Virtual Machine Questions

[leadeater]

This type of conversation due to it's complexity would be sooo much easier in voice chat or in person .

[glunday]

3 minutes ago, leadeater said:

I agree about the Multipoint server but it does look like with the newer version it supports VMs etc. I honestly haven't had much to do with it or looked at it recently till now so I can't give you much insight other than it exists.

 

At work we use RDS RemoteApps and some Full Desktop Sessions, we're a university so have 5000 staff and about 30k-35k students.

 

We are also just starting up a VDI proof of concept for the second time, first time which was a few years ago it was concluded that at the time it was a bad idea. This current PoC is going to cost around $350k and is only for a very small test group.

most of our work comes from virtualizing server equipment for certification training/testing. but were talking to local schools about having some of their classes that need more compute power (photoshop things like that, maybe tech classes.) offsite with us and they remote in with thin clients.

[glunday]

2 minutes ago, leadeater said:

This type of conversation due to it's complexity would be sooo much easier in voice chat or in person .

in person would be the easiest, im a huge proponent of using drawings to illustrate what i mean.

[leadeater]

3 minutes ago, glunday said:

most of our work comes from virtualizing server equipment for certification training/testing. but were talking to local schools about having some of their classes that need more compute power (photoshop things like that, maybe tech classes.) offsite with us and they remote in with thin clients.

Do the host servers use GPU's or just rely on software rendering? Photoshop should actually work just fine on software rendering, CAD on the other hand not so much except for really basic blender stuff which TBH what a school would be doing.

 

Just interested in the hardware setup being used.

 

I actually had a rather nice VMware Horizon View setup at home last year but during a re-setup of my network never got round to installing it again. The biggest issue I found was the software clients had a maximum pixel change rate so youtube videos and flash games sometimes would slightly stutter. I brought a wyse zero client but that was when I turned it all off so have never used it lol.

[glunday]

Just now, leadeater said:

Do the host servers use GPU's or just rely on software rendering? Photoshop should actually work just fine on software rendering, CAD on the other hand not so much except for really basic blender stuff which TBH what a school would be doing.

 

Just interested in the hardware setup being used.

 

I actually had a rather nice VMware Horizon View setup at home last year but during a re-setup of my network never got round to installing it again. The biggest issue I found was the software clients had a maximum pixel change rate so youtube videos and flash games sometimes would slightly stutter. I brought a wyse zero client but that was when I turned it all off so have never used it lol.

we have 2 current plans depending on what the schools want to do. for anything that doesn't require much extra power for rendering (basic video editing and photoshop) the vm can scale up to 32 cores as needed without being gpu accelerated. since vmware will move the vm workload to different worker machines as resources are used. if we get anything that due to time restraints gpu acceleration becomes needed we will have to build some new worker machines with gpus to handle that workload.

[leadeater]

@Cubed_ I'll post a nicer write up in a few hours with a good run down of some of the general technical problems with virtual desktops that applies to any solution. I'm not as negative as it seems about VDI, in fact I'm an avid supporter of it. But I do always make sure to warn people, very strongly, about the pitfalls of it and that while it looks great on the face of it is actually a very complex and costly endeavor.

 

As a spoiler, SSD's are a god send for VDI.

[leadeater]

5 minutes ago, glunday said:

we have 2 current plans depending on what the schools want to do. for anything that doesn't require much extra power for rendering (basic video editing and photoshop) the vm can scale up to 32 cores as needed without being gpu accelerated. since vmware will move the vm workload to different worker machines as resources are used. if we get anything that due to time restraints gpu acceleration becomes needed we will have to build some new worker machines with gpus to handle that workload.

Do you use Horizon or just base vSphere/vCenter?

[glunday]

1 minute ago, leadeater said:

Do you use Horizon or just base vSphere/vCenter?

vmware vsphere esxi

[leadeater]

6 minutes ago, glunday said:

vmware vsphere esxi

Not using Horizon would be saving you a ton . I think the cost is way too high for it, at $250 per concurrent session (for the good license) it's theft but at least education pricing is less than that. 

[glunday]

Just now, leadeater said:

Not using Horizon would be saving you a ton . I think the cost is way too high for it, at $250 per concurrent session (for the good license) is theft but at least education pricing is less than that. 

we also have some friends at vmware lol  i can't tell you how much were paying but it's not retail.

[leadeater]

6 minutes ago, glunday said:

we also have some friends at vmware lol  i can't tell you how much were paying but it's not retail.

Yea we have a program here called CAUDIT which we get our VMware licensing through, basically take a zero off. It's shocking just how many don't actually pay anywhere near the list price, pretty much the small private companies are the ones getting screwed.

[glunday]

Just now, leadeater said:

Yea we have a program here called CAUDIT which we get our VMware licensing through, basically take a zero off. It's shocking just how many don't actually pay anywhere near the list price, pretty much the small private companies are the ones getting screwed.

ya the ones that need the price break the most

[Mark77]

A typical use case for the desktop virtualization products on the market isn't for serving thin clients, but rather, to provide access to either difficult-to-configure applications, or for environments where security/licensing are pretty significant issues. 

 

For example, an airline might have an internal pricing app hosted only on a machine accessible through VMs.  Why not directly allow the client to run the app?  Well such would require an extensive infrastructure of access control, authentication, etc. at the database access level.  And even then, a rogue user (or a compromised machine) could use their credentials to perform unauthorized mass queries against the database (including dumping it in its entirety!).  By only allowing access to the application on a VM server, they only have to open the underlying database up to the VM server.  They can also lock the VM server's internal environment down severely to the point that it is impossible to run anything but the specific application in question. 

 

Also, in this "BYOD" world, you really don't want, as an IT department, to have to go through the trouble of making sure database drivers, communications clients, terminal emulators, virus scanners, etc., are installed directly on client PCs (many of which may even be running, say, Windows "Home" and thus can't join a domain!).  So you just give the BYOD device user a client (ie: Microsoft RDP) to connect to the VM server, and they can access the 'standardized' corporate environment for the applications they need.  The IT department thus doesn't care if the BYOD device is a PC, a Mac, a Linux box, or even some old machine running OS/2 or NeXT, so long as it can run the client software and actually talk to the network. 

 

In a school, a virtualization server would be great for teachers to access "management" data, such as marks/report cards/personal information, and interface with building management systems (ie: adjust lighting, temperature, security, etc.).  The data resides entirely on the server, a credentialed login is required, and school management applications can be installed completely segregated from student/public access. 

 

Another good use for a virtualization server in schools would be to provide the students with access to licensed applications off-site, or on their own devices. 

 

But to actually have a virtualization server running all of the needs of clients, all the time, with workloads that may very well be significantly graphically or video intensive, sounds like a very bad idea. 

[leadeater]

1 hour ago, Mark77 said:

A typical use case for the desktop virtualization products on the market isn't for serving thin clients, but rather, to provide access to either difficult-to-configure applications, or for environments where security/licensing are pretty significant issues. 

 

For example, an airline might have an internal pricing app hosted only on a machine accessible through VMs.  Why not directly allow the client to run the app?  Well such would require an extensive infrastructure of access control, authentication, etc. at the database access level.  And even then, a rogue user (or a compromised machine) could use their credentials to perform unauthorized mass queries against the database (including dumping it in its entirety!).  By only allowing access to the application on a VM server, they only have to open the underlying database up to the VM server.  They can also lock the VM server's internal environment down severely to the point that it is impossible to run anything but the specific application in question. 

 

Also, in this "BYOD" world, you really don't want, as an IT department, to have to go through the trouble of making sure database drivers, communications clients, terminal emulators, virus scanners, etc., are installed directly on client PCs (many of which may even be running, say, Windows "Home" and thus can't join a domain!).  So you just give the BYOD device user a client (ie: Microsoft RDP) to connect to the VM server, and they can access the 'standardized' corporate environment for the applications they need.  The IT department thus doesn't care if the BYOD device is a PC, a Mac, a Linux box, or even some old machine running OS/2 or NeXT, so long as it can run the client software and actually talk to the network. 

 

In a school, a virtualization server would be great for teachers to access "management" data, such as marks/report cards/personal information, and interface with building management systems (ie: adjust lighting, temperature, security, etc.).  The data resides entirely on the server, a credentialed login is required, and school management applications can be installed completely segregated from student/public access. 

 

Another good use for a virtualization server in schools would be to provide the students with access to licensed applications off-site, or on their own devices. 

 

But to actually have a virtualization server running all of the needs of clients, all the time, with workloads that may very well be significantly graphically or video intensive, sounds like a very bad idea. 

Completely agree, VDI is much more useful than trying to drive down per terminal/client costs and the payoff is in many other areas which can be hard to see even after deploying such a solution. Can take a few years to fully realize a VDI deployment and embrace it across all areas.

 

For schools licensing and getting legacy applications to work is a big win, trying to make old terrible applications silently install on 600+ computers is a nightmare. One of the simplest wins I've done for a school is installing AutoCAD/VEX on an RDS server so students could do what they need on their own devices or in the less powerful computer labs, no GPU all software rendering but worked flawlessly, handled between 10-30 users which is not bad for CAD.

[tt2468]

15 hours ago, Electronics Wizardy said:

This is done in many buinesses and it works fine, you just have to use something like xen or vmware

But for an amateur IT person? No way will it run smoothly. 

[Electronics Wizardy]

1 minute ago, tt2468 said:

But for an amateur IT person? No way will it run smoothly. 

Your doing this at a school. You have professional IT people.

[Mikensan]

Just to clear up a few terminologies...

 

Zero Client - When used in conjunction with vmware, it's specifically a client that only handles PCoIP using a teradici chipset. Quick example is the Wyse P20 (Tera1) or P25 (Tera2)

PCoIP - a protocol developed by teradici/vmware, idea is to compress as much data and keep it as low bandwidth as possible. Similar to Citrix's ICA or HDX. However PCoIP appears to be dying off in place off vmware's blast protocol. 

Thin Client - A client/desktop/machine re-purposed (or sold with pre-configured firmware) to remotely access a virtual desktop over a variety of protocols. You could put a bootable linux CD with a bunch of clients (RDP/PCoIP/ICA) installed and now that desktop is a "thin client." Largest vendor of pre-configured thin clients is Dell Wyse, their cheapest one is something like $350.

Thin vs Zero: There are some security aspects as to why you'd want Zero over Thin (google it). The zero clients pass USB straight to the virtual desktop so there is more support however it is god awful slow (USB is not mean to be run more than 6-10ft). Otherwise a Thin Client can support PCoIP just fine. Unless you have a security reason to do so, I'd avoid zero clients.

vmware - just a brand name, doesn't imply an actual technology. 

vCenter - an.. application/service/daemon to manage all your virtual machines and virtual hosts via central location. Usually installed on top of windows but can be deployed as a linux based appliance. Has other functions but that's the idea of it.

Horizon - this is the core of a VDI. A simple use would be to create a "core" image and Horizon would auto-magically create clones of it to be used as desktops. A similar simple use case would be creating thinapps. So either from a virtual desktop or from a normal physical computer you could launch applications that are hosted on the ESXi host. Why install Word 1,000 times on all desktops when you could just install it once and "share" it (thinapp).

ESXi - An operating system installed directly on to a physical machine. This hosts the virtual machines/apps. This would be where your virtual desktops/servers/apps get their CPU/Memory resources from.

 

I know this is out of order but as I'd write one another important terminology would come up.

 

Even going cheap as possible, vmware is extremely expensive. I work in a truly small environment (~300 users) and you wouldn't believe how much we're going to spend on just licenses and clients. Virtualizing servers - yes definitely saves money (cooling and power consumption). VDI through Horizon? eeeehhhhh get the wallet out.