Tag Archives: Linux VDA

Linux VDA – Creating the MCS master target

Linux VDA – Creating the MCS master target

Prepare the master image VM

The official documentation lists the following steps to perform as part of preparing the VM to be a master image:

Install the EPEL repository

From the list of preparation steps the first one not already performed in the previous articles in this series is to enable the EPEL repository. To enable the EPEL repository perform the following steps:

  • Execute the following in a shell session:
yum install -y epel-release

Set up the runtime environment

The next step before running the deploymcs.sh script is to prepare the runtime environment. To prepare the runtime environment perform the following steps:

  • Edit the file /etc/xdl/mcs/mcs.conf
  • Change the line dns1= to your DNS server IP address. In the example below I am setting it to 192.168.1.100 which is my AD DNS server:
dns1="192.168.1.100"
  • Check the line AD_INTEGRATION= is set to winbind as used in the previous article to set up AD integration:
AD_INTEGRATION="winbind"
  • Save and exit the file

Execute deploymsc.sh

The next step is to run the /opt/Citrix/VDA/sbin/deploymcs.sh script to prepare the master image ready for creating additional VDAs using Machine Creation Services.

The script installs several packages as part of it’s execution and does not require any user input.

Shutdown and snapshot the VM

The last step in the process of creating the MCS master target is to shut down and snap shot the VM.

I named my snap shot Linux-VDA-MCS-Build-01 so that it can be easily identified in the next article.

Previous Page                                                                                                                                         Next Page

Linux VDA – VDA software installation and configuration

Linux VDA – VDA software installation and configuration

Linux VDA Dependencies

The first step in the installation and config for the Linux VDA software is to ensure that it’s dependencies are installed to the same or higher versions. The list of dependencies can be found in the Citrix documentation here.

To identify which packages require installing from the dependencies list for RHEL / CentOS 7 perform the following steps:

  • Check each package in turn using rpm -qa as shown below for the postgresql-server package:
rpm -qa postgresql-server
  • Any packages which do not return anything using rpm -qa are not installed and require installing.
  • The following list are the packages which were not installed as part of the test build
postgresql-server >= 9.2
postgresql-jdbc >= 9.2
ImageMagick >= 6.7.8.9
motif >= 2.3.4
foomatic-filters >= 4.0.9
gperftools-libs >= 2.4
  • To install the packages listed above using yum execute the following command:
sudo yum install -y postgresql-server postgresql-jdbc ImageMagick motif gperftools-libs

Configure Postgresql

The piece is to perform the basic configuration of Postgresql by performing the following:

  • Execute the following command to initialise postgresql:
service postgresql initdb
  • Configure the service to start automatically and then start it by executing the following:
chkconfig postgresql on
service postgresql start

Install Microsoft Dot Net

The next part of the process is to install Microsoft Dot Net on to the server by performing the following steps:

  • Add the Microsoft CentOS 7 yum repository by executing the following:
rpm -Uvh https://packages.microsoft.com/config/centos/7/packages-microsoft-prod.rpm
  • Install the Dot Net Core Runtime packaged by executing the following:
yum install dotnet-runtime-3.1

Full details of installing Dot Net on to CentOS 7 can be found at https://docs.microsoft.com/en-us/dotnet/core/install/linux-centos

Download and install the Linux VDA package

The first step in this article of the series is to download the Linux VDA package from Citrix.  To download the package follow the steps below:

  • Log on using your Citrix Account to https://www.citrix.com/account/
  • Once logged in click on the Downloads tab, enter Linux Virtual Delivery Agent 1912 in the Search Downloads box as shown below, and press enter:

citrix-downloads

  • From the search results click on the Linux Virtual Delivery Agent 1912 (RHEL 7.7 CentOS 7.7) link

Centos-VDA-1912-Download

  • On the Linux Virtual Delivery Agent 1912 download page expand the Linux Virtual Delivery Agent 1912 (RHEL 7.7 CentOS 7.7) option and click on Download File.

