Step-by-step guide to learn how to create and optimize a new OS layer with Citrix App Layering.

More from the Lab!

 

We discussed in the previous posts of this Citrix App Layering series how to install and configure the appliance. In this post, we will create our first OS Layer for Windows Server 2016 and optimize the layer with best practices.

More from this Citrix App Layering series

Requirements

For this lab, you need the following:

Best Practices for OS Layers in Citrix App Layering

  • Have one OS layer per Operating System (Windows Server 2016, Windows 10 64-bit, etc)
  • Check Citrix documentation about supported OS
  • The Operating System layer is always the lowest priority layer. It is always at the bottom of the layer stack no matter what the version date and time is.
  • Start with a fresh image of a supported Windows OS from your hypervisor. Create a new base image based on latest .ISO downloaded from Microsoft website that includes latest Windows updates (Ex: Windows Server 2016 ISO download)
  • Legacy NIC for Hyper-V and VMXNET3 for VMware
  • Generation 2 virtual machine type is not supported with Hyper-V. Only Generation 1.
  • Configure DHCP to get an IP address in the template.
  • Clean up any installers or temp directories.
  • OS Layer must be as clean as possible. Only install required apps! And only install on C:\ drive.
  • Activate Windows
    Windows is Activated
    Windows is activated
  • Rename the machine and leave it in WORKGROUP
  • Install pending Windows Updates and then stop and disable Windows Updates service and then REBOOT!
  • Install Microsoft .NET Framework and Visual C++ libraries in the OS layer
  • Install Microsoft .NET Core in the OS Layer
    Enable .NET Framework Core
    Enable .NET Framework Core
  • Remove all Microsoft Store Apps and Disable related services
  • Disable Windows Defender and Windows Firewall
    Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False
    Set-Service MpsSvc -StartUpType Disabled
    Stop-Service MpsSvc -force
  • Disable IPV6 (PVS only)
     HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\
    Name:             DisabledComponents
    Type:             REG_DWORD
    Min Value:        0x00
    Max Value:        0xFF (IPv6 disabled)
  • Disable TCP Large Send Offload
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters
    Key: "DisableTaskOffload" (dword)
    Value: "1"
  • Disable IP Source Routing
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    DWORD=DisableIPSourceRouting
    Value=2
  • Disable IE ESC
  • Force High Performance Power Scheme
    Powercfg /list
    Powercfg /s {UID}
  • Configure Page File
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
    Key: "PagingFiles" (reg_multi_sz)
    Value: "C:\pagefile.sys 4096 4096"
  • Set Time to display list of OS to 5s
    Bcdedit /timeout 5
  • Adjust performance for programs
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl
    Key: "Win32PriortySeparation" (dword)
    Value: "26"
  • Remove Legal notice
    (Remove. Causing delay in launching published applications)
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System;
    Legalnoticecaption
    Legalnoticetext
  • Run Citrix Optimizer with the appropriate template
    Run Citrix Optimizer with 2016 template
    Run Citrix Optimizer with 2016 template
  • Disable OS Rearm (MCS Only)
    Set-ProvServiceConfigurationData -Name ImageManagementPrep_Excluded_Steps -Value OsRearm
  • Hypervisor tools of your main hypervisor should be installed into the Operating System layer (Ex: VMware Tools or Hyper-V Integration Services). If you plan to deploy that image on a different hypervisor, you will need to add the tools on the platform layer.
  • Do not install applications (Antivirus, Monitoring agents, etc) in the OS Layer.
  • Create new local users and local groups in this layer. Domain users and groups can be added by GPO.
  • Always connect to the OS Layer with the same local account
  • Check this link for more best practices.
  • Run Preparation Script instead of Shutdown For Finalize (optional)

Create a new OS layer in Citrix App Layering

Build the master image

Create a new virtual machine from the .ISO downloaded on Microsoft Website (Ex: 4vCPU, 8GB ram and 60 GB).

Install Windows Server 2016 by following the wizard. and apply all best practices & recommendations highlighted at the beginning of this article.

Windows Server 2016 OS Master
Windows Server 2016 OS Master

Browse to the Citrix App Layering package.

Double click on citrix_app_layering_os_machine_tools_xx.xx.x.exe.

App Layering package
App Layering package

This package will unzip in C:\Windows\Setup\scripts (by default).

App Layering machine tools
App Layering machine tools

If not started automatically, run SetKMSVersion.hta.

Set KMS in App Layering
Set KMS in App Layering

Run also RemoveStoreApp.cmd to remove all Microsoft Store applications from the image.

Remove Microsoft Store apps
Remove Microsoft Store apps

Then run setup_x64.exe to install Citrix App Layering Image Preparation Utility.

Install Citrix App Layering Image Preparation Utility
Install Citrix App Layering Image Preparation Utility

Select Next to install.

Install Citrix App Layering Image Preparation Utility - Wizard
Install Citrix App Layering Image Preparation Utility – Wizard

Select Next.

Install Citrix App Layering Image Preparation Utility - Answer file
Install Citrix App Layering Image Preparation Utility – Answer file

Then Finish to close the window.

Install Citrix App Layering Image Preparation Utility - Completed
Install Citrix App Layering Image Preparation Utility – Completed

Shutdown the virtual machine.

Create OS Layer in Citrix App Layering

Go to ELM console > Layers > OS Layers and select Create OS Layer.

Create OS Layer
Create OS Layer

Enter layer details:

Create OS Layer - Layer details
Create OS Layer – Layer details

Select the connector to be able to browse the virtual machines.

Create OS Layer - Connector
Create OS Layer – Connector

Select the virtual machine.

Create OS Layer - Select Master OS Build
Create OS Layer – Select Master OS Build

Confirm.

Create OS Layer - OS Disk details
Create OS Layer – OS Disk details

Assign an icon.

Create OS Layer - Assign icons
Create OS Layer – Assign icons

Create layer.

Create OS Layer - Create Layer
Create OS Layer – Create Layer

ELM will start to copy the vDisk in the repository.

Create OS Layer - In progress
Create OS Layer – In progress

You will find the new OS Layer in the ELM console when the creation has finished.

Update OS Layer

To update the OS layer, right click and Add Version.

OS Layer - Add version
OS Layer – Add version

Increment the version number and add a description.

OS Layer - Version details
OS Layer – Version details

Select the connector where ELM will deploy the virtual machine.

OS Layer - Connector
OS Layer – Connector

Enter the disk filename.

OS Layer - Filename
OS Layer – Filename

Confirm the creation.

OS Layer - Confirm create version
OS Layer – Confirm create version

ELM will prepare the OS Layer image.

App Layering - Create new layer version
App Layering – Create new layer version

You can see in the reposity (/mnt/repository/Unidesk/Packaging Disks/) that a new OS_2016_Boot.vhd is available.

App Layering - Packaging disk creation
App Layering – Packaging disk creation

After few minutes, ELM will start to create to deploy the virtual machines and its disks.

App Layering - Cache disks creation
App Layering – Cache disks creation

See below the virtual machine created in Hyper-V.

App Layering - Packaging virtual machine
App Layering – Packaging virtual machine

When everything is ready, ELM will automatically start the virtual machine.

App Layering - Packaging virtual machine will automatically start
App Layering – Packaging virtual machine will automatically start

The virtual machine is available. Logon and install updates.

App Layering - Packaging virtual machine is up and running
App Layering – Packaging virtual machine is up and running

Note: if a reboot is required during the updates, it is recommended to reboot a second time. 

Then click on Shutdown For Finalize (the icon is available on the desktop by default).

App Layering - Shutdown for Finalize
App Layering – Shutdown for Finalize

The virtual machine will shutdown.

Go to the ELM console > Layers > OS Layers and right click on the OS_2016 layer.

App Layering - Finalize layer
App Layering – Finalize layer

Select Finalize.

ELM will copy the disk from the share to the repository.
Location: /mnt/repository/Unidesk/Finalize Disks/.

App Layering - Moving to Finalize Disks
App Layering – Moving to Finalize Disks

Then ELM will copy it to the layer disk.

App Layer - Copy the disk
App Layer – Copy the disk

Location: /mnt/repository/Unidesk/Layers/OS/.

App Layering - New disk is available IN /Layers/OS/
App Layering – New disk is available IN /Layers/OS/

The last step is remove the virtual machine in Hyper-V.

App Layering - Automatic cleanup of temp disks/VMs
App Layering – Automatic cleanup of temp disks/VMs

The new version of the layer has been deployed.

Export layer

You can export layers for backup or to transfer them to a different ELM infrastructure.

Select a network location and enter the proper credentials.

App layering - Export Layer - Destination
App layering – Export Layer – Destination

Select the item you want to export.

App layering - Export Layer - Version selection
App layering – Export Layer – Version selection

Select Finalize to export.

App layering - Export Layer - Finalize
App layering – Export Layer – Finalize

Take a look at the folder for the exported files.

App layering - Export Layer - Version exported
App layering – Export Layer – Version exported

Delete version of a OS layer

Right click on the OS layer and click on Delete Versions.

App layering - OS Layer - Delete version
App layering – OS Layer – Delete version

Select the version you want to delete. You can also delete the full layer with all its versions.

App layering - OS Layer - Select version to delete
App layering – OS Layer – Select version to delete

Click on Delete Versions to confirm.

App layering - OS Layer - Delete version
App layering – OS Layer – Delete version

Cancel a layer revision

Go to the layer task and click on Cancel to flush the current version of the layer.

App Layering - Cancel task
App Layering – Cancel task

ELM will flush everything for this version of the OS layer.

App Layering - Task canceled
App Layering – Task canceled

More from the Lab!