Adding an On-Premises Enterprise Cloud to a Data Center

Adding an On-Premises Enterprise Cloud to a Data Center This document is intended for IT architects who want upgrade from XenDesktop 7.1 to XenDesktop 7.5 and add an on-premises enterprise cloud to the data center using Citrix CloudPlatform. Version: 1.0 Last Updated: December 3, 2014 Prepared by: Citrix Solutions Lab

Table of Contents Executive Summary... 4 Introduction... 4 XenDesktop... 4 XenMobile... 4 CloudPlatform... 5 Architectural Design... 5 Software... 6 Citrix XenDesktop overview... 6 Software components... 6 Deploying the Environment... 7 Installation considerations and concerns... 7 Upgrading the Data Center... 7 Building the Enterprise Cloud... 8 EC Zone Hardware... 10 XenServer Install and Preparation for CloudPlatform... 10 Network... 10 Advanced Networking... 11 EC Storage Assignments... 12 EC Advanced Zone Network Assignments... 12 Creating an Isolated Network for XenDesktop... 15 CloudPlatform Global Settings... 16 CloudPlatform Template (or ISOs)... 16 Instances... 17 XD Volume Worker Template and Ctxvwd service... 17 Configuring NetScaler... 17 StoreFront considerations... 18 2

Cloud VDI Infrastructure VMs... 20 Hosted Shared Desktops... 20 XenMobile Configuration... 20 Overview... 20 Appendix A... 22 Multiple Physical Guest Networks to a Zone... 22 Appendix B... 61 3

Executive Summary Many enterprise companies are looking for new ways to provide access to desktops and applications to partners, contractors and employees without giving away the keys to the data center. One example would be a marketing company that deals with multiple customers who need access to desktops and applications but must remain isolated from one another. An on-premises enterprise cloud enables companies to easily manage and control their environment while creating separation between customers, treating each as a tenant in the cloud. The cloud can be configured to leverage the data center s existing Active Directory, which gives employees access to the cloud without IT having to manage multiple Active Directories. Another example is a large enterprise with multiple franchises across the country. Using an on-premises enterprise cloud, the company can treat each franchise as a tenant, maintain control over the data center and the cloud, and provide isolation between the franchises in an easy-to-manage environment. Introduction The Citrix Solutions Engineering team recently published a reference architecture (RA) that focused on creating a data center with both XenDesktop and XenMobile users supported. You can find the document here: http://www./content/dam/citrix/en_us/documents/oth/xendesktop-and-xenmobilereference-architecture.pdf. This document looks at upgrading XenDesktop 7.1 to version 7.5 and then adding an on-premises enterprise cloud to the data center using Citrix CloudPlatform. XenDesktop Citrix XenDesktop delivers Windows apps and desktops as secure mobile services. With XenDesktop, IT can mobilize the business, while reducing costs by centralizing control and security of intellectual property. Incorporating the full power of XenApp, XenDesktop can deliver full desktops or just the apps to any device. XenDesktop with HDX technologies enables the delivery of a native touch-enabled mobile experience that is optimized for the type of device, as well as the network. XenDesktop is built on a cloudenabled architecture that offers powerful management tools that simplify scalability, increase infrastructure flexibility, and automate the delivery of apps and desktops. XenMobile XenMobile is the most comprehensive enterprise mobility management solution delivering mobile device, app, and content management along with business-class productivity apps (including secure email) that enhance the user experience without compromising security. Users get mail, calendar, and contact apps with Outlook-like productivity. XenMobile s unified app store allows users to run any app, even nonmobile apps. Plus, users can access, sync, and edit files from anywhere. IT has end-to-end security including a secure container with FIPS-compliant encryption of data on the device, app-to-app security, and microapp VPN protection. IT can easily separate business from work apps and data with XenMobile s secure container. XenMobile helps businesses deliver custom apps by allowing developers to leverage the Worx App SDK and add enterprise features into any app with a single line of code. Or businesses can use apps from the Worx App Gallery, the largest ecosystem of secure, third-party mobile apps. XenMobile can be deployed on-premises or in the cloud. Both XenMobile on premises and XenMobile Cloud deliver the same features so you have complete flexibility to choose the deployment option that s best for your organization. 4

CloudPlatform Citrix CloudPlatform, powered by Apache CloudStack, is the industry s only future-proofed, applicationcentric cloud solution proven to reliably and efficiently orchestrate both traditional enterprise and cloudnative application workloads within a single unified cloud management platform. CloudPlatform combines the best private cloud foundation for enterprise workloads like CRM and ERP with true Amazon-style scale, elasticity, and operational efficiency for cloud-native workloads like social applications, Big Data and HPC. This mature, turn-key solution is based on open source Apache CloudStack and lets you leverage existing hypervisor, storage, and network investments. CloudPlatform delivers the fastest timeto-value, powers the world s leading clouds, and is recognized as a market leader by industry experts. Architectural Design The XenDesktop/XenMobile RA defines the design utilizing the blueprint five-layer approach: User layer Access layer Resource layer Control layer Hardware layer This environment will be upgraded to XenDesktop 7.5 following the Citrix upgrade process. The enterprise cloud will be built as a separate module as shown in the following diagram: User Layer Access Layer Resource Layer - DC Hardware Layer Storage Layer Module 1 HSD Cluster External VSI Client Launchers Module 1 HSD, HVD and HVD + PVD Desktops Module 1 VDI Cluster Module 1 PVD Cluster THOR Clients Internal Clients NetScaler MPX SF Resource Layer Availability Zone 1 Zone 1 HSD VMs - PVS Zone 1 HVD & HVD+PVD VMs - PVS PVS DC-Guest Zone 1 XS HSD Pool 5 Hosts (Non-HA) Zone 1 XS HVD Pool 3 Hosts (HA) NAS Storage OS: EMC Model: VNX 8000 Protocol: iscsi / NFS Resource Layer Availability Zone 2 DC Storage Internal VSI Client Launchers External Zone 2 HSD VMs - MCS Zone 2 HVD & HVD+PVD VMs - MCS Zone 2 XS Pools (2) (HSD and HVS) Zone 2 XS Pools (2) (HSD and HVS) DC MGMT Control Layer - DC Service VMs: AD DC, XDC, SF, CP & DC PVS, LIC, THOR Echo, MDM, NS VPX CP & DC PVS Mobility Infrastructure Hypervisors Mobility Infrastruture Physical Servers Connection Legend DC Management DC Storage DC Guest External Network Client Internal Guest CP PVS Zone 1: ADRO, CCP, SQL Server Zone 2: ADRO, CCP, SQL Server Control Layer - EC EC Zone 1 Infra XS Host EC Zone 2 Infra XS Host 5

Software Citrix XenDesktop overview Please see edocs for how to update XenDesktop from version 7.0 to 7.5. Software components The following table defines the software versions deployed and upgraded: Component Version Upgraded Version Virtual Desktop Broker Citrix XenDesktop 7.1 Citrix XenDesktop 7.5 VDI Desktop Provisioning Citrix Provisioning Services 7.1 with latest hotfixes Endpoint Client Citrix Receiver for Windows 4.1 User Profile Management Citrix User Profile Manager 5.x (Built-in) VDI Personalization Citrix Personal vdisk 7.1 Citrix Personal vdisk 7.5 Web Portal Citrix StoreFront 2.1 Citrix StoreFront 2.5 Licensing Citrix License Server 11.11.1 Citrix License Server Workload Generator Login VSI 4.0x (4.07) Office Microsoft Office 2013 Virtual Desktop OS (VDI Desktops) Virtual Desktop OS (Hosted Shared Desktops) Database Server for SCVMM, XDC, PVS Database Server for XenMobile VDI Hypervisor Management VDI Hypervisor Microsoft Windows 8.1SP1/Windows 8.1 Microsoft Windows Server 2012 R2 Microsoft SQL Server 2012 R2 Microsoft SQL Server 2008 R2 Microsoft SCVMM 2012 R2 Microsoft Windows Server 2012 R2 with Hyper-V Role NetScaler Software NS 10.1.120.1316.e NS Mobile Device Management XenMobile Device Manager 8.6 XenMobile Device Manager 9.0 XenMobile AppController AppController 2.9 NetScaler Insight Center VPX 10.1.120.13 for XenServer CloudPlatform CP 4.3 Prepared by: Citrix Solutions Lab

