VMUG - GHA Case Study

Windows Infrastructure
Glasgow Housing Association
VDI Case Study
Iain Balmer, June 2011
Who are GHA?
IT Environment
Windows Infrastructure
Year Zero Server Estate
• Approximately 40 Virtual Servers, 116 Physical Servers, running Windows NT4.0, 2000, 2003 and
2008R2. We also had a pair of Novell Servers deployed....
Backups – Full Backups direct to tape every night, Backup window of 13 hours.
Patching/Firmware – Was sporadic, no centralised management
Security – AV, Internet access, USB device proliferation
Active Directory – 2 Domain Controllers, Prone to BSoD, Corruption occurred frequently
Software Licensing – No Inventory Tool, no up to date Asset Management database
Messaging – 2 old Exchange 2003 Servers serving 3000 Mailboxes, no governance of Email.
No specific Server standards during deployment
Developers were using VMware Server for building Dev & Test boxes, which soon migrated in
Pseudo-Production Servers. PC’s with Labels saying “Do not switch off....”
Windows Infrastructure
Year Zero Desktop Estate
• Approximately 2500 Desktops, running Windows XP, and Windows 2000 Professional
• 400 Desktops less than 3 years old, Approximately 32 different models of PC’s, and 16 Builds of
Desktop OS
No standard application delivery model. (SCCM, GPO, Scripts, Manual)
70% Desktops allow Domain Users to be Local Administrators
Machines can take 20-30 minutes from power on to ready state – extra coffee break for staff!
Service Desk staff constantly doing PC builds, an estimated cost of £7000 per week.
Each site visit to deploy software costs £340. (not including Taxi’s.....)
GHA staff are unable to move office without IT involvement, this causes delay and a lack of
business flexibility
• After an analysis of Service Desk calls, software and support costs, it was calculated that each
Desktop was costing GHA £760 per year, to support.
Windows Infrastructure
Server Platform - Issues addressed
In Summary deployment of technology to standardise and consolidate the infrastructure currently in place.
vSphere 4.x, Symantec NetBackup, Trend Deep Security, NetIQ, SCCM/SCOM, F5 BIG-IP, Cisco UCS and
EMC VNX, Exchange 2010.
Default Server Platform switched to virtual on vSphere
Conversion of all but 7 Physical Servers (Domain Controllers, Backup Server and Legacy Exchange)
On last assessment we were at 95% Virtual on the Server Estate
Reduce DataCentre Racks required from 24 to 12
Active Directory Redesigned, and NetIQ DRA implemented for AD Management
Consolidated 26 Windows File Servers to 1 Windows File Server – to be migrated to NAS Appliance
Implemented Change Management process for Patching of OS on Servers & Desktops
Implemented New Backup Solution on Symantec NetBackup with Netbackup 5000 Appliances
Implemented Microsoft SCOM 2007 for Monitoring of the entire estate
Switched Anti-Virus from Symantec to Trend
Implemented Microsoft SCCM 2007 for Inventory/Asset Management, Patching and Software deployment
Deployed Blackberry Enterprise Services
Deployed new Internet Filtering solution to replace obsolete Surfcontrol
Deployed F5 BIG-IP Load Balancers to remove SPoF and provide resiliency across many applications
Implementation of Server Standards, to provide consistency.
Windows Infrastructure
Desktop Platform – Virtual Desktop
Leverage current technologies in use, specifically vSphere, to provide a platform for the Desktop estate.
Facilitate flexible working, home working and ability to move Office without IT involvement as Endpoints are now
Increase Security – Data stays in the Data Centre.
Reduce the Carbon footprint by nearly 10,000 tons or the equivalent of over 1600 cars over 3 years
Increased performance will reduce login time, and provide an additional 5 hours productivity per month.
Reduce need for Onsite rebuilds.
Solution should allow rich-multimedia services to continue to operate
A Centralised and standardised Desktop will aid in the diagnosis of issues, speeding up resolution of incidents
logged on the Service Desk, as well as allowing easier Application testing.
A Switch to Virtual makes the migration to Windows 7 an easier proposition, once User training is completed.
