Wednesday, February 27, 2013

Every Man's Tech - Part III - VDI

Hi All,

So now that I've given you a brief understanding of virtualization, let's talk about VDI.  VDI stands for virtual desktop infrastructure.  For anyone who remembers terminal/mainframe, this isn't far from that concept.  I've noticed that every so many years administrators try to take control of everything and put it onto one gigantic box.  Users log in in one way or another and use applications.  It's been given lots of names over the years, but the idea is the same.  Ease of administration by having a single source to administer and safe guard the data by keeping it in one place.  The problem was that technology hadn't caught up with the idea yet.  So you had users waiting forever for applications to open, network issues causing outages, and at the end of the day, a very unhappy user.

With the speed, cost of servers and the ever increasing use of technology I think the time is right to try pulling everything back in with VDI.  So am I saying the data 20 years ago wasn't as important?  No, of course not, but think about this.  When we first got email it was a fun toy.  It often went down and we didn't rely on it as a mission critical application.  Now days, we assume the email infrastructure will be up 100% of the time and if you send an email you expect the recipient to GET the email!  My point is we've digitized our lives and have entrusted more data to computers than ever before.  When was the last time you WROTE your contacts into an actual book?  :-)

So what's a virtual desktop?  Basically, it's just like server virtualization except instead the machine running Windows 2008 it's now running Windows 7.  That's a VERY simplified view, so let's drill down a bit.  There are bunch of different scenarios, but when providing a virtual desktop, you basically have two choices.  A persistent desktop or a non-persistent desktop.  A non-persistent desktop is basically a read only image.  What are the use cases for these?  Libraries, call centers, hospitals.  Basically anywhere users login, do some work on an application and when they logoff, the desktop reverts back to it's original state?  Why you ask?  Because users have destructive powers and if there is a way to break something, they will!  But in all seriousness, if there is no need for customization of the desktop, having a read only image makes administration MUCH easier.  Plus think of all the space you'll save?  If you have 1 read only image of Windows 7 that's 30 gigs and 10,000 images checked out at once, that will save you a TON of space.

Now in the VDI world, the "low hanging fruit" is the non-persistent desktop.  User's login, and they go away.  But what about your work computer that has the picture of your kids as the background?  Or iTunes installed on it?  You've customized it, the icons are just where you like them!  Just like my messy desk.  I know where everything is, if someone came and cleaned it up every time I left I'd be pissed off and wouldn't be able to find a thing.  So here's where we get into the persistent desktop.  Persistent desktops are a pain because now you actual desktops you have to maintain.  Granted they're VMs, but you'll still have to apply virus scanning, OS patching, back up and recovery and there's always the user that needed to free up some space so he/she deleted all of their system files.

So how do we bridge this gap between non-persistent and persistent?  We'll use a product that allows for profile redirection.  What's that?  Basically you'll login to a non-persistent image that's read-only and a cool program like Microsoft Roaming Profiles, Liquidware Lab Profile Unity, Citrix profile management, etc. will perform some magic.  So what's a profile?  All of the information that makes a desktop "your" desktop is stored in your profile.  Your desktop background, all the junk you store in My Documents, etc.  Take a look sometime, explore your C: drive, but please, PLEASE, PLEASE, don't start to delete stuff cause you don't think you use it!  :-)  Check under \Users\ and you'll probably see you, administrator, and if someone else uses your computer they should be there too.  If we use one those tools I mentioned earlier, that information is moved from C:\ which is your local hard drive to a network share and Windows is pointed there instead.

Let's talk a bit about network shares.  Windows administrators realized early on they needed a way to store stuff off user's machines and put it else where?  Why?  Usually for space and backup and recovery reasons.  Plus it's easier to store stuff in one location and have users point to it.  Go to Windows Explorer and click on Tools and you'll see "Map Network Drive", that's the way to map it on your side.  On the admin's side it can be a number of different technologies.  I can be a Windows server with a large hard drive sharing specific folders, a Unix box running Samba, or a storage array running CIFS.  Remember I told you earlier that a hard drive is a like a baby, it has no identity until it's adopted by the computer?  Well, CIFS stands for the Common Internet File System.  Instead of the individual server providing an identity to this drive we indicate that it will run CIFS at the storage layer and this is a filesystem Windows machines can recognize.  The neat thing about providing users storage this way is you can give them as much or little privileges they need.

Back to VDI.  Most VDI implementations run with Microsoft Active Directory.  Active Directory allows for users to login to a "domain" of users where there are rules and regulations placed on the users.  There's TONS of stuff you can do with AD but remember it's basic function is to allow for computers, printers, storage to all play together nicely.  I login to my non-persistent desktop and AD or my profile redirection software says, "Ah, I know this guy, his name is Neil and his profile lives on Z:\Users\neil".  With that, my background image loads up and all the junk I stored on my desktop reverts back to the messy state I left it in!  What do I see?  If everything is working correctly, NOTHING!  Everything should just work as expected.

Who are the key players in the VDI space?  I'd say the two most popular are Citrix XenDesktop and VMware View.  Both are great products and if you're a long time reader, you'll notice most of my blogs circle around Citrix XenDesktop.  Not because View is a bad product, it's just where my expertise is.  How do these products work?  Basically they add a layer on top of your virtualization hypervisor, which is called a connection broker.  What do they do?  In the most basic sense, they broker connections between you and your desktop located on that hypervisor.  Remember there's a whole heck of a lot more users then there are servers so you're going to need that connection broker to help you keep track of who's who and who goes where.

I hope you enjoyed my intro to VDI, one of my readers sent me some suggestions for future topics so I'm totally jazzed and will be focusing on those soon!  Thank you Gustavo!  Keep those ideas coming in or I'll just keep babbling about what I like!

Until Next Time!

No comments:

Post a Comment