In this chapter, we start with defining the pieces or components that make up a XenDesktop Site along with the terminology and concepts involved. We then set out to design a basic XenDesktop architecture, which ends with a network diagram that we will use as a roadmap for the remainder of the book. In this chapter, we will cover the following topics:
The components of XenDesktop
Terminology and concepts
System requirements
Designing a basic XenDesktop Site
Common ports used in network communication
Before we get started with the designing of the XenDesktop Site, we need to understand the core components that go into building it. XenDesktop can support all types of workers—from task workers who run Microsoft Office applications to knowledge users who host business applications, to mobile workshifting users, and to high-end 3D application users. It scales from small businesses that support five to ten users to large enterprises that support thousands of users.
Tip
Please follow the steps in the guide in the order in which they are presented; do not skip steps or topics for a successful implementation of XenDesktop.
The following is a simple diagram to illustrate the components that make up the XenDesktop architecture:
Note
If you have the experience of using XenDesktop and XenApp, you will be pleased to learn that XenDesktop and XenApp now share management and delivery components to give you a unified management experience.
Now that you have a visual of how a simple Site will look when it is completed, let's take a look at each individual component so that you can understand their roles.
In this section, we will cover some commonly used terminology and concepts used with XenDesktop.
It is important to understand the terminology and concepts as they apply to the server side of the XenDesktop architecture, so we will cover that in this section.
As mentioned in the Preface of this book, a Hypervisor is an operating system that hosts multiple instances of other operating systems. XenDesktop is supported by three Hypervisors—Citrix XenServer, VMware ESX, and Microsoft Hyper-V.
In XenDesktop, we use the Microsoft SQL Server. The database is sometimes referred to as the data store. Almost everything in XenDesktop is database driven, and the SQL database holds all state information in addition to the session and configuration information. The XenDesktop Site is only available if the database is available.
If the database server fails, existing connections to virtual desktops will continue to function until the user either logs off or disconnects from their virtual desktop; new connections cannot be established if the database server is unavailable. There is no caching in XenDesktop 7.x, so Citrix recommends that you implement SQL mirroring and clustering for High Availability.
The Delivery Controller distributes desktops and applications, manages user access, and optimizes connections to applications. Each Site has one or more Delivery Controllers.
Studio is the management console that enables you to configure and manage your XenDesktop and XenApp deployment, eliminating the need for two separate management consoles to manage the delivery of desktops and applications. Studio provides you with various wizards to guide you through the process of setting up your environment, creating your workloads to host and assign applications and desktops, and assigning applications and desktops to users.
StoreFront authenticates users to Site(s) hosting the XenApp and XenDesktop resources and manages the stores of desktops and applications that users access.
A virtual machine (VM) is a software-implemented version of the hardware. For example, Windows Server 2012 R2 is installed as a virtual machine running in XenServer. In fact, every server and desktop in this book's examples will be installed as a VM with the exception of the Hypervisor, which obviously needs to be installed on the server hardware before we can install any VMs.
The Virtual Desktop Agent (VDA) has to be installed on the VM to which users will connect. It enables the machines to register with controllers and manages the ICA/HDX connection between the machines and the user devices. The VDA is installed on the desktop operating system VM, such as Windows 7 or Windows 8, which is served to the client. The VDA maintains a heartbeat with the Delivery Controller, updates policies, and registers the controllers with the Delivery Controller.
VMs or physical machines based on the Windows Server operating system are used to deliver applications or host shared desktops to users.
VMs or physical machines based on the Windows desktop operating system are used to deliver personalized desktops to users or applications from desktop operating systems.
Microsoft Active Directory is required for authentication and authorization. Active Directory can also be used for controller discovery by desktops to discover the controllers within a Site. Desktops determine which controllers are available by referring to information that controllers publish in Active Directory.
Active Directory's built-in security infrastructure is used by desktops to verify whether communication between controllers comes from authorized controllers in the appropriate Site. Active Directory's security infrastructure also ensures that the data exchanged between desktops and controllers is confidential.
A desktop is the instantiation of a complete Windows operating system, typically Windows 7 or Windows 8. In XenDesktop, we install the Windows 7 or Windows 8 desktop in a VM and add the VDA to it so that it can work with XenDesktop and can be delivered to clients. This will be the end user's virtual desktop.
