Monthly Archives: January 2016

VMware Certified Professional 6 – Network Virtualization (VCP6-NV)–Study Guide

So this is an unoffical study guide for VCP6-NV which is the second level certification for Network Virtualization from Vmware. In order to take this certification you have two options, if you are Cisco certified then you can take an foundation exam and you are good to go. If you don’t have a cisco certification you need to attend an NSX training course. You can read more about it here –> https://mylearn.vmware.com/mgrReg/plan.cfm?plan=64294&ui=www_cert#tab-faqs

This blogpost is also used for my own study purposes since I am aiming for this exam after new year.

You can read more about the exam objetives here –> https://mylearn.vmware.com/mgrReg/plan.cfm?plan=64297&ui=www_cert

There is also a pratice exam here –> http://mylearn.vmware.com/quiz.cfm?item=57466

Note that it is a long list of objectives but not all of them require in-depth knowledge. This is still a work in progress but all objectives will link to another URL or containing some info where to find information regarding the objetive.

There are also some other things to get you started:

Pluralsight: https://www.pluralsight.com/courses/vmware-nsx-vsphere-network-services

Offical Exam Cert Guide: http://www.amazon.com/VCP6-NV-Official-2V0-641-VMware-Certification/dp/0789754800/ref=sr_1_3?ie=UTF8&qid=1452111914&sr=8-3&keywords=vmware+nsx

Objective 1.1: Describe the Benefits of a VMware NSX Implementation
Define and differentiate challenges with physical network implementations
Explain common VMware NSX terms
Describe and differentiate NSX network and security functions and services
Explain common use cases for VMware NSX

http://www.vmware.com/files/pdf/products/nsx/VMware-NSX-Network-Virtualization-Platform-WP.pdf

Objective 1.2: Describe VMware NSX Architecture
Differentiate component functionality of NSX stack infrastructure components
Compare and contrast with advantages/disadvantages of topologies (star, ring, etc.) as well as scaling limitations
Compare and contrast VMware NSX data center deployment models
Prepare a vSphere implementation for NSX

http://www.vmware.com/files/pdf/products/nsx/vmw-nsx-network-virtualization-design-guide.pdf

http://pubs.vmware.com/NSX-62/topic/com.vmware.nsx.admin.doc/GUID-10944155-28FF-46AA-AF56-7357E2F20AF4.html

http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.install.doc/GUID-B76EBDE5-5F92-4911-92B2-221BDCEE724D.html

Objective 1.3: Differentiate VMware Network and Security Technologies
Explain the benefits of NSX architecture components
Given a scenario, determine the appropriate steps required to upgrade a vSphere implementation
Describe core vSphere networking technologies
Describe vCloud Networking and Security technologies
Describe and differentiate VMware NSX for vSphere and VMware NSX for third-party hypervisors

http://pubs.vmware.com/NSX-62/topic/com.vmware.nsx.install.doc/GUID-10944155-28FF-46AA-AF56-7357E2F20AF4.html?resultof="NSX"%20"nsx"%20"architecture"%20"architectur"%20"components"%20"compon"

https://www.vmware.com/files/pdf/products/vcns/vCloud-Networking-and-Security-Overview-Whitepaper.pdf

Objective 1.4: Contrast Physical and Virtual Network Technologies
Differentiate logical and physical topologies
Differentiate logical and physical components (i.e. switches, routers, etc.)
Differentiate logical and physical services (i.e. firewall, NAT, etc.)
Differentiate between physical and logical security constructs
Service Composer
Endpoint Security
Data Security

http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.admin.doc/GUID-E496C826-6DDA-4357-8D69-4AD21F8C2EEC.html

http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.admin.doc/GUID-DBA0522E-92DC-48F4-8801-49C92E001AA1.html

