Citrix XenDesktop技術(shù)架構(gòu)深入剖析

1、Citrix桌面虛擬化技術(shù)培訓(xùn)Citrix XenDesktop 技術(shù)架構(gòu)深入剖析XenDesktop 7.X Introduction定義應(yīng)用和桌面虛擬化，適用于移動(dòng)化和云通過(guò)任何網(wǎng)絡(luò)將 Windows/Linux桌面從云中交付到所選的任何設(shè)備上 桌面可以是專用桌面或共享桌面 桌面可以進(jìn)行全面?zhèn)€性化設(shè)置 任何 PC 都可以安全地從遠(yuǎn)程接入 虛擬桌面可以斷開連接然后隨用戶移動(dòng) 統(tǒng)一管理和監(jiān)控可簡(jiǎn)化應(yīng)用更新和維護(hù) 通過(guò)任何網(wǎng)絡(luò)將 Windows 應(yīng)用交付到任何設(shè)備上 Smart Access 可支持廣泛的安全策略控制功能 Smart Auditor提供功能強(qiáng)大的應(yīng)用會(huì)話記錄，改善了合規(guī)性，降低了

2、風(fēng)險(xiǎn)，并加快了問(wèn)題的解決速度優(yōu)化的 HDX（高清）視頻、通信、觸摸操作和 3D 體驗(yàn) 支持 5 代 Windows 應(yīng)用 ，25,000 多種 Citrix Ready 應(yīng)用和設(shè)備 AppDNA 幫助分析業(yè)務(wù)軟件是否適用于虛擬化平臺(tái)提供虛擬桌面/應(yīng)用的安全遠(yuǎn)程接入訪問(wèn)實(shí)現(xiàn)XenDesktop/XenApp關(guān)鍵組件的負(fù)載均衡多數(shù)據(jù)中心，全網(wǎng)部署，實(shí)現(xiàn)數(shù)據(jù)中心冗余和就近訪問(wèn)實(shí)時(shí)監(jiān)控最終用戶體驗(yàn)，并集成到XD/XA管理工具中。LAN-connectedusers withDesktop AppliancesA XenDesktop Deployment ExampleSFVMware Cluster

3、/XenServer PoolNetScalerGatewayRemote andhome usersXD Farm XA FarmPVSs NAS/SANAD with roaming profile VDMs App Streaming OS Streaming Published App Data CenterWANLANDDCs ZDCs/Session Hosts App Integration 變革性的架構(gòu)-XenDesktop 73rd generation FlexCast Management Architecture (FMA)Virtual DesktopsVirtual

4、AppsUnified Management ArchitectureAWS, Azure, CloudPlatform CitrixStudioStorefront / Receiver for Web / Web InterfaceReceiverDBServer OSWorkers Desktop OSWorkers Delivery ControllerProvisioning ServicesFMA: Unified Service Delivery TeamFlexCast Management ArchitectureVDAVDACitrixDirectorProvisionin

5、g ConsoleXenDesktop / XenApp Site(FMA)XenDesktop ComponentsCore ComponetsDesktop Deliver Controller (DDC)Storefront (Replace Web Interface)Receiver (Including Online-Plugin)Virtual Desktop Agent (VDA)Virtual Desktop Infrastructure (VMware vSphere/XenServer/Hyper-V)SQL Server (Not Citrix Product)Opti

6、onal componets XenApp (If deploy separately)Virtual Desktop Provisioning (Provisioning Server )Netscaler (NetScaler Gateway)WAN Optimization (CloudBridge)Workspace SuiteTypical deploymentMachine CreationServicesBrokerServiceInfrastructureServicesXenDesktop 7 Architecture BrokerBroker ServiceMachine

7、CreationServiceAD Identity ServiceMachine Identity ServiceHost ServiceConfigurationServiceDesktop Studio Desktop Director WCF 80Virtual Desktop (VDA)WinRM 2.0PVS for VMs Agent5985/5986 WCF 80PoSH PoSHGroup Policy EngineSQL ServerSQL ServerSQL ServerControllerDelivery Controller System RequirementsSu

8、pported operating systems:Windows Server 2012 R2, Standard and Datacenter EditionsWindows Server 2012, Standard and Datacenter EditionsWindows Server 2008 R2 SP1, Standard, Enterprise, and Datacenter EditionsRequirements:Microsoft .NET Framework 3.5.1 (Windows Server 2008 R2 only).Microsoft .NET Fra

