Application virtualization, IoT and Cloud Computing, Blog of Sacha Thomet

Design

about design and conceptual things

Tokenbased Citrix VDA registration

Over the past few months, Citrix has made significant investments to make the Virtual Desktop Agents (VDAs) independent of Windows domains. This was particularly important for Linux and Mac systems, and for some time now, it has been possible to provision non-domain-joined VDIs in Azure using Citrix tools. New in version 2407, available for the first time as a Tech Preview, is the ability to integrate Windows machines provisioned through other methods using a token, without requiring a domain, Delivery Controller, or Cloud Connector.

During the VDA installation, instead of specifying a Delivery Controller (DDC), the token can be directly provided:

(Important: The token itself, not the path to the token file, must be specified. This will maybe in future changed to provide a token File).
Instructions from Citrix: https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/install-configure/install-vdas.html#step-7-delivery-controller-addresses

The token must be generated first in the Citrix DaaS Console on the appropriate machine catalog where the VDA is to be integrated, via right-click:



It has to be a machine catalog with the Provisioning Method on the Setting Manual.
A single token can be used to deploy up to 100 VDAs, and the token is valid for a maximum of 14 days.

The installation steps are also described in the “Review the enrollment steps” section.

I used this new feature to integrate Azure AVD VMs created via pipeline into Citrix, which I had previously used through AVD. Now, I essentially have a VDI that I can broker and connect to traditionally via Microsoft, but also through Citrix. You may ask yourself why someone want to have the whole Citrix brokering stuff, but not using the Citrix provisioning method for Azure (MCS), this can have different reason, possibly because someone want to use an automated IaaS pipeline with bicep and have control over the provisioning / building of the infrastructure, or other obstacles to not using the Citrix techniques to build VMs. I can’t say more here, I just see a way to make things different and gain more control but still use the advantage of the Citrix techniques in brokering and the ICA protocol.

Since my machines are only in Azure AD, it is important that I configured the delivery group to set the LogonType to AzureAD. I accomplished this with the command:
Set-BrokerDesktopGroup <DeliveryGroupName> -MachineLogonType AzureAD

Additionally, if I still want to access the machine without Citrix, I need to add my user to the Direct Connection Access group. Otherwise, when connecting without Citrix, I will receive the following error:

These are my first experiences with the new token-based VDA rollout. Naturally, these steps must be automated for a business environment when using the token, whereas in my hands-on experiment, everything was done manually through the graphical interface. If you are experimenting with this, please keep in mind that’s a TechPreview and not yet GA.

My Smart Home – Chapter 3-2: Smartacus – Use cases

Article will be translated to english soon

Die Anwendungsfälle von IoT sind nahezu unbegrenzt, eher setzt die Vorstellungskraft Grenzen als die Technik. Wie Smartacus auf Ihrer Webseite wirbt sind im Bereich Smart Home folgende 3 Ziele die am meisten gesehenen:

  • Energieverbräuche senden (“intelligentes” Heizen und Beleuchten)
  • Komfort steigern (z.B. Szenenbasierte Geräte/Lichtsteuerung)
  • Sicherheit erhöhen (Licht einschalten beim Heimkommen, aktive Sensoren bei Abwesenheit)

Ich habe mit der Smart Home Geschichte angefangen, weil ich es spannend finde zu sehen was möglich ist, meiner Frau verkaufe ich es natürlich als Komfortverbesserung.

Achtung! Mit einem falsch eingesetzten Smart Home lässt sich im Übrigen auch genau das Gegenteil erreichen! Ein nicht gut konfiguriertes System kann den Komfort verschlechtern, die Sicherheit reduzieren oder auch mehr Energie verbrauchen. Hier ist es wichtig zu wissen was man macht und welche Produkte man einsetzt. Ich verzichte zum Beispiel absichtlich im Moment auf eine smarte Türöffnung wie es sie z.B. von Nuki gibt. Auch messe ich den Stromverbrauch meiner Komponenten bevor ich diese integriere. Die Smartacus Basisstation braucht zum Beispiel nur 7 Watt beim Start und 4 Watt im Betrieb.

Aber nun weiche ich vom Thema ab … eigentlich wollte ich in diesem Blog-Post Beispiele bringen wie Smartacus eingesetzt werden kann. Natürlich sind diese Anwendungsfälle auch auf andere Smart-Home Systeme anwendbar.

