Embed Size (px)
Citation preview
sheridancollege.ca
Designing and Deploying
Large Scale VDI
James DuncanTeam Lead – Cloud Services
Sheridan College
sheridancollege.ca
Agenda• Project Overview
• Designing a Scalable VMware View Infrastructure
• Deploying in a Phased Approach
• Supporting VDI
• Lessons Learned and Next Steps
sheridancollege.ca
‘Virtual Desktop Infrastructure’
Virtual desktop infrastructure (VDI) utilizes
server hardware to run desktop
operating systems (OS) and applications
inside a virtual desktop rather than users
storing their OS, desktop personality and
data on individual laptops or desktops.
What is VDI?
OVERVIEW
sheridancollege.ca
What are the challenges you are trying to solve with VDI, and will it actually solve
them? Define the return on investment you’re trying to obtain.
Sheridan’s VDI use cases:
1. Academic Lab Environments (increase operational support efficiency)
2. Administrative Desktops (‘task’ worker op efficiencies; better support users that
require a high degree of mobility)
3. Mobile Computing (streamline ‘bring your own device’ support, strategy to reduce /
remove restrictive program requirements)
4. Distance Education (increase our ability to deliver programs remotely)
Overall goal – common end user computing platform for anywhere, any device access
Understand Your Use Cases
VDI DESIGN
sheridancollege.ca
• Phase I (2011-14)
• Proof of Concept in satellite campus labs and Learning Commons
• Phase II (2013/14)
• Infrastructure Design
• Infrastructure Deployment
• Open Access Labs and Learning Commons Zero Client Deployment
• Phase III (2014)
• Distance Education
• Mobile Computing
• Administrative Users
RFPs Issued:
1. VDI Platform and Partner Vendor of Record
(VMware and Scalar Decisions)
2. Thin Client Vendor of Record (Dell Wyse)
3. X86 Server Vendor of Record (Cisco)
4. Storage Array Vendor of Record (NetApp)
5. Multi-site Load Balancing Infrastructure (F5)
Stages
OVERVIEW OF PROJECT
sheridancollege.ca
• How do you translate your high level functional
requirements into success criteria?
• Performance
• Infrastructure Resiliency
• Functional
• Importance of User Acceptance Testing (UAT)
• Talk to your users during the deployment phase
Understand your Success Criteria
VDI DESIGN
sheridancollege.ca
• Assess, assess, assess – measure twice
and cut once
• Desktops are typically CPU bound, where
server virtualization is typically memory
bound
• Disk IOPS requirements will be the entire
success or failure of your deployment
LiquidWare Labs Stratusphere Fit:
http://www.liquidwarelabs.com/products/stratusp
here-fit
• Groups desktops by appropriateness for VDI
conversion
• Gained a lot of insight into applications used
• Detailed metrics on CPU, Memory and Disk
IO requirements for desktops
• Aggregate of all of the above is the basis for
the design
Understand Your Workloads
VDI DESIGN
sheridancollege.ca
• CPU
• Average: 340 MHz
• Peak average – 850 MHz
• Memory
• Average: 1530 MB per user
• Account for Transparent Page Sharing, High Availability overhead, and room for VMs like Deep Security Virtual Appliance, etc. in memory calculations
• Disk IOPS
• Average: 56 IOPS per user
• Average Peak: 180 IOPS
• Designed for 68 IOPS
• Network
• Also measured bandwidth and latency requirements for PCoIP
Takeaways:
• Desktop VMs are CPU-bound
• Clock speed was prioritized
over # of cores
• Sized for worst case (IOPS
measured) but anticipated
optimizations (detailed later)
• Don’t design for peak, plan for
average (sustained) and
roughly 70-80th % of peak
(burst)
Sheridan’s Assessment Results (your mileage will vary)
VDI DESIGN
sheridancollege.ca
Understand your long term goals and design the
infrastructure to achieve it in a modular fashion as
you grow into the deployment
Architecting a solution for 5,000+ VMs is considerably
different than for 500 VMs
Predictable blocks of compute and storage resources at
the backend that scale as linearly as possible
The VMware Horizon View frontend infrastructure
(Connection Servers, Security Servers, and
Transfer Servers) can for the most part be deployed
all up front
Find a trusted partner if you’re designing for large scale!
