Demystifying VMware Mirage:
Tips and Tricks for Success
Simon Long, VMware
Justin Venezia, VMware
EUC4815
#EUC4815
2
Agenda
 Horizon Mirage – A Quick Overview
 Tips & Tricks For Success
 High-Level Architecture Examples
 Q & A
3
Horizon Mirage – A Quick Overview
6
Typical Use Cases
 Automated Windows OS Migration
& Deployment
 System Recovery (BC/DR)
 Hardware Migration & Refresh...
7
Mirage server
• Images are stored and manipulated in
datacenter
• Unlike VDI, images do not run in datacenter
• Images a...
8
Layered, Single Image Management
Horizon Mirage Layers
 Layers are stored in the data center
 Mirage performs granular...
9
Bringing it all Together: Single Image Management
Single
Base Layer
Windows 7
Antivirus
Common Apps
Dell Drivers
HP Driv...
10
Horizon Mirage Components
Horizon Mirage
Client
 Four Megabyte MSI deployed to all clients
 Mirage-related endpoint o...
11
Data center
Mirage server
cluster
Load
balancer
Internet
Typical Horizon Mirage Deployment
NAS
volumes
Mirage
consoleMo...
12
Tips and Tricks For Success
13
Endpoint Assessment
 Know Thy Endpoint!
• If you don’t understand what’s on the
desktop, you won’t know what or how
mu...
14
Endpoint Assessment (cont.)
 Application Rationalization
• Installed Applications
• Are those apps READY for Windows 7...
15
Application Integration
 Mirage does not differentiate how applications are
installed
• It’s WHERE they are installed ...
16
Application Layers
 Application Isolation
• Not part of Mirage Application Layers unless used with ThinApp
• Appear an...
17
Base Layer Considerations
 Keep the amount of Base Layers to a minimum
• Prevent image sprawl - keep image as generic ...
18
Base Layer Conflicts
 Base Layers can potentially conflict with software
installed on Endpoints.
• Older version of ap...
19
Upload Policies
 Upload Policy “Areas”
• Protected Area – Files and folders on
a device that are centralized in the
da...
20
Upload Policies
 Upload Policies impact
centralization & synchronization
 Don’t back up what you don’t
need!
 Do you...
21
Steady State Synchronization – The Balancing Act
 Getting the right synchronization interval is key
 Network speed (L...
22
Branch Reflector
 Branch Reflectors are your FRIEND
• Use it on the LAN & WAN
• Make sure your AD Sites & Services are...
23
Networking
 Know Thy Network!
• Map it out – know bandwidth capacity and utilization of the network
• Wi-Fi Considerat...
24
Networking (cont.)
 Don’t forget the network path to the
storage
• Separation of client & storage network traffic, if
...
25
Storage
 Sizing your storage is massively important
• Conduct a PoC/Pilot to help with storage sizing estimates (IOPS,...
26
Storage (cont.)
 Single vs. Multiple CIFS shares
• Better data de-duplication seen when more CVD’s are on a share
• Re...
27
Security
 Full Disk Encryption
• Enable Full Disk Encryption (FDE) that modify hard drives
after Mirage integration
• ...
28
Security (Cont.)
 Single Instance Store (SiS) Security
• Files stored on Mirage SiS cannot be executed
• Use NTFS, Sha...
29
Operations & Administration
 Delegated Administration
• Delegate based on risk, job responsibility and best suited IT ...
30
Backup & Recovery
 Don’t forget the Mirage Database
 Lots and lots of files and folders
means longer backup windows
•...
31
Availability & Resiliency
 Use multiple Mirage servers in
a clustered configuration (N+1)
 Use a Load-Balancing solut...
32
Sizing Considerations
 Network
• “You can’t drive a Buick through the
eye of a needle.”
• Bandwidth Speed & Overall Ci...
33
Sizing Considerations (cont.)
 Upload Policies
• More Data = More Resources (Storage, Network) = More Time to complete...
34
Sizing Considerations (cont.)
 Gather REAL WORLD data through effective testing & validation
• Environment uniqueness ...
35
High-Level Architecture Examples
36
High Level Architecture Example #1
37
High Level Architecture Example #2
39
Questions
THANK YOU
Demystifying VMware Mirage:
Tips and Tricks for Success
Simon Long, VMware
Justin Venezia, VMware
EUC4815
#EUC4815
VMworld 2013: Demystifying VMware Mirage: Tips and Tricks for Success
Upcoming SlideShare
Loading in …5
×