Objective 1.5: Explain VMware NSX Integration with Third-Party Products and Services
Explain integration with third-party partner tools and systems using NSX REST APIs
Explain integration with third-party services
Network services
Security services
Load Balancing
Anti-malware
IDS/IPS
Explain integration with third-party hardware
Network Interface Cards (NICs)
Terminating overlay networks
HW VTEP
VXLAN offload
RSS
Install/register a third-party service with NSX

http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.admin.doc/GUID-1D85FF4A-6828-4D18-B5B8-B0D4080F85DA.html

https://blogs.vmware.com/cto/network-virtualization-gets-physical/

https://blogs.vmware.com/cto/geneve-vxlan-network-virtualization-encapsulations/

Objective 1.6: Explain VMware NSX Integration with vRealize Automation (vRA)
Explain integration with vRealize Automation
Explain NSX deployment capabilities built into vRealize Automation
Describe Network Profiles available in vRealize Automation
Explain NSX preparation tasks for attaching a network profile to a blueprint
Explain vRealize Automation preparation tasks for deploying a machine with on-demand network services

https://www.vmware.com/files/pdf/products/vrealize-automation/VMware-NSX-And-vRealize-Automation-Solution-Overview.pdf

https://blogs.vmware.com/networkvirtualization/2015/12/vmware-nsx-vrealize-automation.html

Objective 2.1: Define Benefits of Running VMware NSX on Physical Network Fabrics
Describe and differentiate physical network topologies
Differentiate physical network trends
Explain the purpose of a Spine node
Explain the purpose of a Leaf node
Describe and differentiate virtual network topologies
Enterprise
Service Provider Multi-Tenant
Multi-Tenant Scalable
Given a specific physical topology, determine what challenges could be addressed by a VMware NSX implementation.
Differentiate physical/virtual QoS implementation
Differentiate single/multiple vSphere Distributed Switch (vDS)/Distributed Logical Router implementations
Differentiate NSX Edge High Availability (HA)/Scale-out implementations
Differentiate Separate/Collapsed vSphere Cluster topologies
Differentiate Layer 3 and Converged cluster infrastructures

http://bit.ly/1J3ejgT

https://www.vmware.com/files/pdf/products/nsx/vmw-nsx-network-virtualization-design-guide.pdf

Objective 2.2: Describe Physical Infrastructure Requirements for a VMware NSX Implementation
Differentiate management and edge cluster requirements
Describe and differentiate minimum/optimal physical infrastructure requirements for a VMware NSX implementation
Explain how traffic types are handled in a physical infrastructure
Determine use cases for available virtual architectures
Describe ESXi host vmnic requirements
Differentiate virtual to physical switch connection methods
Describe and differentiate VMkernel networking scenarios

https://pubs.vmware.com/NSX-6/index.jsp#com.vmware.nsx.install.doc/GUID-311BBB9F-32CC-4633-9F91-26A39296381A.html

https://www.vmware.com/files/pdf/products/nsx/vmware-nsx-on-cisco-n7kucs-design-guide.pdf

Objective 3.1: Configure and Manage vSphere Standard Switches (vSS)
Explain vSS capabilities
Add/Configure/Remove vmnics on a vSS
Configure vmkernel ports for network services
Add/Edit/Remove port groups on a vSS
Determine use cases for a vSphere Standard Switch

https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-350344DE-483A-42ED-B0E2-C811EE927D59.html

https://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.networking.doc/GUID-49DC6CD8-F3BF-4D35-B9A0-CFD31681F1A0.html

Objective 3.2: Configure and Manage vSphere Distributed Switches (vDS)
Compare and contrast vDS capabilities
Create/Delete a vDS
Add/Remove ESXi hosts from a vDS
Edit general vSphere vDS settings
Add/Configure/Remove dvPortgroups
Configure dvPort settings
Add/Remove uplink adapters to dvUplinkgroups
Create/Configure/Remove virtual adapters
Migrate virtual machines to/from a vDS
Monitor dvPort state
Determine use cases for a vDS

https://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.networking.doc/GUID-B15C6A13-797E-4BCB-B9D9-5CBC5A60C3A6.html

http://www.vmware.com/files/pdf/techpaper/vsphere-distributed-switch-best-practices.pdf

