Home > Blogs > VMware Consulting Blog

Running Microsoft SharePoint FAST Search on vSphere

By Girish Manmadkar

Girish-ManmadkarI recently worked with an enterprise customer to resolve end user reports of performance issues related to Microsoft SharePoint 2010 and FAST Search deployed on vSphere 5.1. The end users were reporting problems with initial page response and file upload and download. The customer requested architecture guidance, including a performance health check across the entire infrastructure stacks. The result of this engagement is the following architectural guidance, designed to help customers with similar deployments achieve maximum performance for Microsoft FAST Search on the VMware platform.

Specifics
The customer deployed the SharePoint FAST Search Farm with the following key components:

Software Resources

  • VMware vSphere 5.1 Update 2
  • Windows 2008 R2
  • SharePoint 2010
  • Microsoft SQL server 2008 protected with MSCS in 3 node cluster

Hardware (Virtual) Resources

Role

RAM

Local Disk

#CPU

NIC

Total VMs

Total #CPU

Total Mem (GB)

SQL
2012 Cluster Node A, B & C

32

C: 80
GB

4

2

3

 

 

E: 100
GB

12

96

WebFront End
Server

8

C: 80
GB

2

2

5

 

 

E: 50
GB

10

40

Application
Server

16

C: 80
GB

4

2

4

 

 

E: 50 GB

16

64

Services
Application Servers

16

C: 80
GB

4

2

2

 

 

E: 50
GB

8

32

Fast
Administration Server

16

C: 80
GB

4

2

1

 

 

E: 50
GB

4

16

Query
Indexer

16

C: 80
GB

4

2

5

 

 

E: 50
GB

20

80

Allocated Total Memory = 328 Gig
Allocated Total vCPU = 70

Sample FAST Servers Architecture

Discovery
During discussions and white board sessions with the customer, we encountered following issues with the deployment:

  • Storage
    • The virtual machines running query and index services were sharing the LUN and the data stores.
    • Thin provisioning was being deployed at the vSphere and EMC storage array layer.
    • The RDMs used for the SQL server MSCS environment were configured with incorrect (MRU/fixed) multi-pathing options.
  • Virtual machines had no lock pages for SQL and no memory reservations.
  • Various SQL server databases were being deployed as shared SQL instances for the entire FAST Search environment.
  • The networking configurations were set incorrectly for certain SCSI adapters.
  • Typical traffic within the guest operating systems, VMotion, and backup were not channeled properly.
  • There were no anti-affinity rules in place for the application servers within the vSphere farm.
  • The CPU subscriptions across the overall farm seemed unbalanced.

Approach/Recommendations
Throughout a series of discussions we learned more about the architecture and identified the following steps to improve performance:

  1. Reconfigure multi-pathing per EMC’s recommendations for vSphere5.1 to round robin. (This change showed immediate performance improvement.)
  2. Enable memory reservations with “Lock Pages in Memory” for SQL workloads.
  3. For a write-intensive application like FAST Search, use four (4) vSCSI controllers to separate volumes for operating systems, binaries, data, LOG and TEMPDB disks with window full format option to avoid additional write penalty.
  4. Absolutely avoid CPU over commitment in the production environment.
  5. Adopt best practices on vSphere to separate various networking traffic, including dedicated backup, which in this case was previously sharing VM traffic.

Conclusion
For any business-critical application to run with optimum performance, you must put performance ahead of consolidation and avoid over commitment of CPU and memory. Once you implement these principals for the production environment, any performance issues for business-critical applications on vSphere will be alleviated.


Girish Manmadkar is a veteran VMware SAP Virtualization Architect with extensive knowledge and hands-on experience with various SAP and VMware products, including various databases. He focuses on SAP migrations, architecture designs, and implementation, including disaster recovery.

Success Factors for Deploying EUC

By Ken Copas

Ken Copas

Building out an end-user computing (EUC) environment right means the infrastructure is nearly invisible to end users. But as with anything that appears easy and elegant on its surface, there are quite a few complexities underneath the hood.

While there are many factors to consider, here are a few questions to ask before building out your EUC environment.

Is the Tail Wagging the Dog?

This scenario happens very frequently: The supporting infrastructure is purchased and implemented before a plan and design is performed to determine the appropriate hardware requirements. Best practice is to understand what you’re trying to accomplish from a business perspective first, architect the required supporting infrastructure and design the blueprint with professional services, and then purchase and implement the gear.