Deploying the Environment Installation considerations and concerns Adding an On-Premises Enterprise Cloud The design involved leveraging existing servers and storage, and sizing them to the hardware available. The amount of memory in each physical server limited the number of VDI users per physical server. The random and static pooled VMs had 2 GB per VM; the physical servers had 192 GB; and dynamic memory was not utilized, which also limited the number of VDI sessions per physical server. Performance between XenDesktop 7.1 and XenDesktop 7.5 is very similar, with the default out-of-the-box configuration being set for the best user experience. Upgrading the Data Center We upgraded our XenDesktop environment and existing Sites as an in-place upgrade from 7.1 to 7.5 following all the best practices by Citrix. We recommend following the procedures outlined in XenDesktop 7 Upgrade Components. 7

Building the Enterprise Cloud Adding an On-Premises Enterprise Cloud Integrating XenApp or XenDesktop with CloudPlatform gives companies the ability to take the first step into extending their data center into an on-premises cloud. We built the on-premises cloud and integration with XenDesktop following the XenApp and XenDesktop Concepts and Deployment on CloudPlatform guide. Our enterprise domain controllers provide Active Directory services on-premises, which means that our on-premises cloud does not have a domain controller, as all of our cloud-hosted VM instances including CloudPlatform will leverage an enterprise domain controller through a configured CloudPlatform shared network. 8

CloudPlatform Management Server Cluster CloudPlatform Management Server cluster nodes are stateless and are easily re-created. MySQL database should be set up as either Active\Passive or Active\Active, according to the MySQL documentation. As an added measure, we created a backup MySQL server that we could add into the cluster configuration if a primary MySQL fails. Advanced Networking Model XenServer hypervisor o o Hardware must be identical Limit of eight hosts in a cluster Single region One zone One pod One cluster Two networks o o Shared guest network Private guest network Storage (primary and secondary): Primary storage cannot be added to the cluster until the XenServer host has been successfully added to the zone. NFS used for both primary and secondary storage Before adding secondary storage to the zone, make sure you have uploaded and installed the System VM template to the CloudPlatform Management Server. Virtual router for each account network: DHCP DNS FW. Client VPN, LB, Source NAT, Port Forwarding Primary CPM Cluster Configuration Load Balancer CP Management Server Node 1 Management Server Node 1 Primary MySQL Server Backup MySQL Server NetScaler MPX 4 cores, 16 GB of memory, and 250 GB SSD local storage 4 cores, 16 GB of memory, and 250 GB SSD local storage 4 cores, 16 GB of memory, and 250 GB SSD local storage 4 cores, 16 GB of memory, and 250 GB SSD local storage Standby CPM Cluster Configuration Load Balancer Management Server Node 1 Primary MySQL Server NetScaler MPX 6 cores, 32 GB of memory, and 250 GB SSD local storage 6 cores, 32GB of memory, and 250GB SSD local storage 9

EC Zone Hardware Number of host in a cluster 8 Hardware for each host CPU: 2 x Intel(R) Xeon(R) CPU E5-2670 @ 2.60GHz (8 cores each) Memory: 192 GB Disk: two 300 GB HDD, Raid 1 Target number of VMs per host 60 XenServer Install and Preparation for CloudPlatform Configure Dom0 Time synchronization All hosts in the same pod must be on the same time. Disabled the open vswitch This is necessary for basic zones, but disabling this allowed us to add a basic zone later if needed. Because we used NFS, we did not need to set up any storage on our XenServers. CloudPlatform does this completely. Network To prepare the XenServer networks for CloudPlatform, you must first set up the network traffic labels by renaming the networks in XenServer. 10

These network traffic labels will be mapped to virtual interfaces that are created by CloudPlatform, and then these virtual interfaces are bound to the correct physical NIC. Important: The Name label (see above screenshot) of the XenServer network must match the XenServer traffic label specified while creating the CloudPlatform network. The name and traffic labels are case sensitive. Advanced Networking You must decide whether to create a basic or advanced zone before you proceed because once you configure a zone as basic or advanced, it cannot be changed. Networking can get confusing very fast, and it is best to work with the network engineers for your enterprise so everyone understands the integration of CloudPlatform within the data center. Items that need to be reviewed and agreed upon before proceeding with CloudPlatform include: Number of Zone VLANs o Each zone must have a unique guest CIDR and follow the RFC 1918 private network guidelines. 11

VLAN Type o All CloudPlatform networks are tagged as layer 2 VLANs. These tagged VLANs need to be configured on all switches to which your XenServer hosts are connected. Guest VLAN Range o You need to assign this VLAN range when you create the zone. CloudPlatform uses this range when creating the guest and isolated networks within the zone. Guest Networks o Guest networks can be either Shared Physical or Isolated. The presence of multiple Shared Physical networks requires additional configuration using tags. See Addendum. EC Storage Assignments Storage Unit Full Name Unit Type Storage Space Incl Free Space (GB) Storage Protocol Storage IP Mount Point R2E04C3Z1Inf_DAS 2 SSD R2E04C3Z2Inf_DAS 2 SSD R2E05C1Z1Pod1_VDINFS DAS DAS HSD VMs 600 NFS 172.16.18.50 /Z1P1_HSD R2E05C1Z1P1 R2E05C1Z1Pod2_VDINFS HVD VMs 1913 NFS 172.16.18.50 /Z1P2_HVD R2E05C1Z2Pod1_VDINFS HSD VMs 600 NFS 172.16.18.51 /Z2P1_HSD R2E05C1Z2Pod2_VDINFS HVD VMs 1913 NFS 172.16.18.51 /Z2P2_HVD Secondary Templates 125 NFS 172.16.18.51 /TEMPLATES EC Advanced Zone Network Assignments EC Advanced Setup Zone Name ECZone1 External DNS 8.8.8.8 Internal DNS - 172.16.16.5 CIDR 192.168.192.0/18 Physical Network Names XenServer Network Label Names Management Internal Traffic 172.16.16.0/23 Cloud_Management Storage Internal Traffic 172.16.18.0/23 Cloud_Storage 12

External External Traffic 172.16.140.0/24 Cloud_Public Guest Internal Traffic 172.16.0.0/20 Cloud_Guest PVS Internal Traffic 192.168.168.0/20 Cloud_PVS Public Traffic - NetScaler Internet connection Gateway Netmask VLAN (TAGGED) Start IP End IP 172.16.140.1/24 255.255.255.0 172.16.140.200 172.16.140.254 Add Zone / POD Pod Name Management Network Details R2E05C1Z1POD1 Gateway Netmask VLAN Start IP End IP 172.16.16.1 255.255.254.0 172.16.17.100 172.16.17.150 Internal Guest Network Details Guest Traffic Start VLAN End VLAN 3100 3104 All the VLANs need to be shared across all the hosts in the cluster; therefore, they need to be tagged on all the switches so traffic is routed to all the hosts. Storage Network Gateway Netmask VLAN Start IP End IP 172.16.18.1 255.255.254.0 172.16.18.100 172.16.18.150 Add Zone / Cluster Name Cluster01 Add Host Resources Host Name Username Password R2E05C1B01 Root R2E05C1B02 Root R2E05C1B03 Root R2E05C1B04 Root R2E05C1B05 Root R2E05C1B06 Root R2E05C1B07 Root R2E05C1B08 Root 13

Primary Storage (Shared) NFS Secondary Storage Name of Storage 172.16.18.50 Name of Storage 172.16.18.51 Protocol NFS Server 172.16.18.51 Server 172.16.18.50 Path /TEMPLATES Path /Z1P1_HSD Launch Zone After completing the zone configuration wizard, launch your zone and enable it. This can take about 20 to 30 minutes to complete. NFS 14

Creating an Isolated Network for XenDesktop Create an isolation network in the CloudPlatform account used by XenDesktop. Adding an On-Premises Enterprise Cloud Citrix recommends: DefaultIsolatedNetworkOfferingWithSourceNatService Apply a tag to the network so XenDesktop can find it. Case-sensitive tag values: Tag: Citrix.XenDesktop.Network.Role Value: MachineIsolationRole When creating the preparation VM, XenDesktop identifies a network with these tags and supplies this information when creating the VM. 15

CloudPlatform Global Settings When viewing the available global settings, use the search box to help narrow down the sections you require. You can also search by account, cluster or zone settings to help narrow the fields. For example, searching by zone shows you only the settings that can be applied to a zone. In our setup, we used set the following settings for our environment: CloudPlatform Template (or ISOs) Once your zone is up and complete, you can upload VHD templates (or ISOs), which you will use to build your CloudPlatform environment. Uploading templates to CloudPlatform requires that you provide a URL for CloudPlatform to receive the templates from an HTTP file server. The best way to handle this requirement is to set up an IIS server or use a simple http transfer software such as HFS. 16