Centos-VDA-1912-Download-File

  • Once downloaded copy to the /tmp folder of your CentOS server
  • Logon to the CentOS server and open a terminal session as root
  • Install the VDA package using yum by executing the command below:
yum install -y /tmp/XenDesktopVDA-19.12.0.50-1.el7_x.x86_64.rpm

Configure the Linux VDA

For this article I performed a prompted configuration of the VDA software on the VM.  To perform a prompted configuration of the VDA software perform the following steps:

  • Logon to the CentOS server and open a terminal session as root
  • Run the prompted configuration by executing the command below:
./opt/Citrix/VDA/sbin/ctxsetup.sh
  • During the prompted install I answered the following to the prompts:
    • CTX_XDL_DOTNET_RUNTIME_PATH = Accepted the default /opt/dotnet
    • CTX_XDL_SUPPORT_DDC_AS_CNAME = Accepted the default 
    • CTX_XDL_DDC_LIST = Configured as lab-sifliky01.lab.lost-it.org
    • CTX_XDL_VDA_PORT = Accepted the default 80
    • CTX_XDL_REGISTER_SERVICE = Accepted the default Y
    • CTX_XDL_ADD_FIREWALL_RULES = Accepted the default Y
    • CTX_XDL_AD_INTEGRATION = Select 1 for Winbind
    • CTX_XDL_HDX_3D_PRO = Accept the default N
    • CTX_XDL_VDI_MODE = Accept the default N
    • CTX_XDL_SITE_NAME = Accept the default None
    • CTX_XDL_LDAP_LIST = Configured as lab-lokse.lab.lost-it.org:389
    • CTX_XDL_SEARCH_BASE = Accept the default None
    • CTX_XDL_FAS_LIST = Accept the default None
    • CTX_XDL_START_SERVICE = Accept the default Y

  • The final piece I performed was to reboot the VDA

Check the VDA Services a Running

The final part once the VDA has rebooted is to check that the VDA services are running.by performing the following:

  • Execute the following commands:
service ctxhdx status
service ctxvda status

Previous Page                                                                                                                                         Next Page

Linux VDA – Joining the server to Active Directory

Linux VDA – Joining the server to Active Directory

This article in the series will explain how to join the CentOS server to an Active Directory Domain using Samba and Winbind.  There are several other supported methods for joining the machine to an Active Directory Domain which are listed on the Citrix documentation page Install Linux Virtual Delivery Agent for RHEL/CentOS with instructions for each.

Install the required packages and configure Winbind daemon startup

The first step is to install the required packages for Samba and Winbind on to the server and then ensure that the winbind daemon is enabled to start at boot.

To install the required packages and enable the winbind daemon to start at boot perform the following steps in a terminal session as root:

  • Install the packages by executing the following command:
yum -y install samba-winbind samba-winbind-clients krb5-workstation authconfig oddjob-mkhomedir
  • Once installed configure the winbind daemon to start at boot by executing the following command:
chkconfig winbind on

Configure Winbind authentication

The next step is to configure authentication using kerberos with Winbind.

To configure authentication using kerberos with Winbind perform the following steps in a terminal session as root:

  • Execute the authconfig command below substituting domain with your NetBIOS Domain Name, REALM with your Kerberos realm name in UPPER CASE, and fqdn-of-domain-controller with the FQDN of your Domain Controller:
authconfig --disablecache --disablesssd --disablesssdauth --enablewinbind --enablewinbindauth --disablewinbindoffline --smbsecurity=ads --smbworkgroup=domain --smbrealm=REALM --krb5realm=REALM --krb5kdc=fqdn-of-domain-controller --winbindtemplateshell=/bin/bash --enablemkhomedir --updateall

Example: As an example my test Domain name is NWO.Local, it’s NetBIOS name is NWO, the Kerberos Realm is NWO.LOCAL, and  my Domain Controller is 2K12-Lokse.NWO.Local. Therefore I ran the command below to configure the authentication to my Domain:

authconfig --disablecache --disablesssd --disablesssdauth --enablewinbind --enablewinbindauth --disablewinbindoffline --smbsecurity=ads --smbworkgroup=NWO --smbrealm=NWO.LOCAL --krb5realm=NWO.LOCAL --krb5kdc=2K12-Lokse.NWO.Local --winbindtemplateshell=/bin/bash --enablemkhomedir --updateall

Note: Ignore any errors returned from the authconfig command about the winbind service failing to start. The errors can occur when authconfig tries to start the winbind service without the machine yet being joined to the domain.

