Embed Size (px)
Citation preview
Enhancing the User Experience for Multi-Pod
VMware View Deployments
Bruno Germain, F5 Networks
#vmworldsponsor
2
F5 & VMware
• F5 & VMware are active, global partners
• 4 years of history as managed partners
• Primary partnership goals
Compatibility / Interoperability testing
New Solution Development
New Solution Documentation
• Across all major F5 and VMware products
• Ongoing cooperative solution development
• Coordinated back-end customer support
3
Application Delivery Networking Services
• Glue between end users and application workloads
• Policy-driven traffic management
• Dynamic configuration and automation of policies
L4-L7
4
4 Key Functions of Application Delivery Networking
Local
Scaling &
Availability
Securing
Global
Scaling &
Availability
Accelerating
© VMware, Inc.
5
Our Objective Today
Explain how to provide…
A. A single URL
B. With user to pod session affinity
C. With the ability to failover to a backup pod
…for large and/or distributed VMware View deployments
6
4 Use Cases – 4 Designs
Use Case Datacenter(s) Pod(s) Entitlement(s)
1 Single Multiple Single
2 Multiple Multiple Single
3 Multiple Multiple Multiple
4 Multiple Multiple Dynamic
7
Use Case #1 – Multi Pod, Single Site
• Customer Acme has 16,000 View Users at their HQ
• Provide a Single URL with intelligent routing to users
cluster/pool
• Simplify Pool/User management through load balancing
8
SSL Clarification
GTM
LTM/APM
Connection /
Security
Servers
GTM
LTM/APM
1. DNS Request to
GTM for View
Service
2. SSL View
Connection
3. Non SSL View
Connection
Connection /
Security
Servers
9
10
Use Case #2 – Multi Pod, Multi Site
• Customer Acme has two primary sites with 8000 users per
location, they provide DR services for critical workloads
• Users travel, work from home and require a single intelligent
access point into their View desktop
Chicago Dallas
view.acme.com
11
Multiple Sites, Multiple Pods, 1 Name Space
view_east.company.com
view_north.company.com
view_south.company.com
view.company.com
view_west.company.com
12
Persistence = Happy Users
A New Server Creates a Fresh Desktop
Pre-Existing Server, Pre-Existing Desktop
View
Connection
Servers
Lost Connection
Reconnect!
Pod 1
Pod 2
Persistence based on the Username,
ensures that anytime a user disconnects
and soon thereafter reconnects, they will
be assigned to the same connection
server, and will see the same desktop
layout they had prior to the disconnect.
13
14
view.company.com
15
DNS Query:
view.company.com
16
iQuery
Health Check to
Both Pods:
East & West
10.1.1.20
192.168.2.20
17
User has lowest latency
to West Pod. DNS Answer:
“view.company.com. IN A 192.168.2.20”
192.168.2.20
18
Password is cached using
256 bit encryption
PW
19
User Name Current
Pod?
Bob Smith West
Fran Kelly East
Jim Adams None
etc…
LTM looks up User. <Current Assignment>
20
APM queries
Active Directory.
Domain
UN
PW
AD User’s
Group
Membership
APM Obtains User’s Current
Pod & Pool Member Username & Password
are sent to AD.
DomainDomain
Active
Directory
21
Based on the Pod & Pool info in
AD, LTM sends the user to the
correct View server
View
Servers
22
The View Server replies with a user
token.
View
Servers
Client uses that token to automatically
reconnect directly to the View server.
23
Use Case #3 – Multi Pod, Multi Site, Multi Desktop
• Customer Acme has three sites with 6000 users per location,
they provide DR services for critical workloads with
secondary entitlements to backup desktops
Chicago Dallas
view.acme.com
New York
24
25
Use Case #4 – Multi Pod, Multi Site, Smart Desktop
• Customer Acme has three sites with 6000 users per location,
they provide optimized user experience and DR services for
their desktop workloads.
Chicago Dallas
view.acme.com
New York
26
27
How Does F5 Fulfill these View Designs?
• Local Traffic Management
• Secure Access / AAA Integration
• Global Traffic Management
• BIG-IP iApp Wizard for View
BIG-IP
Access Policy Manager
Add-On Module
28
29
30
F5 BIG-IP iApp for View Created Objects
31
How Does F5 Fulfill these View Designs?
• Local Traffic Management
• Secure Access / AAA Integration
• Global Traffic Management
• BIG-IP iApp Wizard for View
• iRules for Intelligent Traffic Routing
BIG-IP
Access Policy Manager
Add-On Module
32
F5 BIG-IP iRules (a.k.a. Flexability Engine)
33
How Does F5 Fulfill these View Designs?
• Local Traffic Management
• Secure Access / AAA Integration
• Global Traffic Management
• BIG-IP iApp Wizard for View
• iRules for Intelligent Traffic Routing
• Also Leverages
– Powershell
– AD
BIG-IP
Access Policy Manager
Add-On Module
34
35
Future….
– F5 and Teradici signed agreement
– PCoIP proxy
– We will be the Security Server
Enhancing the User Experience for Multi-Pod VMware View Deployments
Bruno Germain, F5 Networks
#vmworldsponsor