Hier meine ersten realisierten Anwendungsfälle

Intelligentes Heizen

Wer braucht 22° wenn er schläft? Ist es nicht Schade wenn in der Nacht die Wohnung stärker geheizt wird als nötig, bei tieferer Temperatur schläft man nicht nur besser sondern man spart auch Energie! Hier erreichen wir sowohl den Energiespar-Effekt wie auch die Komfortsteigerung. Zu realisieren ist das Ganze im Smartacus Portal via den Reiter Zeitsteuerung.

Auch wird viel Energie verpufft, wenn man Fenster oder Türen öffnet, gerade jetzt wo wir Temperaturen weit unter dem Gefrierpunkt haben, dreht die Heizung voll auf wenn es rapid Kalt wird.

Mit Einsatz eines Tür-/Fensterkontaktes (1) kann dies verhindert werden und wir heizen nicht das Dorf sondern der Heizkörper Thermostat (2) regelt die Temperatur runter. Dies geschieht über den Reiter Dienste:

Natürlich muss man dran denken auch einen “Gegendienst” zu bauen welcher bei Schliessung der Tür die Heizung wieder auf die Wunschtemperatur stellt.

Intelligentes Beleuchten

Früher habe ich Weihnachts-Beleuchtung einfach mit einer mechanischen Zeitschaltuhr dazu gebracht nur am Abend und am Morgen zu leuchten. Ein smarter Zwischenstecker (3) lässt sich zwar wie eine Zeitschaltuhr konfigurieren und man erreicht damit dass Weihnachtsdeko nicht für die Katze leuchtet, aber toll ist das man es Beispielsweise mit einem Multisensor (4) erweitern kann und somit die Beleuchtung auch abhängig von Helligkeit oder Bewegung steuern. So kann jemand um 02:00 in der Nacht an unserem Balkon vorbeilaufen und der Leuchtende Stern geht auch für diesen Nachtschwärmer an.

Intelligentes “dummes” Heizen

Dieser Winter war wieder besonders kalt und letzte Woche als bei uns eine Aussentemperatur von -14° Celsius herrschte ist es wieder passiert, uns sind im Keller die Wasserleitungen zu gefroren.

In unserem alten Haus, welches ein umgebautes Bauernhaus aus dem letzten Jahrhundert ist, lässt sich dieses Problem leider nur durch jeweils kurzfristiges elektrisches Heizen lösen. Im Keller gibt es keine Möglichkeit anders zu heizen. Eine leider sehr ineffiziente und verschwenderische Lösung.

Zum Glück reicht es, wenn wir im Keller eine Temperatur von 4-5° erreichen, das Problem ist dass sich die im Haushalt gebräuchlichen Elektroöfen nicht auf 4° einstellen lassen, die Skala beginnt irgendwo bei 15°.

Mit dem Multisensor (4) und einem smarter Zwischenstecker (3) lässt sich auch dieses Problem lösen und wir können unseren Keller auf 5° heizen.

IoT, LaMetric and mouse issues …

In summer 2014 I became a backer for the Kickstarter project LaMetric. LaMetric was advertised as a smart ticker for life and business. To be honest the Internet of Things (IoT) topic was not so present for me in summer 2014 and I just decided to spend some money for a cool gadget.

Last week I finally received my LaMetric Time and today I need to say it’s one of the coolest gadget I bought in the last months. With the acquisition of Octoblu, what Citrix made early this year and promoted on Citrix Synergy (especially on the GeekSpeak Tonight …) I’m now more aware of IoT an it’s possibilities!

LaMetric is the perfect IoT output device!

First LaMetric app

The creation of apps is pretty easy! On the LaMetric developper portal you can create your push or poll apps. With push you can transmit data to the LaMetric servers in JSON code. W ith pull it’s also easy, you just need a webserver on which you have a file in the correct format.

On this way I created the EuroMillions app which display the current Jackpot. The data are fetched from www.euro-millions.com and formatted with a small and simple PHP script:


{
 &quot;frames&quot;: [
 {
 &quot;index&quot;: 0,
 &quot;text&quot;: &quot;&lt;?php 
$host = &quot;http://www.euro-millions.com&quot;; 
$filestring = file_get_contents($host); 
$startpos = 0; 
// &lt;div class=&quot;est-jackpot&quot;&gt;&amp;euro;30&lt;span class=&quot;amount&quot;&gt;Million&lt;/span&gt;&lt;/div&gt;

while($pos = strpos($filestring, &quot;&gt;&amp;euro;&quot;, $startpos)) 
{ 
 $string = substr($filestring, $pos, strpos($filestring, &quot;&lt;span class=&quot;, $pos + 1) - $pos); 


