Agnostic GSLB – How-to

Before proceeding, a disclaimer: no NetScalers were harmed when writing this post. They were not even used.

Great! No NetScalers, that means cheap as there is no cheap NetScaler. Well, there is a free one, severely bandwidth limited and the NetScaler Gateway SKU that you could buy for USD 995, what I do believe it is still the case. That said, there is still some limitation on the bandwidth but for many environments (Citrix of course if NSG is used) that may suffice.

Knowing that we used no NetScalers, let’s first understand why this is an agnostic solution. The reason is simple: it works with ANYTHING. It can be Microsoft RDS, Parallels RAS, Citrix Virtual Apps/Desktops and even VMware Horizon. For this blog post I used Parallels RAS but again, the exact same idea will apply to any solution. To get this going, this is what you need to do:

  1. Logon to your Azure portal. Yes, this solution relies on Azure Traffic Manager and even though it is not free, it is damn cheap. Once in the portal, create a traffic manager profile. It will ask you the name you want to use. This is the name that will be appended to  trafficmanager.net. This means if you choose rds-gslb, your unique name will be rds-gslb.trafficmanager.net.

2. In my case I selected ‘Priority’ for the routing method. Once that is done, the next step is to add ‘Endpoints’. In my case, I added two external ones, each one pointing to the external IP addresses of my two Parallels RAS environments:

3. Looking at my traffic manager profile configuration this is now what is seen (note I am using a simple TCP monitoring on port 443 as this is the only port opened from the outside to the RAS Secure Gateways. Of course you can use HTTP/HTTPS and then set the expected path/status code to determine the endpoint as healthy):

4. With everything added, yours should look like this:

5. The final step is to go into the DNS settings for your domain and create a CNAME record for the FQDN you will use for your users (i.e. ras.company.com) pointing to the FQDN created for your traffic manager profile (i.e. ras-gslb.trafficmanager.net). Simple.

6. As this is a Parallels RAS environment (but again, could be RDS, Citrix or VMware) on my Parallels RAS client, I configured it to connect to my FQDN, ras-gslb.wtslabs.com. When launching it and logging in, this is what I see:

Going into the endpoints in the Azure portal and disabling the top priority one, once I refresh the Parallels RAS client, this is what I get:

This is done by just refreshing the client. No need to do a DNS flush (as the TTL is set to 10 seconds on Azure) or even close the client! It is that simple.

Now the beauty here and what makes this way more powerful than traditional GSLB IMHO is the fact you can use PowerShell to retrieve metrics from the environment, metrics the NetScaler GSLB is not even aware of. For example, total number of ‘Active Sessions’ for the environment, CPU/Memory utilization on any server part of the environment (i.e. a highly loaded file server or database), etc. Anything really. And still, with PowerShell you can easily flip the endpoints on Azure. This is an example of the code required:

To login to Azure (of course assumes the Azure PS Module is there)
Connect-AzAccount

To get a subscription:
Get-AzSubscription

To set the default subscription:
Select-AzSubscription -Subscription "My Demos"

Adding a profile with two External endpoints:
$profile = New-AzureRmTrafficManagerProfile -Name myprofile -ResourceGroupName MyRG -TrafficRoutingMethod Priority -RelativeDnsName ras-gslb -Ttl 10 -MonitorProtocol TCP -MonitorPort 443
Add-AzureRmTrafficManagerEndpointConfig -EndpointName DC1 -TrafficManagerProfile $profile -Type ExternalEndpoints -Target EnterIP1 -Priority 1 -EndpointStatus Enabled
Add-AzureRmTrafficManagerEndpointConfig -EndpointName DC2 -TrafficManagerProfile $profile -Type ExternalEndpoints -Target EnterIP2 -Priority 2 -EndpointStatus Enabled
Set-AzureRmTrafficManagerProfile -TrafficManagerProfile $profile

Modifying the endpoints:
$profile = Get-AzureRmTrafficManagerProfile -Name myprofile -ResourceGroupName MyRG
$profile.Endpoints[0].Priority = 2
$profile.Endpoints[1].Priority = 1
Set-AzureRmTrafficManagerProfile -TrafficManagerProfile $profile

And as i mentioned on Twitter, if you are running two NetScaler Gateways (the cheap USD 995 ones), one on each datacenter, you can create a GSLB setup using the Azure traffic manager. No need for any SKU that gives you GSLB. Considering how cheap this is on Azure, it will take years and years of Azure charges to make up for the money you save by going with the cheaper SKU.

