Welcome to the third and last part of the Ultimate Golden Image Automation Guide. The goal is still to create a new Golden Image by scheduling just one deployment Run book without extra manual tasks. This Guide will be in three parts, the first part is Preparation – Citrix Provisioning Services and Ivanti/RES ONE Automation. The second part is Deploying software – Ivanti / RES ONE software, Citrix VDA, Citrix PVS Target Device and Middleware. The third part is Optimzing/Sealing and Imaging vDisk – BIS-F sealing script and VMware OS optimization tool.
In this last part of the blog we’re going to optimize and seal the golden image and create a vDisk through the Citrix Imaging process. Of course we will automate all these steps.
VMware OS Optimization Tool
Before we’re going to image the vDisk we need to optimize the OS. OS optimization is needed to create an as lean as possible golden image. Because Windows 2016 can be used for many roles and can be virtual or physical, installed Microsoft adds a lot of services and register settings to make it as flexible as possible. But since we’re going to use the OS virtual and as XenApp host there are a lot of services and settings we don’t need. By disabling all these services and settings we create a faster and leaner Golden Image. Just think about all the wasted resources if you don’t optimize your OS and then deploy 200 XenApp server from your golden image! To optimize the OS we’re going to use the VMware OS optimization tool which can be downloaded here.We can use two ways to automate the VMware OS optimization tool. The first one is created by Rob Aarts and is part of his Windows 10 rollout startup package which can be downloaded here. You can download the package and use the VMware Optimization tool Module from it. The module will do the following:
We need to add 2 things to the module because after running the VMware OS Optimization tool the Windows Firewall, Audio and Audio Endpoint Builder services are turned off. Because we’re using the Golden Image as XenApp server the user probably wants to have sound enabled. And if we disable the Firewall services here, Windows Search Spotlight won’t work anymore so using the spotlight in the start menu will not pop-up the search window. This is not desirable for users. The last thing we need to do is change the Template variable to VMware Templates\Windows Server 2016 – Desktop
The VMware OS Optimization Tool turns off services and changes registry but of course RES / Ivanti ONE Automation can also do it. So the second way to run the VMware OS Optimization Tool is to not run it but take all tasks it does and create tasks in RES / Ivanti ONE Automation instead. This is of course a lot of work but luckily Arjan van t’Hoff has already done this and you can download it from the RES Hub here. If you want to use those modules instead, don’t forget to remove the services mentioned above. One of the great things about doing it this way is that you can see the specific settings that are being configured and turned off. Then again you won’t be benefitting from new settings in updates of the VMware OS Optimization Tool.
And of course we finish the VMware OS Optimization off with a Reboot.
Install Base Image Script Framework (BIS-F)
We have now Optimized the Windows 2016 OS to be run as a XenApp Server. But we’re not only going to run the Golden Image as a XenApp server, we’re going to use it as a vDisk and provide the disk to multiple XenApp servers through Citrix Provisioning Services. So what we now need to do is make the disk generic and move items like Eventlogs, Print Spooler, Citrix Cache and RES cache which are server specific to the Persistent D: disk. To do this we can use the Base Image Script Framework because it does all these things and much, much more! One of the great things it does is image the disk to a vDisk but more on that later on. First we need to install BIS-F and configure it. Download BIS-F 6.1.0 BETA from EUCweb,com here. We’re going to use the BETA because this comes with a feature which allows you to optimize RES ONE Automation while running BIS-F from a RES ONE Automation Task. After downloading the .EXE add it to RES / Ivanti ONE Automation Resources:
Now we’re going to create a new module with an unattended installation task, the installation parameters are: /SILENT /log=”c:\Windows\Logs\BIS-F.log” . Configure the task as follows:
BIS-F is configured through Microsoft GPO the ADMX file to configure BIS-F is located in c:\Program Files (x86)\Base Image Script Framework (BIS-F)\ADMX
This means that we first have to run the installer on a management server to get the ADMX file. After that we can of course remove the software. We need to copy the content from that folder to the domain policy store, this is normally \\DOMAIN\Sysvol\Policies\PolicyDefinitions. After doing that we can create a new GPO object and browse to COMPUTER CONFIGURATION> Administrative Templates > Base Image Script Framework (BIS-F). Of course the configuration will be different from environment to environment but there are a few mandatory settings we need to set.
