Tim Tharratt, Technical Design Lead Neil Burton, Citrix Consultant
Replacement solution for aging heritage branch infrastructures (Co-op and Britannia) New unified app delivery platform for the bank to deliver branch services Initially sized for 5000 users Provide a scalable and flexible platform for the business to grow into Core infrastructure to serve as the basis of more XenApp and/or XenDesktop in the future
Branch users Task workers needing basic restricted desktop with limited application set Data Centres dual DCs active/active Solution to be delivered into new everything! New Active Directory forest New Integrated Network infrastructure New Security Zone model firewalls everywhere
Published Desktop using XenApp 6.5 XenApp provisioned using Citrix PVS Applications 100% virtualised with App-V Personalisation using AppSense Printing using ThinPrint Secure access using Netscaler / Access Gateway SQL Server Clustering / Mirroring / Replication for databases Server Virtualisation using Hyper-V 2008 R2 HP Thin Clients running Windows Embedded
1 2 3 4 1 POWER SUPPLY PROC 5 1 6 7 8 2 POWER SUPPLY DIMMS FANS 16 15 OVER TEMP 1 2 3 4 POWER CAP 14 13 12 11 PROC 10 1 2 3 4 5 6 2 9 1 2 3 4 5 6 7 8 PLAYER HP ProLiant DL385G5p Citrix Infrastructure Zone \ Data Flow Legacy App AD SQL Witness Branch Passbook Printer Network Printer Thermal Printer ThinPrint Gateway Support Firewall SSL SSL NetScaler SDX Command Center HP Device Manager SCVMM NetScaler VPX - CAG ThinPrint.Print ThinPrint Management EdgeSight Bastion Servers * HP Hardware (ilo) Infrastructure Access / Presentation NetScaler VPX LB Web Interface Microsoft SQL RDS / License XenApp PVS App-V AppSense Applications Database
Citrix Infrastructure Datacentre A https://citrix.access.gateway.com Datacentre B Access Gateway / Global server load balancing Authentication HA Pair HA Pair Authentication AD NetScaler Instances NetScaler Instances Load balancing Web Interface NetScaler Instances NetScaler Instances Load balancing Web Interface AD PVS Provisioning Provisioning ThinPrint (VM) ThinPrint (VM) App-V (VM) XenApp RD / Citrix License Servers (VM) RD / Citrix License Servers (VM) XenApp App-V (VM) AppSense (VM) Application Server Presented Desktops Web Interface (VM) SQL DB Cluster SQL SQL SQL Mirroring / Replication SQL / SCVMM Witness - 3 rd Site SQL SQL SQL DB Cluster Web Interface (VM) Presented Desktops Application Server AppSense (VM) File Store (Existing) Applications (Existing) System Management (New) Hyper-V Cluster SCVMM SCVMM Hyper-V Cluster System Management (New) Applications (Existing) File Store (Existing) Existing Services Backup (New) Thin Clients Thin Client Management Thin Client Management Thin Clients Backup (New) Existing Services
Providing multiple Netscaler VPX instances from a purpose designed virtualisation appliance Netscaler VPX pairs deployed in layered design: Perimeter Netscalers as Access Gateway - Secure HTTPS proxy for all client ICA sessions Internal Netscaler providing Load Balancing of: XML Brokers, Web Interface, AppSense, App-V GSLB providing active/active site load balancing
Ability to host multiple instances i.e. inner/outer, test/prod on single platform Provides ensured capacity for business growth Ability to dynamically allocate/reallocate CPU, RAM, SSL offload + Bandwidth as required Dedicated appliances inflexible in comparison e.g. MPX5500 deployed for XA Re-purpose difficult once in Production Wrong networks
5 VPX Instance licences per SDX Flexibility e.g. different instances into multiple security zones Simplification of firewall rules Ability to host VPX instances for test, development, pre-production, model office, UAT, etc. as well as production Performance - purpose designed host with multiple 10Gbps and SSL offload cores
Citrix Command Centre deployed to provide centralised monitoring and alerting of Netscaler SDX hosts and VPX guests
Delivering a Windows 7 style desktop to thin client users User applications run in published desktop session streamed with Microsoft App-V
Solution originally conceived as VDI Early PoC revealed all apps could be virtualised and executed on Server OS just as easily No functional disadvantage for task workers XenApp preferred as most cost effective and scalable solution
64-bit Windows Server 2008 inherent scalability advantage over legacy 32-bit OS s Latest HDX Stack Adaptive Display, Multimedia, etc. provide improved user experience Management GPO integrated policy, Worker Groups, Dedicated Controller and Session-Host only server roles
