4. Failure to plan is planning to fail! Must review business and technical requirements as part of planning process Create documented design and review with stakeholders Plan and Design
5. Platinum XenApp 5.0 Features Provisioning services Load testing services Profile management Workflow Studio orchestration Platinum Single sign-on (offline included) New to XenApp 5.0 Feature Pack Branch Optimization New/change to edition EdgeSight performance monitoring Existing feature in XenApp 5.0 Secure application access SmartAuditor EasyCall voice services Enterprise ManagementResource & Installation Manager, CPU/Memory Optimization, Health Assistant, MOM, UNIX apps Advanced Workflow Studio orchestration EasyCall voice services App streaming (offline included) App streaming (offline included) Advanced Hosted application delivery Hosted application delivery XenServer
6. Server side: Presentation Server 4.5 Component side: XenApp 5.0 Feature Pack (March '09 release) OR XenApp 5 Components CD for Windows Server 2003 (September '08 release) What is XenApp 5.0 for Windows Server 2003? Same!
7. Distinct version of XenApp based on the Windows Server 2008 platform Some unique features: XPS-based universal printer driver Special folder redirection Preferential load balancing What is XenApp 5.0 for Windows Server 2008?
8. XenApp core, including: Installation Manager Health Monitoring App Streaming Web Interface EdgeSight service monitoring Provisioning services Load testing services Secure application access Features Likely to be Used by Service Providers
9. Virtualizes the workload of a datacenter server and provisions to physical or virtual servers Includes operating system, applications and configuration Allows provisioning of XenApp Platinum servers only Cannot be used to provision XenApp Advanced or Enterprise servers, infrastructure servers, Web Interface servers, etc. Requires Provisioning Server 5.0 SP2 Contains the licensing fix that enables use with Platinum licensing Provisioning Services
10. Provisioning Services Service Provider Considerations Physical or virtual servers—doesn’t matter Don’t build like servers manually—automate with Provisioning Server Rather than spending significant time troubleshooting a single server, reprovision it Can include apps with base image Or can use Installation Manager or Streaming
11. Excellent tool for user capacity planning and scalability testing Now included with XenApp Enterprise and Platinum editions Requires EdgeSight for Load Testing version 3.0.1 Contains licensing fix that enables unlimited load testing functionality Load Testing Services
12. Load Testing Services Service Provider Considerations How many users can I get on each box? Test physical or virtual capacity Test impact of CPU/Memory optimization and other features Single synthetic session can also be tested through EdgeSight Useful for SLA metrics
13. Access Gateway (all versions) plug-in licensing included with XenApp Platinum Appliance must be purchased separately Sample use case: Secure Application Access
14. Secure Application Access Service Provider Considerations Secure user connections! If not using Access Gateway, use Secure Gateway Only secures ICA and CGP (Common Gateway Protocol/Session Reliability) traffic
17. Every XenApp server must belong to a farm Each farm requires its own Data Store and is its own administrative entity Farm Design
18. Farm Design Service Provider Considerations Can segregate tenants by farm Be aware of complexity of administering numerous farms Keep all servers at a consistent level When upgrading, do so using order specified in Admin Guide
19. Zones are analogous to Active Directory sites Data Collectors manage data flow between zones Zones can span WANs How many zones? Fewer zones are always better! DCs must replicate changes to all other DCs in the farm Bandwidth consumption is proportional to the number of zones Avoid having more than 5 zones in large environments Scale up zones instead of scaling out Zone Design
20. Multiple Sites? Fewer than 5 sites? Similar # of servers at each site? Yes Yes Yes No No Multi-Zone Single Zone / Multi-Site Single Zone Zone Design
21. Design Example of Single Zone Zone 1 Data Collector TCP Port 2512 TCP Port 2512 Subnet 10.8.2.x Subnet 10.8.3.x Subnet 10.8.1.x
22. Multiple Sites? Fewer than 5 sites? Similar # of servers at each site? Yes Yes Yes No No Multi-Zone Single Zone / Multi-Site Single Zone Zone Design
