Digital Workspace, Part 1: Citrix
Speaking about the spacecraft, plowing the expanses of the Bolshoi Theater digital transformation of companies, no one gives an explanation of what specific steps need to be taken to come to this very digital era. In this series of articles we will not talk about everything at once, but tell you about one of the directions - digitalization of the workspace (digital workspace). We describe how each of the leading manufacturers of the region understands it, and what IT professionals can do with all this.
The IT world does not stand still: each vendor develops its products and contributes something new to the line of equipment and software. Citrix, as a leader in virtualization, network load balancing and user collaboration solutions, recently introduced new products. The main directions actively developed by the vendor are terminal services and desktop virtualization (VDI).
When designing IT projects, we solve many problems. Often the first is the choice between a terminal solution and VDI. Virtualization technology is more expensive when calculating budget estimates, but it allows you to create an isolated environment with a guest operating system. The use of an isolated operating system by each client increases the security of the environment and avoids application conflicts. In a terminal environment, situations arise when one application cannot work in multi-user mode. You can answer the question “what to choose?” By deploying solutions from Citrix in test mode and checking compatibility with applications used in a particular company.
')
Suppose we stopped at VDI. In addition to the main introductory (number of users, integrated applications, technical parameters of one virtual place, etc.), you need to answer the question - to what extent do you need to save the changes made in the virtual workplace? Virtual jobs without the ability to save data are called "non-persistent", and with the ability to save - "persistent". The data that is stored in the virtual workplace is divided into two components: appdata (installed applications) and user profiles (user profiles with data). If Citrix User Profile Management or Microsoft Roaming Profiles are actively used to manage user profiles, then the situation with user applications is more complicated. Implementing such functionality without Personal vDisk or using full clones was simply impossible before.
You can decide on a solution only after analyzing the infrastructure. For example, in one of our projects, the customer used a self-written portal with application delivery. In other words, the user could log in via a web browser, select the necessary applications and, in accordance with the security groups assigned to him in Active Directory, install them in his workplace. This application delivery mechanism did not allow the use of non-persistent VDI and required data retention.
There is another scenario where the customer uses a terminal farm to deliver all the applications. In this case, persistent VDI is not required. This saves computational resources in virtual workplaces and provides them for the needs of terminal services, leaving only those applications that require an isolated environment in a virtual workplace. From the user's point of view, everything looks like a normal workplace.
Below we look at the main innovations from Citrix, which will allow them to better understand their technologies after recent updates.
First of all, I would like to note the incredible love of the vendor to change the names of their products. Get at least the main one, for which many are so fond of Citrix. Once called, Metaframe, Presentation Server, and XenApp. Now we stopped at Virtual Apps. At the same time, the functionality remains the same everywhere - to provide access to server applications.
Those who watch the vendor's news probably already know that the next rebranding of products has occurred and they are now called in a new way. This applies not only to decisions on the organization of terminal access, but also to the rest of the product lines. The figure below shows the old and new names. Do not get confused :)
Changed not only the names of familiar products, but also the editorial levels of each of the solutions. Pay attention to avoid confusion in XenApp product editions: now the Advanced level is not the starting license, but a license equal to the Enterprise level. The table below shows all the changes:
In addition to the changes in the names, I would like to note the updated vision of the VDI solutions of the main manufacturers. It is about building a design using software that allows you to split the image into several layers. In VMware, it is called App Volume, in Citrix - App Layering. It is noteworthy that both solutions can work not only with VDI of their manufacturers, but also with competing solutions, for example, with VMware Horizon.
The main idea of ​​the solution is to create different layers, for example, with the operating system, with a virtualization environment or with applications, and then compiling them into a working image for users. This is all done quickly, at the output we get various types of images for different groups of users with their applications.
The Citrix App Layering solution uses the following layers:
Each layer consists of certain applications and is responsible for its functions (see below).
A single monolithic image is assembled from the layers, which is delivered to the user. Each layer must be prepared beforehand. The process of assembling an image does not take much time.
In addition to using monolithic images, App Layering has the ability to deliver application layers to a virtual workplace through Elastic Layering. This feature allows you to personalize the user environment on request. This feature is controlled through security groups in Active Directory, which allows you to add sets of applications to a virtual workspace.
Licensing rules are shown in the table below:
Important note : App Layering is only available with active support from Citrix (Customer Success Services).
Let's talk a little about the designs of VDI solutions. After we have decided on the number of persistent and non-persistent virtual workplaces, it is necessary to determine the mechanism for their creation. Two technologies can be used for this: machine creation services (MCS) and provisioning services (PVS). The main differences are listed below.
