Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1-800-COURSESwww.globalknowledge.com
10 Ways To Save with Desktop
Virtualization
John Hales, Global Knowledge VMware instructor,
A+, Network+, MCSE, MCDBA, MCT, VCP, VCI, EMCSA
Introduction
Server virtualization is a mature technology that has been deployed in many companies of all sizes and has
proved its value time and time again. Using the same concepts and thinking, a few years ago people started
considering desktop virtualization, expecting the same kind of benefits. Desktop virtualization and server virtual-
ization are two different use cases with different costs and benefits, though they may use the same technology
to accomplish the actual virtualization of desktops or servers.
The purpose of this white paper is not to discuss what desktop virtualization is (in much detail anyway), how it
differs from server virtualization, the pros and cons of it, etc. Rather, this paper is designed to review how desk-
top virtualization can save you money. Some of these points will be more applicable to one situation, company,
etc., than another, but the idea is to stimulate and encourage thought about the technology and its use.
For the purposes of this white paper, desktop virtualization is discussed in the context of VMware vSphere and
VMware View, though many of the concepts apply to other desktop and/or server virtualization platforms as
well.
Using vSphere
vSphere is VMware’s bare-metal hypervisor and consists of two platform choices as follows:
• ESX, which has been around for many years and includes a service console for command line access at
the server, but which VMware has announced is being discontinued (version 4.1 is the last version).
• ESXi, which was introduced with ESX 3.5 and does away with the Linux-based command line on the
server (though command line access is still provided remotely and a minimalist command line is provided
for troubleshooting issues on the server) and represents the future.
Neither product will be discussed in detail here, but as vSphere provides the foundation for View, some of the key
features and functions will be provided to create a frame of reference.
The review of key functions and components is based on the diagram below.
Entire books are written and many classes exist that go into the capabilities in great detail, but for our purposes,
some of the keys ones are:
• V
MFS: This is the native file system in ESX, similar to NTFS for Windows or ext2 for Linux. It is a clustered
file system, meaning that it was designed to be shared by multiple servers at the same time. It was
designed to store and access VMs efficiently. It also supports thin provisioning, where the VM sees the
entire space allocated to it, but only consumes as much space as it needs. This functionality will be impor-
tant when linked clones are discussed later in this paper.
• S tandard Switch: This virtual switch is the virtual link between the virtual NICs in the VMs and the physi-
cal NICs (and thus the outside world). It is basically a software implementation of a physical switch. They
have been used since the start of VMware and still exist today.
• D
istributed Switches: Introduced with vSphere, they centralize configuration and management of the
switch in vCenter and the specific configuration is then pushed out to all servers that are associated with
the switch. This provides much greater scalability and simplifies management, but is only available in the
Enterprise Plus version of ESX(i) and vCenter.
• v Motion: A pioneering achievement from VMware is that it allows a live, running VM to be physically
migrated from one physical server to another with virtually no down time. This capability is key to the
functionality provided by DRS. It allows administrators to do maintenance during the day, take a server
out for patching, etc., without causing down time to applications. It also provides the ability to scale out
to new nodes in the cluster as more VMs come online.
• S torage vMotion: This is similar to vMotion, but the VM changes from one storage location to another
while remaining on the same host. It is not possible to change both host and storage at the same time
with the VM powered on; to do so, either the VM will need to be powered off or the two moves will
need to be made one after the other. It is storage type independent, so the VM can go from any type
of storage to any other type on the same or different array. It is also useful in array migration scenarios.
It has the capability to move multiple virtual hard drives from any number of locations to any number of
locations.
• H
A: High Availability (HA) is a feature that will restart a crashed VM and/or all of the VMs on a crashed
server. This is a great way to make sure users’ desktops are virtually always available when they need
them.
• F ault Tolerance: This feature allows a VM to be run in lock step on two different physical servers so that
if one server crashes, the VM will run from the other with no loss of data. It probably won’t be used
much in a View environment, but could be if you had a PC that performed an important function. Fault
Tolerance is a feature related to HA.
• D
RS: The Distributed Resource Scheduler (DRS) is a vCenter feature that will load balance across the
available servers to give the best performance possible. It makes it easy and simple to get good perfor-
mance in a dynamic environment where different desktop users may be placing varied loads on their
desktops at different times of the day.
• D
PM: Distributed Power Management (DPM) is a feature of DRS that powers off physical servers when
demand is low to save on electric and cooling costs. It does this by using DRS to migrate VMs onto a
subset of the available hosts and then it powers the host off. When demand picks up, DPM will power
the host on again then use DRS to load balance across the additional node.
• A
ctive Directory: View requires Active Directory (AD) for all user authentication, and as such, both the
virtual desktops and the View Manager PC must belong to the domain.
• V
iew Manager: This component is the heart of View and provides user authentication (in conjunction
with AD), a secure access point to the desktop from the client, and the management user interface (UI).
• V
iew Composer: This feature allows linked clones to be created, and is not necessary if they are not
used. If installed, it is installed on each vCenter server that has VMs used by View.
• L inked Clones vs. Full Clones: A full clone is a complete copy of a VM, in other words if the template
used to deploy a Windows 7 VM is 20 GB, then each copy will be 20 GB. This is how most server VMs are
provisioned today (if desired, they may be thin provisioned to reduce the actual space consumed). With
Linked Clones, a master copy of a VM is made and then each linked clone created starts with that image
and only stores the changes from that image, thus saving a lot of space. Linked Clones will be described
in greater detail later in this paper.
• U
nified Access: One of the great features of View is that the View Client can be used to connect to
many different types of desktops using the same UI in each case. Besides connecting to virtual desktops,
View can connect to:
Terminal Servers: The standard Windows Terminal Services feature is great when an entire
o
desktop is not needed, such as for call centers where a simple connection to a web page to fill
in order, customer, or other details is all that is needed. This is simpler and cheaper than a full
desktop deployment for those that don’t need the full desktop.
o P hysical PCs and Blade PCs: For those applications that may not run well in a virtualized envi-
ronment, such as graphic intensive scenarios, physical PCs or blade PCs (like blade servers, but
aimed at desktop needs) may be connected to. This is especially great for expensive resources
that are shared by a team of people, such as graphic designers, architects, or CAD/CAM teams
that need the graphics capabilities to do their work, but also need regular apps to write reports,
check e-mail, etc. The company gets the common user interface to both systems while at the
same time needing to purchase fewer of the expensive desktop systems. It also allows those
who need access to these resources to access them remotely, such as from home or a customer’s
site, something that is difficult or impossible with traditional desktops.
• C
lients: Users can connect to any of the above devices or virtual desktops using a variety of devices,
depending on what the company has available and the users’ needs. The three options are:
o Thick: Thick clients are standard desktops or laptops running Windows or a MAC OS. They
can be old computers as all of the processing runs on the remote system, so this is a potential
money savings, but there won’t be any power savings from using them (in fact the total power
consumption will go up in the company because of the additional servers and storage required).
o ffline: This is a variant of the thick client, with the additional ability to check out a VM from
O
the server and run it locally (such as for a sales person on the road or others who travel and
need to have access to their virtual desktop while disconnected from the network). They can
check it back in when they are back in the office and can sync (incrementally) changes to the
datacenter VM so that it can be properly backed up.
o T hin: This is a simple client that uses very little power, potentially leading to overall power sav-
ings for the company. This feature will be discussed in more detail later in this paper.
• Q
uick and easy backup and restore of the OS, applications, and/or data: Backup is generally well
understood and implemented on servers, but end users rarely if ever backup their machines, but often
store important work information on them. The cost of recreating or retrieving this data can be very
high. By storing them in the data center, the same backup principles applied to servers can be applied to
desktops as well. In many cases, the OS will not need to be backed up as it can be redeployed faster and
easier; this is especially true when Linked Clones with separate data drives are used.
• Q
uick and easy application deployment (standard platform): One of the issues in deploying applica-
tions is that they run on a wide variety of hardware platforms which may cause incompatibilities or other
issues requiring administrator intervention. They may also take a long time to deploy and to configure
which user has access to which applications. This is simplified in a virtual environment, especially when
application virtualization is also deployed – it may literally take just a few minutes to deploy the applica-
tions where they need to go to hundreds or thousands of machines. This will be described further later
in this document.
• E asy mechanisms to patch and update operating systems and applications: Deploying updates is
much simpler because the VMs live in the datacenter and thus will reliably be patched, which they may
not when deployed in the field (or the updates may be done at inconvenient times to ensure that the
machine is running). In addition to the current mechanisms used in the physical world to deploy patches,
they can also be patched by VMware Update Manager (VUM) and if linked clones are used, they have a
very simple update mechanism that can be used to deploy the updates to hundreds or thousands of VMs
with just a few clicks and that is non-disruptive to user data (though the VM will be offline during the
update).
Additional savings may be realized in the other nine areas discussed in this paper as well, some of which may also
overlap those discussed here.
In any case, a good DR/BC plan will usually describe how to bring all the servers back online and how to failback
when the problem that caused the failover is rectified, but that still leaves the big underlying question that often
isn’t asked – how will your clients, customers, and/or employees get access to those servers? Without that, the
DR/BC plan isn’t worth very much. By virtualizing the desktops, people can use their own home computers to
login and access their desktops just as if they were at work, eliminating the need to transport people somewhere
else, pay for travel and entertainment T&E) expenses while they are gone (possibly for an extended period of
time), etc. However, remember that the BC/DR plan will need to be updated to deal with how the virtual desk-
tops will failover and failback as well as your existing servers, and how people will access their desktops remotely
(often over a web connection, which may need to be updated or require extra hardware if utilization goes up
dramatically during the outage).
The role of SRM in failing over the desktops is shown in the figure below.
Testing can be done non-disruptively as often as desired. Failover is a matter of just a few clicks and can be done
whether or not the protected site is online.
4. Secure access to the user’s own desktop from anywhere at any time from a wide
variety of devices, from netbooks to laptops to desktops
One of the great advantages to a VDI is that the user can access his or her own virtual desktop from almost any
device, increasing productivity and access wherever the user may be. Today, access is possible and supported from
the following devices: thin clients, desktops, laptops (including offline access when the network is not available),
Macintosh-based computers, and Web browser access from PCs and MACs. In addition, access is possible but
not supported from the following devices: Linux (via VMware View Open Client open source product), Android
and iOS (iPOD/iPAD/iPhone] devices (via WYSE PocketCloud), etc. This makes access possible virtually anytime,
anywhere, as long as there is a network connection.
5. Thin clients
We’ve mentioned thin clients several times in this paper, but we haven’t described them in much detail up to this
point. A thin client is a simple device with few (if any) moving parts. It usually consists of ports for the keyboard
and mouse (usually via USB), video (either a port for an LCD screen or many models consist of the screen and the
other parts are internal to it), power, and a network connection. Many don’t have a hard drive, just firmware
in a flashable BIOS with View API support, while those that have a hard drive usually have a very small one with
Windows XP Embedded or Linux and the View Client.
Another benefit of thin clients is that no data is stored locally, so if anything breaks, simply replace it with a new
one and the user can go back to work. This saves a lot of time and money in terms of provisioning a new ma-
chine and configuring it.
Thin clients are often a couple of hundred dollars or so (depending on what is included and how it is configured),
but this cost is much below a full PC or laptop, adding to the savings as PCs are replaced with thin clients. Spare
clients also cost less than their fat (or thick) counterparts.
To get even greater accuracy on power savings, consider the additional cost of air conditioning. The rule of
thumb is that each watt of power consumed by a device also typically costs 0.3 watts to cool it. Thus all of the
desktop PCs at 115 watts will cost a lot more to cool than the thin clients at 15 watts or less.
One of the things that was a big impediment to VDI was Microsoft’s licensing policy for virtual desktop machines.
It’s not that licensing was that different than the physical world, but they required a license for the accessing
device and the virtual desktop, doubling licensing costs. However, they changed their licensing policy on July 1,
2010, to allow access to VDI installations of Windows and Office without a separate license for the accessing
device as long as the customer has either Software Assurance (SA) or a Virtual Desktop Access License (VDAL).
As for license compliance, businesses can use traditional software inventorying solutions (such as Microsoft’s
SCCM [System Center Configuration Manager], Novell’s Zen Works, etc.) and accurate results will always be
returned as the desktops are located in the datacenter and thus are always online.
Another method that can help control licensing costs and encourage greater compliance is the use of Application
Virtualization technologies which can further control who has what software installed.
This technology can be used with either physical or virtual computers, or any combination of the two. The dia-
gram shows how the OS has the system files, user profile, registry, etc., like any other application, but does not
contain anything other than a single file for the entire application (and that file can be located on a file share, on
a web site, or copied locally). The file is represented by the blue box labeled ThinApp Virtualization and contains
the virtualization layer (common to all applications), as well as any application files and registry settings that the
application needs.
As illustrated in the purple box, the view from within the application looks like it is natively installed. If the app
needs to read a registry entry, it can do so from the application’s version (inside the file) or from the system’s
registry (depending on what it is looking for). Any writes to the registry go to the sandbox, a directory where
all writes for the application are stored (there is one directory per ThinApp application that is used). The same
principle is used for files – you can read from within the application or from the OS locations, and can write to
your user profile location and some normal system locations, with all other writes going to the sandbox. The net
result is that the application is unaware that it is virtualized, just as a virtualized desktop OS doesn’t know that it
is virtualized.
10. Minimize time in testing by having just a few (or only one) OS image with the
ability to test and revert to previous images easily
One of the advantages of using a VDI is that you don’t need many different OS images – in fact, you can have as
few as one with applications installed as needed (or even not installed at all via ThinApp, as previously described).
Application testing, patching, etc., also become much simpler in this environment. There are several reasons for
When refresh is chosen, the OS drive (but not any user data) is reverted back to the master image and any
changes or updates will be lost. This means any Windows Updates, new applications, etc., will be removed as
well, but the space the changes consumed will be made available again. In fact, this is the primary reason that
this option exists – to control the disk space utilization. One quick note here: If ThinApp applications are used,
they will be unaffected by this operation as the application can just be a shortcut to a file on a file server and all
of the registry entries and files are contained either within the file or in the sand box which will be stored on the
users’ data drives.
The recompose option allows an administrator to update the master image, test it to make sure it works prop-
erly, then deploy the changes (including Windows Updates, other application patches, new applications, and any
other files or documents the administrator wants to distribute) with just a few clicks, making application mainte-
nance quick, easy, with the additional benefit of space and bandwidth savings (vs. deploying the same changes
hundreds or thousands of times).
Note that both refresh and recompose options are disruptive, meaning that no users can be using the image
when the operation is begun and for the duration of the update; any user who is currently connected will typi-
cally be given a warning then automatically logged out if they don’t do so before the warning interval expires.
In the diagram below, three applications have been created and placed on a file server. The administrator then
determines who will get each application. App 1 is needed by everyone, so it can be placed in the OS image. App
2 is used only by sales and marketing personnel, so is distributed to only their computers, while App 3 is only used
by the accounting department and thus only distributed to them.
VMware ESX(i) servers managed by vCenter provide a very strong foundation for a VDI implementation. View
makes management and deployment of Windows XP, Vista, and 7 machines easy and saves a lot of administrator
time and optimizes resource utilization. Using ThinApp (which is bundled in the Premier Edition of View along
with View Composer for Linked Clone functionality) can lead to even greater savings. Finally, using thin clients
instead of the traditional thick (or fat) clients can lead to even greater savings in administration, capital (over the
medium to long term), power, and cooling.
Our courses and enhanced, hands-on labs and exercises offer practical skills and tips that you can immediately
put to use. Our expert instructors draw upon their experiences to help you understand key concepts and how to
apply them to your specific work situation. Choose from our more than 1,200 courses, delivered through Class-
rooms, e-Learning, and On-site sessions, to meet your IT and business training needs.