Citrix Cloud Hybrid

Posted on |



  1. Citrix Hybrid Multi Cloud
  2. Citrix Xenapp On Azure
  3. What Is Hybrid Cloud Solution

Move Faster, Work Better, Lower IT Costs. A single place to simplify delivery of Citrix technologies. Provide secure access to apps, data and IT tools. Deploy on any cloud or infrastructure. Combining the power of the cloud with Microsoft Azure, Microsoft 365, and Citrix Workspace provides a platform for flexible work by giving employees unified access to all of the applications, content, and business services they need to be productive and secure wherever and whenever work needs to get done. Join host SeanDo as he gets the latest updates on Windows Virtual Desktops (WVD) from guest John Federico of Microsoft. Since its release WVD has tremendous. As with the ‘In cloud’ options above, similar topologies exist for customers that have a hybrid networking scenario. In the hybrid scenarios, there is some resource or application that must be accessed from a remote datacenter through a VPN, and Windows pass-through / Kerberos authentication is used by that resource or application.

Citrix Cloud services simplify the delivery and management of Citrix technologies, helping you to extend existing on-premises software deployments or move one hundred percent to the cloud. Create and deploy secure digital workspaces in hours, not weeks, while placing your sensitive app, desktop and data resources on any cloud or hybrid cloud.

Digital Transformation Can Be Daunting

We understand your desire to take advantage of the benefits of VDI. But we also know you just aren’t sure how to easily get there because we hear the same thing all the time. Should you channel your inner Jedi and try to forecast the number and size of virtual desktops to be supported and the resources needed for them over a multiyear period? But then your Jedi powers are no match against the upfront capital costs. And we haven’t even begun to talk about the deployment complexity of the complete solution stack. Determining the end user requirements along with the storage, network, compute and virtualization needs are just the beginning of that nightmare. Even after all this, there is still no guarantee of performance or exceptional user experience.

To combat these challenges, many organizations are turning to hybrid cloud virtual desktop (VDI) solutions. Hybrid cloud gives you the agility and simplicity of cloud services while keeping your VDI workloads safe in your own datacenter. It is the answer to all the typical VDI challenges – long drawn out project cycles, operational effort for the maintenance of the VDI software stack, setup of the actual infrastructure where user VMs are instantiated, addition of capacity as organizations expand and scale… the list goes on. This is exactly why Nutanix and Citrix have introduced Nutanix InstantON for Citrix Cloud.

It’s Time to Embrace Hybrid Cloud VDI with Nutanix InstantON for Citrix Cloud

Nutanix and Citrix have partnered to create a tightly integrated hybrid cloud solution that simplifies and accelerates VDI deployments for companies of any size. With Nutanix InstantON for Citrix Cloud, the entire Citrix software stack is delivered as a 1-click service from the Citrix Cloud, attaching with zero effort to the on-prem Nutanix clusters powered by Citrix XenServer or AHV, the Nutanix native hypervisor. This hybrid mode tackles all the drawbacks of an exclusively on-prem or an exclusively cloud-based desktop delivery mechanism.

For businesses that are new to VDI, Nutanix InstantON for Citrix Cloud offloads all the complexity associated with implementing a VDI solution while delivering exceptional performance and end-user experience. Nutanix InstantON for Citrix Cloud has all the essentials for hybrid cloud VDI and is generally available with our recent AOS 5.5 release. It includes:

  • Nutanix Enterprise Cloud Platform with three years of support
  • Choice of AHV and XenServer hypervisor
  • Nutanix Prism Management and Orchestration
  • Access to Citrix Cloud XenApp and XenDesktop Service subscription licensing

Nutanix InstantON for Citrix Cloud is powered by Nutanix hyperconverged software. It allows businesses to deploy the appropriate amount of storage, virtualization and networking resources that are only needed today and easily expand as requirements change, thereby eliminating complexity and upfront Capex. Nutanix Prism then orchestrates the deployment and the management of the complete Citrix software stack in a few simple clicks.

Additionally, both Nutanix AHV and Citrix XenServer are included, thus eliminating the expensive licensing fees and operational complexities associated with other hypervisors. This combined with low, monthly, subscription-based software licensing model enables businesses to grow their VDI footprint without upfront CapEx.