Comparison of the principles of the desktop deployment mechanisms
MCS works by accessing the Citrix Studio Management Console to the Virtualization Environment Management Server API (vCenter, VMM, XenCenter). Through the necessary commands, basic actions are performed to create, delete, or change directories of virtual machines. The service is installed in conjunction with the connection broker when you deploy Citrix Virtual Apps and Desktops. Using MCS, you can create two types of virtual desktops: fast clone (fast clones) and full clone (full clones). If everything is clear with full clone, since it is a complete copy of the master image, then fast clone is generated according to the following principle: virtual workplaces are created with two additional diff disks and an id disk from the master image. I must say that the id disk is also present in full clones and stores information about domain membership. The size of such a disk is 16 MB. Diff disk stores master image changes. The size of this disk is set for all virtual desktops when creating a directory. When rebooting, the diff disk is reset to zero, so you cannot use it to build persistent VDI solutions. To implement persistent VDI using fast clones, an additional personal vDisk technology is used, but more on that below.
PVS works as a streaming service. It is installed on a separate server, has its own management console. Appeal to the API server management environment virtualization also occurs, but to a lesser extent. Basic operations are performed over the network when loading virtual desktops. Some are afraid of additional console, because this complicates administration, but I urge not to be afraid. PVS-service greatly simplifies the update of virtual desktops. They are loaded from the image storage (standard network storage smb or a directory on the local disk of the PVS server). The image is a service file and a virtual hard disk (.vhd) used when booting. The update process thanks to this service is very simple - you just need to connect another virtual hard disk and reload the workplace. Of course, using non-persistent virtual jobs are created using this service (note: this service has a caching method that allows you to save all changes, but I haven’t met such solutions in practice, so I wouldn’t recommend them). To implement persistent VDI using the PVS service, the same principle was used as for fast clones.
Due to the different specifics of technology, the load falls on the various components, respectively. If, in the case of a PVS service, a large load falls on the network, in the case of using the MCS service, the load falls on the used storage system.
I will give examples of the main designs of VDI solutions that I managed to implement:
Most often I have observed the implementation of the 1st design or a mixed solution of 2 and 3 options.
After Citrix announced that personal vDisk technology would not be developed anymore, the implementation of the 1st design became unrealistic. Customers began to abandon this idea, and the personal vDisk technology itself had a number of drawbacks. In my practice, the solution worked well with static use of virtual workplaces, that is, when a virtual workplace was assigned to one user, respectively, he connected a personal disk on which all changes were stored. When randomly using virtual desktops and personal disks, there were often problems when a user got a new virtual desktop and connected a personal disk to it. But still, the use of the 1st design with statically allocated virtual desktops significantly saved disk space, user data and installed applications in the virtual workplace could be placed on “slow” disks, and in order not to lose OS performance, all changes made from the master of the image (diff disk), placed on the "fast" disks. Such a design made it possible to significantly save disk space and not lose the performance of virtual desktops.
In the Citrix App Layering solution, it was announced that one of the layers (User Layer) would allow to implement functionality similar to personal vDisk, but for almost a year this layer was in the laboratory status. In the latest update on September 25, an update on this topic finally appeared in the App Layering document and it was announced that the User Layer was available for use in production environments.
An important update that allows you to implement the design of the 1st type using Citrix App Layering and User Layer for storing user data and installed applications.
Obvious problems of the classical organization of virtual workplaces forced Citrix to reconsider its approach towards the hybrid multi-layer virtual machine structure, which allowed creating persistent VDI in a non-persistent environment (looking ahead, this is also true for other vendors).
In reality, Citrix focuses on the development of the Citrix App Layering, so I would recommend looking at this solution when developing a sketch for your VDI. This product will significantly reduce the labor costs for servicing the master image, allow you to quickly compile the necessary images for different departments and, of course, increase the flexibility of the solution due to the Elastic Layer. And do not forget about the User Layer, through which you can implement the design of the 1st type.
Roman Mirzayanov, Senior Computing Design Engineer,
Jet Infosystems
Citrix dive
The IT world does not stand still: each vendor develops its products and contributes something new to the line of equipment and software. Citrix, as a leader in virtualization, network load balancing and user collaboration solutions, recently introduced new products. The main directions actively developed by the vendor are terminal services and desktop virtualization (VDI).
When designing IT projects, we solve many problems. Often the first is the choice between a terminal solution and VDI. Virtualization technology is more expensive when calculating budget estimates, but it allows you to create an isolated environment with a guest operating system. The use of an isolated operating system by each client increases the security of the environment and avoids application conflicts. In a terminal environment, situations arise when one application cannot work in multi-user mode. You can answer the question “what to choose?” By deploying solutions from Citrix in test mode and checking compatibility with applications used in a particular company.
