I was wondering what my next VMware certification was going to be until it was decided for me. We’re moving forward with a VDI (Virtual Desktop Infrastructure) roll-out with VMware Horizon Suite. That means packing a virtual lunchbox and heading off to an online class, specifically VMware Horizon View 5.2: Installation, Configuration and Administration. I considered the design class, but decided against it, figuring I would do more administration than designing over the long haul.
This is my third VMware class. I’m not a big RTFM guy, and I like the interaction of a class, so I take them when I can. I’m always hoping there is someone in there besides the instructor who can share experiences. Like most, this will be my first VDI roll-out, and if you’ve done any research on this for your business, you know that it has to get off to a good start, or it can go south pretty quickly.
My experience with Horizon before I registered for the class consisted of building a working test environment for about 30 users. I re-allocated four HP BL460c class blades in a c7000 chassis. Using vSphere 5.1 (the hardware isn’t on the go-list for 5.5), I built a new vCenter and two HA clusters. One cluster is for management, and the other houses the VDI desktops. It’s up and working, and most of the admin, service desk staff and selected users have been using it for a month or so. I would recommend you work a bit with this suite before the class. The labs won’t do justice to actually tinkering with it, breaking it (as I did) and fixing it. You don’t have to be VMware certified to take the class, but it helps if you have some vSphere experience. There’s a big difference between a virtualized datacenter and a VDI environment. I’ve been in the datacenter for a while, so I had to adjust my thinking a bit for this. It certainly isn’t a one-to-one comparison.
OK, so on with the notes. I try to keep these based on what I hear in class, not what’s being shown on the slides.
VMware Product Interoperability Matrix
This was presented right away, and I found it bothersome that I hadn’t seen it before. This is an impressive web based tool to verify that the VMware products you’re using and the databases they need will work together. It’s a big deal because VMware has had some trouble keeping its versions in alignment. Check it out here: http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php
Windows Server 2012
This was also “bothersome”, like getting your legs bit off by a shark bothersome (a bit of an exaggeration there). Horizon View 5.2 doesn’t officially support Server 2012, which is what I built my test environment on. Now, it works on Server 2012, and I haven’t had any problems with a Microsoft-VMware bar fight messing up the VDI, but it won’t be officially supported until Horizon 5.3 is released. So, the bigger question is, “Do I build the production pods with Server 2012, knowing I will eventually upgrade to 5.3, or Windows 2008 R2?” It’s bad timing, and I really don’t want to build this on a soon to be six year old server OS.
Mirage is the part of the suite that can manage physical machines. I still haven’t been able to figure out how I would use this. I’ve had VMware reps try to talk us into this for months, and I still don’t see the benefit. It’s really for the users who refuse to go to VDI but want an image of their laptop available for re-download onto new physical hardware or to boot-up as a virtual machine. Sure, it can inventory software and all that, but we have SCCM already, and we don’t need anymore reporting.
Design Thresholds to Remember
I will probably hear more of these as we go through the class. They aren’t documented values, just some guidelines from implementers.
– 100 concurrent Blast connections per Security Server if you’re using View 5.2 (which you are because 5.3 isn’t here yet. Der.) Blast allows you to connect to the virtual desktop via a web browser, through the Security Server acting as the authenticator on the external border of your network for internet users. Now, connecting via a browser sounds good, but what if I have 1000 desktops? The answer is to only allow some desktop pools to be web accessible. I don’t think I’m going to build 10 Security Servers for that feature. In the 5.3 version that number has been raised to 250 concurrent connections.
– 2Gb limit on the Horizon View Storage Accelerator. This a pretty cool deal here if you decide you can use it. Its benefit depends on where the virtual machines will run. The accelerator works in conjunction with the Content Based Read ahead Cache on each host. VMs will use the cache if many are trying to read the same data, so if the desktops are common in operating system and applications, they will have data that can be read via the cache. The accelerator creates one file per clone or full VM with pointers to the data that are in the cache (at least that’s how I understood it). The default setting on the CBRC is 2048 MB, whereas the default for the accelerator is 1024MB.
If the VMs write to the cache, then it is considered stale and not as effective, thus the setting to rebuild the cache at a regular interval in VMware View. The more common the machines, the longer the interval can be.
If the VMs are running in memory via Atlantis ILIO, then you can’t use this feature as all the memory is presented back to the host as a NFS datastore.
This uses an API connection to a SQL database, not ODBC, so that was good to hear. When you set this up, there is a place to designate a table prefix, which you should, because it is easier to read the output. The prefix is done automatically if you use a login with dbo (Database Owner) privilege to the database.
This is a huge part of VDI. You can’t have fat machines battling for finite resources; it will reduce your VM density per host and overall performance. There are lots of ways to thin these out.
VMware Optimizer Fling– A new fling that I haven’t tried yet
VMware Windows 7 Optimizer Tool- You can Google this and download it. It makes auto changes to the VM you’re going to use as a template. Beware, you’re going to have to tweak this as it’s aggressive in what it turns off. For instance, it reduces the visual effects of a Windows 7 desktop, which makes sense, but if you have the resources to present something “pretty” to the users, then you’ll want to make your own decisions here.
-Disconnect CD and floppy drives, COM and LPT ports
-Use Microsoft’s KMS for auto license registration when desktops join the domain
What people say about these is interesting, especially instructors. In my datacenter class, resource pools were looked at favorably. I personally have never used them, mostly because I have enough compute resources that there is very little memory ballooning or swapping. In the VDI scenario, the answer was a resounding NO to resource pools. If some persistent VMs need more muscle, I would just add a cpu and memory reservations.
Don’t thin provision your templates.
I hadn’t really considered this, but for admins with a low amount of storage, this could be a temptation. Well, don’t do it. If you thin provision templates, VM creation will be much slower than usual.
How to Redirect Flash Content?
View can’t redirect flash to the client. The instructor said the ability to do this was removed by Microsoft in Windows Vista and beyond. You can make some Flash media throttling and quality decisions for the desktop pool in View, and that’s it. The only other adjustment to make would be increasing the cache size in the client that is accessing the View desktop. Some thin clients have nothing to adjust, so keep that in mind.
No Storage vMotion
The short answer here is View can’t keep track of the VMs if they move around via SDRS. You have to turn this off and manage datastore balance with View’s re-balancer if they are linked clones.
Leave PCoIP alone!
PC over IP is the VMware display protocol developed by Teredichi. And it’s just fine, thank you very much. The message was don’t use firewall QoS with PCoIP. It uses UDP for connections, so make sure you’re not stomping on UDP with Quality of Service rules anywhere.
That’s it. Time for a Guinness, 8 hours sleep and we’ll do it again tomorrow.