The key parameters that are to be considered when building a multi-tenant environment are Isolation, performance sla, user customization, ease of administration, and financial cost. Citrix is providing ways to build this with multiple different models. The first is session isolation. This would involve fully shared hardware with just a user session separate. The next is server isolation,with each tenant having their own virtual servers. The next is a full network isolation. This is dedicated hardware and systems. The cost increases with each model. Within the next few months (June 30th they say) Citrix will be releasing a full fledged white paper on how to configure each of these setups.
While the full isolation would be the preferred option in most cases, it will also involve the most hardware for this cloud. Some of the components then require you to duplicate solutions, this includes a separate XenApp farm for each tenant. By building multiple farms you also lose some of the new functionality in XenApp 6 that will allow for worker groups to auto populate apps depending on OU. Parts that don’t need to be multiple would include the Access gateway and Netscaler. A Netscaler will create a virtual server that provides client less access into the tenants network. With the netscaler you could have separation with virtual VPX gateways, or for a large environment you could have unto 20,000 concurrent connections with the MPX appliance.
For monitoring the cloud environment you can use Edgesight to monitor end to end details of the environment. This is definitely an advantage since you are often unable to monitor multiple systems through a single pane of glass. Edgesight now provides for some new reports for SLA compliance and Usage reports, specifically built around solution providers.
The goal with the latest releases is to combine the multiple management tools, AD, SQL, and XenApp just to name a few. The release of the Cortex Cloud Control Panel will allow you to manage multiple consoles in one pane as well as delegate access out to either staff or even to tenants to manage their own environment.
Today Citrix released the Service Provider Automation Pack (See Jon Spallone’s details here) in conjunction with Microsoft. it includes a powershell script to automate the provisioning of desktops from Service Providers for the small to medium businesses. On the surface this looks like a great new concept, the ability to give end users in a small to medium workspace the option of purchasing desktops without needing to spend countless capital expenditures. However it appears this is rally the latest rendition of Terminal Services just done better.
This in itself is what makes the solution even more interesting. The Microsoft licensing model for virtual desktops has in the past revolved around the VDA license. The license was essentially a tax on users that wanted the Windows 7 experience without a physical desktop. A yearly cost that Microsoft added to the cost of VDI that can make the return on investment stretch into the 6 and 7 year timeframe. with the SPAP, you are using a version of Windows Server 2008 that is built to look like Win7. This would mean that a Service Provider can now use SPLA licensing and finally offer a desktop as a service with full compliance. The VDA license was never available as part of the SPLA. VMware offers View in a way that you could present desktops, and they offer vCloud Director to automate virtual machine management task, but they do not offer something to present anything other than a Windows 7 desktop in an automated method.
Releasing the SPAP with Citrix harkens back to the days of the release of Metaframe and the early relationship between Microsoft and Citrix. At the same time we get to see the argument between Citrix/Microsoft and VMware to continue to grow.
The advent of social media and the increased use of user bulletin boards, companies have come to realize that there is a significant value to be gained from having users and partners as product evangelists. Microsoft has been doing this for years with the MVP program and a few years ago VMware joined suit with the vExpert program. Citrix has also seen the benefits of these evangelist. Arriving in San Fransisco today for the Citrix Partner Summit, it is immediately evident that the Citrix community not only supports the designation of Citrix Technology Professional (CTP) but wants to see it succeed. The group gather on a semi regular basis and Citrix provides support for the program through incentives that include invitations to exclusive events, access to the product teams, and access to early release software. These are just a few of the incentives provided to a group that Citrix has entrusted not only with their name but provided backing. The largest drawback I can see with the program is the extremely limited size of the group. While a small group makes it easier to provide benefits to, it also limits the reach of the group. This past year the VMware team has said that there were over 1000 applicants for the vExpert program, clearly a number that has to be trimmed down to be able to provide the credentials as an exclusive and beneficial group. Neither group has stated how many times someone can become a CTP or vExpert, and having the same members year in and year out could result in an “old boys club” rather than the true group of passionate supporters and technologists. Overall the program looks to be very beneficial for Citrix and the CTPs.The CTP group is also speaking throughout Citrix Synergy and Summit. I look forward to hearing how this group can represent the Citrix products line.
