Document Classification: Original Document Author: Software Requirements Specification (SRS) <Authors name> Document Title: Last Revision Date: SRS to Clone and Change VMs 08/12/2013 Page 1 of 17 Table Of Contents Table of Contents Document Revision History 1 Introduction 11 Purpose 12 Document Conventions 13 Intended Audience and Reading Suggestions 14 Product Scope 2 3 4 4 4 4 5 15 References Overall Description 21 Product Perspective 22 Product Functions 23 User Classes and Characteristics 24 Operating Environment 25 Design and Implementation Constraints 26 User Documentation 27 Assumptions and Dependencies 3 External Interface Requirements 31 User Interfaces 32 Hardware Interfaces 33 Software Interfaces 34 Communications Interfaces 4 System Features 41 User interface SP Website behavior 42 Administrator Approval Process 43 Session Management Platform Integration 44 Application server interaction with VMware Host System 5 Other Nonfunctional Requirements 51 Performance Requirements 52 Safety Requirements 53 Security Requirements 54 Software Quality Attributes 55 Business Rules 5 5 5 6 8 9 10 10 6 Other Requirements Appendix A: Glossary Appendix B: Analysis Models Appendix C: To Be Determined List 17 17 17 17 2 Page 2 of 17 10 11 11 11 11 11 12 12 13 13 14 15 15 15 16 16 17 Document Revision History: Date Author Version Change Reference 08/12/2013 Govardhan Gunnala 10 No previous document Page 3 of 17 1. Introduction 1.1 Purpose This document explains specifications for implementing a new feature for VM based Citrix Session setups. The new feature is called “ability to clone and change the VM Citrix Sessions”. This feature is to let customers self update the base VMs used in VM based Citrix Sessions. 1.2 Document Conventions This document is organized based on the IEEE Standard for Software Requirements Specification (SRS) (IEEE 830-1993) and contains the necessary requirement and some aspects of the analysis of the requirements. Below are the notations used for representing various sections in the document 1. Main Sections - 2. Main Sub-Sections - Represented in this format Represented in this format 3. Sub-Section Topics - Represented in this format 1.3 Intended Audience and Reading Suggestions This document is intended for the anyone in who understands the VM based Citrix Sessions and working on automating the tasks that are currently manual. Product Management: The management who wants to get an idea of what all the components involved in developing this new feature so as to plan resources and development activities. Developer: The developer who is responsible in authoring code to develop and integrate this feature with existing Session Management platform, must firstly consult this document to understand the involved technical requirements so as to find the most suitable technologies for development. Page 4 of 17 Infrastructure Administrator: The Infrastructure Administrator who is responsible for provision of infrastructure to host this feature in existing setup so as to understand what infrastructure requirements are. 1.4 Product Scope This new feature addition to VM based Citrix Sessions, offers flexibility to customers to make changes to their base VM images at any time without any delays. This also reduces the engineering staff efforts in implementing the changes, which are manual otherwise. 1.5 References Please refer to below documentation that explains the business requirement: 2. Overall Description 2.1 Product Perspective This new feature is an addition to the existing Session Management platform and its infrastructure. This feature reduces the manual efforts from in making changes to the base VM image whenever customer has to push a newer version of the software or make any changes to the existing setup. Thus new feature facilitates a workflow in which customers will be able to create VMs with required changes and can approve the requested changes for deployment in live. Page 5 of 17 2.2 Product Functions The primary use case: customers would have a web based access to the base VM images with options to 1. list available base VM images, 2. clone a VM out of chosen base image, 3. login to the cloned VM and make changes to the VM 4. save the modified VM as new a base image or override an existing base image 5. disregard the changes to the VM 6. create a new Citrix Session setup from updated base image 7. make new Citrix Session setup live A technical feasibility: test has been performed on VMware technology that uses for VM based Citrix Sessions. It’s found to be feasible to support use case requirements by cloning a VM from base image and saving the changes back to the base image via VMware PowerShell Automation APIs. The background operations mainly include 1. creating a new VM as a clone of existing VM 2. renaming cloned VM at VMware and Windows System level 3. automatically assigning an IP-address for the new VM 4. enabling RDP access to the new VM as local Administrator 5. auto-login customer to the new VM 6. saving the new VM as base image by setting new name and moving it to appropriate base images location 7. stop the newly created base image 8. delete the newly created VM Front-end and back-end workflow integration services: This includes user facing UI and approval for changes deployment to live UI: customer facing access is going to be SP (Support Portal) whose interface would re-used for this new feature provision to the customers. As existing SP runs on IIS web site, the new feature pages and code will also be deployed to the same web site. Page 6 of 17 The respective IIS pages would provide below options: 1. list of customer specific base VM images 2. option to select base image from the list 3. right click context menu with options “Convert to Active VM” 4. list of customer created active VMs 5. right click context menu with options Launch RDP to the server Convert to base Image Discard the active VM 6. create a new Citrix Session setup 7. make new Citrix Session setup live Approval: An approval process by staff is required to 1. validate the requests from customers and 2. avoid unnecessary entries creation by customers 3. keep setup in well managed and controlled state 4. ensure needed infrastructure is in-place to accept the user request A designated staff would receive a request for approval via email whenever user chooses to 1. save an Active VM as base Image – staff would verify the required resources are in-place and ensure not too many base images are created 2. create a new Citrix Session setup – staff would verify that required Session Management platform changes are in-place to support sessions. Customer would verify the application in session via TD sessions before to approve it for live. 3. make new Citrix Session setup live – staff would make required customer/vanity URL changes to point them to the new TD sessions and retires the previous setup Session Management Platform Integration: When user selects option to “create a new Citrix Session setup” a new distributed app will be created with all settings same as its existing setup except that it uses new base image with a new Dev URL. The designated staff would verify the auto created distributed app Session Management setup and then approves the request. When user selects option to “make new Citrix Session setup live”, will ensure the proper URL setup for both customer using and Vanity URLs and then will also retire the previously existing setup. Page 7 of 17 High Level Technical Architecture Diagram of New Feature Integration 2.3 User Classes and Characteristics VM Citrix Session Customer (ISV): Each ISV as a customer will have a single login to SP. They can login to SP from anywhere via SP website. Upon login they will be presented with a section that will take them to the VMs Citrix Sessions. Customer will be able to operate with right click context menu to perform VM based operations. Once customer is through with test quick from new VM Citrix Session session, a request for live approval can be placed. VM Citrix Sessions administrator: A designated team of staff will form a VM Citrix Sessions administrators list. There will be an administrator account per ISV for staff to manage the customer requests. The group will have an email list to which all of the customers’ requests will be sent. Upon a user request, admins can login as respective ISV admin account, do the approvals as appropriate. Page 8 of 17 2.4 Operating Environment The new feature will be available via SP web site. All of the operations that either an end user/admin performs will be translated into respective VMware PowerCLI API commands via web page code. The commands will be sent to Application server which would have VMware PowerCLI software installed and thus executes these commands. The PowerCLI commands in turn connects to VMware vCenter server, executes the commands and returns the results. The typical environment for this whole functionality includes 1. VM HOST: is a Physical server that runs VMware ESXi Hypervisor 2. VMs & Guest OS: a set of VMs that are loaded in Citrix Session sessions for end users. Currently supported VM guest OS is Windows Server operating systems usually 2008 R2 editions 3. vCenter server: is a Management system to interact with VMware host to execute VM operations. This will be installed on a Windows Server system. The version of vCenter to be used depends on version of ESXi 4. Application servers: A Windows server system (usually 2008 R2) on which agent software is installed and configured successfully. VMware PowerCLI API software as well will be installed on this server. Optionally it can run VMware vSphere client software which is required to work with vCenter server for any troubleshooting. 5. Session Management Management Server: is the centralized system that manages all of Application servers running the Agent software. This server will be utilized for session management on Application servers 6. Session Management Database server: is a SQL database server hosting the database for Session Management platform. 7. Session Management Web Servers: Windows servers with IIS installed and hosting the SP web site. usually be located in DMZ behind the firewall. 8. Active Directory server: is a Windows directory services server that authenticates the users logging into the SP portal. 9. Firewall: is a Windows server system running Cisco firewall software with defined access rules. This lets access only to the allowed resources on network for external world. 10. SP Website: accessible from anywhere for all (internal/external) of the users, built and runs on top of IIS website. Can be accessed via any of the browser software. Page 9 of 17 2.5 Design and Implementation Constraints The new feature primarily relies on clone functionality of the VMware software. For support of VM clone operation one needs to run a vCenter server of version respective to their VM host ESXi. The feasibility evaluation is performed on latest version of ESXi and vCenter software that is v5.1.0, if you have ESXi hosts running older version verify that all of feature needed PowerCLI commands are working. 