Upload
hollye
View
59
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Sustainability via Desktop Virtualization . Trials and Tribulations with VMWare , SunRay and the Sun 7000 Series Storage. Inspiration. Virtual Computing Lab Old Lab space now Offices Desktop Replacement Graduate Students target audience Slow machines (4-5 years old) Not for everyone - PowerPoint PPT Presentation
Citation preview
SUSTAINABILITY VIA DESKTOP VIRTUALIZATION Trials and Tribulations with VMWare, SunRay and the Sun 7000 Series Storage
INSPIRATION Virtual Computing Lab
Old Lab space now Offices Desktop Replacement
Graduate Students target audience Slow machines (4-5 years old)
Not for everyone Adequate for most ‘everyday’ tasks
LAYERS Storage Layer
Sun 7000 series SAN Network Layer
1 Gbit Switches (10 Gb uplinks) Virtualization Layer
VMware View 4.0 VMware View Manager 4.0
SunRay Layer SunRay 5 (well really 4.2)
SUSTAINABILITY Footprint
Electronic Waste 50 Desktops vs Servers
Power Footprint (sample size 50) 50x Sunray + 2x Server + SAN = (50x3.9w1) +
(2x380w2) + (1x500w3) ~ 1455w 50x Desktop = 50x(128w – 260w4) ~ 6400w – 13000w
LifeSpan Server LifeSpan vs Desktop SunRay LifeSpan (4x a regular computer *according to
Oracle) Management
Easier Upgrade Path handful of servers vs many desktops
Imaging physical machines vs virtualhttp://www.oracle.com/us/technologies/virtualization/061984.html 1
http://solutions.dell.com/DellStarOnline/DCCP.aspx 2
http://www.sun.com/calc/storage/disk_systems/unified_storage/7310/ 3
http://www.dell.com/downloads/global/corporate/environ/comply/precn_t3500.pdf4
SUSTAINABILITY Software Cost
VMware View 4.0 10 pack license: $1100 3 yr support (free upgrades) per 10 pack: $800 $190/desktop or $63/year
STORAGE LAYER Sun 7000 Series
ISCSI, NFS, CIFS, FC, IB Deduplication
Extraordinary capacity savings in this application Replication
Replicate Important VM’s to a 7110 Snapshots (instant) Flash acceleration Analytics All baked in (no additional licensing costs)
ISCSI vs FC vs IB… We opted for ISCSI because of the pricepoint
2x Dell 6248 with 10GB uplinks - $2000/each Comparable FC Switch: $4000/ea + HBAs Comparable IB Switch: $6000/ea + HBAs
STORAGE LAYER Concept of Clustering
2 Heads connected together via proprietary ‘heartbeat’ cards
Concept of an “owner” of a resource. Failover/Failback ½ the resources on each node in a passive state
30 Simultaneous VM’s in use (Matlab) ~35% Memory Usage 10-25% CPU Usage (spiking up and down) Peak burst of ~300 MB/sec on the SAN (12
spindles) Average IOP latency ~70ms 125GB Hard Disk Space used
STORAGE LAYER Analytics
STORAGE LAYER Analytics:
ARC cache hits – 90%+ Latency becomes an issue under heavy load –
99% of ops below 125ms
Scaling Single head, 1 shelf keeping up with 50 vms in
our environment. 2nd CPU, Ram (cache) additional disk shelves (up to 5.5 more) up to 6x ‘Read Zillas’ per head (100GB read cache
each Utilize 2nd head (active/active) on both trays
NETWORK LAYER
NETWORK LAYER 10 Gbit uplinks to SAN 1 Gbit connections to ESX servers
NIC Teaming http://www.vmware.com/files/pdf/virtual_networking_co
ncepts.pdf VM networks, Data network, Management
Network
NETWORK LAYER VMWare ISCSI vs QLogic
Minimal Resource savings with QLogic QLogic boot off ISCSI QLogic dual port card
Each head on a dedicated port Multiple VMKernels (possible?)