 //echo $string. &quot; &quot;; 
 echo str_replace(&quot;&gt;&amp;euro;&quot;,&quot;&quot;,&quot;$string&quot;);

 $startpos = $pos + 1; 
} 

?&gt; Millions estimated in next Jackpot&quot;,
 &quot;icon&quot;: &quot;i616&quot;
 }
 ]
}

Result:

LaMetric-EuroMillions

 

First IoT LaMetric Project

Problem

I’m living in an old farmhouse which is converted with some apartments, but it’s still a old house with a lot of wood. And the old problems … mouses. So I have now since some weeks 4 mouse traps installed, not the killing traps, only those which able me to take the mouse out of my apartment.

Problem: Every morning I need to check all mouse traps, because the traps are hidden positioned an annoying daily work. And with the risk that the mouse need to wait hours until I find them.

Concept

Now the concept of my first IoT project is to get alerted as soon a mouse get in a trap.

I want to solve this with:

  • a modified mouse trap with an attached window/door sensor, something like this http://store.wirelesstag.net/products/reed-kumosensor
  • an Octoblu workflow
  • and LaMetric as Output device.

The result must be this:

LaMetricMouse

Implementation

Need some hours … I have to learn how to handle  octoblu and learn a bit of JSON.

Achieve fastest Citrix Provisioning Target Device

Citrix Provisioning Services is in my point of view an incomparable way to deliver a Software image to a  system. It’s not a kind of an known enterprise software deployment, rather it’s a way to stream a virtual disk during runtime to hardware. Beside of PVS, the acronym of Provisioning Services.

This article doesn’t explain what’s PVS and how it works. It only shows my personal best practice to have the fastest PVS target device. It’s maybe not the only one and right solution to work with PVS, e.g. for VDI other approaches would match better.  In the last couple of years I was working on multiple projects to introduce PVS OS streaming for XenApp servers on physical hardware or virtualized servers. The following instruction shows my way to deliver the fastest PVS Target for read-only XenApp servers, or in the XenApp replacement this  role is  Xen Desktop 7.x  App Edition called .

In this article I only mention performance relevant topics, I will not talk about HA, continuous availability or about PXE, TFTP and so on.

#1. Reduce reads from disk, make use of Standby Memory for vDisks

The best way to increase performance is to reduce work, in this  first step it’s to reduce the hard disk read by reading virtual hard disk files (VHD’s). This can be achieved by make use of the Windows disk cache, this approach is possible on physical PVS servers and as well on virtualized PVS servers on any hypervisor. Using the Windows disk cache means that files which are read from disk, are cached in Standby memory of the Server.
(If you are using XenServer as hypervisor have a look to the IntelliCache feature, http://blog.citrix24.com/how-does-intellicache-work. )

To make use of the file cache you need:

  • The vDisk on local drives, no CIFS share, no NFS share.
  • A plenty of memory to the PVS.

Having the vDisk’s on local disks is not the common way to work with PVS, keep in mind that you have to synchronize the files on all servers in PVS farm.

You can check if the file cache is used properly by having a look in the resource manager. If you have nearly no free memory and have a lot of use standby memory it’s a good sign:

ressourcemgr

To have a deep dive look in the cache use RamMap and keep an eye to File Summary:

rammap-vhd

 

#2. Use Target Device Write Cache on Ram

The second second way to increase performance is to use fastest possible storage, hard disk drives are quite fast today, solid state disks are faster but Ram is still the fastest memory. Because we need on the Target device only the Write Cache it doesn’t matter that the Ram is a transient memory.

A short performance comparison:

With AS SSD Benchmark you can measure the speed of your disk.

Target Device with WriteCache on Ram:
assd_benchmark_CacheRam

Target Device with WriteCache on local disk:
assd_benchmark_Cache_TargetDisk

( AS SSD Benchmark is Freeware and you can download and donate on: http://www.alex-is.de/PHP/fusion/downloads.php?cat_id=4&download_id=9 )

Keep in sight the Memory

When you working with Write Cache in the Target device Ram you must  appreciate the dangers of it … If you are running out of WriteCache the Target Device, perhaps a XenApp server with 50 users on it, will reboot immediately .
(By the way …  Citrix Provisioning Services 7.1 offers a great new feature, it’s the possibility to Cache to Ram with overflow to hard disk. Do not use it … it doesent work proper! Waiting for a hotfix.)

