1Y0-203 Citrix XenApp and XenDesktop 7.15 Administration Resource Guide
Part 2 of 3
2 vDisk Storage Considerations The following chapter outlines different options for configuring the Provisioning Server vDisk store. Local vDisks Using the local hard disk subsystem of the Provisioning Servers to store the vDisks provides the easiest way of implementing vDisk high availability without additional cost. Note: When configuring a vDisk store pointing to a local directory of. The VHDs must be fixed because internal structure of dynamic VHDs is different and can cause alignment problems concerning disk subsystem (that is NetApp- Filer). There is a whitepaper created by NetApp covering alignment considerations (same applies to Hyper-V VHDs). Is anyone using Dynamic Disk Pools with your Citrix Provision Services and with your vDisks of clients? We recently got a PowerVault with 1.2TB 10K SAS disks and 12GBs SAS Connection to our Servers and was curious if going with Dells DDP/Dynamic Disk Pools is any better than going with a RAID 5 a.
Sections 4 - 8
Section 4: Provision and Deliver App and Desktop Resources
4.01
Objective: Determine the registration process of the Virtual Delivery Agent
Source: Technical overview
Source: VDA Registration
4.02
Objective: Determine how to manage Machine Catalogs and Delivery Groups
Source: Create Machine Catalogs
Source: Manage Machine Catalogs
Source: Delivery Groups
Source: Create a Machine Catalog
Source: VDI desktops
Source: Applications
4.03
Objective: Determine the appropriate provisioning method type to use in a given environment
Source: Provisioning Services product overview
Citrix Virtual Desktop Handbook 7.x, Decision: Write Cache Placement
Source: Deploy virtual desktops to VMs using the XenDesktop Setup Wizard
http://docs.citrix.com/en-us/provisioning/7-6/pvs-xendesktop-setup-wizard-readme.html
Source: Clearing The Air – Fixed or Dynamic vDisks?
http://blogs.citrix.com/2012/02/13/fixed-or-dynamic-vdisks
Source: Configure and manage
Source: Support for Replicated vDisk Storage
4.04
Objective: Determine how to deploy machines using Machine Creation Services
Source: Prepare the virtualization environment: VMware
Source: Machine Creation Service: Image Preparation Overview and Fault-Finding
XenDesktop Support for Microsoft KMS and MAK Activation with Machine Creation Services
Source: Machine Creation Services (MCS) Storage Considerations
Source: Create Machine Catalogs
4.05
Objective: Determine virtual machine behavior of different types of machines provisioned using Machine Creation Services
Source: VDI desktops
https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/technical-overview/delivery-methods/vdi-desktops.html
Source: Configure and manage
PVS - Update vDisk
Source: Machine Creation Service: Image Preparation Overview and Fault-Finding
XenDesktop Support for Microsoft KMS and MAK Activation with Machine Creation Services
https://support.citrix.com/article/CTX128580
Source: Manage Machine Catalogs
https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/install-configure/machine-catalogs-manage.html
4.06
Objective: Determine how to implement Office 365 in a XenApp and XenDesktop environment
Source: Deployment Guide | Microsoft Office 365 for Citrix XenApp and XenDesktop 7.x
Section 5: Providing Access with StoreFront and Receiver
5.01
Objective: Determine how to set up Citrix StoreFront
Source: How to Export and Import StoreFront Subscription Database
Source: Create or remove a store
5.02
Objective: Determine how to configure StoreFront authentication
Source: Configure the password expiry notification period
Source: Configure NetScaler Gateway connection settings
5.03
Objective: Determine which Citrix Receiver type and/or deployment option to use in a given environment
Source: Configuring the Group Policy Object administrative template
https://docs.citrix.com/en-us/receiver/windows/4-9/configure/config-gpo-template.html
Source: Deploy Citrix Receiver for Windows from Receiver for Web
Source: Reducing application launch time
Section 6: Understanding and Configuring Citrix Policies
6.01
Objective: Determine how to configure Citrix policies according to leading practices
Source: Compare, prioritize, model, and troubleshoot policies
Source: Policies
Source: Loopback processing of Group Policy
How to Lock Down a VDI-in-a-Box Desktop to Prevent Shutdown
6.02
Objective: Determine how to manage the user session experience through policies
Source: Unable to Disable Workspace Control on StoreFront and XenApp 7.6
Configure workspace control
Source: Technical overview
Source: Manage Delivery Groups
Source: Load management policy settings
Section 7: Application Presentation and Management
7.01
Objective: Determine which application specific properties to use in Delivery Groups based on a scenario
Source: Configure application delivery
7.02
Objective: Determine how to configure Session Pre-Launch and Session Lingering to optimize Server OS published applications for a given environment
Source: Manage Deliver Groups
7.03
Objective: Determine how to present applications to users
Source: How to display the Featured apps group under the 'Category' view than the 'All' view on storefront website
https://support.citrix.com/article/CTX217236
Source: Configuring application delivery
7.04
Objective: Determine how to configure applications groups
Source: Manage Application Groups
Source: Create Application Groups
Section 8: Printing with XenApp and XenDesktop
8.01
Objective: Determine the appropriate printer mapping for a given environment
Source: Print
Source: Printing policy settings
8.02
Objective: Identify the appropriate printer driver(s) to use based on a scenario
Source: Printing configuration example
http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-print-landing/xad-print-example.html
8.03
Objective: Determine how to resolve printing issues
Source: Latest Articles and Tools for Printing & Graphics
Streamed Targets
- Provisioning Services Daylight Saving Time problem, 1 hour time difference and impact on Kerberos authentication (impacts all streamed targets).