Windows Infrastructure
View™ XenDesktop®
3rd Party Profile Mgmt.
3rd Party App Virt.
3rd Party OS Mgmt.
3rd Party De-Dup
3rd Party I/O
Copyright © 2010 Unidesk Corporation. All Rights Reserved. www.unidesk.com
Windows Infrastructure
Unidesk – Virtual Desktop Management, was that solution.
Windows Infrastructure
VDI: More complex
than it should be?
Client Mgmt
Copyright © 2010 Unidesk Corporation. All Rights Reserved. www.unidesk.com
Windows Infrastructure
Make it SIMPLE for
Virtual Desktops
Application Management
Any application
Footprint reduction
Storage Tiering
TCP based Replication
User/Machine Personalization
Local profile utilized
ALL settings retained
Data and Apps stored separately
User installed apps supported
OS / Image
Single Image Management
Image Sharing
Version Control &
Copyright © 2010 Unidesk Corporation. All Rights Reserved. www.unidesk.com
Windows Infrastructure
Personalization: R/W
Personalisation: R/W
App Antivirus
1: Read-Only
1: Read-Only
2: Read-Only
Windows: Read-Only
Windows Infrastructure
Storage Savings WITH User Personalization
Personalization 1
Personalization 2
Personalization 3
App 1 (shared)
App 2 (shared)
Windows (shared)
CachePoint VM
Windows Infrastructure
Master CachePoint
Virtual appliance serves
GUI, maintains policy &
Virtual appliance stores
common layers
Virtual appliance
stores only the layers
need by desktops it
End Users
desktops hosted on
existing VMware
Layer Backups
Regular backups of
desktop personalization
layers for recovery
Windows Infrastructure
Compute Resources.
• A high density, easy and flexible Blade Server Solution is required.
• VDI VM’s will be 1vCPU, and 1.5GB RAM
• Experience tells us, Windows XP RAM can be overcommitted by 40%. Windows 7 less so at 25%
• When deploying Blades, the following is critical;
• Power distribution
• Network connectivity - simplify
• Easy of Management
• Nehalem-EX has been benchmarked at 16 VM’s per Core, we’ve aimed for 12 VM’s per Core
• Long-term support
Solution deployed, Cisco UCS
• 16x B230 Blades with Intel Nehalem-EX X7560, Each with 256GB RAM (32 x 8GB DIMMS)
• DR solution provided by 7x B230 (same spec) – to provide basic Desktop and Applications (email,
critical apps), for a more specific amount of users.
• Each Blade should provide CPU Resources for 256 VM’s at 100%, total of 4096 VM’s across the estate.
• With an average of 9.8 VM’s per Core, we have room to allow for maintenance of Blades / ESXi Hosts
without affecting the overall capacity of the estate.
• Each Blade should provide RAM Resources for 170 VM’s, however with the RAM over commit
expectations we should be able to expect 238 VM’s if Windows 7, 212.
In practice, this solution allows slack, and would only need to run 156 VM’s per Blade, when capable
of 256 VM’s per Blade in extreme circumstances.
Windows Infrastructure
Thin Clients / Networking Planning
The Broker of choice was VMware View, and therefore PCoIP would be utilised.
Thin Client Management of Teradici hardware based solutions, would be done via Teradici Management
Console, whether the kit was Wyse, Devon, Leadtek, Cisco or Samsung
In the end, Wyse P20 provided a hardware PCoIP solution, with a better all-round multimedia and network
performance in our specific environments.
Wyse and Teradici during the pilot provided excellent onsite support. Engage with both, and we found they
were more than happy to get involved.
Highly recommended are the Tweaks to the VM Operating System recommended by Teradici and VMware.
• https://www.vmware.com/pdf/view-46-architecture-planning.pdf
• http://myvirtualcloud.net/?page_id=1562
Windows Infrastructure
VM Software Configuration / Licensing
Windows OS configuration is critical to a responsive VDI solution. Use the VMware supplied GPO’s, with
other tweaks recommended online.
• Registry tweaks – Disable NTFS Last Access timestamps, Indexing/Windows Search
Anti-Virus is a problem for VDI Deployments.
