Horizon View: Investigation of all states of a virtual desktop

In this video, I discussed and review all types of virtual machine status related to a virtual desktop belonging to a Horizon View desktop pool. I tried to analyze most of them and also the circumstances of their occurrence.

  

Why we need to deploy Instant Clone?

It's highly recommended to use the Instant Clone Desktop Pool (IC-DP) in comparison to the Full Clone Desktop Pool (FC-DP). But why? You may think it's an easy question that has complex answers, but I believe it's vice versa because I believe it's not a simple question but can have many easy answers. In many projects I saw the network administrators think about creating full clones is a better choice than using Instant Clones, because it’s easier to deploy and manage. Regardless of this idea is true or not, I think before creating any type of desktop pool, we should plan carefully to understand which type of desktop is more suitable for our VDI environment and can answer our end-users demands. 

First of all, I should mention in comparison to the FC-DP, management operations related to the IC-DP including maintenance jobs, updating procedures, and running them as an orchestrated workflow are more reliable and more schedulable in the overall support duration. For example, consider a situation you want to update the Horizon Agent on all of the desktops that belong to an FC-DP. Which options we have?

1. Rebuild the whole desktop pool again with an updated template (reference template)? If you want to do it, updating the Agent of your Golden Image used on your IC-DP will take the same amount of time as  FC-DP, but honestly, as you know reconstruction of all desktops consumes a long time for FC-DP (Even maybe one hour, while it's about the seconds for IC-DP)
2. Update the existing desktops via scripting? If you run the Agent installation in the silent mode, and run it through a scheduled script or execute via a domain policy, I can answer Yes! it's a good method (I will teach how to do it, in another post). But keep in mind it's required to monitor carefully with more attention because you need to check the correctness of script execution, the Policy establishment, and checking the machine's section on the Horizon management console through all steps of this operation.

Let's back to where I explain the initial step, what will satisfy your company and its end-user? I want to conclude such as this: FC-DP is simpler to build but is not true for long-time maintenance actions Because IC-DP acts faster in rebuilding steps. Of course, I agree the construction of IC-DP requires more background preparation phases than the FC-DP. So, I described the following checklist based on my experiences in different situations. I think if you consider them before starting a new VDI project, it can be a great one:

1. Complete the Cluster configuration, before running the VDI construction: In some situations, you may still be in the process of ESXi cluster building and also shared storage implementation. If they are not completed yet or some hosts are not connected to the corresponding LUNs, then don't run the IC-DP deployment on them. Because in such as these circumstances, desktop deployment tasks will be failed. So you should ignore those hosts to a candidate as the VM (desktop) placement or remove them from the cluster totally until you fix the SAN connectivities. Also, you can balance the desktop's resource usage via enabling the DRS.

2. Assign Flash-based volumes as the VDI storage placement: If there is no SSD datastore inside your data center, never try IC-DP creation. Although the procedure of IC-DP deployment includes several objects (Master, Internal, Replica, Parent) and it's not simple as the way of FC-DP, you can satisfy of very fast-provisioning via implementing the flash-based disks because they are the best storage candidate for high-rate disk-reading workloads. The good news is if you need to multiple IC-DP there is no need to dedicated another VM/Snapshot combination and even the Connection Server do not deploy whole combination of mentioned prerequisites IC-DP's virtual machines (Parent is different).

3. Define a procedure to update the DP’s machines regularly: One of the important difference between the two types of desktop pools is the way of their future maintenance operations, like upgrading and patching the OS, updating the installed antivirus, installing new versions of required software, and so on. Instant Clones are the better choice for the VDI change management operations, because based on IC-DP architecture you can easily update the Golden Image and then re-deploy desktops again. (Keep its OS and Apps updated when the VM is power-on, then generate a new snapshot and just replace with the old one easily)

 

4. Less storage is required: IC-DP is based on JMS technology (like other VMware products such as App Volumes) and uses the virtual disks and memory of its Parent-VM. So, if you want to take these advantages in your environment, don’t lose the IC-DP. It's good to know you can keep and protect the user profiles by using VMware Workspace ONE UEM or  Microsoft SCCM OSD profile capturing feature especially whenever you plan to deploy persistent desktops. 

5. Identical organization requirements, means same workloads and truly same applications: Whenever your clients need to same Apps and Services, and a general perspective has been defined for access the organizational resources, IC-DP is the best option, especially for non-persistent desktops that you can refresh them without any user considerations. Kiosks and any other types of OS-less workstations that are connecting to the network through the Horizon  is another use-case for accepting them as the clients of IC-DP, because generally they are not dedicated to the users and are public devices in our organizations. 

VMware improves the Instant Clone technology, for example I guess there is no SID-duplication issue. I checked it in one of the IC-DP members through Windows Power-Shell:

Get-ADComputer  -filter  {name -like '*vdi*'} | fl name, sid, *guid  

Although there are still some considerations and restrictions for Instant Clone technology in each of Horizon View version as I mentioned some of them above. So keep in mind always extract the details of organization's requests from the considered VDI solution, then start to build your virtual desktop infrastructure.