Desktops
If changes are made to default console port of Provisioning Services, do this for MCLI as well:
“mcli.exe run SetupConnection –p Port=PortNumber”
Fixed Or Dynamic Vdisks All About Citrix Cloud
- Same applies to “SetupToolApplication.exe.config” for XenDesktop 4 Setup Wizard
- If your environment is based on MS SMS 2003, you should consider http://support.microsoft.com/kb/828367 to avoid duplicate GUIDS.
Database
SQL Permissions for Provisioning Services Database
- To install Provisioning Services, the user must have local administrator privileges.
Note: This user does not require any permission to access the db.
- The user running Configuration wizard must have SQL administrator permission (sysadmin) to be able to create and configure the db.
Fixed Or Dynamic Vdisks All About Citrix Login
- The user which Stream/SOAP services run as, must have db_datareader and db_datawriter roles:
CTX120080 - Service Account Configuration for Accessing SQL
- Use DBSCRIPT.exe to pre-create DB on SQL server.
- If you cannot connect to SQL2008, then leave the instance empty as well as port while running configuration wizard. You must point to the IP address of the SQL server.
Network
Network Impact
- Provisioning Services uses an optimized UDP-based protocol to communicate with the target devices
- Data is streamed to each target device only as requested by the OS and applications running on the target device
- In most cases, less than 20% of any application is ever transferred
- Network utilization is most significant when target devices are starting as the OS loads, after target devices start, there is minimal network utilization
Network Components
Configure active network components accordingly:
Switch manufacturer | Fast Link option name |
Cisco | PortFast or STP Fast Link |
Dell | Spanning Tree FastLink |
Foundry | Fast Port |
3COM | Fast Start |
Note: For additional information, check CTX117374 – Best Practices for Configuring Provisioning Server on a Network
PXE or Network Boot
- Create a dummy collection in Provisioning Services console and enable the Auto-Add feature in the farm.
Fixed Or Dynamic Vdisks All About Citrix Software
- Create a target device inside the dummy collection and define as template.
Fixed Or Dynamic Vdisks All About Citrix Download
- Assign a small vDisk (that is 100 MB) and select Boot from Hard Disk.
- In site properties, point the Auto-Add feature to dummy collection.
This ensures that no machines are unresponsive and showing No vDisk found if configured to PXE boot and no target device entry is created in the Provisioning Services database.
TCP Offloading
- Set following registry keys in vDisk - Golden Master (Target Device):
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBNNSParameters
DWORD = EnableOffload
Value “0”
Disable TCP Large Send Offload for Provisioning Services driver:
Adds latency as packets re-segmented
Must be set on Provisioning Server and Target Device:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTCPIPParameters
Key: 'DisableTaskOffload' (dword)
Value: '1'
- Try to synchronize all MTUs across your network if possible.
Do this on Virtual Desktop Agents, Provisioning Services, XenServer to avoid network problems when tunneling protocols, adjust MaxICAPacketSize, and all MSS accordingly.
CTX117374 - Best Practices for Configuring Provisioning Server on a Network
CTX117491 - Excessive Amounts of Retries Occur when a Provisioning Server Target Device is Deployed on a XenServer Platform
ARP Cache Changes – Windows 2008 / Vista / Windows 7
The default lifespan of ARP cache entries was lowered from 10 minutes in Windows Server 2003 to a random value between 15 and 45 seconds in Vista/W2K8. As a result, the Provisioning Services bootstraps are 20 times more likely to experience a timeout during a Vista/W2K8 boot. The workaround is to increase the ARP cache entry lifespan for Provisioning Services -bound NIC’s: Provisioning Services Server and VDA:
- Open a command shell window. At the command prompt, enter the following command:
netsh interface ipv4 show interfaces
- To set the ARP cache entry lifespan to 600 seconds, enter the following command:
netsh interface ipv4 set interface <PVS interface number> basereachable=600000
To verify the new setting, enter the following command:
netsh interface ipv4 show interface <PVS interface number>
Note: The Base Reachable Time should be set to 600,000 ms, and the Reachable Time to a value between 300,000 and 900,000 ms.For more information, refer to http://support.microsoft.com/kb/949589.