Citrix has been steadily moving away from the reputation of being the “terminal server guys.” For the past year, 20% of Citrix business was networking including Netscaler, Branch Repeater, and Access Gateway. This is a great transition as the desktop OS moves towards the hybrid cloud and application centric computing.
There is an interesting pitch, that Citrix provides the only end to end solution, providing web access and branch office access to the virtual desktop. This is a bit of a stretch although the ability to offload a web interface from a Windows machine onto the NetScaler and move load balanced web access to an appliance seems to provide a much more secure and potentially robust solution than the VMware Security Server. Adding a load balancer to the View Solution could add cost if you don’t use some of the available open source load balancers. There is an added cost however with the NetScaler as well and the Netscaler is built to replace the free Secure Gateway solution that is built into XenDesktop. You do however get unlimited connection and the added access from the Citrix Receiver plug-in and the Branch Repeater plug-in. The one area that VMware can not provide is the Branch Repeater and Acceleration features. If a customer purchases XenDesktop Platinum Edition, they are able to get the Branch Repeater VPX for free a virtual appliance version of the Branch Repeater.
Branch Repeater gives the user visibility into 500+ applications, and you can auto configure it without changing Xendesktop. You can also prioritize by user groups or apps. That acceleration is a feature that sounds great and because it can be deployed as a virtual machine you could demo a proof of concept or acceleration without impacting your existing networking.
Probably the most intriguing product in the networking portfolio is the Citrix Receiver connection into SAAS apps leveraging the Open Cloud Access. This is very similar to VMware’s newly releasedHorizon App Manager. It utilizes SAML just like Horizon App Manager does to pass through authentication utilizing the token approach. This cNetombination with the Open Cloud Access is that next step into the application centric computing space of tomorrow. Another great transition from the terminal server space into the future.
I have been working in IT for almost 15 years and throughout the time, Microsoft has helped me grow a career but over the last few years we have seen possibly the most significant transition since the advent of the personal computer. What should not be surprising is that Apple has been the catalyst for change. Many people in Generation X and Y and every other name you would like to give those born after 1970, first learned how to use a computer in school, working on early Apple and Macintosh systems. This led this same kids to expect the ability to so word processing without a typewriter, followed by sending messages to each other without paying for a stamp, and now the earliest advocates of computers along with the youngest generations entering the workforce have demanded another change. No longer will these users accept whatever computer and system is thrown in front of them.
I place the blame on Apple with the release of the iphone and the App Store. The idea of presenting a single application to a group of users is not something new,in all reality Citrix has been presenting applications to business users since the days of Metaframe and the original Web Interface, but the ability for Apple to change a global mindset is something Citrix has never been able todo. Users now expect that you can access a single application regardless of what device I am using. Google continued to reinforce the attitude with the release of Android. Android is the largest deployed mobile platform in the world, and along with it comes multiple app stores.
The next question is how would applications being presented to a phone or tablet kill an operating system. The answer is rather easy on this one. Users want to bring a Macbook or a ipad or a Android tablet and get all the same applications that you used to only be able to get with Windows. VMware, Citrix, and Microsoft will all present a full windows desktop to a user, but why would I want a full desktop when all I need is an email client and a word processor or an internet browser. The added overhead on a device that I bought because it was optimized seems pointless. The same generations that grew up on Apple II Plus computers and a green screen now have 10x the power in their pocket with smartphones and even more with the ipad and newer tablets. Microsoft has even realized that application based computing is the wave of the future, with the release of Office Live, Microsoft is allowing users to get to their largest consumer product through the web without ever installing a product. When you combine that with the likes o Dropbox and SugarSync you can have all your data and all your applications sitting in a datacenter that you could care less where it is as long as you can access it from your optimized device. A device that is optimized to just run what others create and give you the best connection possible to the internet and the plethora of cloud products.
Windows may not die in the next year or two but with the speed of computing today it is very possible that the life of what has at this point been the most common base for personal computing is very short. Over the next week Citrix will make multiple releases allowing the user to get closer to the application centric computing model during their major conference, you can expect the same style releases from VMware in the end of August at their conference. Microsoft itself has been focusing on the other product lines with added push to use Unified Communications and Collaboration tools along with their own virtualization products. Windows has been around longer than many people imagined and has ridden the wave but it may have been its own biggest enemy by not staying with the times and just becoming a delivery system like iOS.
