Uses Terraform and Ansible to deploy a fully functional CVAD environment. Many of the scripts used are thanks to Dennis Span and his fantastic blog.
Deploys the following:
- 2 DDC Controllers with Director
- 2 Storefront Servers (Cluster)
- 1 SQL and License Server
- 1 Stand alone VDA
- Installs components including director
- Creates Citrix site
- Creates 1 Machine Catalog
- Creates 1 Delivery Group
- Creates 1 Published Desktop
- Creates 3 Applications
- Notepad
- Calculator
- Paint
- Configures director
- Adds logon domain
- Sets default page
- Removes SSL Warning
- Installs Storefront components
- Creates Storefront cluster
- Configures Storefromt
- Adds Citrix Gateway
- Sets default page
- Enables HTTP loopback for SSL offload
- Adjusts logoff behavior
- Installs SQL and license server
- Installs SQL management tools
- Configures SQL for admins and service account
- Copies Citrix license files
- Installs VDA components
- Configures for DDCs
- Need CVAD ISO contents copied to accessible share via Ansible account (eg \\mynas\isos\Citrix\Citrix_Virtual_Apps_and_Desktops_7_1906_2)
- I used CVAD 1906 2 ISO
- Need SQL ISO contents copied to accessible share via Ansible account (eg \\mynas\isos\Microsoft\SQL\en_sql_server_2017_standard_x64_dvd_11294407)
- I used SQL 2017 but other versions should work
- DHCP enabled network
- vCenter access and rights capable of deploying machines
- (optional for remote state) Terraform Cloud account created and API key for remote state.
I used Ubuntu WSL to deploy from
- Ansible installed
- Install pywinrm
pip install pywinrm
andpip install pywinrm[credssp]
- Install pywinrm
- Terraform installed
- Terraform-Inventory installed in path. This is used for the Ansible inventory
- I copied to /usr/bin/
- (If using remote state)Configure Access for the Terraform CLI
- This REPO cloned down
- I used Windows Server 2019 but I assume 2016 should also work.
- WinRM needs to be configured and CredSSP enabled
- Ansible provides a great script to enable quickly https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
- Run manually
Enable-WSManCredSSP -Role Server -Force
- I use linked clones to quickly deploy. In order for this to work the template needs to be converted to a VM with a single snapshot created.
- From the terraform directory copy lab.tfvars.sample to lab.tfvars
- Adjust variables to reflect vCenter environment
- Review main.tf and adjust any VM resources if needed
- (If using remote cloud state) At the bottom of main.tf uncomment the terraform section and edit the organization and workspaces fields
terraform {
backend "remote" {
organization = "TechDrabble"
workspaces {
name = "cvad-lab"
}
}
}
- run
terraform init
to install needed provider
- From the ansible directory copy vars.yml.sample to vars.yml
- Adjust variables to reflect environment
- If you want to license CVAD environment place generated license file in ansible\roles\license\files
If you are comfortable with below process build.sh
handles the below steps.
Note: If you prefer to run many of the tasks asynchronously switch the ansible-playbook
lines within build.sh
which will call a seperate playbook. This is faster but can consume more resources and less informative output.
#Sync
#ansible-playbook --inventory-file=/usr/bin/terraform-inventory ./ansible/playbook.yml -e @./ansible/vars.yml
#If you prefer to run most of the tasks async (can increase resources)
ansible-playbook --inventory-file=/usr/bin/terraform-inventory ./ansible/playbook-async.yml -e @./ansible/vars.yml
- From the terraform directory run
terraform apply --var-file="lab.tfvars"
- Verify the results and type
yes
to start the build
- From the root directory and the terraform deployment is completed run the following
export TF_STATE=./terraform
used for the inventory script- Synchronous run (Serial tasks)
ansible-playbook --inventory-file=/usr/bin/terraform-inventory ./ansible/playbook.yml -e @./ansible/vars.yml
to start the playbook
- Asynchronous run (Parallel tasks)
ansible-playbook --inventory-file=/usr/bin/terraform-inventory ./ansible/playbook-async.yml -e @./ansible/vars.yml
to start the playbook
- Grab coffee
If you are comfortable with below process destroy.sh
handles the below steps. Please note this does not clean up the computer accounts
- From the terraform directory run
terraform destroy --var-file="lab.tfvars"
- Verify the results and type
yes
to destroy