It's that time in the XenApp world again... Migration.  With the release of XenApp 5, many of you are contemplating a migration.  Why is migration such a big deal? I've heard numerous reasons like "It takes a long time to test my applications with the new XenApp (especially true if there is a new operating system involved)", "It takes a long time to rebuild my servers as I have to update my server build scripts" or "My current XenApp environment works fine, so why change it".

Those were all good points a few years ago.  But with the enhancements and optimizations made on XenServer for XenApp virtual machines, it is a great time to test server virtualization for XenApp to simplify migration.  And if we virtualize the XenApp servers, migration to XenApp 5, 6, 9, 11 or even XenApp 243 will be even easier (of course we will have changed the product name a few times. Let me hear a Hallelujah for HomerFrame or XenHomer).

But if we are going to migrate to XenApp 5, why not make the migration easier. Just how will XenServer make migration easier?  That is a great question, and I'm glad I asked it

Hardware
First, part of a new XenApp version means organizations will have to update their server builds.  Many of the server builds I've seen are complex scripts or require many manual changes once the build is complete.  Many times, there are multiple builds because of differences in the underlying hardware.  With XenServer , the links between the OS and the hardware are cut resulting in the ability to create a single build that can span multiple hardware variations.  How many fewer images will you now have to maintain?  Simplified

Optimization
With XenApp, you want to get the most users out of  your hardware.  This has been true with previous versions, is true with XenApp 5 and will be true in the future versions.  With a new OS and a new XenApp, do you have any idea how much hardware you need to support your users for the different application sets?  This is a challenge, especially when trying to design the new environment.  When you designate a server for a certain function, it is awfully hard to change the server's function, unless you virtualize.  With XenServer, you can make a virtual machine into anything you want.  You can move the running virtual machine to another physical server without the users ever knowing.  With XenServer and XenApp, you are no longer stuck in your static environment; instead, you are dynamically changing the environment based on the needs of the business. Simplified

Maintenance
How many of you like spending your days patching servers?  Not many.  Unfortunately, with each piece of software, there will undoubtedly be patches. With physical servers, you have to patch each server. With server virtualization, you still have to patch each virtual server.  But with XenServer Platinum, you only have to patch your base image, which is delivered to the virtual server via Provisioning Server.  If I have one XenApp image for SAP and another XenApp image for all of my other applications, I only have to patch both of those images.  Those images are then streamed to hundreds of physical or virtual servers.  Simplified

Evaluate
How could we do a migration without evaluating the apps and OS and XenApp configuration? This is critically important, especially if you are upgrading to a new OS like Windows Server 2008. With XenServer Platinum, the evaluation and testing phase is simplified.  How do you typically do this?  Well, you build the environment in a test lab.  You run test, modify, re-test. The cycle continues until a golden image is created.  That image must be used as a guide for rolling into production.  If you use scripts, you have to figure out how to script the build process to mimic your image.  If you use cloning solutions, you have to modify based on hardware.  If you use Provisioning Server, which is part of XenServer, you take your server, create a Provisioning Server image, and copy the image to production for delivery.  Simplified.   

Rollback
Let's say you upgraded without doing a proper test (shame on you).  As it turns out, one of the applications, which unlucky for you, is mission critical and is not working correctly.  What do you do?  Well, you have a few options:

• Try to troubleshoot and fix. You will be under the gun to get it fixed quickly as the business needs the application.
• Rebuild the physical server with the old setup. This will take a few hours for the build to complete and configure the applications.
  

Neither of those options sounds good to me.  Instead, if the environment was virtualized with XenServer Platinum, you would easily be able to change the version of XenApp delivered based on the Provisioning Server image you associated with each target device.  Simplified

XenServer for XenApp can simplify migrations by focusing on the areas of Hardware, Optimization, Maintenance, Evaluation and Rollback (This is what I like to call the HOMER Criteria).   It's a great way to get more done without working harder.  You get the migration done faster while providing a more dynamic environment for the business. 

Daniel

If you attended the live TechTalk, there were more questions than I could answer in the time allotted.  If you want, the recording of the webinar can be found here. Also, don't forget to check out the guides and reference architecture for the end-to-end virtual desktop solution:

• Implementation Guide
• Reference Architecture

But now it is time for the Q&A...

Q: So I have Presentation Server 4.0 and can publish desktops.  What does XenDesktop do differently?

A: An Excellent question and a great one to start this blog. One of the big differences between a XenApp (Presentation Server) desktop and a XenDesktop desktop is in XenDesktop you are essentially on your own workstation.  This means you can more easily allow your users to personalize and customize the applications to best suit their needs.  One of the major concerns I've seen and heard from numerous organizations using published desktops on XenApp was the desktop was static.  They couldn't change their backgrounds. They couldn't customize their applications. They couldn't do certain tasks because the XenApp server was locked down so tightly because that desktop is shared by many users.  In XenDesktop however, you can let your users modify the settings, customize the look and feel and try to better align the desktop with their job function.  On another aspect, there might be applications that just don't work on Terminal Services or XenApp for any number of reasons. However, XenDesktop is not built a multi-user operating system like Terminal Services. Is it meant for desktop operating systems like Vista and XP.  If the app works on your desktop, it should work on the virtual desktop.

Q: Can you please elaborate on the desktop receiver?  How different is it from an ICA client, and will it be available for a variety of thin client devices? 

A: In part, the desktop receiver is similar to the ICA client in that it allows ICA connections to XenApp and XenDesktop sessions.  The Desktop Receiver also includes visualization customization options through the use of a toolbar in the virtual desktop window.  If you just used the standard ICA client, a connection to XenDesktop would work, but you would be unable to fully customize the view.

Q: Will the user notice any slowness during a XenMotion transfer?

A: Yes. The user will most likely experience a pause or slowness in their session (100-200ms) during a transfer. However, the session and the data will not be lost. In most instances, the user will be completely unaware of the pause unless they are staring at the monitor and interacting with the session.

Q: Roughly how many VMs can a controller handle?

A: I wish this was an easy question to answer, unfortunately it is not.  I can tell you that we have seen a single controller manage 1500 desktops without reaching a the breaking point (standard server hardware was used 2 processors, dual core, 2 GB RAM).  Because XenDesktop is based on a farm architecture, we can simply add another desktop controller when one becomes maxed out.  If you remember the processes that occurred during a virtual desktop startup, it essentially comes down to the virtual desktop registering itself with the controller and then the controller routing a user request to the virtual desktop.  These processes happen quickly with little impact to the server. Once the virtual desktop is up and running, very little activity is required by the controller except to verify the virtual desktop is still running.

Q: To provide high-availability for the AppHub, you used a NetScaler to load balance the requests. Do you need to load balance multiple NetScalers?

A: No.  There should be 2 NetScalers in the architecture though, setup in a HA Pair. The HA Pair will be in an Active-Passive mode. If the Active NetScaler were to fail, the Passive NetScaler would take over immediately.

Q: So where do you install the applications if you don't install on the virtual desktop?

A: It depends how you want to deliver the application.  The recommendation is to stream using XenApp and to host using XenApp. When the user is logged onto their virtual desktop, the Application Receiver (similar to PN Agent), will auto-logon with the user's credentials.  The App Receiver will show a list of applications for the user on the virtual desktop, start menu or system tray. Those applications are not installed, they are just icons.  When the user selects one icon they will

1.       Hosted: start a session on a remote XenApp server and execute the application from there

2.       Stream: have the application streamed to the virtual desktop on-the-fly.  The application will run from the virtual desktop. 

