Home > Blogs > VMware Consulting Blog

EUC Datacenter Design Series — EVO:RAIL VDI Scalability Reference

By TJ Vatsa with Fred Schimscheimer and Todd Dayton

End User Computing (EUC) has come of age and is continuing to mature by leaps and bounds. Customers are no longer considering virtual desktop infrastructure (VDI) as a tactical project but are looking at EUC holistically as an enterprise solution that accelerates EUC transformation. You can refer to the EUC Design 101 series here (Part 1, Part 2, and Part 3) or a consolidated perspective here (EUC Enterprise Solution). Having collaborated with my fellow colleagues Fred Schimscheimer and Todd Dayton (bios below) during the last few weeks, I intend to share the game changing revolution that VMware’s hyper-converged infrastructure solution is bringing to the EUC domain.

The Challenge
People familiar with VDI are well aware of the fact that a scalable production deployment requires systematic and thorough planning of the infrastructure, namely compute, storage and networking. This can be a daunting task for customers that are either chasing tight deadlines or do not have the available infrastructure or people resources. We have noticed this to be a perpetual challenge for many of our customers across different industry domains including healthcare, financial, insurance services, manufacturing and others.

The Panacea
During the last few years, hyper-converged appliances have been taking the industry by storm. By design these systems follow a modular, building block approach that scales out horizontally and is very quick to deploy. From the EUC infrastructure perspective, it has become necessary to acknowledge the efficiency of hyper-converged appliances. While there are vendors that have hyper-converged infrastructure that runs on VMware’s vSphere hypervisor, VMware’s foray into this domain, EVO:RAIL, was released for general availability during VMworld 2014 in San Francisco in September.

EVO:RAIL has been optimized for VMware’s vSphere and Virtual SAN technology with compute, storage and networking resources in a simple, integrated deployment, configuration, and management solution. EVO:RAIL is the next generation EUC building block for a Software Defined Data Center (SDDC).

Numbers Don’t Lie
During the last few months, our teams have been diligently testing and scaling EVO:RAIL for a variety of use cases such as EUC, Business Continuity and Disaster Recovery (BCDR) and X-in-a-box. The next few paragraphs will focus on our findings for Horizon 6 View desktops scalability.

You may be having lots of questions by now. So let’s take it one by one!

Q: What did the hardware configuration look like?
A: The test bed hardware infrastructure configuration was as follows:

EVO:RAIL Appliance

  • 4 x nodes
  • Each node
    • 2 x Intel E5-2620 @ 2.1 GHz
    • 192GB memory (12 x 16GB)
    • 3 x Hitachi SAS 10K 1.2TB MD
    • 1 x 400GB Intel S3700 SSD

Q: What did the software configuration look like?
A: The test bed View software configuration was as follows:

  • vSphere 5.5 + VSAN
  • Horizon View 6.0 (H6)

Table 1: Horizon 6 Configuration

Horizon 6 Configuration TableNote: vCSA=vCenter Server Appliance

Q: What did the VDI image configuration look like?
A: The test bed image configuration was as follows:

Table 2: Desktop Image Configuration

Desktop Image Configuration Table

Q: What types of View desktops did we test?
A: Horizon View 6, linked clone virtual desktops with floating assignments.

Q: What Horizon 6 configurations did we test?
A: The following configurations were tested using Reference Architecture Workload Code (RAWC):

Table 3: Load Test Configurations

Load Test Configurations

These configurations are pictorially represented in the following schematics:

Management Cluster and Desktop Cluster

 

Figure 1: Configurations #1a/#1b

The figure above represents EVO:RAIL appliances with separate Horizon 6 Management and Desktop clusters.

VDI-in-a-Box

Figure 2: Configuration #2

The figure above represents the EVO:RAIL appliance with both Horizon 6 Management and Desktop clusters in the same appliance. It also illustrates an N+1 configuration to support one node failure within the EVO:RAIL appliance.

Q: What did the results look like?
A: The following results were obtained after the configurations were stress tested using RAWC.

Test Category Results
RAWC Virtual SAN Observer
Config #1a Configuration 1a-RAWC Configuration 1a - VSAN
Config #1b Configuration 1b - RAWC Configuration 1b-VSAN
Config #2 Configuration 2 - RAWC Configuration 2 - VSAN

 

Note: Click the thumbnail images above to drill down into graph details.

Results Summary
The table below summarizes different test configurations and the tested consolidation ratios of numbers of virtual desktops to the EVO:RAIL appliance.

Table 4: Test Configuration Findings

Test Configuration Findings

We hope you will find this information to be useful and motivating. We are looking forward to you bravely adopting and implementing a VDI-in-a-box solution using VMware’s EVO:RAIL hyper-converged appliance in your Software Defined Data Center (SDDC).

Until next time, Go VMware!


Author

TJ VatsaTJ Vatsa is a Principal Architect and CTO Ambassador at VMware, representing the Professional Services organization. TJ has been working at VMware since 2010 and has over 20 years of experience in the IT industry. At VMware, TJ has focused on enterprise architecture and applied his extensive experience to cloud computing, virtual desktop infrastructure, SOA planning and implementation, functional/solution architecture, enterprise data services and technical project management. Catch TJ on Twitter, Facebook or LinkedIn.

Contributors

Fred SchimscheimerFred Schimscheimer has worked at VMware since 2007 and is currently a Staff Engineer in the EUC Office of the CTO. In his role, he helps out with prototyping, validating advanced development projects as well as doing product evaluations for potential acquisitions. He is the architect and author of RAWC – VMware’s first Reference Architecture Workload Simulator.

 

Todd DaytonTodd Dayton joined VMware in 2005 as the first field “Desktop Specialist” working on ACE (precursor to VDI). In his current role as a Principal Systems Engineer and CTO Ambassador, he continues to evangelize End User Computing (EUC) initiatives and opportunities for VMware’s customers.

vCAC 6 Custom Properties, Build Profiles and Property Dictionary Simplified

By Eiad Al-Aqqad

Eiad Al-AqqadThis post originally appeared on Eiad’s Virtualization Team blog.

vCloud Automation Center offers a lot of built-in extensibility features to help you achieve your desired result while minimizing the amount of coding required. Using vCAC custom properties, build profiles, property dictionary is just one example of how you can customize the product, minimize coding, and customize the input form. As property dictionary seems to be the most missed or misunderstood feature of vCAC, followed by build profiles and custom properties, I will try to simplify the explanation of these great features as much as possible. At the end of the article, I will point out more resources for in-depth information on each of these features.

vCAC Custom Properties
Custom properties is the building block for build profiles and property dictionary. VMware documentation defines custom properties as:

“VMware vCloud Automation Center™ custom properties allow you to add attributes of the machines your site provisions, or to override their standard attributes.”

What that means is that vCloud Automation Center utilizes particular variables (custom properties) that contain values that vCAC uses during machine provisioning (such as machine name, machine IP address, port group to use, and so on). vCAC exposes this information as custom properties that you can query or edit to overwrite the default values by a specific value or by a user input. This is a very powerful tool, as you can shape out the request form to ask the user for input (not required by the default request form) and execute upon it without requiring you to do any coding. You can also create your own custom properties to use with your own custom workflows.

Let’s look at a quick example of using vCAC custom properties. The image below shows the default blueprint/VM request form in vCAC:

Default Blueprint Request Form

As you can see, the default VM request form does not ask for a machine hostname or IP address. What if you wanted to allow the user to choose the VM hostname or IP address? You can do that using custom properties, and your request form will look like the screen below:

VCAC Custom Properties

In the above screenshot, I have used the Hostname and VirtualMachine.NetworkN.Address custom properties to allow the user to provide the desired VM hostname and IP address that vCAC will use when creating the VM. I did this by going to Infrastructure ==> Blueprint ==> Properties, then adding the two custom properties as shown in the image below.

VCAC Custom Hostname Property

While the above is using existing vCAC custom properties that vCAC uses when deploying a VM, you can always create your own custom properties to pass to your own workflow or just to track information within the request. For a list of custom properties available in vCAC 6, see: vCloud Automation Center 6 Custom Property Reference.

vCAC Build Profiles
Build profiles is simply a collection of the custom properties under a single title. Imagine if you have 20 different custom properties that you need to include with every Windows blueprint. It would be nice to bundle them all in a build profile then go to these blueprints and assign a single build profile instead of assigning 20 different custom properties to every Windows blueprint. This will save work and provide better consistency. You can create a build profile by going to Infrastructure => Blueprints => Build Profiles => New Build Profile, then add the desired custom properties to that build profile as shown in the image below.

Creating a Build Profile

The next step is to add that build profile to your blueprint as per the image below.

Add Build Profile to Blueprint

vCAC Property Dictionary
I am not sure why property dictionary seems to be the most misunderstood or missed feature of vCAC. It’s quite simple to use and can unleash a lot of power. Allowing users to provide values to custom properties as shown in previous examples is quite useful, but most of the time you want to limit the user choices using drop down menus or check boxes. Property dictionary is all about enabling you to do just that.

vCAC property dictionary lets you define characteristics of custom properties to tailor their display in the user interface. You can customize the property display in the user interface, as in the following examples:

  • Associate a property name with a user control, such as a check box or drop-down menu.
  • Specify constraints such as minimum and maximum values or validation against a regular expression.
  • Provide descriptive display names for properties or add label text.
  • Group sets of property controls together and specify the order in which they appear.
  • Create a relationship between different controls, where for example a location drop down menu can update the storage and network drop down menus to show only values that is valid for that location.

To see how useful property dictionaries can be, let’s take an example where we want to create the drop down menus as illustrated in the below diagram:

Drop Down Menu Sample

The goal of this exercise is to create three drop down menus that will ask the user for location, storage path, and network path to use. Let’s ignore the relationship between the different drop down menus for now and try to focus on just creating these drop down menus. To create the property dictionary required to create these drop down menus, go to: Infrastructure => Blueprints => Property Dictionary.

For each drop down menu you want to create, repeat the steps below. In this example I will create the location drop down menu:

  1. Click New Property Definition, then fill the information as shown in the below screenshot. Please note the name must match the custom property name you want to use.

Location Property Definition

  1. Click the green check mark to save your property definition.
  2. Under Property Attributes, click Edit.
  3. Click New Property Attributes, and then fill in the Property Attributes as shown in the image below.

Property Attribute Drop Down

  1. Repeat the above steps for storage and network as shown in the images below.

Property Definitions

Network Property

Storage Property Attribute

  1. Now that you have all the required property definitions and property attributes created, let’s create a property layout, which is a way of organizing how these drop-down boxes will be ordered when shown to the user. I wanted the drop boxes to be ordered as follows: Location, Storage, Network. To do this, I had to click New Property Layout and fill the information as shown in the below screenshot:

New Property Dictionary Layout

  1. Under Property Layout > Property Instances, click Edit, and organize your property instances as shown in the image below.

Organize Property Instances

  1. Let’s create a build profile that includes all the custom properties involved in our property dictionary example as shown in the image below.

Build Profile Property Dictionary Sample

  1. Now all you are left with is adding this build profile to your blueprint as shown below.

15vcac-adding-property-dictionary-build-profile-to-blueprint-470x232

  1. Now let’s check how the input of our blueprint looks:

16 vCAC-Property-Dictionary-in-action-470x324

Notice in the above example, the three drop-down menus that were created for location, storage, and network are operating independently. There is no relationship between them. In other words, choosing a particular location does not filter which options you have for storage or network. The capability of doing such filtering is part of the property dictionary relationship, which I cover in the following two posts:


Eiad Al-Aqqad is a consulting architect within the SDDC Professional Services practice. He has been an active consultant using VMware technologies since 2006. He is a VMware Certified Design Expert (VCDX#89), as well as an expert in VMware vCloud, vSphere, and SRM. Read more from Eiad at his blog, Virtualization Team, and follow him on Twitter @VirtualizationT.

Look Mom, No Mouse! (Automating the Management of the Management Portal)

By Andrea Siviero, VMware Senior Solutions Architect

Andrea Siviero

The concept of a Software-Defined Data Center (SDDC) has impressed me since the first time I deployed it.

vRealize Automation’s purpose-built infrastructure and application service delivery capabilities combined with its Advanced Service Designer and library of vCenter Orchestrator plugins and workflows make automating almost anything as a service relatively easy.

During my work consulting for enterprise-level customers, I’m frequently exposed to new challenges. One customer engagement inspired my fantasy: how to automate the management of the management portal. This looks like a tongue-twister joke, but actually is an interesting question.

 

SDDC Service Catalog

As soon as you start exploring this sweet idea you find yourself with a REST client opened to interact with your SDDC using APIs, and you can do almost anything!

REST Client

However, there is some downside to this approach, which I would like to simplify with a simple phrase: IT Admins don’t “naturally” talk API. :-)

Not long ago, I was sitting in a VMware CTO Ambassador session, and suddenly a bright light appeared in front of my eyes: The CloudClient.

Cloud Client

CloudClient is a plugin based architecture with a “command line interface” for traditional provisioning and day two operation support, eliminating the challenges of dealing with SSO / CAFE API and no need to speak JSON (unless you want to).

Providing higher-level “verbs” instead of dealing with myriad of JSON / URIs, makes my job supporting customers a little easier and allows a centralized point to talk not only with vRealize Automation but with the other SDDC components like vCenter Orchestrator/Site Recovery Manager and Application Director.

Moreover, CloudClient provides a Java SDK so it can be easily integrated within a third-party solution, without slowing down the SDDC adoption in the stellar complexity of an enterprise customer.

For instance, you can browse catalog items like in the picture below and request them by simply saying “vcac catalog list.” More interestingly, with the admin account, you can create a new tenant — and adding items to the catalog as easy as chatting with your SDDC.

Cloud Client Catalog View

Before you get too excited about it, bear in mind that at this stage CloudClient is a Limited Availability Feature Pack which is only currently available through VMware’s Professional Services organization to clients under specific conditions.

A Fool With a Tool is Still a Fool

Getting a tool for doing a project is the beginning, not the end, of your journey. Any time a discussion goes toward tools, any tools really, it’s a good idea to challenge the tool itself.

What I mean is that solutions, not tools, help you achieve your business needs,. It’s important to have the right team in place to develop solutions, which will ensure you implement the right tools for your needs.


Andrea Siviero is an eight-year veteran of VMware and a senior solutions architect member of Professional Services Engineering (PSE) for the Software-Defined Datacenter (SDDC), a part of the Global Technical Solutions (GTS) team. Prior to PSE, Andrea spent three years as pre-sales system engineer and three years as a post-sales consultant architect for cloud computing and desktop virtualization solutions focusing on very large and complex deployments, especially for service providers in the finance and telco sectors. 

How-to: Create a vCOPS for View At-A-Glance High-Level VDI Dashboard

By Anand Vaneswaran

Anand VaneswaranVDI environments are complex because there are so many moving parts. As a result, there is a real need for architects, admins, managers, or operations professionals to see a high-level breakdown of the most important stats—stats that are especially important when we receive that escalated phone call about an issue that could potentially affect a large number of users.

In this first post of a three-part blog series, I’ll provide details about a high-level VDI custom dashboard in vCenter Operations Manager for View that was renamed vCenter Operations Manager for Horizon when Horizon 6.0 was released. (I’ll also assume you’re all well versed in VDI.)

To start, some of the stats or information I deeply care about in my test environment are as follows:

Download

Download the Step-by-Step

  1. Viewing the number of tunneled connections that are coming in through my security servers.
  2. Viewing the overall health of my connection servers.
  3. Keeping tabs on the resources (CPU, RAM, Disk) of my most critical VDI servers (Connection and security servers, vCenter server, View Composer, etc.).
  4. Monitoring resources (CPU and RAM) on my ESXi hosts running VDI workloads. (I will go one step further and break it down into hosts for my full clone pools, and linked clone pools.)
  5. Finally, looking at my LUNs and keep tabs on a number of metrics, but most importantly VM-to-LUN densities.

When compiled together, the information listed above comprises the end-state dashboard I want to achieve. The dashboard will have two generic scoreboard widgets on either side to depict the number of user connections through my security servers and the workload percentage of my connection servers. In addition, two Health-Workload scoreboard widgets on either side will depict the health of security and connection servers. The scoreboard is set up so that when you click a particular object in the Generic Scoreboard widget, the scoreboard is automatically populated with the health of that relevant object.

Finally, I want four Heat Map widgets: one to provide information about critical server resources, two to give me updates on ESXi host resources, and one to give me details about VM-to-LUN densities. I chose to populate my dashboard with an assortment of these built-in Generic Scoreboard, Health-Workload, and Heat Map widgets because I find that these types of widgets provide the most efficient means of graphically conveying the state of an environment, in essence, a point-in-time snapshot of your environment at any given time.

Now, if you’re ready to build, get detailed, step-by-step instructions for creating the dashboard.


Anand Vaneswaran is a senior technology consultant with the End User Computing group at VMware. He is an expert in VMware Horizon (with View), VMware ThinApp, VMware vCenter Operations Manager, VMware vCenter Operations Manager for Horizon, and VMware Horizon Workspace. Outside of technology, his hobbies include filmmaking, sports, and traveling.

How-to: Find Composer Certificate in VMware Horizon View Administrator

By Gourav Bhardwaj with Matt Larson

GouravMatt LarsonWhile performing a Health Check on a customer’s VMware View 5.2 environment, one item that came up was to verify that the SSL certificate was configured appropriately. VMware recommends the replacement of self-signed certificates with certificates that are signed by a Certificate Authority.

When entering a new environment, or performing a health check, the most well-known approach to determining the certificate used by View Composer is using the sviconfig command referenced here, which is also used to replace the certificate.  During the replacement process, the existing certificate will be listed.  That being said, running this command requires stopping the Composer service. If there are any Composer downtime constraints; the following alternate process can be used to determine the current certificate.

In VMware Horizon View Administrator, you can determine whether the certificate is signed by a well-known certificate authority.  In the case below, the certificate is self-signed.

Composer1Block

Looking at the Certificates Management Console, multiple certificates are listed, but how do you know which one is in use?

Screen shot

To find which certificate is in use, check the registry to see the thumbprint of the certificate bound to the port used by Composer.  Find this by navigating to \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters\SslBindingInfo\0.0.0.0:18443 key in the registry, and noting the SslCertHash.

Screen Shot

Match the hash listed in the registry to the hash listed on one of the certificates listed in the Certificates Management Console.  The match is the certificate currently used by Composer.

Composer_4

As seen in the console, this certificate is the self-signed certificate that was created during the Composer installation process.  It is also expired.  To change the certificate, follow the article listed earlier in reference to sviconfig.

Stay tuned for more posts about evaluating the health of the virtual desktop environment.


Gourav Bhardwaj is a VMware consulting architect who has created virtualized infrastructure designs across various verticals. He has assisted IT organizations of various Fortune 500 and Fortune 1000 companies, by creating designs and providing implementation oversight. His experience includes system architecture, analysis, solution design and implementation.

Matt Larson is an experienced, independent VMware consultant working in design, implementation and operation of VMware technologies. His interests lie in enterprise architecture related to datacenter and end user computing.

Running Microsoft SharePoint FAST Search on vSphere

By Girish Manmadkar

Girish-ManmadkarI recently worked with an enterprise customer to resolve end user reports of performance issues related to Microsoft SharePoint 2010 and FAST Search deployed on vSphere 5.1. The end users were reporting problems with initial page response and file upload and download. The customer requested architecture guidance, including a performance health check across the entire infrastructure stacks. The result of this engagement is the following architectural guidance, designed to help customers with similar deployments achieve maximum performance for Microsoft FAST Search on the VMware platform.

Specifics
The customer deployed the SharePoint FAST Search Farm with the following key components:

Software Resources

  • VMware vSphere 5.1 Update 2
  • Windows 2008 R2
  • SharePoint 2010
  • Microsoft SQL server 2008 protected with MSCS in 3 node cluster

Hardware (Virtual) Resources

Role

RAM

Local Disk

#CPU

NIC

Total VMs

Total #CPU

Total Mem (GB)

SQL
2012 Cluster Node A, B & C

32

C: 80
GB

4

2

3

 

 

E: 100
GB

12

96

WebFront End
Server

8

C: 80
GB

2

2

5

 

 

E: 50
GB

10

40

Application
Server

16

C: 80
GB

4

2

4

 

 

E: 50 GB

16

64

Services
Application Servers

16

C: 80
GB

4

2

2

 

 

E: 50
GB

8

32

Fast
Administration Server

16

C: 80
GB

4

2

1

 

 

E: 50
GB

4

16

Query
Indexer

16

C: 80
GB

4

2

5

 

 

E: 50
GB

20

80

Allocated Total Memory = 328 Gig
Allocated Total vCPU = 70

Sample FAST Servers Architecture

Discovery
During discussions and white board sessions with the customer, we encountered following issues with the deployment:

  • Storage
    • The virtual machines running query and index services were sharing the LUN and the data stores.
    • Thin provisioning was being deployed at the vSphere and EMC storage array layer.
    • The RDMs used for the SQL server MSCS environment were configured with incorrect (MRU/fixed) multi-pathing options.
  • Virtual machines had no lock pages for SQL and no memory reservations.
  • Various SQL server databases were being deployed as shared SQL instances for the entire FAST Search environment.
  • The networking configurations were set incorrectly for certain SCSI adapters.
  • Typical traffic within the guest operating systems, VMotion, and backup were not channeled properly.
  • There were no anti-affinity rules in place for the application servers within the vSphere farm.
  • The CPU subscriptions across the overall farm seemed unbalanced.

Approach/Recommendations
Throughout a series of discussions we learned more about the architecture and identified the following steps to improve performance:

  1. Reconfigure multi-pathing per EMC’s recommendations for vSphere5.1 to round robin. (This change showed immediate performance improvement.)
  2. Enable memory reservations with “Lock Pages in Memory” for SQL workloads.
  3. For a write-intensive application like FAST Search, use four (4) vSCSI controllers to separate volumes for operating systems, binaries, data, LOG and TEMPDB disks with window full format option to avoid additional write penalty.
  4. Absolutely avoid CPU over commitment in the production environment.
  5. Adopt best practices on vSphere to separate various networking traffic, including dedicated backup, which in this case was previously sharing VM traffic.

Conclusion
For any business-critical application to run with optimum performance, you must put performance ahead of consolidation and avoid over commitment of CPU and memory. Once you implement these principals for the production environment, any performance issues for business-critical applications on vSphere will be alleviated.


Girish Manmadkar is a veteran VMware SAP Virtualization Architect with extensive knowledge and hands-on experience with various SAP and VMware products, including various databases. He focuses on SAP migrations, architecture designs, and implementation, including disaster recovery.

Success Factors for Deploying EUC

By Ken Copas

Ken Copas

Building out an end-user computing (EUC) environment right means the infrastructure is nearly invisible to end users. But as with anything that appears easy and elegant on its surface, there are quite a few complexities underneath the hood.

While there are many factors to consider, here are a few questions to ask before building out your EUC environment.

Is the Tail Wagging the Dog?

This scenario happens very frequently: The supporting infrastructure is purchased and implemented before a plan and design is performed to determine the appropriate hardware requirements. Best practice is to understand what you’re trying to accomplish from a business perspective first, architect the required supporting infrastructure and design the blueprint with professional services, and then purchase and implement the gear.

Take that same concept and apply it to a proof-of-concept (POC) environment, whether it’s the full Horizon Suite or individual View, Workspace (our unified application publishing platform), or Mirage (our physical and virtual image management solution) components. While it can be fast and easy to install and set up a working POC of these VMware products, this temporary environment is only for the purpose of “kicking the tires.” These POC environments should never be exposed to production users and expected to perform and scale appropriately in a production environment. To use VMware products correctly, again there needs to be a plan and design in place, which requires a great deal of up-front assessment, current environment analysis, and due diligence around your business use cases.

You’ll need absolute subject matter expertise to determine what storage to use (by the way, getting storage right is a key success factor), what’s the aggregate I/O throughput, CPU and memory requirements–all of these decisions play a huge part in how the production environment will perform and scale.

Why Not Pick and Choose?

Here’s a good one: what would happen if you only deployed VDI with Horizon View (our virtual desktop solution) without Horizon Workspace or Mirage?

While in addition to your standard production VDI environment, you would have the capability to run full desktop OS images on a variety of mobile devices such as laptops, tablets or even smartphones, users will most likely encounter issues with screen real estate and experience interface frustrations with mouse and keyboard options.

As I’m sure you are aware, the desktop OS itself can require significant compute, memory, and disk resources that can cause performance issues when using VDI on mobile devices. There are many other factors that can cause performance degradation as well. Adding Horizon Workspace to your EUC environment may give you access to applications in an environment that’s native to your device with improved response time and it can provide an overall better user experience.

How you address questions like these will have a profound impact on user satisfaction with your EUC environment, which at the end of the day is ultimately the key measure of success. So again, be sure to allow the time and attention required for proper plan and design.

What’s your Roadmap?

This is a great question. VMware has a unique holistic view of this space, as well as a comprehensive roadmap, which I have yet to see from any other company. The completeness of vision, in my mind, is huge for customers to consider as they think through potential EUC solutions.

Even if you don’t go with VMware, you need to understand where your vendors are taking you. How does their roadmap address your needs? Look at where that vendor is going to be in two to three years and make sure you fully understand how that company will help you get where you want to go.

Who are your people?

One last piece of the equation is something you shouldn’t take for granted: talent. Standing up an EUC solution incorrectly can mean longer project timetables, missed deadlines, frustrated users, and business disruption. This technology has its own set of potential pitfalls and nuances. Make sure you have genuine subject matter expertise in place, whether in-house or professional services sourced from your trusted advisors.


Ken Copas currently serves as a practice manager for End User Computing Professional Services at VMware. Prior to joining VMware, Ken’s corporate experience includes serving as the practice director of cloud computing and IT services management for GlassHouse Technologies, as a business development executive for IBM and as an IT executive for NetJets, Inc. Ken holds a degree in Computer & Information Science from the College of Engineering at The Ohio State University, as well as a Master’s in Business Administration from the Fisher College of Business at The Ohio State University.

End User Computing 101: Tying It Together with Mobility, BYOD, and Proper Methodology

By TJ Vatsa, Principal Architect, VMware Professional Services

TJ Vatsa

In the first two posts in this End User Computing (EUC) series (End User Computing 101 and Tips for Successful Deployments and End User Computing 101: Network and Security) I delved into EUC infrastructure, server power, network and security, devices, and appliances. Today, I’ll wrap up this three-post series by covering mobility and BYOD, application and image management, and touch on EUC project scenario and methodology.

First, let’s take a closer look at the mobility and Bring-Your-Own-Device (BYOD) space. If this is not well planned, deploying a mobility and BYOD policy (and the infrastructure to handle the influx of personal devices) can be a harrowing journey. With users today demanding anytime, anywhere access to business productivity applications, mobile devices, and data on personal devices, not having a policy in place can be even more detrimental.

Enterprise Mobility Management Platform

Components and framework to consider for managing mobility at the enterprise level

(For additional design considerations and tips for establishing a secure, manageable, and scalable enterprise Mobility & BYOD policy, read How to Set Up a BYOD/Mobility Policy.)

Applications and Image Management

These days, it’s not enough for users to have access inside the four walls of an office building. Users need anytime and anywhere access to their applications and associated data. While this may sound like a business and mobility use case, IT directors and managers need to analyze this requirement from the perspective of a unified application launch-pad a.k.a. a follow-me virtual workspace. This can mean virtualized applications, Software-as-a-Service (SaaS) applications, application publishing, web pages, virtual desktops, RDSH (Remote Desktop Session Host) desktops, to name a few.

Applications

When you look from the perspective of applications and data entitlement and policy management, it’s important to have a single source of truth—essentially, a repository for enterprise policy. This repository should not only facilitate one-stop-shop for policy definition, entitlement, and management, but also for operational excellence and auditing. VMware’s Workspace Portal provides these capabilities and a lot more.

Image Management

For desktop operational excellence in terms of swift provisioning, efficient management and centralized security, using VMware’s Horizon View means you won’t have to deal with “application and desktop image sprawl.”

As such, whether you use VMware or not, it’s imperative for enterprises to deploy a platform that provides centralized image management, image recovery, integrated PC break-fix and troubleshooting, and automated OS migration (to name a few).

It’s important to use desktop image management, not only for physical, but for virtual desktops as well. (VMware’s Horizon Mirage is one option to help make this happen.)

Weaving it together: EUC Project Methodology

Now that we’ve covered key EUC details, bringing it together with VMware’s Professional Services (PS) organization and our approved partner network is the best route to an agile methodology. It’s important that the methodology takes business and IT initiatives into consideration and turns them into successful business outcomes. This approach is composed of multiple iterative sequences.

Project Methodology

Each iteration focuses on requirements and vision, analysis, design, inventory details of implementations, and operational excellence. This approach not only enables early feedback, risk mitigation, and effective progress management, it also enables effective scope management and the perpetual enforcement of IT governance.

This iterative process begins with an analysis and assessment initiative that helps define the baseline by categorizing and prioritizing business and technical requirements. These requirements become part of detailed use cases that may also have business specific pre- and post-execution contingencies.

The use cases are then abstracted into a logical enterprise architecture design that is mapped to the available physical infrastructure. Once the physical design is ready, the pilot/blueprint implementation is initiated. This ensures compliance with business outcomes as defined by business sponsors. Upon successful user acceptance testing (UAT), VMware’s PS organization and partners test blueprints that are then rolled into the production environment with accompanying knowledge transfer (KT) sessions and role-based user training.

TJEUC img 8

 

By conforming to proper EUC infrastructure considerations, creating appropriate mobility and BYOD policies, adhering to best application and image management practices, and using a typical EUC project scenario that follows VMware’s iterative architecture methodology, you will set yourself up for success and effectively transform EUC and mobility initiatives within your organizations.


TJ has worked at VMware for the past four years, with over 20 years of experience in the IT industry. During this time he has focused on enterprise architecture and applied his extensive experience in professional services and R&D to cloud computing, VDI infrastructure, SOA architecture planning and implementation, functional/solution architecture, enterprise data services and technical project management. TJ holds a Bachelor of Engineering (BE) degree in Electronics and Communications from Delhi University, India and has attained industry and professional certifications in enterprise architecture and technology platforms. He has also been a speaker and a panelist at industry conferences such as VMworld, VMware’s PEX (Partner Exchange) and BEAworld. He is an avid blogger who likes to write on real-life application of technology that drives successful business outcomes.

End User Computing 101: Network and Security

By TJ Vatsa, Principal Architect, VMware Professional Services

TJ Vatsa

In my first post on the topic of End User Computing (EUC), I provided a few digestible tidbits around infrastructure, desktop and server power, and storage. In this post, we’ll go a bit further into the infrastructure components that affect user experience and how users interact with the VDI infrastructure. We’ll cover network and security, devices, converged appliances, and desktop as a service.

Let’s look a bit more closely at network and security first.

Network and Security

To ensure acceptable VDI user experience, monitor the bandwidth and latency or jitter of the network. This means performing the appropriate network assessment by deploying monitoring tools to first establish a baseline. Once that’s completed, you’ll need to monitor the network resources against those baselines. As with any network, high latency can negatively affect performance, though some components are more sensitive to high latency than others.

When deploying Horizon View desktops using the PC-over-IP (PCoIP) remote display protocol in a WAN environment, consider the Quality of Service (QOS) aspect. Ensure that the round-trip network latency is less than 250 ms. And know that PCoIP is a real-time protocol, so it operates just like VoIP, IPTV, and other UDP-based streaming protocols.

To make sure that PCoIP is properly delivered, it needs to be tagged in QoS so that it can compete fairly across the network with other real-time protocols. To achieve this objective, PCoIP must be prioritized above other non-critical and latency tolerant protocols (for example, file transfers and print jobs). Failure to tag PCoIP properly in a congested network environment leads to PCoIP packet loss and a poor user experience, as PCoIP adapts down in response. For instance, tag and classify PCoIP as interactive real-time traffic. (Classify PCoIP just below VoIP, but above all other TCP-based traffic.)

For optimizing network bandwidth, ensure that you’ve got a full-duplex end-to-end network link. Consider segmenting PCoIP traffic via IP Quality of Service (QoS) Differentiated Services Code Point (DSCP) or a layer 2 Class of Service (CoS) or virtual LAN (VLAN). While using VPN, ensure that UDP traffic is supported.

Enterprise security for corporate virtual desktops is of paramount importance for the successful rollout of VDI infrastructure. It is highly recommended that an enterprise scale, policy-based management security solution be used to define and enforce security policies within the enterprise.

Based on typical customer requirements, secure access to the VDI infrastructure is provisioned via the following user access modes:

  1. LAN Users: VDI users accessing virtual desktop infrastructure via the corporate LAN network.
  2. VPN Users: VDI users accessing corporate virtual desktop infrastructure via the VPN tunnel.
  3. Public Network Users: VDI users accessing virtual desktop infrastructure via the public network.

Use Case: VDI User Secure Access Modes

Enforcing authentication and authorization policies is a domain by itself, and is influenced by industry verticals. For instance, many hospitals prefer “tap-‘n’-go” solutions to authenticate and authorize their clinical staff to access devices and Electronic Medical Record (EMR) applications. The regulatory compliance perspective should not be ignored either when it comes to industry verticals, such as HIPAA for healthcare industry and PCI for the financial industry.

Note: The scenario depicted below is that of a typical public network user.

Infrastructure scenario

Horizon View infrastructure can be easily optimized to support any combination of secure VDI user access modes.

Devices

Based on security policies and regulatory compliance standards that are prevalent within the enterprise, I highly recommended doing a thorough end user devices/endpoints assessment. You’ll want to categorize your users based on desktop communities that support one or more types of endpoints. VMware’s Horizon View client supports a variety of endpoints, whether they’re desktops, laptops, thin clients, zero clients, mobile devices, or tablets that support iOS, Android, Mac OS X, Linux, Windows, HTML Access—just to name a few.

Converged Appliances

The converged appliances industry is rapidly and effectively maturing as more and more customers prefer converged appliances because they enable faster infrastructure deployment times. From an EUC infrastructure perspective, it’s important to evaluate available converged appliance solutions available for your business scenarios.