It has finally come time to close the Windows.
Sent from my iPad 🙂
After at least 2 years of anticipation and waiting we get to see the first release of VMware’s Project Horizon today. We still have to wait to get the application publishing that many of us hoped would be the first part of Horizon to go public but this new single sign on cloud connected enterprise tool can go along way to help enterprises give the flexibility back to the users. Horizon App Manager is delivered as a virtual appliance that sends secure tokens instead of full passwords between the corporate environment and cloud providers like SalesForce and Workday. This gives users the comfort of knowing that a seasoned IT pro had secured the connections and validated that the site they are visiting is in fact the proper place to go and not a hackers imitation. What Horizon also does is provides a app store in a sense that corporate users can request accounts on these third party services directly within the corporate environment. Check out the video below from VMwareTV for more details. I look forward to seeing the next few releases from the Horizon Team.
Google announced that they will be selling the Chromebook for Business for $28 a month per user starting in June. At first you probably wonder how a web based dumbed down notebook could help the likes of VMware, Citrix, and Microsoft sell VDI solutions. The answer is simple. As our data moves into the cloud we have less and less need for the large fast hard drives that have been populating notebooks for the past few years. Add that to always on connectivity of 3g and you have access to your data (for free up to 100 mb a month). The next question is now that I can get to my data how to I use it. You could follow the party line from Google and move everything to Google Docs but that does not work for most enterprises. However published applications from XenApp or single sign-on solutions like Project Horizon from VMware are moving enterprise applications into the cloud and onto the internet. So now you can have a notebook that can boot in less than 8 seconds with full web connectivity and a minimal security threat footprint that also has access to your documents that sit in DropBox or SugarSync, If you add that to the latest release from Ericom of a HTML5 client for VMware View and you can now have enterprise class desktops at your fingertips. There is of course the worry of what happens in someone hacks the ChromeOS that is on these machines do they now have access to all my data anyway? It is still possible that could happen but with a team of engineers and an auto-update feature on the Chromebook you would hope whatever vulnerability that may be found would be patched extremely quickly.
This is great now for your work computer but what if I want to use it at home? The applications that are loaded are already the ones that most uses want to use from their home PC, with full access to chrome, google docs, chat clients, twitter clients and of course angry birds who could want more?
In an effort to make these processes as easy as possible heres the next in my series of flowcharts for supporting VMware. Keep in mind that this is simply for installation. Make sure you follow best practices and do a full application assessment before assuming your DR plan is complete. Attempting to deploy a DR plan for Exchange, SQL or any other multi-tier application without looking at all the interconnectivity will result in an unsuccessful DR failover. With that being said… heres the flowchart.
I have worked for multiple resellers throughout the years and one of the things that has been constant throughout has been that customers like to bring in an subject matter expert to do an initial deployment, but then after the initial deployment they let the environment remain status quo. Budgets tend to shrink with each passing year but the one area that should not get overlooked in maintenance of your infrastructure. As companies consolidate their servers and desktops onto a small subset of servers, the old system admin rule of “Always check from layer one up” carries even more weight, the physical layer quickly gives way to the hypervisor.
The challenge comes into play when you need to determine if you are truly following the best practices that have been put out by VMware. The do more with less mentality often means that IT staff are wearing multiple hats. This is the time to bring back in the VMware Solutions Provider or consultant and ask for one of the more underutilized tools in the consultants belt, the VMware HealthAnalyzer.
HealthAnalyzer is an automated process that collects inventory, configuration, and utilization data from the vSphere environment through the vSphere SDK. Once the data is collected the tool allows the solutions provider to produce a report grading the environment through a stop light mentality and display the findings and data in an easy to view format, including ways to re-mediate any pieces that are missing when compared to VMware Best Practices. The amount of time that the report takes is completely dependent on the size of your environment but in most SMB environments the data collection can be done in a single day without installing anything on the corporate environment. Once the data is collected, the consultant can compile and analyze the data to return the report card both in a written report as well as a summary presentation.
This is the first in a series of flowcharts to be used as easy to follow references when doing migrations and upgrades of VMware products.
Upgrading from View 3 to View 4.6 is the first of the series.