《[IT计算机]CitrixVirtualComputingServicesDeepDiveBestPracticesandInformationv16alphaXD555XA66.ppt》由会员分享,可在线阅读,更多相关《[IT计算机]CitrixVirtualComputingServicesDeepDiveBestPracticesandInformationv16alphaXD555XA66.ppt(288页珍藏版)》请在三一办公上搜索。
1、Citrix Virtual Computing ServicesDeep-Dive&Best Practices&Information XD5/5.5 XA6.0/XA6.5v16alpha,Ronald GrassSystems Engineering,Citrix Systems,Disclaimer:This is not a Citrix Systems official document.All information is collected and provided on best knowledge and belief.Some of these slides are B
2、est Practices,some are containing unsupported features or simple tips&tricks,but are nice to know and to play around with.Although most of this information can be found in blogs,official documents or have been provided by Citrix Escalation Team,TechSupport,Consulting Services,Systems Engineers,Citri
3、x Solution Advisors,CTPs and even customers,Citrix Systems can not be made responsible if any of the provided information will break,crash or make your environment in full or partially useless.This document is intended for Citrix Professionals/CSAs etc and should not be made publicly available to un
4、educated Citrix-IT staff or even customers.Thank you all for providing great feedback,updates,comments and additions.,Citrix XenDesktop Architecture,Citrix EdgeSight,Desktop Delivery Controlleror Broker,Access Gatewayor Netscaler(VPX available)s,Citrix RepeaterBranch Repeater(VPX available),Provisio
5、ning Technologies,XenServervSphere/vCenterMS Hyper-V/SCVVM,Virtual Desktop,Fatclients,Desktop AppliancesThinClients,SmartDevices i.e.Blackberry,iPhone/iPad,Handhelds,Tablets,ZeroClients with Citrix Receiver,Focus on User Experience and Simplicity+Scalability,Remoting ProtocolHDX/ICA/RFX,Communicatio
6、n Ports of Citrix productshttp:/,XenDesktop Communication(DDC),XenDesktop Communication Ports(VDA),XenDesktop References/Whitepapers,For reference whitepapers,proposed solutions and architectures please visit Links to a bunch of good resourceshttp:/to XenDesktop 5 Toolshttp:/Citrix XenDesktop 5 Over
7、viewhttp:/XenDesktop Modular Reference Architecturehttp:/XenDesktop Design Handbookhttps:/FAQhttp:/,XenDesktop Resources&Reference Architecture,Citrix XenDesktop Broker Desktop Delivery Controller(DDC),Component Compatibility,XD5 Quick Start Guide for PoCs with MCS(by Paul Murray)http:/sure DNS/rDNS
8、 is functional in customer environmentReverse DNS is not required in XD5.The mapping between VDA FQDN and IP address is handled by the WCF registration process now and so the XenDesktopBroker does not need to reverse lookup theVDA anymore using DNS calls.See execption below.rDNS s required in multi
9、forest XD5 Deploymentshttp:/sure VDAs and DDCs are timesynced(NTP)Always prefer installation through Meta-Installer which will check Plattform and for all dependencies,DDC Installation/Prerequisites,List of XD 5 Downloads+MD5 Sums http:/VDA build 230:XD 5.5 RTM build(full layout build 51180)Always i
10、nstall SQL Express from XD5 setup routine and not beforeAlways join domain before installing XD because of Database access permissionsYou will have to exactly install the right version of the components required.i.e.you have to install the VS 2008 redistributable and not the VS 2010 package.You can
11、do this additionally,but those binaries wont be used by XD5.The unmanaged components(not.NET based)in XD5 have been built using the C+compilers from VS 2008,which means that they will need to load in the appropriate C runtime libraries corresponding to the C+compilers.The C+compilers changed between
12、 VS 2008 and VS 2010(VC90 vs VC100),and the XD5 binaries will only pick up the DLLs of the correct name/version(MSVCR90.dll and similar).,DDC Installation/Prerequisites,Disable UAC while installing VDA in Vista und Win7 or run installer As Administrator“to allow drivers to be installed(Remote USB Bu
13、s etc)Check MS Operating System Version(Windows XP,Windows Vista and Windows 7)and VDA LicensingXD5 does currently not support IPv6For XD 5 SP1 Licenseserver=11.9 build 11007 is required(U/D Licensing enforced)No Support for SQL Database ReplicationSQL integrated authentication is not supported as w
14、ell as Windows service accounts,because each DDC will use its hostname to access the database,only Windows authentication can be usedIf any of the domain controllers are Windows 2000 Server,then Machine Creation Services will fail to create machine accounts.We have never tested Windows 2000 with XD5
15、 and cannot support a customer working in this scenarioThere is a setting for the XD site that specifically denotes whether a user/device or CCU license will be consumed.It will never be both.Each site can only be one license model type.AD Requirementshttp:/activation support statement for MCS based
16、 desktopshttp:/,Limits and Requirements,The following article describes how to setup the VDA via Group Policy and also explains the how to perform the rest of the needed config http:/XenDesktopVdaSetup.exe tool will do additional tasks to the MSI such as setting up support for Desktop Director featu