Boot Sector / PAE / TFTP
Boot Sector
If Target Device would not start with bootloader or NTLDR not found:
- Verify this partition has 0x20 reserved sectors in MBR: run dskprobe.exe, read from PhysicalDrive1 (local disk) sector 0. Verify data offset 0x1c6 is 0x20.
- To verify, this partition has 0x20 reserved sectors in PBR: run dskprobe.exe, read from PhysicalDrive1 (local disk) sector 32. Verify data offset 3 is ‘NTFS’ and offset 0x18 is 0x20 (when formatting with some SCSI/Raid controllers windows format places a 0x3F in this location which causes the machine not to start).
PAE
When Windows 7 does not start, it is likely caused by PAE (Advanced Memory Support). Starting in 5.1.2, this option is enabled by default in the Bootstrap. However, in the BDM and Bios Bootstrap (OROM in DELL FX Series), this option is still disabled by default. Windows 7 and newer always require PAE to start in RAM Cache mode. This is the reason why PXE works and BDM and OROM does not, if not rewritten or configured properly
Note: For additional information, refer to CTX126107 - Error: 'vDisk Not Available' When Creating a New vDisk After Reboot using BDM ISOTFTP
- Use BOOTPTAB Editor to allow or prevent only special clients to obtain ARDBP32.BIN through PXE/TFTP.
- Use TFTPD32.exe (Freeware) or DHCPExplorer (free from SoftPedia.com) to discover which TFTP/PXE services are already running in the environment.
- In order to bind TFTP Daemon to a specific NIC/Port, configure logging for TFTP Daemon, set the “GET” Directory ( server side) and use:
“%Program Files%CitrixProvisioning Servicestftpcpl.cpl”
- In order to bind TFTP Daemon to a specific NIC/Port, configure logging for TFTP Daemon, set the “GET” Directory for the TwoStageBootloader (server side) and use:
“%ProgramFiles%CitrixProvisioning Servicestsbcpl.cpl”
- In order to bind the Stream service to specific NIC (target device side) use:
“%ProgramFiles%Provisioning Servicesbindconfig.exe”
- If in your environment PXE/TFTP has problems with finding ardbp32.bin or tsbbdm.bin you should check the following registry keys:
Default configuration sets the TFTP directory to
“C:ProgramDataCitrixProvisioning ServicesTftpboot”
HKLMSYSTEMCurrentControlSetServicesBNTFTPParametersGetDirectory)If tsbbdm.bin, for example, is not found during boot:
Try to copy the file from “C:Program FilesCitrixProvisioning ServicesTSBboot”
To directory specified in HKLMSYSTEMCurrentControlSetServicesBNTFTPParametersGetDirectory
vDisks
Common vDisk Tuning
Delete Bitlocker 100 MB Partition during setup of Golden Master using Shift+F10 during first setup screen of the installation > Start “Diskpart” - and inside “Diskpart” tool complete the following steps:
- select disk 0
- clean
- create partition primary
- select partition 1
- format fs=ntfs quick
- exit
Disable Last Access Timestamp of Files in vDisk (can be done through XenConvert optimizer)
“FSUTIL behavior set disablelastaccess 1
Note: You can add many customizations through editing optimizations.xml in XenConvert directory (target device side)
- Prior to building any vDisk Flush the DNS Resolver Cache:
“ipconfig flushdns”
- Run chkdsk before starting XenConvert or Imaging Wizard.
- Use Sysinternals sDelete –c driveletter to zero out empty vDisk areas and reduce storage when creating golden master.
- Disable Windows Indexing Service and System Restore.
- Configure redirection of spool directory, virus patterns, RADECache, EdgeSight DB, AppSense Profile, Databases, Event logs, Log files to a persistent CacheDisk or CacheVolume if possible
- If provisioning hardware, you must use newest BIOS or Firmware to avoid hardware conflicts.
- If XenConvert throws an error while creating the vDisk, try to exclude directories through XenConvert.ini, which could not be copied.
