Virtual desktop infrastructure (VDI) offers both big promises and big challenges for IT managers. On the plus side, the idea of running some of your desktops inside a secure data center has a lot of appeal, particularly to the generation that grew up during the mainframe computing era and wishes to return to those simpler days. Data and applications can be better protected; endpoints can be more easily patched, cloned and supported; and users can access their desktops from anywhere there is an Internet connection and a Web browser.
On the other hand, the costs for building the right infrastructure can be a real burden and can quickly consume the savings that VDI promises to generate.
As an extreme example, a demonstration held at various trade shows last fall by VDI VAR Green Pages showed a very high density of virtual desktops running from a single Cisco Unified Communications switch. Each desktop had more than 90GB of applications, and streaming a combination of Symantec Workspace Virtualization applications, VMware ESX hosts and VirtualStorm specialized drivers, they were able to run 400 desktops from each of six blades on the switch.
“It required a perfect balance between the desktops, the infrastructure, the virtualization, and the management of the desktops and their applications in order to scale to thousands of desktops in a single environment,” Erik Westhovens, one of the engineers from VirtualStorm.com, wrote on a blog entry about the demonstration.
Let’s look at several challenges to using VDI—and some of the lessons learned by those who are doing it well.
What desktop devices should I use?
Whether you end up using thin or thick clients—or repurposing older PCs—you probably won’t save on capital costs, but you will save on the ongoing operations, support and maintenance costs. “If we have a security breach on a desktop, we just reprovision and it goes away,” says Alan Deloera, the director of technology for the city of Temple, Texas.
The number of thin-client vendors is staggering, from specialized vendors such as Wyse and Priam.com to mainstream vendors such as Hewlett-Packard and Sun. JetBlue Airlines standardized on HP thin clients and claims to have saved millions in its desktop deployment. Plus, there are different XP-based deployments, including some using an embedded XP OS called Windows Fundamentals for Legacy PCs.
J&B Group, a food wholesaler and manufacturer based in St. Michael, Minn., migrated its Citrix Presentation Server terminal services environment to a VDI solution “because we wanted a more consistent look and feel, like our local XP environment,” says Chuck Ballard, network and technical services manager. “We also had a lot of complaints from associates about not being able to browse their local directories and printers, and the support contracts were getting expensive to renew.”
J&B chose Quest Software’s vWorkspace clients and rolled it out to several remote office locations to make it easier to support and deploy applications. “We wanted to extend the use of our older PCs, which saves us about a $1,000 or so per desktop,” Ballard says. “Also, our support staff no longer has to spend time troubleshooting hardware. When we have a problem, we just swap out a spare PC, and our associates are back up and running quickly. Plus, I don’t need to extend warranties for any of this gear: If one breaks, I just replace it.”
How much experience should I have with virtual machine image management and deployment tools?
If you’ve never used virtualization, now is the time to gain some experience, because a successful VDI rollout will need to build on this experience. The major VM vendors offer tools that make it easier to make wholesale changes across your desktop images, so you can avoid patching individual desktops one at a time.
VMware offers vSphere and vComposer, and Microsoft’s System Center has various plug-ins to work with Hyper-V and its various VDI elements. There are also third-party tools, including LiquidWareLabs.com and VDIworks.com.
Do I have to beef up my network or storage infrastructure to handle the additional traffic demands of virtual desktops?
You need to plan for worst-case scenarios, such as the beginning of a workday when everyone boots up their virtual desktop. That’s when you have to ensure that there’s enough network capacity to send all these bits down the wire. Some VDI solutions, such as Ericom and Synchron, don’t require storage area networks (SANs) right away for smaller deployments.
With the right deployment of SAN technologies, you can save storage costs by deduplicating the virtual images that are stored on them. This is what J&B Group ended up doing with their NetApp arrays, which saved them a lot of storage capacity since most of the VDI images use similar data structures.
What remote control protocol will I use between the virtual desktop and the client device?
Part of this decision is in understanding your network and the tools that are called “connection brokers,” which determine how to marry a particular remote protocol and a desktop host machine. These tools include Citrix Desktop Broker for Presentation Server, LeoStream Virtual Desktop Connection Broker, Ericom and Quest Software’s Virtual Access Suite.
At the University of Rennes, in northern France, they use the Leostream broker to connect more than 500 virtual desktops across the campus. They deploy a variety of operating systems, including both Windows XP and Linux desktops, and these can boot in a minute because of the way they’ve designed the network. The Leostream broker can also quickly scale up as demand for more connections increases, and it integrates with the university’s single sign-on system. “Our users have to authenticate only once when they connect to our portal,” says Humberto Duarte, the IT department co-director.
Will my users be able to access certain legacy hardware that they are accustomed to using from their PCs?
VDI solutions are notorious in their spotty support for these kinds of applications, and only now are we seeing some improvements that will provide the same rich experience that standard PC users take for granted. “For audio and video using Windows Media Player, our VDI solution works fine,” says Duarte. “But if you are playing a Flash video or using another player, it isn’t that good from either our remote desktops or the thin clients.”
Sometimes, a single application can create deployment problems. Jeff Keith, senior network engineer with Redlands Community Hospital in California, says they “initially went with a thin-client device at the desktop to reduce support costs, but ran into a performance issue with a fetal monitoring application. The driver and connection broker client needed on the virtual machine caused high CPU utilization with this application, so we replaced several thin clients with desktop PCs running this app.”
Since then, the hospital has migrated its VDI solution to a high-performance SAN and will replace its PCs with thin clients. “We don’t anticipate any further performance issues,” Keith adds. “We will continue to evaluate new thin clients and technologies as we move forward with our VDI plan.”
If your plans call for supporting these applications, make sure whatever VDI solution you evaluate can address this issue.
Do I understand all the moving parts of my solution?
Finally, make sure you have scoped out your project and detailed all the parts that will make up your VDI implementation. For example, Microsoft’s VDI solution requires four different Remote Desktop servers: Virtualization Host server, Connection Broker, Remote Desktop server itself and Remote Desktop Web Access server. While these can run concurrently on a single piece of hardware, there’s a lot to keep track of.
Microsoft also requires special licensing, called the Windows Virtual Enterprise Centralized Desktop license, in addition to standard enterprise licenses. VMware’s VDI solution is just as complex because a number of different products must work together. That’s when having a VDI VAR can come in handy.
One alternative is to investigate a “starter kit,” which some vendors have assembled to make deploying VDI easier. These include products from HP, Ericom, Synchron and Quest.
“We looked at others, but Ericom’s ease of use, technical support and Microsoft integration were big reasons we went with them,” says Larry Pickard, director of IT for the San Francisco Theological Seminary. It’s using 80 VDI clients with HyperV, System Center and, eventually, Wyse thin clients.