The Cloud Forward Design Pattern

Overview

Organizations of all shapes and sizes are making the move to “the cloud” and subscription based managed services. For customers who are all in on “the cloud” (or interested in experiencing the best of what the cloud has to offer), the Cloud Forward design pattern is a great match. The Cloud Forward design pattern:

  • Uses state of the art, cloud-delivered services from Citrix and Google.
  • Is commonly used for new deployments, in addition to technology evaluation, proofing, training, and other use cases that value simplicity, flexibility, and speed of deployment.
  • Requires no existing infrastructure or licenses, and can be built in less than 30 minutes using Google Deployment Manager templates such as the Citrix on GCP GitHub project.
  • Provides high availability of all critical services.
  • Creates a Citrix Cloud “resource location” - the foundation of the other two patterns outlined here.

All you need to get started is a GCP Project and access to a Citrix Desktops-as-a-Service (DaaS) subscription. Evaluation subscriptions to Citrix Cloud are available through Citrix and Citrix authorized resellers. Google also offers new customers a free trial which includes $300 of Google Cloud credit.

Note:

The GCP free trial does not include the use of Windows Server images, as noted in the Google Cloud Free Tier document. To use Windows Server images you must upgrade to a paid account in GCP. Your free credits still apply when you upgrade to a paid account as noted in the Upgrading to a paid account section Google Cloud Free Tier document.

Cloud Forward Design Pattern

This design pattern uses more than one of all key resources (➊) deployed in separate zones in a given Google Cloud region for high availability.

Citrix Cloud Connectors (❷) are responsible for communications to and from Citrix Cloud (❻), using outbound TLS connections to Citrix Cloud services over the Internet. Once installed on domain-joined Windows Server VM instances, the Cloud Connector software is automatically updated and maintained by Citrix Cloud.

Apps and desktops are provided by Windows or Linux VM instances, or both running Citrix’s Virtual Delivery Agent (VDA) software (❸). The Citrix VDA software uses Citrix’s sophisticated HDX technology to provide the best possible user experience with virtualized applications and desktops. VDAs register with Citrix Cloud Connectors, which are responsible for brokering HDX session connections to the VDAs. HDX sessions are proxied into the VPC through the Cloud Connectors by default, or optionally through the Citrix Gateway Service by configuring the ‘rendezvous’ policy. VM instances can be optionally backed by Google Cloud GPUs to create virtual workstations, in turn accelerating graphics intensive applications.

Citrix VDAs are most commonly deployed close to the infrastructure required by the applications being delivered (❹). As such, the application infrastructure is typically deployed or migrated into the same region as the Citrix VDAs.

End-users use the Citrix Workspace app (❺) (CWA) to connect to and interact with virtualized applications and desktops using Citrix’s innovative HDX session remoting protocol. The CWA is available for almost any device or operating system, including Chrome OS, Windows, OSX, iOS, Android, and Linux.

This pattern uses the following cloud services (❻) from Citrix, which are secure and highly available by design:

  • Citrix Virtual Apps and Desktop Service: provides session brokering, load management, single instance image management, monitoring, and cost/capacity management services.
  • Citrix Workspace service: the user interface of the solution. This web service provides multifactor authentication, content presentation, and launching services for the Citrix Workspace app. This service consolidates access to virtualized applications and desktops, web, and SaaS applications, in addition to Enterprise file stores.
  • Citrix Gateway Service: provides secure access to virtualized applications and desktops, in addition to Enterprise web applications, to devices on public networks.
  • Citrix Analytics Service: uses advanced machine learning technologies to provide enterprise-grade security, performance, and user behavioral analytics and reporting.

This design pattern can also be paired with a Google Cloud VPN/Interconnect to extend existing Active Directory investments (❽) into Google Cloud or to provide access to traditional, on-premises, customer managed applications and infrastructure.

It ought to be clear that the architecture of the cloud forward design pattern creates a Citrix Cloud resource location. This is the common foundation shared across all three patterns presented here. The differences between the patterns lie in which technologies are used to service the five components of a Citrix virtualization system outlined in the following table. With the cloud forward design pattern, cloud services are used for all five components:

Session brokering and administration Citrix Desktops-as-a-Service - (DaaS) (cloud service)
User interface (UI) services Citrix Workspace service (cloud service)
Authentication Citrix Workspace service, Active Directory as IdP
HDX session proxy Citrix Gateway Service (cloud service)
Analytics Citrix Analytics Service (cloud service)

The cloud forward design pattern can be replicated, using the same Active Directory (or not) in different Google Cloud regions. This makes the pattern useful for deployments with geographically distributed applications and data. This pattern, for production deployments, is often extended by connecting the resource location in GCP to customer managed data centers using Google Cloud VPN, Google Cloud Interconnect. Such a private network connection allows you to extend key services (such as Microsoft Active Directory) up into Google Cloud. This can provide VDAs with access to applications and resources that have not yet been migrated. It can also act as a conduit to migrate apps and data up into Google Cloud. While not shown in the preceding diagram, the Citrix Workspace Environment Management service is commonly used, especially as systems make their way to production. The Workspace Environment Management service uses intelligent resource management and Profile Management technologies to deliver the best possible performance, desktop logon, and application response times for Citrix Virtual Apps and Desktops deployments. See User Environment/Settings Management later in this guide for more details.

The Cloud Forward Design Pattern