Tag Archives: Coronavirus (COVID-19)

Get Smart with Citrix AutoScale & Power Capacity Management during COVID-19

I’ve noticed a number of folks asking what do as my existing Citrix AutoScale + Power and Capacity Management policies aren’t powering on my public cloud workloads any more, especially when they need it most!? What is happening? Firstly “this is not a Citrix issue” it’s a public cloud capacity issue in all the major players by selective “POPULAR” instance types for commonly used workloads like delivering virtual apps & desktops and its affecting by indvidiual regions e.g UK and not the whole public cloud providers capacity world wide to be clear and transparent.

If you make use of Citrix AutoScale and Power Capacity Management for mission critical CVAD workloads for better P&L management vs. capacity peaks then please DISABLE IT for those Delivery Groups (DG) within the CVAD Service temporarily to maintain business operations and internal SLA’s for service delivery of CVAD workloads to employees WFH during CVOD-19. Disabling AutoScale is strategically very important during these current times, it enforces that identified mission critical workloads by Delivery Group are always on-demand 24/7 to meet operational business demands. Its important to highlight this applies to any vendors and even in-house vs. community built power and capacity management tooling platforms should also be DISABLED for all business mission critical workloads so that daily business operations are not impacted.

Why do organisations use Citrix AutoScale and Power Capacity Management?
Its for a couple of scenarios, usecases which I will collectively sum up as follows below:

1. Save money not running VM instances in public clouds 24/7 when they aren’t required, therefore saving you a substantial amount of money when looking to better manage your P&L.
2. Your employees typically work 21 business days within a month (30 days) the rest is made up of time off e.g weekends, so why keep all that capacity powered on and consuming more money unnecessarily including carbon emissions. On that note how many of you leave your data centres fully powered on or even home labs when you they aren’t required? Our world needs us to make smarter and better decisions to lets act and save our world for our future unborn grand children.
3. Support spikes/peaks in virtual app & desktop consumption with a capacity buffer.

You can learn more about Citrix AutoScale at – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/manage-deployment/autoscale.html#three-types-of-autoscale-user-interfaces included the supported CVAD use cases “Autoscale user interface for Multi-User OS e.g CVA Delivery Groups“, “Single-User OS e.g CVD pooled vs. static VDI Delivery Groups“. 31/03/2020 I noticed that Citrix TechZone published a technical document on the same date as this article and I think you’ll find if very useful and insightful as its very technical eDocument – https://docs.citrix.com/en-us/tech-zone/learn/tech-briefs/autoscale.html.

Why your should DISABLE it!
COVID-19 is a world wide pandemic and hopefully a once in life time vs. century event. The number of employees now Working from Home (WFH) world wide is incredible, it’s placed a macro burden on many consumer services where some are in a degraded state or have intentionally degraded themselves to free up more bandwidth capacity over the internet in Europe for example Netflix – https://www.bbc.co.uk/news/technology-51968302. Its equally true for IT business services e.g virtual meetings and of course public cloud providers whom have run out of capacity for popular VM instance types in Europe, and this is why you want to disable AutoScale so that your mission critical workloads are not stopped + deallocated and then returned the public cloud provider pool where they will be consumed by someone else and keep up 24/7, other organisation’s may have paid upfront to reverse a number of instance types for a period of 30/60/90 days and this is achieved by holding back any/all returned capacity and finally likely redistributed to critical government agencies and department for example in the UK the National Health Service (NHS) to keep health workers productive managing COVID-19 and supporting patients.

Act & Think of Others
Please be responsible and make sustainable choices and only keep mission critical workloads on-demand 24/7 that are essential to daily business operations. Finally a personal ask if you are an IT Professional who’s home lab partially runs in a public cloud as its extended from on-premises please be respectful, mindful and aware that if your region is experiencing capacity issues PLEASE turn off and deallocate those VM instances types so that capacity can be returned to the public cloud pool during working days of the week to support businesses whom need it vs. government agencies and or health departments supporting people in-need of help and support medical and or otherwise.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Optimising & Maximising Citrix ADC + Virtual Apps & Desktops during Extended Business Continuity Situations *** Draft

This is a LiVE evergreen post that contains spelling and grammar mistake’s at the moment BUT I wanted to get this out today 28/02/2020 as its important to be prepared.