Objective 3.3: Configure and Manage vSS and vDS Policies
Compare and contrast common vDS policies
Configure dvPortgroup blocking policies
Explain benefits of Multi-Instance TCP/IP stack
Configure load balancing and failover policies
Configure VLAN settings
Configure traffic shaping policies
Enable TCP Segmentation Offload (TOE) support for a virtual machine
Enable Jumbo Frame support on appropriate components
Determine appropriate VLAN configuration for a vSphere implementation
Understand how DSCP is handled in a VXLAN frame

http://blog.mwpreston.net/vcp-5/vcp-objective-2-3-configure-vss-and-vds-policies/

 

Objective 4.1: Configure Environment for Network Virtualization
Identify and understand physical infrastructure configuration for NSX Compute, Edge and Management clusters (MTU, Dynamic Routing for Edge, etc.)
Prepare a Greenfield vSphere Infrastructure for NSX Deployment
Configure Quality of Service (QoS)
Configure Link Aggregation Control Protocol (LACP)
Configure a Brownfield vSphere Infrastructure for NSX
Explain how IP address assignments work in VMware NSX
Determine minimum permissions required to perform an NSX deployment task in a vSphere implementation

Objective 4.2: Deploy VMware NSX Components
Install/Register NSX Manager
Prepare ESXi hosts
Deploy NSX Controllers
Understand assignment of Segment ID Pool and appropriate need for Multicast addresses
Install vShield Endpoint
Create an IP pool
Understand when to use IP Pools versus DHCP for NSX Controller Deployment

https://pubs.vmware.com/NSX-6/topic/com.vmware.nsx.install.doc/GUID-8FEE494F-8D3E-45B3-BFC6-4BE41F87607B.html

https://pubs.vmware.com/NSX-6/index.jsp#com.vmware.nsx.install.doc/GUID-A5EBCAF2-2FE6-4DD0-89E7-0D1D20C8F533.html

https://pubs.vmware.com/NSX-6/topic/com.vmware.ICbase/PDF/nsx_6_install.pdf

Objective 4.3: Upgrade Existing vCNS/NSX Implementation
Based on a given upgrade scenario, identify requisite steps and components for upgrading to NSX 6.x
Upgrade vCNS 5.5 to NSX 6.x
Upgrade vCNS Virtual Wires to NSX Logical Switches
Upgrade to NSX Components
Upgrade to NSX Firewall
Upgrade to NSX Edge
Upgrade vShield Endpoint from 5.5 to 6.x
Upgrade to NSX Data Security
Upgrade NSX Manager from 6.0 to 6.x
Update vSphere Clusters after NSX upgrade
Understand the impact of availability to the aspects of NSX during an upgrade

https://pubs.vmware.com/NSX-6/index.jsp#com.vmware.nsx.install.doc/GUID-15F31422-CD1B-4C28-9631-05AFCBE2C674.html

https://pubs.vmware.com/NSX-6/index.jsp#com.vmware.nsx.install.doc/GUID-CF30814C-C477-4C1A-9BE9-067FA14D07DB.html

Objective 4.4: Expand Transport Zone to Include New Cluster(s)
Explain the function of a Transport Zone
Understand proper addition of a Transport Zone
Understand necessity to expand or contract a Transport Zone
Edit a Transport Zone
Understand appropriate use of Control Plane mode modification of a Transport zone
Objective 5.1: Create and Administer Logical Switches
Given a scenario, demonstrate the proper way to add/remove a logical switch
Determine use case for and contrast the three Control Plane Modes
Multi-cast
Hybrid
Unicast
Determine use case for connecting a logical switch to an NSX Edge gateway
Deploy services to a logical switch
Demonstrate multiple ways of adding or removing virtual machines from a logical switch
Test logical switch connectivity

