The Delivery Controller is the server-side component that is responsible for managing user access, plus brokering and optimizing connections. Controllers also provide the Machine Creation Services that create desktop and server images.
A site must have at least one Controller. After you install the initial Controller, you can add more Controllers when you create a site, or later. There are two primary benefits from having more than one Controller in a site.
- Redundancy: As best practice, in a production site, always have at least two Controllers on different physical servers. If one Controller fails, the others can manage connections and administer the site.
- Scalability: As site activity grows, so does CPU utilization on the Controller and database activity. Additional Controllers enable you to handle more users and more applications and desktop requests, and can improve overall responsiveness.
Each Controller communicates directly with the site database. In a site with more than one zone, the Controllers in every zone communicate with the site database in the primary zone.
Do not change the computer name or the domain membership of a Controller after the site is configured.
How VDAs register with Controllers
Before a VDA can be used, it must register (establish communication) with a Delivery Controller in the site. For information about VDA registration, see VDA registration with Controllers.
Add, remove, or move Controllers
To add, remove, or move a Controller, you must have the server role and database role permissions listed in the Databases article.
Installing a Controller on a node in an SQL clustering or SQL mirroring installation is not supported.
When you add a Delivery Controller to a site, be sure to add logon credentials for that machine to any replica SQL Servers that you use for high availability.
If your deployment uses database mirroring:
- Before adding, removing, or moving a Controller, ensure that the principal and mirrored databases are both running. In addition, if you are using scripts with SQL Server Management Studio, enable SQLCMD mode before running the scripts.
- To verify mirroring after adding, removing, or moving a Controller, run the PowerShell
Get-configdbconnectioncmdlet. That cmdlet ensures that the Failover Partner has been set in the connection string to the mirror.
After you add, remove, or move a Controller:
- If auto-update is enabled, the VDAs receive an updated list of Controllers within 90 minutes.
- If auto-update is not enabled, ensure that the Controller policy setting or ListOfDDCs registry key are updated for all VDAs. After moving a Controller to another site, update the policy setting or registry key on both sites.
You can add Controllers when you create a site and later. You cannot add Controllers installed with an earlier version of this software to a site that was created with this version.
- Run the installer on a server containing a supported operating system. Install the Delivery Controller component and any other core components you want. Complete the installation wizard.
If you have not yet created a site, launch Studio. You are prompted to create a site. On the Databases page in the site creation wizard, click the Select button and then add the address of the server where you installed the additional Controller.
If you plan to generate scripts that initialize the databases, add the Controllers before you generate the scripts.
- If you have already created a site, point Studio to the server where you installed the additional Controller. Click Scale your deployment and enter the site address.
Removing a Controller from a site does not uninstall the Citrix software or any other component. That action removes the Controller from the database so that it can no longer be used to broker connections and perform other tasks. If you remove a Controller, you can later add it back to the same site or to another site. A site requires at least one Controller, so you cannot remove the last one listed in Studio.
When you remove a Controller from a site, the Controller logon to the database server is not removed. This avoids potentially removing a logon that is used by other products’ services on the same machine. The logon must be removed manually if it is no longer required. The
securityadmin server role permission is needed to remove the logon.
After you remove a Controller:
- VDAs using auto-update reregister with other available Controllers. This reregistration occurs only if the auto-update mechanism is enabled and the VDAs can reach other controllers (in the same secondary zone as the removed Controller, or in the primary zone for on-premises deployments).
- Update Controller information in Citrix StoreFront. For more information, see Manage Controllers.
- In Citrix StoreFront, update Secure Ticket Authority (STA) URLs for remote access through Citrix Gateway. For more information, see Manage Secure Ticket Authorities.
- In Citrix Gateway, update any virtual server STA URLs. For more information, see Citrix Gateway.
Do not remove the Controller from Active Directory until after you remove it from the site.
- Make sure that the Controller is powered on so that Studio loads in less than one hour. Once Studio loads the Controller you want to remove, make sure that all the services on the Controller are running and the Controller is powered off.
- Select Configuration > Controllers in the Studio navigation pane and then select the Controller you want to remove.
Select Remove Controller in the Actions pane. If you do not have the correct database roles and permissions, you are offered the option of generating a script that allows your database administrator to remove the Controller for you.
Studio performs a pre-check before removing a Controller. A controller is safe to remove if it is powered off and not in the following service status:
- Pending failure
- Older version
- Newer version
- Version change in progress
- Missing mandatory features
If the Controller is not powered off and is in any of the mentioned service status, Studio prompts you to power-off the Controller.
- You must remove the Controller’s machine account from the database server. Before removing, check that another service is not using the account.
After using Studio to remove a Controller, traffic to that Controller might linger for a short amount of time to ensure proper completion of current tasks. If you want to force the removal of a Controller in a short time, Citrix recommends you shut down the server where it was installed, or remove that server from Active Directory. Then, restart the other Controllers on the site to ensure no further communication with the removed Controller.
If your site contains more than one zone, you can move a Controller to a different zone. See the Zones article for information about how this moving can affect VDA registration and other operations.
- Select Configuration > Controllers in the Studio navigation pane and then select the Controller you want to move.
- Select Move in the Actions pane.
- Specify the zone where you want to move the Controller.
You cannot move a Controller to a site that was created with an earlier version of this software.
- On the site where the Controller is located (the old site), select Configuration > Controllers in the Studio navigation pane. Then select the Controller you want to move.
- Select Remove Controller in the Actions pane. If you do not have the correct database permissions, you can generate a script that allows someone with those permissions (such as a database administrator) to remove the Controller. A site requires at least one Controller, so you cannot remove the last one listed in Studio.
- On the Controller you are moving, open Studio, reset the services when prompted, select Join existing site, and enter the address of the new site.
If a VDA was provisioned using Citrix Provisioning or is an existing image, you can move a VDA to another site (from site 1 to site 2) when upgrading, or when moving a VDA image that was created in a test site to a production site. VDAs provisioned using Machine Creation Services (MCS) cannot be moved from one site to another. MCS does not support changing the ListOfDDCs a VDA checks to register with a Controller. VDAs provisioned using MCS always check the ListOfDDCs associated with the site in which they were created.
There are two ways to move a VDA to another site: using the installer or Citrix policies.
Run the installer and add a Controller, specifying the FQDN (DNS entry) of a Controller in site 2.
Specify Controllers in the installer only when the Controllers policy setting is not used.
The following example moves multiple VDAs between sites.
Create a policy in site 1 that contains the following settings, then filter the policy to the Delivery Group level to initiate a staged VDA migration between the sites.
- Controllers: Containing FQDNs (DNS entries) of one or more Controllers in site 2.
- Enable auto update of Controllers: set to disabled.
- Each VDA in the Delivery Group is alerted within 90 minutes of the new policy. The VDA ignores the list of Controllers it receives (because auto-update is disabled); it selects one of the Controllers specified in the policy, which lists the Controllers in site 2.
- When the VDA successfully registers with a Controller in site 2, it receives the site 2 ListOfDDCs and policy information, which has auto-update enabled by default. The Controller with which the VDA was registered in site 1 is not on the list sent by the Controller in site 2. So, the VDA re-registers, choosing among the Controllers in the site 2 list. From then on, the VDA is automatically updated with information from site 2.
For information about how to use the Group Policy Editor, see the Citrix policies documentation.