Home > Blogs > VMware Consulting Blog > Monthly Archives: April 2014

Monthly Archives: April 2014

Architecture Overview: Microsoft Lync with VMware Horizon View

By Ray Heffer, VCDX #122, VMware EUC Architect

Ray HefferSince VMware Horizon View 5.2, there has been support for Microsoft Lync 2013. In fact when I say ‘support’, I mean that both Microsoft and VMware have developed the architecture that provides a great user experience. Prior to Horizon View 5.2, only VOIP phones were supported and there were bandwidth constraints that made this unviable and resulted in a poor experience for end users.

For detailed information, see the VMware whitepaper on Horizon View 5.2 and Lync 2013, and take note of KB articles 2064266 and 2045726. In addition, Microsoft has a Lync 2013 technical resource page which covers the Lync 2013 VDI Plugin. If you’re new to Lync 2013 or VMware Horizon View, this post will provide you with an architecture overview of how Lync 2013 integrates with virtual desktops running with Horizon View 5.3.

Architecture
In the architecture diagram that I’ve sketched here (below), you can see two users (Bill and Ted) using a webcam and headset with microphone to talk to each other using Lync 2013. The user at the bottom is using a virtual desktop being accessed from a Windows client (PC or thin-client), which will be running one of the following: Windows Embedded Standard 7 with SP1, Windows 7 with SP1, or Windows 8 (Tech Preview). Microsoft hasn’t yet released a VDI Plugin for Linux or zero-client manufacturers.
Lync and Horizon Architecture

The virtual desktop (shown on the right) that Bill is using contains the Horizon View agent (which you’d expect) and the Lync 2013 client. When Bill launches the Lync 2013 client on his virtual desktop, it detects the Lync VDI plugin on his physical client machine and establishes a pairing over RDP or a PCoIP (virtual channel). RDP will work, but PCoIP is the recommended approach. At this stage you are required to enter the password again, but this can be saved to prevent it prompting every time.

Any instant messaging is still sent between the Lync 2013 client on the virtual desktop and the Lync 2013 server, but when Bill establishes a video call with Ted, who is also using the Lync 2013 client, the audio/video is sent directly from Bill’s client device to Ted and NOT from the virtual desktop. The benefit of this is that the audio and video won’t be sent over PCoIP, consuming valuable bandwidth, and the user experience will be much better (or at least as good) as using the native client. Remember that the Lync 2013 client itself is still communicating with the Lync 2013 server, but a large proportion of the bandwidth required for audio/video is no longer being passed back over PCoIP.

Troubleshooting
If you have Microsoft Lync 2013 Server in place then implementation is relatively simple, but there are some things that can get overlooked.

Here is a list of common troubleshooting tips:

  • Do NOT install the Lync 2013 client on the Windows client machine. The Lync 2013 VDI plugin will not work alongside the Lync 2013 client.
  • Make sure you are not using USB redirection for your webcam or microphone devices.
  • Make sure the Horizon View agent contains both PCoIP Server and Virtual Printing as a minimum to support Lync 2013.
  • Windows 7 SP1 must be installed.
  • You need to import the Lync 2013 Server certificate to your Windows client. This should be placed in the Trusted Root Certificate Authorities store.
  • The Windows client will need the ConfigurationMode, ServerAddressInternal, and ServerAddressExternal registry entries (see VMware documentation).
  • Make sure the bit level of the Lync 2013 client is the same level as the desktop OS (32 or 64 bit).

I’d love to hear your thoughts on Microsoft Lync 2013 and/or your experiences using it with Horizon View so feel free to comment below!


Ray Heffer, (VCDX #122), VMware EUC Architect, joined the IT industry in 1997 working with Unix and focusing on Microsoft server and Cisco networking infrastructure. While working for an ISP in 2005, Ray discovered VMware ESX 2.5 (and GSX!) and started migrating hosted workloads and discovering the joys of storage optimization, virtual networking and security. Achieving his first VCP in 2007, Ray has since specialized in VMware virtualization and has collected both VCP and VCAP certifications in data center (DCV) and desktop (DT) along the way. In addition, Ray holds ITIL v3, and MCSE certifications and today he works for VMware as an End-User Computing Architect in the Technical Enablement team. This post originally appeared on Ray’s blog. Follow Ray on Twitter @rayheffer.

