vir312. demo ws03ws 2008 ws 2008 r2 / ws 2008 r2 sp1 terminal services remote desktop services...
TRANSCRIPT
RemoteFX - VDI: Implementation Best Practices and Lessons Learned
Rand MorimotoPresident, Convergent ComputingAuthor, Windows 2008 R2 Unleashedhttp://www.cco.com
VIR312
Agenda
Quick Background on Microsoft VDI & RemoteFXBehind the Scenes on How MS-VDI & RemoteFX WorkRDS or VDI?Integrating Traditional RDS with Microsoft VDIIntegrating RemoteFX into an MS VDI EnvironmentReal World Case Scenarios and Lessons LearnedRemoteFX Configuration Tips
Quick Background on Microsoft VDI & RemoteFX
Microsoft VDI and RemoteFX
Microsoft VDIRunning Windows Client (ie: Windows 7) on a centralized host server (like the traditional Terminal Services / Citrix model, but guest sessions are dedicated to the remote client, not shared, thus better performance, security, compatibility, and operations)Endpoint client runs a simple thin client, legacy system, tablet, unmanaged device, etc
RemoteFXIntegrated into Windows Server 2008 R2 SP1 VDIProvides full motion (HiDef) video and accelerated graphics (ie: Flash, Silverlight, etc) within a VDI guest session
demo
Demo – Windows VDI
demo
Demo – RemoteFX
Behind the Scenes on How MS-VDI & RemoteFX Work
Remote Desktop Services (RDS)
WS03 WS 2008 WS 2008 R2 / WS 2008 R2 SP1
Terminal Services Terminal Services Remote Desktop Services
Terminal Server Terminal Server RD Session Host
TS Session Directory TS Session Broker RD Connection Broker
TS Licensing Server TS Licensing Server RD Licensing Server
TS Gateway RD Gateway
TS Web Access RD Web Access
RD Virtualization Host (VDI)
Microsoft Remote Desktop Services (RDS) & VDI
Unified Admin and User experience for RD Session Host (1 host / many guests – traditional Terminal Services / Citrix model) RD Virtualization Host (dedicated (VDI) guest session for each user)
Dedicated VDI Guest SessionJust a Windows client (ie: Win7) VHD running in HyperV that a remote client connects to
Two options for VM-based desktopsPooled virtual desktop (shared group of dedicated guest sessions)Personal virtual desktop (truly dedicated guest session just for each specific user)
Richer experience (multi-monitor, multi-media, bi-directional audio, rich graphics)Better App Compatibility thru App-V for RDS
VMs with Client OS(VM-per-user)
Pooled VMs
Sessions with Server OS
(Session-per-user)
Multi-user Shared Image
RD Virtual HostRD Session Host
Personal VMs
RD Session Broker
Microsoft VDI = Windows Client in Hyper-V
Key Benefits
How’s it workHyper-V
HostUser PC or Thin Client
HyperV Host running Windows Client (ie: Win7) guest sessions that a remote client connects to
Access to data and applications from any device in the organizationImprove data security and compliance Simplify management and deployment of applications
Server OSHyper-V
Presentation Virtual Desktop
OS
Applications
User State
Desktop experience is
centralized and gets delivered to user’s PC or thin
client
Virtual Machine Manager is a comprehensive management solution for the virtualized datacenter.
Windows Server Hyper-V – Optimized hypervisor to run virtualized Servers or virtualized Clients
demo
Demo – HyperV Console /VDI Guest Auto-Start
Golden Image
User 1
User n
Day 2 Day n
Day 2 Day n
Day 1 Day 2 Day n
Clone
Personal Virtual Desktop:
Golden Image
1
n
User 1
Pool Day 1 Day 2 Day 3
Clone
User 1
User 1
Pooled Virtual Desktop:
Pooled vs. Personal Virtual Desktops
User Profiles
etc
RDS or VDI?
