Jump to content
Welcome to our new Citrix community!
  • Extend Your Home Lab into Microsoft Azure and Deploy XenDesktop 7.8 Machine Catalogs


    cugcblogs

    dave-brett.png.c839315f8303ba1f32573493a59946be.png by David Brett, CTP

    If, like me you have a home lab set up to test and learn then you will have probably been in the situation where you run out of compute. You then start looking at what you can shut down, delete or de-commission. This can be a massive pain, and whilst I know I need to buy some more hardware I currently can’t justify that to the boss at home so I started to think of other ways to get a larger home lab.

    Enter Microsoft Azure. I have an active MSDN subscription with Microsoft and as part of that I get £95 per month of free compute in the Azure Cloud. This is great but instead of running 2 domains – 1 in my house and one in the cloud I started to look at options of linking the 2 and running a larger hybrid cloud lab. This is good in many ways as some workloads will need to be done on physical hypervisors (Citrix PVS for the moment) and some are perfectly suited to be run in the cloud (AppDNA).

    So, lets get going.

    Current Setup

    At home I have 2 servers, 1 on VMware running my infrastructure and 1 on XenServer for my Citrix Workloads. I have a single public IP Address and a standard broadband set-up with Sky in the UK. My internal network range is 192.168.0.0/24

    Desired Setup

    As existing internally however the ability to add machines from Citrix Studio directly into Microsoft Azure. 2 available networks in Azure 10.20.1.0/24 for infrastructure and 10.20.2.0/24 for Citrix Workloads. Communication to be seamless between the 2 locations and the ability to use the £95 per month for more intense workloads that are more suited to run in the cloud.

    First navigate to Networks

    brett3291601.png.9b45fbbee72c22b568f6c56c370c21fa.png

    From the menu at the bottom click New, Virtual Network and Custom Create. We will now define our network setup for the machines hosted in Azure to use

    brett3291602.png.53e8918e6fca49845eb05897db317d38.png

    Give your new network a name and pick the region that you want to run the network in

    brett3291603.png.d37924cea6dceddf7b4857ac9c089546.png

    Define the DNS Servers that you want to assign to the machines you build and attach to this network.

    NOTE: I have specified my internal dns server running on my internal servers. This is certainly not the best practice but to save on money spent in my subscription I don’t want to put out server just to run domain and dns services. It is also important to save name resolution for XenDesktop to work therefore you will need at least one dns server from your domain.

    Leave the Configure Site to Site vpn option for now – we will configure this later on

    brett3291604.png.8e109508a6469f151f0c18c44308b87f.png

    Define your network addressing. I have specified 10.20.0.0/16 as the available address range. 10.20.1.0/24 as a subnet for infrastructure and 10.20.2.0/24 as a subnet for Citrix workloads

    brett3291605.png.ddd84d16a0ac385efd668c4e1333a33e.png

    Click the tick and wait for the network to finish creating

    Once your main vNet is created click the local networks tab

    brett3291639.png.cec37271e82f6c6b123ae3ef4f6031fa.png

    Click New, Network Services, Virtual Network and Add Local Network

    brett3291606.png.7e8bcf09d22cc8bb40d6bbf519760736.png

    Here we are going to specify our local network so we can link our Azure vNet and out Local network. Earlier I said that my local network is 192.168.0.0/24 and I only have a single subnet. Therefore this step is pretty simple.

    First give your local network a name and put in the external IP Address assigned to your router at home

    brett3291607.png.d9a9a46d300f7c4e56c17a6624856201.png

    Next specify the address space that your local network is running on. This is so that the Azure vNet knows to push traffic down the vpn if it resides in the local subnet

    brett3291608.png.33bcb08a78ed426d2a95191022742f02.png

    Click the tick and wait for the local network to finish creating

    Next we need to configure the Site to Site connectivity. Open your Azure vNet and select the configure tab. Put a tick in the site-to-site connectivity and put a tick in the Connect to the local network. Then select the local network you created from the drop down list provided

    brett3291609.png.280172ad4263e00be461d0d331c7f549.png

    Click Save and your virtual network will show that a site to site vpn has been set up but no gateway has currently been configured

    brett3291610.png.b91bf12306b49dfcde837b9c9583719c.png

    From the menu at the bottom click Create Gateway and select dynamic routing from the options.

    brett3291611.png.d25981b775b0f90595427c9463b09432.png

    Your status of the gateway will change to creating – be aware that this process may take up to 15 minutes to complete

    brett3291612.png.34729c1ae9c0b997dc485a943c713728.png

    While the gateway is creating switch back to your in-house hypervisors. You will need to build a Windows 2012 R2 Server to act as a Routing and Remote Access Server. This server does not need to be on the domain as it will only be used for routing and you don’t need to install the RRAS Role as this will be created later using an Azure-supplied script. You will need 2 network interfaces attached, one for the local access and one for DMZ.

