The following graphic shows all the core components in a XenApp and XenDesktop Service deployment in Citrix Cloud.
XenApp and XenDesktop Service components
As shown in the graphic, Citrix manages the core components in Citrix Cloud. Citrix also takes care of installing and upgrading those components. (This differs from a customer-managed XenApp and XenDesktop deployment, where you are responsible for installing, managing, and upgrading the core components.)
Your applications and desktops reside in one or more resource locations. You install and manage most components in each resource location. The exceptions are the Citrix Cloud Connectors. You install the Cloud Connectors; Citrix manages them.
The following graphic shows a layer view of the XenApp and XenDesktop Service components.
Layer view of XenApp and XenDesktop Service components
Citrix Receiver is installed on user devices and other endpoints, such as virtual desktops. Citrix Receiver provides users with secure, self-service access to documents, applications, and desktops from any device, including smartphones, tablets, and PCs. Citrix Receiver provides on-demand access to Windows, web, and Software as a Service (SaaS) applications. For devices that cannot install Citrix Receiver software, Citrix Receiver for HTML5 provides a connection through a HTML5-compatible web browser.
Citrix installs and manages the following components in Citrix Cloud.
The Delivery Controller is the central control layer component in a XenApp or XenDesktop deployment. The Controller's services communicate through the Cloud Connectors in each resource location to:
Data from the Controller services is stored in a Microsoft SQL Server site database. A XenApp and XenDesktop deployment also uses a Configuration Logging database, plus a monitoring database used by Director.
When the Citrix Cloud is hosted on Microsoft Azure, SQL Server on Azure VMs (IaaS) is supported. Azure SQL (PaaS) Database is not supported.
Citrix license management
License management functionality communicates with the Controller to manage licensing for each user's session and allocate license files. The customer administrator does not need to configure or manage anything with licensing. All of that work is done automatically in Citrix Cloud.
Studio is the management console you use to configure and manage connections, machine catalogs, and Delivery Groups. Studio launches when you select Manage in the Citrix Cloud console.
Director enables IT support and help desk teams to monitor an environment, troubleshoot issues before they become system-critical, and perform support tasks for end users. Displays include:
Director provides the data when you select Monitor in the Citrix Cloud console.
In the access layer, StoreFront authenticates users to deployments hosting resources, and manages stores of desktops and applications that users access. It can host the enterprise application store, which gives users self-service access to desktops and applications that are available to them. It also keeps track of users’ application subscriptions, shortcut names, and other data to ensure users have a consistent experience across multiple devices.
Although Citrix installs and manages StoreFront servers in Citrix Cloud, you can also optionally install StoreFront servers in resource locations.
When users connect from outside the corporate firewall, XenApp and XenDesktop can use Citrix NetScaler Gateway technology to secure these connections with TLS. The NetScaler Gateway or NetScaler VPX virtual appliance is an SSL VPN appliance that is deployed in the DMZ to provide a single secure point of access through the corporate firewall.
Although Citrix installs and manages NetScaler Gateway in Citrix Cloud, you can also optionally install NetScaler Gateway in resource locations.
A resource location contains resources required to deliver services to your subscribers (users). You manage these resources from Citrix Cloud. Resource locations contain different resources depending on which Citrix Cloud services you're using and the services you want to provide to your users.
To interact with Citrix Cloud, each resource location needs Cloud Connectors and access to a Microsoft Active Directory domain.
In a XenApp and XenDesktop Service deployment, a resource location contains items from the access layer and resource layer:
Every resource location contains at least one Cloud Connector (two or more are recommended for redundancy). A Cloud Connector is the communications channel between the components in the Citrix Cloud and components in the resource location. In the resource location, the Cloud Connector acts as a proxy for the Delivery Controller in Citrix Cloud.
You install Cloud Connectors from the Citrix Cloud console. Citrix then manages and updates the Cloud Connectors automatically.
Virtual Delivery Agents (VDAs)
Each physical or virtual machine that delivers applications and desktops must have a VDA. The VDA registers with a Cloud Connector. After registration, connections are brokered from those resources to users. VDAs establish and manage the connection between the machine and the user device, and apply policies that are configured for the session.
The VDA communicates session information to the Cloud Connector through a broker agent in the VDA. The broker agent hosts multiple plugins and collects real-time data.
VDAs are available for Windows server and desktop operating systems. VDAs for Windows server operating systems allow multiple users to connect to the server at one time. VDAs for Windows desktop operating systems allow only one user to connect to the desktop at a time. Linux VDAs are also available.
Throughout this documentation, "VDA" refers to the agent as well as the machine on which it is installed.
Hypervisors and cloud services
A hypervisor or cloud service contains the VDAs that host applications and desktops.
To provision virtual machines that deliver applications and desktops, you can use:
Although many deployments use hypervisors, you don't need one if:
Although not a XenApp or XenDesktop component, Microsoft Active Directory is required for authentication and authorization in any XenApp and XenDesktop deployment. The Kerberos infrastructure in Active Directory is used to guarantee the authenticity and confidentiality of communications with Citrix Cloud.
As part of delivering applications and desktops to users, you configure the following items.
A host connection enables communication between components in the control plane and VDAs in a hypervisor or cloud service. Connection specifications include:
A machine catalog is a collection of virtual or physical machines that have the same operating system type: server or desktop.
If you use VMs, you can create a master image (also known as template) on the hypervisor or cloud service, and install a VDA on the master image. You can also install applications on the master image, if you want them to appear on all machines created from that image and don't want to virtualize them. Then, you create a catalog using a Citrix tool (MCS or PVS) or your own tools. With MCS and PVS, the catalog creation process provisions identical VMs from that image.
If you use your own tools to provision VMs, or if you use physical machines, the catalog creation process simply adds those machines to the catalog.
A Delivery Group specifies: