At Citrix Synergy 2016, our own Bill Burley and Microsoft’s Brad Anderson described how Citrix plans to securely embrace the Microsoft enterprise, cloud and mobility platforms, extending and deepening our long-time partnership.
As part of delivering on that strategy, support for Microsoft Azure Resource Manager (ARM) is now available in the XenApp and XenDesktop service on Citrix Cloud. Now you can provision, de-provision and power-manage XenApp and XenDesktop VDAs on Microsoft Azure right from the Citrix Studio console. All you need to bring to the table is your Azure subscription and a golden master VDA image – we’ll manage the rest for you .
Today, I’ll give you a brief introduction to ARM and go over some key distinctions that you need to be aware of between Azure Classic and ARM when using Citrix Studio to provision onto ARM.
What is ARM?
Back in 2008, Microsoft’s vision for Azure revolved around platform services (PaaS) targeted primarily at developers to build stateless .NET applications that could easily scale up and down automatically. But the stupendous growth of pure-play IaaS has since forced Microsoft to re-think their cloud strategy, because Azure PaaS VMs were deeply rooted in the Cloud Services foundation, making it hard for them to innovate on the underlying compute, storage and networking providers. Combined with competitive pressures from Amazon and Google, Microsoft was forced to go back to the drawing board.
The outcome of that exercise was a thoughtfully designed IaaS platform for the future called Azure Resource Manager or ARM for short.
Here are some of the salient features of ARM:
- Logical grouping of an associated set of resources (compute, network and storage) as one unit, which is called a Resource Group. This becomes a convenient contextual boundary for deployment, deletion and billing of resources contained within it.
- All of the tasks that you do on Azure Resource Manager resources must first be authenticated using Azure Active Directory (AAD).
- The ability to use declarative JSON templates to describe the resources with your deployment and dependencies between them. In fact, behind the XenApp trial offering in the Azure Marketplace is an extensible ARM template. ARM templates are also compatible with Azure Stack.
- Just like you can tag your credit card transactions, ARM allows you to use tags to easily organize resources. This makes it ideal for multi-department billing.
ARM support in Desktop Studio
There are a few key areas that you need to be aware of when provisioning onto ARM from within Studio.
Host Connection type
You will see notice a new host connection type in the drop down list called Microsoft Azure – this is ARM.
Azure AD-based authentication
As discussed above, ARM uses Azure AD for authentication. Each Azure subscription is linked to a single Azure AD tenant that governs authentication to resources within that subscription. You need to define a user account within that tenant and assign Service Administrator role to that user for that subscription. You’ll now be prompted to authenticate to Azure AD as that administrator, and once successfully authenticated, you’ll be asked provide a one-time consent to create a service principal, whose identity XenDesktop will subsequently use to perform actions like provisioning VDAs on your behalf.
Master Image selection
Another area where ARM differs from Azure Classic is the way user images are handled.
Create your golden master VDA image from a Windows Server 2012 R2 gallery image in Azure as you would before. But unlike Azure Classic where you need to first capture the image, VM user images in ARM cannot be captured as images via the portal. But it’s even simpler now. Simply stop (and de-allocate) the master VM. In Studio, navigate to the VHD that represents the OS disk of that VM (we don’t yet support provisioning machines with additional data disks).
Note: Your base image can reside in a storage account in any Azure region – we will do the hard work of copying it over to the target region specified in the Host Connection (where you want your VDAs to be provisioned).
Upcoming blog series
While this is an introductory blog post, look forward to an upcoming multi-part technical blog series that will delve into specific topics related to our ARM support such as authentication, image creation, creating and updating catalogs, troubleshooting etc.
As always, I look forward to your feedback and comments.