How to access XenServer hosted VDA's console from Citrix Director

How to access XenServer hosted VDA's console from Citrix Director

book

Article ID: CTX230610

calendar_today

Updated On:

Description

This article introduces XenServer integration with Citrix Director: how it works, how to use it, the capabilities and the requirements.
 

Instructions

Citrix administrators can access the consoles of Server OS and Desktop OS VDAs hosted on XenServer from Citrix Director. In this way, XenApp and XenDesktop administrators don’t require XenCenter to troubleshoot issues on XenServer hosted VDAs. This feature is available on both cloud and on-prem Director Editions. It requires XenServer 7.3 onwards, XenApp and XenDestop 7.16 onwards, Citrix Director 7.16 onwards.
In this article, we’ll introduce how this feature works, how to use it, the capabilities and the requirements.
How the feature works
We use VNC (Virtual Network Computing) to access XenServer hosted VM’s console from Citrix Director, and implemented following changes on Citrix Director, XenServer and Delivery Controller to support this feature:
  1. Citrix Director Web integrates noVNC as in-browser VNC client, which uses HTML5 and can support encryption (wss://). For more information about noVNC, refer to noVNC.
  2. XenServer leverages vncterm as VNC server, which runs for a particular VM and presents the VM’s graphics to a VNC client. The API VM.get_consoles() returns the URL of the VM console. XenServer requires noVNC client connect to VM’s console URL via wsproxy, which is a websocket proxy between VNC server and noVNC client. For more information about vncterm and wsproxy, refer to vncterm and wsProxy respectively.
  3. XenApp and XenDesktop Delivery Controller is enhanced to retrieve VM’s console URL from XenServer, and provide the console URL to Director Service. 
So the typical workflow would be:
  1. Citrix administrator requests to access a VDA’s console from Director web client (where the Citrix administrator logon to Citrix Director web site). Then Director Web client requests VM’s console URL from Director Service (GetMachineConsoleUrl).
  2. Director Service contacts Host service in Delivery Controller to get the URL, Host service in turn uses HCL to get the console URL from XenServer.
  3. Director Service forwards this URL to Director Web Client, then Director web opens the URL in a new tab:
    1. A pop up is shown to ask for the XenServer host (Pool Master) credentials, the browser client then authenticates the same with XenServer
    2. The authenticated XenServer session_ref is used to perform a wss connection call to wsproxy running on XenServer to stream the VNC for that machine.
How to access VDA’s console from Citrix Director
For Citrix Director on cloud version, you need to enable this feature by setting “Machine Console Access” to Enabled:
For on-prem Citrix Director, it is enabled by default. Citrix administrators can access VDA’s console by following steps (Take Firefox as a browser example):
  1. On a Director client, visit and logon to Director via web browser. Locate the VDA by clicking Search -> Search for Machine, and type the VDA machine name:
User-added image
  1. Click Console besides VM name in the Machine Details panel:
User-added image
  1. Enable pup-ups in web browser:
  1. A new separate tab will appear, asking for the XenServer host (where the target VDA resides on) credentials. If the XenServer host belongs to a pool as a slave host, input the Pool Master’s credentials, and click Log on.
  1. The VNC client will connect to XenServer host (or first Pool Master, then the hosting slave) via HTTPS connection. You need to accept server certificates on Director Web client as web browser prompts. If the XenServer host is a slave host of a Pool, you need to accept certificates of both Pool Master and the slave. Take Firefox as an example:
    • On the pop-up window, click on Advanced and then Add Exception:
User-added image
  • Confirm Security Exception:
User-added image
  1. After accepting the XenServer certificates, a “Welcome to Citrix XenServer” page pops up:
User-added image
  1. Just close this window and Director Web client will be able to connect to the VM’s console through encrypted connection.
User-added image
Note: If the XenServer host is a salve host in a Pool, the VNC client will connect to Pool Master first then the slave host. You’ll need to accept the certificates of both Pool Master and the slave, and close “Welcome to Citrix XenServer” page twice to finally connect to the VDA’s console via encrypted connection.
  1. Citrix administrators can then operate inside this VM with any troubleshooting steps. They can click Send Ctrl+Alt+Del to lock/unlock the screen or Close Console to close VM console connection.
Important:
  1. This feature requires XenServer 7.3 or above, XenApp and XenDesktop 7.16/Citrix Director 7.16 or above.
  2. This feature is not currently supported on IE 11. Also noVNC requires a browser with HTML5 support, this means it works on major modern browsers but not on some old versions of browsers, see Browser support for more details.
  3. Citrix Director Client must be network reachable to XenServer Host as well as Pool master if the host is a slave host.
  4. XenServer certificates must be accepted to allow encrypted connection (2 certifications when the target VDA is hosted on a slave host).
  5. Popups must be allowed in web browser.
  6. This feature is applicable to both Linux and Windows OS VDAs. For Windows guests, we only provide graphical consoles, for Linux guests, we only provide text based consoles.
  7. One VM console can be accessed by multiple Citrix Director Administrators at the same time.
 

Issue/Introduction

This article introduces XenServer integration with Citrix Director: how it works, how to use it, the capabilities and the requirements.
Powered by Wolken Software