The post is based upon my experience in but more so outside of Citrix during my time at a Managed Service Provider (MSP) in the City of London so the thinking is in-line with working with a world class engineering team helping my customers then maintain and manage hyper-scale web applications (web app) that processed substantial £’s transaction per second in revenue however that is just one part of a multi-tiered web app in this case the transactions of payments through a payment gateway is one part of many complex parts however in order to maintain that payment hyper-scale you need to keep your website (front door) e.g www.company.name running consistently and reliability fast with little to no difference in page loading times and no degraded interactivity with with dynamic + interactive content otherwise people will lose focus and navigate away from your website and this ultimately equates to reduced £’s transactions been completed incurring lost revenue as a net result.

The world this and last year is facing a WHO outbreak – https://www.who.int/emergencies/diseases/novel-coronavirus-2019 which appears to have forced numerous organisations to review current business continuity (BP) plans and higher degree more than I expected myself, found marco red readiness flags that need to be addressed immediately to be ready if there BP plans are triggered by executive leaders, which I for one am hopeful does NOT HAPPEN in the UK being a life long Londoner! Truth be told a number of customers appear conflicted on how-to manage Citrix workloads that they simply didn’t prepare for beyond 1-3 snow day(s) and the same applies to customers that use Citrix for remote working outside of the office that don’t have a flexible working style framework in-place yet or due to regulator governance & compliance prohibits this capability by industry and finally a few customers have found hidden micro flaws that where dismissed but now pose a very real threat on the horizon that is fast approaching to operationally keep business’s online and moving forwards that security + networking teams are breaking down silo’s and working closer than ever with IT systems teams to be ready to keep employees safe and productive at home irrespective of a Citrix lens or not. If I was a Citrix customer these topics below for me would be top of mind for me to operationally keeping my business online with a continued or near to level of experience and service delivery when my BP plans are triggered by executives. These are in no particular order just as they came to me in a conversation replying to fellow Citrite aka Citrix Employee and numerous customer conversations the past 2-3 weeks more so this week ending 28/02/2020.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

1.If you are deploying Citrix Virtual Apps & Desktops (CVAD) inclusive of the service from Citrix Cloud and you make use of on-premises Citrix ADC’s using the Gateway function then you should download, setup and configure Citrix Application Delivery Management (ADM)https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/overview.html or service – https://docs.citrix.com/en-us/citrix-application-delivery-management-service.html in Citrix Cloud. The key function that you want to consume is HDX Insighthttps://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/analytics/hdx-insight.html#identifying-the-root-cause-of-slow-performance-issues which is feature/function of Citrix ADM which will help you better understand end-to-end visibility for HDX traffic or in simpler terms begin running simple load tests by employee personas. Please be 100% sure to read the licensing feature matrix to understand what you get with Citrix ADC Advanced vs. Premium licensing – https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/licensing.html and finally you can download it today at – with a valid Citrix.com MyAccount and get started by reading the system requirements at – https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/system-requirements.html and the getting started guide at – https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/get-started.html. If you want to learn more about ADM beyond HDX Insight watch the embedded YouTube video below by the Citrix Network Masterclass Team.

2. Consider what have you configured within the HDX policy and what can you change? Are any of them even relevant for todays 2020 current site deployment? I have seen “screenshots” of customers master HDX policy configurations that well need to be overhauled by a Citrix SysAdmin, Citrix Partner of our own Citrix Consulting Services (CCS). Evaluating them at least twice a year if you are on a CR -2 stream or CVAD Service is a good leading practise in my view and if your on a LTSR at least annually as making a micro change can make a macro effect and ultimately will determine bandwidth through-put and processing load on Citrix ADC (Universal Gateway function) resulting is continued performance during macro peaks of sustained periods of macro Citrix usage beyond the average daily vs. weekly usage.

