Virtual Desktop Infrastructure - VDI

Introduction

Virtual Desktop Infrastructure (VDI) introduces a new way of managing user environments. VDI allows IT administrators to host and administer user desktops on Virtual Infrastructure in the datacenter. Users access their desktop using a remote desktop protocol. While sharing similarities with other computing models, VDI offers many new and compelling benefits for increasing manageability, performance, and security of user desktops/PCs.

VDI is a solution rather than a product and this article compares VDI to other user management strategies and highlights VDI’s benefits for particular use cases. The article covers VDI architecture, complimentary third party products and specific design scenarios in order to give the reader a deeper understanding of VDI. Combining the benefits of both distributed and server based computing, VDI provides improved stability, superior performance, and simplified manageability for user desktops in a variety of situations.

A Brief History of Desktop Management

Management of user desktops has always presented challenges. Several execution models and a variety of management paradigms have attempted to tackle these challenges, each with varying degrees of success.

Execution Models Within computing, the relationship between the user interface device and the location of application execution sets the parameters for both performance and manageability of the user environment. Program execution, can be centralised, distributed, or clustered. Each approach brings unique benefits and challenges described below.

Early Centralised Computing

The expense and complexity of early mainframe based centralised computing excluded consumers and small companies from the benefits of computing technology. As a group, consumers must be able to operate in a stand-alone mode yet seek support for a wide range of software. The confluence of consumer demand for computing, affordable microcomputers and standardised operating systems such as DOS and Windows led to an explosion of software development. Suddenly, application software was a commodity rather than build to order creations of highly skilled programmers. Small to medium sized businesses quickly adopted PC technology as much for access to the diversity of software as for the affordable hardware.

Distributed Computing

Distributed computing spreads application execution across a number of stand-alone or networked computers to meet the needs of an organisation. Until the mid-nineties, the growth in distributed computing seemed unstoppable. Users needed their own PC and there seemed little reason to question this approach while companies enjoyed the new efficiencies brought about by the PC. In the early days of distributed computing, networks were primitive and many companies either lacked appropriate bandwidth and infrastructure or deployed them selectively. PC designers focused their efforts around stand-alone functionality. Networking was more of an add-on than the focus of computing efforts. Slow or unreliable networking made basic design features like the local hard drive a universal and critical feature to maintain any personalisation of the PC across reboots.

Distributed computing continues to be the dominant computing model and for this reason, software designers continue to make design and performance assumptions around the PC. Developers often assume that users will have full and exclusive use of their CPUs, memory and hard drives. While desktop based software generally functions on server platforms, examples of PC centric designs pervade the world of business software. Examples include a CPU pegging at one-hundred percent while programs poll for receipt of data from a remote server. The writing of temporary working files into program directories, or failure to release unused memory also show the bias towards a PC centric design. Key advantages of distributed computing include offline operation and the highest video bandwidth facilitated by the display’s close proximity to CPU, memory, and video rendering resources.

Windows Server Based Computing

Deployed in scale, PCs created an ever-increasing management burden on IT staff. Hardware and software upgrades are frequent, tedious, and error prone. Geographical dispersion amplifies these problems. In the mid-nineties, Citrix pioneered a new approach to managing user environments. Citrix introduced a server based computing model that retained the flexibility of x86 Windows based software while creating opportunities for geographic consolidation and centralised management. Citrix and later Microsoft Terminal Server are similar in their multi-user session aggregation within a single operating system.

The management and cost benefits of server based computing have been documented from reputable sources such as the Gartner Group1 and touted by thin client vendors like Wyse2 for many years. The inherent portability, ease of software upgrades and powerful user management tools have continued to make server based computing a popular choice in the enterprise. Until recently, Citrix and Terminal Server based approaches were the only way to access the benefits of centralised computing while using x86 based software.

Problems with Terminal Server Designs

Windows kernel development has focused on the ability to handle a large variety of applications, facilitate tremendous end-user functionality and accommodate a wide variety of device drivers. The focus on broad functionality has taken the Windows kernel in directions that overlooked the kinds of advanced resource allocation and end-user isolation features necessary to manage demanding multi-user workloads. Adding the multi-user functionality of Terminal Server extensions to the Windows operating system has also magnified issues derived from the single-user general-purpose design of Windows including:

Device Driver Incompatibilities: Drivers and devices from different vendors are not regression tested for multi-user shared functionality and unpredicted problems can occur under heavy workloads.

