Citrix Xendesktop in 2011

I think 2011 will see a tremendous amount of traction in desktop virtualization, I say desktop virtualization and not VDI because I believe to absorb truly the benefits of a virtualized desktop you need to use it as enabler to a more efficient and centralized desktop management. To achieve these goals you need to move from a monolithic design to layered approach whereby the user environment space, operating system and applications are all separated in a layered fashion. These are then dynamically delivered to the end user on demand and from any device.
Citrix have recently released Xendesktop 5 and also made fundamental changes to their supporting suite of products and how they integrate into application and desktop delivery. Here is how I see things panning out....

Hello Xendesktop 5 - Goodbye Xendesktop 4
Xendesktop 5 - Xendesktop has undertook a complete overhaul, IMA has been removed and replaced with a SQL database which also means no mixed mode farms, but greater functionality and scalability. Existing SQL management and BCR techniques must be implemented as any failure of the SQL side of things means a loss of desktop connections. Desktop Director is smart way for 1st line support guys to manage and support any Xendestop 5 VDI infrastructure.

Hello Machine Creation Services - Goodbye Citrix Provisioning Server
I have always found Provisioning services as clunky and extremely complex. The requirement for physical servers and scalability has always made me think that there has to be better way to manage images. With MCS quick deploy you simply point to a master image and the linked clones are created using an identity disk and difference disk, and the Active Directory configuration via the AD identity service. Citrix suggest you use MCS for smaller deployments and Prov Server for the larger deployments as they scale better and utilize the different write cache mechanisms. I would suggest a different approach here for two reasons.

1. The use of HSP (hybrid storage pools) and proprietary storage software that augments the current SAS/SATA storage stack and utilize SSD disks for smart disk cache; thus providing the required IOPS and performance VDI environments demand. Products such as Nexenta ZFS, FalconStor's NSS, and Disk systems from Dell and NetApp provide different features around SSD. Fusion-io's io-Drive takes a different approach and sits direct on the PCI bus and hence there is no SAS controller overhead, they OEM these to Dell and HP and the IOP'S you can pull from these devices are huge.  A typical SMB/SME environment that has a requirement for say example 500 desktops each requesting an average 10 IOPS on a 70/30 read and write ratio would require 28 SAS 15k disks to supply 5000 IOPS. This could possibly mean 4 disk shelves and the CAPEX becomes quite expensive. A hybrid SSD solution would require less hardware and are great in terms of providing the required read IOPS to cover boot storms. Something like the NexentaStor also allows the use of SSD's running on agonistic disk shelves. Although more expensive, SSD also means less disks and thus reduced CAPEX and carbon footprint.

2. Xenserver Intellicache is supported in XenServer 5.6 FP1 but not yet on Xendesktop 5. Intellicache  utilizes SSD local storage to create a smart disk read cache and uses NFS to store the gold image, the great thing about Intellicache is that it will dynamically look into desktop read patterns and cache these locally. If you were to run 100 Windows 7 desktops you will find that read patterns will be very similar, thus the net affect is fast disk access and read data deduplication. The requirement for Intellicache is MCS, so again there is no need for Provisioning server.

Hello NFS - Goodbye iSCSI and Fibre Channel
Citrix recommend Xendesktop to be run from a NFS platform; the rationale behind this is file I/O works better than block based I/O for VDI and performance. When you start to look at large amounts of desktops you can see issues with SCSI locking. I also think this is a smart move as often enterprise storage arrays are used to house virtual desktops that provide the bells and whistles of such features as synchronous replication,VSS and dual connectivity. These are not needed generally for VDI disk access, the main requirements I see are NFS, Smart caching and deduplication. High availability is a topic of discussion on VDI environments but my view is that if you take a layer cake approach and implement stateless desktops you simply need to restore the gold image and use MSC to recreate the desktops in the event of failure. NetApp and Nexenta provide some simple cost effective NFS solutions with these features.

Hello Access Gateway 5.0 VPX - Goodbye Secure Gateway
Secure remote access is critical component of any Xendesktop solution this is also driven by the consumerization of IT as we speak and varied spectrum of mobile devices. Typically in the past you either use client VPN access or a SSL VPN such as Secure gateway. Secure gateway runs on Windows and is quite limited in its functionality. With the CAG 5.0 we now have a Linux appliance that includes enterprise features such as HA, Smart Access functionality and also support for Receiver and Two factor authentication. A Xendesktop and Xenapp platform licence is included with the appliance so this is a smart and cost effective move in my opinion. This model is also crucially available as a XenServer and VMware virtual appliance, I am a great advocate of virtual appliances where possible as they bring ease of deployment, scalability and management that sits great in a datacenter infrastructure.

*Citrix have also just released Branch Repeater VPX as a VMware virtual appliance, when you need QOS, data compression, de-duplication or plan to implement soft phones and VoIP these are a great fit.

Hello Receiver and Delivery Services - Goodbye Dazzle
Dazzle is replaced by a self service plug-in in receiver and nice new ITunes like interface; this when combined with Citrix Merchandising server provides a modular and manageable delivery mechanism for applications and plug-ins. The receiver front end has a similar look and feel across all platforms so as we look into multiple device access we get a similar end user experience whether they are accessing their desktop from a Mac, IPad or Thin client. I think this makes sense when we start to look at Google Chrome OS, Nirvana Phones and Open Cloud Access which are all on the horizon.

Veeam Backup Best Practice

If you are going to run a physical to virtual conversion, make sure you run a defrag before the conversion: the reason being is when the VM is backed up via CBT it will produce large incremental .VBR files if there is file fragmentation. This works on a 1MB block size, so a single 1k change would mean a 1MB increment, thus if there is a linear structure to file patterns this will help reducing the size of the VBR file.

Pages Files on Windows VM’s are backed up as default via a full Veeam backup, as this data contained in the page file is inconsistent this will in turn produce large incremental VBR files. This is especially an issue with something like Exchange that uses database caching. To solve this create a separate VMDK and place the Windows page file on this disk and when the back job is created exclude this disk.

Make sure you follow this KB article when creating data stores for virtual machines that will be backed up via Veeam or you may have problems when the snapshot is created.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012384

Understanding VSS implementation in Vmware Backup and Replication products

VSS can be nightmare to fully get to grips with in Vmware backups, Scott Lowe wrote a great interpretation in his blog here.

http://blog.scottlowe.org/2010/02/09/partner-exchange-2010-session-techbc0320/trackback/ 

I would like to think I have good understanding of this so here is my view of VSS and VMware in a simplistic form.

In this example I will use Veeam utilizing the Vmware VSS provider backup on Windows 2003 running Microsoft Exchange. Ok so what is a VSS?  VSS is simply a framework that Microsoft introduced from Windows 2003/XP onwards that can coordinate with backup applications to produce a consistent and reliable copy of data, a VSS backup will be application consistent as opposed to Crash consistent, a good analogy would be to think of application consistent backup as a manual shut down of all services and then a copy and a crash consistent backup as simply to press the power off button on your server (good luck), The framework consists of 3 main components as below.

1. Requester  Backup application (Veeam)
2. Provider     Vmware Tools
3. Writer        Application (Exchange)

OK so how does this fit together in the above scenario?

1. Veeam Kicks of a backup and sends a message via the Virtual centre SDK to locate the machine and prepare for a snapshot.
2. Virtual Center locates the machine and sends a message via the VSS provider component in Vmware tools to start the Microsoft Volume Shadow copy service. 
3. The Microsoft Volume service will enumerate it's VSS writers and ask them to prepare for a copy backup.
4. The Exchange VSS writer coordinate with Exchange core components and will halt I/O flush any transactions in memory and then notify the VSS provider that all is OK.
5. Virtual Center will proceed and create a snapshot.
6. Veeam will now have access to read only copy of the VMDK and all writes will directed to the newly created delta file.

The VSS writer is a crucial part of this framework as it crucially deals with making the data consistent, another analogy would to think of the writer as a airline pilot going though a checklists that a plane is safe to take off if anything is not OK the plane will not take off (sorry but i do like an analogy!)
so in essence if it the writer cannot hold of the I/O or quiesce the data the backup will fail.

As Scott points out in his blog the you will notice the Vmware Tools VSS provider has rightly or wrongly it has limitations in that it can only call on the VSS Copy function of the backup and this is only limited to application level in Windows 2003 as we speak, so if you run an application with a VSS writer like Exchange, AD or SQL in 2008 you will limited to a simple OS level data quiesce, and this backup will be only crash consistent at application level. This is a issue if your backup application or San based replication can only leverage the Vmware VSS provider via Virtual Centre (most do).

Some people will argue that they will run guest based backups in conjunction with image based whereby the Guest backup will have full backup VSS functionally and will also deal with tasks such as database maintenance, this is a sensible as you can also run something like Eseutil as a option, it also should be noted that if you run something like CCR or Microsoft Data Protection manager that uses log shipping, a full VSS copy backup that truncates logs will cause issues as it will fall out of sync.
So it's very much six of one and half a dozen of the other, and it is something you should give a lot of thought as with the new VStorage API's, Changed block tracking and greatly improved backup speed and functionality around Vsphere there will be a lot of focus on moving towards Image based backups.

The good news is that if you use a backup or replication application that has a propriety backup agent that can be installed within the VM and have some synergy with Virtual Center you can leverage the full VSS functionally at different levels, this will cover Windows 2008 application level quiesce and you will also be able to perform tasks such as truncation of logs, good examples of this are Veeam, Falconstor and Backup Exec 2010 and also from a SAN replication perspective NetApp and the upcoming HP Lefthand SAN/IQ 8.5.

So to sumise I think it is prudent to fully look into any solution on a ongoing basis and trial any products on POC basis if you can...you will sleep better at night!

VMware View 4.0 SSL web access

Vmware View 4.0 is Vmware's Flagship VDI product. I like it but i think it has a long way to go before if matches the functionalty of Citrix Xendesktop it has the feel of a collection of products thrown together quickly (im thinking Thinapp, PCoIP, Propero broker).

For example one the main drivers to adopting VDI would be the mobility and fuctionality of secure web access and impoved transport and display protocols in case of Citrix Xendesktop this would be HDX-ICA, Secure Gateway and for Vmware View, Security Server and PCoIP.

How do they differ? Well if you want to use PCoIP vai a HTTP-SSL web front over the internet with VmwareView your have a problem, it's not supported, if you wish to use HTTP-SSL you will need to use RDP.
With Xendesktop you simply create a Secure gateway and you can leverage the full features of HDX-ICA via a SSL VPN

So the only option for Vmware View 4.0 is client VPN's whereby you would have direct access....see below

http://communities.vmware.com/thread/243763

It appears that the PCoIP uses UDP and is not supported via View web portal per se

Come on VMware sort it out!

How to use SnapVMX to display detailed Vmware snapshot information

SnapVMX

How to configure VSphere MPIO for ISCSI

Configuring Left-Hand ISCSI and VSPHERE MPIO

VSphere Storage Bug

Beware of a horrible bug in Vsphere whereby if you delete a LUN it will cause ALL virtual machines to loose connectivity for 10 seconds or so every 30 minutes.

http://virtualgeek.typepad.com/virtual_geek/2009/12/an-important-vsphere-4-storage-bug-and-workaround.html