Vendors are and will be providing customized and optimized solutions for EUC, business continuity and disaster recovery (BCDR) as x-in-a-box, wherein the required infrastructure components, hardware and software have been validated and optimized to cater to specific business scenarios.

Desktop as a Service (DaaS)

Some customers worry about EUC datacenter planning, infrastructure procurement, and deployment.

DaaS scenario

Look to hosted desktop services, such as Horizon DaaS, to address business requirements and use cases that revolve around development, testing, seasonal bursts, and even BCDR. DaaS can even provide a more economical alternative to traditional datacenter deployment. For instance, DaaS reduces your up-front costs and lowers your desktop TCO with predictable cloud economics that enable you to move from CapEx to OpEx in a predictable way.

Plus, users can access Windows desktops and applications from the cloud on any device, including tablets, smartphones, laptops, PCs, thin clients, and zero clients. DaaS solutions like Horizon DaaS desktops can also be tailored to meet the simplest or most demanding workloads, from call center software to CAD and 3D graphics packages.

In these first two posts, we’ve gotten a good handle on infrastructure, devices, and security. In my next post, I’ll cover mobility and BYOD along with applications and image management, and weave it all together with EUC project methodology.


TJ has worked at VMware for the past four years, with over 20 years of experience in the IT industry. At VMware TJ has focused on enterprise architecture and applied his extensive experience to Cloud Computing, Virtual Desktop Infrastructure, SOA planning and implementation, functional/solution architecture, enterprise data services and technical project management.

TJ holds a Bachelor of Engineering degree in Electronics and Communications from Delhi University and has attained multiple industry and professional certifications in enterprise architecture and technology platforms. TJ is a speaker and a panelist at industry conferences such as VMworld, VMware’s PEX (Partner Exchange) and BEAworld. His passion is the real-life application of technology to drive successful user experiences and business outcomes.

End User Computing 101 and Tips for Successful Deployments

By TJ Vatsa, Principal Architect, VMware Professional Services

TJ VatsaThe topic of End User Computing (EUC) is heating up. This is not only because our industry considers this to be a dynamic domain for tremendous innovation today, but also because the industry views great potential for the future and is heavily investing in the space.

In this three-part blog series, I’ll assimilate the vast EUC landscape into digestible tidbits that focus on the infrastructure, mobility and BYOD, applications and image management, and discuss a typical EUC project scenarios and methodology.

My goal is to provide insight into the things you should consider for your own EUC deployment.

EUC Landscape

First Things First: Infrastructure

As soon as someone mentions EUC, the first thing that comes to mind is Virtual Desktop Infrastructure (VDI). The very fact that VDI is deployed in the datacenter, away from individual desktops, means that you must plan the underlying infrastructure in a systematic and thorough way.

At a minimum, this means allocating key infrastructure resources: compute, storage, network, and security.
It is also imperative that some sort of infrastructure resource assessment tools be deployed to establish a baseline for each of these infrastructure components.

Desktop and Server Power

Assuming that a baseline has been established for the compute resources in terms of CPU, clock speed, and memory requirements per desktop, it is important to choose a server configuration with the right processor, clock speed, and physical memory. In turn, this drives the correct consolidation ratio of virtual desktops per core and, ultimately, for the entire server.

Give careful attention to different use cases where specific workloads require different combinations of CPU, clock speed, and memory. You must ensure that you also plan for growth and seasonal/occasional bursts seen in those workloads historically.

For a typical Horizon View deployment, there are two categories of VMs (virtual machines) recommended for deployment inside the data center: one for management purposes and another for desktop purposes. Management VMs are mainly servers (connection brokers, databases, etc.) whereas the desktop VMs are the actual virtual desktops.

For a production deployment, VMware recommends creating two separate cluster types–Management Cluster(s) and Desktop Cluster(s)–to avoid any race conditions that might arise as a result of, say, competing workloads or operational maintenance.

Storage: Key to VDI Success

Having worked with many customers across many different industry verticals (healthcare, financial, entertainment services, and manufacturing) I’ve noticed that there’s one critical success factor in common: storage.

For more information about VDI storage and detailed insight into what is important for a successful VDI deployment, read these two blog posts:

Part I: Storage Boon or Bane – VMware View Storage Design Strategy & Methodology
Part II: Storage Boon or Bane – VMware View Storage Design Strategy & Methodology

In my next post, I’ll cover the remaining considerations around a successful VDI deployment, including network and security, converged appliances, and desktop as a service. Stay tuned!


TJ has worked at VMware for the past four years, with over 20 years of experience in the IT industry. At VMware TJ has focused on enterprise architecture and applied his extensive experience to Cloud Computing, Virtual Desktop Infrastructure, SOA planning and implementation, functional/solution architecture, enterprise data services and technical project management.

TJ holds a Bachelor of Engineering degree in Electronics and Communications from Delhi University and has attained multiple industry and professional certifications in enterprise architecture and technology platforms. TJ is a speaker and a panelist at industry conferences such as VMworld, VMware’s PEX (Partner Exchange) and BEAworld. His passion is the real-life application of technology to drive successful user experiences and business outcomes.