Expand virtual machines hard disk – automation 7 Comments

Sometimes, at some customers's place, with an infrastructure already in place (XenApp with PVS or XenDesktop VDI pooled with PVS) the D: drive is too small. The drive where you redirect Windows Event Logs, Logs (UPM for example and/or other applications - services) This is a drive where page file is often redirected as well and even memory dump file generated. PVS cache can also be on this drive : Cache on device RAM with overflow on Hard Disk When RAM is zero, the target device write cache is only written to the local disk. When RAM is not zero, the target device write cache is written to RAM first. When RAM is full, the least recently used block of data is written to the local Write Cache disk to accommodate newer data on RAM. The amount of RAM specified is the non-paged kernel memory that the target device consumes. Cache on device Hard Disk The cache on local HD is stored in a file on a secondary local hard drive of the device. It gets created as an invisible file in the root folder of the secondary local HD. The cache file size grows, as needed, but never gets larger than the original vDisk, and often not larger than the free space on the original vDisk. It is slower than RAM cache, but faster than Server cache and works in a HA environment. The lack of space on this drive will bring some slowness in user's session and this drive needs to be expanded a bit to get back a normal user experience. To expand these disks two actions need to be done : Expand the Virtual Machine hard disk - in this example vmware Virtual Machines Expand the disk within the Operation System (Windows) In addition to the following script, psexec tool (Microsoft Sysinternal) is used to execute remotely the diskpart command listed in a text file (diskpart.txt) which is upload to the Virtual Machines. Targeted Virtual Machines need to be powered on. Psexec.exe and Diskpart.txt needs to be in the same folder as the Powershell script, of course you can specify their path as it suits your need.   This script is using XenDesktop / XenApp command to list all the Virtual Machines with SessionSupport value equal to SingleSession, it means the VDI only in my case. If you want to check the lust of Virtual Machines…

Load Balancing TFTP with Netscaler 10.5 30 Comments

Implementing Citrix Provisioning Services (PVS) is very common nowaday when it's about deploying Shared Desktops (XenApp) or Pooled, Private or Personal Desktops (XenDesktop). If there are still some debate around about using TFTP+PXE vs using BDM (Boot Device Manager) I still observe a large number of deployment made using TFTP+PXE rather than BDM. Both of these two solution have Pro and Cons (Check Wilco's website here) and this is an architectural choice you need to plan ahead the project. Using TFTP and PXE bring several spof along the line and need to be consider and design as the most resilient as the high availability require. TFTP is not redundant by design, using the DHCP 66 options (Boot Server Host Name) allow the use of only one IP address. and there is no redundance behind that. With Citrix Netscaler, Citrix gave us the ability to bring high availability to this spof and address this issue. With Netscaler previous version (prior 10.x) that wasn't that easy to setup and the understanding of Netscaler feature like Layer 2 Mode, DSR etc... And if you didn't understand exactly everything what you were doing, all the PVS traffic was going through the Netscaler and believe me, that was really pain in the ass... I saw that kind of mistake a number of time... With Netscaler 10.1 then 10.5 things are a lot more easy... So I just jump on the occasion I had at one customer's place to load balance 4 Citrix PVS servers (TFTP + PVS) to deliver this simple and fast how to. Information you need to gather : IP Adresses and name of all PVS servers (with TFTP) One IP Adress for the Virtual Server (VIP) One or more Netscaler 10.5 (I made this configuration with 10.5.51.10.nc) Here is a basic architecture overview of component we are impacting : Netscaler #1 and #2 : This is were the configuration will take place PVS Servers #1, #2, #3 and #4 : All the PVS / PXE / TFTP servers we will use in this example DHCP Servers #1 and #2 : This is where we will configure the 66 option by using the Load Balanced IP Address (VIP) VMs : All these Virtual Machines will use PXE to boot get the Load Balanced TFTP address to launch the ARDBP32.bin file.   Let's got for the Netscaler configuration, first you need to login, if you're using a multi Netscaler architecture you…

