General support for VMware Horizon 7 ends April 30, 2023, impacting all versions up to and including VMware Horizon 7.13. Read this blog to understand why and how to upgrade to Horizon 8 now: “Top 8 Reasons to Upgrade to VMware Horizon 8.”
With our latest release of VMware Horizon 7, Horizon 7.1 extends just-in-time delivery of virtual desktops to include published applications delivered from Remote Desktop Session Hosts (RDSH) and powered by the Just-in-Time Management Platform, or JMP, bringing increased speed, scale, and simplicity. With Just-in-Time Apps, you dramatically simplify deployments with a tightly integrated stack, fewer components, and easy maintenance by using VMware Instant Clone Technology.
This blog covers what an instant clone is and how it works, how to start using instant clones for RDSH, and what maintenance options are available. We also provide some best practices.
What Exactly Is an Instant Clone?
Instant Clone Technology leverages vmFork, which uses rapid in-memory cloning of a running parent virtual machine in a quiescent state, and copy-on-write to rapidly deploy virtual machines.
(Thanks to Duncan Epping for the original of this diagram: Project Fargo aka VMFork – What is it?)
A running parent virtual machine is brought to a quiescent state, then child VMs are spawned (forked) from the parent with a unique UUID/MAC, and the disk is rebased on the replica disk and resumed. The child VMs are then prepared with new network settings (machine name, MAC address, and so on) and restarting of the quiesced services. Because these child VMs utilize the replica disk and shared memory pages from the host, there is no dependency on the parent after cloning. Both memory and disk are copy-on-write, so if a child modifies bits of its memory or disk, a separate copy is made for that virtual machine. All of this happens without any operating system restarts.
What Benefits Do Instant Clones Bring to the Deployment and Management of RDSH?
Instant clones allow you to deploy RDSH servers more rapidly, scale more easily, and perform maintenance up to 85 percent more quickly than was previously possible. Instant clones improve security by regenerating and automatically refreshing RDS hosts on a scheduled basis. Instant Clone Technology requires half the required steps compared to View Composer when deploying or scaling.
(Thanks to Fred Schimscheimer for this diagram: VMware Instant Clone Technology for Just-In-Time Desktop Delivery in Horizon 7 Enterprise Edition.)
How Do I Provision RDSH Instant Clones with Horizon 7?
Horizon Administrator is the web interface through which you configure the Connection Server and manage your remote desktops and applications. To use instant clones, you need to add a user account privileged to join machines to the domain, create a master image, and set up a farm.
- Configure instant clones.
a. In Horizon Administrator, select View Configuration> Instant Clone Domain Admins and click Add.
b. Type the username and password, and click OK.
2. Create a master virtual machine.
a. Create an RDS host virtual machine.
b. Install the Horizon Agent with VMware Horizon Instant Clone Agent selected and VMware Horizon View Composer Agent deselected.
c. Shut down the VM and take a snapshot.
3. Create a farm with the wizard by navigating to Resources > Farms and clicking Add.
a. On the Type page, select Automated Farm.
b. On the vCenter Server page, select Instant Clones and the vCenter Server used for the RDS hosts.
c. On the Identification and Settings page, provide a name in the ID field.
d. Complete the Provisioning Settings page. Here you can select how many RDS hosts you want to create and how many should stay available during maintenance operations to make sure users are not impacted.
e. On the Storage Optimization page, you can select whether to use vSAN and separate datastores for replica and OS disks.
f. On the vCenter Settings page, point to the image and snapshot created in Step 2, and select the datastores, cluster, resource pool, and network to be used.
g. On the Guest Customization page, select the domain-join account created in Step 1, and select the AD OU where the RDS hosts will be created. Optionally, you can provide scripts with parameters to adjust the RDS host during the customization process.
Creation Process
The creation of the VM template, replicas, and parents is the publishing—also called priming—process, and the creation of the RDSH VMs (the instant clones) is the provisioning process.
Publishing is done only when you create a new farm or make changes and want to update an existing farm to reflect the changes. Publishing the master image can take from 7 to 40 minutes, depending on the type of storage and number of hosts you are using. Provisioning the servers takes only 1 or 2 seconds per server. You can perform these tasks at separate times by not enabling provisioning in the Add Farm wizard, so that the provisioning process occurs either at a scheduled time or immediately after the publishing process is complete. When you scale up the pool, all that needs to be done is provisioning.
The provisioning process does not require power operations, and the clones are forked from a running parent VM, so the process takes only a couple of seconds. The engine customizes each forked instant clone. This ClonePrep process performs the following customization tasks in roughly 30 seconds, all without requiring a reboot:
- Gives the VM a unique MAC address
- Updates the computer account password
- Restarts quiesced services
- Joins the machine to the Active Directory domain
- Activates the Microsoft license
Example deployment times (including waiting times) in our testing lab are as follows:
| Instant Clones | Composer Linked Clones | |
|---|---|---|
| Total for 1 and then scaling to 51 RDS hosts | 9 minutes 45 seconds | 35 minutes 56 seconds |
| Template creation | 3 minutes 38 seconds | N/A |
| Replica creation | 3 minutes 58 seconds | 3 minutes 4 seconds |
| Parent creation | 13 seconds | N/A |
| Clone 1 RDS host | 2 seconds | 25 seconds |
| ClonePrep \ SysPrep (for 1 RDS host) | 26 seconds | 13 minutes 38 seconds |
| Total for 1 RDS host | 8 minutes 17 seconds | 17 minutes 7 seconds |
| Clone 50 RDS hosts | 48 seconds | 4 minutes 1 second |
| ClonePrep / SysPrep (for 50 RDS hosts) | 40 seconds | 14 minutes 48 seconds |
| Scaling from 1 to 51 RDS hosts | 1 minute 28 seconds | 18 minutes 49 seconds |
In the previous table, note how quickly you can scale from 1 to 51 RDS hosts, with instant clones: in 1 minute 28 seconds.
In the testing lab, 200 RDS hosts can be instant cloned, including template/replica/parent creation, in less time than View Composer takes for replica creation and a single RDS host!
How Do I Ensure My RDS Hosts Stay Optimal and Up to Date?
Horizon 7 allows for easy modification of the RDS host and farms. You can use the Maintenance Wizard to either schedule automatic or recurring maintenance, or perform an out-of-band, emergency update.
- A recurring maintenance schedule ensures that the clones are periodically regenerated. Any potential contamination is removed so that the farm runs optimally. Recurring maintenance at a specific time can be scheduled on a daily, weekly, or monthly basis.
- Immediate maintenance can also regenerate the clone but is typically used to update the farm with patches or other updates to the master image. Immediate maintenance can optionally be delayed to a future date and time, such as after business hours.
If you perform maintenance with the current master VM and snapshot, all that needs to be done is provisioning, but you can also make changes to the master and use a new snapshot, or use a different master and snapshot.
It is possible to choose whether to log users out or wait for them to log out before performing maintenance.
Best Practices to Consider When Deploying RDSH
- There are two recommended virtual CPU configurations when deploying RDSH. Which one works best depends on the actual application workload and is something that should be tested before making a final decision:
- 4 sockets with 1 core per socket with a 1:1 virtual-to-physical CPU ratio
- 8 sockets with 1 core per socket with a 2:1 virtual-to-physical CPU ratio
Make sure the ratios do not span CPUs.
Example:
The hosts used for the RDSH cluster have two Intel Xeon Processor E5-2699A v4 (a total of 22 cores).
The hosts should run a maximum of 2 (physical CPUs) * 1 (1:1 ratio) * 20 (physical cores rounded down to the closest multiple of 4) / 4 (virtual single core sockets) = 10 RDSH VMs and not 11.
This amount is equal for both ratios. The extra cores are not lost, but used for virtual networking, storage, and other host tasks.
- The amount of memory assigned should be assessed by actual application usage. We recommend reserving the full amount of memory to make sure accidental over-commitment does not occur and no disk space is wasted with unused swap files.
- We recommend installing all available updates to Microsoft Windows and other Microsoft products with Windows Update or WSUS when creating the image. You may have to first manually install Windows Update Client for Windows 8.1 and Windows Server 2012 R2: March 2016.
- Run the VMware OS Optimization Tool with the default options, which can reduce the resources needed by Windows Server by 15 percent. The tool speeds up Windows and gives users a faster and better experience.
One optimization that you might want to disable is TCP/IP Offload in the HKLM settings when all host network cards are capable of offloading.
- Space reclamation is recommended. By reducing the vmdk size that expanded by patching Windows, you can speed up the publishing process. In testing, the image shrank from 58.29 GB to 12.82 GB, which saved 1 minute and 34 seconds from the creation of the replica. In a production environment where the storage system is also busy doing other things, this savings can be much bigger.
- Use the Windows built-in Disk Cleanup utility to delete unnecessary files.
- Empty space should be zeroed so the space can be reclaimed. Sysinternals SDelete can do this on Windows. Example: sdelete64.exe –z c:
- On a VMFS 5 volume, you can use vmkfstools to reclaim the zeroed empty space, which would also save diskspace for the master. Example: vmkfstools -K /path/to/disk-name.vmdk. On non-VMFS volumes, you can clone to a thin disk.
- Actively monitor the environment. A perfect match would be vRealize Operations for Horizon, which can track the health of the hypervisor layer, network, sessions, users, and applications through a single console.
Conclusion
Just-in-time delivery of published applications from RDS hosts, powered by Instant Clone Technology is a big time-saver and simple to configure.
Adhering to the best practices for creating a master image at the start ensures that you get the best performance for your applications. Use monitoring plus recurring maintenance to keep your implementation functioning properly and performing optimally.
So, what are you waiting for? It is time to JMP in.