')
Suppose we stopped at VDI. In addition to the main introductory (number of users, integrated applications, technical parameters of one virtual place, etc.), you need to answer the question - to what extent do you need to save the changes made in the virtual workplace? Virtual jobs without the ability to save data are called "non-persistent", and with the ability to save - "persistent". The data that is stored in the virtual workplace is divided into two components: appdata (installed applications) and user profiles (user profiles with data). If Citrix User Profile Management or Microsoft Roaming Profiles are actively used to manage user profiles, then the situation with user applications is more complicated. Implementing such functionality without Personal vDisk or using full clones was simply impossible before.
You can decide on a solution only after analyzing the infrastructure. For example, in one of our projects, the customer used a self-written portal with application delivery. In other words, the user could log in via a web browser, select the necessary applications and, in accordance with the security groups assigned to him in Active Directory, install them in his workplace. This application delivery mechanism did not allow the use of non-persistent VDI and required data retention.
There is another scenario where the customer uses a terminal farm to deliver all the applications. In this case, persistent VDI is not required. This saves computational resources in virtual workplaces and provides them for the needs of terminal services, leaving only those applications that require an isolated environment in a virtual workplace. From the user's point of view, everything looks like a normal workplace.
Below we look at the main innovations from Citrix, which will allow them to better understand their technologies after recent updates.
Rebranding
First of all, I would like to note the incredible love of the vendor to change the names of their products. Get at least the main one, for which many are so fond of Citrix. Once called, Metaframe, Presentation Server, and XenApp. Now we stopped at Virtual Apps. At the same time, the functionality remains the same everywhere - to provide access to server applications.
Those who watch the vendor's news probably already know that the next rebranding of products has occurred and they are now called in a new way. This applies not only to decisions on the organization of terminal access, but also to the rest of the product lines. The figure below shows the old and new names. Do not get confused :)
Changed not only the names of familiar products, but also the editorial levels of each of the solutions. Pay attention to avoid confusion in XenApp product editions: now the Advanced level is not the starting license, but a license equal to the Enterprise level. The table below shows all the changes:
| Obsolete name | Outdated edition | New name | New edition |
| Xenapp | Advanced | Virtual Apps | Standard |
| Xenapp | Enterprise | Virtual Apps | Advanced |
| Xenapp | Platinum | Virtual Apps | Premium |
| XenDesktop | VDI | Virtual desktops | Standard |
| XenDesktop | Enterprise | Virtual Apps and Desktops | Advanced |
| XenDesktop | Platinum | Virtual Apps and Desktops | Premium |
| Xenserver | Standard | Hypervisor | Standard |
| Xenserver | Enterprise | Hypervisor | Premium |
| NetScaler ADC VPX | Standard | ADC VPX | Standard |
| NetScaler ADC VPX | Enterprise | ADC VPX | Advanced |
| NetScaler ADC VPX | Platinum | ADC VPX | Premium |
Citrix App Layering
In addition to the changes in the names, I would like to note the updated vision of the VDI solutions of the main manufacturers. It is about building a design using software that allows you to split the image into several layers. In VMware, it is called App Volume, in Citrix - App Layering. It is noteworthy that both solutions can work not only with VDI of their manufacturers, but also with competing solutions, for example, with VMware Horizon.
The main idea of ​​the solution is to create different layers, for example, with the operating system, with a virtualization environment or with applications, and then compiling them into a working image for users. This is all done quickly, at the output we get various types of images for different groups of users with their applications.
The Citrix App Layering solution uses the following layers:
- Platform (Platform Layer)
- Operating System (Operating System Layer)
- Application Layer
- Personal (User Layer)
Each layer consists of certain applications and is responsible for its functions (see below).
A single monolithic image is assembled from the layers, which is delivered to the user. Each layer must be prepared beforehand. The process of assembling an image does not take much time.
In addition to using monolithic images, App Layering has the ability to deliver application layers to a virtual workplace through Elastic Layering. This feature allows you to personalize the user environment on request. This feature is controlled through security groups in Active Directory, which allows you to add sets of applications to a virtual workspace.
Licensing rules are shown in the table below:
Important note : App Layering is only available with active support from Citrix (Customer Success Services).
VDI Design and How to Use the Citrix App Layering
Let's talk a little about the designs of VDI solutions. After we have decided on the number of persistent and non-persistent virtual workplaces, it is necessary to determine the mechanism for their creation. Two technologies can be used for this: machine creation services (MCS) and provisioning services (PVS). The main differences are listed below.
