Product documentation
Citrix Provisioning
Current Release 2311 2308 2305 2303 2212 2209 2206 2203 LTSR 1912 LTSR 7.15
View PDF

VMware cloud and partner solutions

November 7, 2023
Contributed by: 
C

Citrix Provisioning supports the following VMware cloud and partner solutions:

Note:

The VMware cloud and partner solutions are supported from Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) or if you have a Hybrid Rights License.

Azure VMware Solution (AVS) integration

Citrix Provisioning supports AVS. AVS provides cloud infrastructure containing vSphere clusters created by Azure infrastructure. Leverage Citrix Provisioning to use AVS for provisioning your VDA workload in the same way that you would using vSphere in on-premises enviornments.

Setting up the AVS cluster

To enable Citrix Provisioning to use AVS, do the following steps in Azure:

  • Request a host quota
  • Register the Microsoft.AVS resource provider
  • Network Checklist
  • Create an Azure VMware Solution private cloud
  • Access an Azure VMware Solution private cloud
  • Configure networking for your VMware private cloud in Azure
  • Configure DHCP for Azure VMware Solution
  • Add a network segment in Azure VMware Solution
  • Verify Azure VMware Solution environment

Request host quota for Azure Enterprise Agreement customers

In the Azure portal’s Help + Support page select New support request, and include the following information:

  • Issue type:Technical
  • Subscription:Select your subscription
  • Service:All services > Azure VMware Solution
  • Resource:General question
  • Summary:Need capacity
  • Problem type:Capacity Management Issues
  • Problem subtype:Customer Request for Additional Host Quota/Capacity

In the Description of the support ticket, incldue the following information in the Details tab:

  • POC or Production
  • Region Name
  • Number of hosts
  • Any other details

Note:

AVS requires a minimum of three hosts, and recommends that you use redundancy of N+1 hosts.

After specifying details for the support ticket, select Review + Create to submit the request to Azure.

Register the Microsoft.AVS resource provider

After requesting the host quota, register the resource provider:

  1. Sign in to the Azure portal.
  2. On the Azure portal menu, select All services.
  3. In the All services menu, enter the subscription, and select Subscriptions.
  4. Select the subscription from the subscription list.
  5. Select Resource providers and enter Microsoft.AVS in the search bar.
  6. If the resource provider is not registered, select Register.

Networking considerations

AVS offers networking services requiring specific network address ranges and firewall ports. See Networking planning checklist for Azure VMware Solution for more information.

Create an Azure VMware Solution private cloud

After conidering network requirements for your environment, create a ASV private cloud:

  1. Sign in to the Azure portal.
  2. Select Create a new resource.

  3. In the Search the Marketplace text box type, Azure VMware Solution, and select Azure VMware Solution from the list.

    Azure ASV private cloud setup

In the Azure VMware Solution window:

  1. Select Create.
  2. Click the Basics tab.
  3. Enter values for the fields, using the information in the table below:
Field Value
Subscription Select the subscription you plan to use for the deployment. All resources in an Azure subscription are billed together.
Resource group Select the resource group for your private cloud. An Azure resource group is a logical container into which Azure resources are deployed and managed. Alternatively, you can create a new resource group for your private cloud.
Location Select a location, such as east us. This is the region you defined during the planning phase.
Resource name Provide the name of your Azure VMware Solution private cloud.
SKU Select AV36.
Hosts Shows the number of hosts allocated for the private cloud cluster. The default value is 3, which can be raised or lowered after deployment.
Address block Provide an IP address block for the private cloud. The CIDR represents the private cloud management network and will be used for the cluster management services, such as vCenter Server and NSX-T Manager. Use /22 address space, for example, 10.175.0.0/22. The address should be unique and not overlap with other Azure Virtual Networks as well as with on-premises networks.
Virtual Network Leave this blank because the Azure VMware Solution ExpressRoute circuit is established as a post-deployment step.