Take that same concept and apply it to a proof-of-concept (POC) environment, whether it’s the full Horizon Suite or individual View, Workspace (our unified application publishing platform), or Mirage (our physical and virtual image management solution) components. While it can be fast and easy to install and set up a working POC of these VMware products, this temporary environment is only for the purpose of “kicking the tires.” These POC environments should never be exposed to production users and expected to perform and scale appropriately in a production environment. To use VMware products correctly, again there needs to be a plan and design in place, which requires a great deal of up-front assessment, current environment analysis, and due diligence around your business use cases.

You’ll need absolute subject matter expertise to determine what storage to use (by the way, getting storage right is a key success factor), what’s the aggregate I/O throughput, CPU and memory requirements–all of these decisions play a huge part in how the production environment will perform and scale.

Why Not Pick and Choose?

Here’s a good one: what would happen if you only deployed VDI with Horizon View (our virtual desktop solution) without Horizon Workspace or Mirage?

While in addition to your standard production VDI environment, you would have the capability to run full desktop OS images on a variety of mobile devices such as laptops, tablets or even smartphones, users will most likely encounter issues with screen real estate and experience interface frustrations with mouse and keyboard options.

As I’m sure you are aware, the desktop OS itself can require significant compute, memory, and disk resources that can cause performance issues when using VDI on mobile devices. There are many other factors that can cause performance degradation as well. Adding Horizon Workspace to your EUC environment may give you access to applications in an environment that’s native to your device with improved response time and it can provide an overall better user experience.

How you address questions like these will have a profound impact on user satisfaction with your EUC environment, which at the end of the day is ultimately the key measure of success. So again, be sure to allow the time and attention required for proper plan and design.

What’s your Roadmap?

This is a great question. VMware has a unique holistic view of this space, as well as a comprehensive roadmap, which I have yet to see from any other company. The completeness of vision, in my mind, is huge for customers to consider as they think through potential EUC solutions.

Even if you don’t go with VMware, you need to understand where your vendors are taking you. How does their roadmap address your needs? Look at where that vendor is going to be in two to three years and make sure you fully understand how that company will help you get where you want to go.

Who are your people?

One last piece of the equation is something you shouldn’t take for granted: talent. Standing up an EUC solution incorrectly can mean longer project timetables, missed deadlines, frustrated users, and business disruption. This technology has its own set of potential pitfalls and nuances. Make sure you have genuine subject matter expertise in place, whether in-house or professional services sourced from your trusted advisors.


Ken Copas currently serves as a practice manager for End User Computing Professional Services at VMware. Prior to joining VMware, Ken’s corporate experience includes serving as the practice director of cloud computing and IT services management for GlassHouse Technologies, as a business development executive for IBM and as an IT executive for NetJets, Inc. Ken holds a degree in Computer & Information Science from the College of Engineering at The Ohio State University, as well as a Master’s in Business Administration from the Fisher College of Business at The Ohio State University.

End User Computing 101: Tying It Together with Mobility, BYOD, and Proper Methodology

By TJ Vatsa, Principal Architect, VMware Professional Services

TJ Vatsa

In the first two posts in this End User Computing (EUC) series (End User Computing 101 and Tips for Successful Deployments and End User Computing 101: Network and Security) I delved into EUC infrastructure, server power, network and security, devices, and appliances. Today, I’ll wrap up this three-post series by covering mobility and BYOD, application and image management, and touch on EUC project scenario and methodology.

First, let’s take a closer look at the mobility and Bring-Your-Own-Device (BYOD) space. If this is not well planned, deploying a mobility and BYOD policy (and the infrastructure to handle the influx of personal devices) can be a harrowing journey. With users today demanding anytime, anywhere access to business productivity applications, mobile devices, and data on personal devices, not having a policy in place can be even more detrimental.

Enterprise Mobility Management Platform

Components and framework to consider for managing mobility at the enterprise level

(For additional design considerations and tips for establishing a secure, manageable, and scalable enterprise Mobility & BYOD policy, read How to Set Up a BYOD/Mobility Policy.)

Applications and Image Management

These days, it’s not enough for users to have access inside the four walls of an office building. Users need anytime and anywhere access to their applications and associated data. While this may sound like a business and mobility use case, IT directors and managers need to analyze this requirement from the perspective of a unified application launch-pad a.k.a. a follow-me virtual workspace. This can mean virtualized applications, Software-as-a-Service (SaaS) applications, application publishing, web pages, virtual desktops, RDSH (Remote Desktop Session Host) desktops, to name a few.