Instances Adding an On-Premises Enterprise Cloud Create an instance VM by clicking Add Instance. You may want to create your own compute offerings for your VM needs before creating an instance. If you don t create a compute offering before, you can always change the compute offering later, but you must shut down the instance before you can change this setting. XD Volume Worker Template and Ctxvwd service A volume worker is a VM that works with the XenDesktop Delivery Controller to assist with the provisioning operations for Machine Creation Services. In order to provision VMs using MCS, you must set up a XenDesktop volume worker template that runs the Ctxvwd service before you create your host connections. After creating your volume worker template, you must shut down this VM and create a template using this VM. You must tag this template so the Controller is able to locate it. After you create your template, start the volume worker VM again, and make sure it is running before you create your host and resource connections from XenDesktop to CloudPlatform. Configuring NetScaler The environment uses two NetScaler NSMPX-10500 8*CPU+2*E1K+16*E1K+8*CVM 1620 760000 configured in a high-availability configuration. 17

StoreFront considerations Adding an On-Premises Enterprise Cloud We configured redundant StoreFront VMs to provide support for up to two modules and to allow for failure of one of the StoreFront VMs. We did a basic installation with the StoreFront software, and then we created a certificate to manage authentication and access. The following screenshots show the configuration for deployment: 18

Once we deployed the store, we configured authentication with a user name and password, and the site domain as the only trusted domain. We joined the StoreFronts to a server group and selected the NetScaler Gateway appliance with no VPN tunnel. 19

Cloud VDI Infrastructure VMs Adding an On-Premises Enterprise Cloud For the cloud infrastructure service VMs, we created a shared network in CloudPlatform to hold the VMs and create a high-availability environment. Infrastructure VMs VM No. of VMS OS VDH (GB) vcpu Memory GB Purpose XenDesktop Controller VMs 2 Windows 2012 R2 StoreFront 2 Windows 2012 R2 CP Manager 2 Centos 6.4 License Server 1 Windows 2012 R2 AD/DNS/DHCP 2 Windows 2012 R2 SQL 2 Windows 2012 R2 Hosted Shared Desktops The HSD VMs were configured as follows: 4 vcpu 12 GB memory 40 GB VHD 25 GB write cache file Each pod supported 32 HSD VMs: a total of 32 HSD VM instances across the eight physical XenServer/CloudPlatform servers in zone 1. Each HSD will support 50 users; that equals 200 users per server and 1,600 users for zone 1 in our design. We installed each HSD VM with MS WS2012 R2. XenMobile Configuration Overview XenMobile was included in the data center configuration and was upgraded to XenMobile 9. If you are running the enterprise version of XenMobile, you must upgrade both the device manager and the app controller. Steps on how to perform the upgrades and obtain the software can be found in Citrix edocs. It should be noted that our configuration did not cluster the device managers. There is a very specific process to upgrade a cluster, which can be found here. 20

This XenMobile installation does not currently follow the suggested best practices for high availability. Please refer to Citrix edocs or ask your Citrix consultant how to configure XenMobile for HA. One of the stumbling blocks is configuring the XenMobile certificates. Appendix B shows how to configure the SSL certificate for the device manager. Conclusions As stated in the beginning of this document, the goal was to upgrade the existing XenDesktop and XenMobile components and then add a CloudPlatform environment to create an enterprise cloud. The upgrade process for both XenMobile and XenDesktop are documented in Citrix edocs to ensure you have access to the most up-to-date steps in performing the upgrades. edocs also has complete steps for new installations of both XenDesktop and XenMobile. Our testing focused on doing the upgrade process in an existing data center. Both upgrades were completed without issue, and testing against XenMobile and XenDesktop was able to continue without interruption. This test bed has since been used for testing NetScaler products as well as large -cale storage testing without issue around the performance of the upgrades. This additional testing will be detailed in upcoming Citrix Solutions Lab documentation. Also, Appendix B addresses the issues around configuring SSL certificates for XenMobile. As for the cloud deployment, enterprises are exploring utilizing on-premise clouds to solve different virtual desktop access issues. A cloud provides separation between the data center and the virtual desktop while still allowing access to company data through Citrix ShareFile. An on-premises cloud allows even better control and access to Active Directory and data. This document explains the steps necessary to deploy your own enterprise cloud along with hints and tips on some of the issues we encountered and how we addressed them. For example, CloudPlatform uses guest networks within the cloud, and often, more than one guest network is required. Appendix A defines how to create multiple guest networks within CloudPlatform. 21

Appendix A Multiple Physical Guest Networks to a Zone This configuration requires the advanced zone model. As shown in the screenshot below, you must assign a name to each physical network in XenServer. You also need to edit the Management, Public and Storage categories because this is where the actual assigned XenServer Traffic label maps to the physical network in XenServer. (By clicking Edit under each traffic type, you can ensure that the correct XenServer physical network names are assigned to appropriate traffic types.) We wanted to use two guest networks (the green traffic type bubbles ) on two different physical NICs, so we set the two XenServer Traffic Types to Guest and PVS, ensuring that each traffic type had a unique network name that matches the physical network name used in XenServer. We successfully created the zone this way, but we did not have the ability to define networks in CloudPlatform. We received an error message stating that we need to create tags for each guest network under the physical NIC properties. So we added a tag to each of the physical NICs in CloudPlatform and no longer received the error, but we still did not have the ability to create a network with this physical NIC until we created the XenServer Traffic Label that had been assigned to that network and created a network offering that had the same tag to match the XenServer Traffic Label. When you are running two physical guest networks, you must create unique network offerings that map to the tags you entered on the physical NIC. To do this, you need to create two new 22

DefaultIsolatedNetworkOfferingWithSourceNatService network offerings one tagged Guest, and one tagged PVS. Once you create this new network offering, the original DefaultIsolatedNetworkOfferingWithSourceNatService will no longer function because it has no tag assigned. You also will need to do this for the DefaultIsolatedNetworkOffering because this is also used for the guest networks. Because the original has no tag, it will not work, as both our guest networks have tags assigned. We have multiple physical guest networks, so network offerings need to be created and tagged. The tags need to match the XenServer Traffic Type label so that CloudPlatform knows to which interface it needs to map the network service offering. 23

Create an isolation network in the CloudPlatform account used by XenDesktop. 24

Citrix recommends: DefaultIsolatedNetworkOfferingWi thsourcenatservice Apply a tag to the network so XenDesktop can find it. Case-sensitive tag values: Tag: Citrix.XenDesktop.Network.Role Value: MachineIsolationRole When creating a VM, XenDesktop identifies the network with these tags and uses this information when creating the VM on the correct network. 25

XenDesktop Connection Resources to Cloud Platform 26

Under Add Connection and Resources in Citrix Studio, select Citrix CloudPlatform as the host type. Add the URL to the client API endpoint in the Connection address text field. *Note: You must include the /api suffix on the URL, which allows XenDesktop to talk directly with the REST API, not to the admin console. Next, grab your API and Secret keys from the admin console and paste them into the connection. Remember, the URL for CloudPlatform is casesensitive. 27

Choose the zone to which Machine Creation Services will deploy the desktops. Next, choose the network to which the provisioned desktops will be linked. 28

29

Click finish. The following are screenshots for creating your XenDesktop volume worker. 30

31

32

33

34

35

36

37

After the VM instance is created complete the CentOS installation. Load Xenserver Tools and run the following: mkdir /mnt/xs-tools mount /dev/xvdd /mnt/xs-tools cd /mnt/xs-tools/linux/ bash install.sh Enable Networking using VI editor vi /etc/sysconfig/network-scripts/ifcfg- eth0 Insert mode = Shift + I Change the following entries: ONBOOT=yes. Delete the HWADDR (MAC address) entry 38

Delete the UUID entry Exit Insert mode= esc Exit and Save File= Shift ZZ Enable the interface = ifup eth0 Verify the VM instance has an IP address= ifconfig eth0 To accept incoming SSL connections, ensure that port 443 is opened in the firewall using WinSCP or the VI editor navigate to /etc/sysconfig/iptables to make the following change, and then save the file. Add the line -A INPUT -p tcp --dport 443 -j ACCEPT to the chain of input rules above the line -A INPUT -j REJECT --reject-with icmp-host-prohibited. Apply the new rules with service iptables restart. 39