23. Proposed Miami Zone WAN x 500 WAN x 500 x 30,000 x 30,000 x 30,000 WAN London Zone New York Zone Let’s do the math: ( 30,000 logons in NY Zone + 30,000 logons in London Zone + 500 logons in MIA Zone) * 0.5KB * 2 zones for replication = 60.5 MBof DC updates Design Example of Single Zone/Multiple Sites
24. Design Example of Single Zone/Multiple Sites Proposed Miami Zone North America Zone WAN WAN x 30,500 x 30,000 WAN London Zone New York Zone Let’s do the math again: ( 30,500 logons in NA Zone + 30,000 logons in London Zone) * 0.5KB * 1 zone for replication = 30.25 MBof DC updates
25. Multiple Sites? Fewer than 5 sites? Similar # of servers at each site? Yes Yes Yes No No Multi-Zone Single Zone / Multi-Site Single Zone Zone Design
29. Zone Preference and Failover WAN Europe Zone U.S. Zone Segregate zones based on business continuity Disable load sharing across zones Resolutions occur locally Primary site policy should not span zones Avoids resolutions across the WAN
30. Zones Service Provider Considerations Segregating customers by zones provides no barrier Better option is to group customer servers into a folder in the management console to more easily administer A separate zone should not be used for isolating/ testing/piloting/staging of new applications for the farm The data collector’s responsibilities are independent of published application behavior Zone Preference and Failover useful for: Forcing users to a certain group of servers Failover to DR site
40. CPU power affects: Management console performance Installing a server into the farm Uninstalling a server from the farm Starting up multiple servers at the same time Production-level servers support >1000-server farms Dual-Core w/ 4 GB RAM Data Store Server CPU Resources
41. Data Store Service Provider Considerations Enterprise-level database strongly recommended Perform daily backups Full if possible Data Store is not large but is critical Clustering is supported Can be housed on a virtual server
42. Logs configuration changes to a database SQL Server or Oracle Setting allows for mandatory logging If CLDB is unavailable, configuration changes will not be successful Not set by default IMA Encryption only encrypts the CLDB credentials Sizing Only logs admin changes Up to ~50KB data per transaction X 1000 transactions = ~50 MB Configuration Logging Database
43. Configuration Logging Service Provider Considerations Strongly recommended where multiple administrators modify server farm Enables correlation of new issues with administrative changes
44. Each client connection must check out a license If License Server is unavailable, clients will take a grace license for up to 30 days Sizing License server should not be a bottleneck as it supports 170 check-outs per second License Server
45. License Server Service Provider Considerations Multiple farms can share license server Or multiple license servers can be used within a single farm Monitor the license server with licensing PerfMon counters or Microsoft System Center with XenApp management pack Always use latest version (currently 11.6.1) License Server 11.6.1 required for Hotfix Rollup Pack 4
46. Memory Memory consumption increases with farm size IMA typically uses 300 MB of RAM in a 1000-server farm CPU A dual processor DC can support >1000 servers in its zone CPU usage increases as number of servers in the zone increases number of zones increase number of users launching applications increases Avoid using farm-wide app limits in environments with >10,000 users Data Collector Sizing & Performance
48. “Backup” Data Collector Default Preference Most Preferred WAN Not Preferred Default Preference Preferred Limit the number of "Most Preferred" and "Preferred" servers to <5
49. Large-scale verified! 1000-server zones have been validated in the Citrix eLabs Proactively monitor for Data Collector overload ResolutionWorkItemQueueReadyCount performance counter WorkItemQueueReadyCount performance counter When load sharing is turned off, Data Collectors still maintain session information More zones = more scalability: More zones use more bandwidth and CPU on the DC Data Collector Considerations
50. Data Collector Service Provider Considerations Designate a dedicated Data Collector Secure Citrix XML traffic with SSL Relay If a very large farm, segregate Citrix XML Service functionality onto another server
51. Anywhere you want! All servers within a XenApp farm can be virtualized If a server is running at low capacity, regardless of function, it is a good candidate for virtualization Data center space consolidation Disaster recovery Test/dev lab Where Does Virtualization Fit?