  • Edit the /etc/samba/smb.conf file and add the two lines below the line #–authconfig–end-line– as shown below:
#--authconfig--end-line--
kerberos method = secrets and keytab
winbind refresh tickets = true
  • Save and exit the file.

Join the Domain

The next step is to join the computer to Active Directory and to perform this execute the steps below in a terminal session as root:

  • Execute the net ads join command below substituting REALM for your Kerberos Realm in UPPER CASE and user with an account with privileges to add the machine to Active Directory:
net ads join REALM -U user

Example: As an example my test Domain name Kerberos Realm is NWO.LOCAL and  I use the administrator account to add machines to the Domain. Therefore I ran the command below to join my Domain:

net ads join NWO.LOCAL -u administrator

Note: If successful the machine will be listed in the Computers OU of your Domain.

Configure PAM for Winbind

Once the machine has been successfully joined to the Domain the next step is to configure Kerberos for PAM to allow ticket caching and home directory creation.

To configure Kerberos for PAM perform the following steps in a terminal as the root user:

  • Edit the /etc/security/pam_winbind.conf file and add or change the following entries under the [Global] section:
krb5_auth = yes
krb5_ccache_type = FILE
mkhomedir = yes
  • Save and exit the file
  • Restart the Winbind daemon by executing the following:
service winbind restart
  • Edit the /etc/krb5.conf file change the following setting under the [libdefaults] section from KEYRING to FILE type:
default_ccache_name = FILE:/tmp/krb5cc_%{uid}
  • Save and exit the file

Previous Page                                                                                                                                         Next Page

Linux VDA – Post build tasks and Linux VDA 1912 preparation

Linux VDA – Post build tasks and Linux VDA 1912 preparation

Post install initial setup

Once the machine has finished installing and been rebooted it will load up the GNOME GUI and guide you through the initial setup where you have to accept the license agreement, select your language,

To perform this initial setup following installation perform the following steps:

  • In the INITIAL SETUP screen click on the LICENSE INFORMATION option
  • Click on the I accept the license agreement tickbox at the bottom of the screen
  • Click on Done to return to the INITIAL SETUP screen
  • Click on the FINISH CONFIGURATION button at the bottom right of the screen
  • GNOME will now load and present you with a Welcome screen where you can choose your language.  If not already selected, choose the language you require and then click on the blue Next button at the top right of the screen
  • Next if not already selected choose the keyboard layout you require and then click on the blue Next button at the top right of the screen
  • When prompted select the Time Zone you require and then click on the blue Next button at the top right of the screen
  • When prompted for Online Accounts click on Skip at the top right of the screen (For the purposes of this article, users will be from a company Active Directory)
  • At the About You screen configure a Full Name and a Username for a local account on the server  and then click on the blue Next button at the top right of the screen. (For the purposes of this article, this was set to localuser so that there is no confusion with Active Directory credentials later on)
  • When prompted set a password for the local account and then click on the blue Next button at the top right of the screen
  • Finally at the Ready to Go screen click on the blue Start using CentOS Linux button to complete the initial setup

Install Citrix XenTools

The next step in this set of instructions is to install the Citrix XenTools on to the machine as they are a prerequisite for deploying machines using Machine Creation Services (MCS) later on.

To install Citrix XenTools perform the following steps:

  • Attached the guest-tools.iso to the virtual machine
  • Mount the CD to the /mnt directory on the machine by executing the following:
mount /dev/cdrom /mnt
  • Change to the Linux tools directory by executing the following:
cd /mnt/Linux
  • Run the install.sh script by executing the following:
./install.sh
  • The script should detect that the machine is running CentOS as shown below and when prompted enter y to proceed:
Detected `CentOS Linux release 7.3.1611 (Core) ' (centos version 7).