- If virtualizing XenApp Server Configuration Tool 1.1 for XenApp 6 Sealing before Provisioning Services image creation (includes preparation for MSMQ):
CTX124981 - XenApp Server Configuration Tool - Update 1.1.0 for XenApp 6 for Windows Server 2008 R2
- Before switching vDisk to Standard Image mode: “ipconfig/release” (release DHCP address).
vDisk Updates
- Do updates by creating a new version of the vDisk and modifying the maintenance version. When the update is ready, promote the version to test. After testing, promote the version to production using immediate or scheduled availability.
- Schedule merge of the vDisk versions after a number of versions have been created to save space and increase performance.
Disk Type
- As Virtual Hard Disk (VHD) expands:
- Disk can become fragmented on physical media
- Expansion algorithm occurs in 1 MB increments
- Rapid expansion wreaks havoc on SAN such as first boot or page file creation
- Alignment issues
- Constructed with extra byte at end of file
- Dynamic VHD always misaligns disk with storage
- Use only fixed-size VHDs for write-cache drives and Provisioning services vDisks.
High Availability per Component
- Use High Availability (HA)-Setup for DHCP and TFTP Services
- Load Balance TFTP (NetScaler VPX is a good option)
- Use multi-server PVS Farms – Target devices can switch to other PVS when streaming PVS gets unavailable
- Use streamed apps - multiple profile shares + NetScaler for Load Balancing
- Use load-balanced XenApp-Farms for best load distribution and user density
- Use HA for License server because in file mps-wsxica_mps-wsxica.ini information about licenses + timestamp are stored during contact of license server. In standard image mode this file cannot be updated and 30 days after vDisk creation, there will be no grace period if license server goes down because timestamp is too old
- Use STAs of XenApp Farm, because health checks are available and can be used
- Use multiple PVS Servers for high availability and redundancy
- Place PVS Servers as near as possible to target devices for high performance and bandwidth
Note: For additional information, refer to:
CTX116337 - How to Load Balance Trivial File Transfer Protocol Servers
CTX119286 - Provisioning Server High Availability Considerations
Performance
Traffic Bottleneck if only 100Mbit Available
- Resource bottlenecks are mostly I/O related and hardly ever RAM or CPU dependent, test scalability if write cache on server should be used
- Amount of write cache is related to user activity and applications used (check in PoC or real world scenario)
- How to Grant Rights to add Workstations to a Domain (Delegated Administration) - CTX121201 - How to Grant Rights to Manage Computer Accounts using Provisioning Services Console
- Never use power settings like hard disk power savings on Provisioning Services ( server disks )
- The following will effectively disable TSO and increase the performance substantially with XenServer 5.5 (it is enabled by default in XenServer 5.6):
- Create registry key HKLMSystemCurrentControlSetServicesxenevtchnParameters
- Create a DWORD value called SetFlags in that key and set it to 30000 hexadecimal
- Restart the Virtual Machine and test it. Hotfix CPVS51SP2E003 – described in the write cache section
Storage
NFS Storage Usage
Maximum benefit from the Read-Only vDisk Storage feature can be obtained in environments that use SAN for vDisk storage and are using client-side write-back cache (disk or RAM). In these environments, use of this feature eliminates the requirement to deploy shared or clustered file system software, reducing deployment costs and complexity, and maximizing scalability and performance.
Notes
- When running the mount IP-Address:/vol/vf000/foobar x: command to mount a NFS share, Windows translates the path into a normal UNC
- Use IPvolvf000foobar when configuring the store (as UNC Path)
VHD and Storage Alignments
The VHDs must be fixed because internal structure of dynamic VHDs is different and can cause alignment problems concerning disk subsystem (that is NetApp- Filer). There is a whitepaper created by NetApp covering alignment considerations (same applies to Hyper-V VHDs).
- Best Practices for File System Alignment in Virtual Environments: NetApp (March 2009|TR-3747)
- For vDisks use RAID 5 ( read-intensive) , for Write Cache use RAID 1 / RAID10 (write-intensive) enable Write Back Cache /and ensure there is a Battery Backup Unit for RAID Controller/ SAN Systems in place
Additional Information
When using write caching on local device HDs, CPVS51SP2E026 introduces a fix to allow for alignment by default on a 4K boundary. This is particularly applicable in a virtual environment where the local disks attached to the Virtual Machines are actually Virtual Desktop Infrastructures (VDIs) stored on Storage Area Networks (SANs). The hotfix allows for full alignment when reading and writing the cache data thereby improving the performance of the SAN.
