Netscaler masterclass presentation Oktober 2014

Today I presented on the Netscaler masterclass on the subject,  System Center and Netscaler and here is my presentation –> https://www.slideshare.net/secret/uSy62iG3eeoaFY

My talk consisted about using the different integrations between System Center and Netscaler, primarly on

• Virtual Machine Manager and Netscaler (Using the load balancer extention to deploy load balancing rules for service templates)
• Operations Manager and Netscaler (How to setup monitoring for Netscaler and use it together with Distributed Applications)
• Orchestrator and Netscaler (How to setup automation tasks against Netsacler using the NITRO SDK)

And as promised in the presentation here is my scripts that I use for the different tasks.

 

Add-Server activity (Note that this requires that the SDK is added to C:\SDK folder and that the different DLL files are added to the global assembly cache.

Set-location «c:\sdk»
[System.Reflection.Assembly]::Load(«System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a»)
$publish = New-Object System.EnterpriseServices.Internal.Publish
$publish.GacInstall(«C:\sdk\lib\Newtonsoft.Json.dll»)

(ADD THE DLL files to the global assembly for Orcehstrator to use for reference)

 

Add-Server

$path1 = Resolve-Path «C:\sdk\lib\Newtonsoft.Json.dll»
[System.Reflection.Assembly]::LoadFile($path1)
$path = Resolve-Path «C:\sdk\lib\nitro.dll»
[System.Reflection.Assembly]::LoadFile($path)

$user = «»
$pass = «»
$nsip = «»

(NOTE THAT THE CODE ABOVE NEEDS TO BE ADDED TO EACH ACTIVITY)

$nitrosession = new-object com.citrix.netscaler.nitro.service.nitro_service($nsip,”http”)
$session = $nitrosession.login($user,$pass)

$server1 = New-Object com.citrix.netscaler.nitro.resource.config.basic.server
$server1.name = «»
$server1.ipaddress = «»
$ret_value=[com.citrix.netscaler.nitro.resource.config.basic.server]::add($nitrosession,$server1)

Add-Service

$service1 = New-Object com.citrix.netscaler.nitro.resource.config.basic.service
$service1.name = «»
$service1.servicetype = «»
$service1.monitor_name_svc = «»
$service1.port= «»
$service1.servername= «»
$ret_value=[com.citrix.netscaler.nitro.resource.config.basic.service]::add($nitrosession,$service1)

Create Load balanced Service

$nitrosession = new-object com.citrix.netscaler.nitro.service.nitro_service($nsip,”http”)
$session = $nitrosession.login($user,$pass)

$lbvserver1 = New-Object com.citrix.netscaler.nitro.resource.config.lb.lbvserver
$lbvserver1.name=»»
$lbvserver1.servicetype=»»
$lbvserver1.port=»»
$lbvserver1.ipv46=»»
$lbvserver1.lbmethod=»»
$lbvserver1.servicename=»»
$ret_value=[com.citrix.netscaler.nitro.resource.config.lb.lbvserver]::add($nitrosession,$lbvserver1)

$lb_to_service = New-object com.citrix.netscaler.nitro.resource.config.lb.lbvserver_service_binding
$lb_to_service.name = «»
$lb_to_service.servicename = «»
$ret_value=[com.citrix.netscaler.nitro.resource.config.lb.lbvserver_service_binding]::add($nitrosession,$lb_to_vserver)

#netscaler, #orchestrator, #system-center

Excalibur and Orchestrator Magic

When Citrix released Excalibur they also included a whole bunch of Powershell which allows you to run Powershell cmdlets to alter anything.
If you are inside the Studio console you can see that there is a PowerShell window there, which shows all of the cmdlets that you have run.

and how does this help ? With the combination of Orchestrator, we can add automation to the equation.
What if we could automate the assignment of application to users via Orchestrator? and we could also add an approval workflow if we used it with Service Manager.
If a new users want a set of 20 new desktop for his or hers company we could create a new workflow which would run a PowerShell script against MCS and do this automatically.
However, I’m not going to go ahead of myself here, this is a start post to show what we can do with the provided PowerShell modules.

First I’m going to show how to import the modules that Citrix provides in this release.
Head over to the Studio server and open Powershell ISE
From there you can run this import commands.

There are more modules but these cover most of the administrative tasks.
If you refresh the ISE modules list now, the Citrix components will show up.

If we created a simple «Publish Application task» We can use the New-BrokerApplication to publish notepad.

New-brokerApplication -CommandLineExecutable C:\windows\notepad -displayname notepad -Applicationtype HostedonDesktop

NOTE: A bit of advice if you are unsure of how the cmd should look like, create an application with the wizard and extract the info after using the get-brokerapplication cmdlet.
Now we have a functional PowerShell cmd to publish Notepad to the studio.