Comparison of the principles of the desktop deployment mechanisms
MCS works by accessing the Citrix Studio Management Console to the Virtualization Environment Management Server API (vCenter, VMM, XenCenter). Through the necessary commands, basic actions are performed to create, delete, or change directories of virtual machines. The service is installed in conjunction with the connection broker when you deploy Citrix Virtual Apps and Desktops. Using MCS, you can create two types of virtual desktops: fast clone (fast clones) and full clone (full clones). If everything is clear with full clone, since it is a complete copy of the master image, then fast clone is generated according to the following principle: virtual workplaces are created with two additional diff disks and an id disk from the master image. I must say that the id disk is also present in full clones and stores information about domain membership. The size of such a disk is 16 MB. Diff disk stores master image changes. The size of this disk is set for all virtual desktops when creating a directory. When rebooting, the diff disk is reset to zero, so you cannot use it to build persistent VDI solutions. To implement persistent VDI using fast clones, an additional personal vDisk technology is used, but more on that below.
PVS works as a streaming service. It is installed on a separate server, has its own management console. Appeal to the API server management environment virtualization also occurs, but to a lesser extent. Basic operations are performed over the network when loading virtual desktops. Some are afraid of additional console, because this complicates administration, but I urge not to be afraid. PVS-service greatly simplifies the update of virtual desktops. They are loaded from the image storage (standard network storage smb or a directory on the local disk of the PVS server). The image is a service file and a virtual hard disk (.vhd) used when booting. The update process thanks to this service is very simple - you just need to connect another virtual hard disk and reload the workplace. Of course, using non-persistent virtual jobs are created using this service (note: this service has a caching method that allows you to save all changes, but I haven’t met such solutions in practice, so I wouldn’t recommend them). To implement persistent VDI using the PVS service, the same principle was used as for fast clones.
Due to the different specifics of technology, the load falls on the various components, respectively. If, in the case of a PVS service, a large load falls on the network, in the case of using the MCS service, the load falls on the used storage system.
I will give examples of the main designs of VDI solutions that I managed to implement:
- Using the MCS service to create clones with a differential disk (fast clone), or PVS service and storing all changes (app data \ user profile) on a dedicated personal disk (Personal vDisk).
- Using the MCS service to create full clones (full clone) with the savings of wasted disk space due to data storage with deduplication and compression.
- Using the MCS service to create clones with a differential disk (fast clone) or the PVS service and move user profiles using Citrix User Profile Management technology. This, of course, is not complete persistent VDI; in such designs, the user only stores application settings, which are stored in the user profile and user data. Installing applications in this configuration is impossible, since after rebooting the virtual desktop, the changes are rolled back. This design is often used in call-centers.
Most often I have observed the implementation of the 1st design or a mixed solution of 2 and 3 options.
RIP, Personal vDisk
After Citrix announced that personal vDisk technology would not be developed anymore, the implementation of the 1st design became unrealistic. Customers began to abandon this idea, and the personal vDisk technology itself had a number of drawbacks. In my practice, the solution worked well with static use of virtual workplaces, that is, when a virtual workplace was assigned to one user, respectively, he connected a personal disk on which all changes were stored. When randomly using virtual desktops and personal disks, there were often problems when a user got a new virtual desktop and connected a personal disk to it. But still, the use of the 1st design with statically allocated virtual desktops significantly saved disk space, user data and installed applications in the virtual workplace could be placed on “slow” disks, and in order not to lose OS performance, all changes made from the master of the image (diff disk), placed on the "fast" disks. Such a design made it possible to significantly save disk space and not lose the performance of virtual desktops.
In the Citrix App Layering solution, it was announced that one of the layers (User Layer) would allow to implement functionality similar to personal vDisk, but for almost a year this layer was in the laboratory status. In the latest update on September 25, an update on this topic finally appeared in the App Layering document and it was announced that the User Layer was available for use in production environments.
An important update that allows you to implement the design of the 1st type using Citrix App Layering and User Layer for storing user data and installed applications.
Conclusions and recommendations
Obvious problems of the classical organization of virtual workplaces forced Citrix to reconsider its approach towards the hybrid multi-layer virtual machine structure, which allowed creating persistent VDI in a non-persistent environment (looking ahead, this is also true for other vendors).
In reality, Citrix focuses on the development of the Citrix App Layering, so I would recommend looking at this solution when developing a sketch for your VDI. This product will significantly reduce the labor costs for servicing the master image, allow you to quickly compile the necessary images for different departments and, of course, increase the flexibility of the solution due to the Elastic Layer. And do not forget about the User Layer, through which you can implement the design of the 1st type.
Roman Mirzayanov, Senior Computing Design Engineer,
Jet Infosystems
Source: https://habr.com/ru/post/429616/
All Articles