“This latest collaboration takes advantage of how Citrix Cloud XenApp and XenDesktop Service simplifies the delivery of virtual apps and desktops while Nutanix simplifies the infrastructure stack of storage, compute, and virtualization. As a hybrid cloud solution, our joint customers can deliver virtual apps and desktops to their on-premises datacenter with Nutanix InstantON for Citrix Cloud, combining the speed and management advantages of the XenApp and XenDesktop Service with the performance and scalability of Nutanix hyperconverged clusters. We’re giving customers the best of both worlds, simplicity and scalability.” said Sridhar Mullapudi, Vice President of Product Management at Citrix

Driving the Transition to a Software-defined Workplace with a Hybrid Cloud VDI solution

Nutanix InstantON for Citrix Cloud is a turnkey VDI solution that allows businesses to reap all the benefits of hosted desktop virtualization without the risk. With Citrix Cloud XenApp and XenDesktop service, businesses no longer have to manage the desktop images, applications and security. All the desktop management services are part of the subscription.

A simple Citrix Cloud Connector acts as a proxy and an agent for communication between Nutanix and Citrix Cloud services. The setup typically requires registration of the Cloud Connector and once that is complete, it will be displayed in the Citrix Cloud account as resource location. Nutanix Prism automates the installation and registration of Cloud Connector within the on-prem appliance accelerating the integration with the XenApp and XenDesktop service on the Citrix Cloud platform. This enables the deployment of the entire Citrix software stack in a few easy clicks.

Get, Set and Go with a Turnkey, “Citrix Cloud-Ready” Solution

Nutanix InstantON for Citrix Cloud is a one-stop complete VDI solution. It is possible to go from power-on to desktop deployment, in less than an hour without the need of specialized IT resources. With Nutanix and Citrix, businesses can finally tap into a solution that helps centralize apps and data, and delivers high-performing digital workspaces with improved security, productivity, and cost-efficiency.

And that’s not all…. Nutanix InstantON for Citrix Cloud is a fully validated and tested Citrix Ready solution thereby mitigating any risk and complexity. Realize the benefits of digital transformation with Nutanix and Citrix-led desktop and cloud technologies. After all, what’s not to like about simplified deployment, secure data management and lower operating costs? It’s time to stop deferring that VDI project and explore the best possible hybrid cloud VDI solution with Nutanix InstantON for Citrix Cloud!

Additional Resources

  • Hear what Citrix has to say about Nutanix InstantON for Citrix Cloud: https://www.citrix.com/blogs/2017/12/06/citrix-ready-workspace-appliance-now-available-with-nutanix-instanton-for-citrix-cloud/
  • For more information on Nutanix and Citrix partnership, visit: https://www.nutanix.com/citrix/
  • For more information about running Citrix on Nutanix AHV, download:https://www.nutanix.com/go/citrix-xendesktop-on-ahv.php
  • To learn more about Citrix Cloud services, visit:https://www.citrix.com/products/citrix-cloud/

Follow Nutanix on Facebook and Twitter.

Forward Looking Statements and General Disclaimer

This blog includes forward-looking statements, including but not limited to statements concerning our plans and expectations relating to product features and technology that are under development or in process and capabilities of such product features and technology, our plans to introduce product features in future releases, strategic partnerships that are in process, product performance, competitive position and potential market opportunities. These forward-looking statements are not historical facts, and instead are based on our current expectations, estimates, opinions and beliefs. The accuracy of such forward-looking statements depends upon future events, and involves risks, uncertainties and other factors beyond our control that may cause these statements to be inaccurate and cause our actual results, performance or achievements to differ materially and adversely from those anticipated or implied by such statements, including, among others: failure to develop, or unexpected difficulties or delays in developing, new product features or technology on a timely or cost-effective basis; delays in or lack of customer or market acceptance of our new product features or technology; failure to form, or delays in the formation of, new strategic partnerships and the possibility that we may not receive anticipated results from forming such strategic partnerships; the introduction, or acceleration of adoption of, competing solutions, including public cloud infrastructure; a shift in industry or competitive dynamics or customer demand; and other risks detailed in our Form 10-K for the fiscal year ended July 31, 2017, filed with the Securities and Exchange Commission. These forward-looking statements speak only as of the date of this presentation and, except as required by law, we assume no obligation to update forward-looking statements to reflect actual results or subsequent events or circumstances.

This blog contains links to external websites that are not part of Nutanix.com. Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site. Our decision to link to an external site should not be considered an endorsement of any content on such site.