XenApp deployed on physical servers HP BL460c G7 blades 12-core / 72GB RAM 10GB connectivity to Cisco Nexus core Scaled conservatively for 150 sessions per blade
Bucking the current trend to virtualise, but high density physical XenApp server deemed more scalable and predictable Simplicity fewer servers and no extra hypervisor instances to manage Cost effective commodity spec servers can host a lot of sessions No shared storage element
XenApp server build streamed read-only across network from single instance image XenApp servers revert to clean state on reboot Very lightweight image no applications or user settings are included
Stateless server build no apps or settings very easy to recreate Complete consistency in server build Easy version control very simple to update build, test changes and promote to production
Write cache where PVS redirects disk writes when booting from read-only image When dealing with many targets cumulative write I/O can become a problem XenApp very sensitive to read and write I/O latency session performance impacted to design cache location carefully We have placed write cache on local blade disks
High availability place multiple PVS servers in each site. Targets are load balanced and can failover stream to alternate PVS server in the event of interruption. vdisk storage must be resilient Windows file server / NAS SAN storage (third party cluster file systems required for concurrent PVS hosts to access LUN) Local storage with replication (DFS-R supported)
Placement of some files on persistent volume Windows pagefile (redirected by PVS) Windows and some application event logs App-V Client cache for streamed apps ensures applications are always pre-cached on servers Anti-virus patterns
2008 R2 RDS CAL makes viable without MS EA Application abstraction from build Removes requirement to install apps on XA Application co-existence, removes DLL Hell No application footprint
Full Infrastructure model chosen for full featureset Component scaled outwards multiple App-V servers (VMs) per site Netscaler load balancing of RTSP streams In-zone VPX enables easier LB + Improves performance
Problems mainly with Sequencing Awkward applications Application personalisation AppSense / Scripts No showstoppers
AppSense EM provides two key functions Personalisation retention of user profile settings Policy management of user environment through policy settings and preferences Other AppSense suite components (Application Manager, Performance Manager) are present but are secondary in importance to EM
Users logon with locally stored mandatory or local profile which serves as a very fast-loading template profile (250KB) AppSense captures user personalisation for defined applications and stores in database Roaming Profiles thankfully consigned to history
Users logon with locally stored mandatory or local profile which serves as a very fast-loading template profile (250KB) AppSense captures user personalisation for defined applications and stores in database Roaming Profiles thankfully consigned to history
2 x AppSense Management VMs each site 2 x AppSense Personalisation VMs each site Netscaler load balancing of Management and Personalisation web services SQL Server clusters on each site. Management database is mirrored and Personalisation database is replicated so active/active.
Defining which applications and settings to personalise and what to ignore. Our approach capture only what is required. Designing infrastructure for high availability as personalisation is a key function of the users experience. SQL Replication is complex. Integration with PVS AppSense agents baked into vdisk but configurations loaded on boot
Providing Virtualisation platform for all infrastructure servers associated with Citrix environment, except XenApp, SQL and PVS May also end up hosting numerous application servers A cluster has been deployed at each datacentre
Existing skills in Team Familiar technology and support Proven Years in Production without problems Historically chosen for cost
Powerful hardware each node has Quad 6/8/10 Core CPU and 300GB+ Ram available for workloads Clustered for HA with CSV volumes Weaknesses - Virtual Switch, Vendor teaming But - Hyper V3 offers Cisco 1000v Nexus switch
Previous SCVMM in production since 2007 Manages Hyper-V Hosts and VM Hypervisor agnostic supports XenServer, VMware (like they d let us )
No longer SPOF Can be multisite Fits data centre model Benefits for XenDesktop 5.6
Tim Tharratt, Technical Design Lead Tim.Tharratt@cfs.coop Neil Burton, Citrix Consultant Neil@burtoncomputing.co.uk @neildmb