How to Set Up a BYOD/Mobility Policy

By TJ Vatsa, Principal Architect, VMware Americas Professional Services Organization

TJ Vatsa

Smart phones have surpassed one billion worldwide for the first time in 2012 and that number will likely double by 2015, says Bloomberg. Smart phone sales are even surpassing desktop and laptop sales, according to IDC’s Worldwide Smart Connected Device Forecast Data.

Rolling out a bring-your-own-device (BYOD) policy and infrastructure to handle the influx of personal devices can be a harrowing journey if it’s not well planned. With users today demanding anytime access to business productivity apps, devices, and data on personal devices, not having a policy in place can be even more detrimental.

The first step to implementing a BYOD policy is to think about the devices themselves, how you’ll manage them, and the applications that are being used. VMware’s Horizon EUC (End User Computing) suite can act as the broker and management platform between devices and applications to ensure that the corporate network stays secure. (And users stay happy.)

The recent acquisition of AirWatch makes VMware the undisputed leader in the space of BYOD and mobility, providing the most mature EUC solution portfolio on the market today. This solution portfolio includes some of the key capabilities, such as:

  1. MDM: Mobile Device Management
  2. MAM: Mobile Application Management
  3. MCM: Mobile Content Management
  4. MEML Mobile Email Management
  5. SCL: Secure Content Locker
  6. And a plethora of additional features and functionalities

Now, having touched on the “why” above, let’s take a look at the “what” and “how” of the BYOD/mobility policy.

What: Devices, Applications, Management, Customizations

Below, I’ll lay out general steps to think about in your BYOD policy and tips to putting it in place. That said, every policy requires its own customizations: there’s no-one-size-fits-all approach. Healthcare has different requirements than a financial institution would, for example.

First Step: Devices and Access
With many solutions in the market, customers and integrators can overlook design. So the burning question an architect needs to ask is: “What kind of access for what types of devices?” For the purposes of this blog, we’ll look at the three most typical categories: LAN, VPN, and public network access (see chart below). You can use the sample matrix below to better assess the access you’d like to grant.

For instance, you’ll put devices on the X axis and network access on Y axis. Your LAN will need to be the most secure; therefore, only company-issued devices will have access. But BYOD devices can still gain network access through VPN or a public network, just no access to the LAN itself. These access and device controls need to be driven by your corporate security policies.

How: Design Dos and Don'ts (Devices & Access)

 

Second Step: Features and Capabilities
Once you’ve figured out access levels, next create a matrix to assess the desktop features and capabilities you’d like to grant. Public network settings will be the most stringent, but VPN and LAN will provide the security you need to enable most desktop features. You’ll want feature category on the X axis against network access on the Y axis, like so:

How: Design Dos & Don'ts (Features & Capabilities)

With your LAN, multimedia redirection is another consideration. If a user is accessing a desktop on the corporate network, audio and video capabilities might require provisioning on the end device. In certain cases, WAN bandwidth may cause an issue accessing corporate recordings. The same issue may happen with printing as well. Ensure that you comply with corporate IT policies while evaluating and enabling such features.

Third Step: Applications
Last, consider your applications entitlement. It’s easy to restrict applications through the catalog of applications provided in the Virtual Workspace Catalog, and the entitlements can be adjusted by department–so your finance department will get access to a different catalog of applications than HR would. Or you can restrict application entitlements based on security rules. For instance, Active Directory GPOs (Group Policy Objects) can be effectively used to enforce business/department specific security policies.
image4-Entitlements-Vatsa-4.18.14

As you can see, creating a BYOD policy doesn’t need to be daunting. If you think through the various steps, you’ll have a secure network access, happy end-users, and a policy that ensures a successful and a mature adoption of your enterprise BYOD/mobility strategy.

I hope you will find this information handy and useful during your BYOD/mobility architecture design and deployment strategy.


