VMware View 4.6
In the words of VMware, VMware View is the leading desktop virtualisation solution. It provides a virtualised desktop infrastructure which can leverage existing virtual infrastructures and provide a cost effective centrally managed desktop deployment.
VMware View offers the ability for desktop administrators to virtualize the operating system, applications, and user data and deliver modern desktops to end-users.
VMware View Manager is an enterprise-class virtual desktop manager, and a critical component of VMware View.
IT administrators use VMware View Manager as a central point of control for providing end-users with secure, flexible access to their virtual desktops and applications, leveraging tight integration with VMware vSphere to help customers deliver desktops as a secure, managed service. Extremely scalable and robust, a single instance VMware View Manager can broker and monitor tens of thousands of virtual desktops at once, using the intuitive Web-based administrative interface for creating and updating desktop images, managing user data, enforcing global policies, and more.
Ok, so that’s the official description, but how does it all fit together?
VMware View is made up of the following core components.
View Manager Components
VMware View Connection Server—Manages secure access to virtual desktops, works with VMware vCenter Server to provide advanced management capabilities.
VMware View Agent—Provides session management and single sign-on capabilities.
VMware View Client—Enables end-users on PCs and thin clients to connect to their virtual desktops through the VMware View Connection Server.
Use View Client with Local Mode to access virtual desktops even when disconnected without compromising on IT policies.
VMware vCenter Server with View composer —Enables administrators to make configuration settings, manage virtual desktops and set entitlements of desktops and assignment of applications.
View transfer server – to transfer desktops to client PC’s and laptops with offline mode.
View Security Server - A View Security Server (in a DMZ) is also an option. This will allow RDP and PCoIP connections over the WAN.
This diagram from the VMware Visio templates depicts a typical View deployment, taking advantage of View Linked Clones with Offline Mode, ThinApp and PCoIP.
- Domain Controller
- vCenter Server – View manager installed (cannot use IIS or be a domain controller)
- View Connection server, preferably two (cannot have any other View roles, use IIS or be a domain controller)
- View transfer server for Linked-Clones with Offline Mode (Cannot have any other roles. Can be a physical server)
- Database server for events and View Composer database
- Optional View Security Server for WAN RDP and PCoIP connectivity
View Composer is installed on the vCenter Server, it provides storage-saving linked clones, rapid desktop deployment, quick update, patch management and tiered storage options.
View Composer can utilise Quickprep or Sysprep. System automation tools for creating unique operating system instances in Microsoft Active Directory.
Changes to the master images can be sent out to all linked clones by running a recompose operation. Running a refresh operation on a linked clone synchronises it with the master image.
This is useful if users are experiencing issues with their linked clone, it is a way of setting it back to default.
Each user in a linked clone can have their own persistent data disk which will contain all of their unique user data, documents and settings.
Linked-Clones with Offline Mode
A linked clone is made from a snapshot of the parent. All files available on the parent at the moment of the snapshot continue to remain available to the linked clone. On-going changes to the virtual disk of the parent do not affect the linked clone, and changes to the disk of the linked clone do not affect the parent. This provides a secure master template machine that can be used to create additional clones.
A linked clone must have access to the parent. Without access to the parent, a linked clone is disabled.
Offline mode allows users to check out the desktop and use it on a PC or laptop, for instance when travelling on a train and then check it back in and synchronise the changes when returning to the office.
ThinApp simplifies application delivery by encapsulating applications in portable packages that can be deployed to many end point devices while isolating applications from each other and the underlying operating system.
ThinApp virtualizes applications by encapsulating application files and registry into a single ThinApp package that can be deployed, managed and updated independently from the underlying operating system (OS). The virtualized applications do not make any changes to the underlying OS and continue to behave the same across different configurations for compatibility, consistent end-user experiences, and ease of management.
PCoIP supports WAN connections with less than 100kbps peak bandwidth with up to 250ms of latency however I recommend a minimum 1Mbps upload speed across the WAN with less than 150ms of latency.
PCoIP sessions average bandwidth for an active office worker may be in the 80-150kbps range. This drops to nearly zero when not in use.
It is recommended that the infrastructure is using an offload card as PCoIP rendering is fairly resource intensive on the hosting server.
A PCoIP security gateway removes the need for a VPN connection. This became available in the latest VMware View 4.6 release.
Modern thin client devices like the zero clients from Wyse are designed specifically for connecting to a virtual desktop environment, these devices support PCoIP out of the box with no major configuration required to connect them to the virtual desktop infrastructure.
vShield Endpoint provides an API to allow third party anti-virus vendors a way of scanning machines at the Hypervisor level, rather than at the individual virtual machine level, removing unnecessary load from the individual clients.
In the future this will be the standard way that anti virus scanning will be completed with virtual desktop infrastructure, and server infrastructure also. The current offerings are from Trend-Micro only which is limited to scanning 15 machines per virtual appliance. But future developments from other providers may support more virtual machines.
vShield Endpoint is included in the cost of VMware View Premier.
ThinPrint allows a view client to utilise the print devices installed on the connecting client machine so that a user can seamlessly print to their default local printer without having to install any drivers.
VMware View is available using two licensing models, Enterprise and Premier. The differences between the two are illustrated in the table below.
Windows 7 requires a KMS server for automatic server provisioning. This can be a 2003, 2008 and a 2008 R2 server however they have the following caveats.
- Must have at least 5 Servers checked in for server activation to occur or 25 Windows 7 or Vista machines checked in for client activation to occur.
- Windows Server 2008 is not supported as a KMS host to activate Windows 7 and Office 2010.
- A patch is available to allow activation of Windows 7 client machines. (A Windows Server 2008 R2 KMS key is required.)
- A patch is not available to allow activation of Office 2010 clients.
Hardware requirements will vary depending on individual circumstances, however as a ball park figure use the figures below as a guideline.
A view infrastructure to support 30 & 100 users will require the following core components.
Two ESXi hosts (Minimum) ideally three, two for Workstations one for servers. (Existing Virtual infrastructure will do for servers.) (Approx. 32GB RAM, dual core, For 30 VM’s)
Four ESXi hosts Three for Workstations one for servers (Approx. 48GB RAM, dual core, R710 for 35 VM’s)
To leverage the advanced VMware features HA and DRS, shared central storage is required.
This can be achieved using a storage area network. (SAN)