Prepare Windows Server VM templates for deploying blueprints

Contents

Overview

When deploying a blueprint, Citrix Smart Tools uses a VM template to provision the machines required for the deployment. This VM template must have the appropriate system configuration, required network settings, and installed software to run the applications the blueprint deploys on a given resource location. 

For most deployments using Citrix-provided blueprints, Citrix recommends using Windows Server 2012 R2 as the operating system for the base image you prepare. This topic describes how to prepare a Windows Server 2012 R2 image and convert it to a VM template that you can use when deploying a blueprint on resource locations that Smart Tools supports.

System requirements for the machine image

When deployed, the blueprints that come with Smart Tools provision a set of machines for running a specific Citrix product deployment, such as Citrix XenDesktop. To ensure the provisioned machines can run the software that these blueprints install, the Windows Server VM image you prepare as a template should meet the following requirements.

  • Operating system: Windows Server 2012 R2
  • Disk: Disk requirements for provisioned machines will vary with the blueprint you want to deploy. In general, however, a disk size of 100 GB will accommodate most deployments created from Citrix-provided blueprints. 

Other requirements such as network and firewall settings are included in the section for each platform.

System preparation (Sysprep) requirements

The machine image that you prepare as a template for XenServer, Hyper-V, and CloudPlatform resource locations will need to be sysprepped before it can be used with Smart Tools to provision machines. Refer to the appropriate platform section in this topic for instructions.

Download the unattend.xml sample file

Before you can sysprep the VM, you will need to create an answer file called unattend.xml that configures Windows Server so that no user interaction is needed. You can download and use the unattend.xml sample file in this section to sysprep your VM or as a reference for creating your own answer file.  

Download the unattend.xml sample file (ZIP)

Important: If you want to use the unattend.xml sample file to sysprep your VM, you must first update the locale, timezone, and administrator password parameters in the file. Additionally, if you are not using Microsoft Enterprise Licensing, replace the value in the ProductKey parameter with a valid license key for your organization. 

Back to top 

Citrix XenServer

Step 1: Create the virtual machine

Using the XenCenter management console, create a virtual machine running Windows Server 2012 R2 and sufficient memory, disk space, and vCPUs to support the blueprint you intend to deploy. For example, to deploy the XenApp and XenDesktop Proof of Concept blueprint, your VM might include 4 GB RAM, 64 GB disk space, and 4 vCPUs. 

Step 2: Install software

  1. Install XenServer Tools.
  2. Install all critical and important Windows Server patches and hotfixes using Windows Update.

Important: Do not install the Citrix Smart Tools Agent on the VM image.

Step 3: Configure network and firewall settings 

  1. Verify TCP port 443 (HTTPS) is open to outbound communication. This setting is required for the Smart Tools Agent to communicate with Smart Tools. To verify this port is open, open a web browser and enter https://www.citrix.com:443 in the address bar. If the port is open, the Citrix web site displays in the browser.
  2. Verify the local Administrator account password does not require changing at logon.This ensures no user interaction is required on provisioned machines, allowing any automated processes that are included in the blueprint to run. To verify:
    1. Click Tools > Computer Management. > Local Users and Groups > Users
    2. Right-click Administrator and then select Properties.
    3. On the General tab, verify the User must change password at next logon check box is cleared.
  3. Verify that dynamic IP and DNS addressing is enabled: 
    1. Click Start > Control Panel > Network and Internet > Network and Sharing Center.
    2. From the left pane, click Change adapter settings, right-click the network adapter and select Properties.
    3. Select Internet Protocol Version 4 (IPv4) and then click Properties.
    4. On the General tab, verify the Obtain an IP address automatically and Obtain DNS server address automatically settings are selected.

      Note: If the machine image includes multiple network adapters, verify these settings for each one. Additionally, ensure that you have a DHCP server in your network environment with IP addresses available to lease. 
  4. If you are using a Windows machine as a connector, ensure that Windows Management Instrumentation (WMI) and inbound connections on TCP port 135 (DCOM port) are enabled on your Windows VM template. This enables Smart Tools to install the Smart Tools Agent on the machines that are provisioned from the VM template.To enable WMI traffic through Windows Firewall:
    1. Select Start > Control Panel > System and Security > Windows Firewall
    2. Click Advanced settings. The Windows Firewall with Advanced Security console appears.
    3. In the left pane, click Inbound Rules.
    4. Select the following rules, right-click, and select Enable Rule:
      • Windows Management Instrumentation (Async-In)
      • Windows Management Instrumentation (DCOM-In)
      • Windows Management Instrumentation (WMI-In)
      wmi.png
  5. If you are using a Linux machine as a connector, ensure that Remote Desktop Services and inbound connections on TCP port 3389 are enabled on your Windows VM template. 

