If you attended the live TechTalk, there were more questions than I could answer in the time allotted. If you want, the recording of the webinar can be found here. Also, don’t forget to check out the guides and reference architecture for the end-to-end virtual desktop solution:
But now it is time for the Q&A…
Q: So I have Presentation Server 4.0 and can publish desktops. What does XenDesktop do differently?
A: An Excellent question and a great one to start this blog. One of the big differences between a XenApp (Presentation Server) desktop and a XenDesktop desktop is in XenDesktop you are essentially on your own workstation. This means you can more easily allow your users to personalize and customize the applications to best suit their needs. One of the major concerns I’ve seen and heard from numerous organizations using published desktops on XenApp was the desktop was static. They couldn’t change their backgrounds. They couldn’t customize their applications. They couldn’t do certain tasks because the XenApp server was locked down so tightly because that desktop is shared by many users. In XenDesktop however, you can let your users modify the settings, customize the look and feel and try to better align the desktop with their job function. On another aspect, there might be applications that just don’t work on Terminal Services or XenApp for any number of reasons. However, XenDesktop is not built a multi-user operating system like Terminal Services. Is it meant for desktop operating systems like Vista and XP. If the app works on your desktop, it should work on the virtual desktop.
Q: Can you please elaborate on the desktop receiver? How different is it from an ICA client, and will it be available for a variety of thin client devices?
A: In part, the desktop receiver is similar to the ICA client in that it allows ICA connections to XenApp and XenDesktop sessions. The Desktop Receiver also includes visualization customization options through the use of a toolbar in the virtual desktop window. If you just used the standard ICA client, a connection to XenDesktop would work, but you would be unable to fully customize the view.
Q: Will the user notice any slowness during a XenMotion transfer?
A: Yes. The user will most likely experience a pause or slowness in their session (100-200ms) during a transfer. However, the session and the data will not be lost. In most instances, the user will be completely unaware of the pause unless they are staring at the monitor and interacting with the session.
Q: Roughly how many VMs can a controller handle?
A: I wish this was an easy question to answer, unfortunately it is not. I can tell you that we have seen a single controller manage 1500 desktops without reaching a the breaking point (standard server hardware was used 2 processors, dual core, 2 GB RAM). Because XenDesktop is based on a farm architecture, we can simply add another desktop controller when one becomes maxed out. If you remember the processes that occurred during a virtual desktop startup, it essentially comes down to the virtual desktop registering itself with the controller and then the controller routing a user request to the virtual desktop. These processes happen quickly with little impact to the server. Once the virtual desktop is up and running, very little activity is required by the controller except to verify the virtual desktop is still running.
Q: To provide high-availability for the AppHub, you used a NetScaler to load balance the requests. Do you need to load balance multiple NetScalers?
A: No. There should be 2 NetScalers in the architecture though, setup in a HA Pair. The HA Pair will be in an Active-Passive mode. If the Active NetScaler were to fail, the Passive NetScaler would take over immediately.
Q: So where do you install the applications if you don’t install on the virtual desktop?
A: It depends how you want to deliver the application. The recommendation is to stream using XenApp and to host using XenApp. When the user is logged onto their virtual desktop, the Application Receiver (similar to PN Agent), will auto-logon with the user’s credentials. The App Receiver will show a list of applications for the user on the virtual desktop, start menu or system tray. Those applications are not installed, they are just icons. When the user selects one icon they will
1. Hosted: start a session on a remote XenApp server and execute the application from there
2. Stream: have the application streamed to the virtual desktop on-the-fly. The application will run from the virtual desktop.
Both options are valid and appropriate for different circumstances. That is a longer discussion, which I hope to extrapolate on in an upcoming blog post. Hmmm, did I just commit to something else? I gotta stop doing that.
Q: What impact would XenDesktop have on apps which are not Windows Terminal Server compliant?