More than that and as mentioned, this works with RDS Gateways, VMware Horizon Connection Servers and any other solution really.

So give it a try and let me know what you see.

Cheers.

CR

It is here. RDS-to-RAS Migration Tool

As promised earlier, here you have it. Before you download it and give it a try, let me explain a couple things about this v1.0:

  • It is indeed a working progress and I am adding a couple more little things to it.
  • You must run the script/tool on the actual RAS Publishing Agent server (the connection broker) and of course with proper credentials.
  • Make sure the Windows Firewall on the RDS Connection Broker you are pointing to allows that.
  • Things that do work properly:
    • Imports RDS ‘Session Collections’ into RAS ‘Groups’.
    • Imports all the ‘RemoteApps’ in a ‘Session Collection’ as published applications into RAS.
      • If an application is set not to be shown under the RDS Web Access, it will set the application as ‘Disabled’ under RAS.
      • Application folders are supported. It will create on RAS the same folder structure you see on the RDS Web Access (defined using the RDMS).
      • Imports the icon for all RemoteApps.
    • If there are no ‘RemoteApps’ in a ‘Session Collection’ that means a ‘Remote Desktop’ is published (the Citrix ‘Published Desktop’ equivalent). In that case, it does create a RAS ‘Published Desktop’ for that RAS ‘Group’.
  • Things that do not work (yet):
    • I explicitly decided not to install the RAS Agent on the RDS Session Hosts being imported. Firewall could play a role here.

Little warning: I do believe error traps are for wussies. Reason why my script does not check if you entered a proper RDS Connection Broker, RAS PA, etc. I assume you know your shit and can type properly. As you see I have very low standards. Assuming you can type AND you know the server names you have to connect to, the script works great. So if it is not working you can safely assume it is your fault.

Seriously I will add some error checking on the next release. Just wanted to get the tool out so you guys can give it a try.

Any questions, suggestions, feedback, etc, drop me a line or leave a comment.

Cheers.

CR

523 total views, no views today

EUC University

In the age of YouTube and the Internet, yes, you can indeed find all the information you need about a particular topic. The thing is, like when I wrote the RDS Complete book, at least for me, the main issue with this approach is the fact the information may be available all over the place, from multiple sources and each one with a different writing/teaching style. That is why being able to find all I need about a particular topic in one spot, is extremely important IMHO.

That brings us to my new community project, the EUC University. The idea is simple: have very short (where possible) videos with accompanying guides (PDF of PPT) about EUC related products. You can about it as a PluralSight in ways but totally focused on RDS and as our first one, Parallels RAS.

Also as I am creating these for people with experience with other products (Citrix/VMware) all the information you need to understand how to translate the components seen with these into RDS/RAS will be clearly explained before you touch anything. That will give you a very good picture on how these two platforms and their components related to the components seen on Citrix Virtual Apps and Desktops and VMware Horizon.

As mentioned, I am starting this first with Parallels RAS and once it is done, get the RDS part finalized. For the RDS the idea is to have the book is the guide you will need (or should) to follow.

Stay tuned.

Cheers.

CR

Microsoft RDS to Parallels RAS Migration Tool

Contrary to what most people may think, I always prefer to use the right tool for the job. Reason why I do believe there is a market for all the EUC products out there. That said, you have to be blind to think any of these are amazing and flawless. Far from that. Citrix Virtual Desktop and Apps has many infuriating things under its belt. The same applies to VMware Horizon, Microsoft RDS and of course Parallels RAS.

That said, if you want a simple and inexpensive product to deliver applications and virtual desktops remotely, and once again, depending on your needs, Parallels RAS may be all you need. As I am quite familiar with the product and I am part of their Parallels VIPP community program, I decided to put together a quick PowerShell based tool, with a proper GUI, to migrate a Microsoft RDS deployment with all its collections, to a Parallels RAS based one.

It is still a work in progress and it should be available quite soon. If anyone is interested on giving it a try, please just let me know and I will contact you.

Cheers.

CR

1,397 total views, 4 views today