1
© 2007 Citrix Systems, Inc. — All rights reserved
XenDesktop 5 Master Class – Part 2
Agenda
Management Consoles Architecture
Complete Slide Deck Available at - http://dl.dropbox.com/u/7694439/XD5-MC.rar Facebook - http://www.facebook.com/pages/XenDesktop/122274557845352
Twitter - http://twitter.com/#!/XenDesktopEMEA
XenDesktop 5 Master Class – Part 2
Agenda
Management Consoles Architecture
Complete Slide Deck Available at - http://dl.dropbox.com/u/7694439/XD5-MC.rar Facebook - http://www.facebook.com/pages/XenDesktop/122274557845352
Twitter - http://twitter.com/#!/XenDesktopEMEA
XenDesktop 5
paul.murray@eu.citrix.com
Senior Systems Engineer, EMEA
Management Consoles
• XenDesktop 4 had a lot of consoles.
• Due to a patchwork of different products.
• XenDesktop 5 has two (main) consoles.
• Desktop Studio (DS)
• Configuration, Deployment.
• Desktop Director (DD).
• Daily Management and Monitoring.
A console for everything…
Desktop Studio
WCF
Desktop Studio Architecture
Desktop Studio
Desktop Studio XD ServicesXD Services
Scripts Scripts
Broker Broker
MCSMCS HostHost
AD Identity AD Identity Configuration Configuration
XenServer VDAs
etc
XenServer VDAs
etc
Active Directory
Active Directory
PvSPvS54321
UIUI
PoSH Interface Interface
• Very Flexible Filtering
• Select Parameters via pull down
• Rich Details
• Machine Status
Desktop Studio – Searching
• Add, Remove Desktop Director Admins
• View Controllers in a Site
• View and Configure
• Hosts
• Host Connections
• Storage
Advanced Configuration
Desktop Director
• Provides a single, detailed and intuitive overview of XenDesktop
• Summarizes real-time desktop and virtual machine issues
• Machine Usage Metrics
• Host and controller health information
• Information is aggregated from multiple sources
• XenDesktop controller, Citrix Profile management
• Citrix License Server, WinRM, Active Directory
• No historical data (That’s why we have EdgeSight)
Desktop Director
Administration Components – Desktop Director
Windows Metrics Windows Metrics
PortICA PortICA
Workstation Agent Workstation Agent WCF
WMI/WBEM
XD Services XD Services
Broker Broker MCSMCS
HostHost AD Identity AD Identity Configuration Configuration DMC website DMC website WCF
HTTPS
WCF
Machine / Session Status
Machine Details
Session Details
HDX Details
Activity Details
• Desktop Studio (DS)
• Configuration, Deployment.
• Desktop Director (DD).
• Daily Management and Monitoring.
Summary
XenDesktop 5
New Concepts
• Site
• A collection of XenDesktop Controllers and sharing a common database.
• Recommended not to spread WAN networks
• Can contain host connections from various Hypervisors.
• Previously known as a “farm” in XenDesktop 4
• Defines the XenDesktop 5 Management Realm
• Hosts (Hosting Unit)
• Infrastructure comprised of hypervisors, storage and other virtualization components such as networks that is needed to run the Virtual Desktops
• A site can have multiple host connections (multiple Hypervisors)
New Concepts in XenDesktop 5
• Catalogs
• A collection or pool of similar machine types.
• Catalogs are used to populate desktop groups.
• Contains the base image, AD computer accounts for the Desktop.
• Can include machines from 1 or more hypervisors.
• Can be split into as many Desktop Groups as needed.
New Concepts in XenDesktop 5
Catalog Catalog
Hypervisor Hypervisor
Desktop Group 1 Desktop
Group 1 Desktop Group 2 Desktop
Group 2 Desktop Group 3 Desktop Group 3
Hypervisor Hypervisor
Desktop Machine Types Desktop Machine Types
Pooled
Pooled Dedicated Dedicated Existing Existing Physical Physical Streamed Streamed
Direct copies of the master VM. Changes are not persisted. (Random / Static) Permanently assigned to individual users. Changes are persisted.
VM’s that were previously created.
Desktops hosted on dedicated blade servers
vDisk imaged from a master target device with PVS
• Desktop Groups
• Contains machines from one or more catalogs.
• Not limited to a single hypervisor pool.
• Desktop Groups are assigned to users.
• Desktop Rules and Power Polices are applied to Desktop Groups.
• A single user may access multiple desktops in a Desktop Group or a single desktop may be assigned to multiple users.
