Product Documentation

Virtual Machines

Jun 05, 2015
Updated: 2013-05-17

The Virtual Machines service for Services Manager delivers virtual datacenters from the cloud. The service integrates with Microsoft System Center Virtual Machine Manager (SCVMM) for VM management and supports Microsoft Hyper-V Server.

Customers provisioned with the Virtual Machines service can create and manage the virtual servers in their organizations. Customers can add and configure new virtual servers, create checkpoints that enable restoring virtual servers to a previous state, and add or remove servers from available networks.

Customers can be assigned resource pools which include limits on total disk storage, memory, processors, and number of virtual machines. When a resource pool is assigned, the customer can create, manage, stop, start, upgrade, and downgrade their virtual servers through the Services Manager control panel. If more resources are needed, the customer's reseller can add the required resources.

Customers can be assigned one or more virtual networks and Services Manager can automatically assign a VLAN tag or allow the customer to assign the tag manually. After the network is set up, the customer can add or remove virtual servers from the virtual network. Virtual networks can span across multiple physical hosts managed by the same SCVMM server. This means that customers' virtual servers can be distributed across hosts.

Supported versions

The Virtual Machines service supports the following versions of SCVMM and Windows Server:
Version Windows Server 2008 R2 Windows Server 2012
SCVMM 2008 R2 SP1 X  
SCVMM 2012 SP1   X

Additionally, the Virtual Machines service supports Microsoft Hyper-V Server 2008 R2.

General requirements

Windows server roles
Enable the following Windows server roles:
  • Web Server > Application Development > ASP.NET
  • Web Server > Security > Windows Authentication
Microsoft .NET Framework 4 Installed.
SCVMM console software Install the System Center Virtual Machine Manager 2008 R2 Administrator Console.
Active Directory groups An Active Directory security group is added to Hyper-V servers to enable remote connections. Your environment must allow security groups to be added to the host from the domain containing the Services Manager components.

SCVMM role requirements

In SCVMM, a Self Service user role is required for integration with Services Manager. Create this role with the following settings:
  • User role name: SelfService
  • User role profile: Self-Service User
  • Role member: CortexWSUser
  • Select the VM host groups that Services Manager will manage
  • Grant permissions: All actions
  • Allow users to create new VMs
  • Do not allow users to store VMs in a library

Firewall requirements

Open inbound TCP port 8095 on the server hosting the Virtual Machines web service. Additionally, open the following firewall ports, by role:
Role Port Description
SCVMM servers 8100 VMM - Administrator Console to VMM server
As installed RDP - self-service portal website port
If using a remote VMM database 1433 TDS - SQL Server
Virtual server 5900 VMRC - VMRC connection to virtual server host
Hyper-V hosts 80 WinRM - VMM server to VMM agent on Windows Server-based host (control)
443 BITS - Library server > hosts
445 SMB - VMM server to VMM agent on Windows Server-based host (data)
2179 RDP - VMConnect to Hyper-V hosts
5900 VMRC - connection to virtual server host
Virtual machines 3389 RDP - Remote desktop to VMs

Security software scanning rules

Remove the following folders or executables from real-time scanning by security software:
  • The default virtual machine configuration folder (for example, C:ProgramDataMicrosoftWindowsHyper-V) and any custom virtual machine configuration folders
  • The default virtual machine hard disk drive folder (for example, C:UsersPublicDocumentsHyper-VVirtual Hard Disks) and any custom virtual machine hard disk drive folders
  • Snapshot folders
  • VMMS.EXE - Virtual Machine Management Service
  • VMWP.EXE - Virtual Machine Worker Process
  • If you use Hyper-V Live Migration with Cluster Shared Volumes, remove the Cluster Storage folder (for example, C:Clusterstorage) and all subfolders.

Network access

For each Hyper-V host, use SCVMM to set up network access:
  • Configure network adaptors.
  • Configure VLAN ranges for VLAN trunking.

    Hyper-V hosts can be stand-alone or clustered. Services Manager supports Cluster Shared Volumes for provisioning highly available VMs.

  • For each Hyper-V host Services Manager is to manage, refer to article CTX129850, "How to Add a Hyper-V Host to Cortex," in the Citrix Knowledge Center.

Service deployment overview

Deploying the Virtual Machines service involves the following tasks:
  1. Install the web service on the SCVMM server.
  2. Configure the service using the control panel.
  3. Verify the connection to SCVMM and synchronize resources.
  4. Add Hyper-V hosts to Services Manager. See article CTX129850, "How to Add a Hyper-V Host to Cortex," in the Citrix Knowledge Center.
  5. Create virtual servers and networks using the control panel.
  6. Establish remote connectivity to virtual servers so that customers can access them when they are provisioned the service. See article CTX129846, "How to Connect to a Virtual Machine," in the Citrix Knowledge Center.
  7. Provision the service to customers.