3. Do you have more than one HDX policy for different personas? I would at the very least have an internal (office based) vs. external (field people) HDX policy in-place, but experience tells me you need an HDX policy by persona exception and requirement classed as HD experiences been low, medium and high. For example a call centre worker doesn’t need more than 8-16Bit colour depth for looking up and inserting text into a Line of Business (LOB) app when answering and dealing with customer support calls nor do they need H.264 or EDT for watching HD videos right? A office worker living in Word documents and the companies CRM also doesn’t need H.264 or EDT they could configured with HDX Adaptive Display v2 with a colour depth of 24Bit and a lower Frames Per Second (FPS) target of 23 from the default of 30. You getting the picture yet? Having at least 3 HDX policies for low, medium and high expectations of HD experiences means that you can modify one or more to maintain the bulk of employees in medium or allow continued HD experiences at the highest level for these employees whose work results in completion of projects that affects revenue.

4. Always have a general purpose low-bandwidth and emergency HDX policies configured and in place for BP that has been tested and validated by multiple parts of the business through active role-play simulation. An example of low-bandwidth HDX policy could be constructed as follows which I wrote about in 2017 at – https://www.mycugc.org/blogs/cugc-blogs/2017/09/15/hdx-leading-best-practices-for-your-modern-secure entitled “HDX Adaptive Display v2 (Balanced)” the core principles remain largely unchanged for me, it consists of the following HDX policy configuration settings:

1.”Use video codec for compression” then select  “For actively changing regions
2. “Preferred color depth for simple graphics” then select “16 bits per pixel” and also try 24.
3. Select “Frames Per Second” and select the target FPS to circa 25 from the default which is 30.

An example of an emergency HDX policy configuration entitled “Thinwire Compatible Mode (Balanced)” could consist of the following HDX policy configuration settings:

1.”Use video codec for compression” then select the option to be “Do not use video codec
2. “Preferred color depth for simple graphics” then select “8 bits per pixel” and also try 16 or 24.
3. Select “Frames Per Second” and select the target FPS to circa 25 from the default which is 30.

The idea I am aiming to instil here create at the very least a HDX policy configuration for business continuity purposes, its critical now more than ever as numerous LOB apps consume services on-premises and in public clouds consume a rather larger volume of bandwidth and when BP is triggered if you take a Citrix lens out of the equation can you actually support all those modern apps and (hybrid) cloud based services where apps + content reside? Finally HDX Policy readiness means that you could get that extra 1x employee per multi-user OS x how many VMs in your estate?

5. When evaluating HDX policies be mindful of what your offloading to an endpoint and the offload path from the VDA to the endpoint through the Citrix ADC as that will mean more bandwidth + load on the Citrix ADC with the exception of HDX Offloading of UC platforms like Zoom provides VDI optimisation check out – https://support.zoom.us/hc/en-us/articles/360031441671 for more information and obviously Skype for Business, Teams when utilising the HDX Optimisation Pack – https://docs.citrix.com/en-us/hdx-optimization and provided that the solution doesn’t reverted to fallback mode due to a mismatch between the CWa client, HDX optimisation pack, VDA and Skype for Business or Teams package. Finally another consideration is Browser Content Redirection (BCR) be minded of what is configured and the traffic path and fallback – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/multimedia/browser-content-redirection.html.

6. Something to consider BUT I have not tested this theory but expect an abnormal potential spike on the Citrix ADC and StoreFront (if on-premises) if a high volume of employees access LOB apps using the HTML5 Receiver as it affective downloads the app into the employees HTML5 enabled browser to then launch CVAD resources. I look at this purely from concept of a web server (StoreFront) is holding a file I need to download while its lite weight its extra overhead vs. a device with Citrix Receiver or CWa already installed that is also plumbed through the Citrix ADC.