https://pubs.vmware.com/NSX-6/topic/com.vmware.ICbase/PDF/nsx_6_install.pdf

Objective 5.2: Configure VXLAN
Describe and understand areas where VXLANs should be configured
Understand physical network requirements for virtual topologies with VXLANs
Understand how to prepare a vSphere cluster for VXLAN
Determine the appropriate teaming policy for a given implementation
Understand how to configure and modify the options of a Transport Zone
Understand how prepare VXLAN Tunnel End Points (VTEPs) on vSphere clusters

Objective 5.3: Configure and Manage Layer 2 Bridging
Given a scenario, determine an appropriate High Availability configuration for Layer 2 Bridging
Understand how to add a Layer 2 Bridge to an NSX Edge device
Determine when Layer 2 Bridging would be required for a given NSX implementation
Determine use cases for multiple Layer 2 Bridges
Compare and contrast software and hardware bridging

Objective 5.4: Configure and Manage Logical Routers
Install NSX Edge
Understand how to connect/disconnect a logical switch from a logical router
Understand and describe the different types of router interfaces
Determine NSX components needed to build out topologies with logical routers
Understand how to add and configure a new logical router
Determine use case for and configure a management interface
Determine use case for and configure High Availability for a logical router
Configure routing protocols
    Static
    OSPF
    BGP
    IS-IS
Configure default gateway
Determine if cross-protocol route sharing is needed for a given NSX implementation
Understand how to configure administrative distances for routing
Understand configuration differences between iBGP and eBGP
Understand and configure route redistribution

Objective 6.1: Configure and Manage Logical Load Balancing
Describe and understand when to use the two topologies for load balancing
Understand how to configure load balancing
Configure and understand service monitors
Understand how to Add/Edit/Delete a server pool
Understand how to Add/Edit/Delete an application profile
Understand how to Add/Edit/Delete virtual servers
Determine appropriate NSX Edge instance size based on load balancing requirements

Objective 6.2: Configure and Manage Logical Virtual Private Networks (VPN)
Understand how to configure IPSec VPN
Configure IPSec VPN parameters
Enable logging
Understand how to configure Layer 2 VPN
Add Layer 2 VPN Client/Server
View Layer 2 VPN Statistics
Configure Network Access/Web Access SSL VPN-Plus
Edit Client Configurations
Edit General Settings
Edit Web Portal Designs
Add/Edit/Delete IP Pools
Add/Edit/Delete Private Networks
Add/Edit/Delete Installation Packages
Add/Edit/Delete Users
Add/Edit/Delete Login/Logoff script
Determine appropriate VPN service type for a given NSX implementation

Objective 6.3: Configure and Manage DHCP/DNS/NAT
Understand proper use and addition of a DHCP IP Pool
Enable a DHCP IP pool
Describe use and proper implementation of DNS services
Describe when and how to configure Source NAT
Describe when and how to configure Destination NAT
Given a scenario, compare and contrast proper DHCP uses

Objective 6.4: Configure and Manage Edge Services High Availability
Given a scenario, compare and contrast proper HA uses
Describe service availability during an Edge High Availability failover
Differentiate NSX Edge High Availability and vSphere High Availability
Configure NSX Edge High Availability
Configure heartbeat settings
Configure management IP addresses
Modify and existing Edge High Availability deployment
Determine resource pool requirements for a given Edge High Availability configuration
Configure Equal-Cost Multi-Path Routing (ECMP)
Determine ECMP timers
Understand process flows
Combine ECMP with other stateful services

Objective 7.1: Configure and Administer Logical Firewall Services
Add/Edit/Delete an Edge Firewall rule
Configure Source/Destination/Service/Action rule components
Describe the differences between Edge Rule Types (Pre Rules/Internal/User Rules/Default Rules)
Change the order of an Edge User Firewall rule
Describe/Demonstrate how to configure an Edge Firewall Pre Rule
Describe the limitations of ECMP and Edge Firewall Policy