Applications

When you look from the perspective of applications and data entitlement and policy management, it’s important to have a single source of truth—essentially, a repository for enterprise policy. This repository should not only facilitate one-stop-shop for policy definition, entitlement, and management, but also for operational excellence and auditing. VMware’s Workspace Portal provides these capabilities and a lot more.

Image Management

For desktop operational excellence in terms of swift provisioning, efficient management and centralized security, using VMware’s Horizon View means you won’t have to deal with “application and desktop image sprawl.”

As such, whether you use VMware or not, it’s imperative for enterprises to deploy a platform that provides centralized image management, image recovery, integrated PC break-fix and troubleshooting, and automated OS migration (to name a few).

It’s important to use desktop image management, not only for physical, but for virtual desktops as well. (VMware’s Horizon Mirage is one option to help make this happen.)

Weaving it together: EUC Project Methodology

Now that we’ve covered key EUC details, bringing it together with VMware’s Professional Services (PS) organization and our approved partner network is the best route to an agile methodology. It’s important that the methodology takes business and IT initiatives into consideration and turns them into successful business outcomes. This approach is composed of multiple iterative sequences.

Project Methodology

Each iteration focuses on requirements and vision, analysis, design, inventory details of implementations, and operational excellence. This approach not only enables early feedback, risk mitigation, and effective progress management, it also enables effective scope management and the perpetual enforcement of IT governance.

This iterative process begins with an analysis and assessment initiative that helps define the baseline by categorizing and prioritizing business and technical requirements. These requirements become part of detailed use cases that may also have business specific pre- and post-execution contingencies.

The use cases are then abstracted into a logical enterprise architecture design that is mapped to the available physical infrastructure. Once the physical design is ready, the pilot/blueprint implementation is initiated. This ensures compliance with business outcomes as defined by business sponsors. Upon successful user acceptance testing (UAT), VMware’s PS organization and partners test blueprints that are then rolled into the production environment with accompanying knowledge transfer (KT) sessions and role-based user training.

TJEUC img 8

 

By conforming to proper EUC infrastructure considerations, creating appropriate mobility and BYOD policies, adhering to best application and image management practices, and using a typical EUC project scenario that follows VMware’s iterative architecture methodology, you will set yourself up for success and effectively transform EUC and mobility initiatives within your organizations.


TJ has worked at VMware for the past four years, with over 20 years of experience in the IT industry. During this time he has focused on enterprise architecture and applied his extensive experience in professional services and R&D to cloud computing, VDI infrastructure, SOA architecture planning and implementation, functional/solution architecture, enterprise data services and technical project management. TJ holds a Bachelor of Engineering (BE) degree in Electronics and Communications from Delhi University, India and has attained industry and professional certifications in enterprise architecture and technology platforms. He has also been a speaker and a panelist at industry conferences such as VMworld, VMware’s PEX (Partner Exchange) and BEAworld. He is an avid blogger who likes to write on real-life application of technology that drives successful business outcomes.

End User Computing 101: Network and Security

By TJ Vatsa, Principal Architect, VMware Professional Services

TJ Vatsa

In my first post on the topic of End User Computing (EUC), I provided a few digestible tidbits around infrastructure, desktop and server power, and storage. In this post, we’ll go a bit further into the infrastructure components that affect user experience and how users interact with the VDI infrastructure. We’ll cover network and security, devices, converged appliances, and desktop as a service.

Let’s look a bit more closely at network and security first.

Network and Security

To ensure acceptable VDI user experience, monitor the bandwidth and latency or jitter of the network. This means performing the appropriate network assessment by deploying monitoring tools to first establish a baseline. Once that’s completed, you’ll need to monitor the network resources against those baselines. As with any network, high latency can negatively affect performance, though some components are more sensitive to high latency than others.

When deploying Horizon View desktops using the PC-over-IP (PCoIP) remote display protocol in a WAN environment, consider the Quality of Service (QOS) aspect. Ensure that the round-trip network latency is less than 250 ms. And know that PCoIP is a real-time protocol, so it operates just like VoIP, IPTV, and other UDP-based streaming protocols.