A: They should work. Terminal Services is a multi-user OS and we try to run single-user apps on top of it. Most applications work fine, but there are a handful which do not for some reason or another. XenApp has tried to overcome these challenges with technologies like AIE or virtual IP, but there are still some apps that don’t play nicely on a multi-user OS. With XenDesktop, you are using Vista or XP. That desktop, for the duration of the session, belongs to a single user. This should help to overcome many of the app challenges we have all experiences with a Terminal Services infrastructure.
Q: Does each XenDesktop instance take up a citrix license?
A: Yes. Each virtual desktop connection equates to a XenDesktop license.
Q: Do you have to have XenDesktop with XenApps?
A: No. You can run XenDesktop without XenApp and it runs fine. The integration of XenApp with XenDesktop allows for the reduction in the number OS images you must maintain because the applications have been removed. For example, your entire organization probably runs 1 or 2 desktop OS but you have more than 1 or 2 desktop images. Why? Probably because of the application set.
Q: Do you have to buy separate licenses for each provisioning server? Or do you get rights to configure a dev/test and production server when you buy the product.
A: Provisioning Server licensing is based on streamed desktop. So you can setup a Provisioning Server in Production and Test and they don’t require a license until you stream desktops. Then each streamed desktop requires a license. If no license is available, the desktop will shut down after a few minutes.
Q: How do the vm’s continue to run if the host physically goes down in the case of a hypervisor failure?
A: If the host physically fails, the virtual machines go offline as well. Any unsaved data is lost. The virtual desktop will restart on another available XenServer. The time required will be based on how long it takes for the virtual machine to boot. Think about this as well, if your physical desktop fails, power outage, etc, you also lose everything unsaved.
Q: What do you do about applications that aren’t supported in XenApp, do you then have to have an image that contains that app?
A: No. If the application doesn’t work on XenApp, I would suggest trying to create an application profile for the app. That profile will then stream down to the virtual desktop when the user requests the application. The app will run ontop of XP or Vista and not XenApp. This should help with those troublesome applications.
Q: Do we need to install the applications on all the desktops or only on the base OS
A: Ideally, you don’t install the apps on the base OS. The base OS is just the OS and some agents. When the user logs on, they automatically get their applications from a XenApp backend. When the user selects an app, the app is either launched remotely from a XenApp server or streamed down to the virtual desktop. If you must update the app with a hotfix, you update the application profile once, and those updates are streamed down to all virtual desktops automatically.
Q: I have Presentation Server now. What are the migration steps for moving to XenDesktop?
A: If you already have your Presentation Server (XenApp) architecture, then your move to XenDesktop is fairly straight forward. You want to leverage your XenApp install to better delivery applications into the virtual desktop. I would suggest looking at the Pilot Reference Architecture and the Implementation Guide to help you through the setup and integration.
Q: I use ISA to publish my internal URLs. Is there a way in XenDesktop to use a different port for the URL that it gives out?
A: Many of the ports and addresses inside of XenDesktop are customizable.
Q: Could one use Citrix Access Gateway or Netscaler for secure desktop delivery?
A: Yes. That is the best integrated solution. With Access Gateway or NetScaler, you can setup secure, remote desktop delivery without requiring users to open up a full VPN tunnel. They will instead be able to encapsulate ICA traffic inside of SSL so it is secure over the Internet. If you go with NetScaler, you have the option of using and integrating the high-availability options for XenDesktop like load balancing and global server load balancing. These materials (Reference Architecture and Implementation Guide) explain how this works for a XenApp environment, which would be similar to a XenDesktop environment.
Q: Is the app receiver like a PNAgent?
A: Yes, that is the best way to think of it for those familiar with PN Agent.
Q: When Hypervisor #1 goes down, how does Hypervisor #2 know about the #1 server’s session’s virtual memory and use it to run those sessions on Hypervisor #2?
A: It doesn’t. If the hypervisor fails, then the data is lost. You can only move a running VM to another XenServer without losing data. If the XenServer physically fails, then the virtual machine can be automatically restarted on another virtual machine.