© 2017 Nutanix, Inc. All rights reserved. Nutanix, the Enterprise Cloud Platform, and the Nutanix logo are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. All other brand names mentioned herein are for identification purposes only and may be the trademarks of their respective holder(s).

downloadWhy can't I download this file? 'GatewaySubnet' with an address range of 10.1.1.0/24

Create a Virtual Network Gateway

  1. Next we will create the Virtual Network Gateway. The virtual network gateway will be responsible for sending and receiving data. This is the bridge between Azure and the on premise RRAS server.

  2. Navigate to Virtual network gateways and click on Add. Name the gateway “S2SVPN-vNetGW“. For the virtual network select the existing one S2SVPN-vNet and select the gateway type as VPN, and leave VPN type to Route-based. For the public IP we will need to create one here. Click on choose a public IP address and click on Create New.

  3. After the Virtual network gateways is created note down the public IP address. This is required for configuring the RRAS server later. You can get this by going here, Virtual network gateways > S2SVPN-vNetGW > S2SVPN-vNetGW-IP > Settings.

This will take approximately 30 to 45 minutes to provision the public IP address.

Create a Local Network Gateway

  1. Now we need to create the local network gateway, this gateway will be configured with all of your on-premises network.

  2. Go to Local network gateways and click on +Add. Give it any name, “S2SVPN-LocalNWGW“ and enter the public IP of your RRAS server, in the address space enter an IP range for your on-premises network, and select your Resource Group.

Create the VPN connection

Now we need to create a connection in our local gateway. To do this navigate to the Settings > Connections and click on + Add. Name this “S2SVPN-vNetGW-Connection“.

The Connection type will default to Site-to-site (IPsec). Set the Virtual network gateway to “S2SVPN-vNetGW“. Set a Shared key (PSK) to be used and note it down somewhere it is required to configure the RRAS server.

The RRAS server configuration:

  1. Configure the Windows Server 2012 R2 with two different networks internal and External. Configure the public IP address on external adopter and internal adapter as shown in the figure.

  2. Install the RRAS Windows Role.

Configuring the VPN in RRAS server

  1. Right click on the Network Interface, and select New Demand-dial Interface.

  2. Give it any name and click Next

  3. Choose VPN and click Next

  4. Select IKEv2 Encryption here for the VPN Type and click Next

  5. Enter Azure public IP and click Next. If you don’t know your Azure Public IP, go to your Virtual LAN Gateway, and see within the Essentials properties.

  6. Enable Route IP packets on this interface and click Next.

  7. Enter any user name and rest blank and click Next

  8. Add the Static Route for your local network, 10.1.0.0/24, 255.255.255.0.

  9. Right-click on the interface just created, and go to the Security settings. Select the use preshared key for authentication option, and now enter that PSK we used in Azure portal and click OK.

  10. Now right click on the AzureARM-STSVPN connection and select connect. Then it will show as connected in RRAS as shown in the figure.

  11. In Azure portal you should also see the connection status as Connected and also you should see the data flowing in and out of your connection.

  12. Setup static route as shown in the following figure on RRAS server before it could communicate from on-premises to Azure.

Enable NAT on RRAS server

Without having NAT enabled none of the servers could reach the internet. The basic steps for enabling NAT on RRAS are as follows:

  1. Right-click NAT, and then click New Interface.
  2. Select the interface that connects to your private intranet, and then click OK.
  3. Select Private interface connected to private network, and then click OK.
  4. Right-click NAT, and then click New Interface again.
  5. Select the interface that connects to the public Internet, and then click OK.
  6. Select both Public interface connected to the Internet and Enable NAT on this interface, and then click OK.

Now spin up a new Azure VM on Azure Resource Manager and make sure you place it in the correct virtual network, then the VM should be able to communicate with your on-premises servers.

Step 2 – Create XenDesktop 7.11 Controller, VDA and StoreFont VMs in Azure

Provision 3 new VM instances in Azure Resource Manager for Controller, VDA and StoreFront server. Make sure to select the Virtual Network that is created in Step 1 when creating the VMs.

Follow these instructions to create virtual machines in Azure portal. https://azure.microsoft.com/en-gb/documentation/articles/virtual-machines-windows-tutorial/

Step 3 – Install XenDesktop 7.11

  • Login to the Controller VM and join to the on-premises domain.
  • Install the XenDesktop Controller and Studio.
  • Add the Controller to the existing site by pointing to the on –premises XenDesktop Controller.
Note: You will see an error when Delivery Controller in Azure connecting to an on premise primary XenDesktop site. This is because Microsoft Azure Virtual machine time is not syncing with the on premise Delivery Controller.
If you are using XenDesktop in a hybrid cloud scenario with an on premise domain infrastructure, you need to sync your Azure VMs with the on premise domain controller. This will require some manual configuration since Microsoft Azure resides in a different time zone than your local domain.