The following changes will be made to this Virtual Machine:
 * update arp_notify sysctl.
 * packages to be installed/upgraded:
 - xe-guest-utilities-7.11.0-1.x86_64.rpm
 - xe-guest-utilities-xenstore-7.11.0-1.x86_64.rpm

Continue? [y/n]
  • The tools will now be installed and then return to the command prompt.
  • Unmount the CD by executing the following:
umount /mnt
  • Eject the CD from the virtual machine and then reboot the machine by executing reboot at the command prompt
  • Once the machine is rebooted confirm in XenCentre that the tools are installed by selecting the VM and clicking the General tab.  As can be seen in the screenshot below, the Virtualization state is shown as Optimized (version 8.0 installed) meaning that XenTools is installed correctly.

xentools-installed

You can also confirm that XenTools is installed correctly by going to the Performance tab of the VM.  If the Memory Performance graph is visible then the tools are installed correctly.

Update the installation

The next step is to update the machine using YUM (Yellowdog Updater, Modified) so that it is running the latest package versions.  For the purposes of this article the virtual machine has been granted access to the Internet to perform the updates but this may differ in your environment.  Configuring local repositories or setting proxy settings to allow updates is beyond the scope of this article.

To update the machine using YUM perform the following steps in a terminal session as the root account:

  • Initialize the update by executing the following:
yum update
  • When prompted enter to y to proceed with the download of the packages and their installation.

Note: This can take a long time to perform depending on the resources assigned to the virtual machine, network connectivity, as well as how far behind the ISO used to build the machine is

  • Once the process is completed you should see a list of installed, updated, and replaced packages followed by Complete!
  • Reboot the machine by executing reboot at the command prompt

Configure chrony

The next step is to ensure that the machine’s time is synchronised to avoid VDA registration errors later on.  For the purposes of this article the chrony will be configured to point at an Active Directory Domain Controller.

To configure chrony perform the following steps in a terminal session as the root account:

  • Edit the /etc/chrony.conf file and comment out the centos servers listed using a # (hash symbol) as shown below:
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
  • Add a line below these point to your Domain Controller in the format of server {your Domain Controller FQDN or IP} iburst
  • The example below is pointing chrony to the IP Address 10.100.100.100 for my Domain Controller
server 10.100.100.100 iburst
  • Save and exit the file
  • Restart the chronyd service by executing the following:
service chronyd restart

Disable libvirtd virtualization toolkit

During my initial testing I was unaware that the libvirtd toolkit is installed as default with CentOS 7 and only realised when my VDA registered in DNS with an IP Address of 192.168.122.1.

This caused the VDA to fail registration with the DDC so for this article I disabled the libvirtd toolkit completely on the VDA as well as because you would not want a VDA to be capable of hosting virtual machines. For a full explanation see the article from The Geek Diary CentOS / RHEL 6,7 : How to disable or delete virbr0 interface

To disable the libvirtd toolkit perform the following steps in a terminal session as the root account:

  • Disable and remove the libvirtd default network by executing the following commands:
# virsh net-destroy default
Network default destroyed

# virsh net-autostart default --disable
Network default unmarked as autostarted

# virsh net-undefine default
Network default has been undefined

chkconfig libvirtd off
Note: Forwarding request to 'systemctl disable libvirtd.service'.
Removed symlink /etc/systemd/system/multi-user.target.wants/libvirtd.service.
Removed symlink /etc/systemd/system/sockets.target.wants/virtlockd.socket.
Removed symlink /etc/systemd/system/sockets.target.wants/virtlogd.socket.

Disable graphical interface

The last step is to disable the graphical interface on the server so that when the server is booted it will come up to the normal non-gui logon page.

To disable the graphical interface perform the following steps in a terminal session as the root account:

  • Execute the following command to disable the graphical interface
systemctl set-default multi-user.target
  • Reboot the server

Previous Page                                                                                                                                         Next Page

Linux VDA – Building the base CentOS virtual machine

Linux VDA – Building the base CentOS virtual machine

Virtual Machine hardware

A new virtual machine named cntos-mcs-mstr was deployed on to the Citrix Hypervisor  using the CentOS 7 VM Template as shown below:

1-Linux-VDA-Build-VM-Template

The virtual machine created with 2 vCPUs, 4GB of RAM, 1 x 10GB Disk, and 1 x Network connection and booted from a CentOS 7 ISO (CentOS-7-x86_64-DVD-1611.iso).

The initial configuration steps were performed to configure the language, date and time settings, and keyboard layout as English (UK).