Q: What is the difference between the VD Receiver and the XenApp ICA client 10.2?
A: The main difference right now is that the Desktop Receiver contains the functionality for a toolbar allowing you to more easily customize the window of the virtual desktop.
Q: You mentioned the User Profile Manager provides some cross-platform compatibility, can you expand on that?
A: I would recommend taking a look at David Wagner’s blogs on the UPM here:
Q: Can machines be added to the Desktop Broker that do not have the XD Client, but instead just use a traditional RDP or VNC connection?
A: At this time, the connections are through ICA and require the Virtual Desktop Agent installed on the virtual desktop. The agent is responsible for the ICA connection as well as registering with the XenDesktop controller.
Q: You said that XenDesktop is supported on Virtualization OS other than Citrix – Microsoft Hyper-V and VMWare ESX; is it supported on the Oracle VM also?
A: Not at this time.
Q: Can this support multiple versions of the same software suite? I.E. I have most of my users using Office 2003 Pro but I have a select group using Office 2007 Pro Plus, can this be done with XenDesktop?
A: Yes. You can either have the apps available for different users (one user group gets 2003 and another gets 2007) or you can have both apps be available for all users simultaneously and be executed from the same virtual desktop when the applications are streamed with XenApp.
Q: I have several users that need to use Adobe Acrobat Professional and at this time, Acrobat will not install on a Terminal server, this causes us to have to have local PCs for these users, does XenDesktop adress this issue and allow me to give my users, who need it, access to Acrobat Pro?
A: Yes. You should first try to have a base virtual desktop image and stream Acrobat Pro down to the virtual desktop. If the app streaming does not work, you can also create a Acrobat Pro virtual desktop where the application is installed and part of the base OS. That base OS will be published to the appropriate users.
Q: Can you “publish” a virtual desktop from xenapp server?
A: Yes, but that virtual desktop is not the same as a XenDesktop virtual desktop. See the very first question.
Q: What thin client devices can this be used with? Is there a thin client with Desktop Receiver? Does this work with Sun Ray’s and Sun Secure Global Desktop
Q: Does this work with non x86 UNIX/Linux OS’s
A: Currently it only works for XP and Vista.
Q: Can a user change clients without losing their virtual desktop. i.e. can I disconnect form machine 1 go to machine 2 and reconnect and still have the original virtual desktop and continue with the original virtual desktop. Also, does the system keep running while disconnected (i.e. a compile would continue)
A: Changing endpoints but going back to the same virtual desktop is possible with a feature called Workspace Control (it is part of XenDesktop). As for running while disconnected, it can you if you want it to.
Q: How do you handle boot storms?
A: Get an umbrella. This is actually a very serious concern. If you try to boot up 1000 virtual desktops at once, you will most likely have some challenges on many fronts, just due to the impact on everything. This will in turn result in users not getting to their virtual desktop or being required to wait a very, very, very long time. XenDesktop allows you to set idle limits based on the time of day. If the morning rush starts at 9AM, you will want XenDesktop to start prepping the environment around 7 or 8AM to make sure everything is ready for the rush. You do this with the Idle limits shown in a previous picture.
Q: Is the OS image hardware independent, or do you have to have a separate OS image for each hardware variant in your environment?
A: If you are running on XenServer, then all images have the same hardware footprint (the XenServer virtual space) even though the XenServer might be on different hardware. You can use the same OS image to stream to a XenServer virtual machine and a physical server by configuring a common image where drivers are incorporated into the base image.
Q: How would this be in a WAN env?
A: Pretty good. The protocol XenDesktop uses is Citrix’s ICA protocol which has been used for years with XenApp (Presentation Server, MetaFrame). This protocol only sends the screen updates down to the end point. So when you are typing in Word, only the images of the letters get sent, if they changed. ICA also has been enhanced greatly over the years to support audio, video and numerous other areas. Truthfully, the only way to be certain it will work for you is to try it out by getting the free evaluation kit.