Both options are valid and appropriate for different circumstances.  That is a longer discussion, which I hope to extrapolate on in an upcoming blog post. Hmmm, did I just commit to something else? I gotta stop doing that.

Q: What impact would XenDesktop have on apps which are not Windows Terminal Server compliant?

A: They should work.  Terminal Services is a multi-user OS and we try to run single-user apps on top of it. Most applications work fine, but there are a handful which do not for some reason or another. XenApp has tried to overcome these challenges with technologies like AIE or virtual IP, but there are still some apps that don't play nicely on a multi-user OS.  With XenDesktop, you are using Vista or XP.  That desktop, for the duration of the session, belongs to a single user.  This should help to overcome many of the app challenges we have all experiences with a Terminal Services infrastructure.

Q: Does each XenDesktop instance take up a citrix license?

A: Yes. Each virtual desktop connection equates to a XenDesktop license.

Q: Do you have to have XenDesktop with XenApps?

A: No.  You can run XenDesktop without XenApp and it runs fine.  The integration of XenApp with XenDesktop allows for the reduction in the number OS images you must maintain because the applications have been removed. For example, your entire organization probably runs 1 or 2 desktop OS but you have more than 1 or 2 desktop images. Why? Probably because of the application set. 

Q: Do you have to buy separate licenses for each provisioning server?  Or do you get rights to configure a dev/test and production server when you buy the product.

A: Provisioning Server licensing is based on streamed desktop. So you can setup a Provisioning Server in Production and Test and they don't require a license until you stream desktops. Then each streamed desktop requires a license. If no license is available, the desktop will shut down after a few minutes.  

Q: How do the vm's continue to run if the host physically goes down in the case of a hypervisor failure?

A: If the host physically fails, the virtual machines go offline as well. Any unsaved data is lost. The virtual desktop will restart on another available XenServer.  The time required will be based on how long it takes for the virtual machine to boot. Think about this as well, if your physical desktop fails, power outage, etc, you also lose everything unsaved. 

Q: What do you do about applications that aren't supported in XenApp, do you then have to have an image that contains that app?

A: No. If the application doesn't work on XenApp, I would suggest trying to create an application profile for the app.  That profile will then stream down to the virtual desktop when the user requests the application.  The app will run ontop of XP or Vista and not XenApp.  This should help with those troublesome applications.

Q: Do we need to install the applications on all the desktops or only on the base OS

A: Ideally, you don't install the apps on the base OS.  The base OS is just the OS and some agents.  When the user logs on, they automatically get their applications from a XenApp backend.  When the user selects an app, the app is either launched remotely from a XenApp server or streamed down to the virtual desktop.  If you must update the app with a hotfix, you update the application profile once, and those updates are streamed down to all virtual desktops automatically.

Q: I have Presentation Server now. What are the migration steps for moving to XenDesktop?

A: If you already have your Presentation Server (XenApp) architecture, then your move to XenDesktop is fairly straight forward. You want to leverage your XenApp install to better delivery applications into the virtual desktop.  I would suggest looking at the Pilot Reference Architecture and the Implementation Guide to help you through the setup and integration.

Q: I use ISA to publish my internal URLs.  Is there a way in XenDesktop to use a different port for the URL that it gives out?

A: Many of the ports and addresses inside of XenDesktop are customizable. 

Q: Could one use Citrix Access Gateway or Netscaler for secure desktop delivery?

A: Yes.  That is the best integrated solution.  With Access Gateway or NetScaler, you can setup secure, remote desktop delivery without requiring users to open up a full VPN tunnel. They will instead be able to encapsulate ICA traffic inside of SSL so it is secure over the Internet. If you go with NetScaler, you have the option of using and integrating the high-availability options for XenDesktop like load balancing and global server load balancing. These materials (Reference Architecture and Implementation Guide) explain how this works for a XenApp environment, which would be similar to a XenDesktop environment.

Q: Is the app receiver like a PNAgent?

A: Yes, that is the best way to think of it for those familiar with PN Agent.

Q: When Hypervisor #1 goes down, how does Hypervisor #2 know about the #1 server's session's virtual memory and use it to run those sessions on Hypervisor #2?

A: It doesn't.  If the hypervisor fails, then the data is lost.  You can only move a running VM to another XenServer without losing data. If the XenServer physically fails, then the virtual machine can be automatically restarted on another virtual machine.

Q: What is the difference between the VD Receiver and the XenApp ICA client 10.2?

A: The main difference right now is that the Desktop Receiver contains the functionality for a toolbar allowing you to more easily customize the window of the virtual desktop. 

Q: You mentioned the User Profile Manager provides some cross-platform compatibility, can you expand on that?

A: I would recommend taking a look at David Wagner's blogs on the UPM here:

http://community.citrix.com/pages/viewpage.action?pageId=34439480

http://community.citrix.com/pages/viewpage.action?pageId=35291139

http://community.citrix.com/pages/viewpage.action?pageId=33587458

Q: Can machines be added to the Desktop Broker that do not have the XD Client, but instead just use a traditional RDP or VNC connection?

A: At this time, the connections are through ICA and require the Virtual Desktop Agent installed on the virtual desktop. The agent is responsible for the ICA connection as well as registering with the XenDesktop controller.

Q: You said that XenDesktop is supported on Virtualization OS other than Citrix - Microsoft Hyper-V and VMWare ESX; is it supported on the Oracle VM also?

A: Not at this time. 

Q: Can this support multiple versions of the same software suite?  I.E. I have most of my users using Office 2003 Pro but I have a select group using Office 2007 Pro Plus, can this be done with XenDesktop?

A: Yes.  You can either have the apps available for different users (one user group gets 2003 and another gets 2007) or you can have both apps be available for all users simultaneously and be executed from the same virtual desktop when the applications are streamed with XenApp.  

Q: I have several users that need to use Adobe Acrobat Professional and at this time, Acrobat will not install on a Terminal server, this causes us to have to have local PCs for these users, does XenDesktop adress this issue and allow me to give my users, who need it, access to Acrobat Pro?

A: Yes.  You should first try to have a base virtual desktop image and stream Acrobat Pro down to the virtual desktop.  If the app streaming does not work, you can also create a Acrobat Pro virtual desktop where the application is installed and part of the base OS.  That base OS will be published to the appropriate users.

Q: Can you "publish" a virtual desktop from xenapp server?

A: Yes, but that virtual desktop is not the same as a XenDesktop virtual desktop. See the very first question.

Q: What thin client devices can this be used with?  Is there a thin client with Desktop Receiver? Does this work with Sun Ray's and Sun Secure Global Desktop

A: Take a look at the Citrix Ready site. There is a specific section focused on Desktop Appliances.

Q: Does this work with non x86 UNIX/Linux OS's

A: Currently it only works for XP and Vista.

Q: Can a user change clients without losing their virtual desktop.  i.e. can I disconnect form machine 1 go to machine 2 and reconnect and still have the original virtual desktop and continue with the original virtual desktop.  Also, does the system keep running while disconnected (i.e. a compile would continue)

A: Changing endpoints but going back to the same virtual desktop is possible with a feature called Workspace Control (it is part of XenDesktop).  As for running while disconnected, it can you if you want it to. 

Q: How do you handle boot storms?

A: Get an umbrella.  This is actually a very serious concern. If you try to boot up 1000 virtual desktops at once, you will most likely have some challenges on many fronts, just due to the impact on everything.  This will in turn result in users not getting to their virtual desktop or being required to wait a very, very, very long time.  XenDesktop allows you to set idle limits based on the time of day.  If the morning rush starts at 9AM, you will want XenDesktop to start prepping the environment around 7 or 8AM to make sure everything is ready for the rush.  You do this with the Idle limits shown in a previous picture.   