52. Citrix License Server Low resource requirements; single-threaded functionality Web Interface Redundancy or peak requirements addressed with virtual machines Dedicated Zone Data Collector Low resource and space requirements Data Store server Low resource requirements Infrastructure Servers
53. ~7% overhead for XenApp running on XenServer Dynamic server allocation For example: finance app has end of quarter peak demand Address single point of failure for apps hosted on a single server Member Servers
54. Load Manager Profiles ClearType Font Smoothing SpeedScreen Streaming Other challenges Additional Features
55. Ensure that users are directed to the XenApp server with the lightest load Improves user experience Does the commonly used default load evaluator optimize this . . . no! Impact of Load Manager
56. Not for every environment! Maybe . . . maybe not More complex and different than out-of-the-box standard Microsoft solutions Additional knowledge and maintenance required Suggested use case: User accesses multiple XenApp server silos or farms Multiple ICA sessions open Is Citrix Profile Management Right for Me? General (not always!) Recommended Profile Solution See CTX119036 and CTX120285 for Best Practices and discussion of use cases
57. Improves the smoothness of text Enabled by default in the XenApp Web and XenApp Services site Important Consideration: ClearType can increase bandwidth consumption by about 2X Enabled by default in Windows Server 2008 and Vista ClearType Font Smoothing
58. Although enabled by default, can be optimized to reduce bandwidth requirements Slightly reduces image quality Users will likely not notice difference Recommend to compress JPEG images to improve bandwidth Adjust compression level based on available bandwidth if Enterprise or Platinum SpeedScreen Browser Acceleration
59. Feature enabled in all editions of XenApp 5.0 for Windows Server 2008 Default is Image Acceleration set to medium and Progressive Display compression set to very high Recommend to: Use Restrict Compression setting to apply only to users with low-bandwidth connections Enable heavyweight compression SpeedScreen Progressive Display
60. Application streamed and executed on the local machine Application profiled using Streaming Profiler, then stored in App Hub User logs in and the icon to the application is enumerated User clicks on the application icon and the application is launched Client-side Application Virtualization Overview Profiler File Share(e.g. Application Hub) XML Service(on XenApp Server) Application Interface Application Run-time Application Run-time OperatingSystem Client
61. Server-side Application Virtualization Overview Application streamed and executes on the XenApp server Application profiled using Streaming Profiler tool, then stored in App Hub User logs in and the icon to the application is enumerated User clicks application icon and application interface is then sent to user device via ICA Profiler File Share(e.g. Application Hub) Application Interface Application Run-time Application Run-time XenApp Servers OperatingSystem Client
62. Isolates apps from OS Eliminates application conflicts Isolates processes, files, folders and registry Allows applications to be accessed offline Scalable application delivery Application Streaming Benefits During run-time app system calls, writes, modifications, etc. are diverted to local cache RadeCache onuser device Application Isolation proxies app execution toshield OS from application
63. Additional Features Service Provider Considerations Don’t use local user profiles Weigh bandwidth requirements when deciding on ClearType and SpeedScreen Streaming to server can be useful for isolating tenant application sets Access to published resources should be based on groups
64. How will user and/or computer accounts be configured in the domain? OU structure, policies, and profiles impacted How will users access and install Citrix plug-ins? Citrix Receiver or Web Interface deployment easiest options How will help desk associates assist users? Shadowing or GoToAssist How will multiple tenants securely access applications? Access Gateway or Secure Gateway Challenges
66. Health Monitoring and Recovery Resource Manager (EdgeSight) EdgeSight Service Monitoring Something, anything! Even third-party tools . . . PerfMon isn't enough! Multiple Tools for Systems Monitoring You should have a watchful eye on the user experience and surprise your users with your level of understanding!
