One of the recurring subjects that customers often raise is “where can we use the cloud to add value today?” – and for many the answer to this may be disaster recovery.
When deploying a new centralised workspace solution, a typical discussion point is around disaster recovery (DR) and what it will consist of, if it will exist at all. Many customers will accept not having any – with a view that paying for hardware that will sit unused, potentially doubling the hardware investment in a project is unnecessary and having resiliency in a single location is sufficient.
Even the organisations that do provide disaster recovery capabilities for their workspace solution will typically make compromises to reduce costs, such as only providing a limited capacity for critical users, or operating with reduced performance to minimise the upfront investment.
Other typical conversations revolve around how cloud adoption can strategically benefit modern workspace solutions. The key word in this statement is “strategically”, as moving workspaces to the cloud is a journey with many considerations that typically becomes a medium to long term objective. Likewise, for organisations with existing modern workspace solutions it’s not generally a quick-win either.
What if you could provide 100% DR capacity for minimal cost?
Cloud providers such as Microsoft Azure can reduce the upfront investment requirement to virtually zero for a disaster recovery solution. Using Pay-as-you-Go billing means that you are only paying for compute costs when the DR workloads are in-use, excluding a small overhead for storage costs.
For most Citrix deployments, there are three main architectures which can be adopted to deploy user workspaces into the cloud:
In this topology, the management infrastructure remains on-premise, but workloads are deployed to Azure. What happens when your production (on-premise) site fails? Nothing. Well, almost nothing, as your management infrastructure is gone so it’s not much use at this point.
However, it is possible to use Azure Site Recovery (see Citrix's White Paper) to recover your management infrastructure into Azure, and once recovered, your environment can be made operational. This option isn’t particularly seamless and won’t recover components such as NetScaler VPX, however for organisations with more a more flexible recovery time objective (RTO) it can reduce the operational costs.
Using this topology, you deploy Citrix Management infrastructure into Azure and treat Azure as a separate site. This provides functional isolation from your on-premise deployment in the event of a site failure. Using Citrix NetScaler and StoreFront to aggregate resources, you can provide virtually instant failover between Production and Disaster Recovery resources.
The presence of the Citrix Infrastructure in Azure means that no manual processes need to be invoked and no systems need to be restored before users can access their core workspace.
Using Citrix Cloud, Azure becomes just another resource location. This provides the simplest deployment topology as the management components are hosted by Citrix as a Service, and DR workloads can be achieved without the need to deploy large amounts of infrastructure to support it. The user experience of failover to disaster recovery can be virtually seamless.
What about workloads?
We’ve got three different ways to extend the infrastructure for DR, what about the workloads? By workloads, I refer to the virtual machines (VMs) that users log on to for access to their apps and data.
Firstly, if you’re using Citrix Provisioning Services (PVS) on-premise this does not currently work in Azure, or any other cloud for that matter, so we’re limited to Machine Creation Services for deployment in the cloud.
The question is – to pre-deploy, or not to pre-deploy. Pre-deploying the workloads into Azure has some clear benefits in terms of:
- Reduced recovery time – it can take up to 10 minutes to deploy a single windows machine in Azure, sometimes longer. If you have many machines to deploy then this can extend recovery times.
- Ability to validate – if the workloads are pre-deployed, it means that there are fewer “moving parts” in a recovery process, beyond the powering up of already deployed instances. This can be safely validated in isolation.
One consideration is that when deployed, even when de-allocated (powered off), deployed workloads will incur storage charges for the capacity used.
Another consideration is that Azure is a new platform. You could look at cloning your existing master image(s) into Azure to deploy new machine catalogs, however this may not always be a good idea. To draw a parallel, if you were moving between different hypervisors on-premise it's unlikely you would clone a machine from one hypervisor and deploy it on the other without any re-work, cleaning up drivers or ghost hardware. To deploy workloads in Azure, you need to consider having some Azure master image instances that are used as templates for deployment of machine catalogs.
How do I keep my DR workloads updated?
As per any robust DR procedure, the DR resources need to be kept in-line with production. However, if we’ve potentially doubled the number of master images that need maintaining how do we manage the overhead?
Hopefully, we’re all following best practice and have an automated, repeatable build process for all master images, although introducing the challenge of multi-platform support can be daunting for even the most mature management solutions.
For Citrix Platinum Edition and Citrix Cloud customers, Citrix App Layering can help. One of the unique capabilities of Citrix App Layering is in the concept of Layered Images; these allow the separation of platform, operating system and applications into separate layers which can be dynamically composed and deployed to different environments.
Using Citrix App Layering allows you to maintain the same software stack on-premise and in the cloud, simply changing the platform layer based upon the environment you want the workload to execute in.
Each layer only needs updating in one place – for example on patch Tuesday, you update the operating system layer. This updated operating system layer can then be applied to your on-premise and Azure master images, significantly reducing administrative overhead and ensuring your production and DR resources are kept in sync.
Note: Layered images are available to all Citrix customers with a valid Customer Success Services agreement. Multi-platform targeting is available as part of Citrix XenApp/XenDesktop Platinum editions and Citrix Cloud XenApp/XenDesktop services.
Azure can provide a highly cost-effective DR solution for Citrix customers looking to gain immediate value from cloud adoption today. There are many architectural choices to be made that determine how the solution would be implemented, however the fundamental message is that DR doesn’t have to be a compromise, it can be the first step on your cloud voyage.
To find out more about how we can help you on your journey, take a look at our Virtual WorkSpaces in Citrix Cloud offering:
- By Andy McCullough (Senior Technical Consultant)