Performance Volatility: The longstanding bias in application design towards dedicated PCs leads to assumptions about resource availability that often degrade performance. As the OS supports higher user session densities, unpredictable loads create erratic user experience. CPU intensive applications used simultaneously by a few users can degrade performance for all the other users on a server.Scheduling Limitations: While the Microsoft NT kernel includes many innovations, its focus has not been on sophisticated resource allocation. The NT kernel’s thread management limits its ability to balance physical CPU loads. A thread executing in kernel space can tie up processor resources until it exits the kernel and returns to user space. One program or driver can deprive another of CPU time, degrading the user experience under heavy multi-user workloads.

What is VDI?

Building on VMware Virtual Infrastructure 3 (VI3), Virtual Desktop Infrastructure (VDI) effectively addresses and resolves key problems in Terminal Server based approaches to server based computing. VMware ESX Server allows multiple user desktops to run as separate virtual machines while sharing underlying physical hardware resources such as CPU, memory, networking and storage. This isolates users from each other, giving each user their own operating system, allowing granular resource allocation and protecting users from application crashes and operation system faults caused by the activities of other users.

Taking advantage of ESX Server features and VirtualCenter Server management features, VDI reduces device driver incompatibilities with standardised virtual hardware and a tightly screened Hardware Compatibility List (HCL) for physical ESX Server host hardware. Performance volatility is reduced with ESX Server scalable CPU scheduling and the multi-host balancing of VMware Distributed Resource Scheduler (DRS). VMware ESX Server can halt and reschedule a virtual machine without regard to the activity of threads inside the guest operating system. This creates a more deterministic resource sharing that improves user experience in a VDI environment.

In contrast to Terminal Server based centralised computing, Virtual Desktop Infrastructure (VDI) gives each user an independent virtual machine for desktop computing. Running Citrix, Terminal Server, or any multi-user operating system by itself is not an example of VDI. By giving each user their own operating system, VDI provides the stability and performance management features necessary for enterprise deployment of centralised desktops.

VDI’s Contributions to Desktop Management

VDI brings together the benefits of centralised and distributing computing. With a number of unique features, VDI provides a new alternative to the traditional computing models.

VDI offers the Benefits of Server Based Computing

VDI is a new server based computing model that achieves the benefits commonly associated with Terminal Server deployments. The areas where server based computing shine are:

• Data Security: Keeping data within the confines of the datacenter improves security.
• Reduced Hardware Expenditures: Consolidation and reduced upgrades cycles minimises hardware costs for server and client side equipment.
• Easier Management: Perform centralised patching and application installation or streaming without loading the network.
• Mobile Workforce: User desktops are portable – users can reconnect from any location with a variety of devices.
• Resource Pooling: Server based computing improves a company’s ability to use resources as a common pool.

VDI offers the Benefits of Distributed Computing

VDI retains many of the benefits associated with distributed computing. By giving each user their own operating system.

VDI retains many of the strong features of distributed computing including:

• End User Isolation: The majority of crashes on Terminal Server derive from "blue screen" events. Terminal Server entrusts user sessions to the good behavior of other users’ applications. Untested combinations of software together with the strain of large complex workloads often contribute to blue screen events. In contrast, VDI does not need to trust the operating system’s stability for multiple users or assume that the many permutations of running software will remain stable. VDI protects each user from problems generated by other users. This protection eliminates the kind of operating system crashes that affect 30 or 40 users at a time while VDI users can retain the level of isolation taken for granted in distributed computing. Power users can install software and reboot their desktops without affecting other users.

• Improved Performance Isolation: PC users expect full access to their own CPU, memory and disk resources. Terminal Server suffers from resource contention between users. Introducing heavy applications to an existing farm of two-way Terminal Servers with published desktops can create erratic performance because the actions of a few users will periodically degrade performance for all other users on the server. VI3 allows nearly linear scaling of VDI sessions on up to 16 CPUs and farm wide session portability through VMware Distributed Resource Scheduler (DRS). The ESX Server scheduler can locate spare CPU cycles for heavy users on the largest servers and use VMware VMotion™ to move select user sessions to other hosts using DRS.

Companies can now deploy centralised computing with the confidence that their infrastructure can accommodate deployment of unforeseen applications without compromising user’s desktop experience. Virtual desktops are now free to utilise spare CPU cycles across a whole farm of ESX Server hosts. In this way, VDI shares in the CPU borrowing typical of clustering solutions while maintaining the user isolation of PC environments.

