App Streaming- Architecture & Troubleshooting Techniques
description
Transcript of App Streaming- Architecture & Troubleshooting Techniques
![Page 1: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/1.jpg)
App Streaming- Architecture & Troubleshooting TechniquesJesús González, Escalation Engineer Karen Sciberras, Escalation Engineer
![Page 2: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/2.jpg)
• Streaming technology basics
• Streaming technology in depth
• Sandbox reuse introduced in Streaming client 5.2
• Features introduced by Streaming client 6.0
Agenda
![Page 3: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/3.jpg)
• Profiler• Captures Application Images• Stores them in the Application Hub
• Application Hub• File server which holds the profiled applications
• Streaming Client/Offline Client• Streaming to Server• Streaming to Client
Application Streaming Components
![Page 4: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/4.jpg)
Layers Of Glass Analogy
Installation/Execution ImagePhysical Machine
Installation/Execution Image
Profiler Machine
•Nothing written to the “table” at profile time
Client Machine/ Presentation Server
•Installation program “painted” on “pane”
•File redirection
Per User Image
Physical Machine
Read/Write
Read Only, NoneRead Only
Read/Write
•Execution image common to all users – enables centralized app management
Application believes installed on physical machineInstall program, registry,
named objects etc. stored in .CAB file
![Page 5: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/5.jpg)
Isolation Layers
• Per user Image or User Root
• Each user gets there own copy of top layer
• Writable at application runtime
• %AppData%\Citrix\Radecache
• Execution image or Install Root
• Read only during launch
• Writeable during profiling
• %Program Files\Citrix\Radecache
• Application
• Mask the applications view of the Physical machine
• Views machine from top down
• Per user image starts clear [read/write]
• Initial app view = Execution image [read only]
![Page 6: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/6.jpg)
Streaming technology in depth
![Page 7: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/7.jpg)
Streaming technology basic concepts
NamedObjectsNamedObjects
FileSystem
FileSystem RegistryRegistry
IsolationRules
IsolationRules
Per User Image
Installation/Execution Image
Physical Machine
![Page 8: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/8.jpg)
• Open a File for Reading
• Creating a file
• Open a File for Writing
• Deleting a File
Streaming technology in depthExample: File System redirection
Per User Image
Installation/Execution Image
Physical Machine
![Page 9: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/9.jpg)
Streaming technology in depthExample: Open a File for Reading
C:\Program Files\MyApp\MyConfig.txt
%AppData%\Citrix\RadeCache\GUID\Device\C\Program Files\MyApp
%ProgramFiles%\Citrix\RadeCache\GUID\Device\C\Program Files\MyApp
C:\Program Files\MyApp
If not found, continue search in the regular physical root location
Found here!Open file for reading
Search in the UserRoot
Search in the InstallRoot
Per User Image
Installation/Execution Image
Physical Machine
Per User Image
Installation/Execution Image
Physical Machine
![Page 10: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/10.jpg)
Streaming technology in depthExample: Creating a file
C:\Program Files\Myapp\Myconfig.txt
During installation %Program Files%\Citrix\RadeCache\GUID\Device\C\Program Files\MyApp\MyConfig.txt
During execution
%AppData%\Citrix\RadeCache\GUID\Device\C\Program Files\MyApp\Myconfig.txt
Per User Image
Installation/Execution Image
Physical Machine
Per User Image
Installation/Execution Image
![Page 11: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/11.jpg)
Streaming technology in depthExample: Open a File for Writing
C:\Program Files\MyApp\MyConfig.txt
%AppData%\Citrix\RadeCache\GUID\Device\C\Program Files\MyApp
%ProgramFiles%\Citrix\RadeCache\GUID\Device\C\Program Files\MyApp
Found here!
Copy file to user Image Layer
(Copy On Open for Write)
Open file for writing here
Per User Image
Installation/Execution Image
Physical Machine
Per User Image
Installation/Execution Image
![Page 12: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/12.jpg)
Streaming technology in depthExample: Deleting a File
• Isolation environments satisfy two requirements
- Not deleting C:\DeleteMe.txt in reality
- Isolated applications are told that C:\DeleteMe.txt does not exists anymore
Per User Image
Installation/Execution Image
Physical Machine
![Page 13: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/13.jpg)
Streaming technology in depthExample: Deleting a File
C:\DeleteMe.txt
Represented as 0 byte fileA special NTFS stream marker attached
Per User Image
Installation/Execution Image
Physical Machine
![Page 14: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/14.jpg)
Launch Process
![Page 15: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/15.jpg)
• RadeRun • RadeRun is to streaming what wfcrun32 is for hosted applications• RadeRun takes .RAD file as parameter, establishes link to streaming service
where application is executed
• RadeSvc• Obtains profiled application from Application Hub and places it RadeCache• Creates new sandbox instance and executes application
Streaming Services
![Page 16: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/16.jpg)
Streaming Client
Basic Launch Process
PN Agent
.RAD File
Application Hub
.RAD File
XenAppXML Broker
Web Interface/PN Agent
RadeRun.exe RadeSvc.exe Application 1
![Page 17: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/17.jpg)
• Streaming client erases RAD File immediately after reading it
• Done for house cleaning
• RAD file is not available for troubleshooting
• App Streaming – Faking out RadeRun http://community.citrix.com/display/ocb/2010/08/20/App+Streaming+-+Faking+out+RadeRun
How to obtain the RAD file
![Page 18: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/18.jpg)
Independence from IMA or ICA
![Page 19: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/19.jpg)
Independence from IMA or ICA
RadeRun.exe
/app:“MyAp"
/package:“\\AppHub\myApp\MyApp.profile"
-x flag will allow you to see the world as the isolated application from a command prompt
![Page 20: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/20.jpg)
RadeRun.exe - Example
Windows 7
Profile
Streaming client
NO CITRIX FARM
NO ICA
NO IMA
![Page 21: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/21.jpg)
Per User Image
Installation/Execution ImagePhysical Machine
RadeRun.exe - Layers Of Glass
![Page 22: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/22.jpg)
RadeRun.exe – “-x”
CMD ISOLATED
![Page 23: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/23.jpg)
RadeRun.exe – Layers Of Glass
Per User Image
Installation/Execution ImagePhysical Machine
NO WIWZIP
![Page 24: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/24.jpg)
RadeRun.exe – delete inside isolation
CMD ISOLATED
![Page 25: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/25.jpg)
RadeRun.exe – Outside isolation
Per User Image
Installation/Execution ImagePhysical Machine
NEW CMD. NOT ISOLATED
![Page 26: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/26.jpg)
Sandbox Reuse
![Page 27: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/27.jpg)
• What is a sandbox/isolation/Bubble?• Collection of processes and set of rules which control how application behaves• Isolated process same as normal process but tagged differently to expected• Redirection of Files and Registry
• Creation of Sandbox -> Expensive Operation• Opening the CAB file• XML parse for the sandbox isolation rules
What is a Sandbox?
![Page 28: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/28.jpg)
Sandbox Not Reused
PN AgentStreaming Client
RadeRun.exe
RadeSvc.exe
One Profile
SandBox1
SandBox2
MS Word
MS Excel
![Page 29: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/29.jpg)
• New feature introduced in Streaming client 5.2
• One creation of sandbox per profile instead per application
• It improves the performance of a second time launch
• Achieved by new service -> RadeLauncher.exe
• RadeLauncher.exe will exist for each sandbox/profile/user
Sandbox Reuse
![Page 30: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/30.jpg)
Sandbox Reused
PN AgentStreaming Client
RadeRun.exe
RadeSvc.exe
One Sandbox = One Profile
RadeLauncher.exe
MS Word
MS Excel
![Page 31: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/31.jpg)
Sandbox Reused
PN AgentStreaming Client
RadeRun.exe
RadeSvc.exe
User1 Profile1
User1 Profile2
User2 Profile1
![Page 32: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/32.jpg)
![Page 33: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/33.jpg)
RadeLauncher Settings and Considerations
• Radesvc.exe checks for Radelauncher.exe; if found uses existing isolation environment.
• HKLM/Software/Citrix/Rade/SandboxStatusMonitorperiod • Defined in minutes where default is 5 minutes• Setting value to 0 disables feature, behaviour of old client
• Terminate RadeLauncher for sandbox setting to take effect
![Page 34: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/34.jpg)
Isolation of Windows services
![Page 35: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/35.jpg)
• Program that runs outside of a user’s session
• Usually the same service runs once for the whole machine
• Generally runs at system startup
• Can be configured to run on application demand
• Service require more privileges than applications
What is a service?
![Page 36: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/36.jpg)
Service isolation challenges
Easy to accomplish Difficult to accomplish
• Running services under application isolation • Running services under application isolation with privileges
• Keeping the user and system space separate
![Page 37: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/37.jpg)
Service isolation solution
Considerations Solution
• Customers feedback
No problem to run services as long as they can be under control
• White list of servers
HKLM\Software\Citrix\Rade
AppHubWhiteList (REG_SZ)
![Page 38: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/38.jpg)
• Citrix Streaming Helper Service (RadeHlprSvc.exe)
•Runs under the Local system account
•Privilege to create, delete, start services
New streaming service
![Page 39: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/39.jpg)
Service isolation
Application Sandbox
Service Sandbox
5.2 (no service isolation)
Application Sandbox
6.0 (service isolation)
Application Sandbox
User 2
![Page 40: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/40.jpg)
Service isolation creation process
Service Control Manager now displays isolated services
![Page 41: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/41.jpg)
.CAB to Directory folder
![Page 42: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/42.jpg)
Change from .CAB files to directory
.CAB files
Directory structure
![Page 43: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/43.jpg)
• Using a single file to represent a target makes it easier to copy
• CAB file libraries are available on all versions of windows
• Ability to use Windows Explorer to open and see inside CAB File without additional code needed
Why were .CAB files used?
![Page 44: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/44.jpg)
• Introduced to solve XenDesktop streaming delivery issues • This is the first step toward solving the XD issue in a stream-to-client scenario• First time launch slow, second time launch fast
• Replaces .CAB file with an unzipped representation
• Future release:• Directly mount the App Hub content into the execution environment• Accomplished by creating a symbolic link that points to the App Hub
Directory structure change
![Page 45: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/45.jpg)
Layers of glass
Streaming technology in depth
Launch process
Raderun
Sandbox Reuse
Isolation of Services
Moving from Cab to Directory structure
Take Away’s
![Page 46: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/46.jpg)
Before you leave…
• Session surveys are available online at www.citrixsynergy.com starting Thursday, 7 October• Provide your feedback and pick up a complimentary gift card at the registration desk
• Download presentations starting Friday, 15 October, from your My Organiser Tool located in your My Synergy Microsite event account
![Page 47: App Streaming- Architecture & Troubleshooting Techniques](https://reader036.fdocuments.us/reader036/viewer/2022062423/56814932550346895db67705/html5/thumbnails/47.jpg)