Q: Is the OS image hardware independent, or do you have to have a separate OS image for each hardware variant in your environment?

A: If you are running on XenServer, then all images have the same hardware footprint (the XenServer virtual space) even though the XenServer might be on different hardware.  You can use the same  OS image to stream to a XenServer virtual machine and a physical server by configuring a common image where drivers are incorporated into the base image.

Q: How would this be in a WAN env?

A: Pretty good. The protocol XenDesktop uses is Citrix's ICA protocol which has been used for years with XenApp (Presentation Server, MetaFrame).  This protocol only sends the screen updates down to the end point.  So when you are typing in Word, only the images of the letters get sent, if they changed.  ICA also has been enhanced greatly over the years to support audio, video and numerous other areas.  Truthfully, the only way to be certain it will work for you is to try it out by getting the free evaluation kit.

Q: Our env is highly integrated, we have found that streaming applications to be nearly impossible.

A: By highly integrated, I assume you mean many of your applications rely on each other.  App streaming is a great idea, but this was a huge problem. First, the background. When you stream, each app is in its own container.  Those containers are separate and do not interact.  That is a major problem for environments like yours.  What ends up happening is you have 2 different enterprise applications that each rely on Excel.  You create one profile for one enterprise app and include Excel. You then create another profile with the second enterprise app and Excel.  When you have updates to Excel. You have to update both profiles. This is hard to manage and maintain. 

Have you looked into XenApp 5, just released? It has major updates to XenApp streaming where these different containers can now talk to each other. So in the previous example, you would have 3 profiles, 1 for each of the two enterprise apps and another profile for Excel.  You configure the profiles to work with other profiles. This should help you overcome the major challenges you experienced in the past.

Q: Does this require an AD schema update?

A: No.  It does use AD, but it does not require Schema updates. (thank goodness).

Q: Streaming is overbilled it doesn't address application integration

A: I would love to hear more.  I agree in the past App streaming was a challenge because of communication limitations between applications, but with XenApp 5, those challenges are being mitigated with inter-isolation communication.

Q: Can you use a Microsoft load balancer to replace the NetScaler?

A: Yes. There are many differences that would take a lot of time to explain, but for simplicity, NetScaler has specific smart monitors and high-availability options for XenApp and XenDesktop that makes it easy to configure and setup.

Q: Is it possible to stream this over the internet at all? For example hosting the desktop at a datacenter

A: Well, the desktop and application stream would stay within the data center.  Users would connect to the virtual desktop in the data center with the Desktop Receiver, which relies on the ICA protocol.

Q: What happens if there is no controller available?

A: If all of your XenDesktop controllers fail, currently connected users will be fine. New connections will not be allowed.

Q: If the user count is small and all use same apps would it make sense to install all apps on provisioning server and by-pass streamed/hosted options.

A: It does make sense and is a possible option. 

Q: Does XenDesktop with installed apps optimize video/audio significantly more than a VMware VDI desktop?

A: Hosted, installed or streamed apps really don't make much of a difference when you talk about the optimization of video and audio t the endpoint.  What does play a major part is the delivery protocol.  The Citrix protocol, ICA, is used by millions of users who connect to XenApp published applications. That same protocol is used to delivery virtual desktops.  Truthfully, the only way you will be able to see is to try it out for yourself. 

Q: How do apps that are launched from other apps work - things like GoToWebinar or Flash, which are launched from a browser? What about plugins that require installation that are not on the gold desktop?

A: Plugins and flash and other items that were not part of the base OS image can be installed on the virtual desktop by the user.  However, that installation only impacts that particular virtual desktop. The changes made by the installation are contained in a write cache. When the user reboots the virtual desktop, that write cache is destroyed.  The next time the user connects to the virtual desktop, they would have to re-install the agent. This is a big reason for identifying the needs of the user. It allows us to identify the agents and plugins that are needed. But just because it is not part of the base image, doesn't mean the user can't add it on-the-fly.

Q: Is there a plan to provide a "Offline XenDesktop" in the future? (similar to VMwares OnDemand VDI)

A: I have heard people talk about it, but am not in the product group so I'm not certain what the roadmap looks like.

Q: what is best practice for managing XD workstation log files, taking into account that the log data is lost after every reboot? 

A: the log files would need to be stored on a network share that is persistent.   

Q: Does this support any Linux Desktops?

A: Not currently

Q: Do you absolutely need the Access Gateway?  I have WI with the CSG.

A: I believe you would be able to use Secure Gateway instead of Access Gateway.

Q: Will XenDesktop work with VIrtual Iron and XenApp?

A: right now XenDesktop only supports XenServer, Hyper-V and VMware ESX as the hypervisor.

Q: You had to mention NetScaler.  So what are all us normal or smaller companies going to use?  I hear that a NetScaler starts at $20K plus.

A: You can use software or hardware based load balancers.  NetScaler just includes integrated monitors and wizards to make configuration easier.  However, load balancers like Microsoft load balancing would work as well, you just want to make sure that the devices you are load balancing are being monitored intelligently (but even a Ping is better than nothing).  

Q: What happens when the Hypervisor fails and there are too many VMs moved to a single host?  Do some of the machines get put in stasis, are they shut down, or do all VMs suffer slowness?

A: With XenServer (Orlando) you can set priority levels for the virtual machines.  The ones with highest priority will be restarted on available XenServers, others will not. 

Q: What happens to data in the case of an Application Hub failure caused by a XenApp server crash?

A: This is the interesting thing with XenApp and application streaming. XenApp is needed to identify and start the stream, but once the desktop receives the stream instructions, the Xenapp server is removed from the equation.  So if I'm receiving my app stream, it is coming from the App Hub and the XenApp server is doing nothing.

Q:  In terms of client hardware would this work with WYSE thin clients?

A: You will want to look at the Citrix Readysite for desktop appliances.  Those devices that are not on the list might work, but you want to test.

Q: What are the differences in performance installing this on ESX server 3.5?

A: I haven't seen published stats on that scenario yet.  Until that time, you might want to try downloading the XenDesktop eval and trying it on both hypervisors.

Q: What's server cache??

A: The cache is for Provisioning Server (OS Streaming). Provisioning Server streams a base OS to hundreds of workstations.  Those workstations use a Standard Image (Read Only) to receive their desktop OS.  Any changes the user/desktop makes to that image are stored in a write cache. 

Q: This question is regarding licensing.  Do you utilize 2 different concurrent session licensing for any XenApp published applications running on Xendesktop?  please explain how it the licensing works.

A: Licensing is such a fun topic.  Citrix licensing for XenDesktop is concurrency for the virtual desktop and the app delivery.  With XenDesktop Enterprise and Platinum, you get XenDesktop, Provisioning Server and XenApp for Virtual Desktops. Each one is concurrency. So when you start 1 desktop and have applications, you use 1 XenDesktop, 1 Provisioning Server and 1 XenApp license. Of course when you purchase XenDesktop Enterprise or Platinum, the licenses are part of the package.  Take a look at the editions here. 

Q: I guess we need to have our own SSL solution. It is not part of XenDesk components, right?

A: With Standard, Advanced, Enterprise or Platinum edition, you get Access Gateway licenses which provide secure, remote access using SSL.

Q: Is XenDesktop the same as Desktop Broker?  We want to display a physical PC (a CAD workstation) across the WAN using ICA.

A: Sort of. XenDesktop replaced Desktop Broker.  Desktop Broker used an ICA server as a proxy to RDP to workstations. With XenDesktop, you get ICA from your end point to the virtual desktop.  Plus, XenDesktop incorporates many other technologies to make a more complete end-to-end solution. 