New Benefits for Desktop Management

VDI brings together desirable features of traditional Terminal Server based while retaining important features of distributed computing. VDI also introduces new and unique benefits such as:

• Performance and Stability Benefits: VDI is the first computing model that allows user sessions to use resources across a farm of servers. Centralised execution of user sessions is possible without relying on the Windows kernel to coordinate multi-user sessions. The ability to create a self-balancing farm with transparent user migration between hosts greatly expands the number and type of applications deployable on a server based computing model.
• Opportunity to Redesign the Desktop: By leveraging the unique memory management of ESX Server, gigabit networking, and high-speed shared storage, VDI desktops can achieve new levels of performance, exceeding what stand-alone PCs can deliver.
• No Downtime Maintenance: Hardware maintenance on any ESX Server host can proceed without waiting for users to logoff and without interrupting user sessions. Placing an ESX Server host in maintenance mode will migrate all active VDI sessions elsewhere within the farm. This feature allows IT staff to perform maintenance during regular business hours without affecting users.
• Integrated Server and Desktop Management Platform: For the first time, companies have the opportunity to unify the management of user desktops and servers. IT can simplify datacenter processes and improve coordination between server and desktop support groups. A single design for backup and disaster recovery functions can serve the needs of both server and desktop areas.
• Business Continuity Benefits: Users that traditionally needed their own PC can now benefit from the portability of centralised computing.
• Licensing Benefits: VDI opens new opportunities for conserving licenses. Products based on the number of concurrent installations can take on a concurrent-usage licensing model if used with one of the several connection broker tools offering dynamic provisioning capabilities.
• Granular Performance Control: While resource leveling products allow more granular control of application priorities within Terminal Servers, VI3 introduces resource pools that can be used to designate groups of user desktops that receive farm wide priority. VI3 allows VIP users or CPU heavy applications to execute in separate pools distributed across ESX Server clusters.
• Elimination of Multiple N+1 Computing Silos: Due to application compatibility issues, Terminal Server deployments often segment applications onto their own server pools. This requires the addition of servers to each published application group for fault tolerance regardless of capacity. VDI’s user isolation allows provisioning of servers based on capacity alone, reducing server count while maintaining fault tolerance.

New Options for Application Management: Leveraging Templates and Cloning, administrators can establish departmental machine templates and quickly deploy new user desktops as needed.

VDI and Desktop Stability

Each application launched inside a shared operating system has the potential to conflict with any other application, and to exert pressure on underlying drivers, system services, and kernel scheduling. VDI isolates each virtual desktop from malfunctions caused by the activities of other users. No multi-user platform is immune to hardware failures, but the hypervisor design of ESX Server provides substantially more protection for user sessions than the shared services design of Terminal Server. ESX Server manages resource allocation using the VMkernel, a mini-operating system built from the ground up for stable resource allocation. The VMkernel is a compact yet sophisticated resource manager enabling many VDI desktops to share underlying physical resources while maintaining user isolation. VMkernel faults are exceedingly rare as compared to the frequency of Windows blue screen crashes inside a busy Terminal Server running a heavy load of diverse application software. The many functions and services of the Windows operating system create more opportunities for conflicts than are seen in the more compact VMkernel. Terminal Server creates many more opportunities for conflict than a single-user PC. Rare incompatibilities manifest more frequently in proportion to the number and diversity of applications running together inside a single operating system. The number of application combinations that can appear inside the operating system contributes to the instability by elevating the number of ways in which applications can interact and exert stress on the operating system.

A Terminal Server serving twenty-five users running five applications each will host 125 applications concurrently. This exerts twenty-five times more strain on the operating system than a single user generates on their PC. The extra strain on the operating system combined with the typically larger number of installed applications leads to an inherently higher level of instability in multi-user operating systems.

By giving each user their own operating system, VDI contains the risk of application conflict to a similar level experienced by PC users with their own operating system. VDI mitigates risk to the shared ESX Server host by containing fatal conflicts to one user operating system. This drastically reduces the chance of software conflicts causing large-scale disruption. VDI provides a new centralised computing model without excessive risk of negative application interactions.