TJ Vatsa has worked at VMware for over four years, with over 19 years of expertise in the IT industry, mainly focusing on the enterprise architecture. He has extensive experience in professional services consulting, cloud computing, VDI/End-User Computing infrastructure, SOA architecture planning, implementation, functional/solution architecture, and technical project management related to enterprise application development, content management, and data warehousing technologies. Catch up with TJ on Twitter, Facebook, or LinkedIn.

Success and Innovation Starts with the Right Platform

By Gary Hamilton, Senior Cloud Management Solutions Architect, VMware

GH 2012_001_medium

Every day, companies like Square, Uber, Netflix, Airbnb, the Climate Corporation, and Etsy are creating innovative new business models. But they are only as innovative as the developers who build their applications and the agility of the platform on which those applications are delivered.

By using Pivotal CF, an enterprise PaaS solution (powered by Cloud Foundry) that is constantly delivering updates to and horizontally scaling their applications with no downtime, companies can develop applications at the speed of customer need/demand, not inhibited by infrastructure.

Businesses, now more than ever, have a greater need for agility and speed–a solid underlying platform is the key to delivering faster services.

We all consume software as a service (SaaS) like Gmail every day via our laptops, smart phones, and tablets. Platform as a service, or PaaS, acts as the middle layer between the applications and the infrastructure (that is compute, storage and network). If everything is operating smoothly, the actual infrastructure on which software is built is something that few users even give a second thought. And that’s how it should be.

The concept and value of infrastructure as a service (IaaS) is easy to understand and grasp. Being able to consume virtual machines (VMs) on demand, instead of waiting days or weeks for a physical server, is a tangible problem. Platform as a service (PaaS) is different. Delivering VMs with middleware installed is how PaaS solutions have traditionally been presented, but isn’t that a software distribution and automation problem?

And therein lies the problem. We have neither identified the real problem, nor the real end user to whom PaaS is a real solution, and it is therefore difficult to quantify the real value proposition of PaaS.

As stated earlier, PaaS is intended to provide that middle layer between the infrastructure and the application. PaaS should be providing services that are leveraged/used by the application, enabling the application to deliver its services to its end user, abstracting that middle layer and the infrastructure. When we think about PaaS in these terms, we begin to hone in on the real problem and the real PaaS consumer: the developer.

However, the problem the developer faces is how to plug new services into an application on demand as quickly as he/she is able to develop the new application. Developers are neither DBA or Hadoop experts, nor are they experts in high availability (HA) and resilience, they are not security experts nor are they scaling and capacity management specialists.

With PaaS, developers can use services that meet functional and non-functional requirements on demand: they should be plugged right in with a variety of databases on demand. (Think of it as any database, elasticity, security, HA, or analytics on demand.) The possibilities are exciting! PaaS essentially brings in an application with business services wrapped around it and applications are enterprise-ready at the click of a button, versus waiting weeks or months to complete integration and performance testing.

The PaaS model is a bit different as it means consultants support a developer who then supports a business. The conventional cloud solutions are aimed at the end user or a customer, whereas now the focus is on the applications. As far as IT goes, the focus is shifting toward innovation away from the mentality that IT is about cost savings.

IT is No Longer About Saving Money

That’s right, IT is no longer about saving money. Sure, saving money is important, but that’s not where the real value is. The value is in new services that create new revenue streams.

Just look at the innovative companies I listed above. To succeed, they had to recognize that developers are the engine of innovation and innovation helps to drive revenue.

To help educate customers, consultants need to assume the role of educator so companies can understand how to become more agile in the face of a changing industry.

The problem is, many businesses see IT as a cost center and think that spending on IT isn’t money well spent. Businesses need to innovate to grow revenue. PaaS resonates with those innovative companies: they recognize that a fast and agile platform can only help them innovate and deliver new services faster. And, in turn, that leads to profitability.


