XenDesktop 5 Master Class – Part 2

(1)

1

XenDesktop 5 Master Class – Part 2

Agenda

Management Consoles Architecture

Complete Slide Deck Available at - http://dl.dropbox.com/u/7694439/XD5-MC.rar Facebook - http://www.facebook.com/pages/XenDesktop/122274557845352

Twitter - http://twitter.com/#!/XenDesktopEMEA

XenDesktop 5 Master Class – Part 2

Agenda

Management Consoles Architecture

Complete Slide Deck Available at - http://dl.dropbox.com/u/7694439/XD5-MC.rar Facebook - http://www.facebook.com/pages/XenDesktop/122274557845352

Twitter - http://twitter.com/#!/XenDesktopEMEA

(2)

XenDesktop 5

paul.murray@eu.citrix.com

Senior Systems Engineer, EMEA

(3)

Management Consoles

(4)

• XenDesktop 4 had a lot of consoles.

• Due to a patchwork of different products.

• XenDesktop 5 has two (main) consoles.

• Desktop Studio (DS)

• Configuration, Deployment.

• Desktop Director (DD).

• Daily Management and Monitoring.

A console for everything…

(5)

Desktop Studio

(6)

WCF

Desktop Studio Architecture

Desktop Studio

Desktop Studio XD ServicesXD Services

Scripts Scripts

Broker Broker

MCSMCS HostHost

AD Identity AD Identity Configuration Configuration

XenServer VDAs

etc

XenServer VDAs

etc

Active Directory

^PvS^PvS

54321

UIUI

PoSH Interface Interface

(7)

• Very Flexible Filtering

• Select Parameters via pull down

• Rich Details

• Machine Status

Desktop Studio – Searching

(8)

• Add, Remove Desktop Director Admins

• View Controllers in a Site

• View and Configure

• Hosts

• Host Connections

• Storage

Advanced Configuration

(9)

Desktop Director

(10)

• Provides a single, detailed and intuitive overview of XenDesktop

• Summarizes real-time desktop and virtual machine issues

• Machine Usage Metrics

• Host and controller health information

• Information is aggregated from multiple sources

• XenDesktop controller, Citrix Profile management

• Citrix License Server, WinRM, Active Directory

• No historical data (That’s why we have EdgeSight)

Desktop Director

(11)

Administration Components – Desktop Director

Windows Metrics Windows Metrics

PortICA PortICA

Workstation Agent Workstation Agent WCF

WMI/WBEM

XD Services XD Services

Broker Broker MCSMCS

HostHost AD Identity AD Identity Configuration Configuration DMC website DMC website WCF

HTTPS

WCF

(12)

Machine / Session Status

Machine Details

Session Details

HDX Details

Activity Details

(13)

• Desktop Studio (DS)

• Configuration, Deployment.

• Desktop Director (DD).

• Daily Management and Monitoring.

Summary

(14)

XenDesktop 5

New Concepts

(15)

• Site

• A collection of XenDesktop Controllers and sharing a common database.

• Recommended not to spread WAN networks

• Can contain host connections from various Hypervisors.

• Previously known as a “farm” in XenDesktop 4

• Defines the XenDesktop 5 Management Realm

• Hosts (Hosting Unit)

• Infrastructure comprised of hypervisors, storage and other virtualization components such as networks that is needed to run the Virtual Desktops

• A site can have multiple host connections (multiple Hypervisors)

New Concepts in XenDesktop 5

(16)

• Catalogs

• A collection or pool of similar machine types.

• Catalogs are used to populate desktop groups.

• Contains the base image, AD computer accounts for the Desktop.

• Can include machines from 1 or more hypervisors.

• Can be split into as many Desktop Groups as needed.

New Concepts in XenDesktop 5

Catalog Catalog

Hypervisor Hypervisor

Desktop Group 1 Desktop

Group 1 Desktop Group 2 Desktop

Group 2 Desktop Group 3 Desktop Group 3

Hypervisor Hypervisor

(17)

Desktop Machine Types Desktop Machine Types

Pooled

Pooled Dedicated Dedicated Existing Existing Physical Physical Streamed Streamed

Direct copies of the master VM. Changes are not persisted. (Random / Static) Permanently assigned to individual users. Changes are persisted.

VM’s that were previously created.

Desktops hosted on dedicated blade servers

vDisk imaged from a master target device with PVS

(18)

• Desktop Groups

• Contains machines from one or more catalogs.

• Not limited to a single hypervisor pool.

• Desktop Groups are assigned to users.

• Desktop Rules and Power Polices are applied to Desktop Groups.

• A single user may access multiple desktops in a Desktop Group or a single desktop may be assigned to multiple users.