Objective 7.2: Configure Distributed Firewall Services
Describe VM IP Address learning for the purposes of DFW vCenter attribute learning
Differentiate between Layer 2 and Layer 3 rules
Differentiate between entity-based and identity-based rules
Identify firewall rule entities
Explain rule processing order
Explain rule segregation
Demonstrate steps to Add/Delete a Distributed Firewall rule
Demonstrate configuration of Source/Destination/Service/Action rule components
Change the order of a Distributed Firewall rule
Add/Merge/Delete a Distributed Firewall rule section
Determine publishing requirements for rules in a given NSX implementation
Demonstrate Import/Export Distributed Firewall Configuration
Load Distributed Firewall configuration
Determine need for excluding virtual machines from distributed firewall protection
Describe SpoofGuard Operation and Default Policy and Actions
Describe SpoofGuard IP Address Learning
Identify requirements for a Spoofguard Policy
Demonstrate how to Create and Edit a SpoofGuard Policy
IP Local Addresses
Approve IP addresses
Edit/Clear IP addresses

Objective 7.3: – Configure and Manage Service Composer
Identify assets that can be used with a Security Group
Describe and differentiate services contained in a Security Policy
Explain common Service Composer use cases
Describe third party integration and service redirection
Differentiate Security Groups and Security Policies
Demonstrate the ability to redirect specific flows (e.g. 80) to network introspection services
Differentiate between vCenter attribute based Firewall rules (including IP Sets) vs Active Directory identity-based rule
Create/Edit a Security Group in Service Composer
Create/Edit/Delete a Security Policy in Service Composer
Map a Security Policy to a Security Group
Add/Edit/Delete a Security Tag
Assign and view a Security Tag

Objective 8.1: Configure Roles, Permissions, and Scopes
Identify default roles
Explain Single Sign-On (SSO) integration
Configure SSO
Assign a role to a vCenter Server user or group
Describe the uses for the various NSX Security Roles
Describe how roles can be applied to a subset of the vCenter infrastructure for multi Tenancy purposes
Explain how to apply NSX Roles to an AD group
Assign objects to a user
Enable/Disable a user account
Edit/Delete a user account

Objective 8.2: Describe NSX Automation
Explain common use cases that require the NSX REST API
Describe how the NSX REST API works and how it is used with a support browser
Explain how NSX REST API Calls are sent to the NSX Manager
Describe and differentiate common NSX REST API verbs
Describe how to use NSX REST API calls to learn the network topology
Objective 8.3: Monitor a VMware NSX Implementation
Compare and contrast available monitoring methods (UI, CLI, API, etc.)
Monitor infrastructure components
Control Cluster Health
Manager Health
Hypervisor Health
Perform Inbound/Outbound activity monitoring
Enable data collection for single/multiple virtual machines
Perform virtual machine activity monitoring
Monitor activity between inventory containers (security groups, AD groups)
Analyze network and security metrics in vRealize Operations
Monitor logical networks and services
Identify available statistics/counters
Network/service health
Configure and collect data from network

Objective 8.4: Perform Auditing and Compliance
Given an auditing scenario, determine where applicable log information can be located
Describe and differentiate permissions for auditing
Describe and differentiate common data security regulations supported by NSX Data Security
Describe and differentiate information available in audit logs
Use flow monitoring to audit firewall rules
Audit deleted users
Audit infrastructure changes
View NSX Manager audit logs and change data
Configure NSX Data Security
Create a Data Security policy
Install Data Security
Run a Data Security scan
View and download compliance reports
Create a regular expression
Configure Guest Introspection (Install vShield Endpoint)