•. Deployed Trend Deep Security Manager for
VDI Clients and also for the Server Estate
Update management of AV is now
simply 20 Appliances, not 2500
With AV Storms, its not necessarily the
Storage that collapses, but the Host, if
every VM (250!), try to aggressively access
the Disk. DSM will have an Appliance on
each host, and checks each VM in order,
not all at once.
At present, Trend DSM requires vShield
Endpoint client deployed in VM. This will
be integrated within VMTools on next
Microsoft Licensing. Not as difficult as it once was, but is still capable of tripping up.
• VDA Licensing
- Non-Microsoft Endpoints
• SA Licensing
- Microsoft Endpoints
Windows Infrastructure
It’s all about the IOPS
Storage Capacity.
Each VM would have a viewable capacity of 40GB, however, saving of local data would be restricted.
With Unidesk, only the following is required;
Total disk spaced used by VM for boot image & pagefile
Total Space used by CachePoints only (VMDK)
Total Storage Used for Personalization Backup Cache
Total Storage required for Unidesk CPs and VMs
Storage Performance
• Average Workload IOPS
Normal User: ~10 IOPS Web Apps and Office / Email Use
Power User: ~22 IOPS Database users, IT Staff, M/media teams
Heavy User: ~40 IOPS Report generating staff
• Maximum IOPS Usage
Loading IOPS = Normal (.8*10), Power (.15*22), Heavy (.05*40)
16,000 +
6,600 +
1600 Users
300 Users
100 Users
= 13.3 IOPS (Average)
= 26,600 IOPS
Solution deployed, EMC VNX 5700 (x2)
• Sub-lun movement of data allows for larger LUNs, and a more simplified allocation of Storage, and allowed a
more cost effective use of SSD and SAS drives.
• Integration with VMware and Cisco UCS, will allow for a single management platform for orchestration of
administration tasks.
• VNX also brings additional Storage to host the Server, and Messaging Estate, as well as a NAS front-end for
replacing the File Services.
Windows Infrastructure
Copyright © 2011 Unidesk Corporation. All Rights Reserved. www.unidesk.com
Windows Infrastructure
Headline Savings
A flexible environment free of location based restrictions
Solution will work without any Security concerns of moving data on USB sticks, VPN restrictions and is compatible
with many end-point devices, PC’s, Mac’s or iPads (particularly popular with Senior Management....)
Faster User provisioning – Desktop, Applications, and can be easily tailored to users. Estimated 1 hour as opposed
to 10 days for a new user and PC to be actioned.
Free up Frontline IT Staff for more proactive Service Management
Desktop CapEx for this solution are £420 per Desktop (with estimated lifespan of 5 years), estimated support costs
will be £220 per year. CapEx saving on new PC’s of £880 per PC over 3 years, with estimated OpEx savings of
£540 per year.
To deploy and manage Desktops as we were was costing over £1m per year, after this deployment, the costs are
estimated at £550,000. Over 3 years, and with the solution costs in place, that is a saving of over £1.3m
Energy Savings over 3 years, approx 13,000,000KWh, or £1.8m
It is estimated that it will take GHA only 11 months to get full ROI.......
Windows Infrastructure
Links / Questions
Documents to support design solution.
UCS Configuration
Deploying ESXi on UCS B-Series
Cisco Unified Intelligence Center
Cisco UCS Platform Emulator
EMC VNX Configuration
EMC Best Practices for vSphere
Chad Sakac – Performance Troubleshooting
Thin-Client Configuration
VMware View PCoIP Network Sizing Guide
VMware View PCoIP Zero Client Optimization Guide http://www.vmware.com/files/pdf/VMware-View-PCoIP-Zero-Client-Optimization-GuideTN-EN.pdf
VMware View Configuration
View 4.6 Architecture Planning
Thin Print GPO Configuration
Trend AV / View Configuration
VDI Anti-Virus Considerations
Windows Optimisations
XP Guide
Windows 7 Guide
Email: [email protected]
GHA Contact
Email: [email protected]

similar documents