Download presentation
Presentation is loading. Please wait.
Published byNorma Conley Modified over 10 years ago
1
DataStream
2
MySQL Pre-Reqs & Info
3
© 2012 Citrix | Confidential – Do Not Distribute Requirements MySQL 5.X XP, Vista, Win 7, Windows 2000, Windows Server 2003, *nix Install using an admin/root account Requires TCP\IP Minimum of 200MB required to install and create databases. (A lot more will be required for Command center.)
4
© 2012 Citrix | Confidential – Do Not Distribute Choosing an Installation for Windows There are three types of package: Essentials - has a file name similar to mysql-essential-5.X.XX-win32.msi and contains the minimum set of files needed to install MySQL on Windows, including the Configuration Wizard. Complete - has a file name similar to mysql-5.0.91-win32.zip and contains all files needed for a complete Windows installation, including the Configuration Wizard. This package includes optional components such as the embedded server and benchmark suite. No-Install - has a file name similar to mysql-noinstall-5.0.91-win32.zip and contains all the files found in the Complete install package, with the exception of the Configuration Wizard. No automated installer, manual installation & configuration.
5
© 2012 Citrix | Confidential – Do Not Distribute Generic Windows Platform Limitations The number of open file descriptors on Windows is limited to a maximum of 2048, which may limit the ability to open a large number of tables simultaneously. This limit is due to the compatibility functions used to open files on Windows that use the POSIX compatibility layer. This limitation will also cause problems if you try to set open_files_limit to a value greater than the 2048 file limit.
6
© 2012 Citrix | Confidential – Do Not Distribute Generic Windows Platform Limitations On Windows 32-bit platforms it is not possible to use more than 2GB of RAM within a single process, including MySQL. This is because the physical address limit on Windows 32-bit is 4GB and the default setting within Windows is to split the virtual address space between kernel (2GB) and user/applications (2GB). To use more memory than this you will need to use a 64-bit version of Windows.
7
© 2012 Citrix | Confidential – Do Not Distribute Generic Windows Platform Limitations When using MyISAM tables, you cannot use aliases within Windows link to the data files on another volume and then link back to the main MySQL datadir location. This facility is often used to move the data and index files to a RAID or other fast solution, while retaining the main.FRM files in the default data directory configured with the datadir option.
8
© 2012 Citrix | Confidential – Do Not Distribute Generic Windows Platform Limitations The timers within MySQL used on Windows are of a lower precision than the timers used on Linux. For most situations you may not notice a difference, but the delay implied by a call to SLEEP() on Windows and Linux may differ slightly due to the differences in precision
9
MySQL installation
10
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Installation Type
11
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Now we will install MySQL on a dedicated server. Some install options, we’ll choose server options.
12
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Choose Features
13
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Splash Screen
14
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Check to continue SQL Server Configuration.
15
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step
16
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Server Type Developer machine will use slightly less resources, memory etc.
17
© 2012 Citrix | Confidential – Do Not Distribute MySQL & Installation Step by Step Choose DB Engine: InnoDB is a newer technology – and future Command Center versions will require this version of DB (Transactional DB Only)
18
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Choose Path for InnoDB
19
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Choose approx No of Connections
20
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step TCP Port and Firewall exception.
21
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Character Support
22
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Install as service
23
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Set root password This is needed to login with the MySQL CLI tool, or if you are installing Command Center.
24
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Installing...
25
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Benign FW message when you select the previous option to add a firewall exception.
26
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step Installation completed
27
© 2012 Citrix | Confidential – Do Not Distribute MySQL Installation Step by Step If you need to reconfigure how MySQL server runs, then you just need to launch the MySQL Instance Config Wizard
28
MySQL DB Configuration
29
© 2012 Citrix | Confidential – Do Not Distribute MySQL & Command Center Installation Step by Step Opened MySQL Command Line client, and added a database. create database COMCENTDB;
30
© 2012 Citrix | Confidential – Do Not Distribute MySQL & Command Center Installation Step by Step Run the following command on MySQL to view the database names. show databases;
31
© 2012 Citrix | Confidential – Do Not Distribute Troubleshooting For INNODB and MYISAM we have seen that optimize table de fragments the datafile & may free up some space. (http://dev.mysql.com/doc/refman/5.0/en/optimize-table.html).http://dev.mysql.com/doc/refman/5.0/en/optimize-table.html If space is tight, we could optimize tables which we know have quite a few updates and deletes. Example usage to optimize these table are: mysql> optimize table MEVSERVER; mysql> optimize table MESERVICES; mysql> optimize table MEVSERVICES; mysql> optimize table MESVCGROUP; mysql> optimize table REPORTS_HOURLY;
32
Basic SQL Commands via the MySQL CLI
33
© 2012 Citrix | Confidential – Do Not Distribute Create Only some system DBs on MySQL when installed, you should create your own DB Commands end with a semi colon. If none is entered, the cursor goes to newline to continue the query. create database tscitrix;
34
© 2012 Citrix | Confidential – Do Not Distribute Users Most customers do not use the root account for writing to their DB. One can create a user like so: create user 'nsuser'@'localhost' IDENTIFIED BY 'citrix'; Localhost means they can only log on from the localhost Citrix is the password associated with the user nsuser is the user ID.
