New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
How to fail or succeed with desktop virtualization and workspace mobility
1. How To Fail Or Succeed With Desktop Virtualization &
Workplace Mobility
Introduction
Denis Gundarev @fdwl, Entisys Solutions
2. Denis Gundarev
C:>whoami /all
USER INFORMATION
---------------User Name
Twitter
E-Mail
============== ============ ==================
ENTISYSdenisg @fdwl
DenisG@entisys.com
GROUP INFORMATION
----------------Group Name
Type
SID
====================================== ================ =================
BUILTINGeeks
Mandatory group
COMMUNITYBay Area Citrix User Group
Well-known group S-1-5-32-544
S-1-5-32-540
CITRIXTechnology Professional
Well-known group S-1-5-32-548
COMPTIACloud Subject Matter Expert
Well-known group S-1-5-32-344
TRAINERMicrosoft Certified Trainer
Well-known group S-1-5-32-595
TRAINERCitrix Certified Instructor
Well-known group S-1-5-32-145
4. Who are you?
• Consultant? Decision maker?
Vendor? Developer?
• How many years you are in
Desktop Virtualization?
5. Agenda
9:00 AM
9:15 AM
10:05 AM
10:30 AM
10:45 AM
11:10 AM
12:00 PM
1:00 PM
1:45 PM
2:20 PM
3:00 PM
3:15 PM
3:45 PM
4:15 PM
9:15 AM Introduction
10:05 AM Evolution of server-based computing. Where did VDI come from?
10:30 AM Desktop Virtualization & Workplace Mobility: state of the union.
10:45 AM Break
11:10 AM Desktop Virtualization & Workplace Mobility: state of the union.
12:00 PM Desktop virtualization internals: Protocols, layering and isolation
1:00 PM Lunch
1:45 PM Application virtualization and user profiles, how does it work?
2:20 PM What happens when techonology meets marketing?
Technical and business barriers in adopting Desktop Virtualization & Workplace Mobility
3:00 PM solutions.
3:15 PM Break
3:45 PM Effects of underestimating or overcommitting hardware, storage and network resources.
Samsung sponsored Q&A panel session on zero client technology with Samsung's Sr.
4:15 PM Product Manager Greg Spence and special panel guest David Unangst of Teradici
4:30 PM Conclusions and Recommendations
6. This Workshop Is Not About…
• Server virtualization
• But we will cover this important topic
• Managing your cell phone and iPad
• You can be mobile even at your desk.
• How to reduce Capex and/or Opex
• Best way to save money is to stop spending them on useless stuff
• Check “How to lie with cost models” article by Brian Madden
http://bit.ly/TCOLie
• How to deploy and manage specific products
• RTFM
• But expect to hear tips and tricks from the real life
7. But At The End You Will Know…
•
•
•
•
•
•
•
What is Desktop Virtualization
How stuff works
Market landscape
Technology vs. marketing slogans.
Why projects are failing
Which pieces are most important in a proper sizing
How Desktop Virtualization can help you even if you
don’t need it
• How to fix your applications and finally get rid of
Windows XP
8. Disclaimer
•
•
•
•
•
I love Desktop Virtualization
I will try to not scare you of DV
Vendor neutral
Not a DV propaganda
My opinions are my own. I do not represent
my company or anyone else in this
presentation
9. Basics
• Desktop Virtualization
• Separates the computing platform (OS) from the client device (with
exceptions)
• One of the enablers of Workspace Mobility
• There is no universal solution, but many choices
• May be complemented by other types of the virtualization
11. How To Fail Or Succeed With Desktop
Virtualization & Workplace Mobility
Evolution of Server-Based Computing.
Where Did VDI Come From?
Denis Gundarev @fdwl, Entisys Solutions
13. 1975
• Microsoft was founded in Albuquerque
• dnd, the first video game that includes a boss was released
14. 1989
• Citrus Systems was founded by frustrated IBMers
• Prince of Persia was released
15. 90’s
1991 – Citrix ships MULTIUSER for OS/2
1992 – Microsoft releases Windows 3.1 and not
very interested in equipping its high-end operating
system with multiple-user features like UNIX.