Citrix XenApp is an on-demand application delivery solution that enables any Windows application to be virtualized, centralized, and managed in the data center and instantly delivered as a service. Prior to XenDesktop 7.x, XenApp delivered applications and XenDesktop delivered desktops. Now, with the release of XenDesktop 7.x, XenApp delivers both desktops and applications.
Citrix Edgesight is a performance and availability management solution for XenDesktop, XenApp, and endpoint systems. Edgesight monitors applications, devices, sessions, license usage, and the network in real time. Edgesight will be phased out as a product.
Don't let the term FlexCast confuse you. FlexCast is just a marketing term designed to encompass all of the different architectures that XenDesktop can be deployed in. FlexCast allows you to deliver virtual desktops and applications according to the needs of diverse performance, security, and flexibility requirements of every type of user in your organization. FlexCast is a way of describing the different ways to deploy XenDesktop. For example, task workers who use low-end thin clients in remote offices will use a different FlexCast model than a group of HDX 3D high-end graphics users. The following table lists the FlexCast models you may want to consider; these are available at http://flexcast.citrix.com:
For a complete end-to-end solution, an important part of the architecture that needs to be mentioned is the end user device or client. There isn't much to consider here; however, the client devices can range from a high-powered Windows desktop to low-end thin clients and to mobile devices.
Citrix Receiver is a universal software client that provides a secure, high-performance delivery of virtual desktops and applications to any device anywhere. Receiver is platform agnostic. The Citrix Receiver is device agnostic, meaning that there is a Receiver for just about every device out there, from Windows to Linux-based thin clients and to mobile devices including iOS and Android. In fact, some thin-client vendors have performed a close integration with the Citrix Ready program to embed the Citrix Receiver code directly into their homegrown operating system for seamless operation with XenDesktop.
The Citrix Receiver must be installed on the end user client device in order to receive the desktop and applications from XenDesktop. It must also be installed on the virtual desktop in order to receive applications from the application servers (XenApp or XenDesktop), and this is taken care of for you automatically when you install the VDA on the virtual desktop machine.
Each component has its requirements in terms of operating system and licensing. You will need to build these operating systems on VMs before installing each component. For help in creating VMs, look at the relevant Hypervisor documentation; in this book, we have used Citrix XenServer as the Hypervisor.
The Citrix Receiver is a universal software client that provides a secure, high-performance delivery of virtual desktops and applications. The Receiver is available for Windows, Mac, mobile devices such as iOS and Android, HTML5, Chromebook, and Java 10.1.
You will need to install the Citrix Receiver twice for a complete end-to-end connection to be made.
Once on the end user's client device—there are many supported devices including iOS and Android—and once on the Windows virtual desktop (for Windows) that you will serve your users. This is done automatically when you install the Virtual Desktop Agent (VDA) on the Windows virtual desktop.
You need this Receiver to access the applications that are running on a separate application server (XenApp or XenDesktop).
StoreFront replaces the web interface. StoreFront 2.1 can also be used with XenApp and XenDesktop 5.5 and above. The operating systems that are supported are as follows:
Windows Server 2012 R2, Standard or Data center
Windows Server 2012, Standard or Data center
Windows Server 2008 R2 SP1, Standard or Enterprise
System requirements are as follows:
RAM: 2 GB
Microsoft Internet Information Services (IIS)
Microsoft Internet Information Services Manager
.NET Framework 4.0
Firewall ports – external:
As StoreFront is the gateway to the Site, you will need to open specific ports on the firewall to allow connections in, mentioned as follows:
Ports:
80(http) and443(https)
Firewall ports – internal:
By default, StoreFront communicates with the internal XenDesktop Delivery Controller servers using the following ports:
80(for StoreFront servers) and8080(for HTML5 clients)
You can specify different ports.
Note
For more information on StoreFront and how to plug it into the architecture, refer to http://support.citrix.com/article/CTX136547.