VMworld 2013: Demystifying VMware Mirage: Tips and Tricks for Success

1,840 views

Published on

VMworld 2013

Simon Long, VMware
Justin Venezia, VMware

Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,840
On SlideShare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
Downloads
40
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

VMworld 2013: Demystifying VMware Mirage: Tips and Tricks for Success

  1. 1. Demystifying VMware Mirage: Tips and Tricks for Success Simon Long, VMware Justin Venezia, VMware EUC4815 #EUC4815
  2. 2. 2 Agenda  Horizon Mirage – A Quick Overview  Tips & Tricks For Success  High-Level Architecture Examples  Q & A
  3. 3. 3 Horizon Mirage – A Quick Overview
  4. 4. 6 Typical Use Cases  Automated Windows OS Migration & Deployment  System Recovery (BC/DR)  Hardware Migration & Refresh  Simplified Image Management  BYOD (With Fusion Pro & VMware Workstation)
  5. 5. 7 Mirage server • Images are stored and manipulated in datacenter • Unlike VDI, images do not run in datacenter • Images are automatically synchronized with endpoints • Logical layering of images increases granularity Centralized images Data Transfer optimized • Stores data only once • Transfers only what is not present on destination • All transfers are compressed Base layer Desktops or laptops with Mirage client • Endpoints always run local copy of Windows • Does not require hypervisor or format • Local drivers are leveraged • Changes from Mirage are merged directly into Windows End users Mirage Architecture – Manage Centrally, Execute Locally!
  6. 6. 8 Layered, Single Image Management Horizon Mirage Layers  Layers are stored in the data center  Mirage performs granular operations on Mirage-managed endpoints  Orange layers continuously backed up from endpoints  Green layers managed by IT End User PC Machine Identity Layer (identity, customizations) User Personalization Layer (user data, installed apps & profile) Base Layer (OS, infra SW, core apps) Driver Library Mirage Application layers
  7. 7. 9 Bringing it all Together: Single Image Management Single Base Layer Windows 7 Antivirus Common Apps Dell Drivers HP Drivers VMware Drivers Finance Apps HR Apps IT Apps Up to 20,000 Endpoints
  8. 8. 10 Horizon Mirage Components Horizon Mirage Client  Four Megabyte MSI deployed to all clients  Mirage-related endpoint operations & File/Folder Recovery Horizon Mirage Servers  Mirage Management Server (interfaces with DB)  Mirage Server (controls all operations and objects) File Portal And Web Management  Optional feature(s) used for Web Administration & File/Folder Recovery  Must be on a server that is on the domain  Can co-reside on the Mirage Server itself Branch Reflector  “In-branch” device that can service base layers & updates, drivers, and migration functionality, eliminating WAN traffic for certain Mirage operations  No additional setup/install required; simply designate an existing endpoint as a Branch Reflector Management Console  MMC Admin Console to connect to Mirage Management server
  9. 9. 11 Data center Mirage server cluster Load balancer Internet Typical Horizon Mirage Deployment NAS volumes Mirage consoleMobile VPN Mirage Clients
  10. 10. 12 Tips and Tricks For Success
  11. 11. 13 Endpoint Assessment  Know Thy Endpoint! • If you don’t understand what’s on the desktop, you won’t know what or how much data you will be managing  Good data drives good Mirage design decisions  Tools & Techniques • Lakeside/Liquidware Labs • SCCM or other Desktop Inventory Tools • Mirage PoC (Sample of Desktops)  Hardware, Networking & Security • Speed of Hardware • Connectivity (LAN/WAN/VPN) • Disk Encryption & Endpoint Protection
  12. 12. 14 Endpoint Assessment (cont.)  Application Rationalization • Installed Applications • Are those apps READY for Windows 7?  User Data & Behavior • Personal vs. Corporate Data • Movies, Pictures, Music • The “Gypsy User”
  13. 13. 15 Application Integration  Mirage does not differentiate how applications are installed • It’s WHERE they are installed that’s important  Place applications in the Base Layers when it makes sense • Globally-used applications • System-level software (AV, VPN, etc.)  Continue leveraging the application delivery & integration strategy that works best for you • SCCM, Active Directory, Tivoli • Mirage Application Layers • ThinApp & App-V • User Installed Applications
