Archive

Posts Tagged ‘Host’

True Scale Out Shared Nothing Architecture – #Compute, #Storage, #Nutanix via @josh_odgers

October 26, 2013 Leave a comment

This is yet another great blog post by Josh! Great work and keep it up! 😉

I love this statement:

I think this really highlights what VMware and players like Google, Facebook & Twitter have been saying for a long time, scaling out not up, and shared nothing architecture is the way of the future.

At VMware vForum Sydney this week I presented “Taking vSphere to the next level with converged infrastructure”.

Firstly, I wanted to thank everyone who attended the session, it was a great turnout and during the Q&A there were a ton of great questions.

I got a lot of feedback at the session and when meeting people at vForum about how the Nutanix scale out shared nothing architecture tolerates failures.

I thought I would summarize this capability as I believe its quite impressive and should put everyone’s mind at ease when moving to this kind of architecture.

So lets take a look at a 5 node Nutanix cluster, and for this example, we have one running VM. The VM has all its data locally, represented by the “A” , “B” and “C” and this data is also distributed across the Nutanix cluster to provide data protection / resiliency etc.

Nutanix5NodeCluster

So, what happens when an ESXi host failure, which results in the Nutanix Controller VM (CVM) going offline and the storage which is locally connected to the Nutanix CVM being unavailable?

Firstly, VMware HA restarts the VM onto another ESXi host in the vSphere Cluster and it runs as normal, accessing data both locally where it is available (in this case, the “A” data is local) and remotely (if required) to get data “B” and “C”.

Nutanix5nodecluster1failed

Secondly, when data which is not local (in this example “B” and “C”) is accessed via other Nutanix CVMs in the cluster, it will be “localized” onto the host where the VM resides for faster future access.

It is importaint to note, if data which is not local is not accessed by the VM, it will remain remote, as there is no benefit in relocating it and this reduces the workload on the network and cluster.

The end result is the VM restarts the same as it would using traditional storage, then the Nutanix cluster “curator” detects if any data only has one copy, and replicates the required data throughout the cluster to ensure full resiliency.

The cluster will then look like a fully functioning 4 node cluster as show below.

5NodeCluster1FailedRebuild

The process of repairing the cluster from a failure is commonly incorrectly compared to a RAID pack rebuild. With a raid rebuild, a small number of disks, say 8, are under heavy load re striping data across a hot spare or a replacement drive. During this time the performance of everything on the RAID pack is significantly impacted.

With Nutanix, the data is distributed across the entire cluster, which even with a 5 node cluster will be at least 20 SATA drives, but with all data being written to SSD then sequentially offloaded to SATA.

The impact of this process is much less than a RAID…

Continue reading here!

//Richard

Hosting #Citrix Desktops from the #Amazon Cloud – #AWS, #BYOD, #DaaS, #NetScaler

A good blog post by Ken Oestreich.

That’s right. Run your XenApp on AWS and NetScaler on AWS .

Those capabilities has been around for a while, and over time Citrix has been working to make set-up and configuration even easier.

Whether you are a large enterprise, smaller business, or even a service provider, deploying on the AWS cloud could yield you many more benefits and operational advantages than you could get than deploying XenApp on your own equipment.

Is it for me?

It could be. If you answer “yes” to any of the following, you may want to look more closely:

  • You’re Moving infrastructure to the cloud – if you wish to leverage the cloud to host infrastructure – either for convenience, cost, capital expense avoidance, availability, or other attributes.
  • You’re Cost-conscious – Amazon’s EC2 cloud often provides customers with a significant reduction in hardware, networking and/or storage costs, particularly due to the pay-as-you-go nature of EC2 capacity. This helps avoid over-provisioning, and allows for real-time matching of capacity to demand.
  • You don’t have a data center – Many customers chose to avoid building on-premesis data centers altogether while remaining staunch believers in Citrix software. These are small/medium businesses require agile – and often outsourced – infrastructure
  • You have modest administration/deployment knowledge –  Many customers prefer not to invest in the skills needed to maintain data center hardware, but insist on retaining application administration skills. Leveraging IaaS infrastructure in the cloud is the ideal approach whereby hardware configuration and maintenance is avoided.
  • You have a dynamic business that needs to quickly react to change – Businesses with significant growth curves or seasonality often over-provision infrastructure for peak use, locking-up precious fixed capital that is frequently idle.

