Product Documentation

PVS managed by Citrix Cloud

Jun 01, 2018

This release of Provisioning Services supports a connector for Citrix Cloud integration. It enables VDAs provisioned by Provisioning Services to be used in the XenApp and XenDesktop Service. This provides the same functionality as Provisioning Services and XenDesktop in on-premises deployments. 

What's required

The following elements are required when using Provisioning Services with Citrix Cloud:

  • XenDesktop Delivery Controller in Citrix Cloud.

XenDesktop builds a version of the PVS PowerShell snapin (Citrix.PVS.snapin) with a subset of the PVS on-premises cmdlet built specifically to run in Citrix Cloud and communicate with PVS on-premises through the Citrix Cloud Connector. 

  • Citrix Cloud Connector located on-premises.

The Cloud Connector acts as a relay which exposes the Azure Provisioning Service endpoints to enable communication between XenDesktop and the XenApp and XenDesktop Service Delivery Controller.

Additionally, the Cloud Connector contains a WCF endpoint listening on the Azure Service Bus for communicating with the PVS Server. 

  • PVS Server located on-premises; this must be version 7.18 or later.

The PVS Server communicates with the Cloud Connector while establishing SOAP calls to MAPI.

  • XenApp and XenDesktop Remote PowerShell SDK.

The PVS console installation includes the XenApp and XenDesktop SDK. This SDK must be replaced by the XenApp and XenDesktop Remote PowerShell SDK. 

The SDK is used by the XenDesktop Setup Wizard to push VDA records to the Delivery Controller in Citrix Cloud.

  • The Licensing Server must be on-premises.

For PVS deployments, the Citrix License Server must be on-premises.

Dependencies

The following dependencies exist when using Provisioning Services and Citrix Cloud:

  • Citrix Studio
  • Citrix Cloud Connector, with the Remote Broker Provider (XaXdCloudProxy).
  • XenApp and XenDesktop Remote PowerShell SDK

On-premises versus Citrix Cloud deployments

Traditional XenApp and XenDesktop deployments using Provisioning Services require the management of two distinct elements: both the XenApp and XenDesktop deployment and the PVS deployment. Such environments resemble the image below, without the added complexity of illustrating VDA components:

localized image

With an on-premises PVS deployment, the XenApp and XenDesktop Service has been extended to work with an on-premises PVS deployment illustrated below:

localized image

By extending the XenApp and XenDesktop Service, Citrix eliminates the need to operate and manage the XenApp and XenDesktop deployment while still providing the benefits of a managed Provisioning Services deployment. 

Provisioning Services can add PVS-managed VDAs to a machine catalog in the XenDesktop Delivery Controller located in Citrix Cloud, using one of two methods: 

  • Add new devices using the XenDesktop Setup Wizard in the PVS console
  • Import existing PVS devices using the machine catalog creation wizard in Studio.

XenDesktop Setup Wizard in the PVS Console

The XenDesktop Setup Wizard (XDSW) enables you to create PVS devices and collections, and then create machine catalogs containing these elements. For this functionality to work with the Delivery Controller in Citrix Cloud, the XenApp and XenDesktop SDK must be replaced with the XenApp and XenDesktop Remote PowerShell SDK. This Remote PowerShell SDK is responsible for communicating with the Delivery Controller.

Machine catalog setup wizard using Studio

The machine catalog setup wizard imports existing PVS-managed VMs to a XenDesktop catalog. In cases such as these, the VMs must be previously created using the PVS console. Consider:

  • Studio uses the PowerShell snap-in PvsPsSnapin to communicate with the PVS Server. The PvsPsSnapin is a subset of the existing PVS PowerShell snapin, Citrix.PVS.Snapin. It contains the following cmdlets:

Clear-PvsConnection

Get-PvsVersion

Get-SimplePvsADAccount

Get-SimplePvsCollection

Get-SimplePvsDevice

Get-SimpleDiskLocator

Get-SimpleDiskUpdateDevice

Get-SimplePvsSite

Get-SimplePvsUpdateTask

Set-PvsConnection

Note

In Citrix Cloud, PvsPsSnapin has been extended to enable communication from the XenApp and XenDesktop Service to the PvsMapiProxyPlugin, a newly created proxy added to the XaXdCloudProxy in the Cloud Connector.

  • Communication is over a secure channel, HTTPS port 443, including PVS administrator credentials. These credentials are used by the proxy to impersonate the PVS administrator before contacting the PVS Server. 