RDS Deployment options: RDS vs. VDI
User requirements typically dictates mode chosenRemoting protocol is common factor for both modelsExpect to have mix of both models
Terminal Services (Sessions) VDI (VMs)
Scalability Higher ratio of users/server Lower ratio users/serverIsolation/Security Session-based isolation
Shared OS across usersMust run as standard user
VM-based isolationDedicated OS per userCan run as admin
Remote User Experience Protocol-dependent Protocol-dependentUser Flexibility User is running as a user User can have full rightsApplication Compatibility Windows Server OS Windows Client desktop
Remote Desktop Services - RemoteApp
MSI packages provide setup and deployment integration
Active Directory Group PolicySystems Management ServerManual
Shortcuts published toDesktopStart menuAdd/remove programs
WinSrv 2008 R2RDS Session Host
AD
Publish
Push GP-published applications
Publishmanually
RDP Client
Explorer.exe or Rdpshell.exe Rdpinit.exe = RDP shell loginapplication
Remote Desktop Services - Web Access
RDS Session Host
Active Directory
SessionDirectory
RDP Client
LoadBalancer
RDSWeb Access
HTTPs
RDP
AD Mode
Single Server Mode
RDS IP Virtualization
• IP Virtualization Modes• Per-program• Per-session
• DHCP integration• Virtual IP addresses will be obtained from
DHCP
• Scheduling mechanism fairly distributes CPU cycles across sessions
• Dynamically distributes cycles based on number of active sessions and their load
• Applied at kernel level
RD Server
BackendServer
10.0.0.1 10.0.0.2 10.0.0.3
10.0.0.31 10.0.0.32 10.0.0.33
Fair Share CPU Scheduling
Microsoft VDI
Dedicated guest session for remote userBetter security and user isolation
Can be 32-bit or 64-bit guestAddresses compatibility issues with 64-bit hosted server configurations
C> is private to the userImproved security / Addresses apps that write directly to C> for a given application per user (old INI based apps)
Dedicated performanceIsolated transactions per guest session
Integrating Traditional RDS with Microsoft VDI
Practical Real World – Use of Both RDS & VDI
RD Session Host (aka TS)
• Low cost image management
• Easiest admin management
• Least resources required
• Good compatibility for legacy
apps
Pooled Virtual Desktop• Medium cost image management
• Easier admin management than
Personal
• Less Resources than personal
• Better compatibility for legacy apps
Personal Virtual Desktop• High cost image management
• Administrator access (user can install
programs)
• High Resource cost
• Compatibility for legacy apps
Organizations Typically Mix & Match Options
RDS Gateway – Integrated ApproachRedirector Identifies RDS (shared) vs VDI (dedicated guest) per User
RDP encapsulated in RPC over HTTPS
Firewall listening for HTTPS traffic (port 443)
RDP traffic
RDS (shared) Hosts
VDI (dedicated) Guests within
HyperV ` `
External network
Internal network
Perimeter network
RDP traffic
Firewall listening for:RDP (TCP 3389)LDAP (TCP 389)
Kerberos (TCP/UDP 88)DNS (TCP 52)
RADIUS (TCP/UDP 1812)RADIUS accounting (TCP/UDP
1813)
RDS Connection Broker(s)
demo
Demo – Configuring RDS vs VDI in AD Users and Computers
Integrating RemoteFX into an MS VDI Environment
New in Windows Server 2008 R2 SP1
Dynamic Memory allows the allocation of a range of memory (min and max) to individual VMs, enabling the system to dynamically adjust the VM’s memory usage based on demand. This provides more consistency in system performance enabling better manageability for administrators
Dynamic Memory
Microsoft RemoteFX leverages the power of virtualized graphics resources and advanced codecs to recreate the fidelity of hardware-assisted graphics acceleration, including support for 3D content and Windows Aero, on a remote user’s device. This allows for a local-like, remote experience.
RemoteFX
RemoteFX – A Game Changer in Thin Client Computing
Enabling Technology Organizational Value
Bitmap remoting and hardware-based decode
Intelligent screen capture and hardware-based encode
Host side rendering
vGPU Full rich Windows experience
Remoting any content
Full range of client devices
High fidelity user experience
RemoteFX – A Game Changer in Thin Client Computing
Enabling Technology
Bitmap remoting and hardware-based decode
Intelligent screen capture and hardware-based encode
Host side rendering
vGPU
Differentiating Innovation
• Content and GPU independent intercept & rendering• Single GPU for multiple Hyper-V guests
• CODEC designed for text and image content• Single CODEC for VDI and RDS sessions• HW and software manifestations by design
• Screen deltas sent to client based on network and client availability
• Applications run at full-speed on host
Remote Desktop Services with RemoteFX
Scenario: VDI desktop replacement for connected knowledge workers on Windows 7 with good connectivity.New Features in WS08 R2 SP1: Host-side rendering capabilities enabling rich media UX on broad range of end point devicesScenarios: RDP 7.1 with RemoteFX available for VDI and session virtualization
Windows Server 2008 R2 SP1Windows Server 2008 R2
Scenario: Multimedia application enhancements for remote users primarily accessing RDS from rich clientsNew Features in WS08 R2: Support for multiple screens, bi-directional audio, Windows Media Player redirection and enhanced bitmap remotingScenarios: RDP 7 for VDI and session virtualization
demo
Demo - High Definition Video / Graphics Experience within a Thin-client Guest Session
RemoteFX OS & System Requirements
Hyper- V HostWindows Server 2008 R2 with SP1
(Hyper-v, Standard, Enterprise, and DataCenter editions)VDI Virtual Machine
Windows 7 Enterprise with SP1Windows 7 Ultimate with SP1