To make sure that PCoIP is properly delivered, it needs to be tagged in QoS so that it can compete fairly across the network with other real-time protocols. To achieve this objective, PCoIP must be prioritized above other non-critical and latency tolerant protocols (for example, file transfers and print jobs). Failure to tag PCoIP properly in a congested network environment leads to PCoIP packet loss and a poor user experience, as PCoIP adapts down in response. For instance, tag and classify PCoIP as interactive real-time traffic. (Classify PCoIP just below VoIP, but above all other TCP-based traffic.)

For optimizing network bandwidth, ensure that you’ve got a full-duplex end-to-end network link. Consider segmenting PCoIP traffic via IP Quality of Service (QoS) Differentiated Services Code Point (DSCP) or a layer 2 Class of Service (CoS) or virtual LAN (VLAN). While using VPN, ensure that UDP traffic is supported.

Enterprise security for corporate virtual desktops is of paramount importance for the successful rollout of VDI infrastructure. It is highly recommended that an enterprise scale, policy-based management security solution be used to define and enforce security policies within the enterprise.

Based on typical customer requirements, secure access to the VDI infrastructure is provisioned via the following user access modes:

  1. LAN Users: VDI users accessing virtual desktop infrastructure via the corporate LAN network.
  2. VPN Users: VDI users accessing corporate virtual desktop infrastructure via the VPN tunnel.
  3. Public Network Users: VDI users accessing virtual desktop infrastructure via the public network.

Use Case: VDI User Secure Access Modes

Enforcing authentication and authorization policies is a domain by itself, and is influenced by industry verticals. For instance, many hospitals prefer “tap-‘n’-go” solutions to authenticate and authorize their clinical staff to access devices and Electronic Medical Record (EMR) applications. The regulatory compliance perspective should not be ignored either when it comes to industry verticals, such as HIPAA for healthcare industry and PCI for the financial industry.

Note: The scenario depicted below is that of a typical public network user.

Infrastructure scenario

Horizon View infrastructure can be easily optimized to support any combination of secure VDI user access modes.

Devices

Based on security policies and regulatory compliance standards that are prevalent within the enterprise, I highly recommended doing a thorough end user devices/endpoints assessment. You’ll want to categorize your users based on desktop communities that support one or more types of endpoints. VMware’s Horizon View client supports a variety of endpoints, whether they’re desktops, laptops, thin clients, zero clients, mobile devices, or tablets that support iOS, Android, Mac OS X, Linux, Windows, HTML Access—just to name a few.

Converged Appliances

The converged appliances industry is rapidly and effectively maturing as more and more customers prefer converged appliances because they enable faster infrastructure deployment times. From an EUC infrastructure perspective, it’s important to evaluate available converged appliance solutions available for your business scenarios.

Vendors are and will be providing customized and optimized solutions for EUC, business continuity and disaster recovery (BCDR) as x-in-a-box, wherein the required infrastructure components, hardware and software have been validated and optimized to cater to specific business scenarios.

Desktop as a Service (DaaS)

Some customers worry about EUC datacenter planning, infrastructure procurement, and deployment.

DaaS scenario

Look to hosted desktop services, such as Horizon DaaS, to address business requirements and use cases that revolve around development, testing, seasonal bursts, and even BCDR. DaaS can even provide a more economical alternative to traditional datacenter deployment. For instance, DaaS reduces your up-front costs and lowers your desktop TCO with predictable cloud economics that enable you to move from CapEx to OpEx in a predictable way.

Plus, users can access Windows desktops and applications from the cloud on any device, including tablets, smartphones, laptops, PCs, thin clients, and zero clients. DaaS solutions like Horizon DaaS desktops can also be tailored to meet the simplest or most demanding workloads, from call center software to CAD and 3D graphics packages.

In these first two posts, we’ve gotten a good handle on infrastructure, devices, and security. In my next post, I’ll cover mobility and BYOD along with applications and image management, and weave it all together with EUC project methodology.


TJ has worked at VMware for the past four years, with over 20 years of experience in the IT industry. At VMware TJ has focused on enterprise architecture and applied his extensive experience to Cloud Computing, Virtual Desktop Infrastructure, SOA planning and implementation, functional/solution architecture, enterprise data services and technical project management.

TJ holds a Bachelor of Engineering degree in Electronics and Communications from Delhi University and has attained multiple industry and professional certifications in enterprise architecture and technology platforms. TJ is a speaker and a panelist at industry conferences such as VMworld, VMware’s PEX (Partner Exchange) and BEAworld. His passion is the real-life application of technology to drive successful user experiences and business outcomes.