Support for Cloud Connector failover

When using Provisioning Services in a cloud infrastructure, Citrix recommends having at least two Cloud Connectors for each resource location in case of failover. If one Cloud Connector is down, the PvsPsSnapin looks for the other Cloud Connector that is up and is connected to the PVS Server and Citrix Cloud. 

Note

If the Cloud Connector goes down during the operations conducted by the machine catalog setup wizard, re-open the wizard. This allows the wizard to re-establish the connection using a new Cloud Connector.

Connecting your PVS deployment to the XenApp and XenDesktop Service in Citrix Cloud

To connect an existing PVS deployment to Citrix Cloud:

  1. Add a Cloud Connector to your managed components, for example, resource locations.
  2. Upgrade PVS; you must use the latest version. Refer to the download page.
  3. Replace the XenApp/XenDesktop SDK on your PVS console with the XenApp and Desktop Remote PowerShell SDK.

When installing this SDK, consider that the PVS console on which this functionality is installed will not be able to contact local XenDesktop deployments. This also applies to the PVS Server; communication exists only to the Citrix Cloud. All devices that are managed by the Delivery Controller in Citrix Cloud will have their vDisk images and VDAs updated to use the Delivery Controller in order to register with XenDesktop. 

Important

An on-premises Citrix license server is required in the XenApp and XenDesktop Service deployment. Refer to the Licensing page for more information.

Adding the Citrix Cloud Connector

Connecting a PVS deployment to the service requires the addition of the Cloud Connector to your managed components, for example, your resource location. When adding this connector to managed components, consider:

  • The Cloud Connector installs on any domain-joined Windows 2012 R2 machine and Windows Server 2016.
  • The service does not directly call into the Cloud Connector.

To add the Cloud Connector, refer to the instructions on the Citrix Cloud Connector page

Upgrade Provisioning Services

To use Citrix Cloud with PVS, you must use a version that integrates with the XenApp and XenDesktop Service. For optimum performance, Citrix recommends using Provisioning Services version 7.18. Access the Applications and Desktops Service Downloads page for the appropriate version. 

Using the XenApp and XenDesktop Remote PowerShell SDK

The PVS Console component includes the XenApp and XenDesktop SDK; this must be replaced with the XenApp and XenDesktop Services Remote PowerShell SDK.

To use the new SDK:

1. Uninstall the XenApp and XenDesktop SDK from the PVS Console by removing the following snapins:

  • Citrix Broker PowerShell snap-in
  • Citrix Configuration Logging Service PowerShell snap-in
  • Citrix Configuration Service PowerShell snap-in
  • Citrix Delegated Administration Service PowerShell snap-in
  • Citrix Host Service PowerShell snap-in

2. Download the Remote PowerShell SDK from the Downloads page. Powershell 3.0 is required to be pre-installed.

3. Install the SDK using the command to execute: CitrixPoshSdk.exe PVS=YES.

Important

Install the downloaded SDK from the command line, and include the argument “PVS=YES.”

localized image
localized image

To verify the new SDK installation:

  1. Open PowerShell.
  2. Execute the cmdlet: Add-PsSnapin Citrix*.
  3. Execute the cmdlet: Get-BrokerServiceStatus.
  4. SIgn in to Citrix Cloud.

Tip

The Get-BrokerServiceStatus cmdlet indicates that the Delivery Controller is OK.

localized image

Firewall considerations

Firewall configurations typically require zero or minimal updates. Consider the following:

  • On the PVS console, outward bound SDK traffic uses HTTPS (port 443).
  • On the Cloud Connector machine, all traffic is outbound to the cloud over HTTPS (port 443). This enables the connector and PVS console to reside behind NATs and HTTP proxies.
  • The new PVS proxy added to the Cloud Connector forwards HTTP (port 80) communications to the PVS Server, using wsHttp message security.

Note

Personal vDisk functionality is not supported.

Administer VDAs

To add PVS managed VDAs to a machine catalog:

  • Use the XenDesktop Setup Wizard in the PVS console, or
  • Use the machine catalog setup wizard in Studio

Using the XenDesktop Setup Wizard to add VDAs

The XenDesktop Setup Wizard creates PVS devices and collections, then creates machine catalogs containing these elements. The Wizard prompts for the XenDesktop Controller address. Provide the address of one of the Cloud Connector machines (rather than the Controller address).

localized image

After entering the address of the Cloud Connector, click Next.

The Citrix Cloud authentication screen appears, prompting for sign in credentials. This prompt, invoked by the PVS Console, is generated by the XenApp and XenDesktop Remote PowerShell SDK.

localized image

Tip

The Citrix Cloud credentials enable the SDK to securely communicate with the XenApp and XenDesktop Service in order to configure the machine catalogs. The remaining steps in the XenDesktop Setup Wizard are unchanged. The only difference is the prompt for the Citrix Cloud sign-in credentials when the wizard first invokes the cmdlet in the Remote PowerShell SDK.

Using the machine catalog setup wizard to add VDAs

This Studio wizard adds existing managed PVS VMs to a catalog. In this scenario, the VMs were previously created using the PVS console. To use this wizard:

  1. Access Studio from the Manage tab of the XenApp and XenDesktop Service page. 
  2. Select Machine Catalogs in the navigation pane.
  3. Click Create New Catalog in the Actions pane..
  4. Select Citrix Provisioning Services (PVS), and click Next.
localized image

5. On the Device Collection page, provide the address of the PVS Server and click Connect.

localized image

6. Provide the login credentials for the PVS administrator and click OK.

localized image

After entering the login credentials, Studio communicates with the Cloud Connector, which then forwards requests to the PVS Server using the specified credentials. If a valid PVS administrator is provided, device collections are displayed.

localized image

This authentication method represents the only difference between an on-premises XenApp and XenDesktop deployment and a XenApp and XenDesktop Service deployment in Citrix Cloud. In an on-premises case, the identity of the Studio user authenticates to the PVS Server. In the service model, an explicit authentication is required because Studio runs in an AD environment with no trust relationships to the AD of the PVS deployment.

Error messages in Studio

When setting up a machine catalog using the wizard, the Device Collection screen displays the state of PVS cloud connection. If the feature has not been enabled, an error message appears, indicating that “PVS for Cloud feature is not enabled”.

localized image

Troubleshooting the PVS Cloud Connector

Use the information in this section to troubleshoot issues related to using the XenDesktop Setup Wizard for Delivery Controller connectivity. 

To verify connectivity:

  1. Ensure that the Remote PowerShell SDK is installed and properly configured. Verify that the Remote Powershell SDK is installed by executing the following command: CitrixPoshSdk.exe PVS=YES.
  2. Uninstall the 5 XenDesktop snapins from the PVS Server and Console.
  3. Ensure that the Cloud Connector is on the same VLAN\VNET as the PVS console system, otherwise communication fails.
  4. Ensure that the PVS account is also a member of the local PVS OS Admin group.

Tip

To install the remote PowerShell SDK on the PVS Server, you must uninstall the 5 XenDesktop snapins from the PVS Server, then install the remote PowerShell SDK.

Connection problems between the PVS Server and the Delivery Controller

Use the information in this section to troubleshoot connectivity problems between the Delivery Controller and the Provisioning Services Server. To verify connectivity:

1. Ensure that the Cloud Connector in the resource location is installed successfully.

2. Ensure that the Cloud Connector is on the same VLAN\VNET as the PVS console system.

3. In Citrix Studio, ensure that the Zones screen properly displays the Cloud Connectors.

4. Verify that at least one Cloud Connector is “Connected.” To do this: 

  • Sign in to https://citrix.cloud.com. 
  • Under Resource locations > [Your Resource Location] > Cloud Connectors, verify that at least one Cloud Connector is showing status as Green. 

5. Verify that PVS Support in Citrix Cloud is enabled. Ensure that the PvsSupport feature toggle is enabled in the customer’s configuration and by the Citrix Cloud administrator.  

6. Verify that the Citrix Remote Broker Provider is up and running in the Cloud Connector. Refer to the Cloud Connector to see if the Citrix Remote Broker Provider Service is running.

localized image

Considerations when using the Machine Creation Service (MCS) Wizard

Use the information in this section when using the MCS wizard in Studio to import PVS devices into XenDesktop devices. Verify that:

  • PVS devices exist in the PVS collection.
  • All target devices are joined to the domain at the same OU.
  • A host record of the hypervisor environment where on-prem VMs are located is created in XenDesktop.
  • The correct domain is chosen before the client’s domain. This must occur before connecting to the PVS Server in the wizard.