Wednesday, 2 February 2011

Planning a Citrix XenDesktop 5 Small Business Deployment

Scenario:

A small business is re-locating into the office of a sister company to save costs, and it is suggested that - instead of a physical migration of a 5 year old Windows 2003 Small Business Server (SBS) box - they consider virtualisation and a hosted Citrix VDI solution. Eventually the sister company may also adopt a Citrix VDI solution.


Ingredients:

Datacentre Environment and costs

1: A hosting environment

Using VMware virtualization here - Citrix XenServer or Microsoft virtualization could also be used
Note: Technically you could get away with no hosting environment and use physical machines with XenDesktop; here this functionality can be can leveraged so the customer Citrix Desktop Delivery Controller does not need to speak to the hosting companies Virtual Center.

2: Physical firewall/shared firewall
3: Public IP addressing for Citrix web access, external mail, etcetera ...
4: Internet breakout
5: Virtual machine storage space, backup storage space, memory, and CPU allocation


Citrix and Windows Environment

1: Citrix Access VPX Gateway Appliance

This is required for XenDesktop to be accessed from the internet - note that this is unlike Citrix Xen App (see http://support.citrix.com/proddocs -> Technologies -> Web Interface -> Web Interface 5.4 -> Web Interface Administration -> Managing Secure Access -> To configure default access settings -> “XenDesktop virtual desktops cannot be accessed if alternate (NAT) addresses are used”)

2: A Windows domain controller

Using P2V-ed Windows 2003 SBS server here


If Citrix policy information is to be stored in Active Directory, and not in the database, the domain controller can be at 'Windows 2000 native' functional level or higher. However, to use Policy Modelling, the domain controller must be running on a server whose operating system is W2003 or higher; this does not affect the domain functional level, which can still be "Windows 2000 native" or higher”

Note: Physical to virtual conversion of a live domain controller is not supported, hence the requirement to use the coldclone.iso (VMware converter bootable version) if P2V-ing a DC (the coldclone.iso is only available to accounts linked to registered VMware products such as Virtual Center)

3: A Windows 2008/2008R2 Std or Enterprise server to install Citrix XenDesktop 5 on
4: Windows XP/Vista/7 virtual desktops


Licensing & other costs

1: Licensing - Citrix Access VPX Gateway Appliance - *free for 5 concurrent users for 12 months*

Paid for version costs around £617.47 per instance from Citrix Store - January 2010

2: SSL certificate for Citrix Access Gateway - *free from startssl.com for 12 month certificate*
3: Licensing - XenDesktop 5 Express - *free for 10 users*
4: Licensing - Windows 2008/2008R2 Standard or Enterprise
5: Licensing - Windows Desktop Operating system
6: Support costs


Client Environment

1: Anywhere in the world where there is an internet link
2: Endpoints - pretty much any Windows XP and above PC, Apple Mac or supported thin/zero-client, with the “Citrix Online plug-in - Web” installed.


Recipe:

Preparation

Part 1A: Preparing the virtual machine environment

Prepare Citrix Access VPX Gateway Appliance (CAG) and configure with SSL certificate
Prepare Windows 2008 server as Citrix Desktop Delivery Controller (CDDC) (for small deployments can install all roles on the one server)
Prepare Windows Virtual Desktops

Part 1B: Preparing the networking environment

Prepare firewall in readiness for switchover date
Prepare VLANs for virtual machine access
Prepare public IP addressing and enable prior to switchover day

Part 1C: Prepare endpoints

Endpoints will need the “Citrix Online plug-in - Web” installed


Switchover Day

Part 1A: Shutdown the SBS server and P2V using the VMware vCenter Converter coldclone.iso

This clone can be done onto a laptop with suitable space, and then the laptop taken to a location when there is a good upload link for importing to the datacenter

Part 1B: Any internet published DNS names such as web or MX records will need to be switched as required

Part 2:

Power up the virtual SBS guest machine, install VMware tools, and test all is okay
Join the CDDC server to the domain
Install Citrix XenDesktop 5 on the CDDC server - install all the roles
Join virtual desktops to the domain
Add virtual desktops to the CDDC and assign users
Complete configuration of the CAG


Completion

Verify endpoints can connect to Citrix XenDesktops with no issue

5 comments:

  1. Did you manage to get around the activation of windows 7. Machine Creation Services (MCS)in XD 5 doesn't have the KMS key management features of PVS 5.6 SP1. This is a problem for small business that do not have enough computers to have a KMS server.

    I would like to know if you were sucessfull.
    E

    ReplyDelete
  2. In this scenario MCS is not used. For security reasons the customer Citrix Desktop Delivery server is not allowed to speak to the hosting companies Virtual Center, and so the non-hosted infrastructure XenDesktop configuration is used. In this instance the Windows 7 XenDesktops are manually created persistent images.

    ReplyDelete
  3. How did the Access Gateway VPX install work out? Can you access the desktop from devices such as an Ipad or Droid?

    Also did you need to add any additional lincenses to allow ssl Proxy?

    Thanks,

    Eric

    ReplyDelete
  4. Hi Eric

    It all worked, no additional licenses were required.

    Regards the IPad or Droid - have not tested on these yet but hope to soon.

    Cheers

    ReplyDelete
  5. I was wondering if you could point me to the docs you used to get Access Gateway setup in the manner you described. I've really been having no luck finding good documentation for that product.

    ReplyDelete