Storage Recommendations
Disk Speed Random IOPS 15,000 150 10,000 110 5,400 50 | RAID Level Write Cost 0 1 1 or 10 2 5 4 | Activity IOPS Startup 26 Logon 12.5 Working 8 Logoff 10.7 |
- Quick and Dirty estimates:
- 5 simultaneous boot ups per spindle
- 12 simultaneous logons per spindle
- 14 simultaneous logoffs per spindle
- 18 simultaneous users per spindle
IOPS calculations impacted by:
- Disk speed
- RAID level
- Read/Write % (20/80)
- User Activity
Virtual desktops are WRITE intensive (not READ)
- 20% Read
- 80% Write
- Requires RAID that supports heavy writes
- RAID 1 for 2 disks
- RAID 10 (1+0) for 4+ disks
- Databases
- Provisioning services vDisk storage
Write Cache Storage Location
Virtual Desktops per Spindle
Boot | Logon | Working | Logoff | |
RAID 0 | 5 | 12 | 18 | 14 |
RAID 1 | 3 | 6 | 9 | 7 |
RAID 5 | 1 | 3 | 4 | 4 |
Spindles required for 60 desktop loads
Boot | Logon | Working | Logoff | |
RAID 0 | 12 | 5 | 3 | 4 |
RAID 1 | 20 | 10 | 7 | 9 |
RAID 5 | 60 | 20 | 15 | 15 |
Write Cache
- Planning
- Start with write cache on Provisioning Services Server
- Start with initial size of 2 GB + swap file
- Designing
- If target device write cache is chosen, available space must be sufficient or OS might display blue screen
- Minimize network impact (limit number of hops)
- Do NOT use Provisioning Services server
- Use RAM with extreme caution (if you run out of RAM you do not have time to restart the machine before it becomes unresponsive and you would not get a warning, just a BSOD).
- Use local disk (shared/local)
Note: If you do not have enough space when using RAM cache, the target device stops. If there is not enough local storage for client side cache (local disk/SAN) then if it fills up, it will degrade performance similar to your local drive filling up on a laptop, but it will not stop.
Calculating the proper size for the write cache
- Start with write cache on Provisioning Services Server to get some information on write cache – start with initial size of 2 GB + pagefile.
Note: Hyper-V requires additional space for the memory save file
- Pagefile is written to target device partition where write cache is located, if target device write cache is chosen, available space must be sufficient.
Note: If there is not enough space on the target device’s local drive while starting, the cache will be sent to the server. This only occurs when it determines where to place the local cache and does not find a suitable sized partition locally.
- To enable a Target Device leveraging locally attached disk for write caching, it is necessary to enable the Windows Auto Mount functionality. This can be done by completing either of the following options:
Option 1
- Open up command line, start “Diskpart”
- type “automount enable”
- exit
Option 2
- Open command line
- Execute Mountvol /E
Write Cache Considerations
R/W ration dependent on the environment/load, usually more writes
# of reads likely to go up the longer uptime of the target
- RAID 1 or 10 is ok, RAID 5 or 6 *not* recommended (unless a huge amount of spindles)
- Usually local disk system, and in virtualized environments NFS, iSCSI, or FC
- If using server side caching, use multiple write cache paths to increase performance
- RAID controller with battery backed write cache can help a lot
Remember to set check registry setting (with streamed server OS only):
CTX126042 – When to Enable Intermediate Buffering for Local Hard Drive Cache
Losing the write cache will cause a BSOD in most cases (might fail over to server side)
- Things that causes write cache activity to be high
- Boot / Shutdown / User logging in or off
- User starting application (streamed or local, hosted should have minimal effect)
- Application behavior
- Windows Perfmon <Physical Disk Disk Writes/sec> ( Disk Transfers / sec gives you the whole picture)
- Hotfix CPVS51SP2E003 describes how to enable file buffering for Write Cache if Write Cache size < vDisk size when using Target Device Cache (it has been noticed performance gain up to 350% for Write Cache throughout)
Note: For additional information, refer to:
CTX125126 - Advanced Memory and Storage Considerations for Provisioning Services
CTX119286 - Provisioning Server High Availability Considerations
CTX128645 - Design Considerations for Virtualizing Provisioning Services
vDisk Store
- Read-only, unless updating:
- Provisioning Services 6.x: create a maintenance version
- Create a separate set of disks for write cache to better optimize the I/O load
- NetApp PAM (Performance Acceleration Module)
- Use a disk subsystem that causes the Windows Server to cache the vDisk
- Not NFS or Windows 2008 R2
- Provisioning Services does not take lightly loosing the vDisk connection, use multipathing
- RAID controller read cache can help, especially in larger Provisioning Services farms:
- All servers must read at least one time
- How many vDisks will be heavily utilized at one time (how many targets with different vDisks are started at the same time)
- Windows Perfmon <Physical Disk Disk Reads/sec> (This gives an idea on the throughput needed)