69. Detailed EUEM Metrics with Startup Duration Detail TIP: Hover over column headers for explanation of data. Real-time information on User Troubleshooter Scenario: Login Time Monitoring
70. Browse Tab “Process Usage” Enter in Search Click Meta Tags Scroll through list Process Usage Report
71. Users listed Expand for Process names Expand for Server names Switch initial filtering Group By User Then Group By Process Usage Reporting
72. Departments = Farm Optional Parameters Process Server User Exporting Use Excel or CSV Usage Reporting: Filtering/Exporting
73. Subscribe button Email or File Share Excel or CSV best options Date Range is “Rolling Date Range” Usage Reporting: Subscriptions
74. EdgeSight Service Provider Considerations EdgeSight reports can easily address Citrix reporting requirements Maximize usage of EdgeSight in order to: Monitor health of farm and key applications Troubleshoot user issues
75. Application Usage Video Walkthrough http://www.citrix.com/tv/#video/788 Introduction to EdgeSight Video http://www.citrix.com/tv/#video/722 Quick Start Guide, Key Metrics, Login Monitoring Guide http://citrix.com/English/ps2/products/documents_onecat.asp?contentid=25119&cid=White+Papers Additional Resources
78. Technical Guide to Upgrading/Migrating to XenApp 5 Feature Pack: CTX120635Awesome document!
79. Citrix Support andCommunities sites provide valuable information Stay tuned for new releases When in doubt, engage Citrix Consulting May save time and money in the long run! General Recommendations
80. The following courses expand on today's topics and are recommended to support your Citrix solution: CXA-201 Implementing Citrix XenApp 5.0 for Windows Server 2008 CXA-300 Advanced Administration for Citrix XenApp 5.0 for Windows Server 2008 CTX-1259 Citrix Presentation Server 4.5 and XenApp 5.0 for Windows Server 2003: Administration CTX-1264 Citrix Presentation Server 4.5 and XenApp 5.0 for Windows Server 2003: Support Look into Citrix Certified Infrastructure Architect courseware! Continue Your Learning
Editor's Notes
Planning and design is probably the most overlooked facet related to optimization. In order to optimize an environment, you must understand it, plan accordingly, create a design document, and communicate with stakeholders.
Application Streaming has been added to the Advanced edition of XenApp. Offline Streaming will no longer take a license from the pool. The XenApp servers will require a hotfix to enable the new Streaming functionality.
EdgeSight for Load Testing can be used on an unlimited basis on Enterprise and Platinum edition servers. There is an SA check to ensure compliance.
When compared to previous releases, farm behavior has been significantly optimized to take advantage of servers that are configured as either Most Preferred or Preferred. These rankings are set in the Presentation Server Console. Some of the optimizations introduced by Hotfix Rollup Pack 3 require all Most Preferred and Preferred ranked servers to be upgraded before the optimizations take effect. If there is a single ZDC without HRP03 specified as Most Preferred or Preferred, many of the optimizations will not be utilized. In addition, the large farm self tuning occurs only on servers that are specified as Most Preferred or Preferred. The Active election monitoring optimizations utilize designated backup ZDC’s to check the health of the primary ZDC. Overall, elections will be faster when a Most Preferred or Preferred server is elected. As you can see, it’s very important to have a properly configured environment in regards to the configured election rankings. Best practices and considerations for this are too significant to fully cover in this presentation, so please be sure to read the Selecting Zone Data Collectors section of CTX118659.
Virtualization can be used for any or all XenApp servers.
If you’re just getting started with virtualization, consider virtualizing your infrastructure servers.
Depending on your environment, it may or may not make sense to virtualize your XenApp servers.
Very often, the default load evaluator is kept in place, which doesn’t typically provide the optimal user experience.
Realistically, not every customer has the need for Profile Management. Using Profile Management is more complex than the standard Microsoft profile solutions and does have some learning curve. The implementation of Profile Management should be based on both technical and business requirements.The suggested use cases presented represent examples where UPM would represent the best technical and business solution. In general, mandatory profiles should be considered first, then roaming profile, then UPM.CTX119036 will be available in early February.
To enable Clear Type font smoothing on Windows XP, go to Display PropertiesAppearanceEffects and change the drop down to ClearType. To enable ClearType font smoothing on Windows 2003:-At least service pack 1 is needed in order to install hotfix KB946633 on Windows Server 2003-If using XenApp 5 on Windows 2003, post HRP3 Hotfix PSE450R02W2K3037 http://support.citrix.com/article/CTX117434Enabling/Disabling Font SmoothingFont smoothing over RDPand ICA connections can be disabled altogether by setting the following registry value. This applies to all connections to the WS2003 server.HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsTSEnableFontSmoothing=0 [DWORD]Configuring Font SmoothingBe sure that font smoothing is enabled on the server. Now it must be configured per user through the following registry value for font smoothing type:HKEY_CURRENT_USERControl PanelDesktopFontSmoothingType [DWORD] Possible values:0: Font smoothing disabled1: Standard font smoothing (designed for CRT monitors)2: ClearType font smoothing (designed for LCD monitors)The default value is 2, i.e. ClearType font smoothing is enabled. The default value originates from the default user profile (typically C:UsersDefaultNTUSER.DAT).ClearType font smoothing is also enabled on the logon desktop. This is stored in HKEY_USERS.DEFAULTControl PanelDesktopFontSmoothingType.For More Information see:CTX117434 – Hotfix PSE450R02W2K3037 - For Citrix Presentation Server 4.5 for Windows Server 2003CTX117240 – LIMITED RELEASE - Hotfix PSE450R01W2K3052 - For Citrix Presentation Server 4.5 for Windows Server 2003CTX111720 – Microsoft Office 2007 Known IssuesWhat is ClearType?XenApp release provides the ability to remote ClearType fonts (used by several applications like Office 2007) to provide a much better user experience on LCD displays (laptops, flat screens etc). You have to remember that ClearType also adds some network overhead and hence you can enable/disable based on user needs. Normally, the software in a computer treats the computer’s display screen as a rectangular array of square, indivisible pixels, each of which has an intensity and color that are determined by the blending of three primary colors: red, green, and blue. However, actual display hardware usually implements each pixel as a group of three adjacent, independent subpixels, each of which displays a different primary color. Thus, on a real computer display, each pixel is actually composed of separate red, green, and blue subpixels. For example, if a flat-panel display is examined under a magnifying glass, the pixels may appear as the magnified pixel in the slide. Here we can see how 1 pixel actually consists of 3 subpixels.If the computer controlling the display knows the exact position and color of all the subpixels on the screen, it can take advantage of this to improve the apparent resolution of the images on the screen in certain situations. If each pixel on the display actually contains three rectangular subpixels of red, green, and blue, in that fixed order, then things on the screen that are smaller than one full pixel in size can be rendered by lighting only one or two of the subpixels. For example, if a diagonal line with a width smaller than a full pixel must be rendered, then this can be done by lighting only the subpixels that the line actually touches. If the line passes through the leftmost portion of the pixel, only the red subpixel is lit; if it passes through the rightmost portion of the pixel, only the blue subpixel is lit. This effectively triples the horizontal resolution of the image at normal viewing distances; but the drawback is that the line thus drawn will show color fringes (at some points it might look green, at other points it might look red or blue).ClearType uses this method to improve the smoothness of text. When the elements of a type character are smaller than a full pixel, ClearType lights only the appropriate subpixels of each full pixel in order to more closely follow the outlines of the character. Text rendered with ClearType looks “smoother” than text rendered without it, provided that the pixel layout of the display screen exactly matches what ClearType expects.Configuration:For a WI site, ClearType (CT) can be enabled or disabled in the Manage Session Preferences >> Display>> Display settings dialogue. This setting only applies to connections through WI. If CT is turned on and the users device does not support CT, it will be off during the users session. For a XenApp Services (PNAgent) site, ClearType (CT) can be enabled or disabled in the Change Session Options >> Display >> Display settings dialogue. This setting only applies to connections through XenApp Plug-in. If CT is turned on and the users device does not support CT, it will be off during the users session. For non-WI or