Ensure the operating system and installed packages are up to date with yum update, and press Y to accept the download and installation. Copy the Citrix software package onto the VM instance. Using WinSCP (http://winscp.net/eng/index.php) from the XenDesktop Controller directory 40

C:\Program Files\Citrix\MachineCreation\Service\VolumeWorkercopy the ctxvwd-1.1-1.i386.rpm file to the VM Instance. Install the Citrix volume worker package yum install ctxvwd-1.1-1.i386.rpm, and press Y to accept the downloads and installation. Configure the Citrix service for CloudPlatform with /etc/ctxvwd/select-platform CCP. Remove the /etc/udev/rules.d/70-persistent-net.rules file if present. 41

Remove the /var/lib/dhclient/dhclient-eth0.leases file if present. Start the ctxvwd service. This initializes the service data and then shuts down the machine. Service ctxvwd start 42

XenApp and XenDesktop concepts and deployment 43

44

Add a tag using the key Citrix.XenDesktop.Template.Role and the value VolumeServiceWorkerRole. 45

Create a machine catalog for shared hosted desktops. 46

47

48

49

50

51

52

53

54

55

The following are screenshots take from the configuration of the NetScaler. Creating virtual IP address (VIP) to StoreFront for XenDesktop: 56

Configuring Load Balance 57

58

59

60

Appendix B Adding an On-Premises Enterprise Cloud Prerequisites Include any intermediate certificates to the certificate chain External SSL certificate file in.p12 format copied locally to the Device Manager server Must have access to password of SSL certificate file Configuration The following two XDM server files must be edited: pki.xml server.xml Instructions Complete the following steps to configure external SSL certificate: 1. On the XDM server, browse to the pki.xml file, located at: C:\Program Files (x86)\citrix\xenmobile Device Manager\tomcat\webapps\zdm\WEB-INF\classes\pki.xml. 2. In this file, add the bean ID (copy and paste): <bean id="externalsslcert" class="com.sparus.nps.pki.def.keystoreparams" p:keystoretype="pkcs12" p:keystorepath="c:\yoursslcert.p12" p:entryalias="" p:keystorepass="yourpassword" p:publiclytrusted="true" /> 61

3. Edit the string keystorepath to point to the location of the External SSL certificate. 4. Edit the string keystorepass with the SSL certificate password. 5. In the same file, search for the string legacysslcert and replace with externalsslcert. Old entry: New entry: 6. On the XDM server, browse to the server.xml file, located at C:\Program Files (x86)\citrix\xenmobile Device Manager\tomcat\conf\server.xml. 1. Search for the string Connector Port= 443 and then add the SSL certificate path and password as defined in the pki.xml file (Steps 3-4). 62

2. Search for the string Connector Port= 8443 and then add the SSL certificate path and password as defined in the pki.xml file (Steps 3-4). 63

7. Save and close the file. 8. Restart the Device Manager Service. 64

Corporate Headquarters Fort Lauderdale, FL, USA Silicon Valley Headquarters Santa Clara, CA, USA EMEA Headquarters Schaffhausen, Switzerland India Development Center Bangalore, India Online Division Headquarters Santa Barbara, CA, USA Pacific Headquarters Hong Kong, China Latin America Headquarters Coral Gables, FL, USA UK Development Center Chalfont, United Kingdom About Citrix Citrix (NASDAQ:CTXS) is a leader in mobile workspaces, providing virtualization, mobility management, networking and cloud services to enable new ways to work better. Citrix solutions power business mobility through secure, personal workspaces that provide people with instant access to apps, desktops, data and communications on any device, over any network and cloud. This year Citrix is celebrating 25 years of innovation, making IT simpler and people more productive. With annual revenue in 2013 of $2.9 billion, Citrix solutions are in use at more than 330,000 organizations and by over 100 million users globally. Learn more at www.. Copyright 2014 Citrix Systems, Inc. All rights reserved. Citrix, XenDesktop, XenMobile, CloudPlatform, XenApp, Apache, CloudStack, Citrix Provisioning Services, Citrix Receiver, XenServer, NetScaler Insight Center, NetScaler MPX, NetScaler Gateway, ShareFile and NetScaler are trademarks of Citrix Systems, Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Other product and company names mentioned herein may be trademarks of their respective companies. 65