9、mework 4.5.1 (4.5.2 and 4.6 are also supported).Microsoft .NET Framework 4.6.1Windows PowerShell 2.0 (included with Windows Server 2008 R2) or 3.0 (included with Windows Server 2012 R2 and Windows Server 2012).Visual C+ 2005, 2008 SP1, and 2010 Redistributable packages.DatabaseSupported Microsoft SQ

10、L Server versions for the Site Configuration Database (which initially includes the Configuration Logging Database and the Monitoring Database):SQL Server 2014, Express, Standard, and Enterprise Editions.SQL Server 2012 SP1, Express, Standard, and Enterprise Editions. By default, SQL Server 2012 SP1

11、 Express is installed when installing the Controller, if an existing supported SQL Server installation is not detected.SQL Server 2008 R2 SP2, Express, Standard, Enterprise, and Datacenter Editions.The following database features are supported (except for SQL Server Express, which supports only stan

12、dalone mode):SQL Server Clustered InstancesSQL Server MirroringSQL Server 2012 AlwaysOn Availability GroupsWindows authentication is required for connections between the Controller and the SQL Server database.Common Service Design Broker ServiceMachine CreationServiceAD Identity ServiceMachine Ident

13、ity ServiceHost ServiceCentral Config ServiceSQL ServerPowerShell snapinHypervisorHCLWCFXenDesktop 7.X 連接高可用性確保用戶即使在數(shù)據(jù)庫(kù)連接失敗的情況下，仍可以連接到應(yīng)用和桌面AppsDesktops連接租約XenDesktop 7.X正常的流程User在StoreFront上登陸StoreFront轉(zhuǎn)發(fā)用戶憑據(jù)給DDCDDC授權(quán)給用戶并從DB中讀取并枚舉可用資源Receiver接收回復(fù)并啟動(dòng)會(huì)話 DDC緩存XML資源文件 Site DB1234 StoreFront Delivery Con

14、trollerUserXD/XAXML File5XenDesktop 7.XDa數(shù)據(jù)庫(kù)不可用User在StoreFront上登陸StoreFront轉(zhuǎn)發(fā)憑據(jù)給DDCDDC授權(quán)給用戶，同時(shí)由于DB不可達(dá)無(wú)法枚舉枚舉可用資源DDC讀取XML文件并且枚舉資源Receiver接收到回復(fù)并啟動(dòng)會(huì)話Site DB123 StoreFront Delivery ControllerUserXenAppXML File45連接租約功能說(shuō)明不是在DDC保留一個(gè)數(shù)據(jù)庫(kù)的快照沒有數(shù)據(jù)庫(kù)沖突，因?yàn)槲覀冇蠰ocal Host CacheXML是一個(gè)很簡(jiǎn)單的文件安全地存儲(chǔ)在DDC上沒有DDC互相間的通信XenApp/X

15、enDesktop高可用性XenDesktop Site DatabaseEach service is informed of the database connection detailsEach service has specific database tables created by scriptsEach service reads and writes to the databaseSQL ServerCentral Configuration ServiceAll services are registered in this service directoryService

16、Type, Address, Binding, Version, ServiceAccount .Used to locate the available service resources when needed Stores Global meta-data about all services Service configuration information (key=value)For 3rd party and future useService reads/writes to SQL databaseDDC Database1. Establishes a connection2

17、. Reads/Writes to database3. Disconnects from the database4. Re-establishes the connection5. Reads/Writes to database6. Disconnects from the databaseDatabase read/writes are done through stored proceduresDatabase reads can also be direct accessBroker ServicesBroker ServiceIMAXMLSSLCDSPool Management

18、XenDesktop 4:XenDesktop 5/7:4438044380Database access XML components VDA management License management Hosting management SDK - PowershellBroker service XML componentUses XML component rewritten in .NETInteracts with Storefront for launch requestsvalidate user logonsenumerate and connect to resource

19、sperform workspace control operationsInteracts with NetScaler for health monitoring of the siteInteracts with NetScaler Gateway for Secure Ticket AuthorityBroker service and VDA registrationRegistry based VDA registration from ListofDDCs registry key on the VDAUses WCF/ Connection Brokering Protocol

20、Validates VDA, test call-back and writes state into databaseVDA broker service role handles launch sequence, status updates and session controlSame VDA registration process as in XenDesktop 4Soft sets up minimal ping support to maintain heartbeatHard fully configures the VDA with desktop group membe

21、rshipBroker interactions with License ServerPerforms license check-out and check-in operations for desktop sessions and applicationsThe license policy engine DLL is what actually communicates with the license serverLicense ServerBroker ServiceProvisioning for VDI Services (MCS)Responsible for the cr

