App Layering

VMware vSphere

To install the App Layering service, you deploy the appliance to a virtual machine on your hypervisor.

Requirements

The App Layering appliance requires the following virtual machine settings, vSphere requirements, and vCenter permissions.

Virtual machine settings

When you create the appliance’s virtual machine, it requires:

  • 4 CPUs
  • 8 GB RAM

VMware vSphere requirements

To install the App Layering appliance in a VMware vSphere environment, you need the following:

  • A supported version of VMware vSphere.

  • A virtual network in vSphere.

  • vCenter account and privileges.

    You need a vCenter account with permissions on a data center for:

    • Creating and removing virtual machines.
    • Creating, copying, and removing virtual machine disks.

    Also, the account needs this permission at the vCenter level:

    • Removing virtual machines from inventory.

    For details, see the list of vCenter permissions in the next section.

  • The Role for App Layering that would be applied to the data center.

    To set up a new role:

    1. In the vSphere Client, navigate to Home > Administration > Roles.
    2. Click Add Role.
    3. Enter a name. For example: CALAdmin.
    4. Set the privileges for the account.
  • Privileges defined for the vCenter role that you’re using for the App Layering service. You apply the new role to the Data Center you plan to use for App Layering. For details, see the list of vCenter permissions in the next section.

    1. Open the Assign Permissions window.
    2. In the vSphere Client, navigate to Home > Inventory > Hosts and Clusters.
    3. Select your DataCenter and then right-click, and select Add permission.
    4. In the Assign Permissions window, under Assigned Role, expand All Privileges.
    5. Select the required vCenter permissions.
    6. Select the Propagate to Child Objects check box, and click OK.
  • The App Layering role must be assigned to the administrator account, as follows:

    1. Add the administrator account and then assign the App Layering role to it.
    2. Allow the permissions to propagate to the entire data center.

      Note: If you want to restrict this user from accessing specific folders in the data center, grant the user more restrictive permissions for those folders.

  • Because the Virtual Machine > Inventory > Remove permission must be assigned at the vCenter level, you must create a second role.

    1. In the vSphere Client, navigate to Home > Administration > Roles.
    2. Click Add Role, and enter a name, for example: CALAdmin-vmremove.
    3. Add Virtual Machine > Inventory > Remove, and leave everything else set to read-only.
    4. In the vSphere Client, navigate to Home > Inventory > Hosts and Clusters.
    5. Select the vCenter Permissions tab, right-click, and select Add permission (or modify the permissions on an existing account).

      Note:

      Make sure to use the account that has the data center permissions set.

    6. Select the new CALAdmin-vmremove role you defined. Make sure the Propagate to Child Objects check box is selected and then click OK.

      Note:

      If your security policy allows, you can set all permissions at the vCenter level instead.

vCenter permissions

Expand All Privileges, then each of the following permissions categories, and select the required permissions. Permission names might differ depending on your release of VMware VSphere.

Note:

As of release 19.11, the Host.Configuration.System Management permission is no longer required.

Datastore

  • Allocate space
  • Browse datastore
  • Low level file operations

Folder

  • Create folder

Global

  • Cancel task

Network

  • Assign network

Resource

  • Assign virtual machine to resource pool

vApp

  • Export
  • Import

Virtual machine > Configuration

  • Add existing disk
  • Add new disk
  • Add or remove device
  • Advanced
  • Change CPU count
  • Change resource
  • Memory
  • Modify device settings
  • Remove disk
  • Rename
  • Set annotation
  • Settings
  • Upgrade virtual machine compatibility

Virtual machine > Interaction

  • Configure CD media
  • Console interaction
  • Connect devices
  • Power off
  • Power on
  • Reset
  • VMware Tools Install

Virtual machine > Inventory

  • Create from existing
  • Create new
  • Remove

Virtual machine > Provisioning

  • Clone template (optional, but required to use a vSphere template as the source virtual machine)
  • Clone virtual machine

Virtual machine > Snapshot management

  • Create snapshot
  • Revert to snapshot
  • Remove snapshot

Install the App Layering appliance in VMware vSphere

To deploy the App Layering appliance to vSphere:

  • Make sure that you have the vSphere requirements.
  • Familiarize yourself with the contents of the installation package.
  • Deploy the appliance.

Installation package

The installation package, citrix_app_layering_vmware_21.4.x.x, includes:

File Description
vmware_x.x.x.ova OVA file for the appliance VM
citrix_app_layering_agent_installer.exe App Layering Agent installer
citrix_app_layering_os_machine_tools.exe OS Machine Tools

Deploy the appliance

  1. Extract the download package, citrix_app_layering_vmware_21.4.x.x.zip. The files included are listed at the beginning of this topic.
  2. Extract the vmware_4.x.xx.ova to a folder on your local drive.
  3. In the vSphere Web Client you are using, navigate to the VMs and Templates page.
  4. Right-click the folder in vSphere where you want to deploy the template and select Deploy OVF Template. The Deploy OVF Template wizard appears.
  5. In the Deploy OVF Template wizard, do the following:
    1. On the Select source page, select the Local file option, and browse to the vmware_x.x.x.ova file to select it.
    2. On the Select name and folder page, designate a name and location for the deployed OVF template.
    3. On the Select a resource page, select a location to run the deployed OVF template.
    4. On the Select storage page, select the Thick Provision Lazy Zeroed setting of the Select virtual disk format option, select a storage policy, and specify a storage location.
    5. On the Setup networks page, select your vSphere virtual network in the Destination column and select the IPv4 setting of the IP protocol option.
    6. On the Ready to complete page, review the template settings and then click Finish when you are satisfied with the settings.

If the appliance needs a Static IP address

You can change the appliance’s IP address and its DNS servers. When the appliance is first deployed, the DNS settings are retrieved using the Dynamic Host Configuration Protocol (DHCP}. If DHCP is not available, you can use static IP addresses. You select Static and enter the IP addresses for your DNS servers.

  1. Log in to the Appliance Configuration utility, using the steps and default password described in Appliance settings.
  2. At the Action prompt, enter C (for Configure Networking), and press Return.
  3. At the next prompt, type D for DHCP, or S for Static. If you choose Static, you are prompted for the following:
    • IP address
    • Subnet mask
    • Default Gateway address
    • Default DNS address
  4. At the next prompt, enter Y to save settings.
  5. At the Action prompt, enter Q to quit.
  6. Restart the appliance.

Next steps

Once the appliance is installed and the IP address is configured, proceed to:

VMware vSphere