VDI Cost Savings

When considering the total cost of ownership, simplistic evaluations of costs fail to show the full picture. There are hidden costs and risks with each desktop management model and each execution model. Key areas of cost savings for VDI include:

• Hardware Provisioning Logistics: VDI simplifies deployment of new infrastructure.
• Hardware Maintenance: VDI offers the least complexity and most advanced management options for zero-downtime hardware maintenance.
• Hardware Duration: The pooled resource model of a VMware Virtual Infrastructure 3 (VI3) farm offers very dynamic performance balancing and tuning. This flexibility allows IT to repurpose ESX Server host hardware for any combination of virtual desktops and application servers as performance needs change and newer hardware becomes available. This extends the useful life of ESX Server host hardware.
• Less Downtime: The stability of ESX Server combined with the isolation of end-users limits downtime related to software malfunctions. VI3 contains several features that contributed to improved uptime for a VDI deployment. VMware High Availability (HA) allows VDI desktops to restart automatically after a hardware failure. VI3 also includes the ability to place ESX Server hosts in "maintenance mode" causing VDI desktops to migrate to other ESX Server hosts without interrupting user sessions during maintenance windows. The well-scrutinised Hardware Compatibility List (HCL) of ESX Server further contributes to improved uptime for a VDI deployment.
• System Performance: VI3 offers unparalleled platform balancing, superior resource allocation, and new opportunities for performance enhancements that leverage specific ESX Server memory management features as described in the "Turbo Charged Performance" section below.
• Application Management: Application streaming performs even better in a VDI environment due to proximity within a datacenter allowing gigabit Ethernet connections between virtual desktops and their supporting servers. Shared image strategies and use of virtual machine templates also simplify application management.

VDI brings a wealth of new features and cost saving possibilities to the problem of managing user environments. It will be some time before IT departments discover all the new opportunities. The most significant long-term cost reduction VDI brings to the enterprise might prove to be the cost savings associated with increased use of centralised computing. The stability and software compatibility issues of Terminal Server have limited these savings for many companies prior to VDI. Companies can now shift their focus towards server based computing more aggressively with the confidence that critical features like end-user isolation, scalable performance balancing, and decreased application interactions will ensure successful deployment of current and future software.

Business Drivers and Common Use Cases

Early adopters of VDI technology seek to solve problems that non-VDI solutions fail to address. The major use cases currently driving adoption of VDI are:

• Outsourcing: Companies looking to outsource development while retaining close control of their data and source code can use VDI to present developers with a fully functional desktop capable of installing development tools and rebooting without affecting other users.
• Extending PC Lifecycle: Companies facing a PC upgrade cycle or deployment of a major operating system upgrade might instead migrate to a server based computing model, redeploying existing PCs as Thin Client access devices.
• Pandemic Planning: New mandates in nearly every industry require preparedness for pandemic scenarios. VDI provides the needed assurance that existing desktop application suites are deployable in a server based computing model without the software compatibility or performance problems often encountered when deploying a large number of applications on a Terminal Server platform.
• Unifying IT Strategy: Companies that have already invested in virtualisation strategies in the data center and are seeking to unify desktop and server side processes have an opportunity to leverage server and client side computing loads across a common platform. Simplified disaster recovery, enhanced data security, and reduced headcount can result from such consolidation.
• Performance Driven VDI: Companies needing to introduce a demanding new application that strains current PC hardware might elect to deploy the new application as a link from the native desktop to a VDI session. This offloads CPU demands from the local desktop, both extending the PC lifespan and ensuring adequate performance of the new application.
• Enterprise Desktop Replacement: Companies seeking to escape the constraints of legacy desktop computing and move towards utility computing will benefit from more advanced VDI configurations with dynamic provisioning and personalisation of the virtual desktop made available to stateless user access devices.

VDI incorporates features of both server based and distributed computing, offering business solutions to a number of challenges.

VDI Architecture

VDI is an architecture requiring carefully crafted solutions that meet specific needs. All VDI solutions have virtualisation of the user’s desktop in common. A complete VDI solution may also include other design elements that compliment, extend, or leverage the core features of VMware Infrastructure virtualisation platform. A full spectrum VDI solution starts with the user’s access device and includes a number of logically sequential components spanning the full lifecycle of user activity. The section below describes the full spectrum of components together with helpful products in each category and several design examples meant to illustrate various problems solvable within a VDI framework. The list of products is not inclusive due to lack of space and meant to highlight significant products in each category.

Design Components for a complete VDI Solution

A complete VDI solution involves several components selected to meet the specific requirements of the situation. This section describes each design component in detail.

Client Access Device

On a PC running Microsoft Windows, users can initiate a remote session to a VDI resource using the bundled remote desktop client. Thin Client devices such as WYSE terminals have many advantages as access devices including reduced cost, stateless configuration and simplified management. An RDL (Remote Desktop License) might be required to connect back to the virtual desktop.

Terminal Makers: Leading Thin-Client device manufacturer WYSE makes quality low cost graphical terminals. WYSE terminals lead the market with their small footprint, low power consumption and flexible Thin-OS firmware.PCs: An older underpowered PC can make a very capable VDI access device. Hybrid solutions with some local execution and select VDI assisted application execution might also be appropriate.

Connection Brokering

Providing users their own virtual desktop and ensuring they always reconnect to the same machine might be the best design for small scale VDI implementations. For larger VDI implementations, a connection broker is necessary to avoid tying up memory and CPU resources when users are not using their virtual desktops. Connection brokers can suspend and resume virtual desktops or provision new desktops based on policies and workflows. Connection brokers make API calls to VMware VirtualCenter and ESX Server systems to perform their core functions.

Application Virtualisation and Streaming

The growth of distributed computing brought the challenges of management to the forefront of the IT agenda. The needs of distributed computing shaped the early management toolsets. Each node on the network was a stand-alone resource silo. Each node needed its personality maintained separately. Server based computing allowed for a more consolidated approach but brought new management challenges related to performance, network stability and software compatibility. Recently, streaming technologies such as Microsoft Softricity16, AppStream and others have introduced a unified application management approach that simplifies application lifecycle challenges in a way that can benefit both distributed and server based computing models.

Combining application streaming and application virtualisation, Microsoft Softricity adds value by simplifying application lifecycle management. After sequencing applications, the Softgrid client publishes shortcuts to users based on their group membership. Administrators can upgrade applications while users work by publishing a new version available at next application launch. Application virtualisation features can aid application compatibility by allowing applications with different versions of the same DLL or conflicting registry settings to run together. When deployed with Ardence shared boot imaging, it is possible to deploy VDI architecture with diskless virtual machines booting against a shared Windows image with only the Softgrid client installed. This one image can serve the entire company. Sequenced applications can be pre-cached to the shared boot image, eliminating the network traffic and launch latency associated with application streaming. AppStream focuses on application delivery while Altiris SVS focuses on application virtualisation without all the isolation features of Microsoft Softricity. These new technologies complement VDI by further centralising management of the desktop and providing application access without the need to persist application software inside the virtual machine hard drive.

VDI Memory Efficiencies

Allocating a large amount of RAM for caching would normally be cost prohibitive in a distributed computing model. ESX Server transparent page sharing ensures that additional VDI instances will consume only a portion of the 1GB of working RAM that is unique to each desktop. The balloon driver included with VMware tools will yield unused working memory to the underlying memory pool. The ability of ESX Server to locate common memory pages within the working memory will usually reduce memory consumption by thirty percent or more, compensating for the extra RAM used by caching strategies. Booting multiple machines from a shared Ardence controlled boot image ensures that the cached boot volumes will all be nearly identical. This in turn ensures that memory page signatures will be identical and transparent page sharing will achieve maximum efficiency.

To minimize the percentage of RAM allocated to cache, it is best to deploy this strategy with large ESX Server hosts dedicated to VDI. On an eight-way ESX Server host with 48GB RAM, perhaps seventy-five or more users could obtain the benefits of RAM disk performance with only 9GB of RAM allocated to caching for 64bit virtual machines or as little as 2GB for 32bit virtual machines with cached application partitions.

Conclusions

When deployed with complementary products, VDI retains the best features of Terminal Server based desktops and distributed PCs while bringing new performance and management possibilities to the mix. With increasingly prevalent wireless technology like 4G cellular (100mbit), WiMAX , and WiFi on Airplanes becoming the norm, the need to work offline will become increasingly rare. Quickly advancing CPU and memory designs will heighten the benefits of centralised computing, allowing improved use of shared resources.

The unique performance and security characteristics of VDI position it as a strong contender as well as a value-add to current server based computing technologies. Desktop management is evolving towards an increasingly sophisticated blend of VDI, Terminal Server, and distributed computing. This new blended approach will have a stronger bias towards server based computing models which best use shared resources. Applications with lighter CPU loads and no Terminal Server compatibility issues will continue to leverage Terminal Server, while heavy applications and published desktops will migrate towards VDI where the benefits of isolation and improved resource allocation will benefit the user experience.