The pros and cons of a virtual desktop infrastructure
Desktops off the Rack
At first glance, the benefits of a virtual desktop infrastructure (VDI) seem clear. If you provide virtual desktops, you can centralize almost all of your management tasks on the virtualization server in the data center. That alone offers many advantages. For example, updates lose their terror; after all, you only need to update a few images instead of hundreds of clients.
Conventional software distribution and remote desktop administration are no longer issues. Version incompatibilities and conflicts can be solved at a single point of administration. The processes for providing desktops can be automated to a much greater extent, and backing up user data is much easier because data is stored centrally from the outset.
Virtualization also offers security advantages because you can avoid a dangerous jungle of individually misconfigured operating systems or applications. Hardly anything is stored locally, and the risk of infection is thus zero. Virus scanners or firewalls are not needed on the clients.
You can also dispense with expensive, fully equipped PCs and use inexpensive thin clients that mainly rely on server resources, which in turn achieves more effective utilization. Thin clients also decouple the hardware and software life cycles; never again will new applications force you to buy new desktop computers because the performance of the older generation is no longer sufficient. The thin client, which focuses on input and rendering, is freed from computational tasks and can keep pace over time.
Additionally, thin clients remove some of the administrative load: After a hardware failure, the user simply takes the reserve unit out of the cabinet, plugs it in, and carries on – the admin does not need to be there looking for mistakes and does not need to unscrew the case, restore data from a backup, or reinstall locally. Also, the mean time between failure (MTBF) of a thin client is higher than that of a PC, not least because it has no failure-prone mechanical parts, such as hard drives or fans, which effectively increases availability.
Thin clients also protect the environment because they consume much less power than PCs. Additionally, they can be manufactured in a way that saves energy and materials, and they are easier to transport. According to a study by the Fraunhofer Institute for Environmental, Safety and Energy Technology (UMSICHT) the CO2 footprint of a thin client is 41 percent smaller than that of a PC [1].
The Vendors
The leader in the VDI sector by far is now VMware View (41 percent). Following on its heels is Citrix XenDesktop (26 percent), which is technically on par. However, XenDesktop has the advantage of being able to work with different hypervisors, whereas VMware View is bound to the in-house ESXi server. Microsoft takes a smaller piece of the pie (15 percent [2]) with its Microsoft VDI suite. A remote desktop code-named Mohoro is rumored to being added to the Windows Azure cloud solution no sooner than 2014. A number of small suppliers also take marginal market shares, including vWorkspace [3] and Pano Logic [4].
What VDI Means
When you consider all the benefits, you might expect virtual desktops to be used in environments at least a few dozen clients. The reality is rather different. The thin client breakthrough has been announced several times under different headings and has never really happened. A survey by DataCore of nearly 500 IT professionals around the world showed that more than half do not virtualize any desktops and only 10 percent run more than a quarter of desktops as virtual machines.
This is true for several reasons. For example, virtual desktops have non-negligible drawbacks, and other alternatives can provide almost the same benefits. When discussing the pros and cons, the terminology can get a little confusing; thus, it's worthwhile to distinguish carefully what is at stake. As the name suggests, desktop virtualization virtualizes something, and that always means that resources are not accessed directly (dedicated) but through an abstraction layer. What lies beneath this abstraction layer – the physical world – is hidden from the virtualization user.
If you consider the classic setup of a computer with the three major components (i.e., hardware, operating system, and applications), then the abstraction layer can reside in one of two places (Figure 1). On one hand, it can sit above the operating system, which is what a terminal server, a VDI alternative, does. Here, all users share the services of a server operating system and its applications. On the other hand, the layer can be implemented on top of the Instruction Set Architecture (ISA), that is, the interface that describes the hardware properties to the programmer (CPU instruction set, registers, etc.). In this case, the operating system runs in a virtual machine for each user. This method is used in desktop virtualization, which is significantly different economically from the terminal server. In this case, each virtual machine generally requires a license for each application.
Virtual machines exist in server virtualization or as virtualization solutions for the desktop, such as VirtualBox. What is special about desktop virtualization? A connection broker is typically installed downstream of the virtual machine to handle authentication, rights management, and load balancing and to provide the connection between the (thin) client and virtualization host. This broker provides the virtual machine to the user.
