Lets refresh where we are! We are discussing about architecting a Citrix environment from Architects perspective. There are 2 parts to it:
Assessment is further divided into
· Security and personalization
· Operation and Support
· Conceptual Architecture
In this blog, we will discuss assessment of Infrastructure. Each topic will be covered in separate blog.
The existing infrastructure has a major impact on the final solution. Depending on the environment or organization, some functional areas can be altered, but other areas cannot. Architects must understand the limitations of the current environment so that they can plan accordingly.
Assessing the network architecture is an important piece of the infrastructure assessment.
Architects should ask the following questions:
- Can the organization's LAN support existing usage?
- Are there any WAN optimization upgrades planned in the near future?
- Who are the technical contacts for the network environment?
- Which network connection types exist?
- How many router hops exist between the user and the Web Interface?
- How much network traffic, including traffic from file, print, Web and XenApp servers, do the servers typically handle?
- Are there any network management tools in place? If so, which are they?
- Do firewalls exist between the development, test and production environments?
Answers to these questions help the architect gain an understanding of the network environment, which will help with creating the infrastructure design. Architects can also use metrics to gather network data.
Additional Network Architecture Topics
Additional topics related to network architecture that should be reviewed during the assessment include the following:
- WINS and DNS name resolution
- Switch port configuration (hard-coded or auto-negotiated?)
- Available bandwidth
- WAN circuits
- Quality of service
Network Architecture Risks and Recommendations
NIC teaming is not implemented for critical servers.
Implement NIC teaming to eliminate single points of failure.
NICs are not manually configured for speed.
Do not auto-configure NICs.
Quality of Service is not configured on ICA traffic.
Configure QoS if necessary, especially if mission-critical applications are running on ICA.
Windows Server and Active Directory
Windows Server and Active Directory are reviewed during most assessments in an enterprise environment. During this section of the assessment, an architect reviews the following items:
- Operating system configuration
- Which operating systems are used?
- Which service packs are installed?
- Active Directory structure
- How are desktops organized within Active Directory?
Some organizations may be using Novell Directory Services instead of Active Directory.
- How are servers organized with Active Directory?
- Group Policy Objects
- Which GPOs are set?
- Which policies exist?
- Are local security policies or AD-based GPOs used?
- Logon scripts
- Are scripts used?
- What drives the need to use logon scripts, if applicable?
- What are the logon settings?
- How is the pagefile configured?
- User profiles
- Which type of profiles are used?
- Where are the profiles stored?
- User file storage
- Where do users store their data?
- Are folders being redirected?
Active Directory (AD) and the structure of items such as organizational units (OUs) and groups are an essential part of personalization in a virtualization environment. Placing virtual desktops and servers into their own OU is a best practice. OUs facilitate easier deployment of Group Policy Objects (GPOs) throughout the domain. Architects should ask the following questions:
- What is the Active Directory functional level? (Example: 2003 or 2003/2008 mixed)
- What is the configuration of domain membership?
- What are the details for user group membership?
General Active Directory recommendations include the following:
- Create specific AD groups for each application, which makes Active Directory easier to manage.
- Nest local AD groups inside domain AD groups.
Storage has a direct impact on the speed and performance of the environment. Enterprise storage should be robust and easily accessible, in order to not impede users or the storing of data. Actual usage of storage space depends heavily on the usage patterns of the user and length of time that desktops are in use.
In most Citrix environments, enterprise storage is stored on SAN or NAS devices. During an assessment, an architect may use an automated tool to gather data about available storage, followed by a conversation with the Storage Administrator for the organization. The architect typically assesses the storage solution, storage types utilized by an organization, application and database usage and any details about storage related to desktop delivery.
In review meetings, storage assessment leads into a conversation about networking. Questions to ask about storage during the infrastructure assessment include the following:
- Are there any policies around the allocation of SAN resources?
- How is storage configured on the SAN, if applicable? Which type of hardware is being used?
- Who is responsible for modifying the LUN and SAN switching configurations?
- Is your SQL cluster on shared storage?
Databases should be on shared storage, as a best practice.
- If a file server is used, is it clustered? Clustering file servers is a best practice.
- If a SAN is implemented, which type of SAN?
Storage Recommendations and Considerations
The following recommendations and considerations are also important for assessing enterprise storage:
- If XenDesktop and Provisioning Services will be configured, a NAS Gateway or a third-party program is required to control the reads and writes to the LUN on the SAN. Provisioning Services requires file-based storage in this situation.
- Ensure that the HA configuration on Provisioning Services is set to active/active. The SAN can become corrupted if not configured correctly.
From the Architect
Storage and storage requirements should be allocated to the storage team. It is very important to remember that, for virtualization projects, legacy sizing and storage often no longer meet the requirements of a virtualization environment. Because sizing and storage will likely be revamped during the design, focusing on storage considerations early on saves time later
Users access backend data for many applications. Assessing the databases and other resources provided for user access is an important part of the assessment. Because some users may not understand the interaction between the program on the desktop and the backend data, users may perceive issues in one area that are caused in another area.
As an example, if a user accesses e-mail and perceives it as slow, the issue might be related to the backend mail system, the network or the desktop. From the user's perspective, the source of the issue is unknown. When that user reports the issue to the help desk, it is unlikely that the backend data source will be identified as the problem.
Questions architects typically ask when assessing backend data include:
- Where is the data store located?
It is a common best practice to ensure that databases are logically near to the Citrix infrastructure and applications.
- Where are the application servers located?