End User Computing 101 and Tips for Successful Deployments

By TJ Vatsa, Principal Architect, VMware Professional Services

TJ VatsaThe topic of End User Computing (EUC) is heating up. This is not only because our industry considers this to be a dynamic domain for tremendous innovation today, but also because the industry views great potential for the future and is heavily investing in the space.

In this three-part blog series, I’ll assimilate the vast EUC landscape into digestible tidbits that focus on the infrastructure, mobility and BYOD, applications and image management, and discuss a typical EUC project scenarios and methodology.

My goal is to provide insight into the things you should consider for your own EUC deployment.

EUC Landscape

First Things First: Infrastructure

As soon as someone mentions EUC, the first thing that comes to mind is Virtual Desktop Infrastructure (VDI). The very fact that VDI is deployed in the datacenter, away from individual desktops, means that you must plan the underlying infrastructure in a systematic and thorough way.

At a minimum, this means allocating key infrastructure resources: compute, storage, network, and security.
It is also imperative that some sort of infrastructure resource assessment tools be deployed to establish a baseline for each of these infrastructure components.

Desktop and Server Power

Assuming that a baseline has been established for the compute resources in terms of CPU, clock speed, and memory requirements per desktop, it is important to choose a server configuration with the right processor, clock speed, and physical memory. In turn, this drives the correct consolidation ratio of virtual desktops per core and, ultimately, for the entire server.

Give careful attention to different use cases where specific workloads require different combinations of CPU, clock speed, and memory. You must ensure that you also plan for growth and seasonal/occasional bursts seen in those workloads historically.

For a typical Horizon View deployment, there are two categories of VMs (virtual machines) recommended for deployment inside the data center: one for management purposes and another for desktop purposes. Management VMs are mainly servers (connection brokers, databases, etc.) whereas the desktop VMs are the actual virtual desktops.

For a production deployment, VMware recommends creating two separate cluster types–Management Cluster(s) and Desktop Cluster(s)–to avoid any race conditions that might arise as a result of, say, competing workloads or operational maintenance.

Storage: Key to VDI Success

Having worked with many customers across many different industry verticals (healthcare, financial, entertainment services, and manufacturing) I’ve noticed that there’s one critical success factor in common: storage.

For more information about VDI storage and detailed insight into what is important for a successful VDI deployment, read these two blog posts:

Part I: Storage Boon or Bane – VMware View Storage Design Strategy & Methodology
Part II: Storage Boon or Bane – VMware View Storage Design Strategy & Methodology

In my next post, I’ll cover the remaining considerations around a successful VDI deployment, including network and security, converged appliances, and desktop as a service. Stay tuned!


TJ has worked at VMware for the past four years, with over 20 years of experience in the IT industry. At VMware TJ has focused on enterprise architecture and applied his extensive experience to Cloud Computing, Virtual Desktop Infrastructure, SOA planning and implementation, functional/solution architecture, enterprise data services and technical project management.

TJ holds a Bachelor of Engineering degree in Electronics and Communications from Delhi University and has attained multiple industry and professional certifications in enterprise architecture and technology platforms. TJ is a speaker and a panelist at industry conferences such as VMworld, VMware’s PEX (Partner Exchange) and BEAworld. His passion is the real-life application of technology to drive successful user experiences and business outcomes.

Holistic Engagements Lead to Successful Outcomes

Ford DonaldBy Ford Donald, Principal Architect, GTS PSE, VMware

In my last post, I introduced an optimized consulting approach called the SDDC Assess, Design, and Deploy Service. The post focused on the technical blueprint, designed with common core elements, and the flexibility for custom implementation using modular elements. In this post, we’ll explore the process improvements that lead to holistic, mutually beneficial engagements.

The Work Stream Process
The six-step process takes into account both our prescribed starting point—the technical foundation—and the unique needs of the customer, with an eye towards a predictable outcome.

1. Solution Overview. We begin with an overview of the technical foundations and the new approach to help the customer understand the benefits of holistic consultation and the specific solution design. This sets a level discussion between the modeled approach and the pre-conceptions of how things work. Stepping back to review the approach gets us to the assessment phase quickly so we are all on the same page about how we’ll be working together.

2. Assessment Phase. In this phase, we assess what the customer already has in place, and where they would like to be at the end of the project. Some customers have strong opinions of design, others don’t. Defined gaps are where we come in with adaptations to the prescribed design, with layers and snap-ins added as desired.

3. Design Phase. Here, we bring forward the adapted solution, shaped to meet the customer’s needs and requirements, relative to our good starting point with the prescribed solution.

