#Citrix #XenMobile 8.5 MAM upgrade! Part 1 – #StoreFront, #AppController, #NetScaler
In this little blog series series you’ll follow a little upgrade process to XenMobile 8.5 for Mobile Application Management (previously known as CloudGateway).
Ok, I don’t exactly know where to begin. I must first say that Citrix is THE master when it comes to renaming products, updating/changing the architecture, changing consoles (claiming to reducing the number of them like every year but at the same time introduce new ones).
How hard can it be to make crystal clear documentation and upgrade processes that works and are easy? I feel already that my tone in this blog post is “a bit” negative… but I think that Citrix actually deserves it this time.
I must now take a step back and calm down and point out that Citrix is delivering some MAJOR changes and good news/features in the new XenMobile 8.5 release though! It’s great (when you’ve got it up and running) and I must say that I don’t see anyone that is near them in delivering all these capabilities in a nice end-to-end delivery!!
Have a look at everything that is new, deployment scenarios etc. here before you even start thinking to upgrade or change your current NetScaler, StoreFront and AppController environment!
Once you’ve started to read the different design scenarios you’ll see that App Controller can be placed in front of StoreFront, in the back of StoreFront or totally without StoreFront… all the options just make your head spin! Because Citrix doesn’t really make it clear on how all of this should work with a Receiver and Worx Home depending if the device is on the internal network, external through NetScaler or what the capabilities that you need are supported in the different scenarios in a simple way, just text that explains it. And I find the pictures and text a bit misleading:
As you see above the App Controller is added as a “Farm” just as in 2.6, but is that the truth now in version 2.8 of App Controller?
If you have a look at the text from this page it’s getting even more confusing:
NetScaler Gateway in the DMZ and StoreFront for authentication. You can configure remote connections to route through NetScaler Gateway in the DMZ and then to an application running on a server in your network. In this release, you can also configure this deployment, but also enable StoreFront to act as the authentication server. In this way, Receiver routes a connection through App Controller, which proxies the connection to StoreFront for authentication. Next, the connection is proxied through NetScaler Gateway, which finally routes the request to App Controller.
Wow, let’s break it down! SO, in this case the NetScaler will do the authentication from remote Receivers/Worx Home clients, then SSO to App Controller over clientless VPN that just proxies the connection to StoreFront to do authentication, and then the Receiver/Worx Home client uses clientless VPN connectivity to talk to App Controller that then talks to StoreFront for XenApp/XenDesktop resource aggregation….? Or am I missing something.. seems to me then that the AppController is the more “fronting component” then (a part from the authentication that StoreFront does)…. hmmmm..
Now let’s take a look at this text:
XenDesktop and XenApp integration. When users connect to App Controller, they can view their web, SaaS, MDX and WorX mobile apps, in addition to their XenDesktop and XenApp applications and desktops. Users can view these apps in either the Web Interface or in Receiver if the Windows-based apps are delivered from StoreFront. When you configure StoreFront in front of App Controller and you configure Receiver to communicate with StoreFront, users continue to have a seamless experience.
Now we’re “back” to that StoreFront has to sit IN FRONT OF App Controller for users to have a seamless integration… Let’s now look at the migration PDF that Citrix has published here.
Here there are some CLEAR statements! Yeah!! Now let’s read and see if that makes things more clearer than the info in edocs does! Here is a nice little picture that shows how things could look like before migration:
This shows that App Controller 2.6 is behind StoreFront just as we’re used to it being! Great, let’s continue and look at what they show after the migration:
Wow, it’s now SUPER CLEAR! App Controller SHALL be in FRONT of StoreFront! Or wait, what did the text in edocs say?
When you configure StoreFront in front of App Controller and you configure Receiver to communicate with StoreFront, users continue to have a seamless experience.
Come on Citrix, how are you gonna have it? Or is it only a seamless experience if you put StoreFront in front of App Controller when you use the Receiver? Is it seamless with the “new” architecture and App Controller in front if you use Worx Home?
I must say that documentation is not the strongest part of XenMobile and especially the App Controller side of things…
There are so many questions that now popped up in my head, how are we going to ensure that App Controller can handle the load if that is the one in front of multiple StoreFront servers? Ok, here Citrix has a clustering approach, but still haven’t found any scalability figures yet. But having the option is great!
One nice thing about the new Worx apps and App Controller 2.8 is the Worx App Gallery and all the apps that are beginning to popup that already are MDX capable and ready to be distributed. But remember that you have to implement and use Worx Home in order to use them!
Another important note to consider if you’re integrating App Controller with ShareFile is this one:
Important: You must create a role before you configure ShareFile settings. The role should contain the same number of members for which you obtain licenses. For example, if you have 100 licenses, the role should contain the same amount of users. If you use the AllUsers role, which might have more Active Directory accounts than licenses, synchronizing accounts in ShareFile and App Controller might fail. If you previously selected the AllUsers role or a role with too many Active Directory accounts, you must manually remove the role from ShareFile and then add the new role.
Of course you should also have a look at the reference architecture Citrix have posted: http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/reference-architecture-for-mobile-device-and-app-management.pdf
So how does the process then look like and more important: does it work when upgrading your NetScalers, StoreFront and App Controllers just following their steps? And how easy is it if you have tons of apps and devices already in there? That’s the sole purpose of Part 2 of this blog post series, so stay tuned!