Consulting Solutions | WHITE PAPER | Citrix XenDesktop

Reference Architecture

Pooled Desktops (Local and Remote)

www.citrix.com

Contents
Introduction ........................................................................................................................................................ 3 Desktop Delivery ............................................................................................................................................... 4 Application Delivery.......................................................................................................................................... 8 Conclusion .......................................................................................................................................................... 8

Page 2

Introduction
The Citrix Desktop Transformation Model helps guide desktop administrators through the process of migrating from a device-centric, distributed desktop management model into a more user-centric, virtualized desktop model. The migration process is broken down into 3 distinct transformation steps: Step 1- Identify Business Priorities, Step 2 Establish Time to Value and Step 3 Define the Technology Roadmap, more information is available on Citrix.com regarding each step of the transformation model. The focus of this paper is the third and final step of the Desktop Transformation process in which the reader has already identified which user groups are prime candidates for desktop virtualization and is assessing the available application and desktop delivery options that best meet the business requirements of the identified user groups. Citrix virtualization technology provides different application and desktop delivery options based on the business requirements of the user groups and administrators as outlined in the XenDesktop Modular Reference Architecture. This paper provides the reader with an in-depth view of pooled desktops with installed applications. Pooled desktop delivery, also referenced throughout this document as Hosted VDI (Virtual Desktop Infrastructure) Pooled Desktops, supports multiple virtual desktops running from one centralized virtual desktop image. Pooled desktops are a good solution for task workers as they offer a high-level of administrative control, enhance security and help reduce management costs by preventing users from making permanent changes to their environment. By using a centralized virtual desktop image administrators have the option to simply install all required business applications directly on that central image, referenced as Pooled Desktops with Installed Applications. The pooled desktop and installed application model can be implemented quickly and with a minimal amount of infrastructure. As such, those groups that have been assigned to this model are typically amongst the first to be migrated to a virtual desktop. After completing this paper, the reader will be familiar with the components required for a pooled virtual desktop with installed applications through the implementation of Citrixs XenDesktop Machine Creation Services (MCS) technology.

Page 3

Desktop Delivery
Hosted VDI Pooled Desktop Module
The following diagram illustrates the logical infrastructure components that are required to implement a pooled desktop solution:

Notes: Citrix components included for high-availability have been shaded green All Citrix infrastructure components are suitable for virtualization Access Gateway, Web Interface, XenDesktop Controllers and the Citrix License Server.

Remote Access Module The Remote Access Module provides external users with secure access to their virtual desktops. Access Gateway Enterprise. Provides remote users with secure access to their virtual desktop(s). The Access Gateway accepts user credentials, including two-factor tokens, and forwards them on for authentication. Once authenticated, an SSL tunnel is created between the end-user and the Access Gateway Appliance. Users are then directed to a Web Interface site where they can select their virtual desktop(s). It is recommended that at least two Access Gateways are deployed for high availability. Access Gateway is available as a virtual machine (hosted on either Citrix XenServer, VMware vSphere or Microsoft Hyper-V) or a physical appliance. Network Services Module The XenDesktop infrastructure is reliant upon the Network Services Module for name resolution and authentication. DHCP & DNS. Pooled desktops are based on a single master image. As such, they are reliant upon DHCP for the delivery of a unique network configuration. DNS is required by XenDesktop and its supporting infrastructure for domain name resolution.
Page 4

Active Directory. XenDesktop utilizes Active Directory for authentication and the enforcement of policy settings for both users and computers.

Control Module The Control Module is responsible for managing and maintaining the status of the entire XenDesktop site. User authentication, enumeration, and brokering are all maintained within the control module. Web Interface. Accepts user credentials and passes them on to the XenDesktop Controllers for authentication and enumeration. Once authenticated, the user is presented with a list of desktops they are authorized to access. When a desktop selection is made, Web Interface contacts the XenDesktop Controller for connection details of a suitable virtual machine within the chosen desktop group. Finally, Web Interface provides Citrix Receiver with the connection information for the chosen desktop. It is recommended that at least two Web Interface Servers are deployed per data center for high availability. Ideally, Citrix NetScaler should be used to load balance traffic between the users and the two Web Interface Servers. XenDesktop Controller. The XenDesktop Controllers authenticate users, enumerate resources and direct user launch requests to the most appropriate virtual desktop. In addition, the XenDesktop Controllers manage and maintain the number of idle desktops associated with each desktop group. The controllers constantly query and update the SQL database with site status, allowing controllers to go offline without impacting user activities. It is recommended that at least two controllers be deployed per XenDesktop site to provide high availability. In addition, Citrix NetScaler should also be used to load balance the XML traffic between the Web Interface Servers and the XenDesktop Controllers. SQL Database. Provides the foundation for the overall XenDesktop site. All configuration information, desktop information and current utilization information is stored within the SQL database. This server is critical to the continuous operation of the XenDesktop site. If the SQL database fails, no new users can connect to a virtual desktop, although currently connected users will continue to function. Therefore, the SQL database should be made highly available through the use of SQL Mirroring or SQL Clustering. License Server. The Citrix License Server manages the licenses for all components of XenDesktop. XenDesktop has a 30 day grace period which allows the system to function normally for 30 days if the license server should become unavailable. This grace period offsets the complexity involved with building redundancy into the license server.