7. Review your on-premises StoreFront landing and logged in pages and consider if BP where triggered and you received a high volume of login requests could your StoreFront cluster support the load? What if you implemented low bandwidth imagery reducing the colour depth and pixels by a factor of 50% for your logos, background image? How does that affect your loading time? Consider also placing the images on an alternative web server so that all StoreFront is processing is core app and style sheets it doesn’t seem obvious but at hyper scale this makes a huge difference for example on a Twitter handle in a browser and view the source you’ll notice that the core web app itself comes primarily from *.twitter.com but all the content (images, videos) will come from different image or content farms this ensures that the web app in this case on *.twiiter.com can rapidly process and outcome Tweets in your timeline and images render later especially in bandwidth constrained locations or where there is macro spectrum interference resulting in poor interactivity and loading times. Finally even if you reduce the imagery size and the load is still high its often better past experiences to scale up existing StoreFront servers in a cluster than scaling out by adding a net new StoreFront server into the cluster.

8. I reached out to a pool of Citrix Technology Advocates or CTA’s* to provide input into this blog and Bas Stapelbroek follow him at – https://twitter.com/hapster84/ initially suggested at a glance converting existing physical PC’s into remote enabled Citrix Virtual Desktops thus allowing employees to work from home quickly as all you need to do is deploy the Desktop VDA and configure the machine for RemotePC access. To learn more about this feature and to setup and configure it for on-premises CVAD fabric checkout – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/install-configure/remote-pc-access.html and CVAD Service customers – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/install-configure.html#install-vdas, however be sure that you are correctly licensed for this feature by referring to the CVAD feature matrix at – https://www.citrix.com/products/citrix-virtual-apps-and-desktops/feature-matrix.html.

9. If you have spare capacity on your Citrix ADC (NetScaler) appliances and you need to connect external devices to your network fabric safe and securely beyond CVAD you can also deploy a VPN on the same appliance with pre-authentication scanning policies to checks a devices eligibility requirements from supported endpoints running Windows and Mac using the Citrix ADC’s EndPoint Analysis (EPA) scanning feature. The EPA agent is installed onto the devices endpoint (prompted at the login URL or you can push it from however your manage your Windows and Mac fleet) and runs a scan of the endpoint based upon the policies you assign to check the devices eligibility readiness prior to allowing them access to your network fabric. I wrote blog post at http://axendatacentre.com/blog/2016/11/14/setup-pre-authentication-endpoint-analysis-epa-policy-with-an-azure-netscaler-unified-gateway-11-x-n/  on how-to set this up and enable a few basic checks for EndPoint Analysis (EPA) scanning. For official documentation onto to configure EPA scans check out – https://docs.citrix.com/en-us/citrix-gateway/13/vpn-user-config/endpoint-policies/ng-endpoint-preauthentication-config-tsk.html and on the 13.x.n firmware you can setup EPA a scans for Ubuntu but the scans are limited see – https://docs.citrix.com/en-us/citrix-gateway/13/vpn-user-config/epa-scans-for-ubuntu.html for more information.

10. CVAD supports multi-type licensing within a single CVAD Site. These allows you to consume different licensing models e.g per user/device vs. concurrent within the same CVAD Site provided the assigned licensing edition is of the same product or on-premsies subscription type e.g Advanced edition which is configured for the whole CVAD Site. You cannot mix and match different product or on-premsies subscription editions e.g Advanced concurrent vs. Premium concurrent. The following Citrix eDocs articles – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/manage-deployment/licensing/multi-type-licensing.html provides a visual diagram demonstrating what is vs. isn’t possible.

In closing this post is about helping you achieve Business Continuity (BP) GREEN readiness flags by been smarter through optimising your current Citrix fabric to support abnormal peaks/spikes on the horizon coming ahead to sustain more load than expected for longer periods of time. You need to recognise that optimisation can only go so far when supporting extended BP plans.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

* CTA’s – https://www.citrix.com/en-gb/community/cta/awardees.html