  14. 14. 16 Application Layers  Application Isolation • Not part of Mirage Application Layers unless used with ThinApp • Appear and function as if natively installed  Application Conflicts • Application conflicts can exist, even using Horizon Mirage Application Layers  Application Packaging • Use a Virtual Machine for Application Layer Reference CVD • Restore VM to original state using VMware Snapshot before capturing another application • Application Packages are specific to OS version & type • Start with a clean capture machine
  15. 15. 17 Base Layer Considerations  Keep the amount of Base Layers to a minimum • Prevent image sprawl - keep image as generic as possible • The larger the image, the more data you will send across the wire  When creating Driver Libraries, download the drivers from the hardware vendor  Base Layer Applications • Include system-level software & globally-used applications  Full Disk Encryption • Exclude from the base layer image
  16. 16. 18 Base Layer Conflicts  Base Layers can potentially conflict with software installed on Endpoints. • Older version of application in Base Layer conflict with updated application in Base Layer • Windows updates in Base Layer conflict with Endpoint application requirements • Newer updates on Endpoint conflict with versions in Base Layer  Handling Conflicts 1. Test before deployment 2. Layer Dry-Run Reports 3. Base Layer Rules 4. Base Layer Override Policies
  17. 17. 19 Upload Policies  Upload Policy “Areas” • Protected Area – Files and folders on a device that are centralized in the datacenter • Unprotected Area – Files and folders that will NOT be centralized • User Area – Protected files and folders that belong solely to the endpoint user  Applications or data placed into the user profile are captured in the user area  Applications or data placed anywhere else are captured in the Protected Area.
  18. 18. 20 Upload Policies  Upload Policies impact centralization & synchronization  Don’t back up what you don’t need!  Do you NEED to back up the endpoints for OS migrations? • Accelerates migration timeline & reduces storage needs for Mirage • No roll-back of Windows XP or Windows 7 Endpoint during OS Migration  Large Files • To back them up or not?
  19. 19. 21 Steady State Synchronization – The Balancing Act  Getting the right synchronization interval is key  Network speed (LAN/WAN/VPN) • Type of connection & available bandwidth  Amount of changed data on endpoint • Data de-duplication – does it already exists (i.e. Patch Tuesday)? • Upload policies – do I need to backup all changed data? • How long does an incremental upload take?  Storage performance & capacity • IOPS • Available disk space  Endpoint availability • Stationary vs. mobile/laptop users
  20. 20. 22 Branch Reflector  Branch Reflectors are your FRIEND • Use it on the LAN & WAN • Make sure your AD Sites & Services are configured properly • Only supports “Downstream” operations ONLY  Use desktop PC that is not assigned to a user & has ample compute/storage resources  Powered on 24/7 to support Mirage operations  Avoid using laptops, if possible • Taken home or moved between offices • If laptops are the Branch Reflector available • Use cabled connection & no power management • Ensure ample compute/storage
  21. 21. 23 Networking  Know Thy Network! • Map it out – know bandwidth capacity and utilization of the network • Wi-Fi Considerations  Mirage Network Necessities • Quality and Class of Service/Priority Queuing/Traffic Shaping critical • Network maps and performance statistics • Understand the Mirage network usage patterns from a PoC/Pilot  What should I expect on the network with Mirage? • LAN vs. WAN centralization/synchronization • Amount of data centralized/synchronized – more data, more bandwidth
  22. 22. 24 Networking (cont.)  Don’t forget the network path to the storage • Separation of client & storage network traffic, if at all possible • End-to-end networking (Mirage NIC out, the path, and the File Server NIC in)  Include “Downstream” Operations in planning • Base Layer/App Layers, etc.  If the network path to storage or networking is oversubscribed, Mirage will “throttle” the server. • It’s a safety net, not an design principle
  23. 23. 25 Storage  Sizing your storage is massively important • Conduct a PoC/Pilot to help with storage sizing estimates (IOPS, Capacity) • Pilot multiple use cases and variations of desktops, not just one • The IOPS requirements will depend on multiple factors • Amount of concurrent centralizations & downstream operations • Network bandwidth • User connectivity (on and off the network) • User productivity (how often the machine is in use) • Snapshot policy  Local vs. Shared Storage • Shared storage is recommended (required for Mirage Clustering/Single Instance) • Local storage in a Mirage Cluster – it may work at first, but it will break  Place Mirage Cache on Flash/SSD where possible
