How to Manage Citrix Applications in Complex Environments.

After years of experience i feel confient enough to publish this guide which will show you how to deal with complex Citrix solutions that require applications:

If you run a reasonable size Citrix estate, then you will all know how difficult and almost impossible it is to even consider having one desktop image that will work for all users that has every application that any user is ever likely to use, installed neatly on one image. Forget it, don’t be fooled in to thinking that is realistically possible and even if you do manage to pull off this amazing feat of genius, maintenance will be a complete nightmare. Every application change would require the image to be updated.

I have been privileged in the past to have worked on some of the UK’s largest Citrix installations and some of the most complex, with one of them having over 3,000 applications to package though the principles I discuss here work on any environment where you have 50+ applications to deploy and/or you are unable to get all the applications on one image (which should be most installs).

I write this guide for you. If you run Citrix and you need it work then read on…

Background

Life is complex and so are pooled non-persistent desktops. If you know what non-persistent desktops are then skip this chapter. 

Non persistent desktops are virtual desktops that are either server session based or full fat VDI that are deployed normally with Citrix Machine Creation Services (MCS) or Citrix Provisioning Services (PVS) from one single master image. Within this image you will have your operating system with patches, Desktop Broker, anti-virus and then your app. These desktop images are typically read only and they perform a reset at reboot or log out. This can be great for administrators as they can create one master image and deploy as many as they want from this one image and should anything cranky happen a simple reboot resets the image back to last image. Within PVS you can also create versions and produce pre-prod UAT versions before going live, excellent for operations management.

But… Here’s the problem. With virtual desktops you have to create images that suits everyone and it is unrealistic to think that you can get every application that every user may use working nicely on one image. Don’t do it, you will thank me I promise.

With Microsoft and Citrix you have so many tools at your disposal that really don’t need to do that, let me explain.

I know that some of my audience will be highly versed in this subject and to you guys I hope that I bring something new to the table that you find useful. For others that are not so aware again please read on. I am hoping you find this article useful and insightful.

In an ideal world I have a vision, in this vision I foresee everyone on the planet using virtual desktops as their main daily use of computers, they sit perfectly alongside mobile and tablet devices, and everyone runs a Microsoft and Citrix stack. This stack includes non-persistent Windows virtual desktops deployed using Citrix PVS with its initial deployment achieved using Citrix Enterprise Layer Manager (ELM). This image has very few applications and the rest are streamed in to the image on demand using Microsoft App-V. In order to protect the user experience we have along side this another Citrix farm that publishes applications directly on to the desktop should some (CR**) piece of coding performs badly then they can run in their own application silo and should they do something weird like leak too much memory that will not impact the desktop.

Finally in order to cope with other, not so nice, non Citrix compatible applications there is the layering fullback where you deploy the application in the elastic layer at the point of log in and should all else fails you always have the option to install locally and use Citrix to publish local apps in to the virtual desktop. I have thought about this a lot, in fact I even did a nice diagram to explain it.

Ta da, there you go, every application problem solved …

Yes or No?

Let me explain the logic:

Remember, this is still idealistic. Trust me I hear your chuckle..

Initial Image Deployment:

Citrix Enterprise Layer Manager which is hereon to be called App Layering virtual appliance is a free tool from Citrix that is a great for initial image creation and ongoing maintenance. This article is not a deep down piece on this, you can find out more here: https://discussions.citrix.com/forum/1672-app-layering-4x/ Also @Carl Stalhood has written a brilliant end to install guide which can be found here: https://www.carlstalhood.com/app-layering-enterprise-layer-manager/ Amazing work Carl and we all appreciate you sharing your knowledge, everyone benefits.

It is easy to build various image types from the same image by layering in the different requirements with different Tier 1 applications, which I will cover later. An image for finance as an example and then one say for HR or the Legal department.

Why not SCCM I hear you say?

Well, I do love SCCM but it is slow as you have to sequence every build each image individually and to be honest it is and a bit dated today and a faf. It is much easier to produce various images from one master using the App Layering virtual appliance then it is with SCCM, plus it is free.

There you have it, a very neat and easy way to produce multiple images from one master image using free tools from Citrix and ongoing maintenance is simple.

What do you install in the core image?

First off, you install as little as you can get away with, you want to keep this image as clean as possible and we use other means to get your applications in to the image on demand, covered later: You install Windows with updates, and all drivers you’ll need, plugins e.g. Java etc and then the Tier 1 applications. You then flatten the image and use ideally with PVS but also MCS. You can create different images with different Tier 1 applications for different needs.

What is a Tier one application?

For me a Tier one Application is simply any application that meets any of the following criteria:

·      It is used by everyone (e.g. Microsoft Office and Adobe Reader)

·      The application needs to integrate with office (e.g. CRM or Document Management)

·      The application needs shell integration, i.e. right click options

In fact I have come up with a whole list of my own definitions application tiers to support this methodology

So in order of preference:

1.      Only install the application if it is a tier one application

2.      Use App-V as the next best option and stream them on demand in to the image

3.      If the application is resource intensive and I use a metric of 20% of any given resource to run i.e. memory or CPU. Still use App-V but stream that to another XenApp server and publish the OSD as an application which is presented to the user via Citrix Receiver within their virtual desktop that is set up SSO the user just sees the app as a shortcut. Enable Session Sharing, session pre-launch and session lingering then the experience is seamless

4.      If the application is not compatible with App-V (and there is a lot covered below) then install the application directly on the XenApp servers and publish as above

5.      If all else fail, there is always layering at the elastic level whereby Citrix will mount a VHD of the entire application per user that tricks windows in to thinking the application is installed. This is clever but only use it as a last resort. From my own experience, at best, it adds around 15 seconds to the login time for each application you layer. It works but use it only if you need to and think of it as some form of insurance policy

6.      Finally, not listed in my own level of tiering is locally published apps. This is where you install the application locally on the desktop outside of the virtual desktop and use Citrix to publish the application in to the virtual desktop. Examples being things like soft phones, don’t even bother trying to run these in virtual desktops unless your using Skype and have RTME fully setup

There you go, with these guidelines any application, no matter how complex or resource intensive or non Citrix compatible it may well be, you can get them working with Citrix.

A little bit about App-V

App-V allows applications to be deployed ("streamed") in real-time to any client from a virtual application server. It removes the need for traditional local installation of the applications, although a standalone deployment method is also supported. With a streaming-based implementation, the App-V client needs to be installed on the client machines and application data that is stored on the virtual application server is installed (streamed) to the client cache on demand when it is first used, or pre-installed in a local cache

It still surprises me that most customers are not aware that if you own RDSH CALS that this comes bundled with App-V and so does MDOP with VDA. So pretty much everyone will have App-V licenses if your running Citrix.

When to App-V and more importantly when not to

Microsoft have released very clear guidelines (below) on what is officially supported in App-V and if you follow them the shocking realisation will be that, at best, only about a third of applications would be officially supported:

Unofficially though there are ways around these limitations, especially with applications that require specific plugins or drivers as these can be installed in the image using ELM. I know of one client with 700+ applications that successfully got over 95% of their applications working with App-V.

I hope you find this article useful, comments feedback are always welcome. I am not convinced I have covered everything, so I may add to this over time.

Peace out,

Brett