XenApp Plug-in connections, whether CT is on or of depends on the user device. If the device is Windows XP or higher then ClearType is available only if it is enabled on the user device. In Windows XP, CT is disabled by default. In Windows Vista, CT is enabled by default.NOTE: as a limitation of ClearType and the hardware itself, CT may actually degrade font viewability on rotated LCD monitors because the pixels are stacked rather than side-by-side. This changes the location of pixels (and hence sub-pixels). Note, however, that this degradation is unrelated to any Citrix implementation of CT. It is primarily related to the relationship between hardware (lcd monitor) and software (cleartype engine).Bandwidth increasehttp://technet2.microsoft.com/windowsserver2008/en/library/fc0b405b-07ef-4767-8716-198d7f0949011033.mspx?mfr=true and http://blogs.sepago.de/helge/2007/09/19/cleartype-bandwidth-revisited-testing-32-bit-color-depth/. In the last article, the numbers were 3.35 to 6.6.Disabling font smooting on Windows 2003 for all connections RDP and ICAHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsTSEnableFontSmoothing=0 [DWORD]
If Enterprise or Platinum, you can improve SSBA performance by configuring as shown above.
SpeedScreen Progression Display is enabled using a Citrix policy. However since it is in all 3 editions by default with this release, you will only need to create a Citrix policy if you plan on changing the default settings. If no changes to the defaults are required, then it is not necessary to create a policy to enable this feature. It will be on in the product by default.
There are actually two stream-to-client options:Stream-to-Client:offline usage – this means that you can disconnect from the network and you can use the application offlinePRO- can be streamed to the client machine locally and then the client can be disconnected from the network and the application will be available offlineCON- no current mechanism to track offline applicationsStream-to-Client:no offline usage – this means that you stream the application to the client device but when you disconnect from the network the application cannot be used offlinePRO- the benefit of this is that the application gets streamed to the client and ends up using client resources instead of server resourcesCON- cannot be used offline- takes additional bandwidth to stream application locally to the client
Think about an application that does not have to change the registry. Isn’t that a dream come true?The Streaming Client uses isolation environments to control application compatibility and accessibility. The client creates isolation environments by defining a set of rules that specify how an application functions within its confines. The default rules for isolation environments are adequate for most environments. However, you can alter the default set of rules, as needed, to exert control over application interactions with client operating system resources.Isolates apps from OS – isolates application from the OS thus not having to install the application directly into the OSEliminates application conflicts – if one application conflicts with another when installed on the same machine, application streaming isolates each application from each thus never interfering with the other application because it does not even know that it existsIsolates processes, files, folders and registry – the application no longer needs to write to the OS registryAllows applications to be accessed offline – with application streaming you can stream the application to a machine and unplug the network cable to be able to be able to use it offline. This help mobile users who do not have access to a network all the time.Scalable application delivery – if you have a large farm with hundreds of servers, instead of installing the same application on each individual server you can just profile the application, place it on an accessible share and stream the application to as many servers as you see fit without ever having to actually install it.
Citrix includes some tools for system monitoring. Whether you use these tools or third-party tools, you can’t provide an optimal user experience without monitoring.
CheckXMLThreads is there to identify a problem with the XML Service noting a deadlocked state. In this case, taking the DC out of load balancing won’t do anything. Restart IMA or Alert.For the IMAService test on the DC, you probably don’t want to do anything, as IMA will take care of itself in this scenario, so you don’t want two things fighting over each other.For the TermSrv test, you want to remove the server from load balancing, as termsrv is required for anything to work properly. RequestTicket is by default remove from LB on the member servers. It really doesn’t mean much to remove a dedicated DC from LB.