Installation guide

ManualsBrandsRed Hat ManualsOtherLINUX VIRTUAL SERVER 4.6 - ADMINISTRATION

Linux Virtual Desktop

Installation Guide for

Red Hat Enterprise Linux

Technology Preview Release

Summary of content (27 pages)

PAGE 1
Linux Virtual Desktop Installation Guide for Red Hat Enterprise Linux Technology Preview Release
PAGE 2
Glossary Broker XenDesktop component responsible for brokering HDX sessions to the different VDAs within a XenDesktop deployment. Also known as the DDC or XenDesktop Delivery Controller. Broker Agent Component on the Linux VDA machine providing the desktop to be delivered. The Broker Agent communicates with the Broker to enable the brokering of sessions. It is composed of two key components, the VDA Service and the HDX Service.
PAGE 3
Table of Contents 1 INTRODUCTION ............................................................................................................ 5 2 SYSTEM REQUIREMENTS ........................................................................................... 6 2.1 2.2 2.3 2.4 2.5 3 LINUX DISTRIBUTIONS ..................................................................................................................... 6 XENDESKTOP ..........................................................................
PAGE 4
7.1 QUERY LINUX VDA INSTALLATION STATUS ............................................................................ 22 7.2 UNINSTALL LINUX VDA................................................................................................................ 22 7.3 REMOVE DEPENDENT PACKAGES............................................................................................... 22 8 TROUBLESHOOTING ................................................................................................. 23 8.
PAGE 5
1 Introduction This document is a guide for installing the Linux Virtual Desktop Technology Preview Release product on Red Hat Enterprise Linux Workstation and Server 6.6. Please follow each section in order to ensure a successful installation. The Linux shell commands used in this document have been verified to work with the GNU Bash shell only.
PAGE 6
2 System Requirements 2.1 Linux Distributions The following are the supported Linux distributions for the Linux Virtual Desktop product.     Red Hat Enterprise Linux Workstation 6.6 Red Hat Enterprise Linux Server 6.6 SUSE Linux Enterprise Desktop 11 Service Pack 3 SUSE Linux Enterprise Server 11 Service Pack 3 This document only describes the installation of the VDA product on Red Hat Enterprise Linux. A separate guide is provided for installation on SUSE Linux Enterprise.
PAGE 7
Bare metal hosting is also supported. 2.5 Active Directory Integration Packages The following lists the Active Directory integration packages or products supported by the Linux VDA.   Samba Winbind Quest Authentication Services v4.
PAGE 8
3 Configure Delivery Controllers 3.1 Update Delivery Controller Configuration A PowerShell script named Update-BrokerServiceConfig.ps1 is provided which will update the Broker service configuration to support Linux VDA session brokering. This script is available within the installation package. Repeat the following steps on every Delivery Controller in the farm: 1. 2. 3. 4. Copy the Update-BrokerServiceConfig.ps1 script to the Delivery Controller machine.
PAGE 9
4 Prepare Linux Machine for VDA Installation 4.1 Verify Network Configuration It is recommended that the network is connected and properly configured correctly before proceeding. 4.1.1 Assign Loopback Address to Hostname To ensure that the DNS domain name and FQDN of the machine are reported back correctly, change the following line of the /etc/hosts file to include the FQDN and hostname as the first two entries: 127.0.0.1 hostname-fqdn hostname localhost localhost.localdomain For example: 127.0.0.
PAGE 10
4.3 Disable Network Proxy Authentication Popup There is a specific RHEL 6 issue that causes users to receive a popup asking for the root password after logging on. To workaround this issue, as root, create the file /etc/polkit-1/localauthority/30-site.d/20-no-show-proxy-dialog.pkla in a text editor and add the following content: [No Show Proxy Dialog] Identity=unix-user:* Action=org.freedesktop.packagekit.
PAGE 11
sudo service postgresql initdb To ensure the postgresql service starts on boot and to start the service now: sudo chkconfig postgresql on sudo service postgresql start Check the version of PostgreSQL using: psql --version Check the data directory is set using the psql command-line utility: sudo -u postgres psql -c 'show data_directory' 4.4.3 Install Other Packages Install the other required packages: sudo yum -y install redhat-lsb-core sudo yum -y install ImageMagick sudo yum –y install openmotif 4.
PAGE 12
To verify these changes, reboot the system: reboot After reboot, check that this has been set correctly: su cat /proc/sys/xen/independent_wallclock This should return the value 1. 4.5.2 Microsoft Hyper-V 4.5.2.1 Fix Time Synchronization Linux VMs with Hyper-V Linux Integration Services installed can leverage the Hyper-V time synchronization feature to use the host operating system's time. To ensure the system clock remains accurate, this feature should be enabled alongside NTP services.
PAGE 13
4.6.1 Samba Winbind 4.6.1.1 4.6.1.1.1 Install or Update Required Packages Samba/Winbind The standard RHEL installation process will install the Samba/Winbind v3.x packages required for the Linux VDA, and enable the required winbindd service.
PAGE 14
1. 2. 3. 4. Open System > Administration > Authentication. On Identity & Authentication tab, change User Account Database to Winbind. Set the Security Model to ads. Enter values for each of the following fields:    Winbind Domain - Enter the NetBIOS name of the AD domain, which may be different from the Windows ADS Realm name. Winbind ADS Realm - Enter the Kerberos realm name for the domain. This must be specified in uppercase. Windows Domain Controllers - Enter the FQDN of the AD domain controller.