22、eation of new virtual machines on the hypervisorUses AD Identity Service and Machine Identity Service to provide “user ready” desktopsUsed for maintenance of the master image that is used to provide the desktopsVirtual Center -ESX XenServer Pool SCVMM HyperVMachine Creation ServiceSingle Image Manag

23、ementCreated by XenDesktopPower ControlBest for:Pooled - RandomLowest cost VDI optionPooled - StaticLower cost with improved app compatibilityStreamedStreaming to physical and virtualDedicatedLowered storage cost for individual VMsExistingManaging existing VMsPhysicalBlade PCsMachine Creation Servic

24、e: How it worksVMMaster DiskVMVMDiff DiskId DiskDiff DiskId DiskDiff DiskId DiskStorage One copy of the base image shared by all VMs Space reclaimed every boot Persistent Identity uses little spaceMachine Creation Service: How it worksVMMaster DiskDiff DiskId DiskC DriveC:Program FilesCitrix.hypervi

25、sorstorageAMaster VMMaster ImageAAAAAAAidentitydiff diskAStorageAMaster VMMaster VMImageABBBBidentitydiff diskMachine Creation Services (MCS)HypervisorAACopyImage Prep PhaseCreating Catalog (Pooled)1 Master is selectedMaster7 GBTemplate StorageDesktop StorageBaseDisk7 GBcopyMasterSnap0 bytesnapshotD

26、IFF0 byteDIFF0 byteIDENT16 MBIDENT16 MBCreating Catalog (Pooled)2 Snapshot of master is created (automatically)In case Snapshot is selected in step 1 already, this step 2 is not done as the original snapshot will be usedDuration: few secondsMaster7 GBTemplate StorageDesktop StorageBaseDisk7 GBcopyMa

27、sterSnap0 bytesnapshotDIFF0 byteDIFF0 byteIDENT16 MBIDENT16 MBCreating Catalog (Pooled)3 Snapshot is copied to target storage (automatically)Duration: some minutes(full copy)Master7 GBTemplate StorageDesktop StorageBaseDisk7 GBcopyMasterSnap0 bytesnapshotDIFF0 byteDIFF0 byteIDENT16 MBIDENT16 MBCreat

28、ing Catalog (Pooled)4 DIFF and IDENTITY disks are created on target storage (automatically)Duration: few seconds(depends on VM#)Master7 GBTemplate StorageDesktop StorageBaseDisk7 GBcopyMasterSnap0 bytesnapshotDIFF0 byteDIFF0 byteIDENT16 MBIDENT16 MBXenServer space handlingMasterTemplate StorageDeskt

29、op StorageSnapCopycopyMasterSnapsnapshotDIFFLVM(iSCSI/FC)Full space24GBSnapshotUsed space7GBCopy of snapshotFull copy24GBDiff disk 1 = Snapshot 7GB (negligible)Diff disk 2.n =Full copy 24 GBCalculation!VHD(EXT3 / NFS)Used space7GBSnapshot0GBCopy of snapshotUsed space7GBDiff disk 1.nSnapshot0GBBut gr

30、owing during use!Example:Win7 VM7GB of 24GB utilizedFirst boot of Win 7 VMDiff disk is filled with write data during VM bootDesktop StorageBaseDisk7 GBDIFF380 MBIDENT16 MBShutdown of Win 7 VMDuring shutdown Diff disk is filled with write dataDiff disk stays on storage (e.g. for analysis)Desktop Stor

31、ageBaseDisk7 GBDIFF675 MBIDENT16 MBBoot again Win 7 VMFirst diff disk is deletedNew diff disk is generated and used for boot write dataNote: When starting a VM using XenServer directly the last diff disk always stays on the storageDesktop StorageBaseDisk7 GBIDENT16 MBDIFF380 MBDIFF675 MBMachine Crea

32、tion Service: Compatible StorageAlmost any shared storage will workNFSLow Scale:VMFSESXNFSLow Scale:Fibre ChanneliSCSIDASXenServerCSV(Clustered Shared Volume)Hyper-VProvisioning for VDI Services (MCS)Creates / manages AD computer accounts and passwords to provide identity for virtual desktopsAD comp

33、uter accounts get created by AD Identity ServiceExisting AD computer accounts can be importedAD Identity ServiceProvisioning for VDI Services (MCS)Manages storage attached to the virtual machinesCreates the diff disk and identity diskEnsures the correct base disk is mapped to the virtual machineRecr

34、eates the diff disk at restartMaster VMSnapshotSnapshotSnapshotSnapshotGolden ImageMachine Identity ServiceBroker service and Machine Identity ServiceCommunicates with the Machine Identity Service to reset the diff disks associated with a pooled VM upon restartVMDiff DiskId DiskVMDiff DiskId DiskHos

35、t ServiceCreates and manages hypervisor connections and hosting unitsBroker service polls the host service for hypervisor credentials and passes them on to the HCL for access to VMsHypervisor Communication Library (HCL) is a wrapper around the plugins (XS, ESX, HyperV)Does machine cloningStops and s

36、tarts VMsHosting Management ComponentHCL wrapperESX pluginXenServer pluginHCL plug-ins do the machine cloning and power actionsHypervisor PoolHypervisor PoolHypervisor PoolHypervisor Connection MgrHyper-V pluginHypervisor Connection MgrHosting Management ComponentHypervisor Connection MgrHost Servic

37、eMachine Creation ServiceSQL DatabasePower actions are queued in the db and VDA power state is written hereImproved Hosting Failure MitigationXenDesktop 4:Desktop GroupHypervisor PoolMax size of Desktop Group based on size of Hypervisor PoolFailure = loss of entire Desktop GroupXenDesktop 5/7:Deskto

38、p GroupHypervisor PoolHypervisor PoolHypervisor PoolDesktop GroupDesktop Group lower failure impactNo architectural limit on group sizeIdle Pool Power Management Idle Pool Count is configured under Power Management in the properties of Desktop GroupsPower Policy Actions can be defined for each deskt

39、op group (do after x number of minutes (ie 10 minutes after logoff, shutdown)Idle Pool and buffer sizeDefault buffer (10%) is the set of VDAs that are ready for useThe “ready” VDAs are turned on when the number of VDAs in the pool drops below the buffer sizeBuffers are configurable with the SDKSet-B

40、rokerDesktopGroup -Name MyGroup -OffPeakBufferSizePercent 0 PeakBufferSizePercent 5Stops/starts performed on hypervisor are queued in the SQL databaseSite ServicesFunctionality modules that run in the broker serviceDynamically allocated to a DDC at run time separatelyHard-coded to run on only one DD

41、C per site at a timeWhat does Site Services do?Reaper services - finds and marks failed controllers, finds and kills expired launch sessions Cache Refresh - does async AD lookups of DDC, VDA and user namesLicensing - communicates with license server to manage permanent licensesRegistration Hardening

42、 completes soft registered machinesPower Policy - manages idle pool levels and initiates policy power actionsGroup Usage - monitors how many desktops are in use in each groupHypervisor Connection Site Services Managed on per-hypervisor-connection basisManages all interaction with a hypervisor resour

43、ce poolConfigurable with “Set-BrokerHypervisorConnection”There is a heartbeat from other brokers so failover will take place if it goes downIf the preferred DDC comes back up, the site service will fall back to be run on the preferred DDCDesktop Catalogs-計(jì)算機(jī)組Collections of virtual machines or physic

44、al computers that are managed as a single entity.Catalogs are defined by the following elements:Machine typeMaster imageNumber of virtual machinesActive Directory accountsAdministratorsMachine TypesDefines:Type of infrastructure used to host desktops.User personalization of desktops.XenDesktop offer

45、s the following machine types:PooledDedicatedExistingPhysicalStreamedPooled Machine TypeTypical use cases for the pooled machine type are:Task workers who require standardized desktops.Shared workstations.End users who do not need to install applications on the desktop.Dedicated Machine TypeTypical

46、use cases for dedicated machines are:Task or knowledge workers who require individual desktops to which they make persistent changes.Mobile workers who want to access the same desktop from a variety of endpoint devices over different networks.End users who need to install their own applications on t

47、he desktop.Existing Machine TypeTypical use cases for the existing machine type are:End users who already have virtual machine-hosted desktops that they want to continue using.End users who have a large number of different and conflicting requirements for their desktops.Physical Machine TypeTypical

48、use cases for the physical machine type are:Technical workers or power users.Workers who use processor-intensive applications.End users have high performance expectations for specific business applications.Streamed Machine TypeTypical use cases for the streamed machine type are:Task or knowledge wor

49、kers who require desktops which they can take ownership of and personalize.End users on shared workstations.End users on locked-down workstations who access secure data.Virtual Desktop UpdatesTo apply changes to all the desktops allocated from a pooled machine catalog, update the master virtual machine.Managing the common aspects of users desktops through a single master virtual machine enables you to deploy system-wide changes, such as applying Windows updates or making configuration changes, to a large number of desktops very quickly.To Modify the Master Virtual MachineTo Revert to