directory configuration did not like using a NetScaler virtual server for LDAP/Active Directory. I had to enter individual LDAP/Active Directory servers. I have not looked into why yet, but just know you will get errors using NetScaler virtual server for primary or secondary server for LDAP/Active Directory.
Enter the Notification Server settings and click Next. You can also just click Next to skip entering settings at this time.
Verify the settings and click Finish.
Click Start Managing Apps and Devices.
Reboot each XenMobile virtual appliance in the cluster one at a time. After the reboots are completed, log back onto the web console by browsing to https://IP address:8443. The IP address can be either of the cluster members.
After logging back onto the XenMobile web console, click the tool/wrench icon next to the username.
Click Cluster Information under Advanced.
Verify the Cluster Members and review the Messages.
Review the Tasks and verify the Hazelcast Cluster Information.
You should now have a XenMobile 10 cluster setup with initial configuration completed. The process is much simpler than previous versions. Especially on the mobile device management side since you no longer have to manually edit config files and copy certificates on the servers.
Once again I would like to thank the XenMobile team for guidance on setting up clustering in XenMobile 10. I hope to see official guides/documentation from Citrix soon on XenMobile 10 high availability, clustering, disaster recovery, etc. This article is a community guide and not official guidance/process on setting up XenMobile 10 clustering.
If you have found this article interesting of if you have any insights, please feel free to contact me via email.