4. Deploy Phase. Given all the up-front work up to this point, deployment should be straightforward. We add what’s missing, modify what’s not right, and bulk up or whittle down to get to the adapted solution. Here we would add in things like Orchestrator if it’s not currently deployed, along with the Orchestration workflow library. These pre-defined, generalized, well-documented workflows are field-tested and designed so that we can easily provide support—this ensure that they are consistent across the board.

5. Knowledge Transfer. I like to call this the cool-down period. Here we take two steps back and let the environment learn, stabilize, and cool off a bit. For example, VCOps does best if it’s given three or four weeks to understand what normal is. This is a great time to train administrative staff on the new implementation and announce any operational or organizational transformations needed. It’s important to take the time to get a feeling for what’s new or changed, from interfaces and APIs to dealing with resources and loading up templates.

6. Solution Validation. In this phase we come together to look back and compare the results to the prescribed beginnings. If we haven’t hit the mark, remediation is required.

The Project Timeline
It’s important to note that each phase of the technical transformation has its own work stream process. No engagement should take on the entire thing as one major project. Rather, it should be a series of engagements that meet the customer’s timeline and adoption capability. The various stages will take place over a lengthy time period.

Traditionally, customer engagements have focused on the assessment or the design and deliver phase. By adding in the Solution Overview, and ensuring we’re all starting from the same point, we lay the foundation for success.


Ford Donald is a Principal Architect and member of Professional Services Engineering (PSE), a part of the Global Technical Solutions (GTS) team, a seven-year veteran of VMware. Prior to PSE, Ford spent three years as a pre-sales cloud computing specialist focusing on very large/complex virtualization deployments, including the VMware sales cloud known as vSEL. Ford also served as coreteam on VMworld Labs and as a field SE.

Working with VMware Just Gets Better

Ford DonaldBy Ford Donald, Principal Architect, GTS PSE, VMware

Imagine someone gives you and a group of friends a box of nuts and bolts and a few pieces of metal and tells you to build a model skyscraper. You might start putting the pieces together and end up with a beautiful model, but it probably won’t be the exact result that any of you imagined at the beginning. Now imagine if someone hands you that same box, along with a blueprint and an illustration of the finished product. In this scenario, you all work together to a prescribed end goal, with few questions or disagreements along the way. Think about this in the context of a large technical engagement, for example a software-defined data center (SDDC) implementation. Is it preferable to make it up as you go along, or to start with a vision for success and achieve it through a systematic approach?

Here at VMware, we’re enhancing the way we engage with customers by providing prescriptive guidance, a foundation for success, and a predictable outcome through the SDDC Assess, Design and Deploy Service. As our product line has matured, our consulting approach is maturing along with it. In the past, we have excelled at the “discovery” approach, where we uncover the solution through discussion, and every customized outcome meets a unique customer need. We’ve built thousands of strong skyscrapers that way, and the skill for discovering the right solution remains critical within every customer engagement. Today we bring a common starting point that can be scaled to any size of organization and adapted up the stack or with snap-ins according to customer preference or need. A core implementation brings a number of benefits to the process, and to the end result.

A modular technical solution

Think of the starting point as a blueprint for the well-done data center. With our approach, the core elements of SDDC come standard, including vSphere, vCenter Operations, vCenter Orchestrator, and software-defined networking thru vCNS. This is the clockwork by which the SDDC from VMware is best established, and it lays the foundation for further maturity evolutions to Infrastructure Service and Application Service. The core “SDDC Ready” layer is the default, providing everything you need to be successful in the data center, regardless of whether you adopt the other layers. Beyond that, to meet the unique needs of customers, we developed “snap-ins” as enhancements or upgrades to the core model, which include many of our desirable, but not necessarily included-by-default, assets such as VSAN and NSX.

The Infrastructure Service layer builds on the SDDC by establishing cloud-based metaphors via vCloud Automation Center and other requirements for cloud readiness, including a service portal, catalog-based consumption, and reduction of administrative overhead. The Application Service layer includes vCloud Application Director and elevates the Infrastructure layer with application deployment, blueprinting and standardization.

From our experience, customers demand flexibility and customization. In order to meet that need, we built a full menu of Snap-ins. These snap-ins allow customers to choose any number of options from software-defined storage, NSX, compliance, business continuity & disaster recovery (BCDR), hybrid cloud capabilities and financial/cost management. Snap-ins are elemental to the solution, and can be added as needed according to the customer’s desired end result.