1992 – Citrix signed licensing agreement with
Microsoft for Windows NT Server
1993 – WinView for Networks shipped
1994 – TCP/IP support was added to Citrix
WinView
16. 90’s
1996 – Anatoliy Panasyuk of Datapac (Australia)
playing with Transparent Windows Interface Seamless Windows – Implemented in MetaFrame
3 years later
1997 – pcANYWHERE for Windows 3.1 was
released
1997 – First version of Virtual PC for Macintosh
platform was released by Connectix
1998 – Windows NT 4.0 Server, Terminal Server
Edition (code name ―Hydra‖)
18. 2000’s
2000 – Windows 2000 (with terminal services
built-in)
2001 (June) – Virtual PC for Windows was
released
2001 (July) – VMware ESX 1.0 (Elastic Sky
X) and VMware GSX 1.0 (Ground Storm X)
released
2002 – NT 4 TSE Security Roll-Up Package is
available
2003 – First release of open-source Xen
2003 – Microsoft acquired Connectix
2003 – EMC acquired VMware
20. VDI Timeline 2006-2009
June
May
October
Desktop Broker
for Citrix
Presentation
Server
2006
Microsoft general
manager for
virtualization
strategy "surprised"
that IT are so eager
to virtualize their
desktops
(http://bit.ly/MSSur
prised)
Windows
Server2008 R2 vith
live migration, RD
Virtualization
RemoteFX
May
XenDesktop
2.0
February
VDM 2.0
November
December
View 3.0
XenDesktop 4
2009
2008
2007
November
April
February
September
February
November
VMware
demoing VDI
connection
Broker
VMware VDI
Alliance
Desktop
Server
1.0
Windows 2008
with Hyper-V
and RemoteApp
XenDesktop
2.1
XenDesktop
3.0
View 4.0
No VDI
June
VDM
2.1
May
XenDesktop
3.0 FP 1
21. VDI Timeline 2010-2013
September
July
March
XenDeskto
p 4 SP1
March
XenDesktop
4 FP1
XenDesktop
5.6
December
September
XenDesktop
5
View 5.0
2010
June
September
Windows Server
2012/Windows 8
Major Hyper-V
updates, Client
Hyper-V, User
personalization
Windows Server
2012 R2/Windows
8.1
Hyper-V updates,
RemoteFX updates
XenDesktop 5.6
FP1
2013
2012
2011
February
August
View 4.6
August
March
June
XenDesktop
5.5
XenClient
became a part
of XenDesktop
View 5.2
XenDesktop 7
May
September
View 4.5
View
5.1
22. History in short
• Citrix turned Windows in to a multi-user operating
system and became a leader in Server Based
Computing in Windows world
• VMware became a leader in server virtualization
• In 2005-2006 term VDI was introduced, which may be
considered as a hybrid of SBC and server virtualization
• Both Citrix and VMWare was playing like kids in 1st
grade, but became older
• Microsoft is slow in adopting new ideas, in fact there is
no releases between operating system releases
23. Trends
•
•
•
•
•
•
Migrating old workstations to the datacenter
Using blade PCs
Moving to cheaper thin clients
VDI started as an alternative to terminal services
Users became mobile
Lack of technical benefits of VDI was compensated by a ―lower
TCO‖ speech
• VDI supposed to make OS migration easier
27. VDI Adoption
• According to Simon Bramfitt from Entelechy Associates, 55% of the
companies have VDI in test environments (http://bit.ly/VDIinTest)
• In report prepared by Jeroen van de Kamp and Ruben Spruijt from
Project Virtual Reality Check, The majority of people (31,91%) is
using VDI in pre-production, or early production (34,92%).
(http://bit.ly/VDI2013)
• By 2016 30% of large organizations will have deployed HVDs to
20% of their users (Gartner http://bit.ly/VDIvsPC )
• Many customers don’t realize that they actually use desktop
virtualization for years.
28. How Market Keep Desktop Virtualization On the Top Of the
Hype?
• Desktop-as-a-Service is here to help
•
•
Hundreds of cloud service providers
Special licensing from vendors
• VDI vendors turn to virtual desktops
•
•
•
•
Wanova
Virtual Computer
RTO Software
Application virtualization vendors
29. Competition
“
VDI vendors are not competing against each other. They’re competing
against the status quo. They’re competing against those pallets full of
Dells that you’ve been buying for the past twenty years
Brian Madden, ―The VDI
Delusion‖ http://bit.ly/VDIDelusion
”
30. Summary
• VDI is not new
• VDI started as an initiative of converting physical desktops into a VM
• In the beginning of 2009, Gartner said that Hosted Virtual Desktop
market will surpass $65 Billion in 2013 and have 49 million users
(http://bit.ly/GartnerVDI)
• All vendors made a lot of acquisitions to make their products look
more competitive
31. How To Fail Or Succeed With Desktop
Virtualization & Workplace Mobility
Desktop Virtualization & Workplace Mobility:
State of the Union
Denis Gundarev @fdwl, Entisys Solutions
40. MDM/MAM
•
•
•
•
•
•
•
•
New to the market
Sandboxing
Integration with cloud storage
BYOD
Providing APIs to third-party
SaaS
Expanding to laptops
On-premises solutions
53. State of the VDI and SBC union 2013, Whitepaper from
Project Virtual Reality Check
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Hypervisor infrastructure used in VDI and
SBC
WAN optimization used in VDI and SBC
Unified Communications used in VDI and
SBC
Performance testing executed in VDI and
SBC
VDI Stateless - stateful virtual desktop
VDI and hypervisors
VDI and connection brokers
VDI and server configurations
VDI and antivirus
VDI and Remote Display Protocol, hardware
encoding
VDI and desktop image deployment
VDI and User Environment Management
VDI and client management
VDI and guest OS configurations
VDI and application virtualization
VDI Applications, Windows and web-based
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
VDI and storage
Server Based Computing (SBC) results
SBC Phase, usage, regions
SBC User types and goals
SBC and connection brokers
SBC and server configurations
SBC and antivirus
SBC and Operating System
SBC and User Environment Management
SBC Applications, Windows and web-based
SBC and storage
SBC and image deployment
Comparing VDI and SBC results
VDI versus SBC Hypervisor, server workload
VDI versus SBC WAN optimization
VDI versus SBC Unified Communications
VDI versus SBC Performance testing
•
http://bit.ly/VDI2013
54. How To Fail Or Succeed With Desktop
Virtualization & Workplace Mobility
Desktop Virtualization Internals:
Protocols, Layering and Isolation
Denis Gundarev @fdwl, Entisys Solutions
60. Remote Protocols
Microsoft RemoteFX
•Formerly known as
RDP
•Adaptive Graphics
(2012)
•Multi-Touch
•vGPU and GPU
sharing
•Windows clients
only
•Features tied to
Windows version
•No OpenGL
Citrix HDX
• Formerly known as
ICA
• Broad client
support
• HDX 3D Pro
• Flash and
Multimedia
Redirection
• OpenGL / DirectX
support
• Feature set is
different for
different clients
Teradici PCoIP
• UDP-only
• Offload cards are
available
• vSGA (NVIDIA
GRID)
• Limited QoS
support
• Has a new
competitor –
HTML5 blast
61. Protocol comparison
Phase 1: RDP7 vs RemoteFX v1 vs HDX vs HDX 3D Pro vs
PCoIP vs Quest EOP vs Ericom Blaze vs HP RGS (May
2011)
Phase 2: HDX 5.0 vs HDX 5.5 vs PCoIP 4.6 vs PCoIP 5.0
(October 2011)
Phase 3: Mobile Devices on 3G and 4G, and evaluating
RemoteFX v2 Beta (May 2012)
Phase 4: RDP 7.1 vs RDP 8 vs RemoteFX and Citrix
XenDesktop 5.6 FP1 HDX (February 2013)
Phase 5: NVIDIA GRID K2 accelerated 3D graphics HDX 3D
Pro, VMware PCoIP vSGA and Microsoft RemoteFX vGPU
(May 2013)
Phase 6: NVIDIA GRID K2 + K5000, Citrix XenDesktop 7
HDX and HDX 3D Pro, Microsoft RDP 7.1 and RDP 8, and
VMware View 5.2 vSGA (July/August 2013)
http://bit.ly/VDIProtocols
Shawn Bass
@shawnbass
shawnbass.com
Benny Tritsch
@drtritsch
drtritsch.com
62.
63. WAN Emulation – The Test Setup
Epiphan
DVI2USB
USB
One-on-one connection
DVI/
HDMI
Apposite Linktropy Mini2
PC with Epiphan
recording SW
Client
Shared environment
Host
64. Test Applications – 2D Graphics
1
2
GDI: Microsoft WordPad
+ RTF file (2.5 MB)
GDI: Adobe Acrobat Reader 9.34
+ PDF file (2.5 MB)
65. Test Applications – Videos & Animation
3
5
Video: Media Player 12.0
+ WMV file (Halo, 33 MB)
6
15
Video: Quicktime Player 7.68
+ MOV file (Meat Balls, 33 MB)
7
Flash: Flash Player 10
+ Intel VT Demo
HD Flash: Flash Player 10
+ Flash Video Factory
HD Video: Media Player 12.0
+ WMV file (Speed 720, 101 MB)
9
Silverlight:
Silverlight Photo Gallery
66. Test Applications – 3D Graphics
8
20
WPF: MeediOS
22
DirectX 9: Rollercoaster
by Emil Persson, aka Humus
21
OpenGL (SW): eDrawings
SolidWorks Seascooter
23
OpenGL (HW): Cloth
by Emil Persson, aka Humus
24
DirectX 9: Google Earth
DirectX 10: Custom Resolve
by Emil Persson, aka Humus
67. Test Applications – User Experience
10
11
Flash: Whack-A-Mole
HTML5: Fishbowl
68. Video Recordings Post-Processing
Raw AVI video
Full resolution, 60fps max.
ffdshow MS MPEG4 v2
One pass - quality, 99%
WMV Video
4-Up Split Screen
512 x 384
Silverlight Player
VC-1 Advanced
by J. Gorzas, Sense GmbH
Fixed bitrate 1045 Kbps
Microsoft
Expression Encoder
SPHtmlGenerator
69. Network Emulation Settings
Description
Bandwidth
Latency
Packet Loss
LAN
100Mb/s
0ms
0%
Within continent, slow 500Kb/s
50ms
0.01%
Within
continent, medium
2Mb/s
50ms
0.01%
Within
continent, medium, Cl 2Mb/s
oud
50ms
2%
Within continent,
fast
8Mb/s
50ms
0.01%
Across continents,
medium
2Mb/s
200ms
0.01%
Across continents,
fast
8Mb/s
200ms
0.01%
Across continents,
very fast, Cloud
12Mb/s
300ms
1%
75. Operating System Layers
User Files
User Settings
User Apps
Corporate Apps
Applications
Operating System
Hardware
76. What Is Layering?
• Way to define a container that contains relevant registry keys and
files
• Not possible on a block level
• Application deployment ≠ application layering
• OS deployment ≠ OS layering
77. Why Layering Is Good?
• Manage each layer separately
• User data stored separately, making backup easy
• OS and App layers can be generalized and shared between
instances
• Rollback each layer independently
• Great for non-persistent deployments
78. Layers In A Real Life
•
•
•
•
•
•
Difficult to separate User Data from User Settings
Per-app user settings are merged in a user profile
Layering adding a performance overhead
Number of golden images grow
Complexity
Say good bye to your desktop management experience
79. Pros of persistent desktops
One-to-one
Your
helpdesk
know what
to do
Performance
Familiar
management
tools
Users get what
they expect
SCCM, Altiri
s, Ghost, La
nDesk
Users store
their files in
weird
locations
80. Cons of persistent desktops
One-to-one
Familiar
management
tools
Users get what
they expect
Best way to
make your
storage
vendor
happy
Each
instance
managed
individually
Users can
ruin your
environment
81. Pros of non-persistent desktops
Less storage
New ways to
manage your
images
Locked-down
desktops
Share
your
golden
image
Ideally
one
golden
image
Just
reboot
for
refresh
82. Cons of non-persistent desktops
Less storage
New ways to
manage your
images
Locked-down
desktops
Harder to
manage IOPS
Old
management
tools doesn’t
work
App
virtualization is
required
No
personalization
86. Thin clones with identity disks
Virtual Machine Identity
Clones Linked to the master, deleted after reboot
Master
87. Thin clones with identity disks and per-user data disk
Per-user virtual disk
Virtual Machine Identity
Clones Linked to the master, deleted after reboot
Master
89. VMware Linked Clones
The OS delta disk
An optional disk for
each user’s profile
The base image
The baseline for linkedclone desktops
Full clone
virtual machine
linked
clone
OS disk
Persistent disk
Disposable disk
parent
virtual
machine
snapshot
replica
An optional disk
for paging and
temp files
OS disk
VMware View specific
Persistent is more possible.
Limited support for storage tiers
linked
clone
desktop pool
Persistent disk
Disposable disk
90. Citrix Machine Creation Services
1
2
3
4
5
hypervisor
Base
ID
ID
ID
ID
ID
DIFF
DIFF
DIFF
DIFF
DIFF
storage
91. How To Fail Or Succeed With Desktop
Virtualization & Workplace Mobility
Application Virtualization and User Profiles,
How Does it Work?
Denis Gundarev @fdwl, Entisys Solutions
92. What is Application Virtualization?
• Application is executed inside the sandbox
isolated from operating system
• Improves security (isolates insecurity)
• Eliminate application conflicts
Package
Deliver
Execute
93.
94.
95.
96.
97.
98. Every time you disable UAC…
Steve Ballmer kills a kitten
Please, think of the kittens
99. Every time you:
• Modifying ACLs on Program Files
or HKLM
• Making user a local admin
• Just give users SeBackup,
SeRestore, SeCreateGlobal and
SeLoadDriver privileges, but
keep them as standard users
101. Application Isolation Environments
Was introduced in MetaFrame Presentation Server 4.0
(2005)
Virtualization layer that redirects system resources
Virtualizes:
– File system
– Registry
– Named objects (events, semaphores, etc)
Transparent to the application
Was a great compatibility aid for:
– Applications which are not multi user friendly
– Applications which have problems coexisting on the same server
– Applications that cannot have multiple instances running
simultaneously
102. Isolation Environment Roots
Specifies directories and registry locations
User Profile Root
– Changes made by the user reside here
– Suitable for Multi-user
incompatible applications
Installation Root
– Per Isolation environment location
– Enables conflicting applications to coexist
104. Isolation Environment: IGNORE Rule
Used to create ―holes‖ in an isolation environment
Virtual address is not modified by the virtualization
system
Used to allow access outside of the isolation
environment
105. Isolation Environment: REDIRECT Rule
Redirects an application request for a file or registry
key to a specified location
– If an application creates the file, c:tempdata.txt, regardless of the
user, then it might be sensible to redirect those files to
c:aietemp%USERNAME%
– This means, if UserA ran the application isolated, then
c:tempdata.txt is created in c:aietempUserAdata.txt
106. Isolation Environment: ISOLATE Rule
Per User:
– Ensure that each user gets his own copy of the requested resource
Per Isolation Environment:
– A single copy of the required system resource is created in the
installation root location and shared by all users
107. Application Streaming
Introduced in Citrix Presentation Server 4.5 (2007)
Added delivery mechanism to AIE
Had 6 major releases before being deprecated in
2013
Still available with XenApp 6.5 and XenDesktop 5.6
Completely removed in XenDesktop 7
109. How it works
Two main components of Application Virtualization:
– Isolation/Redirection
– Delivery mechanism
Optional features:
–
–
–
–
File type associations and OS integration
Rights Management and usage tracking
Packaging
Shareable sandboxes
110. File I/O Redirection options
API Hooking
– at USER or Kernel Level
• Hooking CreateFile, OpenFile, DeleteFile, NtCreateFile,
NtOpenFile, NtDeleteFile etc
• Hooking into System Service Descriptor Table (SSDT)
File System Filter Driver or Mini-Filter
– Write file system driver to redirect virtualized file requests.