Citrix PVS vs MCS – Despectus 21 Comments

I know this subject has been cover thousand times here and there but this is an eternal discussion we have whatever the forum or the meeting going on when we speak about Citrix. To remind people not familiar with MCS or PVS here are the main differences : MCS : Machine Creation Service PVS : Provisioning Services All the blogs, articles, white papers are very good and very technical with a lot of details but lake too often of "real life" example. Of course this is important to know  detailed performance measuring iOPs in read and write, cache mode, disk and storage type etc. but what most of the time everyone is missing is a crucial component : complexity and ability of the technical team to handle PVS and/or MCS. At many of my customers place we've implemented PVS architecture on multi-site with DFS-R and SAN / NAS etc to provision XenApp 6.5 farm lightning fast and this is every time a success when everything is setup correctly and when everything works as expected. BUT the complexity we leave behind at the customer's place leave me a though that in 70% of the case, they will call us back to fix an issue they created while trying to handle PVS and surrounding component. 20% won't call us but nothing will change, event the XenApp servers will remain in the same state as when we left. Of course writing documentation and how to for everything won't solve this issue because managing XenApp servers provisioned with PVS is complex and needs good organisation and an understanding of the product. PVS is in version 7.1 (April 2014) and haven't evolve that much during last couple of years, some say PVS will disappear with time to let MCS take over, but I honestly don't know what are the plan for Citrix about PVS. But as PVS is an awesome technology, I think Citrix will bring more and more feature to MCS and keeping the simplicity while adding feature will be an interesting chalenge. To keep this topic short (that never happen when we speak about this during CTP meetings or forums :) ) I would say for large enterprise I would continue to use PVS on the current and new deployment but put in my customer's mind the overhead of complexity could cost more than intelligent storage solution (software, hardware) and introduce few desktops (XenDesktop…

Trend ServerProtect 5.80, XenApp 6.5 / PVS 3 Comments

AntiVirus software are always pain in the ass when it's about delivering desktops through golden images system like Citrix Provisioning Services. It's changing but still, in most of the company I'm working for there is always the AntiVirus dude who is yelling and requesting to be able to watch / watch and be able to know where the Antivirus software is deployed, if it's up to date and if all the machine are ok. Last blog I did about an antivirus was about Symantec SEP 11 (here) and Symantec did their job by understanding what was a virtual environment about with the version 12. With TrendMicro and ServerProtect, we're not there yet... Even if their product Office Scan seems to fit better the needs, today I had to deal with Trend Micro ServerProtect installed on the PVS golden images. The problem remain the same, a Trend GUID is created when installing the piece of software on the golden image but won't change across multi machine usage. The Trend GUID is located in the registry : HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ServerProtect\CurrentVersion\SpntService\NS_GUID with a 75 long character chain. What I had to do : Create a 75 random character string Replace the registry value create a flag so the value won't change at each reboot So I did with my crappy PowerShell skills a very small script (and thanks to Livio @EldejiPoint for the cleanup ^^ ) So this script will be executed as a startup script for the computer (using GPOs) and by creating a trend.txt file on the fixed drive (d:\) the generated Trend GUID won't change upon the file is removed. I hope it will help !

Citrix XenDesktop 7 – Create Persistent Hypervisor Connection and Hosting Unit, Unattended 13 Comments

I blogged about how to automate Citrix XenDesktop 7 deployment and database creation, and how to join and existing XenDesktop 7 site unattended, but now to continue and go a bit further in the automation process, I needed and wanted to know how to automate Hosting Configuration by Adding Connection and Resources to the DDC in an unattended way. This blog will cover creation process for XenServer 6.x and vCenter (vSphere) 5.1 since I don't have access to a Hyper-V (yet), I went over Citrix eDoc to check how I could do this and I found here : [link] Thanks to Livio for some PowerShell help :) It helps to understand whet need to be setup and after few tests I ended up writing this script to automate this part :   This script have been tested with Citrix XenDesktop7 and XenServer 6.2 and vSphere 5.1

Citrix XenDesktop 7 – Installation 14 Comments

XenDesktop 7 is now available with different features and entitlements (link) and yes there is a lot to read on this webpage but most of everything is already known features. So I will just write now what I read between the line : No more Citrix Streaming Application (RIP) in favor of Microsoft APP-V XenServer is now version 6.2 and Open Source ! http://www.xenserver.org/ Seamless Local Apps is now official and build-in. PVS is version 7 now and MCS continue its evolution. (I'll come back later on a blog post about that) Edgesight is included in XenDesktop 7 (Another blog post subject) Storefront is now version 2 Receiver for Windows is v4 Windows 8 and Windows 2012 supported Many other changes I need to cover later on Several editions are available today : Now this is time to show you how the installation process, pretty straight forward as I already mention and this is for those who are curious about this new version and don't have tie to POC it or try it right away.   To download Citrix XenDesktop 7, this is the way -> [link] XenDesktop 7 Edocs : [link] XenDesktop 7 Admin Guide : [link] XenDesktop 7 Upgrade Guide : [link] XenDesktop 7 Install Guide : [link]