Q: Will Secure Gateway work or does it have to be the Access Gateway?

A: Secure Gateway will work.

Q: On average how many users can one XenDesktop and XenServer host?

A: XenServer is really going to be based on the amount of RAM.  Very few physical desktops utilize their CPU. If you are hosting Vista desktop on XenServer, the general recommendation for Vista is 1-2GB of RAM. If you have 64GB of RAM on XenServer, and you have 1GB RAM for each Vista desktop, you will end up with 60-62 virtual desktops (XenServer takes RAM too, which is why it isn't 64). However, the processor is the big question and the only way to really see that is to test it with real users and see how much they hit the processor.   

Q: What are some of the main differences between XenDesktop and Citrix Provisioning Server?

A: XenDesktop is the complete, end-to-end solution of virtual desktops.  Provisioning Server is a component of XenDesktop.  Provisioning Server allows a single OS image to be streamed to hundreds or thousands of devices across the network. This has advantages of only requiring administration of a single image for many desktops. 

Q: You mentioned Citrix User Profile manager is in Tech preview at the moment.... when can we expect this to be generally available? Will this be included with XenApp 5.0 which is due for release next month? 

A: I don't know the release dates for User Profile Manager and it isn't part of the XenApp 5 release either.

Q: Is this only for high-speed connections (local LAN) vs WAN as some of our sites are only 256MB frame relay?

A: No.  The remote delivery protocol that XenDesktop uses is Citrix ICA which has been used for numerous years by millions of users to remote connections.  I've seen organizations use ICA for any number of connections including dial-up and satellite. 

Q: Which of these products mentioned are extra to XenApp as we have Subscription Advantage and Enterprise Edition?

A: XenDesktop is a new product line different that the XenApp product line.  XenDesktop Enterprise does include a portion of XenApp, but it only allows application delivery to virtual desktops, where the XenApp product line allows application delivery to any end point. You will probably want to check out the product matrix.

Q: I'm looking for a VPN replacement.  Will you talk about the Remote user scenerio where I want to present a full desktop to a remote Work from Home user or newly aquired company where I need to provide a Desktop to them via citrix?

A: Access Gateway.  This will allow you to do just what you are looking for. You have two options on the configuration: Virtual desktop only or Full VPN. The Virtual desktop only option will only allow the user to have connection to the virtual desktop over ICA.  The user's endpoint won't technically be on the network, helping to protect the internal environment. With the full VPN configuration, the user will have a connection to the network. They can connect to a virtual desktop and browse the network from their end point.

Q: Is the streaming of virtual desktop accelerated over the network?  We have the Citrix WAN accelerators.  Does this work?

A: It might, I've never tried or it seen anyone try it.  As WANScaler works at the network stream and is not concerned with files or data, the Provisioning Server stream should show a lot of duplication as it goes from the central Provisioning Server to the numerous virtual desktops.

Q: What is the best way to run CadCam Civil 3D application for remote and internal networks? Can XenApps support and deliver CadCam Civil 3D Applications remotely? How much bandwidth is required?  Who can I call to assist me in setting up a Virtual desk top solution for CadCam Civil 3D

A: I unfortunately don't have experience with that particular application. You best bet would be to setup it up in a test environment and see how it functions.  Citrix's Consulting group can help with this type of testing, as they have done this with numerous organizations in the past. I should know as I used to be in Citrix Consulting. The Consulting information can be found here.  

Q: If I understood, we have the option to serve only the apps of the desktop to the user? Is there an installed client program on the client machine?

A: Yes, if the end point is going to get desktops, you want the desktop receiver. If the end point needs applications you use the Application Receiver.  They are very similar and can be used together. In most situations, you would have the Desktop Receiver on your end point and the Application Receiver on the virtual desktop.

Q: Can this solution work on a 10/100 MB network?

A: It all can, but you have to be concerned with the number of users and the number of desktops being streamed as the streaming is using the network. Now if your environment has your users on the 10/100 network and the infrastructure components (XenDesktop, XenServer and Provisioning Server) on a faster network, then that architecture easily works as the 10/100 network will just use the bandwidth associated with ICA protocol, which is minimal.   

Q: Can the desktop receiver be loaded on a thin client or desktop appliance?

A: Yes and it is, at least for the Desktop Appliances part of the Citrix Ready program.

Q: How is licensing addressed for the user, through Xen, if they need an application that requires Vista?  Is there a special license needed for this use on the Xen Server?

A: Each XenDesktop component is managed by Citrix licensing. For users who require a Vista desktop and application, those licenses are managed by the Microsoft and App vendor licensing agreement.   

Q: how does XenDesktop join to domain?

A: The base image is added to the domain.  Then that image is provisioned out to numerous other workstations. Those workstations are also added to the domain. As the desktops are managed by Provisioning Server, the Provisioning Server will keep the Active Directory and machine passwords in sync.   

BTW, I think this is the longest blog on the Citrix blog site. Thanks

Daniel

Homer Quote of Blog "I bet Einstein turned himself all sorts of colors before he invented the light bulb."

For those of you who attended the TechTalk on XenDesktop Technical Dive, I wanted to post the videos maintenance videos. 

Remember, a virtual desktop solution must be able to simplify maintenance or else you are simply moving the administrative problem from remote sites to the data center. The first video shows how easy it is to patch the Hypervisor (XenServer).  The running virtual machines are automatically moved to another available XenServer without impacting the users. 

XenServer Update Video:

The second video shows how thousands of users' desktops can be patched easily without requiring a significant amount of time or expense with the use of Provisioning Server. 

Provisioning Server OS Images Update Video:

These are just two examples of maintenance for XenDesktop. The incorporation of XenApp and application streaming greatly simplifies the maintenance of application delivery.  If you want to hear more, take a listen to the recording of the TechTalk which can be accessed from here.

Thanks

Daniel

Homer Simpson Quote of the Blog (What do we need a psychiatrist for? We know our kid is nuts.)

We have seen the materials, at a high-level, on how the XenDesktop solution fits together and the benefit it can provide.  Are you interested in understanding more detail of the end-to-end solution? 

In this 60 minute webinar, I will provide you with a very quick overview of the complete solution and then spend the majority of the time discussing the different components, what they are for, how they work and how virtual desktops are managed by the solution.  We will cover the integration of the following components: 

• Desktop Receiver
• Access Gateway
• XenDesktop Controller
• XenServer
• Provisioning Server
• XenApp
• Citrix User Profile Manager. 

It is sure to be a great time where we will all learn a lot.  And I might even explain to you on how XenDesktop relates to a Simpsons episode. 

By the end of the webinar, we will all be able to understand the following song:

Desktop Receiver connected to the Access Gateway, Access Gateway connected to the Web Interface, Web Interface connected to the XML Broker, XML Broker connected to the IMA Service, IMA service connected to the Data Collector, Data Collector connected to the Pool Service, Pool Service connected to the XenServer and that's how the whole thing works

See you there and don't forget to register here.

Daniel 

Like I said in the recent TechTalk on server virtualization for XenApp, because there were so many questions, i was going to post answers to them all in a blog.  And this is the blog. 

First, many of you wanted the addresses for the reference materials i identified in the webinar. Here they are:

• TechTalk Webinar Recording: 
• Reference Architecture
• Design Considerations
• Implementation Guide

http://xenserver.citrix.vivoconcepts.com/prg/form/Citrix_runningxenapponxenserver_080225.cfm 

Q: Is all this done on a Citrix appliance or is it all software based and we provide the hardware?