In the Create a private cloud screen:

  1. In the Location field, select the region that has the AVS; the resource group region is the same as the AVS region.
  2. In the SKU field, select AV36 Node.
  3. Specify an IP address in the Address Block field. For example, 10.15.0.0/22.
  4. Select Review + Create.
  5. After reviewing the information, click Create.

Azure ASV create private cloud

Tip:

Creating a private cloud can take 3-4 hours. Adding a single host to cluster can take 30-45 minutes.

Verify that the deployment was successful. Navigate to the resource group you created and select your private cloud. Once the Status is Succeeded the deployment is complete.

Azure ASV verify connection

Access an Azure VMware Solution private cloud

Once you have created a private cloud, create a Windows VM and connect to the local vCenter of your private cloud.

Create a new Windows virtual machine
  1. In the resource group, select + Add then search and select Microsoft Windows 10/2016/2019.
  2. Click Create.
  3. Enter the required information, then select Review + Create.
  4. Once validation passes, select Create to start the virtual machine creation process.
Connect to the local vCenter of your private cloud

  1. Sign in to vSphere Client with VMware vCenter SSO as a cloud administrator.

    Azure ASV vSphere login

  2. In the Azure portal, select your private cloud, and then Manage> Identity.

The URLs and user credentials for private cloud vCenter and NSX-T Manager appear:

Azure ASV setup vCenter

After confirming URLs and user credentials:

  1. Navigate to the VM you created in the preceding step and connect to the virtual machine.

  2. In the Windows VM, open a browser and navigate to the vCenter and NSX-T Manger URLs in two browser tabs. In the vCenter tab, enter the cloudadmin@vmcp.local user credentials from the previous step.

Configure networking for your VMware private cloud in Azure

After accessing an ASV private cloud, configure networking by creating a virtual network and gateway.

Create a virtual network
  1. Sign in to the Azure portal.
  2. Navigate to the previously created resource group.
  3. Select + Add to define a new resource.
  4. In the Search the Marketplace text box, type virtual network. Find the virtual network resource and select it.
  5. On the Virtual Network page, select Create to set up the virtual network for your private cloud.
  6. On the Create Virtual Network page, enter the details for your virtual network.
  7. On the Basics tab, enter a name for the virtual network, select the appropriate region, and click Next : IP Addresses.
  8. On the IP Addresses tab, under IPv4 address space, enter the previously created address.

Important:

Use an address that does not overlap with the address space you used when you created your private cloud.

After entering the address space:

  1. Select + Add subnet.
  2. On the Add subnet page, give the subnet a name and appropriate address range.
  3. Click Add.
  4. Select Review + create.
  5. Verify the information and click Create. Once the deployment is complete, the virtual network appears in the resource group.
Create a virtual network gateway

After creating a virtual network, create a virtual network gateway.

  1. In your resource group, select + Add to add a new resource.
  2. In the Search the Marketplace text box, type virtual network gateway. Find the virtual network resource and select it.
  3. On the Virtual Network gateway page, click Create.
  4. On the Basics tab in the Create virtual network gateway page, provide values for the fields.
  5. Click Review + create.

Azure ASV setup vCenter

After reviewing the virtual network gateway configuration, click Create to deploy your virtual network gateway. Once the deployment completes, connect your ExpressRoute connection to the virtual network gateway containing your Azure AVS private cloud.

Connect ExpressRoute to the virtual network gateway

After deploying a virtual network gateway, add a connection between it and your Azure AVS private cloud:

  1. Request an ExpressRoute authorization key.
  2. In the Azure portal, navigate to the Azure VMware Solution private cloud. Select Manage> Connectivity > ExpressRoute and then select + Request an authorization key.

Azure ASV request authorization key

After requesting an authorization key:

  1. Enter a name for the key and click Create. It may take about 30 seconds to create the key. Once created, the new key appears in the list of authorization keys for the private cloud.
  2. Copy the authorization key and ExpressRoute ID. You’ll need them to complete the peering process. The authorization key disappears after some time, so copy it as soon as it appears.
  3. Navigate to the virtual network gateway you plan to use and select Connections> + Add.
  4. On the Add connection page, provide values for the fields, and select OK.