This blog is what you're looking for if : You are using SEP 11 with PVS and XenDesktop 4 / 5 / 5.5 If your VMs have a "Persona" drive (D: for ex) Windows XP VMs (it should work with Windows 7 as well) If you don't want or you cannot use PVS Personality Strings The SEP11 administrator is becoming crazy because all the XenDesktop VMs are creating new entries at every reboot. Using an antivirus software on a VDI plate form is a discussion often see here and there but this time the question wasn't if I needed to install an antivirus or not, Symantec Endpoint Protection was already installed and running on my customer Citrix XenDesktop 4 / PVS 5.6 sp1 infrastructure. SEP11 (Short name for Symantec EndPoint Protection) was installed and was running well on the PVS distributed pool VMs. Yesterday the SEP administrator came to me and complained about the fact XenDesktop VMs were generating new entry in the SEP11 administration console every time they were rebooted and every morning he was forced to move all the object in the VDI node and delete all the past entries... But everything was working... I guess this administrator might have fund that a bit boring, he just complained and continued to do this tack every day and when he wasn't here, no one was taking care of that manual task. XenDesktop VMs needed to be in the VDI node because the exclusion in place were important for VMs performances : PVS cache file Event logs EdgeSight firebird database etc etc... When no one was doing this task, the Vms were generating new object in the default node where no specific exclusion were done... It did bring some performance issue now and then. First though was to use personality string (PVS feature) but I didn't want to bring another feature in the game as people managing this infrastructure weren't really aware of this PVS feature. All the Symantec technotes (link) about their antivirus and PVS are based on personality string usage so I needed to figure out another way to personalize each VM with their own GUID. After many tests and many solutions found over the Internet, nothing was working well, every time a very was rebooted, a new entry appear in the SEP11 administration console. So decided to go all by myself and try to find out an…

In a new mission, I had to learn a new environment based on Citrix XenDesktop 4, Provisioning Services 5.6 and vmware vSphere 4.1. This week, I had a weird issue, I didn't change anything, I just didn't understood why suddenly VMs stopped to be available, in fact VMs were available but for some reason, it was impossible for everyone to access it through the Web Interface. VMs were working well XenDesktop brokers were fine Web Interface was ok Citrix License Server was up and running with correct license vmware vSphere was ok as well, VMs were running without any problem on it On the Web Interface, the following message was display while trying to launch a XenDesktop virtual desktop : "xxxxx is currently unavailable. try reconnecting and, if the problem persists, contact your administrator." On the DDC, XenDesktop Desktop Delivery Controller, I found event logs with ID 1301, source : Citrix Desktop Delivery Controller, with the following description : "The delivery controller failed to broker a connection for user xxxxx to desktop group yyyyy. The delivery controller cannot find any available virtual desktops. Please add more virtual desktops to the desktops group. If the problem is due to existing virtual desktops not becoming available, refer to Citrix Knowledge Base article CTX117248 for further information." It look like a communication problem between XenDesktop DDCs and vmware Virtual Center, so I checked every component, DDCs, Virtual Center.... I found nothing really relevant. So the next step was to enable extended logs on the DDC side, after a short search on Citrix website I found how to do do with CTX117452. I got a lot of logs, but after one day scratching my head to try to understand why without changing anything I had such behavior, I just had bunch of logs but I was missing something... Here is a short part of the pool_log.log file : I also took a log in the virtual desktops pool properties to check if everything was alright... It wasn't :   All the VMs within the Citrix Delivery Service Console were disassociated with Active Directory and a message confirm I had communication problem between vmware Virtual Center and Citrix XenDesktop : "Virtual machines could not be retrieved from the hosting infrastructure" and then a pop-up saying : "Error occurred whilst validating the list of virtual desktops. For more information about each error, hover the mouse over…

Worker Groups and Policies are some of the feaures included in Citrix XenApp 6. I know this version isn't deployed wildly and tehre are many reasons I won't speak about here; you can still read a blog and very interresting comments about that here : http://www.archy.net/2010/09/21/citrix-xenapp-6-why-it-doesnt-spread/ I work with Citrix Education to build exams for XenApp 6 Basic Administration and Advanced Administation and in order to do it, I needed to know every XenApp 6 new features. I tried everything with the Technical Preview release when XenApp 6 was still XenApp for Windows 2008 R2. Now I want to share and blog about two major features, Worker Groups and Policies because I think it can dramatically improve your productivity and accelerate your deployments. What are Worker Groups ? Worker groups are collections of XenApp servers, residing in the same farm, that are managed as a single unit. Using worker groups, you can: Streamline application publishing to multiple farm servers Load balance access to published resources Filter policies so that settings are applied only to sessions hosted on a specific set of farm servers When using worker groups, consider the following: A farm server can belong to multiple worker groups A worker group can include any number of XenApp servers or none at all Only servers that belong to the same XenApp farm are included in a worker group Above writting is the Citrix definition, I made a shorter version bellow : Manage XenApp servers collectively as “worker groups” Assign published applications and policies to worker groups Worker groups contain farm servers or domain OUs Servers added to a worker groups inherit settings, policies, applications  and Load Balancing Policies Using Worker Group to publish applications The "old" way to publish application is : adding a new XenApp server then opening each published application properties to add the new server. The new server is on the right and multiple actions need to be taken before making the server available to users with the same published application as the other XenApp serveurs. You can still publish your applications this way with XenApp 6. The "new" way using Worker Groups is much more simple. Instead of publishing your application to XenApp servers, you choose a Worker Group. The Worker Group I created is based on Active Directory OU, so every time a XenApp server is move in to the correct OU, as published applications are…