Q: Our env is highly integrated, we have found that streaming applications to be nearly impossible.
A: By highly integrated, I assume you mean many of your applications rely on each other. App streaming is a great idea, but this was a huge problem. First, the background. When you stream, each app is in its own container. Those containers are separate and do not interact. That is a major problem for environments like yours. What ends up happening is you have 2 different enterprise applications that each rely on Excel. You create one profile for one enterprise app and include Excel. You then create another profile with the second enterprise app and Excel. When you have updates to Excel. You have to update both profiles. This is hard to manage and maintain.
Have you looked into XenApp 5, just released? It has major updates to XenApp streaming where these different containers can now talk to each other. So in the previous example, you would have 3 profiles, 1 for each of the two enterprise apps and another profile for Excel. You configure the profiles to work with other profiles. This should help you overcome the major challenges you experienced in the past.
Q: Does this require an AD schema update?
A: No. It does use AD, but it does not require Schema updates. (thank goodness).
Q: Streaming is overbilled it doesn’t address application integration
A: I would love to hear more. I agree in the past App streaming was a challenge because of communication limitations between applications, but with XenApp 5, those challenges are being mitigated with inter-isolation communication.
Q: Can you use a Microsoft load balancer to replace the NetScaler?
A: Yes. There are many differences that would take a lot of time to explain, but for simplicity, NetScaler has specific smart monitors and high-availability options for XenApp and XenDesktop that makes it easy to configure and setup.
Q: Is it possible to stream this over the internet at all? For example hosting the desktop at a datacenter
A: Well, the desktop and application stream would stay within the data center. Users would connect to the virtual desktop in the data center with the Desktop Receiver, which relies on the ICA protocol.
Q: What happens if there is no controller available?
A: If all of your XenDesktop controllers fail, currently connected users will be fine. New connections will not be allowed.
Q: If the user count is small and all use same apps would it make sense to install all apps on provisioning server and by-pass streamed/hosted options.
A: It does make sense and is a possible option.
Q: Does XenDesktop with installed apps optimize video/audio significantly more than a VMware VDI desktop?
A: Hosted, installed or streamed apps really don’t make much of a difference when you talk about the optimization of video and audio t the endpoint. What does play a major part is the delivery protocol. The Citrix protocol, ICA, is used by millions of users who connect to XenApp published applications. That same protocol is used to delivery virtual desktops. Truthfully, the only way you will be able to see is to try it out for yourself.
Q: How do apps that are launched from other apps work – things like GoToWebinar or Flash, which are launched from a browser? What about plugins that require installation that are not on the gold desktop?
A: Plugins and flash and other items that were not part of the base OS image can be installed on the virtual desktop by the user. However, that installation only impacts that particular virtual desktop. The changes made by the installation are contained in a write cache. When the user reboots the virtual desktop, that write cache is destroyed. The next time the user connects to the virtual desktop, they would have to re-install the agent. This is a big reason for identifying the needs of the user. It allows us to identify the agents and plugins that are needed. But just because it is not part of the base image, doesn’t mean the user can’t add it on-the-fly.
Q: Is there a plan to provide a “Offline XenDesktop” in the future? (similar to VMwares OnDemand VDI)
A: I have heard people talk about it, but am not in the product group so I’m not certain what the roadmap looks like.
Q: what is best practice for managing XD workstation log files, taking into account that the log data is lost after every reboot?
A: the log files would need to be stored on a network share that is persistent.
Q: Does this support any Linux Desktops?
A: Not currently
Q: Do you absolutely need the Access Gateway? I have WI with the CSG.
A: I believe you would be able to use Secure Gateway instead of Access Gateway.
Q: Will XenDesktop work with VIrtual Iron and XenApp?
A: right now XenDesktop only supports XenServer, Hyper-V and VMware ESX as the hypervisor.
Q: You had to mention NetScaler. So what are all us normal or smaller companies going to use? I hear that a NetScaler starts at $20K plus.