New Concepts in XenDesktop 5

(19)

Summary Of The Changes

XenDesktop 4 XenDesktop 5

• Farm

• Desktop Group

• DDC / Broker / Controller

• IMA datastore

• XML Blob

• Terminal Services

• Site

• Catalog with Desktop Group

• XenDesktop Controller

• SQL database

• Full Armor Policy

• Removed Dependency

(20)

Deployment Examples

Increased Scale / Resilience

(21)

Site-based deployment

Delivery Controller

• SQL Mirror

• SQL Cluster

• HA VM

Delivery Controller

• SQL Mirror

• SQL Cluster

• HA VM

(22)

Increased Scale / Resilience

Before:

Desktop Group

Desktop Group Hypervisor PoolHypervisor Pool

After:

Desktop Group

Desktop Group Hypervisor PoolHypervisor Pool

Hypervisor Pool Hypervisor Pool

Hypervisor Pool Hypervisor Pool Desktop Group

Desktop Group

Desktop Group Desktop Group

X X

X

Max size of Desktop Group based on size of Hypervisor Pool

Max size of Desktop Group based on size of Hypervisor Pool Failure = loss of entire Desktop Group Failure = loss of entire

Desktop Group

Mix and Match – lower failure impact No architectural limit on group size Mix and Match – lower failure impact No architectural limit on group size

(23)

Increased Scale / Resilience

Before:

After:

Broker Broker

Broker ^(ZDC) Broker (ZDC)

Broker Broker

Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool

At high-scale:

• Single Broker is bottle-neck for all launches & VM management

• Extra brokers for ‘registration’

Broker Broker Broker Broker

Broker ^(failed) Broker (failed)

Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool

At high-scale:

• Broker for each Hypervisor pool

• On broker failure, another takes over

• Adding Brokers adds scale

• Even work distribution

(24)

Increased Scale / Resilience

Before:

After:

Web Interface Web Interface

Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller

zone data collector

site

Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller

• No specialist Controller

• No zone data collector

(25)

Increased Scale / Resilience

Desktop Group

Desktop Group DesktopDesktop

Desktop Desktop Desktop Desktop Desktop Group

Desktop Group User with multiple similar Desktops

One Desktop Group for each kind of desktop

Desktop Group

Desktop Group DesktopDesktop

One Desktop Group for each extra desktop

Before

After

(26)

Architecture

Server Side

(27)

SQL Server SQL Server Machine Creation

Services

Broker Services

Infrastructure Services

XenDesktop 5 Architecture

XenDesktop Controller XenDesktop Controller

Broker Service

Broker Service Machine

Creation Service Machine Creation

Service

AD Identity Service AD Identity

Service

Machine Identity Service Machine

Identity Service

Host Service Host Service

Configuration Service Configuration

Service Desktop Studio

Desktop Studio Desktop DirectorDesktop Director

PowerShell WCF

Virtual Desktop

NOTE: Greatly Simplified Communication

(28)

• Service instances are stateless as much as possible.

• The Service state is held centrally in the database.

• Controllers are “interchangeable”

• Each of the broker service modules can process requests from other components.

• Thus there is no dependency on a particular controller server in the site.

XenDesktop Controller Services

(29)

• “Blocks” of functionality that run on only one DDC at a time

• However, it DOES NOT cause a bottleneck.

• The load is so low as to be negligible.

• Used for “site-wide” operations.

• Configurable via PowerShell

• Get-BrokerController shows which site service

functions are being performed by which Controllers.

• Get-BrokerSite show which broker is running the site service

• Site Services allocated to controllers automatically.

• Brokers maintain a heartbeat and failover takes place in the event of failure.

Site Services

(30)

• Functionality modules that running in the Broker Service including;

• Controller Reaper – Finds and marks failed controllers

• Broker Reaper – Finds and kills expired launch sessions.

• Licensing – communicates with license server

• Power Policy – manages idle pool levels and initiates policy power actions

What does Site Services do?

(31)

• One site service for each broker hypervisor connection,

• ‘Set-BrokerHypervisorConnection’ sets the ‘preferred’ Controller to run Hypervisor site service

• This is the only part of the broker that communicates with the hypervisors

• This limits the number of connections from servers that the hypervisor has to cope with.

Hypervisor Connection Site Service

(32)

XenDesktop Controller

Broker Service

(33)

• Responsible for most of the day to day activity of a Site

• Controls and chooses the desktops (and applications) to be “brokered” to users.

• Processes registrations and status updates from VDAs.

• Passes this data to the database.

• Controls the power state of machines according to policy and user demands.

• Passes status of XenDesktop “site” to admin consoles

• Enforces licensing.

• Interacts with Web Interface via XML Services

Broker Service – What does it do?