111. Registry Redirection Options
API Hooking at USER Level
– Hooking advapi32.dll - RegCreateKeyEx, RegDeleteKeyEx etc
– Hooking Ntdll.dll – NtCreateKey, NtDeleteKey etc
API Hooking at Kernel Level
– Hooking SSDT – NtCreateKey, NtDeleteKey etc
114. Microsoft App-V
Version 2.0 was released in 2002 by Softricity
~8 major and ~50 minor releases before App-V 5.0
App-V 5.0 is completely rewritten and released in
2012
Available as a part of MDOP under SA
115. App-V 5.0 Cons
Requires SA
User-level apps only
Cannot virtualize drivers
Cannot isolate applications that are a part of the OS
116. App-V Pros
Tons of information on Internet
Huge user community
Integration with System Center
Integration with XenDesktop
Managed by PowerShell
117. VMware ThinApp
Uses user-mode hooks
Application packaging solution, just like
PortableApps.com
Emulates Windows COM and DCOM
Supports Streaming Execution (SMB/CIFS) and
Deployed Execution (i.e. USB)
Does not support installed Apps
No centralized management (for standalone product)
End of availability (―EOA‖) of VMware ThinApp, effective
on December 15, 2013. After that will be available only
as a part of View or Horizon
118. CloudVolumes
AppStack – basically a VHD or VMDK attached to a
VM
Web-based management console that communicates
with hypervisor
Full support for server software
Available Now: VMware ESX 5.0, 5.1, Coming
soon… HyperV, Azure, Amazon EC2
121. CloudVolumes pros
Server software support
No streaming or any other delivery mechanism
Combination of file system minifilters and a service
Text file-driven configuration
Storage tiers on the hypervisor layer
Per-machine or per-user assignments
No packaging process
122. CloudVolumes cons
Works with virtual workloads only
Came out of stealth mode in 2013
Text file-driven configuration
123. Symantec/Altiris SVS
Now called Symantec Workspace Virtualization
Kernel-level hooks
Umanaged computers support
Application license management
Best in class integration with OS
124. Spoon
Formerly Xenocode
Web portal for app access
Desktop integration
Works over HTTP/HTTPS
License management
Available as SaaS offering
Server software support
Auditing
Support for installed applications
Application snapshots
125. Numecent Jukebox
HTTP-based streaming
Encrypted cache
Virtualized File System
DRM and license control
OPSWAT integration
Kernel-level file system driver
Web portal for user access
Currently targeted for ISVs and MSP
No publicly available demos or code
126. Numecent Jukebox
Patents:
• Software streaming system and method
• Intelligent Network Streaming and Execution
System for Conventionally Coded Applications
• Rule-based application access management
• Opportunistic block transmission with time
constraints
• Deriving component statistics for a stream
enabled application
127.
128. FSLogix
AIE:Ressurection
Came out of stealth mode about in July 2013
No streaming, no packaging
Combination of file system minifilter and user-level
hooks
Support changes in a realtime
Text-file based configs with a GUI editor
132. Sandboxie
• Isolated sandboxes for applications
• Virtualizes Files, Disk Devices, Registry Keys,
Process and Thread objects, Driver objects, and
objects used for Inter-process communication:
