-
-
Install Citrix ADM service agent on Microsoft Azure Cloud
-
Low-touch onboarding of Citrix ADC instances using Citrix ADM service connect
-
-
Importing and synchronizing StyleBooks from GitHub repository
-
-
-
-
Use ADM audit logs for managing and monitoring your infrastructure
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
Install Citrix ADM agent on Microsoft Azure cloud
The agent works as an intermediary between the Citrix Application Delivery Management (Citrix ADM) and the managed instances in the enterprise data center, or on the cloud.
To install the Citrix ADM agent on the Microsoft Azure cloud, you have to create an instance of the agent in the virtual network. Obtain the Citrix ADM agent image from the Azure Marketplace, and then use the Azure Resource Manager portal to create the agent.
Before you begin creating the Citrix ADM agent instance, make sure that you have created a virtual network with the required subnets where the instance will reside. You can create virtual networks during VM provisioning, but without the flexibility to create different subnets. For information about creating virtual networks, see http://azure.microsoft.com/en-us/documentation/articles/create-virtual-network.
Configure DNS server and VPN connectivity that allows a virtual machine to access Internet resources.
Prerequisites
Make sure that you have the following:
- A Microsoft Azure user account
- Access to Microsoft Azure Resource Manager
Note
- Citrix recommends that you create resource group, network security group, virtual network, and other entities before you provision the Citrix ADM agent virtual machine, so that the network information is available during provisioning.
- For the Citrix ADM agent to communicate with Citrix ADM and the Citrix ADC instances, ensure that the recommended ports are open. For complete details about the port requirements for the Citrix ADM agent, see Ports.
To install the Citrix ADM agent on Microsoft Azure Cloud:
-
Log on to the Azure portal (https://portal.azure.com) by using your Microsoft Azure credentials.
-
Click +Create a resource.
-
Type
Citrix ADM Agent
in the search bar and select Citrix ADM Service Agent. -
Click Create.
-
In the Create virtual machine pane, specify the required values in each section to create a virtual machine.
Basics:
In this tab, specify Project details, Instance details, and Administrator account.
-
Resource group – Select the resource group you have created from the drop-down list.
Note
You can create a resource group at this point, but Citrix recommends that you create a resource group from Resource groups in the Azure Resource Manager and then select the group from the drop-down list.
-
Virtual machine name – Specify a name for the Citrix ADM agent instance.
-
Region - Select the region where you want to deploy an agent.
-
Availability options – Select the availability set from the list.
-
Image - This field displays the already selected agent image. If you want to change to a different agent image, select the required image from the list.
-
Size - Specify the type and size of the virtual disk for deploying your Citrix ADM agent.
Select the Supported virtual disk type (HDD or SSD) from the list.
-
Authentication Type – Select Password.
- User name and Password – Specify a user name and password to access the resources in the resource group that you have created.
Disks:
In this tab, specify Disk options and Data disks.
- OS disk type - Select the virtual disk type (HDD or SSD).
Networking:
Specify the required networking details:
- Virtual network – Select the virtual network.
- Subnet – Set the subnet address.
- Public IP address – Select the IP address.
- Network security group – Select the security group that you have created.
- Select inbound ports - If you allow public inbound ports, ensure the inbound and outbound rules are configured in the security group. Then, select the inbound ports from the list. For more details, see Prerequisites.
Management:
Specify Azure Security Center, Monitoring, and Identity.
Advanced:
Optional, specify Extensions, Custom Data, and Proximity placement group.
In Custom Data, you can specify an agent auto-registration script to register the agent with the ADM service. The following is an example script that runs the
deployment.py
script and registers the agent:```python #!/var/python/bin/python2.7 import os import requests import json import time import re import logging import logging.handlers import boto3 ''' Overview of the Script: The script helps to register an ADM agent with ADM. Pass it in userdata to make ADM agent in AWS to autoregister on bootup. The workflow is as follows 1) Fetch the ADM service API credentials (ID and secret) from AWS secret store (NOTE: you have to assign IAM role to the ADM Agent that will give permission to fetch secrets from AWS secret store) 2) Login to ADM service with credentials fetched in step 1 3) Call ADM service to fetch credentials (serviceURL and token) for agent registration 4) Calls registration by using the credentials fetched in step 3 ''' ''' These are the placeholders which you need to replace according to your setup configurations aws_secret_id: Id of the AWS secret where you have stored ADM Credentials The secrets value should be in the following json format { "adm_user_id_key": "YOUR_ID", " adm_user_secret_key": "YOUR_SECRET"} ''' aws_secret_id = "<AWS_secret_id>" adm_ip_or_hostname = "<YOUR_ADM_POP>.adm.cloud.com" ''' Set up a specific logger with your desired output level and log file name ''' log_file_name_local = os.path.basename(__file__) LOG_FILENAME = '/var/log/' + 'bootstrap' + '.log' LOG_MAX_BYTE = 50*1024*1024 LOG_BACKUP_COUNT = 20 logger = logging.getLogger(__name__) logger.setLevel(logging.DEBUG) logger_handler = logging.handlers.RotatingFileHandler(LOG_FILENAME, maxBytes=LOG_MAX_BYTE, backupCount=LOG_BACKUP_COUNT) logger_fortmater = logging.Formatter(fmt='%(asctime)-2s:%(funcName)30s:%(lineno)4d: [%(levelname)s] %(message)s', datefmt="%Y-%m-%d %H:%M:%S") logger_handler.setFormatter(logger_fortmater) logger.addHandler(logger_handler) class APIHandlerException(Exception): def __init__(self, error_code, message): self.error_code = error_code self.message = message def __str__(self): return self.message + ". Error code '" + str(self.error_code) + "'" def parse_response(response, url, print_response=True): if not response.ok: if "reboot" in url: logger.debug('No response for url: reboot') resp = {"errorcode": "500", "message": "Error while reading response."