Page 5

Desktop Module The Desktop Module is responsible for hosting the various virtual and/or physical desktops: Pooled Desktop. Changes made to pooled desktops are retained for the duration of each users session but discarded following a reboot. Profile management solutions, such as Citrix User Profile Manager, should be considered so that user and application settings are retained between sessions. Sufficient resources must be allocated to the pooled desktops so that users are not constrained during periods of peak activity. Each user group should be assigned an appropriate desktop specification according to their resource requirements, for example:
Specification Light Normal Power Heavy Example Resources 1 x vCPU, 1GB RAM, 6 IOPS, 8 x Desktops per Core 1 x vCPU, 2GB RAM, 12 IOPS, 6 x Desktops per Core 2 x vCPU, 3GB RAM, 25 IOPS, 4 x Desktops per Core 2 x vCPU, 4GB RAM, 50 IOPS, 2 x Desktops per Core Example User Groups Call Center Staff - One or two basic applications with no browser based activity Finance Staff - Multiple applications with limited browser-based activity Marketing Executives - Many simultaneous applications with extensive browser-based activity and internet-based applications Software Developers - Few applications but they have heavy system resource requirements

Detailed information on how to size the virtual desktops is available in the XenDesktop Planning Guide: Hosted VM-Based Resource Allocation. Pooled desktops can be statically or randomly assigned: o Pooled-Static. A virtual desktop is assigned during first logon. Users will be connected to their assigned virtual desktop for all subsequent sessions. Assigning users to static pooled desktops allows for certain application limitations to be overcome, particularly around licensing where users may need to run applications from desktops with persistent names, IP addresses and/or MAC addresses. o Pooled-Random. Pooled-random desktops are arbitrarily assigned to users during logon and returned to the pool when they logoff. This is the most common option as virtual desktops are considered disposable after each use, helping to keep a clean and consistent environment. Virtualization. As pooled desktops rely on Machine Creation Services (MCS), they must be virtualized using Citrix XenServer, Microsoft Hyper-V or VMware vSphere. However, different virtualization technologies can be used within the same XenDesktop site, if required. The number of pooled desktops that can be supported on each virtualization host will depend on a variety of different factors, including virtual desktop specification, physical host specification and redundancy requirements. Scalability testing should be performed so that accurate sizing estimates can be determined. For high availability, consider the implementation of at least one extra virtualization host.
Page 6

Imaging Module: The Imaging Module is responsible for delivering desktop images to the different desktop types. Machine Creation Services. MCS does not require additional servers; it utilizes integrated functionality built into Citrix XenServer, Microsoft Hyper-V and VMware vSphere. Each pooled desktop has one difference disk and one identity disk. The difference disk is used to capture any changes made to the master image. The identity disk is used to store information such as machine name and password. When a pooled desktop reboots, the difference disk is deleted and the user starts with a brand new virtual desktop.

When creating new pooled desktops: 1. MCS instructs the hypervisor to create a snapshot of the master image and to perform a fullcopy to each storage repository defined in the host connection. 2. MCS then uses built-in hypervisor functions to create a difference disk (thin provisioned if supported) and identity disk (typically 16MB) for each new virtual desktop. 3. MCS utilizes special functionality within the XenDesktop Controller and XenDesktop Agent to build unique identities for each virtual machine, which are stored within the virtual desktops identity disk. This functionality allows each virtual desktop to be unique even though it is using the same master image. When updating the master image: 1. MCS instructs the hypervisor to create a new snapshot of the master image and to perform a full-copy to each storage repository defined in the host connection. 2. The existing pooled desktops are configured to use the new base disk as their base image. Pooled desktops will not pick up the updates to the master image until they reboot.
Page 7

Application Delivery
Installed Applications
When deploying applications to pooled desktops, the most straightforward approach is to install them directly into the Machine Creation Services master image. Pooled desktops receive any updates made to the master image upon next reboot. However, it can be a time consuming process to install and update locally installed applications across a large number of master images, especially when compared to hosted applications or application streaming. Therefore, the exclusive use of locally installed applications is typically recommended when a limited number of master images are required or the applications do not require frequent updates. Pooled desktops that share the same master image will have an identical local application set. One thing to note is that the security and licensing teams may not be satisfied with the use of logon scripts, NTFS permissions and/or third-party products to control access to the installed applications. In such situations, it may become necessary to choose between additional master images or an alternative application deployment model such as hosted applications or application streaming.

Conclusion
The combination of pooled desktops with installed applications is a straightforward delivery model that helps reduce both time to value and management complexity. Pooled desktops are particularly well suited for those user groups that do not require the ability to install applications or customize their desktop beyond profile settings. Now that the architecture for pooled desktops with installed applications has been established, the next step is to 1. Determine the associated hardware and storage requirements 2. Build/Test environment to validate functionality 3. Conduct a pilot to get user acceptance 4. Rollout to the greater user community

Page 8

Product Versions Product XenDesktop Revision History Revision 1.0 Change Description Document released Updated By Andy Baker Date 10/3/2011 Version 5.0 & 5.5

About Citrix Citrix Systems, Inc. (NASDAQ:CTXS) is the leading provider of virtualization, networking and software as a service technologies for more than 230,000 organizations worldwide. Its Citrix Delivery Center, Citrix Cloud Center (C3) and Citrix Online Services product families radically simplify computing for millions of users, delivering applications as an on-demand service to any user, in any location on any device. Citrix customers include the worlds largest Internet companies, 99 percent of Fortune Global 500 enterprises, and hundreds of thousands of small businesses and prosumers worldwide. Citrix partners with over 10,000 companies worldwide in more than 100 countries. Founded in 1989, annual revenue in 2010 was $1.9 billion.

2011 Citrix Systems, Inc. All rights reserved. Citrix, Access Gateway, Branch Repeater, Citrix Repeater, HDX, XenServer, XenApp, XenDesktop and Citrix Delivery Center are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners.

Page 9