Azure ASV add connection

The connection is established between your ExpressRoute circuit and your virtual network:

Azure ASV successful connection

Configure DHCP for Azure VMware Solution

After connecting ExpressRoute to the virutal gateway, configure DHCP.

Use NSX-T to host your DHCP server

In NSX-T Manager:

  1. Select Networking> DHCP, and then select Add Server.
  2. Select DHCP for the Server Type, provide the server name and IP address.
  3. Click Save.
  4. Select Tier 1 Gateways, select the vertical ellipsis on the Tier-1 gateway, and then select Edit.
  5. Select No IP Allocation Set to add a subnet.
  6. Select DHCP Local Server for the Type.
  7. For the DHCP Server, select Default DHCP, and then click Save.
  8. Click Save again and then select Close Editing.

Azure ASV add NSX-T server

Add a network segment in Azure VMware Solution

After settnig up DHCP, add a network segment.

To add a network segment, in NSX-T Manager, select Networking> Segments, and then click Add Segment.

Azure ASV add NSX-T segment

In the Segments profile screen:

  1. Enter a name for the segment.
  2. Select the Tier-1 Gateway (TNTxx-T1) as the Connected Gateway and leave the Type as Flexible.
  3. Select the pre-configured overlay Transport Zone(TNTxx-OVERLAY-TZ).
  4. Click Set Subnets.

Azure ASV add NSX-T segment profiles

In the Subnets section:

  1. Enter the gateway IP address.
  2. Select Add.

Important:

This segment IP address must belong to the Azure gateway IP address, 10.15.0.0/22.

DHCP range should be belong to segment IP address:

Azure ASV add NSX-T segment DHCP range

Select No to decline the option to continue configuring the segment:

Azure ASV add NSX-T finish setup

In vCenter, select Networking > SDDC-Datacenter:

Azure ASV add NSX-T vCenter

Verify the Azure AVS environment

  1. Setup a direct connection and connector in the Azure resource group:

    Azure ASV ASV verify connection

  2. Verify the connection with vCenter credentials.

VMware cloud on AWS

VMware cloud on AWS enables you to migrate VMware based on-premises Citrix workloads to AWS Cloud and your core Citrix Virtual Apps and Desktops environment to Citrix DaaS (formerly Citrix Virtual Apps and Desktops service).

Access the VMware cloud environment

  1. Log in to VMware cloud services using the URL.
  2. Click VMware Cloud on AWS. The page SDDC appears.
  3. Click OPEN VCENTER, and then click SHOW CREDENTIALS. Note the credentials for later use.
  4. Open a Web browser, and enter the URL for the vSphere Web Client.
  5. Enter the credentials as noted and click Login. The vSphere client webpage is similar to the on-premises environment.

For more and updated information on VMware Cloud on AWS, see VMware Cloud on AWS Documentation.

About VMware cloud environment

There are four views on the vSphere client webpage.

  • Host and Cluster view: You cannot create a new Cluster, but the cloud admin can create multiple resource pools.
  • VM and Template view: Cloud admin can create many folders.
  • Storage View: Select WorkloadDatastore storage when you add hosting unit in the Citrix Studio because you have access to only Workload Datastore.
  • Network View: The icons are different for VMware cloud networks and opaque networks.

For more and updated information on VMware Cloud on AWS, see VMware Cloud on AWS Documentation.

Set up Citrix Provisioning environment on VMware Cloud on AWS

  1. Set up a domain controller or request for credentials for domain vmconaws.local.

  2. Use an existing template, or right-click Cluster and select New Virtual Machine to create the following three VMs:

    • Citrix Provisioning Server
    • Database Server
    • Cloud Connector for connecting to Citrix DaaS
  3. Create a host connection in Citrix Studio by selecting the VMware vSphere option, and select only WorkloadDatastore as Storage.

Google Cloud Platform (GCP) VMware Engine

Citrix Provisioning now allows you to migrate VMware based on-premises Citrix workloads to Google Cloud VMware Engine.

This article describes the procedure for configuring the GCP VMware Engine.

Access the VMware Engine portal

  1. In the Google Cloud Console, click the navigation menu.
  2. In the Compute section, click VMware Engine to open VMware Engine in a new browser tab.

Create first private cloud

Requirements

You must have access to Google Cloud VMware Engine, available VMware Engine node quota, and an appropriate IAM role. Prepare the following requirements before you continue to create your private cloud:

  1. Request API access and node quota. For more information, see Requesting API access and quota.
  2. Note the address ranges you want to use for VMware management appliances and the HCX deployment network. For more information, see Networking requirements.
  3. Get the VMware Engine Service Admin IAM role.

Create your first private cloud

  1. Access the VMware Engine portal.
  2. On the VMware Engine Home page, click Create a private cloud. The hosting location and hardware node types are listed.
  3. Select the number of nodes for the private cloud. At least three nodes are required.
  4. Enter a Classless Inter-Domain Routing (CIDR) range for the VMware management network.

  5. Enter a CIDR range for the HCX deployment network.

    Important:

    The CIDR range must not overlap with any of your on-premises or cloud subnets. The CIDR range must be /27or higher.

  6. Select Review and create.
  7. Review the settings. To change any settings, click Back.
  8. Click Create to begin creating the private cloud.

As VMware Engine creates your new private cloud, it deploys several VMware components and sets up initial autoscale policies for clusters in the private cloud. Private cloud creation can take 30 minutes to 2 hours. After the provisioning is complete, you receive an email.

Setup Google Cloud VMware Engine VPN Gateway

To establish an initial connectivity to Google Cloud VMware Engine, you can use a VPN gateway. This is an OpenVPN-based client VPN using which you can connect to your SDDC’s vCenter and do any initial configuration required.

Before deploying VPN gateway, configure the Edge Services range for the region where your SDDC is deployed. To do this:

  1. Log on to the Google Cloud VMware Engine portal, and go to Network > Regional Settings. Click Add Region.
  2. Choose the region where your SDDC is deployed and enable Internet Access and Public IP Service.

  3. Supply the Edge Services range noted during planning and click Submit. Enabling these services takes 10–15 minutes.

    Once complete, the Edge Services show as Enabled on the Regional Settings page. Enabling these settings allow Public IPs to be allocated to your SDDC, which is a requirement for deploying a VPN gateway.

To deploy a VPN gateway:

  1. In the Google Cloud VMware Engine portal, go to Network > VPN Gateways. Click Create New VPN Gateway.
  2. Supply the name for the VPN gateway and the client subnet reserved during planning. Click Next.
  3. Select users to grant VPN access. Click Next.
  4. Specify the networks that must be accessible over VPN. Click Next.
  5. A summary screen is displayed. Verify the selections, and click Submit to create the VPN Gateway. The VPN Gateways page is displayed with the status of the new VPN gateway as Creating.
  6. After the status changes to Operational, click the new VPN gateway.
  7. Click Download my VPN configuration to download a ZIP file containing pre-configured OpenVPN profiles for the VPN gateway. Profiles for connecting through UDP/1194 and TCP/443 are available. Choose your preference and import it into Open VPN, and then connect.
  8. Go to Resources and select your SDDC.

Connect the VPN

Connect to VPN through Azure machine:

  1. Create an Azure machine in Azure portal.
  2. Download and install the installer OpenVPN.
  3. Open the OpenVPN.
  4. Upload the VPN file and connect the VPN.

Create first subnet

Access NSX-T Manager from the VMware Engine portal

The process of creating a subnet happens in NSX-T, which you access through VMware Engine. Do the following to access NSX-T Manager.

  1. Log on to the Google Cloud VMware Engine portal.
  2. From the main navigation, go to Resources.
  3. Click the Private cloud name corresponding to the private cloud where you want to create the subnet.
  4. On the details page of your private cloud, click the vSphere Management Network tab.
  5. Click the FQDN corresponding to the NSX-T Manager.

  6. When prompted, enter your sign-in credentials. If you have set up vIDM and connected it to an identity source, such as Active Directory, use your identity source credentials.

    Reminder:

    You can retrieve generated credentials from the private cloud details page.

Set up DHCP service for the subnet

Before you can create a subnet, set up a DHCP service:

In NSX-T Manager:

  1. Go to Networking > DHCP. The networking dashboard shows that the service creates one Tier-0 and one Tier-1 gateway.
  2. To begin provisioning a DHCP server, click Add Server.
  3. Select DHCP for the Server Type. Provide the server name and IP address.
  4. Click Save to create the DHCP service.

Do the following to attach this DHCP service to the relevant Tier-1 gateway. A default Tier-1 gateway is already provisioned by the service:

  1. Select Tier 1 Gateways, select the vertical ellipsis on the Tier-1 gateway, and then select Edit.
  2. In the IP Address Management field, select No IP Allocation Set.
  3. Select DHCP Local Server for the Type.
  4. Select the DHCP server that you created for the DHCP Server.
  5. Click Save.
  6. Click Close Editing.

You can now create a network segment in NSX-T. For more information about DHCP in NSX-T, see the VMware documentation for DHCP.

Create a network segment in NSX-T

For workload VMs, you create subnets as NSX-T network segments for your private cloud:

  1. In NSX-T Manager, go to Networking > Segments.
  2. Click Add Segment.
  3. Enter a name for the segment.
  4. Select the Tier-1 as the Connected Gateway and leave the Type as Flexible.
  5. Click Set Subnets.
  6. Click Add Subnets.
  7. Enter the subnet range in the Gateway IP/Prefix Length. Specify the subnet range with .1 as the last octet. For example, 10.12.2.1/24.
  8. Specify the DHCP Ranges and click ADD.
  9. In Transport Zone, select TZ-OVERLAY | Overlay from the drop-down list.
  10. Click Save. You can now select this network segment in vCenter when creating a VM.

In a given region, you can set up at most 100 unique routes from VMware Engine to your VPC network using private services access. This includes, for example, private cloud management IP address ranges, NSX-T workload network segments, and HCX network IP address ranges. This limit includes all private clouds in the region.

Note:

There is a GCP configuration issue because of which you need to configure DHCP range setting several times. Therefore, make sure to configure the DHCP range setting after GCP configuration. Click EDIT DHCP CONFIG to configure the DHCP ranges.

Edit DHCP Configuration Set DHCP Configuration

Set up Citrix Provisioning environment on Google Cloud VMware Engine

  1. Install desktop and server VMs. Run Windows updates for both VMs. Turn them into templates.
  2. Create the following VMs:
    • Domain controller with DNS. Be sure to use static DNS pointing to this VM to join the newly created domain.
    • Citrix Provisioning Server
    • SQL Server
    • Connector VM
    • UEFI PVS target VM
    • EFI PVS target VM
  3. Create a host connection in Citrix Studio:
    1. Launch the Citrix Studio.
    2. Select the hosting node, and click Add Connection and Resources.

    3. On the Connection screen, select Create a new Connection, and the following details:

      Image of Adding connection and resources

      1. Select Connection type as VMware vSphere.
      2. In the Connection address, enter the vCenter private IP address.
      3. Enter the vCenter credentials.
      4. Enter a connection name.
      5. Choose the tool to create virtual machines.
    4. On the Network screen, select the subnet created in NSX-T server.
    5. Click through the screens to complete the wizard.
VMware cloud and partner solutions
November 7, 2023
Contributed by: 
C
November 7, 2023
Contributed by: 
C

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.