Software selection

Once the initial creation and configuration of the virtual machine has been performed the software selections were made by performing the following steps:

  • At the INSTALLATION SUMMARY click on the SOFTWARE SELECTION option
  • Select GNOME Desktop and then from the Add-Ons for Selected Environment section on the right select the following:
    • GNOME Applications
    • Internet Applications
    • Office Suite and Productivity

Software-Selection-Screen

  • Click on Done to return the INSTALLATION SUMMARY

Disk partitioning

The next step is to select how to partition the disk and for the purposes of this article Automatic partitioning was selected.

To partition the disk perform the following steps:

  • At the INSTALLATION SUMMARY click on the INSTALLATION DESTINATION option
  • You should see the Local Disk provisioned for the machine listed and under Other Storage Options the Automatically configure partitioning option should already by selected as shown below:

disk-partitioning-screen

  • Click on Done to return the INSTALLATION SUMMARY

Network configuration

The next step is to enable the Network and configure the host name for the machine and for the purposes of this article the Network card will be configured to use DHCP as MCS Clones rely on DHCP addressing being used.

To enable the Network and configure the host name perform the following steps:

  • At the INSTALLATION SUMMARY click on the NETWORK & HOST NAME option
  • Change the Host name at the bottom of the screen to the FQDN you will be using for the virtual machine and press Apply.
  • The Current host name shown in the bottom right should now change to the FQDN you have set.  In the example below the Host name for the machine has been changed to cntos-mcs-mstr.nwo.local:

hostname-settings

  • The Network Card Ethernet (eth0) will be listed in the screen and show as Disconnected on the right hand side.  To enable the network card Ethernet (eth0) click on the toggle selector in the top right of the screen so that it changes to ON.
  • Once connected the right hand side will show the IP Address, Subnet Mask, Default Route, and DNS settings set by DHCP as shown below:

network-and-hostname-screen

  • Click on Done to return the INSTALLATION SUMMARY

Performing the installation and setting the Root Password

The last step is to Begin the Installation and as part of the process set the password for the root account.

To begin the installation and set the root password perform the following steps:

  • At the INSTALLATION SUMMARY click on the BEGIN INSTALLATION button in the bottom right corner of the screen
  • When prompted for USER SETTINGS click on the ROOT PASSWORD option
  • Set your root password and confirm it and then click on Done to return to the installation screen.

At the bottom of the screen it will show the packages being installed and a progress bar for the installation.

Once the installation has completed click on the blue Reboot button at the bottom right of the screen.

Previous Page                                                                                                                                         Next Page

Linux VDA – Introduction and prerequisites

Linux VDA – Introduction and prerequisites

Introduction

Citrix Virtual Apps and Desktops are virtualization solutions that give IT control of virtual machines, applications, licensing, and security, while providing anywhere access for any device.

Following the retirement of deploying Citrix on to Sun Solaris servers, for many years Citrix concentrated on purely Microsoft Windows desktop and server OS platforms but in recent years has added the capability to deploy Linux based desktops.  Further enhancements have seen the capability to deploy Linux machines using both their Provisioning Services (PVS) and Machine Creation Services (MCS) provisioning methods added, allowing companies to deploy multiple cloned Linux machines from a single master image.

This following pages in the article explains how to build a CentOS 7 virtual machine and deploy it as a Multi-session OS published desktop through CVAD using Machine Creation Services (MCS).

Prerequisites

In order to build a CentOS 7 virtual machine for deployment as a Multi-session OS published desktop through CVAD using MCS the following prerequisites must be met:

  • A Citrix Virtual Apps And Desktops Site which supports deploying Linux VDAs
    • CVAD Version 1912 LTSR will be used for this article
  • An Active Directory Domain
  • A supported Hypervisor platform is used
    • Citrix Hypervisor 8.1 will be used for this article
  • A supported Linux distribution and version is used for the VM
    • CentOS 7.7 will be used for this article
  • A supported Xorg version is used
    • Xorg version 1.20 will be used for this article
  • Supported Active Directory integration packages will be used
    • Samba Winbind will be used for this article

For further information on the System requirements for deploying the Linux VDA go to the official Citrix documentation page Linux Virtual Delivery Agent – System requirements

Previous Page                                                                                                                                         Next Page

Deploying The Linux VDA 1912 On CentOS 7

Deploying The Linux VDA 1912 On CentOS 7