So over the last few days, I’ve had several people ask me for assistance load balancing Norskale VUEM / Citrix Workspace Environment Manager.
So after conferring with Hal Lange of TCC to make sure I had my info right, its time to get this out there.
WEM is a pretty straight forward architecture, there is the SQL Database and then the Broker that the agents communicate with.
We just need it to look more like this picture:
So the first order of business is that if you are going to load balance WEM you absolutely need to setup a SPN.
The installation instructions reference it, but for those who need it again.
setspn -U -S Norskale/BrokerService [accountname]
I can’t stress enough that this needs to be done this way for windows authentication, go reconfigure your service properly before proceeding if you need to!
Once you have your SPN go configure your broker servers identically with the Broker Service Configuration.
During the configuration, you have a network settings page that shows you all the ports we are going to need for this.
So two comments about the ports, first they are all TCP. Secondly, there is a listing for the Monitoring Broker port, that functionality can be ignored for now. As you can see in the netstat below, there is no listener currently.
Netstat -ano or netstat -a -n -o if you prefer my bad habits.
You’ll see that it’s listening on 8284-8286 and all TCP, but nothing on 8287.
For those Curious, here is some information on the ports:
Admin Broker Port: this port is used by the Administration Console to connect to the Citrix Workspace Environment Management Infrastructure Services.
Agent Broker Port: this port is used by your Citrix Workspace Environment Management Agent Hosts to connect to the Citrix Workspace Environment Management Infrastructure Services.
Agent Sync Broker Port: this port is used by the Citrix Workspace Environment Management Agent Host service to synchronize its cache with the Citrix Workspace Environment Management Infrastructure Services.
Now last bit is if you check there is also a firewall rule created by the installer showing the ports you want.
Now that we have our prep work done we can get with the actual load balancing
Add your servers into Traffic Management -> Load balancing -> Servers
Now we can do this two ways.
One option is that we could just configure a Service Group & VIP for any protocol and any Port.
For those that prefer that feel free, I am going to show doing one for each port.
The Broker is stateless so no need to set persistence either.
add server XD7-WEM01 172.22.17.42
add server XD7-WEM02 172.22.17.43
add serviceGroup XD7-WEM-BrokerAdmin TCP -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 9000 -svrTimeout 9000 -CKA NO -TCPB NO -CMP NO
add serviceGroup XD7-WEM-AgentBroker TCP -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 9000 -svrTimeout 9000 -CKA NO -TCPB NO -CMP NO
add serviceGroup XD7-WEM-AgentSync TCP -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 9000 -svrTimeout 9000 -CKA NO -TCPB NO -CMP NO
add lb vserver XD-WEM-BrokerAdmin TCP 172.22.25.114 8284 -persistenceType NONE -cltTimeout 9000
add lb vserver XD-WEM-AgentBroker TCP 172.22.25.114 8286 -persistenceType NONE -cltTimeout 9000
add lb vserver XD-WEM-AgentSync TCP 172.22.25.114 8285 -persistenceType NONE -cltTimeout 9000
Now recreate this for the Agent Broker port (8286) and Agent Sync (8285) Ports.
Now create 3 load balanced VIPs one for each port on the same IP.
You can leave Method & Persistence as defaults since this is not stateful data.
Now create the other two LBVIP’s for the other two ports
Once complete we’ll need to update your GPO pushing out the Broker Config to your agents.
Add in your DNS name for your shiny new vip.
Once the GPO is updated and you refresh computer policy you can force an agent check in by right-clicking on the status bar icon and selecting refresh.
One of the logs you can check to validate everything is working is in %userprofile%\Norskale Vuem Agent.log
There is also a Citrix WEM Agent Init.log in the same path
8:35:03 AM Event -> MainController.InitAgentLog() : Init Log finished. Now Switching to Main Log…
8:35:03 AM Event -> MainController.ProcessAgentInitOperations() : Broker Service Name -> wem.lab.revord.net
8:35:03 AM Event -> MainController.ProcessAgentInitOperations() : Broker Service Port -> 8286
8:35:03 AM Event -> MainController.ProcessAgentInitOperations() : EnableAgentLogging -> True
8:35:03 AM Event -> MainController.ProcessAgentInitOperations() : AgentLogFile -> %USERPROFILE%\Norskale Vuem Agent.log
Shows that we have hit the server, you can browse the log for any errors but at this point you should be good.