So we know now that we have to import the modules first, then we can run the command to publish notepad, but how do to this via Orchestrator?
First set set-executionpolicy unrestricted on the Studio server.

And your script should be saved.

Now we simplest way is to use the Run Command activity in Orchestrator

I saved the script file locally on the Studio server, and the script looks like the output from the PowerShell ISE above.
So when I run this runbook what happens ?

This just publishes the application in Desktop Studio, it still isn’t assigned a user yet, that requires a bit more in PowerShell ill come back to that later this is just to show the abilities you have with Excalibur and PowerShell

#citrix, #excalibur, #orchestrator, #powershell, #system-center

Configuration Manager SP1 instant actions & Orchestrator

With Service Pack 1 there is a lot of new features available for instant actions. ConfigMgr is not happening “real-time” so when you deploy software to a computer it needs to wait for the computer to update its policy before it realizes that a new software is available. With Service Pack 1 you have more options to “speed things up” for instance you can do an remote computer update policy from within ConfigMgr.
Which is pretty similar with what you can with in Windows Server 2012 and Group Policy management where you can do a remote force update policy.

So you can do this on computer level or at collection level.

So as you can see we have
“Client Notification –> from here we can choose Update Computer Policy”
Endpoint Protection –> Update definition and full scan on the collection”

You can also do this at computer level, the options available will be reflected upon what component is installed. So if Endpoint protection is not installed you can not force update the definitions or run a full scan.

So in this case Endpoint protection is not installed on this computer so we can not update the endpoint. But this new features will allow for administrators to more quickly deploy updates / applications / endpoint definitions to computer.
Just remember that running updates on a large collection might result in a CPU spike on the Management Servers.

Now on the other hand we also have the ability to automate jobs from Orchestrator against Configuration Manager.
Now why would we do this ?
Just pretend we have a runbook that creates multiple virtual machines for a customer, we would want to have a custom computer collection created for that customer were we place all these new computers, where we would deploy baselines based upon what applications that customer wants as well. Might also be that a superuser wishes to deploy a new application that he purchased for his users that he wishes to deploy. Ill give some better examples as we go trough here.
Now to let’s take a look at the activities we have available in Orchestrator.

We have
* Deploy program
* Add Collection Rule
* Create Collection
* Perform Client Action
* Get Deployment Status
* Get Collection
* Deploy Task Sequence
* Query ConfigMgr
* Deploy Software Update
* Delete Collection
* Delete Collection rule
* Update Collection Membership
* Deploy Software
* Deploy Application
* Deploy Configuration Baseline

These actions can be used to deploy a runbook for a customer. For instance a superuser can issue a application deployment for its users after the software has been ordered.
Or a new customer can get a new computer collection created for its computers (or for instance a new VMM deployment can get a computer collection created in ConfigMgr and get baselines attached to it)
There are endless options here for deployment. You can also use this to do an instant “update” on the client using the Perform Client Action activity.

#configmgr, #orchestrator, #system-center

Azure integration pack for SP1 Beta

Microsoft just released a integration pack for Azure which allows you to create runbooks attached to Azure.
The activities included in the integration packs are:

• Azure Certificates- the Azure Certificates activity is used in a runbook to add, delete, and list management and service certificates
• Azure Deployments- the Azure Deployments activity is used in a runbook to create, delete, get, and swap deployments, change deployment configurations, update deployment statuses, rollback an update or upgrade, get and change deployment operating systems, upgrade deployments, walk upgrade domains, and reboot and reimage role instances
• Azure Cloud Services- the Azure Cloud Services activity is used in a runbook to create, delete, and get cloud services, check cloud service name availability, and create affinity groups
• Azure Storage- The Azure Storage activity is used in a runbook to create, delete, update, and list storage accounts, get storage account properties, get and regenerate storage account keys, create, list, and delete containers, and put, copy, delete, list, snapshot, and download blobs
• Azure Virtual Machine Disks- the Azure Virtual Machine Disks activity is used in a runbook to add, delete, update, and list virtual machine disks and virtual machine data disks
• Azure Virtual Machine Images- the Azure Virtual Machine Images activity is used in a runbook to add, delete, update, and list virtual machine operating system images
• Azure Virtual Machines- the Azure Virtual Machines activity is used in a runbook to create virtual machine deployments, download virtual machine remote desktop files, as well as get, delete, start, restart, shutdown, capture, and update virtual machine roles

You can find the integration pack for download here –>
http://www.microsoft.com/en-us/download/details.aspx?id=35399

#azure, #orchestrator, #windows