VMware Virtual Desktop Infrastructure (VDI) - The Best Strategy for Managing Desktop Environments Mike Coleman, VMware (mcoleman@vmware.com) Copyright 2008 EMC Corporation. All rights reserved.
Agenda VDI Overview VMware VDI Solution Today VMware VDI Components Connection Models VDM 2.1 New Features Upcoming Technology Questions and Answers
VMware VDI Solution Today Integrated solution including: VI3 Enterprise VirtualCenter Virtual Desktop Manager 2 Windows XP Windows Vista Automated provisioning and desktop management RDP VDM Client RDP/ HTTPS DMZ deployment option VDM Integrated Thin Clients VDM Web Access Optional integration with RSA SecurID
VDM2 Components: Connection Server VMware Virtual Desktop Manager 2: An enterprise-class connection broker that connects remote clients to centralized desktops and manages virtual desktop infrastructure (VDI) environments. VDM2 is a Microsoft Windows Service with: Variety of desktop management systems Automatic Provisioning / VM Control Secure Connection Tunneling Microsoft Active Directory Integration Client devices access Redundant solution
Introduction to VMware VDM 2.1 VMware VDM 2.1: Brokers connections with users virtual desktops Manages authentication and entitlements Integrated with the VI3 platform Robust and scalable for the Enterprise Easy to deploy and administer in large or smaller environments Fully-featured, enterprise-class connection broker
VDM Components VDM Connection Server VDM Security Server Connects clients to hosted virtual desktops; It is the primary component of VMware VDM and is integrated with Active Directory and VirtualCenter is a gateway that provides SSL encryption of protocol and a controlled access point for use with firewalls and DMZ VDM Agent Handles session management VDM Client Connects users to the VDM Connection Server
How VMware VDM Works 4 C 1 3 A B C D E F Laptop VDM Client User connect to the Connection Server using the VDM Client. After authentication users are seamlessly logged on to their virtual desktop. VDM Connection Server 2 ESX Servers Users get authenticated. VMware Infrastructure (Host Datacenter) Active Directory
VMware VDM Integrated with VirtualCenter A B C D E F Laptop VDM Client User connect to the Connection Server using the VDM Client. VDM Connection Server ESX Servers VirtualCenter VMware Infrastructure (Host Datacenter) Active Directory
VDM 2 Components: VDM Agent VMware VDM Agent Enables communication between the virtual machine and VDM Connection Server using the message bus. Agent installed on the virtual machine Windows XP Professional with SP2/SP3 (32-bit) Windows Vista Business Edition (32-bit) Windows Business Ultimate Edition (32-bit) Installs the virtual machine USB redirect drivers
VDM 2 Components: VDM Client VMware VDM Client A Win32 application installed on PCs or thin clients to make connections with virtual desktops Provides USB device redirection: XP XPe Vista Support for: Vista Home Vista Home Premium, Business, Ultimate XP Professional (SP2&SP3) 2000 Professional (SP4) XPe Requires the PC or thin client to have a local RDP client Windows PCs RDP Client 6.X XPe thin clients RDP 6.x
VMware VDM 2 - Components VMware VDM WebAccess Provides access to virtual desktops using a web browser Supported on Mac - Experimental, Windows and Linux Works with PC s and most thin clients with a local browser Windows Support XP SP1-SP2, Vista Home, Home Premium, Business, Ultimate Internet Explorer 6.x or higher Uses TSAC ActiveX Requires Local Admin Rights to install Linux Support Firefox 1.5, 2.0 JRE 1.5.0 or Higher Requires locally installed RDesktop MAC Support Experimental Safari Firefox 1.5, 2.0 JRE 1.5.0 or Higher RDC 5.x client
VDM Data and ADAM VDM 2 Stores data in Active Directory Application Mode (ADAM): Free and re-distributable from Microsoft, bundled with VMware VDM; Flexible LDAP directory based on Active Directory (AD) technologies; ADAM stores VMware VDM data (e.g. desktop entitlements) and references AD data (i.e. users and user groups); Data replication, security and scalability inherent to VMware VDM 2 architecture. VDM Data Replication ADAM Replication Reference Replication AD Replication Replication User Data Replication
How Users Connect to their Virtual Desktops A B C D E F Single User VDM Connection Server ESX Servers VMware Infrastructure (Host Datacenter) Finance Group
How Users Connect to their Virtual Desktops Entitlements stored as data in VDM A B C D E F Connection Server Single User VDM Connection Server Entitlements are applied in real time Administrator can easily modify which desktop a user ESX Servers (or user group) can access by modifying the entitlements Finance Group VMware Infrastructure (Host Datacenter)
Encrypted and Direct Connections Encrypted Connection: SSL tunnel between client and data center; RDP data encrypted inside tunnel. RDP Connection SSL Tunnel Direct Connection: Connect to VDM Connection Server for brokering; Direct connection. Initial connection and request RDP Connection Desktop Allocation
Individual Desktops Individual users Individual desktops Unique virtual desktops
Pool Assignment Persistent Pool Group of users Desktops Pool of virtual desktops
Pool Assignment Persistent Pool User is connected to same desktop on subsequent connections All virtual desktops in pool are cloned from same template Initial desktop allocation could be to any desktop in pool Group of users Desktops Pool of virtual desktops
Pool Assignment Non-Persistent Pool Group of Users Desktops Pool of virtual desktops
Pool Assignment Non-Persistent Pool All virtual desktops in pool are cloned from same template Desktop allocation could be to any desktop in pool Desktop returned to pool for re-allocation at logoff Desktops Group of Users Pool of virtual desktops
VMware VDM 2 Deployment Scenarios VDM 2 Connection Server Remote Access VirtualCenter DMZ Virtual Desktops running on ESX VDM Client Load Balancing VDM Security Servers VDM Connection Servers Active Directory
VDM2.1 Key Features MMR for XP clients Multi-media traffic is detected by the VDM Agent running in the guest VDI desktop Traffic is re-directed over an RDP virtual channel and then rendered locally by software running within the VDM Client Supports MPEG 1,2,4, MP3, WMA, WMV 7,8,9, AC3 No Quicktime or Flash support VDM Agent VDM Client
VDM2.1 Key Features Pools to span data-stores Current limitations Best practices published by storage vendors to limit the size of each LUN to a fixed size Each VMFS volume on ESX server can only run a limited number of virtual machines New feature will support multiple datastores per pool allowing hundreds of virtual machines to be created in a single logical VDM pool
VDM 2.1 Other Features Datastore Spanning for Pools German and Japanese Localization CLI for VDM Client MMR Extensions integrated with VDM Client (Windows XP) Allow end user password change Multiple Sessions per user within a pool Logging improvements Allow users to restart their VM Defined process for bulk import of individual desktops VDM configuration backup Allow blocking of incoming RDP connections from non VDM clients Allow VDM Administrators to set default desktop (Command line only)
Technology Preview Scalable Virtual Images Traditional VDI VDI + SVI Clones X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE X86 ARCHITECTURE These features are representative of feature areas under development. Feature commitments must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery.
Scalable Virtual Images SVI Storage Cost Reduction Dramatically (90%+) reduce the amount of storage consumed X86 ARCHITECTURE X86 ARCHITECTURE 25 MB Clone 25 MB Clone RATIO % SAVINGS 1:50 85%+ 1:100 90%+ X86 ARCHITECTURE 25 MB Clone 1:1,000 95%+ 10 GB OS These features are representative of feature areas under development. Feature commitments must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery.
Questions?