Sheridan’s Scale:
• 2,000 Academic Desktops
• 1,000 Administrative Desktops
• 9,000 Mobile Computing Students
• 18,000 full time students
• 35,000 continuing education students
• 3 primary campuses (Brampton,
Mississauga, Oakville) and one satellite
campus
Understand your roadmap
VDI DESIGN
sheridancollege.ca
Putting a lot of eggs into a very big basket with VDI
Understand risks and limit failure domains:
• Front-end redundancy: load balancing Connection Servers and Security Servers
• Server-level redundancy: VMware HA/DRS
• Storage-level redundancy: RAID, multiple controllers, multiple datastores, etc.
• VM pool redundancy: in floating pools, set maximum size higher than your
requirements
• Site-level Redundancy: multiple View Pods in separate datacenters with a single
DNS namespace
Redundancy
VDI DESIGN
sheridancollege.ca
F5 Networks BIG-IP Local Traffic Managers (LTM), Global Traffic Managers
(GTM), and Access Policy Manager (APM)
Single Namespace (https://desktop.sheridancollege.ca) that load balances
between separate VDI infrastructure in two sites (Oakville and Mississauga
campuses)
Dynamic Session Detection – if the connecting user has a valid session at one
of the sites, the load balancers will reconnect the user to their session at
that site via PCoIP authentication replay (via Events database integration)
Persistent Desktop Connection – if the user has a persistent desktop, they will
be connected to the correct site (again via PCoIP re-auth) – this is
determined via Active Directory lookups
Load Balancing
VDI DESIGN
sheridancollege.ca
Welcome to the bleeding edge…
• This was pre-release, in-development functionality
• We were heavily involved in updating F5’s documentation and
code along with other F5 ‘early adopter’ clients to get from RC to
full release
• Were not able to get SSL offloading to function
Load Balancing (cont’d)
VDI DESIGN
sheridancollege.ca
• External Connections
• 2 Connection Servers paired w/ 2 Security Servers per site
• PCoIP sessions are proxied through the CS/SS
• Internal Connections
• 2 Connection Servers
• PCoIP sessions terminate directly between client and the VM
Connection Brokers
VDI DESIGN
sheridancollege.ca
Cisco UCS C240 M3 w/ 2 x E5-2643 + 256GB RAM
• Designed for VM densities in the range of 75-100:1
• Aiming for 5-10 VMs per Core
Offload Cards:
• Teradici PCoIP Apex Offload Cards - these make a huge difference in the performance of real-time
media applications
http://www.teradici.com/products-and-solutions/pcoip-products/hardware-accelerator
• No hardware GPU yet – testing Nvidia GRID K1/K2 in QA
Compute
VDI DESIGN
sheridancollege.ca
NetApp FAS 3250
• 2 Dedicated controllers w/ disk shelves for VDI at each site
• 10K RPM disks + SSD Flash Pool
• Running in cluster-mode with storage for general purpose usage
• Large NFS datastores – avoid LUN size limitations
• 2 VM Datastores (solely to load balance across aggregates / controllers)
• 1 Template Datastore
• 1 vSwap Datastore
• Architected for 1,500 concurrent VMs (conservatively) and will expand cluster modularly as we grow beyond that
• Don’t fall into the trap of measuring capacity used in VDI storage –monitor performance instead (command latency, etc.)