Objective 8.5: Administer Logging
Given a scenario, utilize information contained in technical support bundles/logs to assist in troubleshooting
Explain usage of CLI for logging
Configure Syslog(s)
Configure logging for Dynamic Routing information
Log Distributed Firewall rule processing information
Log Edge Firewall rule processing information
Log address translation information
Log VPN traffic
Configure basic/advanced Load Balancer logging
Log DHCP assignments
Log DNS resolutions
Log security policy session information
Download NSX Edge tech support logs
Generate NSX Manager tech support logs

Objective 8.6: Backup and Recover Configurations
Explain how to backup and recover various components
Schedule backups
Export/Restore vSphere Distributed Switch configuration
Import/Export Service Composer profiles
Perform NSX Manager backup and restore operations

Objective 9.1: Identify Tools Available for Troubleshooting
Capture and trace uplink, vmknic, and physical NIC packets
Audit NSX infrastructure changes
Output packet data for use by a protocol analyzer
Capture and analyze traffic flows
Mirror network traffic for analysis
Perform a network health check
Configure vSphere Distributed Switch alarms

Objective 9.2: Troubleshoot Common NSX Installation/Configuration Issues
Troubleshoot lookup service configuration
Troubleshoot vCenter Server link
Troubleshoot licensing issues
Troubleshoot permissions issues
Troubleshoot host preparation issues
Troubleshoot IP pool issues

Objective 9.3: Troubleshoot Common NSX Component Issues
Differentiate NSX Edge logging and troubleshooting commands
Verify NSX Controller cluster status and roles
Verify NSX Controller node connectivity
Check NSX Controller API service
Validate VXLAN and Logical Router mapping tables
List Logical Router instances and statistics
Verify Logical Router interface and route mapping tables
Verify active controller connections
View Bridge instances and learned MAC addresses
Display Logical Router instances
Verify NSX Manager services status
View Logical Interfaces and routing tables
Analyze NSX Edge statistics

Objective 9.4: Troubleshoot Common Connectivity Issues
Review netcpa logs for control plane connectivity issues
Verify VXLAN, VTEP, MAC, and ARP mapping tables
List VNI configuration
View VXLAN connection tables and statistics
Perform VTEP connectivity tests

Integrating Citrix XenDesktop 7.7 and System Center Operations Manager

With the latest release of XenDesktop, Citrix included an integration between Director and Operations Manager Management Group, which allows Operations Manager to send alerts to Director.

localized image

  • Citrix recommends that the Director administrator account is configured as a SCOM Operator role so that they can retrieve full alert information in Director. If this is not possible, a SCOM administrator account can be configured in the web.config file using the DirectorConfig tool, however it is not recommended. (web.config) file under director folder

image

The setup is straightforward, as long as you have 2012 R2 setup, if you want to connect against an 2008 R2 or that you do not have Windows Remote management enabled, you have to enable that. This can be done using CLI and running the command Enable-PSremoting.

When it comes to the integration, from CLI run the command (On the Director Server)

DirectorConfig.exe /Configscom

image

Then enter the name of the Opsmgr management server, authentication will happen using their Director Credentials. Also if we have delegated setup in our Director we also need to create a user role within Operaitons Manager, since the authentication against OpsMgr is using pass-trough (NOTE: We have specific access rules within Studio for SCOM)

image

After the connection is setup, alerts will start appearing in Director under the alerts pane, such as shown here –>

image

We can also do a drill-down of the alerts, from within the alerts pane.

image

We can also see all alters from the alters overview.

image

To bad that it so far is not integrated directly with the VDA servers….. Guessing that is coming in a upcoming release.

So regardless of alerts or management packs I can get them into Director. Only issue as of now is that we cannot close or resolve the alerts from Director. So we can think of Director as an aggregator of alerts, which allows helpdesk to more easily identify issues that occur on a Citrix enviroment.