35
© 2012 Citrix | Confidential – Do Not Distribute Users If users need to authenticate from systems other than the localhost – they need to be added thus: (i.e. no host) create user 'mysqluser' IDENTIFIED BY 'citrix'; Now that we’ve added users, we now need to assign them rights: GRANT ALL PRIVILEGES ON tscitrix.* TO 'nsuser'@'localhost'; Specifying the DB name.* means all tables belonging to that DB.
36
© 2012 Citrix | Confidential – Do Not Distribute Users To see what rights a particular user has, issue the SHOW GRANTS command: SHOW GRANTS FOR 'nsuser'@'localhost';
37
© 2012 Citrix | Confidential – Do Not Distribute Running Commands against a DB First – we need to select the DB we want to use, as the same table might exist in multiple tables. use tscitrix; This means that all subsequent commands like select etc, will assume that tscitrix in the example above is the database to perform operations on.
38
© 2012 Citrix | Confidential – Do Not Distribute Creating a table CREATE TABLE eg_autoincrement ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, data VARCHAR(100) ); Table name is eg_autoincrement First Column is called ID and is a non-zero integer which increments The second column is a character string field with a max of 100 chars.
39
© 2012 Citrix | Confidential – Do Not Distribute Viewing a table’s characteristics We can use the DESC tablename command to describe or view a table’s characteristics, e.g. what format is each column.
40
© 2012 Citrix | Confidential – Do Not Distribute Updating the table (writing to it) INSERT INTO eg_autoincrement (data) VALUES ('Hello world'); Inserts the value Hello world into the DB, with the id value being 1. (can’t be zero). INSERT INTO eg_autoincrement (data) VALUES (‘st else'); Inserts the value st else into the 2nd row of the table with an id value of 2.
41
© 2012 Citrix | Confidential – Do Not Distribute Viewing the table contents To view the contents of a table, we can just use a select statement: select * from eg_autoincrement;
42
© 2012 Citrix | Confidential – Do Not Distribute Viewing the table contents Viewing specific information from a DB:
43
© 2012 Citrix | Confidential – Do Not Distribute Viewing tables Show tables; You can only use this command after selecting a database.
44
© 2012 Citrix | Confidential – Do Not Distribute SQL Helper Tools – HeidiSQL Available at the following URL: http://www.heidisql.com/download.php http://www.heidisql.com/download.php Easy to install Easy to connect to a DB Easy to create SQL statements
45
© 2012 Citrix | Confidential – Do Not Distribute Connecting to a DB Your MySQL LB Vserver IP MySQL user MySQL Password LB Port
46
© 2012 Citrix | Confidential – Do Not Distribute Navigating the tables & databases Database Tables
47
© 2012 Citrix | Confidential – Do Not Distribute Editing table contents & generating SQL statements Select a table Data Tab Manipulate data SQL Statements Below
48
© 2012 Citrix | Confidential – Do Not Distribute SQL Helper Tools – MySQL Workbench Available at the following URL: http://www.mysql.com/downloads/workbench/ http://www.mysql.com/downloads/workbench/ Free Data modelling, SQL development, server admin Connects either directly or through SSH tunnel
49
© 2012 Citrix | Confidential – Do Not Distribute Connecting to a DB Your MySQL LB Vserver IP and port MySQL user MySQL Password
50
© 2012 Citrix | Confidential – Do Not Distribute Navigating the tables & databases Database Tables Queries Results Output log
51
© 2012 Citrix | Confidential – Do Not Distribute SQL Helper Tools – PHPMyAdmin Completely web-based Can run on the same server Needs apache Easy configuration
52
Why DataStream?
