Microsoft System Center Virtual Machine Manager virtualization environments
Follow this guidance if you use Hyper-V with the Microsoft System Center Virtual Machine Manager (VMM) to provide virtual machines.
See System requirements for a list of supported VMM versions.
You can use Machine Creation Services or Citrix Provisioning (formerly Provisioning Services) to provision:
- Generation 1 Desktop or Server OS VMs
- Generation 2 Windows Server 2012 R2, Windows Server 2016, and Windows 10 VMs (with or without Secure Boot)
Install and configure a hypervisor
Install the Microsoft Hyper-V server and VMM on your servers.
Verify the following account information:
In Manage > Full Configuration, the account you specify when creating a connection must be a VMM administrator or VMM delegated administrator for the relevant Hyper-V machines. If this account has only the delegated administrator role in VMM, the storage data is not listed in the Full Configuration interface during the connection creation process.
Your user account must also be a member of the administrators local security group on each Hyper-V server to support VM lifecycle management (such as VM creation, update, and deletion).
Install the VMM console
Install a System Center Virtual Machine Manager console on each server having a Citrix Cloud Connector.
The console version must match the management server version. Although an earlier console can connect to the management server, provisioning VDAs fails if the versions differ.
Create a master VM
- Install a VDA on the master VM, and select the option to optimize the desktop. This improves performance.
- Take a snapshot of the master VM to use as a backup.
- Create virtual desktops.
Create a connection
If you used MCS to provision VMs, do the following in the connection creation wizard:
- Enter the address as a fully qualified domain name of the host server.
- Enter credentials for the administrator account that you set up earlier. This account must have permission to create new VMs.
In the Host Details dialog box, select the cluster or standalone host to use when creating VMs.
Browse for a cluster or standalone host even if you are using a single Hyper-V host deployment.
MCS on SMB 3 file shares
For machine catalogs created with MCS on SMB 3 file shares for VM storage, credentials must meet the following requirements to ensure that calls from the Citrix Hypervisor Communications Library (HCL) connect successfully to SMB storage.
- VMM user credentials must include full read write access to the SMB storage.
- Storage-virtual disk operations during VM lifecycle events are performed through the Hyper-V server using the VMM user credentials.
When using VMM 2012 SP1 with Hyper-V on Windows Server 2012: When using SMB as storage, enable the Authentication Credential Security Support Provider (CredSSP) from the Cloud Connector to individual Hyper-V machines. For more information, see CTX 137465.
Using a standard PowerShell V3 remote session, the HCL in the Cloud Connector uses CredSSP to open a connection to the Hyper-V machine. This feature passes Kerberos-encrypted user credentials to the Hyper-V machine, and the PowerShell commands in the session on the remote Hyper-V machine run with the credentials provided (in this case, those of the VMM user), so that communication commands to storage work correctly.
The following tasks use PowerShell scripts that originate in the HCL. The scripts are then sent to the Hyper-V machine to act on the SMB 3.0 storage.
Consolidate Master Image: An image creates a new MCS provisioning scheme (machine catalog). It clones and flattens the master VM ready for creating new VMs from the new disk created (and removes dependency on the original master VM).
ConvertVirtualHardDisk on the root\virtualization\v2 namespace
$ims = Get-WmiObject -class $class -namespace "root\\virtualization\\v2"; $result = $ims.ConvertVirtualHardDisk($diskName, $vhdastext) $result <!--NeedCopy-->
Create difference disk: Creates a difference disk from the image generated by consolidating the image. The difference disk is then attached to a new VM.
CreateVirtualHardDisk on the root\virtualization\v2 namespace
$ims = Get-WmiObject -class $class -namespace "root\\virtualization\\v2"; $result = $ims.CreateVirtualHardDisk($vhdastext); $result <!--NeedCopy-->
Upload identity disks: The HCL cannot directly upload the identity disk to SMB storage. Therefore, the Hyper-V machine must upload and copy the identity disk to the storage. Because the Hyper-V machine cannot read the disk from the Cloud Connector, the HCL must first copy the identity disk through the Hyper-V machine as follows.
- The HCL uploads the Identity to the Hyper-V machine through the administrator share.
The Hyper-V machine copies the disk to the SMB storage through a PowerShell script running in the PowerShell remote session.
A folder is created on the Hyper-V machine and the permissions on that folder are locked for the VMM user only (through the remote PowerShell connection).
- The HCL deletes the file from the administrator share.
- When the HCL completes the identity disk upload to the Hyper-V machine, the remote PowerShell session copies the identity disks to SMB storage, and then deletes it from the Hyper-V machine.
The identity disk folder is recreated if deleted to make it available for reuse.
Download identity disks: As with uploads, the identity disks pass through the Hyper-V machine to the HCL. The following process creates a folder that has only VMM user permissions on the Hyper-V server if it does not exist.
- The HyperV machine copies the disk from the SMB storage to local Hyper-V storage using a PowerShell script running in the PowerShell V3 remote session.
- HCL reads the disk from the Hyper-V machine’s administrator share into memory.
- HCL deletes the file from the administrator share.
Azure Stack HCI provisioning through SCVMM
Azure Stack HCI is a hyper-converged infrastructure (HCI) cluster solution that hosts virtualized Windows and Linux workloads and their storage in a hybrid, on-premises environment.
Azure hybrid services enhance the cluster with capabilities such as cloud-based monitoring, site recovery, and VM backups. You can also have a central view of all your Azure Stack HCI deployments in the Azure portal.
Integrate Azure Stack HCI with SCVMM
To integrate Azure Stack HCI with SCVMM, you need to first create an Azure Stack HCI cluster, and then integrate that cluster with SCVMM.
To create the Azure Stack HCI cluster, see the Microsoft document Connect Azure Stack HCI to Azure.
To integrate Azure Stack HCI cluster with SCVMM, do the following:
Log in to the machine that is prepared to host the SCVMM server and install SCVMM 2019 UR3 or later.
Install SCVMM 2019 UR3 or later Administrator Console in the Cloud Connector VM.
In the Settings page of the VMM console, create a run as account.
Run the following PowerShell commands with administrative privileges in the SCVMM server to add the Azure Stack HCI cluster as a host:
$runAsAccountName = 'Admin' $runAsAccount = Get-SCRunAsAccount -Name $runAsAccountName $hostGroupName = 'All Hosts' $hostGroup = Get-SCVMHostGroup -Name $hostGroupName $hostCluster = 'FQDN of Azure Stack HCI cluster' Add-SCVMHostCluster -Name $hostCluster -RunAsynchronously -VMHostGroup $hostGroup -Credential $runAsAccount -RemoteConnectEnabled $true <!--NeedCopy-->
You can now see the Azure Stack HCI cluster along with the nodes in the VMM console.
Create the SCVMM hosting connection in the Full Configuration interface.