    brett3291613.png.9195937d97cb923ab01c3baef618e620.png

    Give them both static IP Addresses but don’t assign a gateway to the internal interface

    brett3291614.png.b3b2f3c8c073eadf1a88f51feaacbe5f.png

    And assign a gateway to the external interface

    brett3291615.png.21b661c62d24403bad778734924097f4.png

    Once you have your 1012 R2 server set up you will need to add your firewall rules to allow access from Azure into your network for the VPN to be brought up. Below is a screen shot of the ports you will need to open up for the Azure site-to-site vpn. You will need to send all the vpn traffic to the external interface of your RRAS server

    brett3291616.png.77320f01472dac6d1f16b18c07f8cd14.png

    Once you have finished with your internal RRAS setup, switch back to your Azure portal and your gateway should (hopefully) have finished being created. It won't show as connected as you have not finished the internal RRAS service

    brett3291617.png.94f40eef00decd97cf32fc8a180c0b4e.png

    On the right click the Download VPN Device Script below the Quick Glance menu

    brett3291618.png.dd7d09880e989943a07e49de38893b09.png

    When prompted set the Vendor to Microsoft Cooperation, the Platform for RRAS and the Operating System to Windows Server 2012 R2 and click the tick to download the script

    brett3291619.png.f8648322f5b70727cf66a90ab88cddd8.png

    Once downloaded rename the script extension from cfg to ps1 and execute the script as an administrator from your RRAS in Powershell

    brett3291620.png.599bba71725170f1d9847c73be13756c.png

    This may require your RRAS server to be restarted a couple of times. Let this happen and once back up log in and oprn up the Routing and Remote Access Admin portal

    If you look at Network Adapters you should see a new adapter with the name of your external IP Address for your gateway in Azure. It will be of type demand dial and should show as connected

    brett3291621.png.716395b401c11049ff448064b0c2d096.png

    Move to static routes and you should see a new route to send traffic for the 10.20.0.0 subnet out of your demand dial interface

    brett3291622.png.1d2827dd1c5b5a7f95e1926a9ea56385.png

    Switch to your Azure Portal and the Gateway should now show as connected

    brett3291623.png.0cd5f27f8a90831556de57c09ac0c9e1.png

    Traffic from Azure will now know how to route into your local network but you will need to add a static route to all your internal virtual machines to tell it how to get back to Azure. This can be done manually or using a startup script.

    To manually add the route, log into each server internally and type in the following

    route add -p 10.20.0.0 mask 255.255.0.0 192.168.0.240

    You need to direct traffic for your Azure subnet to the internal interface of your RRAS server

    Once added you can ping out to Azure from an internally hosted XenDesktop

    brett3291624.png.cdf68f0260800f06c69cc2358004178e.png

    Also you can ping inbound from an Azure hosted Server.

    So, now we are ready to set up a machine catalog in XenDesktop to be run from Azure.

    NOTE: You will need a classic mode image to use for provisioning. I have pre-built a Windows Server 2016 TP4 Server and installed the XenDesktop 7.8 Vda. I then shut down the server and captured an image of it using the Azure Management Portal

    brett3291625.png.ca89127d697a725f62ba3945863aee10.png

    Add your new Azure Region into your hosting options withing XenDesktop. For a guide on doing this and instructions on how to get your publishsettings file look here:

    http://bretty.me.uk/deploying-a-multi-zone-global-xendesktop-7-7-site-on-the-microsoft-azure-public-cloud/

    and go to Step 11 – Adding Azure Hosting

    brett3291626.png.418300e4ca90d26a4d41fcf27aae75e6.png

    Then click to create a new machine catalog

    brett3291627.png.5716703c62f75a0069a16a2089975916.png

    Click next for the welcome screen and select Server OS

    brett3291628.png.e6a4171fa5dda483b0e3b1f93b181f3a.png

    Select your new Azure Region and click next

    brett3291629.png.bd538a7909dc322dfce4aa8641845cb3.png

    Select the image you prepared earlier

    brett3291630.png.5c2acd92db7cdecf3dde290f3a2df82f.png

    Select the number of machines you wish to create

    brett3291631.png.39c58f5cc2c0001c5e895558d3874642.png

    Select the network you want the machines on

    Select the OU you want the machines in and the naming convention

    brett3291632.png.124acb821b644a382c00ffa29dabd74e.png

    Give the new catalog a name

    brett3291633.png.648345e4da5b497cb9cebd731f8755c4.png

    Click Finish and let Citrix Studio do its thing.

    brett3291634.png.181b5ea1fac2b0a40f5dfbbce5680965.png

    You will see Studio copying and creating your new machine catalog

    brett3291635.png.23bc0a26fb964562fd2f994655013695.png

    After a while it will show as complete

    brett3291636.png.40cbc23c6028980e3e8d8079a5f1912a.png

    Once done switch to Azure and select Virtual Machines. You should see your new machine listed

    brett3291637.png.1bf642f0297bb981e347445a442fc32a.png

    Click into the machine to view the configuration and you will see it's on the right network that you defined during the creation wizard and can therefore speak to your internal network as it is aware of the routes needed.

    brett3291638.png.b737c0d445509a6bc86edc1833e2be7a.png

    That's it, hopefully this will help some of you get some more use out of your lab environment and a little more compute power into your environment.


    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...