53
© 2012 Citrix | Confidential – Do Not Distribute With the rapid growth of online Internet applications…....... there’s a voracious need for database capacity to enable organizations to be responsive ……. and to analyze their business for optimal performance. Data Explosion
54
© 2012 Citrix | Confidential – Do Not Distribute Key Database Challenges – Forrester Research
55
© 2012 Citrix | Confidential – Do Not Distribute Scaling Database Architectures Scale UpScale Out Performance Replace existing SMP server with bigger SMP server to add capacity Add capacity on demand with commodity servers HA/Failover HA cluster DB proxy or middleware TCP load balancers System Cost 12 CPU SMP server can cost over $500K 24 commodity servers cost ~$100K
56
© 2012 Citrix | Confidential – Do Not Distribute Database Scaling Issues PerformanceScalability Lack of solutions to scale database performance cost effectively Connection capacity does not scale linearly for MS SQL Server Applications are getting more complex and data dependent Non-optimal utilization of database server resources No SQL-intelligent load balancing; TCP- based load balancing Lack of deep application-level health checks Complex scripts results in downtime and operational expenditures when database clients or servers are added/removed
57
© 2012 Citrix | Confidential – Do Not Distribute Existing Solutions to Scale Databases FunctionDeficiencies Database Proxy Low-level load balancer Not available for MS SQL Open-source solution – not actively maintained Limited load balancing algorithms and health checks Middleware Customized solution to distribute DB transactions Expensive custom solution Requires customer maintenance TCP Load Balancer Distributes DB transactions at a connection level, not a query level No query-level load balancing, content switching, health checks or SQL connection multiplexing
58
© 2012 Citrix | Confidential – Do Not Distribute Internet Web/App Tier NetScaler DataStream in Database Tier High Availability Scalability App Security High Performance High Availability Scalability App Security High Performance TCP Load Balancer High Value Limited Value HTTP Native SQL Simple HA Simple LB Microsoft SQL Server DB Tier TCP Conn Multiplexing Content Switching High Availability Conn Multiplexing Content Switching High Availability Improved Availability Optimal Scale-Out Connection Scale-Up NetScaler NetScaler DataStream TM TDS Protocol aware
59
© 2012 Citrix | Confidential – Do Not Distribute NetScaler DataStream Benefits SQL Multiplexing Scale TCP connections Host more DBs on server Reduce SQL hardware SQL Conn. Offload Frees memory/cpu resources Faster query execution Native SQL LB Request switching Fast app response SQL Aware Policies Read/write split DB sharding Granular control Automated IP Failover Virtual IP based Lower cost HA Intelligent Monitoring Replication state aware NetScaler provides ScaleUp like performance for ScaleOut like economics
60
© 2012 Citrix | Confidential – Do Not Distribute A Z D Y Load Balancer BC EF A,B,C….Y,Z -> SQL Queries DB Tier Microsoft SQL Server Scale-Up Master DB Active/Passive Scale-Out Read-Only DB TCP Load Balancer
61
© 2012 Citrix | Confidential – Do Not Distribute L7 Based load balancing mechanism Z DEF Y NetScaler A,B,C….Y,Z -> SQL Queries SQL Connection Multiplexing/Content Switching DB Tier Microsoft SQL Server Scale-Up Master DB Active/Passive Scale-Out Read-Only DB A CB
62
© 2012 Citrix | Confidential – Do Not Distribute DB Tier Microsoft SQL Server Scale-Up Master DB Active/Passive Scale-Out Read-Only DB Intelligent Health Monitoring - HA B Z E Y NetScaler Server unresponsive for 20 minutes – SQL Query A, Replication is being deferred also Monitor Subscription pending commands and switch SQL Requests Server back online A C FD
63
© 2012 Citrix | Confidential – Do Not Distribute DB Tier Microsoft SQL Server Master DB Active/Passive Database Failover/HA NetScaler Server goes Offline without completion of “A” & “D” NetScaler sends Resets for Active connections. Idle Connections are untouched. NS Opens New connection to backup Vserver. Server back online No switch back with “Disable Primary Vserver On Down” A D Connection Reset
64
© 2012 Citrix | Confidential – Do Not Distribute Performance validation with BreakingPoint Transactions per Second Traffic Profile: TPS_1 MPXDirectWith NS Transactions/sec 5,250 14,700 Queries/sec 21,000 58,800 Queries/minute1,260,000 3,528,000 Latency of each transaction (ms) 34 13 PE CPU use %N/A 46 SQL server CPU use % 100 SQL server RAM use (MB) 131 123 RX tput (Mbps)80/75 205/160 Client connections/ Server connections 1 1 Configuration MS SQL Server 2008 on 4-cores + 4GB RAM Server/Windows 2003 32 bit, Intel Xeon X5680 3.33 GHz Topology: 1 arm mode Switch: Cisco 3750 Traffic Profile TPS_1: user logins, issues 5 queries and log off. (logins + set database to AdventureWorks2008R2, then 4 read queries, and finally sends a FIN to terminate the connection. 3x Improvement
65
© 2012 Citrix | Confidential – Do Not Distribute Performance validation with BreakingPoint Latency Configuration MS SQL Server 2008 on 4-cores + 4GB RAM Server/Windows 2003 32 bit, Intel Xeon X5680 3.33 GHz Topology: 1 arm mode Switch: Cisco 3750 Traffic Profile TPS_2: user logins, issues 2 queries and log off. (logins + set database to AdventureWorks2008R2, then 1 read query, and finally sends a FIN to terminate the connection. The read query retrieves the last row of table "Sales.SalesReason" in AdventureWorks2008R4 database. Traffic Profile: TPS_2 MPXDirectWith NS Transactions/sec 7,100 36,000 Queries/sec 7,100 36,000 Queries/minute 426,000 2,160,000 Latency of each transaction (ms) 26 1.3 PE CPU use %N/A 65 SQL server CPU use % 100 95 SQL server RAM use (MB) 128 113 RX tput (Mbps) 60 200 Client connections/ Server connections 1 1 20x Reduction
66
DataStream Use Cases
67
© 2012 Citrix | Confidential – Do Not Distribute DB Scale-UP with NetScaler Web/App Servers Passive Active Master Database HA Setup NetScaler Connection Multiplexing reduces load Application points to Netscaler VIP Monitor DB servers with custom monitors Deploy more DBs on the same server Increase Availability and Reliability
68
© 2012 Citrix | Confidential – Do Not Distribute Scale-Up: Microsoft SQL Server Use Case Current State 1000 application servers connecting to 8 databases on each SQL server causing TCP connection explosion and increasing HP server hardware requirements without optimal CPU use. Need to add more applications while keeping the SQL server count at 400. Requirement Scale SQL server connection capacity and reduce HP server count while keeping application latency low and increasing CPU usage. NetScaler Solution SQL server connection management offloads servers and reduces overall cost with 50:1 client to server connection ratio.
69
© 2012 Citrix | Confidential – Do Not Distribute Load balance Read-only DB Servers/Snapshots Application points to Netscaler DB VIP Monitor DB servers with custom monitors Add more Read-only servers to improve performance Avoid Servers that are being updated Reduce SQL Server infrastructure cost Online Transaction Processing (OLTP) App Servers Content Master SQL Server Principal Log Data Log Data Mirror Asynchronous Mirror Peer Replication NetScaler Content DB Scaling-Out use case 99% Reads 1% Writes
70
© 2012 Citrix | Confidential – Do Not Distribute Scale-Out OLTP :MySQL/MS SQL Current State Distribute application load to 50+ Read only servers in each peer-replicated setup. Application servers statically mapped to SQL servers via custom scripts - Unmanageable server sprawl - TCP LB implementations fail due to lack of SQL connection management Requirement Load balance SQL queries to ‘Read-Only’ servers and reduce TCP connection overhead of setup/tear-down on each SQL transaction. NetScaler Solution Intelligent SQL-aware switching achieves optimal Scale out and TCP/SQL connection management reduces client server connection ratio by 10:1 or more.
71
© 2012 Citrix | Confidential – Do Not Distribute Sharding userid modulo Scaling-Out use case Application points to Netscaler DB VIP Monitor DB servers with custom monitors Shard read/write intensive tables Minimal changes to application Scale linearly Online Transaction Processing (OLTP) App Servers NetScaler $userid = 3 $userid %3 = 0 Shard 0 Shard 1 Shard 2
72
© 2012 Citrix | Confidential – Do Not Distribute DB Read/Write Split + HA with NetScaler App Servers Web Servers Passive Active Master Database HA Setup Read Only Slave Databases NetScaler Load balance Read-only DB servers Application points to Netscaler VIP Graceful Shutdown Disable Primary Vserver on Down Replication aware custom monitors Read/Write Split on NetScaler Increase Availability and Reliability Writes Reads - realtime
73
© 2012 Citrix | Confidential – Do Not Distribute High-Availability: MySQL/MS SQL Current State Distribute application load to 35 Read only servers in each peer-replicated setup. Application servers statically mapped to SQL servers via custom scripts - Master DB Failover requires manual intervention. - TCP LB implementations fail due to lack of custom SQL server monitors. Requirement Replication-aware SQL health monitors for HA and scale-out NetScaler Solution SQL LB with intelligent, replication-aware health monitors and automated, virtual IP-based IP failover with graceful shutdown and disabling the primary vserver
74
© 2012 Citrix | Confidential – Do Not Distribute TCP LB vs Custom Scripts vs NetScaler SQL LB Feature/Benefit TCP LBCustom ScriptsDataStream LB Scale-up TCP connections SQL connection offload Native SQL LB Scale out read-only servers High Availability Intelligent monitors SQL content Switching Read/Write split & Sharding
75
© 2012 Citrix | Confidential – Do Not Distribute 5-Nines DB HA Solution DC-2 DC-1 DB Tier Web Servers Service Broker - Async Updates Microsoft SQL Server Two Mirrored SQL servers Web Servers GSLB at each site (DC) Witness
76
© 2012 Citrix | Confidential – Do Not Distribute Which Databases? Typically found in dot-coms Typically found in Enterprises Under consideration for future releases
77
DataStream Configuration
78
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Config VServer
79
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Config - Services
80
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Config Monitors
81
Load Balancing
82
© 2012 Citrix | Confidential – Do Not Distribute Feature Support Connection Multiplexing / Request Switching Load Balancing Built-In Monitoring Content Switching Advanced Policy Support High Availability
83
© 2012 Citrix | Confidential – Do Not Distribute Connection Multiplexing Benefits Connection Reuse Using same server-side connection to serve requests from many client-side connections Initial engineering testing has shown ~1900 client connections running on 100 server side connections Connection Pooling Pre-established connections mean that newer clients are served faster Both of above impact latency Latency is lowered
84
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Connection Properties Username Database Packet Size Character Set – Mysql Only Protocol Version – MSSQL Only Connection Flags– MSSQL Only
85
© 2012 Citrix | Confidential – Do Not Distribute Database LB: VServer Vserver Configuration add lb vserver "MySQL VServer" MYSQL 10.90.207.154 3306 -cltTimeout 180 Recommended Load Balancing Least Connection (Default set to: Round Robin) Other Applicable LB Methods Round Robin, Least Response Time, Source IP Hash, Source IP Destination IP Hash, Least Bandwidth, Least Packets, Source IP Source Port Hash
86
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Services Service Configuration add service sql-server 10.90.34.0 MYSQL 3306 The correct monitor needs to be bound to this service. (MYSQL-ECV). This is a built in monitor (not a user scripted monitor) Provides the ability to send a SQL request and parse the response for a string.
87
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Authentication Client authenticates with NetScaler NetScaler in turn authenticates with Server & uses same credentials as client connection Monitors need to connect to a DB with a user to send a query. DB usernames and password are added to ns config Monitor simply refers to the username – and uses the stored password to authenticate against the DB.
88
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Monitors & Authentication add db user nsdbuser -password dd260427edf –encrypted add lb monitor MySQLCustomMon MYSQL_ECV -userName nsdbuser -LRTM ENABLED -interval 10 -resptimeout 5 -database tscitrix -sqlQuery "select * from eg_autoincrement;" -evalRule "MYSQL.RES.ATLEAST_ROWS_COUNT(2)“
89
Content Switching
90
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Content Switching Configuration add cs vserver cs_mysql mysql 10.102.32.67 80 add cs policy cs_select –rule “MYSQL.REQ.QUERY.COMMAND.contains(\"select\")” bind cs vserver cs_mysql lb_slave –policy cs_select –priority 10
91
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Content Switching Use case: Database partitioning (aka sharding) is being deployed at customer sites today As size of database gets prohibitive, divide up a database by tables, users, etc. across multiple servers. Deploy content switching to divide requests across the databases Provides an algorithm by which a company can have one database IP with several different databases on the backend supporting different functions. Requires no database changes Improves scalability and performance
92
© 2012 Citrix | Confidential – Do Not Distribute Advanced Expressions Request Expressions Connection Properties like username, database Request Properties like Command, Query Parsing SQL Query to give first keyword - MYSQL.REQ.QUERY.COMMAND.EQ (\"begin\") Response Expressions Response type, message, status Result Set details
93
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Content Switching
94
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Special Queries Modify the state of the connection Connection Reuse cannot take place SET PREPARE USE
95
© 2012 Citrix | Confidential – Do Not Distribute Database LB: VServer Config
96
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Service Config
97
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Monitor Config
98
© 2012 Citrix | Confidential – Do Not Distribute Database LB: Monitor Config
99
NetScaler 10 DataStream enhancements
100
© 2012 Citrix | Confidential – Do Not Distribute Feature enhancements in version 10 Database Responder Database caching SQL Token-based LB Rate limiting for SQL traffic SQL AppFlow templates SQL traffic audit enhancements
101
Database Responder
102
© 2012 Citrix | Confidential – Do Not Distribute Responder for SQL Works similar to HTTP responder Acts only on request Two types of actions: ActionBehavior OK / Error PacketSend message to client TCP resetReset the client TCP connection
103
© 2012 Citrix | Confidential – Do Not Distribute Example When a destructive query is executed, the system will send an error message to the SQL client (application): add responder action prevent_drop_database sqlresponse_error "This is a destructive operation. Database was NOT modified" add responder policy prevent_drop_database_pol MYSQL.REQ.QUERY.COMMAND.CONTAINS("drop") prevent_drop_database
104
© 2012 Citrix | Confidential – Do Not Distribute Responder Configuration for SQL Responses Additional actions/messages can be configured:
105
SQL Rate Limiting
106
© 2012 Citrix | Confidential – Do Not Distribute Limits per platform Some platforms are rate limited NS will measure the rps rate, if exceeds limit, an error message is sent to the client Error XXXX: NetScaler DataStream rate limits hit. SNMP traps can be configured for this alert softlayerNS> show alarm | grep DATASTREAM 64) DATASTREAM-RATE-LIMIT-HIT N/A N/A N/A ENABLED - ENABLED softlayerNS>
107
© 2012 Citrix | Confidential – Do Not Distribute Limits per platform (cont) PLATFORMRATE (Request Per Second) Upto VPX1000(inclusive)[vpx only]200 RPS VPX3000-8000No Rate-Limit MPX 5500-9500(inclusive)[mpx only]1000 RPS MPX/SDX starting from 10500No Rate-Limit
108
© 2012 Citrix | Confidential – Do Not Distribute NetScaler DataStream rate limits hit Attempting to install an application that populates the database will easily run over the limit …
109
RPC Content Switching
110
© 2012 Citrix | Confidential – Do Not Distribute Policy Infrastructure RPC options New expressions in PI: MSSQL.REQ.RPC.NAME MSSQL.REQ.RPC.IS_PROCID MSSQL.REQ.RPC.PROCID Only available for MSSQL Can be used in content switching
111
© 2012 Citrix | Confidential – Do Not Distribute MS-SQL Versions Recommended for compatibility if you expect some clients not to have the same version as the back end Microsoft SQL Server.
112
Audit log for SQL
113
© 2012 Citrix | Confidential – Do Not Distribute Auditing messages SS SS CSMessages are stamped as server side or client side: SS _LOGIN_ERR: UNKNOWN_USERNAME, ERROR SS _LOGIN_ERR: OUT_OF_MEMORY, ERROR SS_CONN_CLOSED, INFO CS _CONN_CLOSED, INFO ERROR INFOLog level is either ERROR or INFO CS_LOGIN_ERR: UNABLE_TO_SEND_PRELOGIN_RESP, ERROR CS_CONN_ESTD: Username:%s DBname:%s ConnID:%u, INFO Messages appear in syslog (/var/log/ns.log): Mar 12 13:25:07 192.168.10.100 03/12/2012:13:25:07 GMT NS10_node0 0-PPE-0 : DB Message 1319 0 : "MYSQL_CS_LOGIN_ERR: INCORRECT_PASSWORD Username:netscalersql ConnID:170448 Src_ip: 192.168.10.14 Dst_ip: 192.168.10.16"
114
© 2012 Citrix | Confidential – Do Not Distribute MSSQL audit log messages List of Auditlog Messages for MSSQL SS_LOGIN_ERR: UNKNOWN_USERNAME, ERROR SS_LOGIN_ERR: OUT_OF_MEMORY, ERROR SS_CONN_CLOSED, INFO CS_CONN_CLOSED, INFO CS_LOGIN_ERR: BAD_PKT_TYPE, ERROR CS_LOGIN_ERR: UNSUPPORTED_OPTION_FLAGS1, ERROR CS_LOGIN_ERR: UNKNOWN_USERNAME, ERROR CS_LOGIN_ERR: BAD_PASSWORD, ERROR CS_LOGIN_ERR: BAD_DBNAME, ERROR CS_LOGIN_ERR: UNABLE_TO_SEND_PRELOGIN_RESP, ERROR List of Auditlog Messages for MSSQL SS_LOGIN_ERR: UNKNOWN_USERNAME, ERROR SS_LOGIN_ERR: OUT_OF_MEMORY, ERROR SS_CONN_CLOSED, INFO CS_CONN_CLOSED, INFO CS_LOGIN_ERR: BAD_PKT_TYPE, ERROR CS_LOGIN_ERR: UNSUPPORTED_OPTION_FLAGS1, ERROR CS_LOGIN_ERR: UNKNOWN_USERNAME, ERROR CS_LOGIN_ERR: BAD_PASSWORD, ERROR CS_LOGIN_ERR: BAD_DBNAME, ERROR CS_LOGIN_ERR: UNABLE_TO_SEND_PRELOGIN_RESP, ERROR CS_LOGIN_ERR: UNABLE_TO_SEND_RESP, ERROR CS_LOGIN_ERR: LOGIN_PKT_GREATER_THAN_MAX_SIZE, ERROR CS_CONN_RESET: NSB_HOLD_LIMIT_EXCEEDED, ERROR CS_CONN_RESET: OUT_OF_MEMORY send_ok_failed_for_special_cmd, ERROR CS_CONN_RESET: SWITCH_FAILED, ERROR SS_LOGIN_REQ_SENT, INFO SS_CONN_ESTD: Username:%s DBname:%s ConnID:%u, INFO CS_CONN_RESET: SERVERSIDE_LOGIN_FAILED ConnID:%u, ERROR SS_LOGIN_ERR: Username:%s DBname:%s ConnID:%u, ERROR SS_LOGIN_ERR: OUT_OF_MEMORY, ERROR CS_CONN_ESTD: Username:%s DBname:%s ConnID:%u, INFO CS_LOGIN_ERR: UNABLE_TO_SEND_RESP, ERROR CS_LOGIN_ERR: LOGIN_PKT_GREATER_THAN_MAX_SIZE, ERROR CS_CONN_RESET: NSB_HOLD_LIMIT_EXCEEDED, ERROR CS_CONN_RESET: OUT_OF_MEMORY send_ok_failed_for_special_cmd, ERROR CS_CONN_RESET: SWITCH_FAILED, ERROR SS_LOGIN_REQ_SENT, INFO SS_CONN_ESTD: Username:%s DBname:%s ConnID:%u, INFO CS_CONN_RESET: SERVERSIDE_LOGIN_FAILED ConnID:%u, ERROR SS_LOGIN_ERR: Username:%s DBname:%s ConnID:%u, ERROR SS_LOGIN_ERR: OUT_OF_MEMORY, ERROR CS_CONN_ESTD: Username:%s DBname:%s ConnID:%u, INFO
115
© 2012 Citrix | Confidential – Do Not Distribute MYSQL audit log messages List of Auditlog Messages for MySQL SS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_PKT_USER_UNKNOWN, ERROR SS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_PKT_OUT_OF_MEMORY, ERROR SS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_PKT_USER_UNKNOWN, ERROR SS_CONN_CLOSED, INFO CS_CONN_CLOSED, INFO CS_LOGIN_ERR: LOGIN_PKT_GREATER_THAN_MAX_SIZE, ERROR CS_LOGIN_ERR: UNSUPPORTED_CLT_FLAGS, ERROR CS_LOGIN_ERR: UNSUPPORTED_CSET, ERROR List of Auditlog Messages for MySQL SS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_PKT_USER_UNKNOWN, ERROR SS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_PKT_OUT_OF_MEMORY, ERROR SS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_PKT_USER_UNKNOWN, ERROR SS_CONN_CLOSED, INFO CS_CONN_CLOSED, INFO CS_LOGIN_ERR: LOGIN_PKT_GREATER_THAN_MAX_SIZE, ERROR CS_LOGIN_ERR: UNSUPPORTED_CLT_FLAGS, ERROR CS_LOGIN_ERR: UNSUPPORTED_CSET, ERROR CS_LOGIN_ERR: UNKNOWN_USERNAME, ERROR CS_LOGIN_ERR: PASSWORD_LONGER_THAN_MAX_LIMIT, ERROR CS_LOGIN_ERR: INCORRECT_PASSWORD, ERROR CS_LOGIN_ERR: DBNAME_LONGER_THAN_MAX_LIMIT, ERROR CS_LOGIN_ERR: UNABLE_TO_CREATE_UDB, ERROR CONN_RESET: Extra data received after TCP handshake, ERROR CS_LOGIN_ERR: UNABLE_TO_SEND_HANDSHAKE, ERROR CS_CONN_ESTD, INFO CS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_OK, ERROR SS_LOGIN_ERR: UNABLE_TO_PARSE_HANDSHAKE, ERROR SS_LOGIN_REQ_SENT, INFO CS_CONN_RESET: SERVERSIDE_LOGIN_FAILED, ERROR SS_LOGIN_ERR: SERVERSIDE_LOGIN_FAILED, ERROR SS_CONN_ESTD, INFO SS_CONN_RESET: UNABLE_TO_POPULATE_SRVR_INFO, ERROR SS_CONN_RESET: TRYING_TO_SEND_RESP_BEFORE_REQ, ERROR CS_LOGIN_ERR: UNKNOWN_USERNAME, ERROR CS_LOGIN_ERR: PASSWORD_LONGER_THAN_MAX_LIMIT, ERROR CS_LOGIN_ERR: INCORRECT_PASSWORD, ERROR CS_LOGIN_ERR: DBNAME_LONGER_THAN_MAX_LIMIT, ERROR CS_LOGIN_ERR: UNABLE_TO_CREATE_UDB, ERROR CONN_RESET: Extra data received after TCP handshake, ERROR CS_LOGIN_ERR: UNABLE_TO_SEND_HANDSHAKE, ERROR CS_CONN_ESTD, INFO CS_LOGIN_ERR: UNABLE_TO_SEND_LOGIN_OK, ERROR SS_LOGIN_ERR: UNABLE_TO_PARSE_HANDSHAKE, ERROR SS_LOGIN_REQ_SENT, INFO CS_CONN_RESET: SERVERSIDE_LOGIN_FAILED, ERROR SS_LOGIN_ERR: SERVERSIDE_LOGIN_FAILED, ERROR SS_CONN_ESTD, INFO SS_CONN_RESET: UNABLE_TO_POPULATE_SRVR_INFO, ERROR SS_CONN_RESET: TRYING_TO_SEND_RESP_BEFORE_REQ, ERROR
116
© 2012 Citrix | Confidential – Do Not Distribute MYSQL audit log messages (cont) SS_CONN_CLOSED: TCP_CONNECTION_CLOSED, INFO SS_LOGIN_ERR: EXTRA_BYTES_RECEIVED, ERROR SS_CONN_RESET: REQLIST_SEND_FAILED, ERROR CS_CONN_RESET: NSB_HOLD_LIMIT_EXCEEDED, ERROR CS_CONN_CLOSED: QUIT_CMD_RECEIVED, INFO CS_CONN_RESET: OUT_OF_MEMORY for qs_node, ERROR CS_CONN_RESET: OUT_OF_MEMORY send_ok_failed_for_special_cmd, ERROR CS_CONN_RESET: SWITCH_FAILED, ERROR SS_CONN_RESET: UNEXPECTED_DATA_FROM_SRVR, ERROR CS_CONN_RESET: STATE_UNKNOWN_CONN_NOT_LINKED, ERROR SS_CONN_RESET: STATE_UNKNOWN_CONN_NOT_LINKED, ERROR
117
© 2012 Citrix | Confidential – Do Not Distribute Token LB for SQL Request having the same token are sent to the same service If not token found in request, RR method is used Hash of the token is computed (case insensitive) If server is not available, or max. connections limit reached, a new hash will occur Available for MYSQL/MSSQL/TCP/SSL_TCP
118
© 2012 Citrix | Confidential – Do Not Distribute Token LB Configuration add lb vserver MYSQL -lbemthod token -rule MYSQL.REQ.QUERY.COMMAND.TEXT add lb vserver MSSQL -lbemthod token -rule MSSQL.REQ.QUERY.COMMAND.TEXT
119
© 2012 Citrix | Confidential – Do Not Distribute Rule examples MYSQL: MYSQL.REQ.QUERY.TEXT MYSQL.REQ.QUERY.TEXT(n) MYSQL.REQ.QUERY.COMMAND MYSQL.CLIENT.USER MYSQL.CLIENT.DATABASE MYSQL.CLIENT.CAPABILITIES MYSQL: MYSQL.REQ.QUERY.TEXT MYSQL.REQ.QUERY.TEXT(n) MYSQL.REQ.QUERY.COMMAND MYSQL.CLIENT.USER MYSQL.CLIENT.DATABASE MYSQL.CLIENT.CAPABILITIES MSSQL: MSSQL.REQ.QUERY.TEXT MSSQL. REQ.QUERY.TEXT(n) MSSQL.REQ.QUERY.COMMAND MSSQL.CLIENT.USER MSSQL.CLIENT.DATABASE MSSQL: MSSQL.REQ.QUERY.TEXT MSSQL. REQ.QUERY.TEXT(n) MSSQL.REQ.QUERY.COMMAND MSSQL.CLIENT.USER MSSQL.CLIENT.DATABASE
120
© 2012 Citrix | Confidential – Do Not Distribute Configuration example add lb vserver MYSQL_vserver MYSQL 192.168.10.16 3306 -persistenceType NONE - lbMethod TOKEN -rule MYSQL.CLIENT.DATABASE -cltTimeout 180 MYSQL_vserver: DB: SampleDB1 MYSQL_vserver: DB: SampleDB2 Connection is load balanced based on the database name requested Connection requests from the same client, but to a different database are forwarded to an alternate server
121
© 2012 Citrix | Confidential – Do Not Distribute LAB – Module 6 – Exercise 1,2,3,4,5 To continue with the lab, browse to: http://training.mycitrixcloud.net/geoilt Enter you business email and this session code: NETSCALER-WORKSHOP
122
Work better. Live better.
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.