(34)

• MCS services

• Uses WCF to communicate with the Machine Identity Service

• e.g. Reset the disks associated with a VM immediately prior to starting that VM.

• Infrastructure Services

• Uses WCF to communicate with the Configuration Service and Host Service.

• The Config Service is used to find the location of infrastructure and MCS services

• The Host Service is used to obtain details about hypervisor connections

• Hypervisors – There is no direct interaction with Hypervisors.

• All hypervisor interaction is performed via the Hypervisor Communications Library

Broker Interaction with other Rhone Components

(35)

• CBP (Connection Brokering Protocol) interaction with VDA

• Uses WCF connections to communicate with the workstation agent service on the VDA.

• Duties Include

• Registration

• Launch sequence

• Status updates such as session state, user logged in, PortICA stack state etc

• Session Control such as disconnected or terminated

Broker Interaction with the VDA

(36)

• Controls the power state of the configured VDA machines

• Interacts with hypervisors via HCL (Hypervisor Communication Library)

• Not limited to a single hypervisor

• Manages “properties” such as

• Power actions and throttling (Power State Changes)

• Power policy

• Running / Idle pool management

Broker Interaction with Hosting Management Module

(37)

• XML Services are a component of the Broker.

• Interaction with WI via XML protocols over http(s)

• NFuse XML Service (wpnbr)

• handles user login/validation, desktop / application enumeration, launch and session control (‘WorkSpace Control’).

• Machine Control XML service handles user-driven desktop reset of VM’s

• Admin XML service is used to change a users password

• STA XML Service used by Access Gateway to control/ track user sessions

Broker Interaction with XML Services Module.

(38)

XenDesktop Controller

Infrastructure Services

(39)

• Configuration Service (CCS)

• Register services that form part of the XenDesktop deployment

• Provides directory services to all other Rhone services including itself.

• Allows all the services that form part of Rhone to register the services that they offer

• Provides location facilities to the other registered services so that they can directly contact them.

Configuration And Host Services

(40)

• Host Service (HUS)

• Create and Manage connections to the Hypervisor for;

• XenServer (standalone host or a single XenServer Pool)

• VMWare ESX (via VMWare vCenter)

• Microsoft Hyper-V (via System Center Virtual Machine Manager (SCVMM))

• ‘Custom’ 3rd party hypervisors (requires 3rd party plugin)

• The Host Service is akin to Pool Management in XD4.

• Also interacts with MCS at the Provisioning Stage

Configuration And Host Services

(41)

• Idle Pool Count is configured under "Power Management" in the properties of Assignments

• Stops/starts performed via the hypervisor are queued in the SQL database (Hosting Action Queue Manager)

Power Action Queues

(42)

XenDesktop Controller

Machine Creation Services

(43)

• Provisions the virtual machines that are brokered to users.

• Uses a “Provisioning’ Scheme

• VM’s are based on a ‘Master Image’

• The VMs can be shared or private mode.

• Shared Mode – The OS disk image will be reset back to its initial state after each restart that the broker initiates.

• Private Mode – The OS disk image will be retained across boots, allowing the machine to be used in a more traditional desktop mode.

• Each VM consists of an Difference disk and an Identity disk.

• The Diff (OS) disk provides the operating system.

• The Identity disk provides the AD computer account information

Machine Creation Services – The Real VDI

(44)

• Machine Creation Service

• Responsible for the creation of the VMs

• Uses AD Identity Service and Machine Identity Service to create Provisioned Machines.

• Maintenance of the master image that is used to provide the desktops.

MCS is 3 Server Based Services

(45)

• AD Identity Service

• Creates / Manages AD computer accounts and passwords to provide the identity for Provisioned Machines.

• AD computer accounts get created by the AD Identity Service

• Existing AD computer accounts can be imported.

MCS is 3 Server Based Services

(46)

• Machine Identity Service

• Create OS and Identity disks for VMs (provision)

• Remove OS and Identity disks for VMs (deprovision)

• Manages storage attached to provisioned VMs

• Ensures a fresh Diff disk is attached to the VM at boot

• Ensures the ID Disk is attached to the VM at boot time (used by the Machine Identity Service Client to provide the Computer Account)

• Update of OS disk (reset VM functionality)

MCS is 3 Server Based Services

(47)

• Machine Identity Agent

• Component that resides on the VDA

• Ensures VDA Identity within the domain

• Maintains the computer AD password of the Virtual Desktop

• There is no direct communication between the Machine Creation Services and the Machine Identity Agent

• The Machine Identity Service provides the information required by the Machine Identity Agent via files on the Identity disk

• These files are created by the Machine Identity Service at machine provisioning time and mounted against the appropriate VM.