  24. 24. 26 Storage (cont.)  Single vs. Multiple CIFS shares • Better data de-duplication seen when more CVD’s are on a share • Recovery and other Single Instance Store maintenance operations can be significantly extended when using a single CIFS share • Shares with more CVDs become extremely large in size • Balance number of CIFS based on the needs and requirements of your organization  Driver libraries are stored on the default Mirage SiS • If you delete this store, your drivers are gone
  25. 25. 27 Security  Full Disk Encryption • Enable Full Disk Encryption (FDE) that modify hard drives after Mirage integration • Decrypt FDE before any operation that modified MBR • Data files are NOT stored in an encrypted format on the Mirage Single Instance Store (SiS) when using FDE  Microsoft Bitlocker & Sophos FDE are Supported • Bitlocker - upstream/downstream operations function properly • Sophos - disk encryption supported for OS Migration  Microsoft Encrypted File System (EFS) • Encrypted files uploaded with EFS are restored with EFS  Centralization over the Internet not supported • Must use VPN connection
  26. 26. 28 Security (Cont.)  Single Instance Store (SiS) Security • Files stored on Mirage SiS cannot be executed • Use NTFS, Share & ACL Permissions to secure Mirage SiS access • Limit data on share to ONLY Mirage-related data  SSL • Encrypts Mirage network traffic over TCP 8000 – Use it! • All or nothing • Use it for the Web & File Portals  Anti-Virus • It WILL affect Mirage Performance and Operations • Exclude Mirage Cache & Wanova.Server.Service.exe process • NAS and CIFS/SMB Filer Anti-Virus implementations are typically independent of scanning on Mirage Server
  27. 27. 29 Operations & Administration  Delegated Administration • Delegate based on risk, job responsibility and best suited IT group to support Mirage • Roles are Active Directory-integrated – use AD groups  Operational Procedures • Run books for OS and hardware migrations, desktop backup/recovery, archiving & other Mirage operations • Run books for Help Desk - common support issues • Endpoint Centralization – Automatic vs. IT-initiated  User Self Service – File/Folder Recovery • Provide simple procedures for file/folder recovery
  28. 28. 30 Backup & Recovery  Don’t forget the Mirage Database  Lots and lots of files and folders means longer backup windows • Restoring Mirage components will also take awhile  Integrate Mirage into corporate DR strategy • Conduct simulated Mirage recovery & document recovery procedures
  29. 29. 31 Availability & Resiliency  Use multiple Mirage servers in a clustered configuration (N+1)  Use a Load-Balancing solution to distribute load across all Mirage Servers in a cluster  Consider a dedicated/clustered MS SQL Database
  30. 30. 32 Sizing Considerations  Network • “You can’t drive a Buick through the eye of a needle.” • Bandwidth Speed & Overall Circuit Utilization are critical • Quality of Service/Class of Service or Priority Queuing • LAN-speed considerations  Storage • IOPS, Connection Speed/Capacity to Storage • Amount of Data • Single vs. Multiple CIFS Shares
  31. 31. 33 Sizing Considerations (cont.)  Upload Policies • More Data = More Resources (Storage, Network) = More Time to complete a Mirage task  Differential Data • Data change impacts how much data can be uploaded in a given time period  Endpoint Availability and Connectivity • Laptops or Mobile Users - On/Off Network • Remote Users (VPN)  Consider the volume & frequency of centralization, steady state & base layer operations  Centralized vs. Distributed Architecture
  32. 32. 34 Sizing Considerations (cont.)  Gather REAL WORLD data through effective testing & validation • Environment uniqueness impacts the design • Real-world sampling/assessment & planning is critical to sizing  Physical vs. Virtual Mirage Servers  General guidelines • Appropriately size the environment based on real world data (PoC/Pilot) implementation • Don’t size for 100% utilization – size for target of 80%  Don’t ignore the dependent infrastructure (i.e. storage & networking)
  33. 33. 35 High-Level Architecture Examples
  34. 34. 36 High Level Architecture Example #1
  35. 35. 37 High Level Architecture Example #2
  36. 36. 39 Questions
  37. 37. THANK YOU
  38. 38. Demystifying VMware Mirage: Tips and Tricks for Success Simon Long, VMware Justin Venezia, VMware EUC4815 #EUC4815

×