Remote Client DeviceWindows 7 with SP1Devices with RDP 7.1
RemoteFX Host ServersServer requirements
SLAT capable CPUsPCI-E x16 based server motherboards
HP DL 370 has thisExternal rack mounted GPU chassis can be used with 1U serversPossible server SKUs
IBM iDataPlexDell PowerEdge R610, R710, M610xHP DL 370
RemoteFX GPU SupportGPUs ATI Nvidia
Logo identified GPUs
FirePro: 5800, 7800, 8800FireStream: 9270
- Quadro: 880M, 2800M, 3800, 4800, 5800- (Next generation GPU)
Appliance form factor
n/a - Quadroplex 2200 S4- (Next generation GPU)
SCVMM Console Configuration
GPU Information
RemoteFX USB Devices
Generic USB redirectionAllows you to redirect virtually any USB device transparently over RDPSupport for more devices than previouslySupport for USB devices with thin clientsNo client drivers necessaryApplications are transparent to redirected devicesOnly one session can use USB device at a time
Real World Case Scenarios & Lessons Learned
Microsoft VDI for Specialized Thin Client Users
Most users in the organization use traditional RDS / Citrix (host server / many guests sharing the RDS host)However, specialized users (ie: HR, Legal, VP/Exec) need higher security or dedicated performance or run a specific 32-bit client only applicationSame centralized access point for RDS and VDI usersMost users redirect to the RDS server farm for shared accessSpecialized user(s) redirect to dedicated VDI guest sessionsSame experience for all; Better isolated results for the specialized user(s)
Microsoft VDI for USB Redirection
With Microsoft VDI USB Redirection, organizations can now utilize 2-way USB accessImplemented for audio / telephony (Call Center)Implemented for secured control communications (government / Dept of Defense / user in unsecured location)Maintains security and control
Microsoft VDI for RemoteFX
Full motion (high definition) video (Training of employees over a centralized VDI mode)Better performance for end client for highly graphical applications
RemoteFX Configuration Tips
Setting up the client…
The client must support RDP 7.1USB redirection must be enabled via group policyGP update, followed by reboot is required
Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Connection Client\RemoteFX USB Device Redirection
Setting up the VM…
RemoteFX must be enabled on the VMGroup Policies are available to control USB redirection
USBR can be enabled/disabled completely
Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection
Setting up the VM…More granular control of redirected devices can be achieved via Device Installation Restrictions
Computer Configuration\Administrative Templates\System\Device Installation Restrictions
Automatically Powering on Guest Sessions
STARTVMs.PS1# the get-wmiobject identifies the guest session# the requeststatechange (2) turns on the session (a 3 powers off, 4 shutdown, 32769 saves)# the |out-null suppresses the "return values" and makes it clean# instead of read-host, could have done a $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") for anykey, but I liked the specific "return key" as the options# also the readkey function doesn't display in ISE but will actually work
$vm=get-wmiobject -namespace root\virtualization -class msvm_computersystem | where {$_.elementname -eq "32-Guest Session 1"}write-host -foreground Green "Starting VM $($VM.ElementName) now"$vm.requeststatechange(2) |out-null
Read-host "Press Enter to Start Rest of the Images"
$vm=get-wmiobject -namespace root\virtualization -class msvm_computersystem | where {$_.elementname -eq "32-Guest Session 2"}write-host -foreground Green "Starting VM $($VM.ElementName) now"$vm.requeststatechange(2) |out-null$vm=get-wmiobject -namespace root\virtualization -class msvm_computersystem | where {$_.elementname -eq "32-Guest Session 3"}write-host -foreground Green "Starting VM $($VM.ElementName) now"$vm.requeststatechange(2) |out-null
PowerShell HyperV On/Off Scripts: http://www.networkworld.com/community/morimoto
Related ContentBreakout Sessions
VIR311 – “Planning and Deploying VDI and Remote Desktop Services”, Weds 3:15pm and Thurs 3:15pmVIR313 – “Microsoft RemoteFX GPU Virtualization Technology Deep Dive”, Weds 5pmVIR318 – “How to Setup App-V and Get the Most out of your RDS and VDI Deployments”, Tuesday 3:15pmVIR401 – “Microsoft RDP and RemoteFX, ICA, EOP, etc: VDI Remoting Protocols Turned Inside Out”, Thursday 1pm
Interactive SessionsVIR371-INT “The Latest Best Practices in Virtualization Remote Desktop Services and Virtual Desktop: the Virtual Reality Check”, Weds 10:15amVIR372-INT “RemoteFX: Lessons Learned from the Windows Server 2008 R2 SP1 TAP Program”, Thursday 10:15am
Track Resources
Don’t forget to visit the Cloud Power area within the TLC (Blue Section) to see product demos and speak with experts about the Server & Cloud Platform solutions that help drive your business forward.You can also find the latest information about our products at the following links:
Windows Azure - http://www.microsoft.com/windowsazure/
Microsoft System Center - http://www.microsoft.com/systemcenter/
Microsoft Forefront - http://www.microsoft.com/forefront/
Windows Server - http://www.microsoft.com/windowsserver/
Cloud Power - http://www.microsoft.com/cloud/
Private Cloud - http://www.microsoft.com/privatecloud/
Resources
www.microsoft.com/teched
Sessions On-Demand & Community Microsoft Certification & Training Resources
Resources for IT Professionals Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet http://microsoft.com/msdn
Learning
http://northamerica.msteched.com
Connect. Share. Discuss.
Complete an evaluation on CommNet and enter to win!
Scan the Tag to evaluate this session now on myTech•Ed Mobile