A: Running XenServer is all software based.  You install XenServer, which takes roughly 10 minutes, on a physical server.  From there you can split up the physical server into any number of virtual servers.  A free version of XenServer Express and an evaluation version of XenServer Enterprise can be downloaded here: http://www.citrix.com/site/SS/downloads/results.asp?productID=683148* *\\

Q: What is the best resource for researching the possibilities of XenApp?

A: With regards to virtualization and recommendations, I would suggest the following materials, which covers different types of configuration, practices, considerations, how to do it, and much more. 

• TechTalk Webinar Recording: 
• Reference Architecture
• Design Considerations
• Implementation Guide
• Optimizing XenApp Performance with XenServer 4.1.0 Enterprise Edition
• Performance Evaluation of XenApp with XenServer
• Benefits of Virtualizing XenApp with XenServer* *
  

Q: What about network utilization with regards to Provisioning Server?

A: Network utilization is important for Provisioning Server in that the operating system image is streamed down to the virtual server.  With a base Windows 2003 Server, the install size is roughly a few GB.  However, Provisioning Server does NOT stream that entire image to the virtual server.  Provisioning Server ONLY streams materials as needed.  In fact, booting a Windows 2003 Server only streams a fraction of the multi-GB actually used in the install.

Q: Is Network Storage iSCSI or Fiber connection?

A: When you virtualize the disk with Provisioning Server, you essentially do not have any storage assigned to the virtual server.  Yes, you read that right, you don't assign storage to the virtual server because the image is streamed on-the-fly.  It is actually pretty wild to think about. Provisioning Server should be on an enterprise storage solution like a NAS or a SAN for high-availability and high speed of delivery to the virtual server. 

I know the first time I had discussions about Provisioning Server I was like, what do you mean there is no disk.  But it is true.  If you stream to the physical server, you can completely unplug the hard drives. In the virtual server world, you just don't assign disks to the server. With this type of solution, you end up not having to worry about GBs and GBs of storage required for a virtualized XenApp solution.  In fact, I've seen customers use Provisioning Server to help them migrate to newer versions of XenApp.  Right now, let's say you are running XenApp 4.5 installed on physical servers. When the next release of XenApp arrives, you create your image with Provisioning Server and stream the image to the servers (physical or virtual).  If you run into challenges with the new version of XenApp, your fallback procedure is to use the hard drives again, which still contains the XenApp 4.5 installation. Pretty cool if you ask me. 

Q: Would XenServer bundle with P2V tool for free? Or we have to buy PlateSpin P2V tool?

A: The P2V tool, when it is released, will be free. You won't need to buy any third-party tools to do P2V conversions. 

Q: We have VMware ESX Enterprise already. Should we get XenServer for our XenApp farm? What are the advantages?

A: I'm not a Sales person so I don't recommend products just because it is what we sell. So when talking about virtualizing XenApp, first understand that XenApp is a unique beast.  It doesn't behave like other systems within the data center. It must support hundreds of users simultaneously.  This requires lots of memory, lots of context switching, lots of disk access. It is different than let's say Exchange or SQL Server.  Before XenServer 4.1, I would have been hard pressed to recommend XenServer as a viable solution for XenApp. In fact, most virtualization solutions would not have dealt with XenApp effeciently.  But look what happens when XenSource became part of Citrix.  Our engineers (XenApp and XenServer) worked together to re-architect the hypervisor to perform remarkably better for XenApp virtual machines as compared to the 4.0 version of XenServe. That being said, XenServer is optimized for the XenApp workload.   Instead of making you perform some low-level funky "tweaks" the hypervisor, we just have you select the type of workload the virtual server is doing.  In this case, you select XenApp. This option changes how XenServer deals with memory to align better with XenApp requirements. 

Now, when you look at XenServer Platinum the picture becomes even better with Provisioning Server.  Without Provisioning Server you must still manage each virtual server as if it was a physical server. This is regardless if you are using XenServer, Hyper-V or even VMware.  Provisioning Server lets you focus on the role and not the server.  There are fewer roles in the data center than there are servers. Easier to manage and maintain, a huge savings if you ask me.  And you did   But I did only touch on a two areas.  Take a look at the documents (especially the reference architecture) I put at the beginning of this blog for additional information.

Q: what were your server specs for your example?

A: The scalability testing completed with XenServer and XenApp were done on a Dell PowerEdge 1950 (1 Quad-core 1.6GHz, 8GB-16GB RAM). 

Q: What about users that are logged into an app, and the server is rebooted

A: A physical server, virtual server or a server receiving the image from Provisioning Server, those users are disconnected and their sessions are gone.  Now if the physical XenServer fails, the virtual XenApp servers can be moved to another XenServer, a feature we call XenMotion.  In this circumstance, a user might see a slight pause in their session, all depends on the current situation. But the point is in this situation, the users session and data is intact.

Q: You mentioned doing P2V of Citrix servers throughout your presentation.  Are there any items to be aware of when doing this?  Any resources to help with this process?

A: Well, the first is an upcoming P2V tool that will let you convert a physical server to a virtual server for XenServer.  If you only use XenServer and not Provisioning Server, the only other item is to set the optimization setting for the virtual server to Optimized for XenApp.  This was discussed earlier in this blog.  If you are also going to stream the system with Provisioning Server, you will want to build the "golden image" how you want it to be for each server. You then must run the integration utility, which will take care of all the other configuration items.  If you want instructions on how to do the Provisioning Server aspect, take a look at the Implementation Guide identified at the beginning of this blog.

Q: Did you use Provisioning Server w/ the test load, or just straight XenApp on XenServer?

A: The scalability testing was just XenApp on XenServer.  I can bet your next question will be what impact on scalability with Provisioning Server have.  And might I say it is a great question if I do say so myself.  Unfortunately, I'm not aware of any scalability testing that shows the impact to single server scalability with Provisioning Server. 

Q: How is XenApp rated on VMware ESX vs. on Provisioning Server on XenServer?

A: Unfortunately, due to VMware's end user license agreement, we are not able to publish scalability numbers for VMware ESX.  No one can except VMware.  We did tests against a number of virtualization vendors and found that XenServer allowed roughly 70% more users than others when running 64Bit XenApp.

Q: How large would a server image be with Provisioning Server?

A: The size of the Provisioning Server virtual disk, which I call a role, can be pretty much any size.  However, you don't want to go wild with the image size.  If you create a 10GB image and a 100GB image, the 100GB image will take a lot longer to build and optimize, plus it will waste space and we are all trying to conserver power, space, cooling, etc.

Q: What is the best client to use - PN, PNA or WI?

A: You tell me   It really depends on what you need.  Most administrators prefer PN as it allows them to make connections as they need to support the environment.  Users prefer PNA or WI.  PNA is great in that you don't have to go to a web page to get to your applications, so it is faster from a user perspective, but WI allows you to integrate the published resources in other pages like SharePoint. I personally use Web Interface and my favorite color is green.

Q: How can one discern how much RAM/CPU is being used on a daily basis?  Does Access Suite Console give that info?  (Am on PS 4.0 and use VMWare)

A: Within the XenApp Access Management Console, you can generate reports for your XenApp servers to give you all kinds of information about the overall utilization of the servers. The reports are in the Report Center. Also, you can use Resource Manager or EdgeSight to get even more detailed information.

Q: Is there a release date for the P2V tool?

A: All I can tell you is the beta is expected soon.  I would log onto MyCitrix and see if you can see it in the download section. Also, Roger Klorese has been blogging about the next version of XenServer (Project Orlando). I recommend taking a look at his blogs.

Q: Is there a guideline for application roles that are not suited for XenServer virtualization?