Gary Hamilton is a Senior Cloud Management Solutions Architect at VMware and has worked in various IT industry roles since 1985, including support, services and solution architecture; spanning hardware, networking and software. Additionally, Gary is ITIL Service Manager certified and a published author. Before joining VMware, he worked for IBM for over 15 years, spending most of his time in the service management arena, with the last five years being fully immersed in cloud technology. He has designed cloud solutions across Europe, the Middle East and the US, and has led the implementation of first of a kind (FOAK) solutions. Follow Gary on Twitter @hamilgar.

Create a vCOps One-Click Cluster Capacity Dashboard Part 2

Sunny DuaBy Sunny Dua, Senior Technology Consultant at VMware

As I promised in my last post, Create a One-Click Cluster Capacity Dashboard Using vCOps, I am going to share the recipe for preparing dashboards similar to the “One-Click Cluster Capacity Dashboard,” which received a lot of appreciation from the Twitterati. A number of people  deployed the dashboard and within minutes they could showcase the capacity of their vSphere Clusters.

Now I want to take this one level deeper and tell you how you can create your own cool XMLs within vCOps Custom UI (included with Advanced & Enterprise Edition) to create the dashboard to showcase to your CxO, IT VP or the NOC team who are monitoring the virtual infrastructure. I call this the “behind the scenes” post because it will get into XML coding. Creating these XMLs is way easier than I thought, so go ahead, read on….

To begin, let’s have a look at the XML file I created for scoreboard interactions in Part 1 of this two post series. Here is how the file is structured and the details of the components that make up this file. Understanding this is critical.

 

One-Click Part 2 Image 1

Hint: Open this image on a separate page to get all the details.

Now if you have spent some time reading the details of the image above, the first question you will have is “Where can I find the adapterkindKey, resourcekindKey and the Metric attrkey to make my dream dashboard?”

adapterkindKey – This is the easiest one. If you want to see metrics from your vSphere environment, you will use VMWARE as the adapter kind. If you have collectors installed for third-party products, refer to their documentation for the adapter name.

resourcekindKey and attrkey – These keys are stored in the vCOps database. The procedure to access the database is defined in VMware KB – 2011714, but I have simplified it in the steps below.

To access the VCOps database and retrieve the resourcekindKey and attrkey

1. Open the following URL in your environment:
https:///vcops-custom/dbAccessQuery.action

2. When you see the vCOps DB Access Query page, run the following query. This will fetch the data you need. Note: Copy and paste the query starting at select and ending at ‘HostSystem’. (Ignore the asterisks.)

*********************************************************************************
select a.ADAPTER_KIND_ID, a.ADAPTER_KEY, b.RESKND_ID, b.RESKND_KEY, e.ATTRKEY_ID, e.ATTR_KEY
from AdapterKind a
inner join ResourceKind b on (b.ADAPTER_KIND_ID = a.ADAPTER_KIND_ID)
inner join AliveResource c on (c.RESKND_ID = b.RESKND_ID)
inner join ResourceAttributeKey d on (d.RESOURCE_ID = c.RESOURCE_ID)
inner join AttributeKey e on (e.ATTRKEY_ID = d.ATTRKEY_ID)

where a.ADAPTER_KEY = ‘VMWARE‘ or b.RESKND_KEY = ‘HostSystem

*********************************************************************************

If you are looking for keys related to an adapter other than VMware, change the values highlighted in blue in the query.

3. The query will give you all the data you need, in the following format. (The screenshot below is from my lab.)

One-Click Part 2 Image 2

Here, you will see the resourcekindKey and attrkey which will help you to create your own XML for the values you want to showcase for a particular resource. Once you have done that, you just need to import this XML into the default interactions location mentioned in my last post. Now you are ready for scoreboard interactions.

It’s that easy!

I hope you will use this recipe for good, and I would appreciate if you can share the XMLs you create with it. I am planning to host a repository on my blog to include some easily re-usable dashboards that can help those in the VMware Community who are using or planning to use the vCenter Operations Manager. As always, please share your thoughts and ideas in the comments section.


This post originally appeared on Sunny Dua’s vXpress blog. Sunny is a senior technology consultant for VMware’s Professional Services Organization, focused on India and SAARC countries. Follow Sunny on Twitter @sunny_dua.