A: You can use software or hardware based load balancers. NetScaler just includes integrated monitors and wizards to make configuration easier. However, load balancers like Microsoft load balancing would work as well, you just want to make sure that the devices you are load balancing are being monitored intelligently (but even a Ping is better than nothing).
Q: What happens when the Hypervisor fails and there are too many VMs moved to a single host? Do some of the machines get put in stasis, are they shut down, or do all VMs suffer slowness?
A: With XenServer (Orlando) you can set priority levels for the virtual machines. The ones with highest priority will be restarted on available XenServers, others will not.
Q: What happens to data in the case of an Application Hub failure caused by a XenApp server crash?
A: This is the interesting thing with XenApp and application streaming. XenApp is needed to identify and start the stream, but once the desktop receives the stream instructions, the Xenapp server is removed from the equation. So if I’m receiving my app stream, it is coming from the App Hub and the XenApp server is doing nothing.
Q: In terms of client hardware would this work with WYSE thin clients?
A: You will want to look at the Citrix Readysite for desktop appliances. Those devices that are not on the list might work, but you want to test.
Q: What are the differences in performance installing this on ESX server 3.5?
A: I haven’t seen published stats on that scenario yet. Until that time, you might want to try downloading the XenDesktop eval and trying it on both hypervisors.
Q: What’s server cache??
A: The cache is for Provisioning Server (OS Streaming). Provisioning Server streams a base OS to hundreds of workstations. Those workstations use a Standard Image (Read Only) to receive their desktop OS. Any changes the user/desktop makes to that image are stored in a write cache.
Q: This question is regarding licensing. Do you utilize 2 different concurrent session licensing for any XenApp published applications running on Xendesktop? please explain how it the licensing works.
A: Licensing is such a fun topic. Citrix licensing for XenDesktop is concurrency for the virtual desktop and the app delivery. With XenDesktop Enterprise and Platinum, you get XenDesktop, Provisioning Server and XenApp for Virtual Desktops. Each one is concurrency. So when you start 1 desktop and have applications, you use 1 XenDesktop, 1 Provisioning Server and 1 XenApp license. Of course when you purchase XenDesktop Enterprise or Platinum, the licenses are part of the package. Take a look at the editions here.
Q: I guess we need to have our own SSL solution. It is not part of XenDesk components, right?
A: With Standard, Advanced, Enterprise or Platinum edition, you get Access Gateway licenses which provide secure, remote access using SSL.
Q: Is XenDesktop the same as Desktop Broker? We want to display a physical PC (a CAD workstation) across the WAN using ICA.
A: Sort of. XenDesktop replaced Desktop Broker. Desktop Broker used an ICA server as a proxy to RDP to workstations. With XenDesktop, you get ICA from your end point to the virtual desktop. Plus, XenDesktop incorporates many other technologies to make a more complete end-to-end solution.
Q: Will Secure Gateway work or does it have to be the Access Gateway?
A: Secure Gateway will work.
Q: On average how many users can one XenDesktop and XenServer host?
A: XenServer is really going to be based on the amount of RAM. Very few physical desktops utilize their CPU. If you are hosting Vista desktop on XenServer, the general recommendation for Vista is 1-2GB of RAM. If you have 64GB of RAM on XenServer, and you have 1GB RAM for each Vista desktop, you will end up with 60-62 virtual desktops (XenServer takes RAM too, which is why it isn’t 64). However, the processor is the big question and the only way to really see that is to test it with real users and see how much they hit the processor.
Q: What are some of the main differences between XenDesktop and Citrix Provisioning Server?
A: XenDesktop is the complete, end-to-end solution of virtual desktops. Provisioning Server is a component of XenDesktop. Provisioning Server allows a single OS image to be streamed to hundreds or thousands of devices across the network. This has advantages of only requiring administration of a single image for many desktops.
Q: You mentioned Citrix User Profile manager is in Tech preview at the moment…. when can we expect this to be generally available? Will this be included with XenApp 5.0 which is due for release next month?