Operational Transformation Support

Once you’ve adopted a cloud computing model, you may want to consider organizational enhancements that take advantage of the efficiency gained by an SDDC architecture. As we work with our customers in designing the technical elements, we also consult with our customers on the operational processes. Changing from high administrative overhead to low overhead, introducing new roles, defining what type of consumer model you want to implement – our consultants help you plan and design your optimal organization to support the cloud model.

The beauty of this approach shines in its ability to serve both green field and brown field projects. In the green field approach, where a customer wants the consultants to take the reins and implement top to bottom, the approach serves as a blueprint. In a brown field model, where the customer has input and opinions and desires integration and customization, the approach can be adapted to the customer’s environment, relative to the original blueprint.

So whether you’re building your skyscraper from the ground up, or remodeling an existing tower, the new SDDC Assess, Design and Deploy Service provides an adaptable model, with a great starting point that will help you get the best out of your investment.

Stay tuned for an upcoming post that gives you a look under the hood of the work stream process for implementing the technical solution.


Ford Donald is a Principal Architect and member of Professional Services Engineering (PSE), a part of the Global Technical Solutions (GTS) team, a seven-year veteran of VMware. Prior to PSE, Ford spent three years as a pre-sales cloud computing specialist focusing on very large/complex virtualization deployments, including the VMware sales cloud known as vSEL. Ford also served as coreteam on VMworld Labs and as a field SE.

 

VMware Horizon 6 (View) Firewall and Network Ports Visualized

Ray Heffer
By Ray Heffer, VCDX#122, VMware EUC Architect

Back in April 2012, I posted on my blog my original Horizon View network firewall ports diagram. Over the past two years, it’s been used widely both internally at VMware and in the community. Since Horizon 6 just recently released, I thought I’d create a brand new full size diagram to include Cloud Pod Architecture. This updated diagram contains a better layout and a new color theme to boot!  This image is 3767 x 2355 pixels, so simply click it to enlarge then ‘Save Image’ to get the full size HD version.

You’ll notice the addition of VIPA (View inter-pod API) and ADLDS port 22389 which are both used for Cloud Pod Architecture. Bear in mind that between your View Pods, you will still require the usual Active Directory ports.

Horizon 6 Firewall Diagram

Key Firewall Considerations for VMware Horizon 6

  • TCP 8472: View interpod API (Cloud Pod Architecture) – NEW
  • TCP 22389: Global ADLDS (Cloud Pod Architecture) – NEW
  • HTTPS (443): Horizon Client access, authentication and RDP tunnel (HTTPS Secure Gateway)
  • HTTPS (8443): Used by HTML Access (Blast)
  • HTTPS (22443): HTML Access (Blast) to Virtual Desktops
  • TCP 9427: Used by Windows multimedia redirection (MMR)
  • TCP 32111: USB Redirection
  • ESP (Protocol 50) used for Security Server and Connection Server IPSEC communication (requires Windows firewall with Advanced Security to be enabled)
  • UDP 500: IPsec negotiation for Security Server and Connection Server communication and pairing.

For a full list of network ports please refer to the latest Horizon 6 documentation: https://www.vmware.com/support/pubs/view_pubs.html


Ray Heffer is an EUC Architect working at VMware and a double VCDX with both VCDX-DCV (Data Center) and VCDX-DT (Desktop). Previously part of the VMware Professional Services team as a Senior Consultant, Ray now works for the Desktop Technical Product Marketing BU at VMware. Ray joined the IT industry in 1997 as a Unix admin, before focusing on end user computing with Citrix MetaFrame and Terminal Services in the early days. In 2004 Ray joined an ISP providing managed hosting and Linux web applications, but soon discovered VMware ESX 2.5 (and GSX!) and passed his first VCP in 2007. Ray has many years of complex infrastructure design and delivery including the integration of VCE Vblock for both EUC and Cloud, and two highly successful 10,000+ user VMware Horizon View design and implementation engagements. This post originally appeared on Ray’s blog. Follow Ray on Twitter @rayheffer.

Horizon View: RDS PCoIP Design Tips

By Dale Carter, Consulting Architect, End-User Computing

Dale CarterWith the release of VMware Horizon View has come the ability to not only configure virtual desktops but also virtual applications hosted on Windows RDS servers.

In this post, I will cover a couple of things that you should take into consideration when configuring virtual applications and how they might affect the sizing of your View Cluster and the number of connection servers you will need.

