By Rick Terlep and David Gilon.
In our recent blog series, Learn about the Horizon Control Plane, we introduced you to our virtual desktop infrastructure (VDI) cloud management services providing universal brokering, monitoring, image, application and lifecycle management. IT can leverage these services for a unified and simplified management experience across Horizon Pods, regardless if the pods are on-premises or in the cloud. We also looked closer at Image Management for Horizon which simplifies and accelerates the use of templates across multiple sites, pods and pools while providing next-generation change tracking and easy to use pool to image update instructions.
Now, we are very excited to add general availability of Image Management for Horizon Cloud on Azure to our already available Image Management for Horizon as part of our SaaS-based services. This week, we are highlighting a series of updates to the Horizon Control Plane.
With this, you can bring the same IMS functionality from Horizon to Horizon Cloud on Azure for more flexibility and scaling of desktops to Azure. Please view this short video for an overview of the new service, architecture, the publishing process and demo of IMS.
This is very similar to the post we wrote last year regarding using IMS for Horizon Pods. However, the information here is specific to how IMS works with Horizon Cloud on Azure Pods. This blog post will cover the challenges of image management; provide an overview of the image management service; and talk about one of our favorite features — markers — all for Horizon Cloud on Azure.
The Challenges of Image Management
If you are responsible for a VDI environment, you know that managing a collection of virtual machine images is a chore. It is difficult to maintain a fully patched operating system image, and the basic application load, and the respective patches, all while maintaining proper version control of your images. This gets even more complex when you have different user groups who need access to different applications. Many IT administrators in your position reduce the burden by leveraging App Volumes to present applications into a golden image. However, maintaining version control of even a clean, optimized golden image across multiple locations can be a tedious, yet critical chore.
To break it down, we know that Horizon Cloud customers have significant challenges at scale:
- Typical organizations may have five to 15 unique image payloads as source material for provisioned VMs.
- Given large deployments, organizations may have to manage significant number of copies (five to 20 or more) per unique image, resulting in 25-100+ image objects in the environment.
- Often these images need to be updated once or twice a week to keep up with security and application updates, this means 10-30 updates per week in the best case.
- Orchestrating the workflow to produce, validate and publish images and then to replicate and acclimate them to all the different Horizon destinations is a tedious, manual and lengthy process requiring active monitoring and troubleshooting that is prone to error.
- Organizations may be spending hundreds of hours and tens of thousands of dollars just shuffling content and managing updates of provisioned workloads.
- There is no content management system that holistically captures and presents the catalog of images fueling the virtual environment and helps you keep track of your change history.
One of the key services featured in the Horizon Control Plane is the Image Management Service. It makes managing images easier for customers who are on our newer smart node versions (26xx and higher) and already take advantage of Multi-Cloud Assignments and Universal Broker for their VDI workloads.
Image Management Service Overview
Image Management Service (IMS) provides a simplified way to manage and distribute Horizon images across individual Horizon Cloud Pods by leveraging infrastructure components to replicate and manage images.
IMS enables you to automate the replication of an image to multiple locations, and then update individual or groups of virtual desktop assignments to the new releases. You can update fleets of assignments with a single command using marker tags. IMS will also optionally let you install the NSX cloud agent, and Horizon Agent and select its enabled features so you don’t need to remember to do that.
This is important because it lets administrators:
- Build a single reusable image catalog rather than manage fleets of duplicate objects.
- Focus on Windows settings and line of business application changes.
- Automate and accelerate the process of image publishing and replication to all your connected sites and Pods.
- Retain historical trail of which image versions came from which previous versions in case you need to troubleshoot image functions.
- Update fleets of pools with a single operation of moving a marker (tag) from an existing image version to the target version.
Limitation Note: Due to image format, Horizon Cloud Azure images are limited to use within Horizon Cloud on Azure Pods, and Horizon images are limited to use within Horizon Pods.
The Image Management Workflow
Admins use the following simple steps to create and maintain images.
Import an image
Admins can import an image from the Azure Marketplace or a Custom VM in Horizon Cloud on Azure. The image will be copied to a customer-owned storage and labeled as unpublished. It’s important to note that we only store images and copies on customer-controlled storage whether local or in the cloud.
Customize and Update your image
Admins then access the image directly via RDP to make changes to that unpublished image. You can take the opportunity at this time to use VMware’s OS Optimization tool to make sure your image is optimized to run properly in the target virtualized environment.
Publish (and Replicate) the image to Connected Pods
When publishing the image, the admin can optionally choose to auto install the Horizon Agent if they have not done so yet as well as the NSX Cloud agent. Part of the publish operation is replicating the image to all selected Pods in Horizon Cloud on Azure respectively. The admin console will inform you if any problems occur throughout this process either for publishing or replicating.
Mark the image for use
Either when publishing or any time after, you can add and remove Marker tags from any image version as long as they are unique to that image content tree (version history). Markers are how pools and assignments will refer to and know which image version to use. We will go into more details about that further in the article.
The Multi Cloud Assignment now uses the image name and maker, rather than referencing an image version directly.
When an in-use marker is moved to a different image version, all assignments referencing that marker will receive a refresh instruction.
Creating a new version
Wrapping up the lifecycle is allowing admins to create the new version from any pre-existing version in this image history. You can even go back to the very initial version you imported if needed.
The picture below illustrates the common basic workflows that admins will use with the Horizon Control Plane Image Management Service for Horizon Cloud on Azure
Why use Markers
A marker tag is a unique label that is used to identify a use case that a particular image version is suitable for. Markers are unique, but image versions can have one or more markers assigned to them.
VM assignments refer to the marker tags in order to identify which image to clone and provision virtual machines from. By using these markers, you can orchestrate the updating or rolling back of images as needed for individual user groups or different assignments if necessary. Change history is recorded in an image version tree.
These features are designed to take a lot of the manual labor out of managing golden images and assignment/pool refreshes.
Let’s take a look at a visual example. ABC Financial has many assignments (also referred to here as pools) servicing its contract development community. They have a particular image they maintain for that community. Their current production version is 19, but they do maintain an ultra-stable version for their trading platform developers at 17. They have chosen to break their pools into five waves of updates: User Acceptance Testing (UAT), Staging Environment and three waves for production so they can stagger the updates. Each of their 35 pools serving the contract developers will point and follow a specific marker.
When the admin is ready to test version 20 of the image, all they have to do is move the UAT marker to version 20. Any pools following UAT will immediately begin to update.
When the admin is ready to move to image to the STAGING phase, they can move the STAGING marker, and similarly once that has cleared and they are ready to move to production, they can just move markers and all the pools following a specific marker will update.
Markers can be moved to any version, to promote changes and to also rollback to a previously approved version.
Taken together, all these capabilities are designed to remove the manual labor out of managing images.
For more information
If you want to learn more about the Image Management Service, check out the video demonstration, review the Reference Architecture, and see Managing Horizon Images from the Cloud in the product documentation.