OU and VLAN Configuration for new Desktops and Application Servers

Introduction

This document aims to explain the OU and VLAN configuration where new VMs will be deployed and how this configuration can be overwritten using custom parameters.


Default deployment values

By default, VLAN and OU values are specified when a new VDT or ASF is created. VMs based on that will be using those values. These values are obtained as explained below:

VLAN

VLANs are defined at the template level when they are created, therefore there is no need to overwrite them and new VMs will always be created in the template VLAN.

Over Multi-tenant environments, this VLAN will likely match the Partner or Tenant VLAN.

OUs

OUs during deployment is defined at Virtual Desktop Template or Application Server Farm level, thus every time a new VDT/ASF is created, we will have to specify the OU where the needed VM machine accounts are created.

In the scenario where a particular VDT or ASF was automatically generated after a Desktop or App assignment to a user, this field will be automatically initialized with the configured OU of the tenant as shown in the “AD Configuration” tab.

Once a new VDT/ASF is created, the default value will no longer be able to be modified. So in case you have to, you either have to create a new VDT/ASF or use the “Deployment overrides” section.


Default Values Modification

Sometimes, instead of deploying VMs in the allocated OUs/VLANs as the default action, those VMs need to be deployed in different OUs / VLAN based on the actual HA hypervisor or tenant which will be built on. This scenario is covered here.

Most common use cases are:

  • You want to evenly distribute VMs across different OUs in order to balance out FPM amongst different storage units.
  • You want to distribute VMs across different VLANs -per instance- because of DHCP limitations.
  • There are no extended VLANs on multiples Data Centers.
  • You want to share templates across different Tenants.

To achieve the above, two methods may be leveraged according to customer needs.


Deployment Overrides setup

Should you need to configure the VLAN/OU within the HA Hypervisor scope, this can be done at the VDT or ASF level. To accomplish this, please find the “Deployment Overrides” tab in the existing VDT. You will see the “HA Hypervisors” where this template lives (either through the template itself or through the Template Surrogate).


For each “HA Hypervisor”, we have the possibility to edit the OU and the VLAN. This configuration takes precedence over the default configuration.

Should this configuration need to be modified, click on the “HA Hypervisor” to be modified, and submit the new values (OU, VLAN or both) in the new window that automatically will show up.



It is needed to save the VDT or ASF for these modified values to be recorded. From that point onward, the values will take effect in later deployments.

In case any of these fields are not filled out, the VDT/ASF default values will be used.

Deployment override behavior differs when dealing with OUs and VLANs. Namely:


VLANs

When you override an existing VLAN, behind the scenes Flexxible|Suite will first create the VMs in the existing template VLAN and then –before the first boot up occur- will proceed to change it.

Once the VLAN is configured, any VM created from that point onward on a given HA Hypervisor whose value was overwritten will be configured with the specified VLAN as shown in the Deployment Override.

For this to work as expected, these VLANs need to first have submitted properly in the VM Manager. Neglecting the aforementioned step will deem the process to fail and the VMs will remain in failed status.

In the case of vSphere environments, a Distributed Port Group tagged with the corresponding VLAN ID must be previously created. Note that the Virtual Standard Switches are not supported, so a Virtual Distributed Switch is required to create the Distributed Port Group in the vCenter Network configuration.

Please refer to the Creating VLANs in Flexxible|SUITE document for more information.


OUs

Since the OU where the machine account is created is configured at the XenDesktop catalog, Flexxible|Suite will  -during the creation of a new catalog- check whether for this HA Hypervisor the OU was overwritten and use this one instead of the default value in the VDT or ASF.

In case there is already a catalog for this VDT or ASF, Flexxible|SUITE will always prioritize the value of the existing catalog during the Deployment Override configuration. Therefore, in order to use the new OU, a new catalog excluding the existing catalog is mandatory.


Template Configuration shared across Tenants

Flexxible|SUITE allows to share partner-level templates across its tenants, this enormously simplifies the template update and overall handling.

In this scenario, even though the template belongs to the partner and therefore can not be modified by the tenants,  this template will be presented to the tenants as available and during the creation of new VMs (either Desktops or AppServer), a new VDT or ASF will be built exclusively for him.

The VDT default values will be the ones explained above. OUs will be the one configured at the Tenant level and the Template VLAN.

Because of security reasons, the partner may want to use a different VLAN per each Tenant, so he has the option to ensure these Desktops VLANs will be overridden with the configured VLAN at the Tenant, which can be selected at the “Networking” tab in the Tenant.

The “ForceVLANId” checkbox which is global per environment triggers this behavior.

Should the setting be “True”, VMs will hold the Tenant VLAN, otherwise, VMs will hold the default VLAN (Template’s VLAN).