Product Documentation


Nov 06, 2017

The following graphic shows all the core components in a XenApp and XenDesktop Service deployment in Citrix Cloud. 

localized image

XenApp and XenDesktop Service components

As shown in the graphic, Citrix manages the core components in Citrix Cloud. Citrix also takes care of installing and upgrading those components. (This differs from a customer-managed XenApp and XenDesktop deployment, where you are responsible for installing, managing, and upgrading the core components.)

Your applications and desktops reside in one or more resource locations. You install and manage most components in each resource location. The exceptions are the Citrix Cloud Connectors. You install the Cloud Connectors; Citrix manages them.

The following graphic shows a layer view of the XenApp and XenDesktop Service components.

localized image

Layer view of XenApp and XenDesktop Service components

Citrix Receiver is installed on user devices and other endpoints, such as virtual desktops. Citrix Receiver provides users with secure, self-service access to documents, applications, and desktops from any device, including smartphones, tablets, and PCs. Citrix Receiver provides on-demand access to Windows, web, and Software as a Service (SaaS) applications. For devices that cannot install Citrix Receiver software, Citrix Receiver for HTML5 provides a connection through a HTML5-compatible web browser.

Citrix Cloud components

Citrix installs and manages the following components in Citrix Cloud.

Delivery Controller

The Delivery Controller is the central control layer component in a XenApp or XenDesktop deployment. The Controller's services communicate through the Cloud Connectors in each resource location to:

  • Distribute applications and desktops.
  • Authenticate and manage user access.
  • Broker connections between users and their virtual desktops and applications.
  • Optimize use connections, and load-balance these connections.
  • Track which users are logged on and where, which session resources the users have, and if users need to reconnect to existing applications. This includes managing the state of desktops, starting and stopping them based on demand and administrative configuration.

Data from the Controller services is stored in a Microsoft SQL Server site database. A XenApp and XenDesktop deployment also uses a Configuration Logging database, plus a monitoring database used by Director.

When the Citrix Cloud is hosted on Microsoft Azure, SQL Server on Azure VMs (IaaS) is supported. Azure SQL (PaaS) Database is not supported.

Citrix license management

License management functionality communicates with the Controller to manage licensing for each user's session and allocate license files. The customer administrator does not need to configure or manage anything with licensing. All of that work is done automatically in Citrix Cloud.

Citrix Studio

Studio is the management console you use to configure and manage connections, machine catalogs, and Delivery Groups. Studio launches when you select Manage in the Citrix Cloud console. 

Citrix Director

Director enables IT support and help desk teams to monitor an environment, troubleshoot issues before they become system-critical, and perform support tasks for end users. Displays include:

  • Real-time session data from the Broker Service in the Controller, which includes data from the broker agent in the VDA.
  • Historical data from the Monitor Service in the Controller.
  • Data about HDX traffic (also known as ICA traffic).

Director provides the data when you select Monitor in the Citrix Cloud console.

Citrix StoreFront

In the access layer, StoreFront authenticates users to deployments hosting resources, and manages stores of desktops and applications that users access. It can host the enterprise application store, which gives users self-service access to desktops and applications that are available to them. It also keeps track of users’ application subscriptions, shortcut names, and other data to ensure users have a consistent experience across multiple devices.

Although Citrix installs and manages StoreFront servers in Citrix Cloud, you can also optionally install StoreFront servers in resource locations.

NetScaler Gateway

When users connect from outside the corporate firewall, XenApp and XenDesktop can use Citrix NetScaler Gateway technology to secure these connections with TLS. The NetScaler Gateway or NetScaler VPX virtual appliance is an SSL VPN appliance that is deployed in the DMZ to provide a single secure point of access through the corporate firewall. 

Although Citrix installs and manages NetScaler Gateway in Citrix Cloud, you can also optionally install NetScaler Gateway in resource locations.

Components in resource locations

A resource location contains resources required to deliver services to your subscribers (users). You manage these resources from Citrix Cloud.  Resource locations contain different resources depending on which Citrix Cloud services you're using and the services you want to provide to your users.