A: Hmmm, I'm trying to see if I can think of an application that is not suited for XenServer, but I'm having trouble.  Before XenServer 4.1, I would have probably said XenApp due to the overhead, but now that the overhead has been drastically reduced, I can't say that anymore. 

Q: What file system do you recommend for the storage partitions on a NAS or SAN?  (I think VMware has a proprietary clustered file system, Novell uses OCFSv2).

A: This is what I love about XenServer and Citrix.  You can use anything you want.  NAS, SAN, NFS, iSCSI.  If you already use something like NetApp, use it.  If you use a SAN solution, use it for XenServer. 

Q: Nice to see how memory issues can be addressed with virtualization. What about CPU, network, and disk I/O being the bottleneck?

A: Excellent question. 

• CPU:  Not sure what issues are around CPU in the XenApp world except for CPU underutilization because of memory bottlenecks and memory limits.  Virtualizing lets you completely use what you paid for. 
• Network: The networking aspect is interesting.  Because the physical server is now hosting multiple virtual servers, you want to make sure you have adequate bandwidth going into and out of the physical server. The network component is critical to XenApp, but the data transferred is fairly minimal due to the use of ICA.  Now on the backend, the XenApp applications require data from their source. And if Provisioning Server is being used to stream the operating system, more network bandwidth is required.  But these should still be within the limits of the current standard server hardware of 1GB NICs.  However, I would still recommend mulitple NICs to a single XenServer. You don't want a Homer Simpson tripping over a network cable and dropping all users from a XenServer.
• Disk I/O: In a enterprise design, I would recommend you use some type of fast storage like a NAS (regardless if you use Provisioning Server or just plain XenServer).  These devices are specialized hardware optimized for file sharing.  I have had customers tell me that their XenApp environments actually run faster because of XenServer and the integrated NAS/SAN.  

Q: is the benefit presented on this slide in the fact that Disaster recovery is improved by virtualizing?

A: Disaster recovery is improved. With XenServer you can move a running virtual server to another XenServer. Provisioning Server also helps in the DR scenario as you can quickly re-provision systems to take on a new workload with a simple reboot. 

Q: You don't have to have 32-bit apps to run on 64-bit OS.  That's where you get your scalability on XenApp

A: True, you can continue to run your 32bit apps on a 32bit OS like Windows 2003.  The problem is that you have a memory limit with 32bit OS.  In more cases than not, you will max your RAM before you get close to maximizing your CPU. 

Q: We have XenApp 4.5 running on a dev/test environment in VMware. Session connection times seem to be slow for an app to open up. What kind of things should I be looking at to find the source of the problem outside of adding hardware to the VM. thanks!

A: Well, first I would say try using XenServer  (I know, I had to say it)    But seriously, take a look at the storage situation with your VMware implementation. What performance numbers are you getting from the I/O system in your setup?  With XenServer, we recommend you use either a NAS or SAN type solution which provides the fastest possible disk performance.  The faster your disks run, the faster apps load because they are coming from disk.

Q: What technology are you using to determine user count?

A:  We are just performing scalability tests with tools like EdgeSight for Load Testing and then to get the metrics, we utilize perfmon counters and log files to analyze the results and make comparisons.

Q: I'm a bit new to XenApp but your numbers for concurrent users seemed very high. If your Visio app is using 1Gb of RAM just for you, doesn't' that mean that a max of 15 people could use Visio on a XenApp server?

A: In that example, yes.  However, it all depends on the apps.  For example, the scalability numbers I presented for roughly 300 concurrent users on a physical server were working with Excel only.  This was used to determine overhead. Your concurrency numbers will vary based on workloads. The scalability numbers are meant to give you an idea of the XenServer overhead.

Q: Another point is disk utilization... we are often disk bound

A: Yes, disks can be a problem. Sure you can implement array controllers, use 15K RPM drives, but you are still relying on the local system to manage the file system. When you integrate with a SAN or a NAS type solution, those devices are optimized for file hosting.  Optimization=Speed

Q: I have already heard that you can not clone XenApp servers... where can I learn more about this?

A: Read the Reference Architecture document identified at the beginning of this rather long blog. It talks about the Provisioning Server Integration Utility for XenApp.

Q: How do you get 200 users in 4GB of RAM?

A: By running Excel only.  This workload is used to show the overhead impact between 64bit physical, virtual and 32bit.  You workloads and your concurrency numbers will be different. This is to give you an idea of the expected overhead.  I've actually seen other people get their XenApp servers into the upper 100s by using bigger applications than Excel. It all depends on the apps and users. That is the main problem with scalability tests, they only reflect a single type of workload and do not represent your environment. They are only meant to give you an idea of what the overhead is and comparisions against other products.

Q: Any tool like ESX Ranger becoming available?

A: ESX Ranger has many different features.  I know you would be able to use something like Workflow Studio to help manage the environment from user-based, event-based or schedule-based triggers.  As this product is still in beta, it is hard to tell what functionality and integrated components will be available at release.

Q: Isn't XenServer only supported on 64-bit platforms?  How then would we virtualize a 32-bit Server with your scenarios?

A: XenServer is a 64bit hypervisor, but it can virtualize 32 and 64bit systems. 

Q: Did you reference a 32bit version of XenServer?

A: XenServer only exists as 64bit.  There is no 32bit code in the XenServer.

Q: What about PAE on 32-bit systems?  This allows more than 4gb of ram to be addressed. 

A: I wondered if someone was going to ask about that.  Congratulations.  You can use more than 4GB of RAM on a 32bit system, but there are a lot of things you must be aware of.  Instead of making this blog even longer, I created another entry that discuss the PAE setting, which can be found here:

Q: Why would you keep a backup data store if you can just motion it instead?

A: In the event the live data store is corrupted and is unrecoverable. If it is, I hope you have a backup. 

Q: What are your thoughts on virtualizing Provisioning Server?

A: The great answer, it depends.  Virtualizing Provisioning Server will induce latency into the stream as it must go through a virtual network and then onto the physical network to the device.  However, being able to hot-move the Provisioning Server to another server and easily add capacity makes virtualizing a very sound solution.  I haven't seen any numbers yet as to what virtualizing Provisioning Server would do to the scalability.

Q: Running published desktops. Can I virtualize these?

A: Published desktops on XenApp, yes you can.  If you are talking about XenDesktop, desktop virtualization, VDI, whatever else they call it these days, you can as well. In fact, Citrix XenDesktop is also based on the XenServer hypervisor.

Thanks

Daniel

Homer Simpson Quote of the Blog "If you really want something in this life, you have to work for it. Now quiet, they're about to annouce the lottery numbers!"

Memory is a big concern for XenApp on a 32bit operating system like Windows 2003 Server.  In the default state, Windows 2003 can only "see" 4GB of memory, which is split up into two equal parts: Kernel Memory (2GB) and User Memory (2GB). Kernel Memory is further broken down into 4 other parts:

• Paged Pool: Memory space used by the system and kernel level components that can be paged out of physical RAM and into the page file
• Non Paged Pool:  A section of memory guaranteed to always reside in physical RAM and is used by the operating system for certain kernel level processes
• System Page Table Entry : An index table that tells the operating system where the virtual memory actually resides in physical RAM or on the page file
• System Cache: Maps open files in memory for better performance. This is where the registry hives are located as well
  

Once the system has started, the different sections of kernel memory cannot be re-allocated. The system tries to allocate these 4 areas appropriately, but they might require "tweaking". However, the four areas cannot all be set to the maximum level as that would go over the 2GB limit of kernel memory.