Step 4: Sysprep the virtual machine

Use an answer file with the Sysprep tool to configure Windows for unattended setup and generalize the machine in one operation. For a sample answer file, you can use the unattend.xml file from the System preparation (Sysprep) requirements section at the top of this topic. 

Important: If you use the sample unattend.xml file to sysprep your image, ensure that you update the locale, timezone, and administrator password parameters in the file.

  1. Launch the command prompt and run the following commands:
    cd %windir%\system32\sysprep
    Sysprep /generalize /oobe /shutdown /unattend:c:\location-of-unattend.xml
    This command generalizes installation elements, applies the customization settings specified in the unattend.xml file, and shuts down the server after the Sysprep process is complete. 

  2. After the machine shuts down, proceed to "Step 5: Create the VM template."

Step 5: Create the VM template

  1. Using the XenCenter management console, convert the sysprepped VM to a template.
  2. Using the prepared VM template, create a VM.
  3. Verify that Windows Server starts correctly and does not display any prompts for user interaction.

Back to top

Citrix CloudPlatform

Prerequisites

Ensure you have created the appropriate compute, disk, and network offerings for the blueprint you intend to deploy. You will specify these offerings when you create a VM instance using the CloudPlatform management console. For more information about creating compute, disk, and other system offerings, see the CloudPlatform Administrator's Guide on the Citrix Product Documentation web site. 

Step 1: Make the image file available for import

If your CloudPlatform environment does not have a Windows Server 2012 R2 ISO file available to create an image template, use this procedure to add the file and enable CloudPlatform to access it when creating the template. If you already have a Windows Server 2012 R2 ISO file imported to your CloudPlatform environment, proceed to "Step 3: Create a VM instance."

  1. Place the Windows Server 2012 R2 ISO file on a web server in your network environment. 
  2. If you are using Internet Information Server (IIS) for the web server, create the following MIME types:

    Extension

    MIME Type Value

    .iso none/none
    .vhd none/none
  3. From the CloudPlatform management console, in Global Settings, configure the secstorage.allowed.internal.sites setting with the IP address of the web server where the ISO file resides.
  4. Restart the CloudPlatform management server using the command service cloudstack-management restart.

Step 2: Import the image file 

Use this procedure to import a Windows Server 2012 R2 ISO file from the web server where it resides to your CloudPlatform management server. If you have already imported a Windows Server 2012 R2 ISO file to your CloudPlatform environment, proceed to "Step 3: Create a VM instance."

  1. From the CloudPlatform management console, click Templates > Register Template.
  2. Enter the following information and then click OK
    • Name: Enter a friendly name for the template.
    • URL: Enter the location of the ISO file on the web server. Example: http://Server-IP-Address/Windows-filename.iso
    • Public: Select this checkbox to make the file accessible to the all CloudPlatform users.
    • Featured: Select this checkbox to make the file appear on the Featured list. This can make the image file easier to locate when you create a VM instance.

CloudPlatform imports the image file from the web server and displays "Download Complete" when finished.

Step 3: Create a VM instance

  1. From the CloudPlatform management console, click Instances and then click Add Instance.
  2. In Setup, under Select ISO or template, select ISO. Click Next.
  3. In Select a template, select the ISO file you imported in Step 2: Import the image file. Click Next.
  4. In Compute offering, select a configuration appropriate for the blueprint you want to deploy with the template. Click Next.
  5. In Disk Offering, select a volume configuration appropriate for the blueprint you want to deploy with the template. Click Next.
  6. In Affinity, do not select any affinity groups. Click Next.
  7. In Network, select the appropriate network configuration for the blueprint you want to deploy with the template. Click Next.
  8. In Review, enter a name for the instance and then click Launch VM

Step 4: Install software

  1. From the CloudPlatform management console, click Instances and verify the VM template instance you created is running.
  2. Click Quickview for the instance and then click View console
  3. From the instance console, perform the following tasks:
    • If you are using Citrix XenServer or VMware vSphere with CloudPlatform, install the appropriate VM management tools on the template instance. For XenServer, install XenServer Tools. For vSphere, install VMware Tools.
    • Install all critical and important Windows Server patches and hotfixes using Windows Update.