To interact with Citrix Cloud, each resource location needs Cloud Connectors and access to a Microsoft Active Directory domain.

In a XenApp and XenDesktop Service deployment, a resource location contains items from the access layer and resource layer:

  • Cloud Connectors
  • Active Directory domain controller
  • Virtual Delivery Agents (VDAs)
  • Hypervisors that provision VDAs and store their data, if used
  • Citrix NetScaler Gateway (optional) 
  • StoreFront servers (optional)

Cloud Connector

Every resource location contains at least one Cloud Connector (two or more are recommended for redundancy). A Cloud Connector is the communications channel between the components in the Citrix Cloud and components in the resource location. In the resource location, the Cloud Connector acts as a proxy for the Delivery Controller in Citrix Cloud.

You install Cloud Connectors from the Citrix Cloud console. Citrix then manages and updates the Cloud Connectors automatically.

Virtual Delivery Agents (VDAs)

Each physical or virtual machine that delivers applications and desktops must have a VDA. The VDA registers with a Cloud Connector. After registration, connections are brokered from those resources to users. VDAs establish and manage the connection between the machine and the user device, and apply policies that are configured for the session.

The VDA communicates session information to the Cloud Connector through a broker agent in the VDA. The broker agent hosts multiple plugins and collects real-time data.

VDAs are available for Windows server and desktop operating systems. VDAs for Windows server operating systems allow multiple users to connect to the server at one time. VDAs for Windows desktop operating systems allow only one user to connect to the desktop at a time. Linux VDAs are also available.

Throughout this documentation, "VDA" refers to the agent as well as the machine on which it is installed.

Hypervisors and cloud services

A hypervisor or cloud service contains the VDAs that host applications and desktops.

To provision virtual machines that deliver applications and desktops, you can use:

  • Machine Creation Services: The MCS technology is built into Studio and is accessed automatically through the Citrix Cloud Console. MCS creates copies of a master image to create and provision VMs.
  • Provisioning Services: The PVS technology streams a master image to user devices. PVS doesn't require a hypervisor, so you can provision physical machines. 
  • Another provisioning tool of your choice.

Although many deployments use hypervisors, you don't need one if:

  • Your applications and desktops are hosted on physical machines.
  • You use Provisioning Services to provision VMs.
  • You want to deploy Remote PC Access, which enables employees to remotely access their physical PCs.

Active Directory

Although not a XenApp or XenDesktop component, Microsoft Active Directory is required for authentication and authorization in any XenApp and XenDesktop deployment. The Kerberos infrastructure in Active Directory is used to guarantee the authenticity and confidentiality of communications with Citrix Cloud.

Items that help deliver desktops and applications

As part of delivering applications and desktops to users, you configure the following items.

Host connection

A host connection enables communication between components in the control plane and VDAs in a hypervisor or cloud service. Connection specifications include:

  • The address and credentials needed to access the host
  • Which tools you'll use to create VMs
  • Storage method to use, and machines to use for storage
  • Which network the VMs will use

Machine catalog

A machine catalog is a collection of virtual or physical machines that have the same operating system type: server or desktop.

If you use VMs, you can create a master image (also known as template) on the hypervisor or cloud service, and install a VDA on the master image. You can also install applications on the master image, if you want them to appear on all machines created from that image and don't want to virtualize them. Then, you create a catalog using a Citrix tool (MCS or PVS) or your own tools. With MCS and PVS, the catalog creation process provisions identical VMs from that image. 

If you use your own tools to provision VMs, or if you use physical machines, the catalog creation process simply adds those machines to the catalog.

Delivery Group

A Delivery Group specifies:

  • One or more machines from a machine catalog.
  • Optionally, users who are allowed to access those machines.  (Alternatively, you can specify users through the Citrix Cloud console.)
  • Optionally, which applications and desktops users can access. (Alternatively, you can specify applications through the Citrix Cloud console.)

More information