Again I’d like to thank Hal Lange (@Hal_Lange) for his assistance with this post.
Here is the FAQ for logs for VUEM Agent from Norskales site.
June 24, 2016 04:39
By default, all of VUEM’s components will log what they do to their own logs, and in some cases to Windows Event Viewer logs. This KB article covers where to find the logs for the various VUEM components.
Norskale VUEM Agent
The Agent will always create three logs, with a fourth log created only if the Agent service is in debug mode. By default, the logs are created in non-verbose mode. To enable verbose logging (debug mode), go to Advanced Settings > Agent Options in the Administration Console and tick the “Debug Mode” checkbox (Advanced Settings > Service Options for the Norskale Agent Host Service). This is a site-wide setting and will apply to every Agent/Service connected to the site for which you enabled debug mode.
Norskale VUEM Agent Init.log
This is the initialisation log for the Agent, which will log the Agent starting up. If the Agent fails to start up, this log will likely contain the relevant error message. This log is created in the root of the current user’s Users folder. Errors in this log are listed as Exceptions.
Norskale VUEM Agent.log
This is the main Agent log, which will list what instructions the Agent is processing. If one of the actions assigned to the current user is not showing, this log will likely contain the relevant error message. This log is created in the root of the current user’s Users folder. Errors in this log are listed as Exceptions.
Norskale Agent Service log (Event Viewer)
This event viewer log contains events pertaining directly to the Agent service (cached settings refresh and connection events). This log is under the Applications and Services Logs category in Event Viewer.
Norskale Agent Host Service Debug.log
When debug mode is enabled for the service, the Agent service will create a new log file in verbose mode in the Agent install directory with the name “Norskale Agent Host Service Debug.log.”
Norskale Administration Console
The Administration Console only creates one log file.
Norskale Administration Console Trace.log
This is the main log for the Administration Console; it is only created if the admin console is in debug mode, and will only logs exceptions. If the Administration Console is erroring out, this log will likely contain the cause of the error. This log is created in the root of the current user’s Users folder. To enable verbose logging (debug mode), go to the About tab in the ribbon > Local Options and tick the “Enable Debug Mode” checkbox.
Norskale Broker Service
The Broker Service creates only one log file by default but will create a second if verbose logging is enabled.
Norskale Broker Service (Event Viewer)
This event viewer log is where the Broker Service will log all errors when not in debug mode. This log is under the Applications and Services Logs category in Event Viewer. To enable debug mode, run the Broker Service Configuration utility and select “Enable Debug Mode” under the Advanced Settings tab.
Norskale Broker Service Debug.log
This log is created in the Broker Service install directory when verbose logging is enabled. To enable verbose logging for the Broker Service, go to the Advanced Settings tab in the Broker Service Configuration utility and tick the “Enable Debug Mode” checkbox. This will log all events, and errors are logged as Exceptions.
Norskale Database Management utility
The Database Management utility only creates one log file.
Norskale Database Management Utility Debug Log.log
This log is created whenever the Database Management utility attempts a database creation or upgrade, and logs all errors pertaining to those operations. This log is created in the Norskale Infrastructure service’s install directory.
Agent Debug Mode Local Override
In cases where the agent cannot connect to the broker, toggling debug mode on in the admin console will not work, as the agent will not be able to connect to retrieve the updated settings. To set debug mode as a local override, open RegEdit and browse to the following registry key:
To force debug mode on for the agent, set AgentDebugModeLocalOverride to 1, close the agent and re-launch it manually. To force debug mode on for the agent service, set AgentServiceDebugModeLocalOverride to 1, then restart the agent service.