In Global, set the Configure VerySilent and Shutdown Base Image after sealing to Enabled. The rest in Global is up to you.
Then go to RES folder and set both policies to Disabled or else the RES ONE Automation imaging task will fail.
The last thing we must configure is in the Citrix folder, the policy Configure Citrix PVS Target Device. We need to set the drive letter of the WriteCacheDisk to D:
Now we need to make sure that our target VM gets these settings by setting the GPO on the right OU. I would advise you to check out all the policy settings in the BIS-F policy.
Add the VMware OS Optimization Tool and Install BIS-F modules to a new Project and name it 03.00.00 Optimize Disk
Delete Snapshot (Optionally)
If you have chosen to create snapshot during the deployment we need to delete them now before we start imaging. Create a new module named Delete Snapshots and add the following tasks to it.
First stop the target VM.
Remove the After_Prepare snapshot.
Remove the After_Software snapshot.
And start the Target VM again.
Add this module to a new Project and name it 03.00.01. Delete Snapshots in the Deployment Run Book. We need to make sure to run this project on the management server with PowerCLI installed.
Now it’s time to start imaging the disk. This process will copy the System disk of the Golden Image Target VM to the vDisk we created and assigned to the target VM in Part 1. Create a new module and name it Start Imaging. Add an Execute Command task and enter the following command: “c:\Program Files (x86)\Base Image Script Framework (BIS-F)\PrepareBaseImage.cmd”
This task can easily take up 30 minutes to complete so we need to set the time out to 60 minutes.
This task will start the BIS-F tool and it will optimize the system to become a vDisk and it will start imaging the Disk. You can see the progress of the script through the Windows Explorer if you browse to \\targetvm\Persistentdisk$\BISFLogs , for example \\DTNCXA006\D$\BISFLogs .
Add this module to a new Project and name it 03.00.02 Image Disk
Close Disk, Assign it to Collection Citrix PVS
After the vDisk is created it still is in Private mode and cannot be used with multiple XenApp servers. So we need to change the disk mode to standard. This can be done with the MCLI.exe command line tool of Citrix PVS. I have created a module to do this on the RES Hub and you can download it here. It is important to first add a Postpone Job to make sure that the TargetVM is shutdown or else the disk mode cannot be changed. I have added a postpone of 2 minutes.
Or use the following commands.
To change the vDisk to standard with Cache in RAM overflow to Harddisk:
“C:\Program Files\Citrix\Provisioning Services Console\MCLI.exe” set disk -p diskLocatorName=DISKNAME siteName=SITENAME storeName=STORENAME-r writeCacheType=9 writeCacheSize=CACHESIZEINMB”
To assign the disk to a Collection for instance TEST-Collection:
“C:\Program Files\Citrix\Provisioning Services Console\MCLI.exe” run assigndisklocator -p collectionName=COLLECTIONNAME removeexisting=1 disklocatorname=DISKNAME sitename=SITENAME storename=STORENAME
Add this module to a new Project and name it 03.00.03 Close Disk Assign to Collection.
Send Finish Email
After the vDisk is created it is nice to receive an email especially if you schedule the deployment Run Book to run at night. So the last module we’re going to create is a Send Email task. Create a new module and name it Send Email. Add an Email Send task to it, fill in your email info and add a text like: Yes we did it, another vDisk automatically created with The Ultimate Golden Image Automation Guide!
Add this module to a new Project and name it 03.00.99 Send Finish Email.
Finish the Deployment Run Book
Now we need to add these last projects to the Deployment Run Book.
- Add the 03.00.00 Optimize Disk Project and use the $[RunBookWho] parameter as Who.
- Add the 03.00.01 Delete Snapshots Project and select your management server which has PowerCLI installed as Who.
- Add the 03.00.02 Image Disk Project and use the $[RunBookWho] parameter as Who.
- Add the 03.00.03 Close Disk Assign to Collection Project and select your Citrix PVS server as Who.
- Add the 03.00.99 Send Finish Email Project and select any agent which is allowed to send emails as Who.
And that’s it, we’re done! Now you can deploy your vDisk automatically and there is no need anymore to use Citrix PVS versioning. You just enter the changes like a new software application to the correct Projects and run the Run Book again!
I hope this was informative. I will create a PDF version of the guide in a few days. For questions or comments you can always give a reaction in the comment section or contact me: