My first blog post ever!  (Achievement unlocked)
My first blog post as a Citrite! (Achievement unlocked)

If the knowledge that I’ve leveled up (go me!) has you less interested in this post, it will get better, I promise. I’m excited. But I digress.

During my first few months at Citrix I ran into a few new things within the FMA.
Zones, AppDisk, XenApp Secure Browser (and more to come that are under NDA…)

In January, I attended Citrix Summit in Las Vegas. It was awesome, let me tell you! As it was my first Summit (achievement … OK, OK … I’ll stop now), I was really looking forward to some sessions (some more than others). I thought the XenApp/XenDesktop update session with Daniel Feller was the best. Another thing that was really obvious is the strength of the partnership between Citrix & Microsoft. That got me thinking, and I landed with Azure.

Azure within XenApp/XenDesktop (or the other way around)

So, with XenApp/XD 7.7 & 7.8, we have integration with Microsoft Azure. “Great!” you say. I also think it’s great! We should embrace this platform like we did with AWS. I started looking into Azure, got myself a subscription from Microsoft, and started playing around.

The first thing I noticed was that there are 2 deployment models with Azure:

•    Resource Manager deployment (ARM)
•    Classic deployment (subscription-based)

Just to keep it simple, the new model contains important differences from the classic deployment model, and the two models are not completely compatible with each other. If you ask Microsoft, they will say: “Resource manager deployment is the way to go.” More future proof, I’d say.

This might be useful: Azure RM

Here’s what I did, I wanted to configure my Azure resources within my hosting section of studio:

Nice enough, but it uses the CLASSIC WAY, so that was a bummer. At that point, the only way to deploy VMs was to do it manually (because I wanted to use ARM).

Let me give a blueprint of my configuration on prem before I started deploying machines in Azure:

  • 1 Delivery Controller
  • 2 Storefront servers
  • 1 NetScaler
  • 1 XenServer
  • Some Windows 10 VDI’s

Setting up hybrid solution with Azure (The ARM way)

The first thing you need to do when deploying a hybrid solution is make sure that network traffic is possible between Azure and the on-premises environment. In my lab, I did this with a Site to site VPN from Azure to my NetScaler (Cloudbridge connector).

You might find these links useful:

VPN devices

When setting up a Site to site VPN in Azure you’ll need 3 things:

•    Virtual network
•    Virtual network gateway
•    Connection between

After some troubleshooting, my Site to Site came up and was now able to communicate with my on-premises infrastructure.


Not bad for RRT from Belgium to Ireland, I guess 🙂

Setting up a secondary delivery controller (In Azure) and a new zone within the site was born.


At this point in time my design only missed some VDA’s.


I created some Azure VMs. Joined them to the domain, installed & registered the VDA … et voila! Done deal!

At this point in time my tests were quite successful, hybrid solutions with Azure are possible. I was quite shocked by the RTT for a regular Site-To-Site from my home.


Yes, you’ve read this correct! We can’t use PVS within Azure. By design it’s not allowed to PXE boot. Microsoft alternative to this is (RM) Resource Manager Templates combined Desired State Configuration (DSC) for a complete solution. So, sorry if I’ve shattered your dream. 🙂

About ARM, Azure & Citrix

Currently we don’t use ARM to create machines with MCS. Contact your Citrix sales representative if you want to get some more info. If I can give you some pointers when working with Azure:

•    Assess to the letter

Do not migrate blindly–not ever. Check your current environment
 workloads through performance counters for some time (cpu, memory,
disk queue length…) and scope accordingly.

•    Plan ahead

Think about future usage. How can the customer easily scale up and/or
 out? Not every customer is completely Azure-savvy, so help him out
 from the start.

•    Design thoroughly

The single most important part, is to do a complete and overall 
design, including current and future network requirements, storage
 IOPS design, gateways and so on. Do not only scope for

•    Know your limits

Make sure you are aware and up-to-date with what can be done and most off all what cannot be done. This includes e.g. IOPS planning for
 virtual machines, extending default limitations before deploying,
 number of certain types of resources limitations per subscription in

•    Segregate your resources

In real life, not every networking guy is also handling storage or
 virtual machine deployments. Use Role-based Access Control from the

Scripting your way to automation

This script will create some vm’s based on a template within Azure. Make sure you Sysprep + Generalize & shutdown your vm before taking the copy. Feel free comment & give some suggestions. I will try to update this post if possible.

Note: Please try to understand the script before just ctrl+c / ctrl-v the script.

A massive THANK YOU–flowers & Belgium’s finest chocolates–to Chris Sauquillo who helped me with developing this script. But also helping me to learn the the way to do things within Azure!

I hope this post has been informative for you, and I would like to thank you for reading!

Download the script here

Chromebook Banner 1