  • Plan the amount of real used Memory:Think how much of the Ram you will use for WriteCache, give as much as possible and consider the real memory usage of a fully loaded server. e.g. if you have a XenApp server as Target device with 16GB of Memory you can allocate 6GB for WriteCache and have still 10GB Memory for the XenApp servers. If you have special memory hungry application on the server you need maybe an other segmentation. It doesn’t exists a recipe, have a look on your currently productive servers about the used memory.
  • Reboot your Target device periodically to reset the used cache.
  • Reduce usage of Write Cache by redirecting as much as possible to an other disk drive, of course this is only possible if you still have a local disk attached to the Target Device.Good candidates to redirect are:
    • Printer Spooler
    • Pagefile
    • EventLog
    • EdgeSight database
  • Monitor your Write Cache,  a way to do this is e.g. using this small Powershell script on the PVS server with a scheduled task:
    (If you have PVS 7.1 with the newest Hotfixes I recommend to use WriteCache on Ram with overflow to hard disk)
#========================================================================
# Created on: 09.01.2014
# Created by: Sacha T. blog.sachathomet.ch
# Filename: Citrix-PVS-Get-Targetdevice-WriteCacheSize.ps1
#
# Descritpion: This script query the used write cache of the PVS farm
# connected target devices and write an event log entry if
# a target device exceed a definec % value of cache.
#
# Prerequisite: Script must run on a PVS server, where MCLI snap-in is registered.
#
# Register SnapIn with command: C:\WINDOWS\Microsoft.NET\Framework64
# \v2.0.50727\InstallUtil.exe 'C:\Program Files\Citrix\Provisioning S
# ervices Console\McliPSSnapIn.dll'
#
# Call by : Scheduled Task all e.g. all 5 min.
#
#========================================================================
$thresholdInformation=55 # define the Threshold in %
$thresholdWarning=70 # define the Threshold in %
Add-PSSnapin -Name McliPSSnapIn -ErrorAction SilentlyContinue
$pvsdevices = mcli-get device -f deviceName | Select-String deviceName
foreach($target in $pvsdevices)
{
 $target | Select-String deviceName
 $_targetshort = $target -replace &quot;deviceName: &quot;,&quot;&quot;

 mcli-get deviceinfo -p devicename=$_targetshort -f status

 $devicestatus = mcli-get deviceinfo -p devicename=$_targetshort -f status
if ($devicestatus[4].TrimStart(&quot;status: &quot;) -replace &quot;,&quot;,&quot;.&quot; -gt $thresholdWarning)
{Write-Host &quot;WARNING: The Write Cache of the PVS-Target device $_targetshort exceeded $thresholdWarning %! Intervention is needed&quot; -foregroundcolor &quot;red&quot;
#do here what you need, email, eventlog etc ...
 write-eventlog -logname Application -source StreamProcess -eventID 3001 -entrytype Warning -message &quot;A PVS target device, $_targetshort, exceeded the threshold ($thresholdWarning %) !&quot; -category 1 -rawdata 10,20
 }

 elseif ($devicestatus[4].TrimStart(&quot;status: &quot;) -replace &quot;,&quot;,&quot;.&quot; -gt $thresholdInformation)
{Write-Host &quot;INFORMATION: The Write Cache of the PVS-Target device $_targetshort exceeded $thresholdInformation %! &quot; -foregroundcolor &quot;yellow&quot;
#do here what you need, email, eventlog etc ...
 write-eventlog -logname Application -source StreamProcess -eventID 3001 -entrytype Information -message &quot;A PVS target device, $_targetshort, exceeded the threshold ($thresholdInformation %) !&quot; -category 1 -rawdata 10,20
 }

#3. Avoid if possible cross Data centre streaming 

  • If you have different subnet’s, make use of subnet affinity in the load balancing configuration on the vDisk.
  • If you have one subnet over more data centres, create a store with the vDisk for each data centre and let only provide servers from the corresponding data centre this store. With this way you can still switch fast to a cross data centre configuration in a case of a PVS server outage in a data centre.

4#. Use all exiting best practice guides for tuning:
(for all what I’ve forget here … )

e.g. : http://blogs.citrix.com/2010/11/05/provisioning-services-and-cifs-stores-tuning-for-performance  and http://support.citrix.com/article/CTX127549

 

ff