App Layering

MS Azure or Azure Government

To install the App Layering service, you deploy the appliance to a virtual machine using the Azure (or Azure Government) resource manager.

  • Requirements. - Make sure you have the Azure (or Azure Government) resources you must install the appliance.
  • Install the App Layering appliance in Azure (or Azure Government). - To install the appliance, you download the installation package and deploy the appliance.
  • Next steps - Links to steps for installing the App Layering agent and configuring the App Layering service.

Note: If you have not already set up a connection to an Azure Virtual Network, see Get started with Azure or Azure Government for more information.

The steps for installing the appliance in Azure and Azure Government are the same, aside from the installation script that you run. (The scripts are listed in the Installation Package below.)

Requirements

Before installing App Layering in Azure or Azure Government, be sure you have the following.

  • An Azure account and subscription

    To deploy and configure the App Layering appliance, you need the credentials for an account that has administrative access to your Azure subscription. For more information, refer to the Microsoft Azure Sign-in page.

  • A Virtual Network in Azure (or Azure Government)

    Your deployment in Azure (or Azure Government) can operate in a point-to-site or site-to-site Virtual Network. The appliance and its network file share must have network connectivity. However, the appliance does not require network connectivity to the layered images you publish. A site-to-site connection between your corporate and Azure (or Azure Government) networks is recommended for accessing the management console on the appliance. For more information, refer to the Microsoft Azure Virtual Network page. Note: If you have not already set up a connection to an Azure Virtual Network, see Get started with Azure for more information.

  • A Network File Share (Azure or Azure Government specifics)

    A file share server in Azure (or Azure Government) performs better than an on-premises file share. Even though the Azure (or Azure Government) File Share feature is not supported, you can use an existing network file share or create a file share in the Azure (or Azure Government) environment. Important: Using Premium Storage is recommended.

  • Azure (or Azure Government) Resource Manager

    App Layering works with Azure’s Resource Management (ARM) model. We do not support Azure’s Classic deployment model or Bicep. All resources such as virtual network, file shares and OS machines that App Layering will interact with must be created with Azure Resource Manager. For more information, refer to the Azure Resource Manager overview page.

  • Azure Powershell v7

    Azure Powershell v7 must be installed on the Windows system that will be used to install the appliance in Azure.

  • Assigned managed identity

    The App Layering appliance must be assigned a managed identity to support deployment on Azure.

Install the App Layering appliance

To deploy the App Layering appliance to Azure or Azure Government:

  1. Check the contents of the installation package.
  2. Learn what’s included in the installation script.
  3. Deploy the appliance.

Installation package

The installation package, is named citrix_app_layering_azure_yy.m.b.zip, where:

  • yy is the year
  • m (or mm) is the month
  • b is the build
  • x is the sub-version
  • For example, citrix_app_layering_azure_24.3.0.zip contains azure_24.3.0.3.zip
File Description
azure_yy.m.b.x.zip Contains the VHD file (unidesk_azure-system.vhd) for the appliance VM
New-AzAppLayeringAppliance.ps1 Installation Script for Azure and Azure Government
citrix\_app\_layering\_agent\_installer.exe App Layering agent installer
citrix\_app\_layering\_os\_machine\_tools.exe OS Machine Tools
DeployAzureRmVm.template.json App Layering template

Installation script

The installation script included in the installation package does the following.

  1. Copies the included VHD to the Azure location you specify.
  2. Creates a virtual machine in Azure using the VHD.
  3. Creates and Attaches the repository disk.
  4. Boots the Azure appliance.

When you run the script:

  • IMPORTANT: Be sure to note the Resource group location you select, as you will need this information later. For more information about resource groups, refer to Using the Azure Portal to manage your Azure resources.
  • When selecting a virtual machine size, it is strongly recommended that you select a machine with 4 CPUs, and at least 14 GB of memory (script default).
  • The name you specify for the new virtual machine must comply with Azure naming conventions.
  • Select a Virtual Network in which HTTP port: 80 is accessible (Public IP can be disabled).

Using the installation script

New-AzAppLayeringAppliance.ps1 is the new installation script which replaces the previous script, AzureELMDeploymentV7.ps1. The new installation script now accepts parameters and no longer requires the user to manually provide input to the command line prompt. You may still run the script without parameters and provide the inputs manually.

Requirements

  • The new script requires the latest version of DeployAzureRmVm.template.json included in the package.
  • The new script requires the current version of AzCopy. The binary for AzCopy must either be in the same directory as New-AzAppLayeringAppliance.ps1 or added to your path. For more information on installing AzCopy see Get started with AzCopy

Parameters

Parameter Description Data Type Default Value Required? (Y/N)
DeploymentName The base name used to derive names for all resources created during the deployment. string - Y
ResourceGroupName The name of the Azure resource group where resources will be deployed. If it doesn’t exist, it will be created. string "{DeploymentName}-group" N
LocationId The Azure region where all resources will be created or reused. string - Y
SubnetId The ID of the subnet that the appliance will be connected to. string - Y
ParamIpAddress The IP address to assign to the appliance. string "Dynamic" N
RepositoryDiskSizeInGb The size of the repository disk attached to the appliance (in gigabytes). int 300 N
VhdPath The path to the appliance VHD file to upload. string "{current_dir}/azure\_\*/unidesk\_azure-system.vhd" N
AzureCopyPath The path to the azurecopy.exe utility. string "{current_dir}/azurecopy.exe" N
TrustedLaunch Enables trusted launch for the appliance VM - - N
ForceUpload Forces the disk to be uploaded even if it already exists in Azure - - N
DefaultProfile The Azure credentials, account, tenant, and subscription used for communication with Azure. string - N

Example Usages

 .\New-AzAppLayeringAppliance.ps1
<!--NeedCopy-->
 .\New-AzAppLayeringAppliance.ps1 -DeploymentName "MyDeploymentName" -LocationId "East US" -SubnetId /subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.Network/virtualNetworks/<virtual-network-name>/subnets/default
<!--NeedCopy-->

Deploy the appliance in Azure or Azure Government

The App Layering ZIP download requires 31GB of space when uncompressed.

  1. Extract the download package, citrix_app_layering_azure_yy.mm.x.zip. The files included are listed above.
  2. Extract the ZIP file to a folder on your local drive.
  3. Open an Azure Powershell window.
  4. Execute the installation script (included in the installation package) with the appropriate parameters. Running the script:
    • Copies the VHD to the Azure location of your choice.
    • Creates and attaches the repository disk.
    • Boots the appliance.
    • If the script fails, check the values to make sure that the values are correct for your environment.

The first time you log onto the appliance you are required to change the App Layering administrator passwords. For details, see Change administrative passwords.

Be sure to install the App Layering agent, if your environment requires it. See the next section for details.

Next steps

Once the appliance is installed and the IP address is configured as you want it to be, you can install the App Layering agent, and configure the App Layering service:

MS Azure or Azure Government