VMware calls this component the Connection Server; the corresponding component in Citrix is the Desktop Delivery Controller. The desktops can be either individually unique or based on a number of templates. Another difference is the extent to which the user is allowed to customize the desktop. Giving each user their own virtual machine potentially permits a higher degree of customization and, at the same time, also provides better encapsulation over virtual neighbors than a terminal session.
Other components are typically needed. In the case of VMware View, for example, the client must provide the connection protocol between the client and the server; a VMware View Agent running on the guest operating system (Windows) handles this. Here, as with Citrix, user management relies on Active Directory being in place. Finally, a database is used in both cases.
Alternatives
Numerous alternatives to desktop virtualization are available, and the boundaries are pretty much seamless. For example, instead of virtualizing desktops on an entire virtual machine, you can virtualize applications, as the classical terminal server does. The application then runs on the server, and the desktop client handles the presentation.
You can also stream the entire desktop or individual applications to the client and execute them there. Such solutions sometimes use mechanisms that cache the stream locally so that, for example, you can continue working in mobile applications without a server connection. Changes made in the connectionless period are then synchronized back to the server later.
At the end of the day, nothing actually needs to be virtualized; instead, you can run the desktop on centralized physical hardware (e.g., a blade server). Again, a thin client is fine as a workplace. Finally, the simplest alternative comprises managed PCs that are provisioned with an operating system and applications by a software distribution tool. Both run locally on the client.
All of these alternatives benefit from centralization, as already described, and some can also exploit the advantages of thin clients (see the box "Central Administration Is the Greatest Advantage"). However, some of these alternatives share the same drawbacks as desktop virtualization.
Central Administration Is the Greatest Advantage
A major user of VMware View is DER Deutsches Reisebüro GmbH & Co. OHG. ADMIN magazine spoke to Sascha Karbginski, team leader for IT Operations/Support.
ADMIN: Numerous benefits of desktop virtualization are obvious: Where do you get the biggest profit, and were your expectations met here?
Sascha Karbginski: We provide 2,000 desktop workstations to our employees in 560 branches. The biggest gain for us was therefore quite clearly centralized management and control of the desktop, which was made possible through desktop virtualization.
For example, because of a changed system requirement almost two years ago, we needed to increase the amount of RAM per desktop. Thanks to virtualization, we handled this in one day from a central location. Compared with a traditional desktop infrastructure, this not only saved us the cost of deploying engineers, but the job was also completed within a single day without any downtime for the users.
ADMIN: What do you still have on your wish list? What future software development takes highest priority for you?
SK: We started to use VMware View 4.0 in 2010. Since then, VMware has met many of our wishes, and the product has noticeably improved with each new version. I would have found it much easier to answer this question even two years ago.
ADMIN: Was it difficult to convince your users to give up their own physical, full-fledged PCs? If there were reservations, how were you able to overcome them?
SK: During our pilot phase, we clearly perceived the scenario you referred to. From the user perspective, a smaller unit could never offer more power. In response to this situation, we divided the roll-out into two phases. In the first phase, we installed the View soft client in combination with stock hardware. This had the great advantage that we could implement this step completely from headquarters and after hours. The next morning, the users were then very impressed by the performance. Three weeks later, in phase 2 we replaced the old hardware with Wyse P20 Zero Clients. If users are used to working in a domain, and access to optical drives or removable media is prohibited, there no noticeable difference between zero clients in combination with the PCoIP protocol and physical PCs for the user.
ADMIN: What changes has desktop virtualization meant to your IT organization?
SK: We have managed to shift almost all IT topics from the point-of-sale to centralized IT. Users do not need to worry about any software updates and desktop restarts. Also, we can ensure that no data is stored locally in the stores but is protected centrally at the data center instead. Our recovery times have dropped from almost a day of lost time in the event of a defective disk to less than an hour. All told, this also means that we have now taken on more responsibilities in centralized IT and that the infrastructure has become more complex.
ADMIN: Different providers offer solutions for desktop virtualization. What made you decide to use a VMware product?
SK: The sales talks that our employees hold in the stores often involve showing small hotel/destination movies and photos. These little movies are usually based on Flash and need to run as smoothly as possible, of course, and, above all, in full color. At that time, VMware clearly had the lead in terms of performance with its upcoming implementation of the PCoIP protocol. The decision was underpinned by its leading position and our good experience in server virtualization.