Named Pipes and Mailbox Objects, Events,
Mutexs (Mutants in NT speak), Semaphores,
Sections and LPC Ports
• Not designed for VDI
• Not designed for Enterprise
• Developed by one person
133. Microsoft Windows
• UAC Virtualization is available out of the box
• Application compatibility toolkit can be used to
manage folder and registry redirection
• No additional software needed
134. What Are Shims?
Applied to specific apps
– Configured with Compatibility Administrator in the App Compat
Toolkit
– Deployable to enterprise
Changes what the app thinks it sees
Does not change what app is allowed to do
135. What Are Shims Good For?
Great for many kinds of bugs:
–
–
–
–
–
–
Bad Windows version checks
Writing to HKCR at runtime
Unnecessary checks for ―am I admin?‖
Writing to WRP-protected keys and files
Windows thinks your app is an installer
File/Registry redirections
137. Most Used Shims
VirtualRegistry
– Fixes the problem with
reading/writing registry value
– AddRedirect ( HKLMKey ^
HKCUKey ^ HKLMKey2 ^
HKCUKey2)
CorrectFilePaths
– Fixes the problem with
reading/writing a file
– c:Program.ini=
%AppData%Program.ini
WRPRegDeleteKey
– Lie when app tries to delete
protected OS registry key
ForceAdminAccess
– Spoofs queries of administrator
group membership
VirtualizeDeleteFile
– Spoofs deletion of global file
LocalMappedObject
– Forces global section objects
into user’s namespace
VirtualizeHKCRLite,
VirtualizeRegisterTypeLib
– Redirects global registration of
COM objects
138. Conclusion
There are many vendors on the market
If you care about App compatibility, take a look at
simple solutions
Consider using SaaS-based services
Check the Application Virtualization Smackdown from
Ruben Spruijt
– http://www.pqr.com
– 61 pages cover major vendors on the market
140. How To Fail Or Succeed With Desktop
Virtualization & Workplace Mobility
What Happens When Technology Meets Marketing?
Denis Gundarev @fdwl, Entisys Solutions
142. ―
Horizon View offers ease of management along with a secure,
robust architecture, and the ability to offer end users the freedom
and choice they need to be productive. In comparing VDI and
sessions, VDI offers the following advantages over sessions:
• Eliminates application-compatibility issues
• User or OS resets do not impact other users (sessions require
resetting entire server)
• Provides better native-application compatibility
• Eliminates application-to-application conflicts in a multi-session
Environment
• Applications do not have to be written with TS or RDSH in mind
(i.e., desktop applications are supported)
‖
Source: VMware (http://bit.ly/ViewVsRDS2012
143. Application compatibility
• Most of the appcompat issues caused by
migration to the new OS generation
• Windows OS is stable
• Windows Client is not much more stable than
Windows Server
• Applications that work on Windows 7 in 99% of
cases will normally work on Windows Server
• Virtualization is not a solution, it’s workaround
146. • Use any desktop, optimized thin client, or BYO
device
• High definition user experience with HDX
technology
•
•
•
The best HD experience, even in low-bandwidth or high-latency
environments
Real-time voice and video collaboration
3D professional graphics support
150. Microsoft Virtualization Products
A comprehensive set of virtualization products, from the data center to the desktop
Assets – both virtual and physical – are managed from a single platform
151. • Monolithic hypervisor
– Simpler than a modern kernel, but
still complex
– Contains its own drivers model
VM 1
(“Admin”)
VM 2
VM 3
• Microkernelized
hypervisor
– Simple partitioning functionality
– Increase reliability and minimize
TCB
– No third-party code
– Drivers run within guests
VM 1
(“Parent”)
Virt
Stack
Hypervisor
Drivers
Drivers
Drivers
VM 2
(“Child”)
VM 3
(“Child”)
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Hypervisor
Hardware
Hardware
VMware ESX Approach
Hyper-V Approach
Microkernelized Hypervisor has an inherently secure architecture with
minimal attack surface
151
152. Side-by-side Feature and Cost Comparison
5 Virtualized Hosts (US$)
$61,400
―We saw that Hyper-V did
everything we needed and was far
more cost-effective than VMware,
which costs about $6,300 per
server more than Hyper-V.‖
—Nicholas Merton,
IT Support, Maxol
$21.4K
Included
$9.4K
153. Horizon Suite Versus The Competition
Physical
Desktop
Management
Virtual
Desktops
Multi-device
Workspace
Citrix
153
Confidential
154. Horizon Suite Components Versus Citrix Piece-meal Approach
Horizon Suite
Citrix CloudGateway, ShareFile,
XenDesktop, Access Gateway
Extensible and flexible platform
Citrix purchases piece parts with a long road
to integration
100% on premise file sharing solution in
addition to offering a cloud solution
ShareFile only offers data on premise.
Application is still hosted by sharefile.com
Desktop Layering, Migration, and Desktop
Backup and Recovery
None
Tight integration and similar management
experience as vSphere
No specific integration with vSphere
Android-dual persona
None
And best of all – It’s a suite!
Citrix requires purchase of CloudGateway,
XenDesktop, ShareFile, and Netscaler
Access Gateway
Horizon Suite is an integrated mobile workforce platform built by the leader
in virtualization and cloud computing; built for today and for the future.