 

History of Virtualization Technology

It's a simple overview made by me, about the virtualization technology, goals and basic knowledge of hypervisor and virtual machine concepts for the beginners.

Best practice for a good Virtualized Datacenter Design - Part 1

In this post and other series of this title, I will review some great hints of a good datacenter virtualization design. But before anything, I want to ask you some major question:

1. What are the key components for an ideal virtual structure for different IT environments? 
2. How will you set up the virtual infrastructure?
3. And what elements are required for attending, before and after deployment and implementation phases?

In this post and other parts of this series, I want to deep dive into the details of good design for the virtual infrastructure based on VMware products.

In the first part, I investigated more about the basic requirements and prerequisites of IT infrastructures to migrate into virtualization. In other parts, I will review VMware's primary services and their impacts to achieve this goal.

1. Physical to Virtual

The first step is the estimation of the real needs of physical resources for the service providing. Processor Clock Rate (GHz), Memory & Disk Usage (GB) and also Network Transmission Rate (Gbps) must be calculated separately per each existing service and then we can talk about the required resources for the server virtualization. However, we should consider the hypervisor (ESXi host) overhead and add this measure to the total estimated count.

P2V migration always impacts to the service availability and usually needs to operationally downtime of the migrated service/OS. There are also some complexities in this manner, including:

1. Type of OS and supportability for converter application.
2. Specific Application dependencies via a hardware-locked.
3. Software Licensing problems.
4. SID/GUID changing issue for services like Active Directory.

So in the following, I provided a questionnaire about the P2V operation and you must answer to each of them carefully before the executing real migration:

1. Is it necessary to virtualize everything? And are you really sure about your answer? Why or why not, what’s the reason for keeping them into the physical area? or migrating to the virtual world… Answer of these questions is depended on your infrastructure requirement and you should reply it correctly for each of your important components and servers in your infrastructure.
2. Are you organized and prioritized each of the physical servers? Which ones must be on top of this list and which ones are good candidates for the pilot and test phase? I think selecting low-risk and non-critical workload servers is a good option for this state.

At last, you should provide a checklist like the following list to specify the server’s priority orders:

1. Application servers with low storage resources and simpler network and OS configuration.
2. Web servers with normal demand/request handling rate and also fewer dependencies to/from other servers
3. Network infrastructure services like VPN, DHCP, NPS
4. Mission-critical and organizational Application servers
5. Database servers based on SQL, Oracle and so on
6. Unified communication services like Mailbox, VoIP, IM servers.
7. Most important services in IT infrastructure like Directory services

 

2. Storage resources… How to provision?
If the physical server attached to a storage device/LUN/volume, there may be two difficulties exist:

1. Lack of enough space, if all mentioned storage used space must be migrated with the server to the new space provided by the hypervisor local storage
2. Access to the storage management system for zoning re-configuration and providing storage accessibility for the new deploying VM

On the other-side, in services with high critical transaction log files like Exchange server, migration of mailbox databases needs to consider the rate of the log space suddenly growth. Finally in every kind of P2V Migration, we need to more attention to temporary and permanent storage resources space.

3. Security consideration as the physical and traditional deployment

For choosing the virtualization platform, the selected solution must supply every security technologies that are deployed in the physical networking. It’s recommended that every aspect of physical switch security features like MAC learning, Private VLAN and so on can be supported by virtual switches. Distributed vSwitch technology used in the VMware vSphere platform is an ideal virtual networking solution for supporting many advanced security concepts like port mirroring and NetFlow. Except for VMware distributed switches (VDS), products of many vendors like Cisco, HP, IBM are supported by the vSphere networking platform. For example, Cisco Nexus 1000v is designed just as an integrated distributed vSwitch for the VMware platform. Of course, VDS design and migration from vSphere standard switch (VSS) to the VDS, requires to its implementation considerations (that I reviewed in this video playlist on my YouTube channel.)

4. Provide suitable physical resources for virtual infrastructure

One of the important characteristics of server virtualization in front of traditional server provisioning is the increasing rate of service availability and this requires the construction of VMware clustering. As a result, comply with the deployment prerequisites like employment of the same CPU generation and technologies in the ESXi members of the cluster is required.

It’s also recommended to use more similar physical servers instead of fewer servers with more physical resources. Thereby the Blade servers are a better choice as the hypervisor physical resources in front of other types of servers like the Tower servers.

5. Do not forget cleanup operation
After migration successfully has been done, you should start the post-migration operations, include checking the detected virtual hardware devices into the VM and also remove everything that is not required anymore on the new converted VM. For example in the windows guest OS you can run: devmgr_show_nonpresent_devices=1 and next run devmgmt.msc, then go to the view>show hidden devices and finally you can remove unnecessary or hidden items.
In the next part, I will talk about the power supply used for the computing and storage racks and how to calculate it.

vSphere Distributed Switch Design & Configuration - Part IV: Add & Migrate VMkernel ports