Tools, resources, economics

The Citrix community has made available Amazon CloudFormation scripts that greatly simplify configuration, set-up and operation of large-scale XenApp instances. We also have spent hours looking at the economics of running your Citrix infrastructure on AWS. These include

We also make it easy to use products/licenses on AWS…

Continue reading here

//Richard

Simplified VDI Architecture – #Citrix, #XenDesktop

This is a great start of a blog series from Citrix!

There’s a perception that VDI is complicated.  I’m far from being a rocket scientist, and I’ve managed to implement many successful VDI projects over the past ten years.  I truly believe that VDI is one of those things that is only as complicated as you make it.

It’s like saying that driving is complicated.  You’d have to be crazy [or very brave] to take your first lesson in Manhattan…during rush hour.  That’s why your driving instructor starts you off on a quiet street.  You need to know your boundaries.  Being successful with VDI is the same – keep things simple to start with and slowly increase complexity at your own pace, when you’re ready for it.

This raises the question – what’s the quiet street equivalent of a beginner’s VDI architecture?  It might not be the most optimized and efficient solution, but it would be quick to implement, do the job well and wouldn’t require specialist knowledge or skills.  I’ve been thinking about this a lot lately, and I’d like to share my thoughts.

There’s a lot to consider, so I’m going to break this up over four different blog posts:

  1. Simplified VDI Architecture – Introduction & FlexCast
  2. Simplified VDI Architecture – Storage
  3. Simplified VDI Architecture – Provisioning
  4. Simplified VDI Architecture – Reference Architecture

Martin Zugec will be helping me out with this blog series and will be referring to his experience on actual customer projects that followed many of these recommendations.

XenDesktop or VDI in a Box?

First up, you need to make a decision on VDI in a Box or XenDesktop.  VDI in a Box is easier to setup but does have some limitations.  Check out Allen Furmanski’s excellent blog post for guidance on how to make this decision.  I’m going to concentrate on XenDesktop for this post.

FlexCast

Although each FlexCast model has its own unique advantages, each additional model included adds complexity to the overall project.  There is a great table in the Virtual Desktop Handbook (FlexCast Model Selection – Table 11) that provides guidance on the capabilities of each model.  The main thing to note is that all scenarios, apart from offline, can be accommodated using the Hosted VDI model (XenDesktop), either with or without a Personal vDisk.  It may not be the optimal selection in every instance, but it is almost always a viable solution.

There are a number of reasons why I think that XenDesktop is simpler than XenApp, including:

  1. Desktop applications are developed to run on desktop operating systems such as Windows XP or Windows 7.  There aren’t many developers that test their applications on Windows Server 2003 or 2008.  Therefore, you’re far less likely to run into application issues with XenDesktop than you are with XenApp.  Even if your applications run okay on 2008 with XenApp, you’re probably going to have issues getting support from the application vendors.
  2. Hosting applications on multi-user operating systems can introduce additional application compatibility challenges.  Users may share the same configuration files and registry hives, especially if the applications are not multi-user aware.  This means that one user may change a setting that affects all other users of that server.  There are a ton of tips and tricks to get these apps working correctly but we want to keep things simple and choosing XenDesktop helps us achieve this goal.
  3. As multiple users are hosted on the same operating system, it is important that XenApp desktops are locked down to prevent security breaches and misconfiguration that could impact all users sharing the environment. Typically, this results in an extremely controlled and restricted user experience, hindering user satisfaction and acceptance.
  4. With XenApp desktops, a single user can consume a disproportionate amount of resources, impacting the performance of other users sharing the same XenApp server.  XenDesktop, on the other hand, allows vCPU and RAM assignments to be controlled on a per-user basis.  For this reason, I strongly recommend that heavy users are hosted on XenDesktop rather than XenApp.
  5. With XenDesktop, it is possible to provide users with fully personalized desktops.  This includes the ability for users to install their own applications.
  6. Unlike XenApp, XenDesktop supports generic USB redirection:

I’m a huge fan of Remote PC, especially when you consider just how simple it is to deploy.  However, there are some things Remote PC just can’t do, including:

  • You don’t have the flexibility to quickly provision or de-provision desktops based on business demands.
  • Image management is more complicated than a virtual desktop because you can’t use MCS and PVS can be challenging with desktops outside of the data center
  • You need to have a good connection between your XenDesktop Controllers and the physical desktops.  Something not always available for WAN users.

Regardless, Remote PC is a great solution in many scenarios.  Consider deploying Remote PC at the very start of your project.  It allows you to realize immediate value while you’re designing and implementing your full VDI solution.

If XenDesktop is so much simpler why do so many projects still standardize on XenApp?  It all comes down to cost – XenApp offers significantly higher levels of scalability than XenDesktop (some sources quote 300% more users).  Let’s take a look at this in more detail.

Processor

The Virtual Desktop Handbook provides us with guidelines on processor requirements for both XenApp and XenDesktop (Processor Requirements by Workload – Table 22):

If processor is the bottleneck, we can estimate the scalability of XenApp and XenDesktop for a fairly typical server configuration (2×8 cores):

As you can see, XenApp offers between 17% (heavy user) and 28% (light user) more users than XenDesktop – but nowhere near 300%!  Let’s put this into context, if you had 1,000 concurrent normal users, you would need seven physical servers for ‘XenDesktop: Windows 7’ and six physical servers for ‘XenApp: 2008 R2’.  Is one additional server per ~1,000 users enough to justify the additional complexity of XenApp?

RAM

For RAM, the Virtual Desktop Handbook table (Memory Requirements by Workload – Table 23) shows us that ‘XenDesktop: Windows 7’ requires significantly…

Continue reading here!

//Richard

Designing a virtual desktop environment? – #XenDesktop, #Citrix

This is a good blog post by Niraj Patel.

Questions: How do you successfully design a virtual desktop solution for 1,000 users?  How about 10,000 users?  What about 50,000 users?  What are the questions you should be asking?  Most importantly, where do you start?

Answer: Hire Citrix Consulting for your next virtual desktop project!  OK, that is one right answer, but not the only way to do it.  The successful way to design a virtual desktop environment is to follow a modular approach using the 5 layers defined within the Citrix Virtual Desktop Handbook.  Breaking apart a virtual desktop project into different layers provides a modular approach that reduces risks and increase chances for your project’s success no matter how larger you’re planned deployment is.  What are the 5 layers and some examples of the decisions are defined within them?

  1. User Layer:  Recommended end-points and the required user functionality.
  2. Access Layer:  How the user will connect to their desktop hosted in the desktop layer.  Decisions for local vs. remote access, firewalls and SSL-VPN communications are addressed within this layer.
  3. Desktop Layer:  The desktop layer contains the user’s virtual desktop and is subdivided into three components; image, applications, and personalization.  Decisions related to FlexCast model, application requirements, policy, and profile design are addressed in this layer.
  4. Control Layer:  Within the control layer decisions surrounding the management and maintenance of the overall solution are addressed.  The control layer is comprised of access controllers, desktop controllers and infrastructure controllers.  Access controllers support the access layer, desktop controllers support the desktop layer, and infrastructure controllers provide the underlying support for each component within the architecture.
  5. Hardware Layer:  The hardware layer contains the physical devices required to support the entire solution, and includes servers, processors, memory and storage devices.

Want to know how to get started?  Try the Citrix Project Accelerator.  Input criteria around your business requirements, technical expertise, end user requirements, applications, etc. to get started on your architecture based on the 5 layer model.

Lastly, don’t forget to come see SYN318…

Continue reading here!

//Richard

Heads Up – issues with Access Gateway Plug-in for Mac OS X Version 2.1.4 – #Citrix, #NetScaler

Well, I guess that you’ve already read all the good things about the new capabilities of the newer Access Gateway plug-in, Receiver and Access Gateway Enterprise that together with StoreFront will add additional features and functions that haven’t existed before. It’s now built to work together with the Receiver on the Windows and Mac OS X platforms and promises a lot by various blog posts from Citrix and others (incl. myself).

Here is an example of what it can (should) do: What’s new with Access Gateway MAC Plug-in release 2.1.4

But is the Access Gateway Plug-in that great? Well, before you plan to implement version 2.1.4 on OS X and especially if you want to leverage the SSL VPN functionality and host checks (EPA) then read the Important notes and Known issues for this release:

Important Notes About This Release:

  1. The Access Gateway Plug-in for Mac OS X Version 2.1.4 supports Citrix Receiver Version 11.7
  2. Import the secure certificate for Access Gateway into the Keychain on the Mac OS X computer.
  3. The Access Gateway Plug-in for Mac OS X Version 2.1.2 and earlier versions are not supported on Mac OS X Version 10.8.
  4. Endpoint analysis scans for antivirus, personal firewalls, antispam, Internet security, and EPAFactory scans are not supported for Mac OS X.
  5. Client certificate authentication is not supported for Mac OS X.