17、res,performing VM optimizations and installing the Machine ID service agent.These are setup by running additional tools.Automated Install for VDA via XdsAgent_xbit.msi file via command line by using msiexec to specify the required parameters to the installer.For example:msiexec/i XdsAgent_x86.msi/l*
18、v C:tempXdsAgent_log.txt CONTROLLER_NAMES=ENABLE_HDX_PORTS=1XenDesktopVdaSetup.exe optionshttp:/Install for Server Components via XenDesktopServerSetup.exe/COMPONENTS CONTROLLER,DESKTOPSTUDIO,DESKTOPDIRECTOR,LICENSESERVER/NOREBOOT/NOSQL/QUIEThttp:/automation with powershell resource by Stephane Thir
19、ionhttp:/You can find the logfiles in%temp%CitrixXenDesktop Installer,Desktop-Delivery Installation(DDC/VDA/Automation),MachinePersonalityAgent.msi will not be installed,WinRM will not be configured and optimization will not be performed if you upgrade a VDA just using the MSI.You should use xendesk
20、opvdasetup.exe and not xdsagent_x86.msi for the upgrade,otherwise not all VDA components will be installed.In XenDesktop 5 the VDA consists of more than just XdsAgent.msi.Unfortunately it is not possible to change the port number during the upgrade,so the VDA will continue to use port 8080.However a
21、fter the upgrade has finished you can call XenDesktopVdaSetup.exe again with/RECONFIGURE/PORTNUMBER 80 and that will change the port number to 80.If you experiences problem with updates of VDA or after a uninstall which not finished correctly you may need to remove keys beyondHKEY_LOCAL_MACHINESOFTW
22、AREClassesInstallerProducts515472DB9C45E2341AB5F7BB0B1BEAAF,Desktop-Delivery Installation/Update,PowerShell is a crucial part for XenDesktop=5,so be sure PowerShell is installed during Server Setup or with DDC installationIf you want to automate XenDesktop 5 with PowerShell cmdletshttp:/you installe
23、d following MSIs on Admin PC,theyre independent of each other so you only need to install the ones that relate to services you want to access.use x64 or x86 versions ADIdentity_PowerShellSnapin_x86.msiBroker_PowerShellSnapin_x86.msiConfiguration_PowerShellSnapin_x86.msiHost_PowerShellSnapin_x86.msiM
24、achineCreation_PowerShellSnapin_x86.msiMachineIdentity_PowerShellSnapin_x86.msiFor the Policies SDK you have to install:CitrixGroupPolicyManagement_x86.msi or CitrixGroupPolicyManagement_x64.ms,Desktop-Delivery PowerShell,Remote PowerShell for CitrixSnapIns can be done by adding the AdminAddress to
25、any SDK command you want to run remotely.You can get installed XenDesktop PowerShell SDK Version information by executing New-XdAdminConnectionThe XdExport-Tool was built against powershell 1s System.Management.Automation.dll and therefor you only need PoSH 1.0 installed on the Server 2003(R2)XD4 DD
26、C,Desktop-Delivery PowerShell,The VDA install/modify action changes the port used for DDC-VDA communication(i.e.changes the port that the VDA service is listening on),There is a registry entry which controls the port used for VDA-DDC communication(i.e.points to the port that the DDC service is liste
27、ning on).By default both directions use the same port number,but they can quite happily be different to each other.This key has to be set on the VDAs registry HKLMSoftwareCitrixVirtualDesktopAgentControllerRegistrarPort value=80(REG_DWORD)decimal All the other ports on the DDC and VDA for DDC/VDA co
28、mmunication are automatically exchanged via the registration mechanism or subsequent activities,so its just the port for registration that is needed.To change the XML port number you can use the following command BrokerService.exe wiport wisslport http:/,Desktop-Delivery Controller Configuration,How
29、 to configure SSL on DDCs(SSL relay deprecated)http:/import XD4 settings into XD 5 use.Import-XdSettings.ps1-FilePath C:XDImportXDSettings.xmlRegistry Entries used by XD5http:/remove a DDC from a site just delete it in Desktop Studio and remove computer account from DB Server,Desktop-Delivery Contro
30、ller Configuration,If you change the SQL Port to a non-standard port you need to enter it with the SQL Server sqlserver,port in during setup Desktop Studio(since XD5SP1).You cant specify a named instance and a port number,i.e.it should either ServerNameInstanceName,or Servername,PortNumberHow to Use
31、 a Specific SQL Port with XenDesktop 5http:/If the database youre using is a named instance,the DDC will contact the database server on port 1434(UDP)first in order to find the port on which to contact the database itself(which might be 1433).When you have to create the XenDesktop database by please
32、 make sure,the scripts have to be run in SQLCMD mode or by using the SQLCMD utility itself against the right DB!And please check that the database has been created with the correct collation sequence.You need to create a database which is case-insensitive,accent-sensitive and kanatype-sensitive.Typi
33、cally this means that the name of the chosen collation sequence will end with _CI_AS_KS.http:/,DDC Database,How to move or migrate an existing XD5 Databasehttp:/Database Sizing and Mirroring Best Practiceshttp:/you need to configure XenDesktop Database for Database Mirroringhttp:/XenDesktop 5 SQL Tr
