With the recent release of Cloud Provider Pack, our app orchestration technology (aka Project Rainmaker) is now available for immediate download and use . You can find more information on the many benefits you get from this technology in several recent blogs. In other words - we reinvented how to manage complex multi-tenant, multi-farm XenApp deployments with minimal effort by the administrator
This article is the second in a series blogs by. the team responsible for creating the app orchestration technology, in which we will delve deeply into the architecture, deployment and customization of various components of this revolutionary new engineering technology. (The first is available here.) Today I will cover the architecture of the app orchestration system, and introduce all the elements that make up this system.
Let this break down and investigate the individual components.
Server Configuration
what server hosts the main components of the application orchestration. In the center of the entire image is the App Orchestration Engine, and REST API that exposes. All components communicate with the engine exclusively via the REST API.
App Orchestration Engine
This component is the "brains" behind the app orchestration technology. Each time a configuration change is made, it is written to the database application orchestration and the App Orchestration Engine determines all actions that must occur in all organizational units, Farms, workload machinery, and machinery Web interface to apply this change. These actions are planned as "Workflows" and are added to send queues for different agents.
When a configuration change is made, it ends immediately. The intention of the administrator is stored in the database, allowing officers to apply the changes asynchronously. We call this approach "desired state" because we always keep track of the final goal of the administrator. This allows the system to perform multiple operations across different products and agents in the correct sequence and over extended periods of time , always moving the underlying systems towards the final goal. If there are failures, they can be corrected and the system will automatically retrieve and keep walking to the desired configuration.
the desired-state approach enables the orchestration application technology to be highly resistant to breakdowns and failures. If the configuration server is offline, the user sessions and the functioning of the normal XenApp farm are unaffected. the only impact is that configuration changes can not be made during this outage. However, for reasons of DR and more available, it is recommended at least two configuration servers are created by deployment.
REST API
This is the final point where all other app orchestration components communicate with the application Orchestration Engine. The REST API uses HTTP (S) exclusively.
In order to perform all operations that we automate, some agents require Active Directory domain administrator credentials. Although these are protected by the access control so that only agents can read them via the API, they are always transmitted over this channel, and on the network. For this reason, it is essential that production deployments use HTTPS to protect these identification when transmitting information. The installer App Studio it is easy to configure the REST API and Web service console to use SSL
There will be other blogs on the subject of the API. Stay tuned.
Web Service Console
Citrix App Studio is the name of UI component that you use to configure the application orchestration. The user interface is written in HTML 5 and has been tested on multiple browsers to ensure compatibility. Web Console service component hosts the Web interface.
The Web console and the Web interface service are stateless. This enables administrators to connect to the Web user interface on a configuration server and make changes
Agent -. Server Configuration
The agent appears several times in the component diagram, and serves multiple roles. The agent is the "muscle" behind the power of the application orchestration - it performs actions that the App Orchestration Engine has determined are necessary to bring the system to the desired configuration
On the server configuration, the. Agent is responsible for the interface with Active Directory for operations such as creating and UO import tracking, and moving the workload of machines UO good when they are awarded. All communications with AD is via Active Directory Web Services (ADW)
The agent is also responsible for communication with the workload of the machines that are not yet allocated, and are not part of a XenApp farm so. for example, during the import process of the machine. It does this using PowerShell Remoting (WinRM) and run the app orchestration scripts that are there pre-installed.
Web Server Interface
For deployment, ultimately users should be able to run the applications they subscribe to, and that means they have access to a site Web interface (Note: support StoreFront will come at a later date)
App orchestration manages several farms and automatically allocates farms to tenants as isolation and requirements. capacity limits. To simplify the use of the web interface in these complex scenarios, app orchestration also create and configure Web Interface sites automatically depending on insulation requirements by tenant
Agent -. Web Server interface
On the Web Interface server, the agent is responsible for the creation of sites and pointing these sites on farms for each tenant. The sites are created using the basic settings. App orchestration do not interface with Access Gateway or Netscaler, so once the sites are created, you may need to perform additional manual configuration to allow users to access external sites.
XenApp controllers
App orchestration manages XenApp 6.5 farms only. To create the proper isolation level to accommodate users in a CSP environment, XenApp farms are strictly divided into two server types: controllers, and the workload Machines (aka __gVirt_NP_NNS_NNPS <__ Hosts session). Controllers ever host the sessions and the work load machines never receive session data on other workloads machines.
XenApp controllers managed by the application orchestration must have the agent installed. It is also very important to realize that the application orchestration imposes it gets the desired state of the App Orchestration Engine. This means that the import of a firm that has already configuration, such as host session or existing applications, may cause the configuration to be crushed or damaged. Do not import firm containing the existing configuration in App Studio
Agent -. XenApp Controllers
On XenApp controllers, the agent is responsible for creating and managing groups of workers and published applications, and to manage the "drain" mode session hosts. It maintains the relationships between users, applications, labor groups, and organizational units so that multi-tenancy and isolation are achieved, corresponding to the desired configuration. It is also responsible for the "Join" and "A-assembly" workload machinery on the farm; It does this by connecting to these machines using PowerShell Remoting (WinRM) and run the app orchestration scripts that are there pre-installed
XenApp workloads machines -. aka Hosts Session
Of course, the main measure of the user's ability in XenApp is the number of servers that can host sessions. App orchestration automatically manages the allocation, decommissioning, isolation, drainage, assembly and unjoining these machines on farms and move them to the correct organizational units.
App Orchestration Scripts
Since the density of users per host session is a very important number for CSP, app orchestration was designed so that it zero CPU and memory footprint on the machines hosting the sessions. There are no additional services, and no workflows are directed to a current sessions Home session. The only element that orchestrate application adds to the session host is a collection of scripts and programs that are called remotely via PowerShell Remoting, when the machine is either in preparation for hosting the sessions or being dismantled.
All other actions are orchestrated around the session hosts are carried out by officials or on the XenApp controllers or about configuring the server itself.
Wrap-Up
Although long, this article has only scratched the surface of how the application works orchestration. Expect a series of blog posts over the coming weeks providing deeper dives into all the different components and features provided.
This blog is part of a series on the application orchestration. For the remaining articles in this series, please refer to these articles:
- Concepts
- architecture (this article)
- Provisioning machinery ( forthcoming)
- Tenants Management (forthcoming)
- Advertisements Management (forthcoming)
- Following Management (forthcoming)
- Patcher workload machines (forthcoming)
- Understanding Workflows (forthcoming)
- Troubleshooting (forthcoming)
- integration with CloudPortal services Manager (forthcoming)
0 Komentar