The supported Microsoft SQL Server versions are as follows:
SQL Server 2012 SP1, Express, Standard, and Enterprise Edition
SQL Server 2008 R2 SP2, Express, Standard, Enterprise, and Data center Edition
The following databases are also supported:
SQL Server clustered instances
SQL Server Mirroring
SQL Server 2012, AlwaysOn Availability Groups
The operating systems that are supported are as follows:
Windows 8.1, Pro and Enterprise
Windows 8, Pro and Enterprise
Windows 7, Pro, Enterprise, and Ultimate
Windows Server 2012 R2, Standard, and Data center
Windows Server 2012, Standard and Data center
Windows Server 2008 R2 SP1, Standard, Enterprise, and Data center
System requirements are as follows:
Disk space: 75 MB
Microsoft .NET Framework 3.5 SP1 (Windows 2008 R2 only)
Microsoft Management Console 3.0
Windows PowerShell 2.0 (Windows 7 and Windows 2008 R2) or PowerShell 3.0 (Windows 8.1, Windows 8, Windows 2012 R2, and Windows 2012)
The operating systems that are supported are as follows:
Windows Server 2012 R2, Standard or Data center Edition
Windows Server 2012, Standard or Data center Edition
Windows Server 2008 R2, Standard or Enterprise Edition
System requirements are as follows:
Disk space: 100 MB
Microsoft .NET Framework 3.5 SP1 (Windows 2008 R2 only)
Microsoft .NET 4.0
Windows PowerShell 2.0 (included with Windows 2008 R2) or PowerShell 3.0 (included with Windows 2012 R2)
Visual C++ 2005, 2008 SP1, and 2010 Redistributable Package
The operating systems that are supported are as follows:
Windows Server 2012 R2, Standard or Data center
Windows Server 2012, Standard or Data center
Windows Server 2008 R2 SP1, Standard or Data center
System requirements are as follows:
Disk space: 50 MB
Microsoft .NET Framework 4.0
Microsoft Internet Information Services (IIS) 7.0 and ASP.NET 2.0
The supported browsers to view Director are as follows:
Internet Explorer 11, 10, and 9 (IE 10 compatibility mode is not supported)
Firefox
Chrome
The VDA has also been referred to as the Delivery Agent (DA) in this book. It is available for both Windows desktop OSes as well as for Windows Server OSes.
The supported operating systems are as follows:
Windows 8.1, Pro or Enterprise
Windows 8, Pro or Enterprise
Windows 7 SP1, Pro, Enterprise, or Ultimate
Windows Server 2008 R2 SP1, Data center, Enterprise, or Standard
Windows Server 2012 R2, Standard or Data center
Windows Server 2012, Standard or Data center
Windows Server 2008 R2 SP1, Standard, Enterprise, or Data center
The installer automatically deploys the support components such as the Microsoft .NET Framework and the Visual C++ Runtime Library. The Visual C++ components are also available on the XenDesktop installation media in the Support folder.
Multimedia acceleration features for HDX require Microsoft Media Foundation to be installed prior to installing the VDA on the machine.
Note
To use a Windows XP or Vista machine in XenDesktop 7, you will need to install an earlier version of the Citrix VDA, which can be downloaded from the Citrix.com downloads website.
XenDesktop runs operating systems in VMs. These VMs exist on Hypervisors that run on top of the server hardware.
The supported Hypervisor operating systems are as follows:
Citrix XenServer 6.0.2, 6.1, and 6.2
VMware vSphere 5.0 update 2 and vSphere 5.1 update 1
Microsoft System Center Virtual Machine Manager 2012 R2, 2012 SP1, or 2012
Note
To see a list of server hardware that is compatible with XenServer, go to http://hcl.xensource.com. Click on the Servers link and select your XenServer version. I purchased a compatible server on eBay at a cheap price. For creating a production environment and to do anything with HDX 3D, you should purchase a new system with support.
A more exhaustive list of the supported Hypervisors can be found at http://support.citrix.com/article/CTX131239.
We are just about to get started with installing XenDesktop, but before we do, we need to do some initial assessment of the design. We need to think about what the XenDesktop Site will look like when we are finished, taking into account the number of users we want to service. The resulting design will tell us how much server, hardware, and storage capacity we will need, which FlexCast model to deploy, and which user groups to start with. We will also end up with an architecture diagram of the complete solution which will show how all the components fit together.
Tip
Ultimately, you can navigate to the Citrix Project Accelerator that has a handy tool to help you to quickly assess, design, and deploy your XenDesktop Site. It is located at http://project.citrix.com.
The Project Accelerator can be complex and confusing. Don't get caught up in it too much but use it as a general guideline.