Step 5: Configure network settings

  1. Verify TCP port 443 (HTTPS) is open to outbound communication. This setting is required for the Smart Tools Agent to communicate with Smart Tools. To verify this port is open, open a web browser and enter https://www.citrix.com:443 in the address bar. If the port is open, the Citrix web site displays in the browser.
  2. Verify the local Administrator account password does not require changing at logon.This ensures no user interaction is required on provisioned machines, allowing any automated processes that are included in the blueprint to run. To verify:
    1. Click Tools > Computer Management. > Local Users and Groups > Users
    2. Right-click Administrator and then select Properties.
    3. On the General tab, verify the User must change password at next logon check box is cleared.

Step 6: Sysprep the VM instance

Use an answer file with the Sysprep tool to configure Windows for unattended setup and generalize the machine in one operation. For a sample answer file, you can use the unattend.xml file from the System preparation (Sysprep) requirements section at the top of this topic. 

Important: If you use the sample unattend.xml file to sysprep your image, ensure that you update the locale, timezone, and administrator password parameters in the file.

  1. Launch the command prompt and run the following commands:
    cd %windir%\System32\sysprep
    Sysprep.exe /generalize /oobe /shutdown /unattend:c:\location-of-unattend.xml

    This command generalizes installation elements, applies the customization settings specified in the unattend.xml file and shuts down the server after the Sysprep process is complete. 

  2. After the machine shuts down, proceed to "Step 7: Create the template."
    Important: Do not make any further changes to the instance.

Step 7: Create the template

  1. From the CloudPlatform management console, click Instances and then click Quickview for the VM template instance you created in "Step 3: Create a VM instance."
  2. From the Quickview page, click View Volumes.
  3. From the volume page, click Create template. The Create Template dialog box opens.
  4. Enter the following information:
    • Name: Enter a friendly name for the template.
    • OS Type: Select Windows Server 2012 R2.
    • Public: Select this checkbox to make the template accessible to all CloudPlatform users.
  5. Click OK. CloudPlatform creates a template from the instance, copying the volume you specified to secondary storage for the zone. This might take several minutes to complete.

After the template is created, you can specify it when you deploy blueprints with Smart Tools. The VM template instance is left intact so you can apply updates to it, if needed.  

Back to top

Microsoft Hyper-V

Step 1: Create the VHD

Using the Hyper-V Manager console, create a VHD running Windows Server 2012 R2 and sufficient memory and disk space to support the blueprint you intend to deploy. For example, to deploy the XenApp and XenDesktop Proof of Concept blueprint, your VHD might include 4 GB RAM and 64 GB disk space.

Step 2: Install software

  1. Install Windows Server 2012 R2 on the VHD.
  2. Ensure Hyper-V Integration Services are installed and running in the VHD. Typically, these services are enabled by default on Windows Server 2012 R2; however, Citrix recommends you verify this before you proceed. To verify these services are running in the VHD, perform the following actions:
    1. From Server Manager, click Tools > Services.
    2. Locate the following services and verify they are running:
      • Hyper-V Data Exchange Service
      • Hyper-V Guest Service Interface
      • Hyper-V Guest Shutdown Service
      • Hyper-V Heartbeat Service
      • Hyper-V Time Synchronization Service
      • Hyper-V Volume Shadow Copy Requestor
  3. Install all critical and important Windows Server patches and hotfixes using Windows Update.

Important: Do not install the Citrix Smart Tools Agent on the VHD. 

Step 3: Configure network settings

  1. Verify TCP port 443 (HTTPS) is open to outbound communication. This setting is required for the Smart Tools Agent to communicate with Smart Tools. To verify this port is open, open a web browser and enter https://www.citrix.com:443 in the address bar. If the port is open, the Citrix web site displays in the browser.
  2. Verify the local Administrator account password does not require changing at logon.This ensures no user interaction is required on provisioned machines, allowing any automated processes that are included in the blueprint to run. To verify:
    1. Click Tools > Computer Management. > Local Users and Groups > Users
    2. Right-click Administrator and then select Properties.
    3. On the General tab, verify the User must change password at next logon check box is cleared.
  3. Enable WMI traffic through Windows Firewall:
    1. Select Start > Control Panel > System and Security > Windows Firewall > Allow an app or feature through Windows Firewall
    2. Select Windows Management Instrumentation (WMI).
    3. Ensure the following inbound Windows Management Instrumentation (WMI) rules are enabled:
      • Windows Management Instrumentation (Async-In)
      • Windows Management Instrumentation (DCOM-In)
      • Windows Management Instrumentation (WMI-In)
  4. Enable inbound connections on TCP port 135 (DCOM port):
    1. Select Start > Control Panel > System and Security > Windows Firewall
    2. Click Advanced settings. The Windows Firewall with Advanced Security console appears.
    3. In the left pane, click Inbound Rules.
    4. In the Actions pane, click New Rule. The New Inbound Rule Wizard appears.
    5. On the Rule Type page, select Port and click Next.
    6. On the Protocol and Ports page, select TCP and Specific local ports, and then enter 135. Click Next.
    7. On the Action page, select Allow the connection and click Next.
    8. On the Profile page, select Domain, Private, and Public locations and then click Next.
    9. On the Name page, enter a name and description for the inbound rule and then click Finish. 