New Concepts in XenDesktop 5
Summary Of The Changes
XenDesktop 4 XenDesktop 5
• Farm
• Desktop Group
• DDC / Broker / Controller
• IMA datastore
• XML Blob
• Terminal Services
• Site
• Catalog with Desktop Group
• XenDesktop Controller
• SQL database
• Full Armor Policy
• Removed Dependency
Deployment Examples
Increased Scale / Resilience
Site-based deployment
Delivery Controller
Delivery Controller
Delivery Controller
Delivery Controller
Delivery Controller
Delivery Controller
• SQL Mirror
• SQL Cluster
• HA VM
Delivery Controller
Delivery Controller
Delivery Controller
Delivery Controller
Delivery Controller
Delivery Controller
• SQL Mirror
• SQL Cluster
• HA VM
Increased Scale / Resilience
Before:
Desktop Group
Desktop Group Hypervisor PoolHypervisor Pool
After:
Desktop Group
Desktop Group Hypervisor PoolHypervisor Pool
Hypervisor Pool Hypervisor Pool
Hypervisor Pool Hypervisor Pool Desktop Group
Desktop Group
Desktop Group Desktop Group
X X
X
Max size of Desktop Group based on size of Hypervisor Pool
Max size of Desktop Group based on size of Hypervisor Pool Failure = loss of entire Desktop Group Failure = loss of entire
Desktop Group
Mix and Match – lower failure impact No architectural limit on group size Mix and Match – lower failure impact No architectural limit on group size
Increased Scale / Resilience
Before:
After:
Broker Broker
Broker (ZDC) Broker (ZDC)
Broker Broker
Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool
At high-scale:
• Single Broker is bottle-neck for all launches & VM management
• Extra brokers for ‘registration’
Broker Broker Broker Broker
Broker (failed) Broker (failed)
Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool Hyp Pool
At high-scale:
• Broker for each Hypervisor pool
• On broker failure, another takes over
• Adding Brokers adds scale
• Even work distribution
Increased Scale / Resilience
Before:
After:
Web Interface Web Interface
Web Interface Web Interface
Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller
zone data collector
site
Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller Delivery Controller
• No specialist Controller
• No zone data collector
Increased Scale / Resilience
Desktop Group
Desktop Group DesktopDesktop
Desktop Desktop Desktop Desktop Desktop Group
Desktop Group User with multiple similar Desktops
One Desktop Group for each kind of desktop
One Desktop Group for each kind of desktop
Desktop Group
Desktop Group DesktopDesktop
One Desktop Group for each extra desktop
One Desktop Group for each extra desktop
Before
After
Architecture
Server Side
SQL Server SQL Server Machine Creation
Services
Broker Services
Infrastructure Services
XenDesktop 5 Architecture
XenDesktop Controller XenDesktop Controller
Broker Service
Broker Service Machine
Creation Service Machine Creation
Service
AD Identity Service AD Identity
Service
Machine Identity Service Machine
Identity Service
Host Service Host Service
Configuration Service Configuration
Service Desktop Studio
Desktop Studio Desktop DirectorDesktop Director
PowerShell WCF
Virtual Desktop
Virtual Desktop
NOTE: Greatly Simplified Communication
• Service instances are stateless as much as possible.
• The Service state is held centrally in the database.
• Controllers are “interchangeable”
• Each of the broker service modules can process requests from other components.
• Thus there is no dependency on a particular controller server in the site.
XenDesktop Controller Services
• “Blocks” of functionality that run on only one DDC at a time
• However, it DOES NOT cause a bottleneck.
• The load is so low as to be negligible.
• Used for “site-wide” operations.
• Configurable via PowerShell
• Get-BrokerController shows which site service
functions are being performed by which Controllers.
• Get-BrokerSite show which broker is running the site service
• Site Services allocated to controllers automatically.
• Brokers maintain a heartbeat and failover takes place in the event of failure.
Site Services
• Functionality modules that running in the Broker Service including;
• Controller Reaper – Finds and marks failed controllers
• Broker Reaper – Finds and kills expired launch sessions.
• Licensing – communicates with license server
• Power Policy – manages idle pool levels and initiates policy power actions
What does Site Services do?
• One site service for each broker hypervisor connection,
• ‘Set-BrokerHypervisorConnection’ sets the ‘preferred’ Controller to run Hypervisor site service
• This is the only part of the broker that communicates with the hypervisors
• This limits the number of connections from servers that the hypervisor has to cope with.
Hypervisor Connection Site Service
XenDesktop Controller
Broker Service
• Responsible for most of the day to day activity of a Site
• Controls and chooses the desktops (and applications) to be “brokered” to users.
• Processes registrations and status updates from VDAs.
• Passes this data to the database.
• Controls the power state of machines according to policy and user demands.
• Passes status of XenDesktop “site” to admin consoles
• Enforces licensing.
• Interacts with Web Interface via XML Services
Broker Service – What does it do?
• MCS services
• Uses WCF to communicate with the Machine Identity Service
• e.g. Reset the disks associated with a VM immediately prior to starting that VM.