2.6 User Documentation Here are the official links to the VMware Technologies and Automation resources: VMware ® vCenter Server VMware vSphere PowerCLI Overview Product Support for VMware vSphere Hypervisor (ESXi) 2.7 Assumptions and Dependencies It is assumed that SP website will be acting as user interface to present the new Feature and its options. If not, a similar web site with basic functionality to authenticate user against AD and interacts with Session Management Management & Application server to send commands, receive command results and present to user, has to be developed. For creating cloned VMs, user would provide a name for the VM and the same name would be used as the guest Windows system name. It’s assumed that the cloned VMs would be running in the same network as of other active VMs running the TD sessions. In such a network there would be a DHCP/auto IPaddress assignment configuration in place. It’s also assumed that communication interfaces required for user facing SP website would pre-setup and there doesn’t require any specific changes for this new feature. It’s also assumed that there would be an email communication channel that can be used for notifications to Admin accordingly to user actions. Page 10 of 17 3. External Interface Requirements 3.1 User Interfaces SP Login page: used by external user and/or internal admins For VM based Citrix Session customers, a separate page to manage their VM images would be provided For the customer login, there will be list of context menu options that he can perform against list of VMs displayed For specific approval needed operations, an email notification would be sent to VMs admin list For Admin user login, there would be list of VMs along with customer requests that are pending for approval. Admin user can approve or decline the request. Once a dependent operation is approved, user can move on to the next operations In case of any failure/error messages, customer would log a request with via same SP portal under his current logon session 3.2 Hardware Interfaces The new feature is based on VMs in which most of the hardware resource as well are found and configured at the VM Host level. 3.3 Software Interfaces The new feature functionality connects to vCenter server via VMware PowerCLI API installed on application servers. PowerCLI API supports triggering command remotely. To let uses to work on cloned VMs, a RDP session to the VM will be used. 3.4 Communications Interfaces SP is a web solution which would require HTTP access through firewall to the respective web server for external users to launch the website. The backend operations would need TCP/IP communication from Application servers to the vCenter server. Solution needs RDP access from Application servers to the Windows systems running in the VMs. Page 11 of 17 4. System Features 4.1 User interface CPP Website behavior A1 Login to SP ISV user login from external network ISV Admin login from internal network A2 User verification: authenticate the logon credentials provided against Active Directory to validate the user A2.1 If authentication fails, report login failed. A3 For successful login, show below options: A3.1 For ISV user login find the list of VM based applications for the ISV from Session Management console DB and present a page the list of VM applications. for selected VM based application, get the list of application VM base images and Active VMs from DB and present the list for selected VM base image, present following right click context menu options A3.1.1 Right click context menu options on a selected VM base image Convert to Active VM A3.1.2 Right A3.2 For ISV Admin login find the list of pending requests for approval and show them against the application in the list for selected request, provide options to Approve or Disapprove A3.2.1 If there are no pending requests, default the view to that of ISV user login click context menu options on a selected active VM Login to the server Create new Citrix Session Convert to Base Image Delete Page 12 of 17 4.2 B1 Administrator Approval Process VM based Citrix Session Administrators list would be notified with email for below customer actions: Convert to Base Image Create new Citrix Session B2 In case of “Convert to Base Image” option: administrator needs to follow below steps If user chooses to replace the existing image by specifying the same name, move the previous base image to a periodic backup location Ensures there are not any other stale VM images lying around Login to the SP portal and approves the request B3 In case of “Create new Citrix Session” option: administrator needs to follow below steps Verify the respective distributed app got successfully created in Session Management console Review the setup and update the server name/IP-address with the active VM that user chosen Ensure that networking and RDP access are properly set for that active VM Login to the SP portal and approve the request Once approved a test link to the new distributed will be sent to the customer for verifying the changes in TD session 4.3 Session Management Platform Integration C1 When user chooses “Create new Citrix Session” option, a new distributed app would be created by copying the existing VM based TD app from the Session Management Management server via a script/code execution C2 Once the admin approves