Storage
VDI DESIGN
sheridancollege.ca
UCS Fabric Interconnects / Nexus 5K
• QoS – just below VoIP in prioritization
• Dedicated uplinks for VDI traffic
• 20 Gbps CWDM Dark Fibre ring between campuses
• Firewall / ACL complexity
• Large VM pools mean large, contiguous IP ranges
• Mobile Computing and VDI over wireless
Network Considerations
VDI DESIGN
sheridancollege.ca
Pool Types:
• Floating Pools – Academic general computing
• Persistent Pools – Administrative users and some Mobile Computing / Distance Education
VM Specifications:
• 1-2 vCPU and 2GB RAM each (basic)
• 4 GB persistent disk (in persistent pools)
• Other pool configurations adjusted for application / use case requirements
Desktop Optimizations:
• Follow the steps documented in VMware’s
Windows 7 Optimization Guide:
http://www.vmware.com/files/pdf/VMware-
View-OptimizationGuideWindows7-EN.pdf
• Replaced legacy Anti-Virus (running scans
in-guest) with fully offloaded AV solution
(Trend Micro Deep Security)
Desktops
VDI DESIGN
sheridancollege.ca
LiquidWare Labs Profile Unity (replacing Microsoft Windows Roaming
Profiles)
http://www.liquidwarelabs.com/products/profileunity
Migrated a number of configuration items from Group Policy to Profile
Unity to simplify deployment
Provides the capability to stream ThinApp/App-V packages based on
user / group entitlements (View can do only desktop entitlements)
– e.g. can share and re-use larger pools
User Profiles
VDI DESIGN
sheridancollege.ca
1. Scope Definition (use cases) and consultation
2. Product Selection (RFP for platform and partner)
3. Assessment of existing machines
4. Server, Storage, Load Balancing, Terminal RFPs
5. Infrastructure Design
6. Build QA environment and infrastructure / user acceptance testing
7. Build Production environment
8. Phased deployment
1. Controlled pilot group in each campus
2. Staged rollout over 2 weeks
3. Conversion of previous POC
Project Stages
VDI DEPLOYMENT
sheridancollege.ca
Dell Wyse P25 Zero Clients w/ Dell E-Series Displays
Teradici PCoIP Management Console
• Plug and Play - use SRV records, defined subnet ranges and
configuration profiles to automatically set up ZCs when they are
patched into the network
Did not have success with Wyse Device Manager (WDM)
Wyse Zero Clients
VDI DEPLOYMENT
sheridancollege.ca
• vCenter Operations Manager for View
• Shift of some support tasks from field operations teams to
infrastructure team
• Significant optimizations in deployment and support of hardware
w/Zero Clients
• Still some gaps in base knowledge of how VDI works and behaves
across Information Technology that need to be addressed
• Overall though there have been very few support tickets that have
been escalated to Tier 3 since rollout
Summary of Support Takeaways
VDI SUPPORT
sheridancollege.ca
• Ahead of the curve on the complexity of the multi-site Load
Balancing configuration – project slowed down as we worked
through adjustments to Deployment Guide and code with F5
• Failed to fully anticipate slowdowns due to procurement, legal and
contract negotiations
• Needed to manage project expectations to balance with controlled
rollout (‘VDI will fix everything’)
• Longer lifecycle and lower cost of Zero Clients complicates fit
within Sheridan’s operational leasing processes
Key Lessons Learned
VDI AT SHERIDAN
sheridancollege.ca
• Expansion in all identified use cases and evaluation of additional use cases
• Infrastructure upgrades:
• VMware Horizon View 5.3
• VMware Horizon View 6 (Beta Program)
• Scale out server infrastructure to support additional desktops
• Futures
• Converged infrastructure to reduce TCO (e.g. UCS + VMware VSAN) after expansion beyond existing capacity (1,500 concurrent VMs)
• Introduction of application remoting capabilities
• Introduction of HTML5 (‘Blast’) access and offline mode
Next Steps
VDI AT SHERIDAN
sheridancollege.ca
Thank You
Follow ups? Please contact me at:
(905) 845-9430 x2556
or, visit Sheridan’s VDI project page at: https://it.sheridancollege.ca/projects/vdi.html
(this page will also contain links to various case studies with our vendor partners once published)