• Infrastructure Services
• Uses WCF to communicate with the Configuration Service and Host Service.
• The Config Service is used to find the location of infrastructure and MCS services
• The Host Service is used to obtain details about hypervisor connections
• Hypervisors – There is no direct interaction with Hypervisors.
• All hypervisor interaction is performed via the Hypervisor Communications Library
Broker Interaction with other Rhone Components
• CBP (Connection Brokering Protocol) interaction with VDA
• Uses WCF connections to communicate with the workstation agent service on the VDA.
• Duties Include
• Registration
• Launch sequence
• Status updates such as session state, user logged in, PortICA stack state etc
• Session Control such as disconnected or terminated
Broker Interaction with the VDA
• Controls the power state of the configured VDA machines
• Interacts with hypervisors via HCL (Hypervisor Communication Library)
• Not limited to a single hypervisor
• Manages “properties” such as
• Power actions and throttling (Power State Changes)
• Power policy
• Running / Idle pool management
Broker Interaction with Hosting Management Module
• XML Services are a component of the Broker.
• Interaction with WI via XML protocols over http(s)
• NFuse XML Service (wpnbr)
• handles user login/validation, desktop / application enumeration, launch and session control (‘WorkSpace Control’).
• Machine Control XML service handles user-driven desktop reset of VM’s
• Admin XML service is used to change a users password
• STA XML Service used by Access Gateway to control/ track user sessions
Broker Interaction with XML Services Module.
XenDesktop Controller
Infrastructure Services
• Configuration Service (CCS)
• Register services that form part of the XenDesktop deployment
• Provides directory services to all other Rhone services including itself.
• Allows all the services that form part of Rhone to register the services that they offer
• Provides location facilities to the other registered services so that they can directly contact them.
Configuration And Host Services
• Host Service (HUS)
• Create and Manage connections to the Hypervisor for;
• XenServer (standalone host or a single XenServer Pool)
• VMWare ESX (via VMWare vCenter)
• Microsoft Hyper-V (via System Center Virtual Machine Manager (SCVMM))
• ‘Custom’ 3rd party hypervisors (requires 3rd party plugin)
• The Host Service is akin to Pool Management in XD4.
• Also interacts with MCS at the Provisioning Stage
Configuration And Host Services
• Idle Pool Count is configured under "Power Management" in the properties of Assignments
• Stops/starts performed via the hypervisor are queued in the SQL database (Hosting Action Queue Manager)
Power Action Queues
XenDesktop Controller
Machine Creation Services
• Provisions the virtual machines that are brokered to users.
• Uses a “Provisioning’ Scheme
• VM’s are based on a ‘Master Image’
• The VMs can be shared or private mode.
• Shared Mode – The OS disk image will be reset back to its initial state after each restart that the broker initiates.
• Private Mode – The OS disk image will be retained across boots, allowing the machine to be used in a more traditional desktop mode.
• Each VM consists of an Difference disk and an Identity disk.
• The Diff (OS) disk provides the operating system.
• The Identity disk provides the AD computer account information
Machine Creation Services – The Real VDI
• Machine Creation Service
• Responsible for the creation of the VMs
• Uses AD Identity Service and Machine Identity Service to create Provisioned Machines.
• Maintenance of the master image that is used to provide the desktops.
MCS is 3 Server Based Services
• AD Identity Service
• Creates / Manages AD computer accounts and passwords to provide the identity for Provisioned Machines.
• AD computer accounts get created by the AD Identity Service
• Existing AD computer accounts can be imported.
MCS is 3 Server Based Services
• Machine Identity Service
• Create OS and Identity disks for VMs (provision)
• Remove OS and Identity disks for VMs (deprovision)
• Manages storage attached to provisioned VMs
• Ensures a fresh Diff disk is attached to the VM at boot
• Ensures the ID Disk is attached to the VM at boot time (used by the Machine Identity Service Client to provide the Computer Account)
• Update of OS disk (reset VM functionality)
MCS is 3 Server Based Services
• Machine Identity Agent
• Component that resides on the VDA
• Ensures VDA Identity within the domain
• Maintains the computer AD password of the Virtual Desktop
• There is no direct communication between the Machine Creation Services and the Machine Identity Agent
• The Machine Identity Service provides the information required by the Machine Identity Agent via files on the Identity disk
• These files are created by the Machine Identity Service at machine provisioning time and mounted against the appropriate VM.
And 1 Workstation Based Service
When to use which …..
Machine Creation Services Provisioning Services
• POC Production
• Less Complex VDI
• Scalability numbers later
• VDI Only
• POC Production
• Complex VDI, Flexcast
• Scalability known
• FlexCast
How simple can it get
Machine Creation Services Provisioning Services
• No Streaming, No PXE
• Uses VHD Chaining
• Writes go to Diff Disk
• Reads come from “Base”