First of all I’d say that these notes are not that great if you ask me! Why do I have to add the cert into the Mac Keychain? Why doesn’t the plug-in support the more “advanced” host checks like personal firewalls, certificates etc.?

Wait, it get even worse!! And before you go to the whole list I’d highlight these top ones that I’m kind of surprised about:

  • It doesn’t support LAN access
  • Upgrading doesn’t work
  • Doesn’t apply proxy settings configured in session profile
  • It doesn’t support SAN certificates
  • Users cannot start the Access Gateway plug-in if the Receiver is already started, you first have to shut down the Receiver

Here you see the full Known Issues list for this release:

  1. When users disable wireless on a Mac OS X computer and connect by using a 3G card, the Access Gateway Plug-in does not upgrade automatically through Citrix Receiver. If users select Check for Updates to upgrade the plug-in, the upgrade fails and users receive the error message “Updates are currently not available.” [#45881]
  2. If you run stress traffic for HTTP, HTTPS, and DNS simultaneously, the Access Gateway Plug-in fails. [#46348]
  3. When users disable wireless on a Mac OS X computer and connect by using a Vodafone Mobile Broadband Model K3570-Z HSDPA USB 3G stick, the Access Gateway plug-in does not tunnel traffic. [#256441]
  4. If you configure an endpoint analysis policy and also enable the client choices page and proxy servers in a session profile, occasionally a blank choices page appears after users log on. When you disable the choices page in the session profile, the choices page appears correctly. [#316331]
  5. If users connect to Access Gateway with the Access Gateway Plug-in for Mac OS X and then run ping with a payload of 1450 bytes, the plug-in fails to receive the ICMP reply. [#321486] Read more…

#Citrix #SmartAccess = A complete story or not? – #NetScaler #AGEE #EPA

November 29, 2012 3 comments

This little blog post is about Citrix SmartAccess. I’ve been a fan of SmartAccess for a long time, and it’s also something that Citrix has been talking a lot about in their story. The way that Citrix technology can provide applications, desktops and information to end-users on any device in a secure and controlled way.

But the purpose of this blog post is to give you my view of this story, and how true the SmartAccess story is. Remember that this is my personal view and that I’ve actually not tested all my theories below so parts of it is purely theoretical at this stage.

So a bit of background first to build my case…

Citrix has been going on about SmartAccess, and it’s been true that the Access Gateway capabilities once added to Web Interface and XenApp/XenDesktop where great in terms of adding another layer of functionality that the IT supplier could use to determine how the XenApp and XenDesktop environments where accessed, and from what type of device. The device detection/classification is done through host checks (Endpoint Analysis Scans, EPA) that the Access Gateway feature provided as a pre- or post-authentication scan. This scan then resulted that either the device met the policies or didn’t, and then this policy could be leveraged by the other internal components (XenApp/XenDesktop) to control/manage which apps, desktops and functionality (virtual channels like printing, drive mapping etc.) that the end-user should get for that specific session.

And this was/is working well for certain scenarios from a technical point of view. But is it really working for the whole story that Citrix and the whole IT-industry is driving now with BYOD etc.? Think about the message that is being pushed out there today, use any device, we can control and deliver according to security policies, we can provide access from anywhere, etc…

And this is where it becomes interesting. All of a sudden then you as an architect are to take this vision that your CIO or IT-board has and realise it into manageable IT services that combined deliver a fully fledged IT delivery of Windows, Internal Web, SaaS, Mobile and Data for this great set of use cases and scenarios. Wow… you’ve got yourself a challenge mate!

This text is from the Citrix homepage about SmartAccess;

SmartAccess allows you to control access to published applications and desktops on a server through the use of Access Gateway session policies. This permits the use of preauthentication and post-authentication checks as a condition for access to published resources, along with other factors. These include anything you can control with a XenApp or XenDesktop policy, such as printer bandwidth limits, client drive mapping, client clipboard, client audio, and client printer mapping. Any XenApp or XenDesktop policy can be applied based on whether or not users pass an Access Gateway check.

So let’s start of then with going back to the SmartAccess which is the topic of this blog!

Read more…

%d bloggers like this: