Citrix NetScaler is a great product. It offers more features than you can shake a stick at and, as such, is one of the Application Delivery Controller (ADC) market leaders. The flip side of this, however, is that its complexity means it can require specialist skills to backup and restore.
Here I outline some of the key pitfalls to have on your watchlist when backing up and restoring a NetScaler appliance, based on my own experience.
Why on earth is Loadbalancer talking about Citrix?
Has Loadbalancer.org gone completely mad? Why on earth are we talking about a competitor product? No, we're not crazy (well, maybe a little...)! We know our customers leverage a range of vendors to meet different needs. And our objective as a company has always been (and will continue to be) to take away the pain of downtime (regardless of who provides the ADC solution).
That's why Loadbalancer has created the ADC Portal, a vendor-agnostic centralized management platform to help you more effectively and efficiently manage your load balancer estate — regardless of which brands you own. So, moving forward, we will be providing lots more helpful content, covering a wide range of different ADC manufacturers, to guide you on your journey towards zero downtime.
By the way, before we get started you should note: Citrix and NetScaler are trademarks of Citrix Systems, Inc. (Loadbalancer.org Ltd has no affiliation with Citrix Systems, Inc. so use of these names, trademarks and brands does not imply endorsement by either party).
Maintenance, features, or a CVE are all good reasons to upgrade your NetScaler appliance. However, as with any complex task undertaken for the first time, it can get a little confusing. The good news, though, is that over time, with experience gained, things thankfully get easier. But that's enough from us. Over to Mick...
Know which NetScaler backup APPROACH you want
NetScaler backup functionality is essential to protect yourself in a disaster recovery scenario, or to give you peace of mind during a big change.
Because a NetScaler appliance has both a command-line interface (CLI) and a graphical user interface (GUI), the first step is to decide which NetScaler backup and recovery method you want to take advantage of.
There is no advantage to using one over the other, so it boils down to personal preference. The resulting backups are all the same!
We will cover both approaches in this blog. But before you attempt to backup a NetScaler appliance, there are some important caveats to be aware of.
💡 PRO TIP
Caveats to note BEFORE you start to backup the appliance!
Backups do NOT restore older firmware versions. Backups should always be saved offline, in case your NetScaler is unreachable. Backups should only be used as a last resort, there is always risk of something not importing correctly. It’s more favourable to restore a small setting by hand than to use a backup. The backup should be treated as sensitive data.
Know which NetScaler backup LEVEL you need
There are two different levels of backup available in NetScaler: basic and full.
A basic backup contains the data that relatively gets changed the most.
For example, but not limited to:
A full backup contains the basic backup files with the addition of files that are changed less frequently, for example, certificates and license files.
The maintained list of included files can be found on Citrix’s website here.
💡 PRO TIP
If you are in any doubt about which backup level you need, create a FULL backup.
Having too many files won't cause you any headaches, but having too few files will! Please always consider the backup to be sensitive data and do NOT upload or share it with others (in the same way you would treat any sensitive data). The reason I classify it as sensitive data is that the ns.conf file contains IP’s and hashed passwords.
How to create a Citrix NetScaler GUI backup
Now let’s start with creating a backup in the GUI (graphical user interface).
The NetScaler appliance creates a backup of the saved configuration.
💡 PRO TIP
Make sure all changes are written to your saved config before you perform the backup!
You can easily do this by using the save button on the top right corner:
The configuration is now primed for a backup.
The backup functionality can be found in:
Configuration > System > Backup and Restore > Backup/Import
Next, to create the backup, press the ‘Backup/Import’ button:
Select 'Backup and Restore'
Click the 'Backup/Import' button
You will then see that there are two different versions of backup ‘Level’. Select one based on your newly found knowledge in previous ‘Know which backup level you need’ section of this blog (above):
Add your 'File Name'
Select the relevant 'Level'
Add a Comment to help you distinguish between backups
Click the 'Backup' button
After the backup has been created, you can now easily 'Download' or 'Restore' the backup with the menu options:
Tick the backup you want to 'Download'
Click on the 'Select Action' menu and opt for 'Download'
And there you have it. Your GUI backup is complete.
How to restore a Citrix NetScaler GUI backup
Should you need to restore a GUI backup, here are the steps to follow:
Tick the backup you want to 'Restore'
Click on the 'Select Action' menu
Opt for 'Restore'
If you select the 'Restore' option on a backup, you will then see the following:
As soon as you click ‘Restore’, it will then start the restoration.
This takes a little while, but then you will be presented with the following warning:
💡 PRO TIP
Make sure you do a (warm) reboot! A warm reboot is faster, but not required.
You can perform a warm reboot by navigating to ‘System -> Reboot’:
Click on 'Configuration'
Click on 'Reboot'
And voila! After the reboot, your settings will be restored.
How to create a Citrix NetScaler backup in the CLI
You can connect to your NetScaler appliance over SSH (the Secure Shell or Secure Socket Shell protocol) with any tool you prefer.