Setting up XenDesktop 7.7 against Microsoft Azure

Starting of the new year with a long awaited feature on my part, setting up integration between XenDesktop and Microsoft Azure which is now a supported integration in 7.7 which was released now a week ago. This integration allow us to provision virtual machines directly from Studio. NOTE: Important to note however that XenDesktop as of now only supports V1 (Classic) virtual machines in Azure, so no Resource Groups yet, which might make it a bit confiusing for some but ill try to cover it as good as I can.

But a good thing with this is that we can either setup XenDesktop in a hybrid setting where we have the controller and studio running from our local infrastructure or that we are running everything in Azure which is also another setup.

Now after setting up XenDesktop 7.7 you have a new option when setting up a new connection now, you need to get publish information from Azure before continuing this wizard, that can be downloaded from https://manage.windowsazure.com/publishsettings

image

Important that when downloading a publish profile that the subcribtion contains a virtual network (Classic virtual networking) within the region we choose later in the wizard, or else you will not be able to continue the wizard.

This can be viewed/created from the new portal under the “classic” virtual network objects

image

Now after verifying the connection profile you will get an option of different regions available within the subscription.

image

After choosing a region the wizard will list out all available virtual networks within the region, and will by default choose a subnet which has valid IP-range setup.
NOTE: The other subnet is used for Site-to-site VPN and should not be chosed in the wizard.

image

This part just defines which virtual networks the provisioned machines are going to use. So after we are done with the wizard we can get started with the provisioning part. Now in order to use MCS to create a pool of virtual machines in Azure we need to create an master image first. This can be done by creating a virtual machine within Azure, installing the VDA, doing any optimization, installing applications and doing sysprep and shutting down the virtual machines. Then we need to run PowerShell to capture the image. The reason for this is that the portal does not support capturing images in a state called specialized.

NOTE: A simple way to upload the VDA agent to the master image virtual machine is by using for instance Veeam FASTSCP for Azure, which uses WinRM to communicate and be able to download and upload files to the virtual machine.

image

DONT INSTALL ANYTHING SQL related on the C: drive (Since it uses a read/write cache which might end up with a corrupt database, and don’t install anything on the D: drive since this is a temporary drive and will be purged during a restart.

A specialized VM Image is meant to be used as a “snapshot” to deploy a VM to a good known point in time, such as checkpointing a developer machine, before performing a task which may go wrong and render the virtual machine useless.  It is not meant to be a mechanism to clone multiple identical virtual machines in the same virtual network due to the Windows requirement of Sysprep for image replication.

image

ImageName = the image name after the convertion

Name = virtual machine name

ServiceName = Cloud service name

Also important that the vmimage HAS NOT other data disks attached to it as well. After the command is done you can view the image within the Azure Portal and you can see that is has the property specialized

image

Also with this you also now have a master image which you just need to allocate and start when the need for a new update to the master image is needed.

image

So now that the image is in place, we can start to create a machine catalog. When creating a catalog, Studio will try to get all specialized images from the region that we selected

image

Then we can define what kind of virtual machines that we can create.

image

NOTE: Citrix supports a max of 40 virtual machines as of now)

Basic: Has a limit of 300 IOPS pr disk

Standard: Has a limit of 500 IOPS pr disk, newer CPU.

We can also define multiple NIC to the virtual machines, if we have any and select what kind of virtual network it should be attached to. Note that the wizard also defines computer accouts in Active Directory like regular MCS setup, so in order to do that we need to have either a S2S VPN setup so the virtual machines can contact AD or that we have a full Azure setup( site to site setup here –> https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-site-to-site-create/)  After that we can finish the wizard and Studio will start to provision the virtual machines.

NOTE: This takes time!

image

Eventually when the image is finished creating the virtual machine you will be able to access the virtual machines from a IP from within the Azure region. Stay tuned for a blogpost, involving setting up Azure and Netscaler integration with 7.7

Citrix HDX Optimization pack 2.0

With the late release of XenDesktop 7.7, Citrix also released a new version of the HDX optmization pack for Skype/Lync. The earlier release 1.8 had some limitations which the 2.0 release managed to fix. This is the list of improvements.