Step 4: Sysprep the VHD

Use an answer file with the Sysprep tool to configure Windows for unattended setup and generalize the machine in one operation. For a sample answer file, you can use the unattend.xml file from the System preparation (Sysprep) requirements section at the top of this topic. 

Important: If you use the sample unattend.xml file to sysprep your image, ensure that you update the locale, timezone, and administrator password parameters in the file.

  1. Launch the command prompt and run the following commands:
    cd %windir%\system32\sysprep
    Sysprep /generalize /oobe /shutdown /unattend:c:\location-of-unattend.xml

    This command generalizes installation elements, applies the customization settings specified in the unattend.xml file, and shuts down the VHD after the Sysprep process is complete. 

  2. After the VHD shuts down, no further action is needed. The VHD is ready to use. When deploying a blueprint, Smart Tools will provision machines by making copies of this VHD.

Back to top

Microsoft Azure Classic

To ensure consistent deployment, Citrix recommends using a Microsoft-provided machine image of Windows Server 2012 R2 when you deploy blueprints with Smart Tools. You can select a Microsoft-provided image when you deploy a blueprint to an Azure Classic resource location. When you deploy a blueprint, these images appear on the Windows tab of the Configure VM wizard.

If you want to create your own Windows Server 2012 R2 image, consult the Microsoft Azure VM documentation for instructions. To use your own image with Smart Tools, the image must meet the following requirements:

  • The image includes the configurations specified in the "Hardware and software requirements" and "Firewall and account settings" sections of "System and network requirements for the machine image" in this topic.
  • The image has been uploaded to Azure and appears under "My Images" in the Azure Gallery.

Back to top

VMware vSphere

Step 1: Create the virtual machine

Using the vCenter management console, create a virtual machine running Windows Server 2012 R2 and sufficient memory, disk space, and vCPUs to support the blueprint you intend to deploy. For example, to deploy the XenApp and XenDesktop Proof of Concept blueprint, your VM might include 4 GB RAM, 64 GB disk space, and 4 vCPUs.

Step 2: Install software

  1. Install VMware Tools.
  2. Install all critical and important Windows Server patches and hotfixes using Windows Update.

Important: Do not install the Citrix Smart Tools Agent on the VM image.

Step 3: Configure network settings

  1. Verify TCP port 443 (HTTPS) is open to outbound communication. This setting is required for the Smart Tools Agent to communicate with Smart Tools. To verify this port is open, open a web browser and enter https://www.citrix.com:443 in the address bar. If the port is open, the Citrix web site displays in the browser.
  2. Verify the local Administrator account password does not require changing at logon.This ensures no user interaction is required on provisioned machines, allowing any automated processes that are included in the blueprint to run. To verify:
    1. Click Tools > Computer Management. > Local Users and Groups > Users
    2. Right-click Administrator and then select Properties.
    3. On the General tab, verify the User must change password at next logon check box is cleared.

Step 4: Create the VM template

  1. Using the vCenter management console, convert the VM to a template.
  2. Using the VM template, create a VM and configure the following settings:
    • Power on this virtual machine after creation
    • Do not customize
  3. Verify that Windows Server starts correctly and does not display any prompts for user interaction.

Back to top

Amazon EC2

To ensure consistent deployment, Citrix recommends using a "Quick Start" machine image (AMI) of Windows Server 2012 R2 when you deploy blueprints with Smart Tools. Quick Start AMIs are sysprepped machine images provided by Amazon that meet the requirements for Smart Tools. You can select a Quick Start AMI when you deploy a blueprint to an Amazon EC2 resource location.

If you want to create your own Windows Server 2012 machine image, consult the Amazon EC2 product documentation for instructions. To use your own AMI with Smart Tools, the AMI must meet the following requirements:

Back to top

0 Comments