30s Male.
Featured VMware Horizon VMware Horizon Cloud

Learn about the Horizon Control Plane – Image Management

By David Gilon and Rick Terlep

Many organizations leverage a Virtual Desktop Infrastructure (VDI) solution in a hybrid or multi-cloud manner for today’s most urgent use cases, including work from home, business continuity, real-time bursting, disaster recovery and high availability. They might start out with the virtual desktops or Microsoft RDSH server farms residing on-premises, and later on deploying and scaling-up Horizon Pods of desktops and apps in one or more private or public clouds, while retaining their original on-premises Horizon Pods. This way, organizations can elastically increase or reduce their VDI capacities, or migrate their VDI environments from on-premises to the cloud completely when they are ready.

This results in a hybrid and multi-cloud architecture, where organizations place Pods of Horizon desktops and apps in one or more public or private clouds. In the past, having a hybrid and multi-cloud architecture significantly increased management complexity, as IT had to manage on-premises and cloud deployments with multiple sets of tools and different consoles.

Now, with the Horizon Control Plane — which consists of a set of cloud-based management services including monitoring, image, application and lifecycle management — IT can enjoy unified and simplified management across Horizon Pods, regardless if the Pods are on-premises or in the cloud.

This blog series will introduce each of the five management services available in the Horizon Control Plane that makes IT’s life easier. Today, we are very excited to kick off the series with Image Management.

The Challenges of Image Management

If you are responsible for a VDI or RDSH environment, you know that managing a collection of virtual machine images is a chore. It is difficult to maintain a fully patched operating system image, and the basic application load, and the respective patches, all while maintaining proper version control of your images. This gets even more complex when you have different user groups who need access to different applications. Many IT administrators in your position reduce the burden by leveraging present applications into a golden image. However, maintaining version control of even a clean, optimized golden image across multiple locations can be a tedious, yet critical chore.

To break it down, we know that Horizon and Horizon Cloud customers have significant challenges at scale:

• Typical organizations may have 5-15 unique image payloads as source material for provisioned VMs (VDI and RDSH).

• Given large deployments, organizations may have to manage significant number of copies 5-20 or more per unique image (resulting in 25-100+ image objects in the environment).

• Often times these images need to be updated once or twice a week to keep up with security and application updates, this means 10-30 updates per week in the best case.

• Orchestrating the workflow to produce, validate and publish images as well as replicate and acclimate to all the different Horizon destinations is a tedious, manual and lengthy process requiring active monitoring and troubleshooting and is prone to error.

• Organizations may be spending hundreds of hours and tens of thousands of dollars just shuffling content and managing updates of provisioned workloads.

• Furthermore, there is no content management system that holistically captures and presents the catalog of images fueling the virtual environment and helps you keep track of your change history.

VMware Horizon Control Plane has a feature called Image Management Service that now makes this chore easier. Note that Image Management for Horizon Cloud on Microsoft Azure works similarly with slight platform specific variations and reductions in functionality – such as importing new images directly from the Azure Image Marketplace and only available for VDI workloads at this time.

Image Management Service Overview

The Image Management Service (IMS) is one of the key features provided by Horizon Control Plane. IMS provides a simplified way to manage and distribute Horizon images across individual Horizon Pods and Horizon Cloud Pods by leveraging infrastructure components to replicate and manage images.

IMS enables you to automate the replication of an image to multiple locations, and then update individual or groups of virtual desktop pools or server farms (as well as Azure VDI Assignments) to the new releases. You can update fleets of pools and assignments with a single command using marker tags. IMS will also optionally let you install the horizon agent and select the enabled features so you don’t need to remember to do that.

This is important because it lets administrators:

• Build a single reusable image catalog rather than manage fleets of duplicate objects.

• Focus on Windows settings and line of business application changes.

• Automate and accelerate the process of image publishing and replication to all your connected sites and Pods.

• Retain historical trail of which image versions came from which previous versions in case you need to troubleshoot image functions.

• Update fleets of pools with a single operation of moving a marker (tag) from an existing image version to the target version.

Limitation Note: Due to image format, at this time Horizon images are limited to Horizon Image Pods and Horizon Cloud Azure images are limited to Horizon Cloud on Azure Pods.

The Image Management Workflow

Admins can use the following simple steps to create and maintain images:

Figure 1. Image Service for Horizon Catalog Main Screen

Import an image

Admins can import an image from an existing Template or Snapshot in Horizon or from the Azure Marketplace or a Custom VM in Horizon Cloud on Azure. The image will be copied to a customer-controlled storage location (onsite datastore or azure subscription whichever is applicable) and marked as unpublished. It’s important to note that we only store images and copies on customer-controlled storage whether local or in the cloud.

Figure 2. Image Service for Horizon Import Image

Customize and Update your image

Admins then access the image directly via vCenter Console Access or RDP to make changes to that unpublished image. You can take the opportunity at this time to use VMware’s OS Optimization tool to make sure your image is optimized to run properly in the target virtualized environment.

Publish (and Replicate) the image to Connected Pods

When publishing the image, the admin can optionally choose to auto install the Horizon Agent if they have not done so yet. Part of the publish operation is replicating the image to all connected Pods in Horizon or Horizon Cloud on Azure respectively. The admin console will inform you if any problems occur throughout this process either for publishing or replicating.

Figure 3. Image Service for Horizon Publish New Version and Replicate 

Figure 4. Image Service for Horizon Version Copy Details

Mark the image for use

Either when publishing or any time after, you can add and remove Market tags from any image version as long as they are unique to that image content tree (version history). Markers are how pools and assignments will refer to and know which image version to use. We will go into more details about that further in the article.

Figure 5. Image Service for Horizon Marker shown on version 2.0

When an in-use marker is moved, all pools referencing that marker will receive a refresh instruction.

Figure 6. Image Service for Horizon Pools Updated to latest version after marker moved.

Creating a new version

Wrapping up the lifecycle is allowing admins to create the new version from any pre-existing version in this image history. You can even go back to the very initial version you imported if needed.

Figure 7. Image Service for Horizon Creating a new version

To Summarize

The picture below illustrates the common basic workflows that admins will use with the Horizon Control Plane Image Management Service:

Why use Markers

A marker tag is a unique label that is used to identify a use case that a particular image version is suitable for. Markers are unique, but image versions can have one or more markers assigned to them.

VM pool assignments refer to the marker tags in order to identify which image to clone and provision virtual machines from. By using these markers, you can orchestrate the updating or rolling back of images as needed for individual user groups or different pools if necessary. Change history is recorded in an image version tree.

These features are designed to take a lot of the manual labor out of managing golden images.

Let’s take a look at a visual example. ABC Financial has many pools servicing its contract development community. They have a particular image they maintain for that community. Their current production version is 19, but they do maintain an ultra-stable version for their trading platform developers at 17. They have chosen to break their pools into five waves of updates: User Acceptance Testing (UAT), Staging Environment and three waves or production so they can stagger the updates. Each of their 35 pools serving the contract developers will point and follow a specific marker.

When the admin is ready to test version 20 of the image, all they have to do is move the UAT marker to version 20. Any pools following UAT will immediately begin to update.

When the admin is ready to move the image to the STAGING phase, they can move the STAGING marker, and similarly once that has cleared and they are ready to move to production, they can just move markers and all the pools following a specific marker will update.

Markers can be moved to any version to promote changes and to also rollback to a previously approved version.

Taken together, all these capabilities are designed to remove the manual labor out of managing images.

For more information

If you want to learn more about the Image Management Service, check out the video demonstration, review the Reference Architecture, and see Managing Horizon Images from the Cloud in the product documentation.

Related Articles