VIRTUALIZATION LAYER VMWare View 4.0
Uses VMware VSphere 4 for Virtualization ‘Enterprise’ license equivalent
VirtualCenter Central Management of all VM’s
Cloning, Migration, Resource Management
VIRTUALIZATION LAYER VMware View Server
Manage all View Components Desktop Pools, Entitlements, Sessions,
VIRTUALIZATION LAYER VMware Composer
Pools Automated
Persistent Dedicate VM’s to each user Statically assigned when a user logs in
Non-Persistent Typical “Lab” setup ‘Deep Freeze’ equiv. – machine deleted after logout Automated Provisioning
Individual/Manual Single VM
Terminal Server Connector
VIRTUALIZATION LAYER VMware View Login outside of sunray
Web Based - https ActiveX/Java Launcher
VIRTUALIZATION LAYER Resource Management cont’d
VM Settings Customized per pool/application
Resource Pools Reserve resources Set Limits
Linked Clone Copy Built in DeDuping (VMWare side not SAN side) 32 bit OS’s ONLY Point a Pool to a VM snapshot
Entitlements Permission to access a given VM or Pool Synchronized to AD
SUNRAY LAYER SunRay Server 5.0
Core Services access to Solaris Sessions Terminal Server Connector VMware View Connector
Recommended running on Solaris vs Linux Kiosk mode
Allows a session to be run without a user actually logging in Mode used for both VMware View connector and TS connector Session initiated -> connect to service -> process login
session SSL encryption both up and down Works flawlessly from home behind NAT
Nearly identical performance to on campus Solaris acquires the session to VMware/TS and proxies to
SunRay. Session exists on Solaris
SUNRAY LAYER Management is centralized
Key Card Logins 3rd party AD software required for “card only” logins Username/Password acquires Kerberos token – bound
to card Sunray Side “Hot Desking”
Login with Key Card Pulling Key card == Auto logoff Keycard can be used to resume session at any other Sunray
SUNRAY LAYER Setup walkthrough
Install Sun/Ray Package – configure Install View Connector Connect to web GUI – https://servername:1661 Enable Kiosk mode – set to Vmware View Manager Arguments: -s <server> -d <default_domain>
Bootup Sequence SunRay Powers on SunRay obtains DHCP address (optional) Secures a VPN connection Looks for Option 49 (x-display-manager) from dhcp Looks for sunray-servers.<dhcp assigned domain> GUI Pop-Up Menu manual configure
PROBLEMS/DIFFICULTIES DHCP
VMware View VM’s not releasing DHCP addresses Blow through 100 ip’s in an hour with a class Short (1 hour) lease time now GPO shutdown script to release? Registry setting? (98/NT only?) Untested
Initial POC VMware View 3 Poor performance with ESX 3.5 software initiator and
Sun 7000 series 2-5MB/sec Increased to ~20MB/sec when we enabled write
cache on 7000 series LUNs (not the default!) Upgrade to ESX4 ISCSI initiator maxes out 1 Gbit
connection
PROBLEMS/DIFFICULTIES SunRay Incompatibilities
View connector only officially supports View 3.0 View 4 coming ‘soon’ No MMR support No Flash Acceleration No Windows 7 support (no USB or sound in win7) Demonstrate performance?
Still ‘adequate’ for most users 1-Way Audio Stream
No Skype or Teleconferencing VMware View and 64 bit Servers
Even though View 4 came out in Nov. 2009 they do not support any 64 bit version of windows Server.
Mostly works – until you create replicas
PROBLEMS/DIFFICULTIES VMware Management tools
Windows only Unix/Linux Perl Toolkit (automation?)
NETID authentication NETID users can login to system Currently cannot entitle NETID users View browses/binds to LDAP via machine account Workaround/override with VMware? One way trust with NETID Delegated OU’s?
Script adding users Currently use python to batch add users to AD Can share if interested
PROBLEMS/DIFFICULTIES Upgrading the SAN
Clustering alleviates a lot of this Single 7000 series?
QUESTIONS? Chris Henry [email protected]
import win32com,win32com.clientimport stringfrom random import choicepassword_size = 6def add_acct(location,user): ad_obj=win32com.client.GetObject(location)
ad_user=ad_obj.Create('user','cn='+user['login']) ad_user.Put('sAMAccountName',user['login']) ad_user.Put('userPrincipalName',user['login']+'@mydomain.com') ad_user.Put('DisplayName',user['first']+' '+user['last']) #fullname ad_user.Put('givenName',user['first']) ad_user.Put('sn',user['last']) ad_user.Put('description','Description of Employee') ad_user.Put('HomeDirectory',r'\\server1\homes\ '[:-1]+user['login']) #user \\server1\homes\<user> for
homedirectory ad_user.Put('HomeDrive','H:') ad_user.SetInfo();ad_user.GetInfo() ad_user.AccountDisabled=0 password = ''.join([choice(string.letters + string.digits) for i in range(password_size)]) password = password +'1aB' # append '1aB' to end of password so we're positive it meets complexity
requirements print 'user:' + user['login'] + ',password: ' + password ad_user.setpassword(password) ad_user.Put('pwdLastSet',0) #-- force reset of password ad_user.SetInfo()
def main(): user_list = open('C:\Users\username\Desktop\my_user_list.csv') for line in user_list: if line == None: break else: user_info = line.split(',') user={'first':user_info[1].strip(),'last':user_info[0].strip(),'login':user_info[2].strip()} location='LDAP://DC1.example.com/OU=myOU,DC=example,DC=com' add_acct(location,user)
if __name__ == '__main__': main()