PAGE 15
This should display the list of keys available for the various combinations of principal names and cipher suites. Run the Kerberos kinit command to authenticate the machine with the domain controller using these keys: sudo kinit -k MACHINE\$@REALM The machine and realm names must be specified in uppercase, and the dollar sign ($) must be escaped with a backslash (\) to prevent shell substitution.
PAGE 16
1. 2. 3. 4. Open AD user properties for that user account. Select the Unix Account tab. Check Unix-enabled. Set the Primary GID Number to the group ID of an actual domain user group. Note that these instructions are equivalent for setting up domain users for logon using the console, RDP, SSH or any other remoting protocol. 4.6.2.2 Configure Quest on Linux VDA 4.6.2.3 Workaround SELinux Policy Enforcement The default RHEL environment has SELinux fully enforced.
PAGE 17
4.6.2.3.4 Verify Domain Membership The XenDesktop Controller requires that all VDA machines, whether Windows and Linux, have a computer object in Active Directory. To verify that a Quest-joined Linux machine is on the domain: sudo /opt/quest/bin/vastool info domain If the machine is joined to a domain this will return the domain name. If not joined, you will see the following error: ERROR: No domain could be found. ERROR: VAS_ERR_CONFIG: at ctx.
PAGE 18
  For XenDesktop version 7.6 and newer: When adding machines, set the VDA version installed as 7.0 (or newer). The Linux VDA does not yet support XenDesktop 7.6 VDA functionality. Do not mix Linux and Windows VDA machines in the same machine catalog. The Citrix documentation for creating machine catalogs is referenced below:    XenDesktop 7.1: http://support.citrix.com/proddocs/topic/xendesktop-71/cds-createnew-scheme-rho.html XenDesktop 7.5: http://support.citrix.
PAGE 19
5 Install Linux VDA Software 5.1 Uninstall Old Version If you have previously installed an old version of the Linux VDA, you should uninstall it before installing the new version. Stop the Linux VDA services: sudo /sbin/service ctxvda stop sudo /sbin/service ctxhdx stop Uninstall the package: sudo rpm -e XenDesktopVDA 5.2 Install Linux VDA Install the Linux VDA software using the RPM package manager: sudo rpm -i XenDesktopVDA-0.9.3.106-0.x86_64.rpm 5.
PAGE 20
  1 - Samba Winbind 2 - Quest Authentication Service CTX_XDL_USER_FORMAT = 1 | 2 | 3 - Specifies which user name format to use with the PAM modules: 1 - domain\user 2 - user@realm 3 - user CTX_XDL_START_SERVICE = Y | N - Whether or not the Linux VDA services are to be started when finished configuring the Linux VDA. This is typically Y.
PAGE 21
6 Run VDA Software 6.1 Start Linux VDA To start the Linux VDA services: sudo /sbin/service ctxhdx start sudo /sbin/service ctxvda start 6.2 Stop Linux VDA To stop the Linux VDA services: sudo /sbin/service ctxvda stop sudo /sbin/service ctxhdx stop 6.3 Restart Linux VDA To restart the Linux VDA services: sudo /sbin/service ctxvda stop sudo /sbin/service ctxhdx restart sudo /sbin/service ctxvda start 6.
PAGE 22
7 Uninstall Linux VDA Software 7.1 Query Linux VDA Installation Status To check whether the Linux VDA is installed and view the version of the package installed: rpm -q XenDesktopVDA To view more detailed information: rpm –qi XenDesktopVDA 7.2 Uninstall Linux VDA To uninstall the Linux VDA package: sudo rpm -e XenDesktopVDA Uninstalling the Linux VDA software will delete the associated PostgreSQL and other configuration data.
PAGE 23
8 Troubleshooting 8.1 Check the Linux machine has been prepared correctly The most common issues are a direct result of Linux machine misconfiguration, mainly around networking, NTP timeserver configuration or Windows domain membership. Fixing the Linux machine’s configuration will often resolve issues with the VDA software. 8.2 Configure logging and tracing The method for enabling logging (and tracing) differs between the Broker Agent and the HDX Service. 8.2.
PAGE 24
The setdbg application allows the tracing to be configured for many aspects of the HDX service. The top left drop-down contains the tracing categories, and selecting a particular component provides tracing options for individual components. Any changes made will take immediate effect. 8.
PAGE 25
Ensure the Username field includes the domain name in uppercase. The username can also be provided in UPN format: user@domain.net Another approach is to try making a direct HDX connection with local Linux user credentials instead of domain user credentials. This helps isolate whether there are domain authentication issues, which are often caused by misconfigured networking or Active Directory integration.
PAGE 26
9 Known Issues 9.1 General issues  Linux VDA only supports connection from the HTML5 Receiver through Citrix Access Gateway. HDX sessions connecting to the Linux VDA in this way will not appear in Citrix Studio or Citrix Director. 9.2 HDX issues          Linux VDA has issues with some keyboard shortcut combinations involving the Windows key (on Windows) or the Command key (on Mac), including those available in the HDX Connection Bar.
PAGE 27
   Linux Broker Agent does not handle power state changes in the same way as the Windows VDA – it does not unregister with the XenDesktop Delivery Controller when the machine or VM is suspended. Linux Broker Agent does not auto-detect when its IP address changes. A service restart is required to pick up the new IP address. VDA registration fails after leaving and re-joining an Active Directory domain. This is due to Winbind removing the computer object from Active Directory on leaving the domain.