34、ansaction Log Growing Excessivlyhttp:/do not encourage nor support XD modifications directly to the DB and running queries outside the SQL views can cause locks and as a result,errors for some actions and users.How to Restore a XenDesktop 5 Database on a SQL 2008 Serverhttp:/Desktop Agent Configurat
35、ionhttp:/,Broker Database and VDA Configuration,Database Permission Model for XD5http:/The runtime access performed by the XenDesktop DDCs on the database uses the following security model:The XD database contains a set of pre-configured DB roles which have detailed execute/select permissions hung o
36、ff them.Each DDC has a dedicated user within the XD database that is a member of the above roles.Each DDC accesses the DB server through its AD machine account which requires it to have a login created for it,and for that login to be mapped to the associated user in the XD DB.The login does not need
37、 to be a member of any server-level roles.The XenDesktop 5 services access the database using their computer account logins(domainmachine$,or NT AUTHORITYNETWORK SERVICE if database is located on a controller(i.e.SQL Express)How to reconfigure a XenDesktop Site to use database miroringhttp:/You need
38、 to set the connection string to$null before trying to set it to a new mirrored form,so:Set-ConfigDBConnection DBConnection$null.and then do yourThis needs to be repeated for each DDC/service.You might want to add“Network Library=dbmssocn”to the connection string used for mirroring too.This forces u
39、se of the TCP/IP driver rather than named pipes.This works better with mirroring(faster failover)as per recommendations from MS.,Broker Database Runtime access&Mirroring,How to reconfigure a XenDesktop Site to use database miroringhttp:/You need to set the connection string to$null before trying to
40、set it to a new mirrored form,so:Set-ConfigDBConnection DBConnection$null.and then do yourSet-ConfigDBConnection-DBConnection”Server=;Database=CitrixXenDesktopDB;Trusted_Connection=true;Failover Partner=“This needs to be repeated for each DDC/service.You might want to add“Network Library=dbmssocn”to
41、 the connection string used for mirroring too.This forces use of the TCP/IP driver rather than named pipes.This works better with mirroring(faster failover)as per recommendations from MS.,Broker Database Mirorring&PowerShell,Database Access and Permission Model for XenDesktop 5http:/Database/schema
42、creation and addition of first DDC:The minimal role membership required to run the generated script is dbcreator plus securityadmin(note that I think if run directly via Desktop Studio you require sysadmin privilege).Adding a subsequent DDC:The script creates a login,a DB user,and executes various s
43、tored procedures in the XD database.Since there is no XD-specific database role associated with this,you would minimally need securityadmin and db_owner privileges.Removing a DDC:The script removes a DB user and executes various stored procedures in the XD database.Since there is no XD-specific data
44、base role associated with this,you would need db_owner privileges.Note that the securityadmin role is not required since the login is not removed(we have no way of knowing whether its in use for other purposes).Adding DDC logins to a mirror server:The script creates just a login suitable for the DDC
45、(the minimum required configuration on the mirror server in a mirrored configuration).This requires securityadmin privileges.,Broker Database Permissions,Database can become heavily utilized und under load(i.e.by executing get-brokerdesktopusage)in a large environment,due to how it calculates the nu
46、mbers it can also lock up a large number of rows and tables.Citrix recommends that any customer using a script to record the data that they enable the Read_Commited_Snapshot option on the XenDesktop database,as this will remove contention on the database of read queries.This can be done by using:ALT
47、ER DATABASE CitrixXenDesktopDB SET READ_COMMITTED_SNAPSHOT ONNote that it may be necessary to switch the DB to single user mode,turn on the above option then switch to back to multi-user,this can be done using this sequence:ALTER DATABASE CitrixXenDesktopDB SET SINGLE_USER WITH ROLLBACK IMMEDIATEALT
48、ER DATABASE CitrixXenDesktopDB SET READ_COMMITTED_SNAPSHOT ONALTER DATABASE CitrixXenDesktopDB SET MULTI_USERIf youre using a mirrored DB,then you also need to look at:http:/DB option has been tested in a number of different scenarios at scale,and have found no issues with the option.In fact weve fo
49、und that it can improve the interactivity of Desktop Studio and Desktop Director.It should be noted that this option may increase the load on the tempdb files.,Broker Database locking&tuning,If you want to use XD5 AD based discovery like in XD4 there is a script(Set-ADControllerDiscovery.ps1)provide
50、d to configure this.Domain Trusts:A single domain is the simplest and fastest way to integrate XenDesktop5 into a proof-of-concept,however if a Multi-Domain environment is required there are few things to consider before getting started.First a two-way trust must be enabledIf the hosts running Windo