the “Create new Citrix Session” request, Session Management will start forming VM based TD sessions from the assigned App server C3 Customer verifies the new VM changes in Citrix Session sessions Page 13 of 17 created via new Citrix Session distributed app 4.4 Application server interaction with VMware Host System D1 TD VM Session Management Application server will receive the commands corresponding to the user action and makes connection to the VMware vCenter server that manages the VMware host system D2 On selected base image, for user action Convert to Active VM: below sequence of PowerCLI commands will be performed: 1. Read-Host: Prompt user for a name to the cloned VM 2. New-VM: with chosen base image as source VM to clone 3. Start-VM: Will bring the cloned VM into Active state 4. Rename windows: Run WMIC/Registry commands to change the Windows System name to avoid conflicts on the network 5. Restart-VMGuest: Restart VM in order for Windows system rename action to take affect D3 On selected Active VM, user can perform following operations: D3.1 Login to the server:, below sequence of PowerCLI commands will be performed: 1. Guest.IPAddress: Retrieve the IP-address of the VM selected 2. Create .RDP file with IP-address of the VM and along with default Admin credentials. OR alternatively rely of MSRDP ActiveX code and create respective files for selected VM. 3. Launch RDP session with auto-login D3.2 Create new Citrix Session: below sequence of commands will be performed: 1. Run a script/code on the Session Management Management server that creates a new DistributedApp which is a copy of existing one. 2. Sends a user request email notification to administrators list 3. Follow the admin approval steps defined in section: B3 Page 14 of 17 D3.3 Convert to Base Image: below sequence of commands will be performed: 1. Read-Host: Prompt user for a name to the base Image 2. If the new name is same as existing one, prompt for confirmation to replace exist 3. Follow admin approval process steps defined in section: B2 4. Set-VM: rename the VM with new name provided for Image 5. Stop-VM: This will poweroff the VM as base Images do not run actively D3.4 Delete: below sequence of commands will be performed 1. Stop-VM: This will poweroff the Active VM 2. Remove-VM: This will delete the VM and its files 5. Other Nonfunctional Requirements 5.1 Performance Requirements For the major portion performance is linked primarily to website loading and backend VM operations. To ensure faster VM operations setup will include a decent datacenter hardware for both VM host and vCenter servers. Further to that VM density for VM host has to match the ratio of hardware resources vs. allocated VM resources. The key backend operation cloning a VM usually takes around 5-10 mins for per VM of size 20 GB from base image. The speed of this and other operations directly depends on VM host hardware. 5.2 Safety Requirements The new feature backend operations will not affect other applications installed on application servers. However, enough care should be taken on the backend VM host resource monitoring so as to avoid any broken operation unnecessarily occupying resources on it. Page 15 of 17 Consistency: To ensure smooth VM operations, conversion from active VM is not recommended. Whenever user requests to convert from active VM to base image, system should first shutdown the active VM and then do the conversion tasks. 5.3 Security Requirements The new feature will be available via SP website for only VM based Citrix Session customers. SP website acts as front end layer handling the user authentication against AD and communicating to resources from proper firewall access. In SP each customer (ISV) will have one user login and there will be only one respective ISV admin login for purposes. This single login user/admin per customer ensures the right audience access and avoids conflicts due to simultaneous access otherwise. 5.4 Software Quality Attributes Reliability: Use of VMware technologies for backend VMs hosting and its automation is an industry leading option with proven reliability across the businesses. Involved VMware automation interface provides relevant error messages in case of any exceptions while executing the commands. These should be translated to appropriate message to interact with customer operating in SP website. Maintainability: approval procedure plays major role in ensuring the quality of setup before accepting user requests for approval. This includes verifying and ensuring allocation of proper VM host resource, cleaning up old/stale VMs and its resources, etc., The approval workflow will have SLAs to be met to keep customer informed with availability of their changes they requested. Availability: Using SP, customer can report any failures for support which will follow support channel defined for addressing the SP user’s requests. Page 16 of 17 Integration with Session Management platform ensures that end users sessions will be serviced only for successful session creation. 5.5 Business Rules 1. New feature development should be designed with usability as the first priority. Keep detailed exception handling for faster support resolutions. 2. Follow fine tuned SLAs in approval process and ensure faster responses to customer 3. Review and plan Hardware/Software requirements including licenses periodically 6. 7. 8. 9. Other Requirements Appendix A: Glossary Appendix B: Analysis Models Appendix C: To Be Determined List Page 17 of 17