} return resp if print_response: logger.debug('Response text for %s is %s' % (url, response.text)) response = json.loads(response.text) logger.debug("ErrorCode - " + str(response['errorcode']) + ". Message -" + str(response['message'])) raise APIHandlerException(response['errorcode'], str(response['message'])) elif response.text: if print_response: logger.debug('Response text for %s is %s' % (url, response.text)) result = json.loads(response.text) if 'errorcode' in result and result['errorcode'] > 0: raise APIHandlerException(result['errorcode'], str(result['message'])) return result def _request(method, url, data=None, headers=None, retry=3, print_response=True): try: response = requests.request(method, url, data=data, headers=headers) result = parse_response(response, url, print_response=print_response) return result except [requests.exceptions.ConnectionError, requests.exceptions.ConnectTimeout]: if retry > 0: return _request(method, url, data, headers, retry-1, print_response=print_response) else: raise APIHandlerException(503, 'ConnectionError') except requests.exceptions.RequestException as e: logger.debug(str(e)) raise APIHandlerException(500, str(e)) except APIHandlerException as e: logger.debug("URL: %s, Error: %s, Message: %s" % (url, e.error_code, e.message)) raise e except Exception as e: raise APIHandlerException(500, str(e)) try: '''Get the AWS Region''' client = boto3.client('s3') my_region = client.meta.region_name logger.debug("The rgion is %s" % (my_region)) '''Creating a Boto cleint session''' session = boto3.session.Session() client = session.client( service_name='secretsmanager', region_name=my_region ) '''Getting the values stored in the secret with id: <aws_secret_id>''' get_id_value_response = client.get_secret_value( SecretId = aws_secret_id ) adm_user_id = json.loads(get_id_value_response["SecretString"])["adm_user_id_key"] adm_user_secret = json.loads(get_id_value_response["SecretString"])["adm_user_secret_key"] except Exception as e: logger.debug("Fetching of ADM credentials from AWS secret failed with error: %s" % (str(e))) raise e ''' Initializing common ADM API handlers ''' mas_common_headers = { 'Content-Type': "application/json", 'Accept-type': "application/json", 'Connection': "keep-alive", 'isCloud': "true" } ''' API to login to the ADM and fetch the Session ID and Tenant ID ''' url = "https://" + str(adm_ip_or_hostname) + "/nitro/v1/config/login" payload = 'object={"login":{"ID":"' + adm_user_id + '","Secret":"' + adm_user_secret + '"}}' try: response = _request("POST", url, data=payload, headers=mas_common_headers) sessionid = response["login"][0]["sessionid"] tenant_id = response["login"][0]["tenant_name"] except Exception as e: logger.debug("Login call to the ADM failed with error: %s" % (str(e))) raise e ''' API to fetch the service URL and Token to be used for registering the agent with the ADM ''' mas_common_headers['Cookie'] = 'SESSID=' + str(sessionid) url = "https://" + str(adm_ip_or_hostname) + "/nitro/v1/config/trust_preauthtoken/" + tenant_id +"?customer="+ tenant_id logger.debug("Fetching Service URL and Token.") try: response = _request("GET", url, data=None, headers=mas_common_headers) service_name = response["trust_preauthtoken"][0]["service_name"] token = response["trust_preauthtoken"][0]["token"] api_gateway_url = response["trust_preauthtoken"][0]["api_gateway_url"] except Exception as e: logger.debug("Fetching of the Service URL Passed with error. %s" % (str(e))) raise e ''' Running the register agent command using the values we retrieved earlier ''' try: registeragent_command = "registeragent -serviceurl "+api_gateway_url+" -activationcode "+service_name+"\;"+token file_run_command = "/var/python/bin/python2.7 /mps/register_agent_cloud.py "+registeragent_command logger.debug("Executing registeragent command: %s" % (file_run_command)) os.system(file_run_command) except Exception as e: logger.debug("Agent Registeration failed with error: %s" % (str(e))) raise e ```
If you specify this auto-registration script, skip step 7 and 8.
Tags:
Type the key-value pair for the ADM agent tags. A tag consists of a case-sensitive key-value pair. These tags enable you to organize and identify the agent easily. The tags are applied to both Azure and Citrix ADM.
The configuration settings are validated and the Review and create tab displays the result of the validation.
- If the validation fails, this tab displays the reason for the failure. Go back to the particular section and make changes as required.
-
If the validation passes, click Create. The agent deployment process begins.
The deployment process might take approximately 10–15 minutes. Once the deployment is successfully completed, you can view your Citrix ADM agent virtual machine in your Microsoft Azure account.
-
Resource group – Select the resource group you have created from the drop-down list.
-
Once the agent is up and running, using an SSH client, log on to your Citrix ADM agent using the Public IP address.
Note
- If you specified the user name as
nsrecover
, use the default Citrix ADM agent credentials (nsrecover/nsroot) to log on to the virtual machine. - Citrix recommends that you change your default password after the first logon. To change the password, at shell type: passwd nsroot.
- If you specified the user name as
-
Enter the following command to invoke the deployment screen: deployment_type.py
-
Enter the Service-URL and the Activation code that you had copied and saved from the Set Up Agents page in Citrix ADM as instructed in Getting Started. The agent uses the service URL to locate the service and the activation code to register with the service.
After agent registration is successful, the agent restarts to complete the installation process.
After the agent has restarted, access Citrix ADM and on the Set Up Agent page, under Discovered Agents, verify the status of the agent.
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.