Citrix Hybrid Multi Cloud

Refer to the KB article XenDesktop Controller in Azure Fails to Connect to an On-Premises Site/ VDAs Fails to Register to know more about fix the time sync issue.

Hybrid cloud computing definition

Step 4 – Install VDA and create Master Image in Azure Resource Manager

  • Login to VDA machine (no need to domain join if you are provisioning using MCS).
  • Install the VDA software and point to the Controller in Azure as Delivery Controller.
  • Follow the steps as explained in Creating Machine Catalog using Machine Creation Services Article to create master image.

Step 5 – Create Azure ARM Host Connection

Citrix Xenapp On Azure

  • Navigate to Configuration > Hosting and click Add Connection and Resources from Actions.
  • Follow the steps as explained in Connecting to Azure Resource Manager in XenApp/XenDesktop to create Azure ARM host connection

You will notice there are two hosting connections present in the Studio as shown in the figure.

Step 6 – Configuring XenDesktop Zones

In XenApp 7.11 you can configure Zones, which will allow you to run applications and desktops closer to user locations within a single XenApp site

  1. Login to your on-premises XenDesktop Controller machine and open the Citrix Studio.

  2. Navigate to Configuration > Zones and you will see the Primary Zone and the resources that already have in the site and the new Controller that you just build in the Azure Zone.

  3. Rename the Primary Zone by clicking Edit button. Rename it to On-Premise Zone.

  4. Click Create Zone from the Actions menu.

  5. Enter the zone name and select the resources that you want to assign to the new zone.

  6. Now the Studio should display two Zones.

Step 7 – Machine Catalog creation

Follow the steps as described in Creating Machine Catalog using Machine Creation Services Article and create MCS catalogs using Azure ARM.

Step 8 – Delivery Group Creation

  1. Right click on the Delivery Group node and select Create Delivery Group
  2. Choose the Machine Catalog that just created and enter the desired number of VMs to allocate to this Delivery Group and click next.
  3. Select Apps and Desktops and click next.
  4. Add the users to access the apps and desktops and click next.
  5. Wait for VMs power on and registration process and select the applications you want to publish and click next.
  6. Enter a friendly name and display name for the delivery group and click Finish.

Step 9 – NetScaler and StoreFront configuration

NetScaler Configuration: Refer to the NetScaler VPX Deployment with XenDesktop and XenApp on Microsoft Azure to deploy and configure the NetScaler in Azure.

StoreFront Configuration

  1. Login to the StoreFront server in Azure and launch the StoreFront and click create a new deployment.

  2. Name the store and click next.

  3. Enter both delivery controller’s on-premises and Azure delivery controllers and click next.

  4. Check Enable Remote Access and click Add under NetScaler Gateway Appliances.

  5. Enter display name and NetScaler Gateway URL, Select Authentication and HDX routing from the drop down list and click next.

  6. Enter the STA URL and click next.

  7. Select Login type as Domain and enter the NetScaler gateway as callback URL and click Create.

  8. Repeat same step and add the on-premises NetScaler gateway. Both NetScaler gateways will appear in the list of appliances. Click create.

  9. Check user name and password and click Next.

  10. Click create and the store will be configured. The authentication, stores, Receiver for web and NetScaler Gateways should all be configured and visible from the StoreFront UI.

Optimal Gateway Routing configuration

Optimal gateway routing enables you to route HDX connections to different XenDesktop Zones via different NetScaler Gateways. This means all launches for resources in the Azure Zone will be performed through the Azure NetScaler gateway even if the request for the resource came from another gateway such as on-premises gateway.

What Is Hybrid Cloud Solution

  1. To configure optimal gateway routing, select the store and then select the Configure Store Settings actions in the right pane. Select Optimal HDX Routing and configure the gateways, Delivery controllers and Zones as shown in the figure.

  2. Install Citrix Receiver on your external machine and navigate to the NetScaler Gateway in Azure. Login as user which has apps in both on-premises and Azure zones.

  3. Two apps were created, Notepad and Command prompt. Notepad is running from the Azure zone and Command prompt from on-premises zone.

  4. Launch notepad, it should launch from Azure zone.

Launch Command prompt, it should launch from on-premises zone. Verify using ipconfig and the IP address should get from on-premises network.

Additional Resources