There are many different papers and posts on how to configure RDS servers themselves, so I will not be touching on that in this post. I want to discuss the effects of how the PCoIP connections connect to RDS servers and what you should look out for.

Scenario 1
The following diagram shows my first configuration. This includes a virtual desktop cluster and a single RDS farm. RDS Farm A in this example is hosting five applications: Word, Excel, Power Point, Visio and Lync.

Virtual Desktop Scenario 1

In this scenario if a user launches a virtual desktop and then an application, the user would be using a maximum of two PCoIP connections through the Horizon View infrastructure. It’s important to know that when configuring RDS with just one farm, if a user then launches a second application or all five applications, then all these applications will launch using the same PCoIP connection. This means that all five applications for that user would be running on the same RDS host. In this scenario, you need to make sure that each of your RDS hosts can handle all users opening all applications on each of the hosts.

The Horizon View connection servers do load balance a user’s connection when the user first connects to an RDS host. Users will always be sent to the RDS host with the lowest number of connections; however, once they are connected they will always go to the same RDS host until they completely disconnect from all applications.

In this scenario, if you have 300 users and they all launch Word, each RDS server will have 100 connections all running Word. It is also possible in this scenario that Servers A and B will only be running 100 instances of Word; whereas Server C could be running 100 instances of all five of the different software applications. This is why it is critical that the RDS servers are configured correctly.

Scenario 2
In the second configuration, I split the application across RDS host farms. The following diagram shows two RDS farms. The first, Farm A, is hosting Word, Excel and PowerPoint. The second, Farm B, is hosting Visio and Lync.

Virtual Desktop Scenario 2

 

Now in this scenario, if a user launches a virtual desktop and then the applications Word and Visio, we have managed to lighten the load on the RDS servers. By separating the application into different RDS farms, we now know that each RDS server is not going to get as much load when a user opens these applications. However, instead of a user only using two PCoIP connections the user is now using three PCoIP connections.

Conclusion
Given this information, it becomes more important than ever to know your users’ environment and the applications the users are using. When deploying Horizon View into your environment and taking advantage of the new hosted application functionality you need to ask yourself the following questions:

  • How many applications will be installed on each RDS host?
  • What is the hardware configuration of the RDS host?
  • How many RDS farms will be required?
  • How many PCoIP sessions will each user require?

For larger environments, the question might be: Will one or more View deployments be required? As the environments get larger, it might be a better design to have one View deployment for desktop connections and a separate deployment for hosted applications. In this scenario, VMware Workspace can become that central location for users to access all of their desktops and applications. With VMware Workspace 2.0, it is now possible to configure more that one View environment, giving you the option of multiple View environments that are all accessible from the one Workspace front end.


Dale Carter, a VMware Consulting Architect specializing in the EUC space, has worked in IT for more than 20 years. He is also a VCP4-DT, VCP5-DT and VCAP-DTD.

vCAC 5.2 to 6.x Construct Mappings

By Eiad Al-Aqqad

Eiad Al-AqqadThis post originally appeared on Eiad’s Virtualization Team blog.

vCloud Automation Center (vCAC) 5.x admins and architects might get surprised by vCAC 6.x construct naming, thinking VMware has abandoned the constructs vCAC used in the past. After a closer look, you will notice the construct functionalities are still the same as they used to be in 5.x. They were just renamed to fit the wider audience vCAC is currently addressing, and to be better aligned with broader functionality. The main difference is that a new Tenant Construct that did not exist in 5.2 was introduced in vCAC 6.x, as vCAC 5.2 did not support multi-tenancy.

I get asked quite often about the construct mapping between vCAC 5.2 and 6.x. The longer I deliver just vCAC 6.x engagements, the more I forget the construct mapping between vCloud Automation Center 5.2 and 6.x, so I decided to document it as a reference for myself and anyone else who needs it. Below is the best diagram I was able to find that highlights the construct mapping between vCAC 5.2 and vCAC 6.x:

vCAC Construct Mapping

 

Hope this help those of you familiar with vCAC 5.2 jump on 6.x with confidence.


Eiad Al-Aqqad is a Senior Consultant within the SDDC Professional Services practice. He has been an active consultant using VMware technologies since 2006. He is VMware Certified Design Expert (VCDX#89), as well as an expert in VMware vCloud, vSphere, and SRM. Read more from Eiad at his blog, Virtualization Team, and follow him on Twitter @VirtualizationT.