To help guide you through the process, I have created a fictitious company called Xenpipe.com. For now, there is just one type of user at Xenpipe—normal users who require access to Microsoft Office applications. In future, we can add heavy bandwidth users who require access to design applications (HDX 3D), mobile users who require remote access, and task workers who don't require any personalization, just a locked-down desktop. After plugging this information into the Citrix Project Accelerator, we came up with the following table to help us size our deployment. We chose to implement a Hosted VDI solution because it provides the most common form of virtual computing to any device, such as thin clients, PCs, laptops, or mobile devices.
|
User group |
FlexCast |
Users |
Servers |
Hardware |
Storage |
|---|---|---|---|---|---|
|
Main HQ |
Hosted VDI |
10 |
1 physical 18 virtual |
21 cores 72 GB RAM |
723 GB HD 400 IOPS |
The resulting architecture will look as follows:
As you are building your infrastructure, it's important to know what type of protocols will run across your network. Sometimes, system administrators separate devices with network routers, switches, and firewalls that can block the XenDesktop implementation from working. The following is a list of protocols that you should allow through the routers, switches, and firewalls. All the Citrix protocols can be found in CTX Article 101810 at http://support.citrix.com/article/CTX101810.
|
Citrix product |
Protocol |
Port(s) |
Description |
|---|---|---|---|
|
License Manager Daemon |
TCP |
|
Handles license requests |
|
Citrix Vendor Daemon |
TCP |
|
Check-in and check-out of licenses |
|
License Management Console |
TCP |
|
Browser-based administration console |
|
Citrix Receiver |
TCP |
|
Communication with StoreFront or the NetScaler gateway |
|
ICA, HDX |
TCP |
|
Desktops and applications flow over this protocol |
|
Session Reliability |
TCP |
|
Session Reliability for ICA, HDX |
|
Management Console |
TCP |
|
Citrix Management Consoles |
|
XML Server |
TCP |
|
Desktop and application requests |
|
STA |
TCP |
|
Secure Ticket Authority embedded into XML service requests |
|
Citrix XenServer |
TCP |
|
Communication with XenServer |
|
Microsoft Hyper-V |
TCP |
|
SCVMM Administrator Console |
|
VMware vSphere |
TCP |
|
VMware Web Services communication |
|
Broker |
TCP |
|
Used for communication with VDA, SDK, and XML service |
|
Active Directory Identity Service |
TCP |
|
Used for Active Directory communications |
|
Configuration Service |
TCP |
|
Used by the configuration service |
|
Host Service |
TCP |
|
Used by the host service |
|
Machine Creation Service |
TCP |
|
Used by machine creation services |
|
Machine Identity Service |
TCP |
|
Used by machine identity services |
|
License Configuration Service |
TCP |
|
Used by the licensing service |
|
Desktop Director |
TCP |
|
Used by Desktop Director |
|
Virtual Desktop Agent |
TCP |
|
Communication with the Desktop Delivery Controller |
|
TCP |
|
Communication with the Desktop Delivery Controller for remote assistance | |
|
UDP |
|
HDX audio | |
|
TCP |
|
Communication with Desktop Director | |
|
Citrix Desktop Service |
TCP |
|
Used by the workstation agent to communicate with the Broker |
|
Database |
TCP |
|
Microsoft SQL Server |
|
XenCenter |
TCP |
|
SSH |
|
TCP |
|
Management using XenAPI | |
|
TCP |
|
VNC for Linux guests | |
|
TCP |
|
RDP for Windows guests | |
|
Resource Pool |
TCP |
|
SSH |
|
TCP |
|
Management using XenAPI | |
|
Infrastructure |
TCP/UDP |
|
Network Time Protocol |
|
TCP/UDP |
|
DNS | |
|
TCP |
|
Active Directory | |
|
TCP/UDP |
|
ISO Store: NetBIOS Session Service | |
|
TCP/UDP |
|
ISO Store: Microsoft-DS | |
|
Storage |
TCP |
|
iSCSI storage |
|
TCP |
|
NFS storage | |
|
TCP |
|
SOAP over HTTP StorageLink | |
Now you should have a good grasp of the components, system requirements, and terminology used in Citrix XenDesktop. This chapter also serves as a good reference to look back on as you move forward. Remember to use the Internet to search for XenDesktop sizing guides and best practices, and don't forget to try out the Citrix Project Accelerator at http://project.citrix.com.
Now that you have an understanding of what the XenDesktop Site will look like from the network diagram, components, terminology, and concepts, we will install XenDesktop. The next chapter discusses how to plan and execute the installation.