  • Native Skype for Business 2015 UI – Provides the full Skype for Business UI experience and eliminates the limitations of a hybrid UI. Examples of features that were not supported in HDX RealTime Optimization Pack 1.8 but are now available through the native Skype for Business UI include:
    • Call Delegation – Enables setting up a Skype for Business meeting on behalf of someone else. For example, an administrative assistant setting up meetings for a manager.
    • Voicemail access, playback, and delete – Ability to access your voicemail, play it, and delete from Skype for Business.
    • Response groups – Enables the response group feature, which routes incoming calls to groups of people called response group agents. 
    • Team call groups – Set up a team of people who can answer your calls. You add and remove members and specify when they can answer calls for you. Members phones ring and once someone answers the call, the other phones stop ringing.
  • Authentication and SIP signaling  handled exclusively by the Skype for Business client – This release introduces architectural simplifications that improve robustness and user experience (for example, initialization time).
  • Web proxy support – Enables external access using a web proxy with limitations. For more information, see Limitations in 2.0.
  • Click-to-Run – Devices where Microsoft Office applications have been installed using Click-to-Run support HDX RealTime Optimization Pack. 
  • Pairing Status Indicator – Icon that displays these status states:
    • Connecting – MediaEngine.Net is trying to establish a RealTime Connector connection.
    • Connected – There is a RealTime Connector connection over a virtual channel and the version of remote RealTime Media Engine matches the version of mediaEngine.Net exactly.
    • Fallback – There is a RealTime Connector connection to a local RealTime Media Engine process.
    • Disconnected – A registry setting (policy) prevented MediaEngine.Net from running RealTime Media Engine locally.
    • Version mismatch – Same as Connected but the version match is not exact (different patch or build numbers)
  • Improved audio-video quality – Improvements to the RealTime Media Engine:
    • Improved resilience to packet loss 
    • improved echo cancelation
  • Skype server settings – HDX RealTime Optimization Pack obeys the Skype for Business Server settings that control whether or not the endpoint can do audio and/or video calling.
  • Active speaker identification – Displays a photo of the current speaker.
  • Call and video call buttons added to the contact card – Enables calls and video calls to be started with a click of a button in the contact card.
  • Automatically join meeting audio controls – You can use Settings to specify how you want to join a meeting:
    • Use Skype for Business (full audio and video experience)
    • Use a phone number
    • Don’t join audio

Now the biggest improvements are, click-to-run support which allows full integration with Office365 software. Remember that if using Office365 on an RDS enviroment you need shared computer support enabled. Another big thing is full Skype for Buisness UI support, in 1.8 you needed to convert the Lync UI.

Like before we need to install the Citrix Media Engine on the supported clients and the Realtime connector on the VDA which has Skype installed.

Now unlike previous versions, there is no longer any help icon within the Skype UI, this is now moved to the taskbar to its own config

 image

Connected to a Citrix XenDesktop 7.7 behind a Netscaler Gateway against Office365

Now if you for instance have some issues with the connector, there are some quick things to think about.

  • Save version of Realtime Connector?

image

  • Failback policy enabled? (NOTE: Using fallback means that it goes back to regular HDX Realtime processing, which does not give the same benefits and all processing is happening on the VDA agent. This can be disabled by registry on the VDA agent by using adding the following
  • Key: HKLMSoftwareCitrixHDXRTConnector or HKCUSoftwareCitrixHDXRTConnector

    Value: DWORD DisableFallback

  • Exception in the Firewall made?

Anyhow, with this release we can now support almost any client with full support against skype for buisness on-premises and in Office365

As we can see from a Skype Call, the mediaengine service acts like a Skype client and has a real-time connection to the “edge” server in this case its the Office365 edge server

image

image

Also noticed that there is now no longer need for ADFS since it automatically authenticated using the Skype for Buisness credentials, awesome!