Citrix offers non integrated tools purchased from various vendors without
the future needs of end user computing in mind.
154
Confidential
156. Thin/Zero clients
• Aren’t cheap
•
Don’t forget about servers
• Not a virus protection
•
You still running Windows in a VM
• Maintenance is still required
•
New firmware/clients
• 10 years lifetime
•
What’s wrong with your original iPhone?
• Always a compromise
•
Thinner = less functional
157. Alternative to thin client
• Windows Thin PC - based
•
•
•
For those who has SA, otherwise use your Windows
Norscale Transformer
ThinScale ThinKiosk
• Linux-Based
•
•
•
Stratodesk NoTouch Desktop
DevonIT VDI Blaster
Thinstation
160. How To Fail Or Succeed With Desktop
Virtualization & Workplace Mobility
Technical and Business Barriers in Adopting Desktop
Virtualization & Workplace Mobility Solutions
Denis Gundarev @fdwl, Entisys Solutions
162. New skillset is required
Managing non-persistent images
Application packaging
Storage requirements are different
Server virtualization skills is not your happy ticket
163. Microsoft Licensing
Licensing Windows SA, VDA, and CSL
Primary work device?
No
(regardless of ownership
and location)
Primary User of
SA/VDA licensed device?
Yes
Corp owned?
On Premises?
No
No
Yes
Yes
No
Yes
x86/x64 PC
(w/ Qualifying OS)
Other
(Thin Client, iOS,
Windows RT)
x86/x64 PC
(w/ Qualifying OS)
Windows RT
(No License Required
for VDI)
Other
(iOS, Android, etc)
VDA
CSL
SA
Any Device
(Roaming Rights: No
License Required)
167. Wrong Use Cases
•
•
•
•
•
•
•
Desktop virtualization is hot
Windows 7 migration
Offline use
Desktop refresh
Security
Reducing costs
Access from iPad
168. Internal issues
Server admins vs. desktop admins
CXO vs. CXO
―I tried this 10 years ago, it didn’t work‖
―My dealer said that Honda is better than Ford, I trust
him‖
Users don’t want changes
170. Shared vs Persistent
Shared
Local
Server Failure
Server Failure
• Couple of sessions
lost
• Couple of sessions
lost
Storage Failure
Storage failure
• All sessions lost
• Couple of sessions
lost
171. Storage
•
•
•
•
•
Your file server will not work
Use local storage
Use specialized solutions
Ignore ―maximum IOPS‖ from vendor
Measure
•
•
•
IOmeter
Remember about CIFS stores for profiles/apps
Learn how it works
•
•
•
•
ProjectVRC – www.projectvrc.com
VDI + Storage = Deep Impact – http://bit.ly/fOUZ8i
Jim Moyle Windows 7 IOPS - http://bit.ly/nvDLcr
Shawn Bass XenApp IOPS - http://bit.ly/xFRw7d
172. Servers
• Choose right form factor
•
•
• N+?
Will you use local storage?
GPU/PCoIP offload
173. CPU/Memory
• When moving user from 5-years old desktop to a
VM, don’t make things even worse
•
•
•
512Mb per VM is a wrong idea
10 VMs per core is a wrong idea
Ballooning is a bad idea
• Measure utilization first
•
Fix it before moving to VDI
• Remember about antivirus
174. Network
Remote Desktop should be responsive
Rich Graphics/Audio consume bandwidth
Use ―Smart‖ load balacers
Test WAN optimization
Plan gateways
178. Vendor selection
•
•
•
•
•
You should know what you need
You should know what you don’t need now
Check independent bloggers
Understand the technology
Check their blog, they may run out business
already
179. Analyze features
• Don’t buy premium editions with features that you
can’t use right now
•
•
Vendors will always offer you an upgrade if needed
Features might be removed or deprecated
• Try to use what you already have
•
•
Microsoft VDI
Publish desktops on XenApp
181. Rollout
• Most of the problems caused by misconfiguration
• If something doesn’t work:
1. RTFM
2. Call vendor/partner
• Involve third party
• Train IT staff
• Talk to your users