Many of you are probably saying, "But I can use the PAE switch on Windows 2003 to go above the 4GB limit". You are correct, you can go above the 4GB limit, but are you aware of the consequences of this action?

1. You must be using Windows 2003 Enterprise or Data Center.  This setting does not function in Windows 2003 Standard.
2. The PAE Switch does NOT change the kernel memory limitations of 2GB
3. To use the extra RAM, more System Page Table Entry memory is used
4. If you have more System Page Table Entries, you will end up with less Paged Pool, System Cache and Non Paged Pool
   

Talk about being between a rock and a hard place. Adding more RAM and enabling the PAE switch "might" give you more scalability but at a great cost for a more expensive operating system, more RAM and special optimization configuration analysis and implementation. The reason I said "might" give you more scalability is because you will now likely run out of kernel memory before you run out of user memory. So you just bought a more expensive operating system and more RAM that will sit there wasted. 

Now I know some of you will add a comment saying something to the effect that you are using the PAE switch and ended up increasing single server scalability by 60, 70, 80 or even 90%.  All I can say is congratulations and I applaud you  . You are lucky as you have the right set of apps for this to work as well as it has.  But I want you to think about going down a completely different route.  Virtualization...

Keep using Windows 2003 Standard but virtualize it with XenServer. Upgrade the RAM on the physical servers so it can support 2-4+ virtual servers. In the end, you will end up with a system that is more flexible, scalable and easier to manage. 

If you interested in learning more about sever virtualization for XenApp, then take a look at the following:

• TechTalk Recording: Make Server Virtualization work for XenApp (http://www.citrix.com/English/NE/events/event.asp?eventID=1679445)
• White Papers
  • Reference Architecture
  • Implementation Guide
  • Design Considerations

Daniel

Homer Quote of the Blog: "To be loved, you have to be nice to others EVERYDAY! To be hated, you don't have to do squat."

Does anyone care about having high-availability for their XenApp farms?  I would envision many of you would say yes.  But what does HA for XenApp really mean?  On the server hosting side, you essentially have HA because you have load balancing at the application level. So if you lose a XenApp server, not too much of a concern as those users can simply restart their application and get load balanced to another server (of course they lose their previous session information, which can be annoying.)   But what other areas of critical to providing a more available XenApp environment?

I've been thinking about this a lot lately, which is probably because my manager has had a lot of meetings and I tend to space out and watch episodes of The Simpsons on my laptop.  Since my DVD player broke, I started to think about HA for XenApp during these meetings (at least I'm now doing work). I was able to come up with the following thoughts:

1. Smart Monitors:  First, I want to know that something has failed or has gone flakey.  I don't want a bunch of messages telling me everything is ok, I just want to know when something is about to go horribly wrong. For example, the XML Black Hole.  I've seen the black hole cause too many issues, so how do we detect it?  You create a smart monitor that does more than pings. It tries to make requests to the XML service. If the expected data comes back, we are good to go. If the request is never answered or the response is junk, then Homer, we have a problem.  
2. HA for the Critical Components: Now if we can detect a failure, DO SOMETHING ABOUT IT.  As we continue looking at the XML Black Hole, if we see there is an issue, then stop making requests to it. But this requires another XML Brokers to take over the responsibility of the failed one without requiring changes to the environment's configuration.   Sounds a lot like load balancing to me.
3. Business Continuity:  Essentially what I'm saying is that if my XenApp environment at one site fails, I  better have another site already waiting for connections without requiring me to make changes.  Many people have 2 data centers: a primary and a backup. Others have 2+ data centers that are all active.  For those organizations with 2 data centers (primary and backup), how do you fail users over to the backup in the event of a failure?  For those organizations that have 2+ active data centers, how do you tell your users data center is their preferred site?  That is really a trick question (Did I get anyone?).  You shouldn't have to tell your users anything about going to a primary, backup, tertiary site. It should happen automatically.  Users want their applications in the fastest possible means necessary, which could mean that one day it is from data center 1 and on another day it could be data center 2.
   

These three items are all part of NetScaler, and it is easy to setup.  For those of you who know me will notice that I've worked with the integration of NetScaler and XenApp for some time.  Well, the NetScaler product group is actually making my job easier because they are making this solution a lot easier.  I created and maintained a 40+ page document that showed you how to set all of these goodies up. Now that document is about 14 pages (with pictures for each step) because of the new NetScaler for XenApp wizards.  I'm just glad I don't get paid by the word.  Take a look at what I'm talking about. In about 5 minutes you will see me configure and integrate NetScaler with XenApp:

Watch this Video:

Also, take a look at recently released articles  that goes into more detail on this integrated solution: http://support.citrix.com/product/nsad/v8.1/consulting/

• Taking XenApp to the Next Level of Availability - Reference Architecture
• Taking XenApp to the Next Level of Availability - Implementation Gudie

I'm curious what other areas concern you when you are focused on HA for XenApp?   Let me know. Yes, my manager finally ended the meeting, I am outta here.

Daniel

(Homer Quote of the Blog "Kids, you've tried your best and failed miserably.  The lesson is, never try")

Welcome to the third installment of the Dynamic Delivery Center.  This time I will be showing you the Proof of Concept (PoC) we built to validate the DDC is possible.  If you haven't done so already, I encourage you to review the first two blogs so you understand our business and requirements.

• Part I - The Need
• Part II - The Analysis

Now, the PoC.  First, let me show you the architecture diagram we've used.  (Visio Stencils for this diagram are located here).

(Select diagram for a larger view)

As you can see, it is fairly straightforward. I'm the type of person who prefers things simple. The whole purpose of the PoC is to see if we can use a web front end to dynamically deliver any number of "Test" environments to the users.  Now, as many of you reading this are techies, let's get to the good stuff...

• External Access: Every user will be remote. Even if you are sitting in the office next to the lab, you are considered a remote user (Ever hear of de-perimiterization?).   All users will connect through an HA Pair of NetScaler 7000s with the SSL-VPN functionality enabled in full VPN mode.  We are doing more than ICA so we need a full VPN connection.
• Web Front End: Users will be able to connect to the Web Frontend when they connect with Access Gateway Enterprise .  The Web Frontend will allow the user to request any number of systems from the lab. 
  
  
• XenServer Resource Pool: Currently, the XenServer Resource Pool contains a set of templates that users can request from the environment. Those templates are reflected in the Web Front End, allowing the user to customize their environment.
• XenServer Template Library: For the PoC, the library only includes Windows 2003 R2 servers, XenApp 4.5 servers, Windows Vista SP1 workstations and Windows XP SP2 workstations.  New virtual machines are created based on the templates, which should only take a few seconds.  The library will grow as new requests come in and new systems are required. The longer the DDC is running, the more complete the library will become.
• NetScaler: The NetScaler devices are setup to allow for either a one-arm or two-arm deployment (hence the reason for the two separate VLANs).  If the user only requires a one-arm setup, they just ignore the second connection.
• WANScaler: The WANScaler devices are setup to allow the user to test any number of backend optimizations across any simulated WAN connection with the Apposite WAN Emulator.  The backend contains another XenServer Resource Pool allowing the user to test WAN optimization against any number of resources including file servers, web servers, media servers and XenApp servers, just to name a few.
  

We have the architecture, but how does it work?  How does the Web Frontend do it all?  In the PoC, we chose not to look into Workflow Studio (Sorry WFS Team) as we want to wait for the next beta release. But the lessons learned in the PoC will help us properly develop our workflows in the design phase.  In the PoC, we used the SDKs extensively to do the following:

• Virtual Machines
  1. A user selects one or more templates on the Web Frontend and selects "Provision Servers".
  2. The Web Frontend code will search for a virtual machine resource in the database that has not been marked as in use. Once an open virtual machine is found, the database will be updated and marked as in use by the user for a period of 3 days.
  3. The Web Frontend will establish a session with the XenServer host using root credentials.  The template the user selected will be cloned.  Once the clones are created, they will be sent a start command.
  4. Once the virtual machines are running, the IP address will be obtained. This information is used to generate an automated email to the requester using the SMTP service running on the Web Frontend server.
  5. The user will use the IP address to make a Remote Desktop connection to the console of the server, which is waiting for the user to enter a name for the virtual machine as part of the SID generation process.

• NetScaler
  1. User selects "Provision NetScaler" from the Web Frontend
  2. The Web Frontend checks the database for an available NetScaler. Once one has been found, it is marked as in use by the particular user for a period of 3 days. In the event that all NetScalers are assigned, the user will receive an automated email.
  3. The Web Frontend will establish a session using XML API calls with the NetScaler using the "nsroot" credentials. The reset process involves using the XML API calls to get into the NetScaler shell to remove the ns.config file.  Simply deleting the NS.Conf will completely reset the NS config. That would be bad because that includes the IP Address.  We don't want to go into the lab and connect a serial port and configure the device.  To solve this challenge, we  copy a base ns.config (which includes the NS IP configuration) over the current one.  We also have the code go through and remove any extra files that the previous user might have created (certificates, configuration files, etc).
  4. The Web Frontend will send code that will clear the NetScaler configuration, while keeping the IP address constant, so it is accessible from the network.
  5. The user will receive an automated email from the Web Frontend using the SMTP service.  The email informs the user on the connection information for the NetScaler.

• WANScaler
  1. User selects "Provision WANScaler" from the Web Frontend
  2. The Web Frontend establishes an HTTP session with the WANScaler web console using the "admin" credentials.
  3. The Web Frontend sends a request to reset the WANScaler config back to factory defaults, while still preserving the IP address. Once the WANScaler has been set back to factory defaults, the WANScaler will be rebooted.
  4. The user will receive an automated email from the Web Frontend using the SMTP service.  The email informs the user on the connection information for the NetScaler.
     

Lessons Learned:

• The biggest thing is that it is possible!!  The tricky part of the project was resetting the NetScaler and WANScaler back to factory defaults without losing the IP address. 
• A more complete set of XenServer templates is required to anticipate any number of requests from the field
  

Next Steps:

• Create a more detailed design that identifies the templates required for the initial release
• Create a detailed set of workflows that are required to see how Workflow Studio can be leveraged to make this environment easier to build and maintain.
• Create a way to hide Simpsons "Surprises" within the lab like logging into the lab and receive a warm welcome from Homer saying "D'oh!"
  

Hope you enjoyed this one.

Daniel

Homer Quote for the Blog "Look, the thing about my family is there's five of us. Marge, Bart, Girl Bart, the one who doesn't talk, and the fat guy. How I loathe him."

In case you haven't heard or seen , I'll be hosting a live TechTalk on Wednesday, July 23rd at 1PM Eastern covering the virtualization of XenApp on XenServer. For those of you who have read my blog, I know there are 5 of you, will know that I've been working on this aspect of server virtualization for some time.  I plan on covering what you should virtualize, how you should do it and how to make dev/test environment better with this solution. So if you want to hear me talk on a great topic, don't forget to register here.

July 23, 2008

1:00 PM Easter

1 hour duration

Daniel

Shipoopi!!

(Homer Simpson Quote of the Blog: "Kids, you tried your best and you failed miserably. The lesson is, never try.")

It has been a few weeks since I first wrote about drinking the Citrix Kool-Aid and trying for ourselves to turn our lab into a dynamic deliver center.  The first part of this project is to identify what is the purpose of our lab.  After looking at things deeper, we are responsible for mainly 4 things:

Technical Readiness Infrastructure: 

The Tech Readiness group is responsible for creating and delivering technical training to our customer facing people. This includes Support, Consulting, SEs, etc.  This group develops hands-on training that walks the student through setting up, configuring and troubleshooting the product.

As you can imagine, during a new product release, we have classes stacked up one after another all around the world. These classes use prebuilt environments in a remote lab in Ft. Lauderdale.  So if a class is occurring in Singapore, London, Sydney, Paris or anywhere else , the students will connect to Ft. Lauderdale to work on the pre-configured lab environment. Because the focus of the classes is to train on the new features, we don't expect our students to run through installations.  This means the environment must be prebuilt ready for configuration.

As you can expect, this is a challenge, which brings us to our first few requirements:

• Requirement 1: Tech Readiness: Must be able to work with the latest products, whether they be hardware or software, remotely.
• Requirement 2: Tech Readiness: Must be able to refresh environment quickly to a base state with items installed, but not configured
• Requirement 3: Tech Readiness: All previous classes configurations must be removed and devices and servers must be put back to base state (including passwords, accounts, optimizations, etc)
• Requirement 4: Tech Readiness: Environment must be able to allow students to work with all features and products including WANScaler optimizations, NetScaler load balancing, XenApp Progressive Display, Smart Auditor, etc.
  

Worldwide Consulting Solutions

The Solution Center and Integrated Solutions team is responsible for developing best practices and recommendations for integrating Citrix products with other Citrix products and 3rd party products.  For example, these two teams have developed items discussing XenServer and XenApp integration and on how to integrate WANScaler and NetScaler with Microsoft SharePoint.  From project to project, the architecture could look quite different, but there is one common aspect to all projects... There is at least one Citrix solution involved. 

The types of projects can vary wildly from validating an application runs on XenApp, defining deployment best practices for a particular web application with NetScaler to performing scalability testing on the latest version of XenDesktop. All of these items come together to bring us a few more requirements:

• Requirement 5: Worldwide Consulting Solutions - Need to be able to bring up a set of Citrix solutions without requiring installation
• Requirement 6: Worldwide Consulting Solutions - Need to have the different project pods separated from other pods as one test might influence the results of another test
  

Field Teams

Working with our customer, many of our field Citrites find themselves in need of a reference system to be able to look up a setting, perform a quick test based on a customer question, or be able to demo a new feature that is easier to show than to explain.  These types of requests are short lived, but require a fast response. Because of the huge number of potential questions a customer could ask, it is impossible to anticipate every conceivable environment needed or when the requests could occur.  This type of situation brings about the following requirements:

• Requirement 7: Field Teams: Need to get access to a base system (regardless of product) in a short amount of time that can be modified. 
• Requirement 8: Field Teams: Each reference system must be isolated as customers will be seeing the systems in a lab that also contains systems of new, unreleased products
• Requirement 9: Field Teams: Need to be able to extend check-out time if work extends beyond original request date
  

Administration

I haven't hit all of the groups that use the lab because this blog would be longer than the movie script to the Simpsons Movie (which I highly recommend by the way), but most of their requirements are contained within the first three groups.  Before I close out, there are still a final set of requirements focused on the administration of the lab. We must make it easy and automated:

• Requirement 10: Administration: Systems should be in a low-power state unless they are being used.
• Requirement 11: Administration: The systems, when allocated, should be powered on automatically.
• Requirement 12: Administration: Systems should be automatically built, cleaned, decommissioned and assigned.
• Requirement 13: Administration: Hardware assignment notifications should occur through email with all pertinent connection information once the systems are online.
  

I know this was quite a long blog, but this is a big project and I didn't want to gloss over anything. 

Up next, a Proof of Concept.

Daniel

(Homer Simpson Quote of the Blog: "Oh, so they have internet on computers now!")