A: I don’t know the release dates for User Profile Manager and it isn’t part of the XenApp 5 release either.
Q: Is this only for high-speed connections (local LAN) vs WAN as some of our sites are only 256MB frame relay?
A: No. The remote delivery protocol that XenDesktop uses is Citrix ICA which has been used for numerous years by millions of users to remote connections. I’ve seen organizations use ICA for any number of connections including dial-up and satellite.
Q: Which of these products mentioned are extra to XenApp as we have Subscription Advantage and Enterprise Edition?
A: XenDesktop is a new product line different that the XenApp product line. XenDesktop Enterprise does include a portion of XenApp, but it only allows application delivery to virtual desktops, where the XenApp product line allows application delivery to any end point. You will probably want to check out the product matrix.
Q: I’m looking for a VPN replacement. Will you talk about the Remote user scenerio where I want to present a full desktop to a remote Work from Home user or newly aquired company where I need to provide a Desktop to them via citrix?
A: Access Gateway. This will allow you to do just what you are looking for. You have two options on the configuration: Virtual desktop only or Full VPN. The Virtual desktop only option will only allow the user to have connection to the virtual desktop over ICA. The user’s endpoint won’t technically be on the network, helping to protect the internal environment. With the full VPN configuration, the user will have a connection to the network. They can connect to a virtual desktop and browse the network from their end point.
Q: Is the streaming of virtual desktop accelerated over the network? We have the Citrix WAN accelerators. Does this work?
A: It might, I’ve never tried or it seen anyone try it. As WANScaler works at the network stream and is not concerned with files or data, the Provisioning Server stream should show a lot of duplication as it goes from the central Provisioning Server to the numerous virtual desktops.
Q: What is the best way to run CadCam Civil 3D application for remote and internal networks? Can XenApps support and deliver CadCam Civil 3D Applications remotely? How much bandwidth is required? Who can I call to assist me in setting up a Virtual desk top solution for CadCam Civil 3D
A: I unfortunately don’t have experience with that particular application. You best bet would be to setup it up in a test environment and see how it functions. Citrix’s Consulting group can help with this type of testing, as they have done this with numerous organizations in the past. I should know as I used to be in Citrix Consulting. The Consulting information can be found here.
Q: If I understood, we have the option to serve only the apps of the desktop to the user? Is there an installed client program on the client machine?
A: Yes, if the end point is going to get desktops, you want the desktop receiver. If the end point needs applications you use the Application Receiver. They are very similar and can be used together. In most situations, you would have the Desktop Receiver on your end point and the Application Receiver on the virtual desktop.
Q: Can this solution work on a 10/100 MB network?
A: It all can, but you have to be concerned with the number of users and the number of desktops being streamed as the streaming is using the network. Now if your environment has your users on the 10/100 network and the infrastructure components (XenDesktop, XenServer and Provisioning Server) on a faster network, then that architecture easily works as the 10/100 network will just use the bandwidth associated with ICA protocol, which is minimal.
Q: Can the desktop receiver be loaded on a thin client or desktop appliance?
A: Yes and it is, at least for the Desktop Appliances part of the Citrix Ready program.
Q: How is licensing addressed for the user, through Xen, if they need an application that requires Vista? Is there a special license needed for this use on the Xen Server?
A: Each XenDesktop component is managed by Citrix licensing. For users who require a Vista desktop and application, those licenses are managed by the Microsoft and App vendor licensing agreement.
Q: how does XenDesktop join to domain?
A: The base image is added to the domain. Then that image is provisioned out to numerous other workstations. Those workstations are also added to the domain. As the desktops are managed by Provisioning Server, the Provisioning Server will keep the Active Directory and machine passwords in sync.
BTW, I think this is the longest blog on the Citrix blog site. Thanks
Homer Quote of Blog “I bet Einstein turned himself all sorts of colors before he invented the light bulb.”