Hybrid Desktop Virtualization: A New Approach for the Cloud
May 11, 2011
Desktop virtualization (DV) is a big technology trend, but despite the number of approaches taken by entrants to this new market, there are few solutions that are well suited for use in the cloud. Take for example, the Virtual Desktop Infrastructure (VDI) approach, which allows users to connect any device to the data center using remote desktop protocols. That works great for task workers and thin client devices tethered to the LAN, but it is not ideal for users who work offline, distributed users who connect to the data center over the WAN or mobile power users running demanding multimedia applications. Laptops, in particular, present unique management challenges, since they are often used offline or outside the corporate network.
Client-hosted desktop virtualization tries to address the needs of mobile and distributed users by executing the desktop on a virtual machine at the endpoint, combined with some central management of the desktop images. However, a hypervisor-based solution can create performance, security and support problems. If the host OS is not operating properly, the VM will be impacted. Moreover, with a type-2 hypervisor, the underlying host OS is unmanaged, requiring external means to manage it, as well as the additonal expense of OS licenses. Type-1 hypervisors eliminate the need to manage and the expense of two OSes, but offers very limited hardware compatibility, especially for laptops, which come with a myriad of peripheral devices.
A New Hybrid Solution to Desktop Virtualization
Today, new hybrid desktop virtualization solutions are emerging that combine the centralization and manageability of server-based DV with the flexibility to work offline on a fully personalized laptop. Each user’s complete desktop image is centralized in the public or private cloud, so it is protected and can be more easily managed by an IT department or managed service provider. Comprehensive tools for image management are also a key advantage, allowing IT administrators to simplify updates and patches while increasing endpoint stability. However, end users execute an instance of this central desktop locally on their PC without a hypervisor. This gives users native performance, with the flexibility to install applications, work with multimedia apps, handle bi-directional apps like video and audio conferencing, and to work offline.
With many desktop virtualization methods, an image update wipes out all personalization a user has added. Hybrid desktop virtualization implements image layering which allows IT to update the base image layer that is often comprised of an OS and centrally-managed applications like Office without overwriting layers contributed by the user, such as user-installed applications or user data and settings. Such decoupling of the image into independently managed layers requires the system to operate at the file-system level and be file-aware, as opposed to traditional desktop virtualization solutions that operate at the block-level which can’t easily segregate and merge user-installed applications and data from centrally managed images.
Asynchronous communication is also important otherwise, the end user must constantly be connected to the network. With an asynchronous model, when an endpoint is connected to the network, the system synchronizes continuously with the data center. However, when the endpoint is disconnected (or perhaps even connected to the Internet but not connected to the WAN) the system continues to work seamlessly, with all changes recorded. When the user re-connects to the network, changes made by the administrator to the centrally managed desktop propagate to the endpoint, and changes made by end users to their PC propagate to the data center.
Because hybrid desktop virtualization leverages the compute power of the physical endpoint, it is far more scalable than VDI, supporting thousands of endpoints per server node, compared to dozens of endpoints in a VDI environment, hence requiring a fraction of the cost of VDI in datacenter infrastructure. Because servers mostly manage and store images but do not execute client workloads, coupled with the fact that clients can continue to operate when the server is not available, this model lends itself to stateless design and scalable clustering for both scalability and high availability.
As noted earlier, the primary copy of each desktop resides and is managed in the data center inside the private or public cloud. Snapshots of the centrally-stored desktop can be used for two purposes. They allow users to restore deleted, corrupted, or overwritten files from the PC client, without a call to the helpdesk. Snapshots also enable administrators to quickly restore the complete desktop to a last-known configuration state to the same or a different endpoint, in the case of any corruption or malfunction of the original endpoint.
A Better Way to Handle Software Updates
While the hybrid model can work well for many smaller and mid-sized organizations, enterprises with many branch offices may find that distributing significant software updates or large images to each client in each branch can require hefty bandwidth and dedicated image distribution hardware at each branch. Some solutions solve this problem by enabling IT to designate one or more branch desktops as a software proxy. This allows IT to do a service pack update, for example, by upgrading the central image then downloading the new image once across the WAN to the proxy desktop. All other endpoints whose desktop is linked to that image receive the update locally from their branch proxy, significantly reducing WAN traffic.
Many user and system files are identical or similar across users, leading to large redundancies within and across multiple desktops at both the file and sub-file levels. Advanced network deduplication technology can eliminate this redundancy and thus further reduce the amount of data that needs to be transferred between the data center and desktops. For example, 3,000 endpoints may have the same copy of a PowerPoint file, but only one copy should be transferred (and stored). Once the first copy resides on the server, there are solutions that will recognize that the file already exists on the server database and will not transfer or store the file again. Further, if changes are made to a file, only the changes are uploaded or downloaded, not the entire file.
Finally, any changes (upgrades, new apps, etc) that are made by the IT administrator to the central base image propagate to the endpoint in pre-installed form and merge with user layers, eliminating the need to install packages at the endpoint.
Lost Laptop? No problem
Because hybrid desktop virtualization systems work within the OS, they have the unique ability to determine which files are absolutely critical for a desktop to boot. Since this is just a small subset of the total desktop size, these few files can be transferred to the endpoint and used for the reboot. The remainder of the user data and files can be streamed in the background later, in order of the frequency they are typically used, once the PC is up and running. If a user requests a file before it has been transferred, the server can send the file with high priority. This allows users to return to productivity in minutes instead of hours or days. These features, as well as snapshots, can also be used for disaster recovery if the endpoint becomes corrupted.
In summary, hybrid desktop virtualization brings the manageability and centralization benefits of desktop virtualization to mobile and distributed users, and without the downsides of other desktop virtualization solutions. The architecture provides centralized management and control even as the user reaps all the benefits of native PC performance and personalization. Even updates to thousands of endpoints can easily be handled – without the need for huge amounts of bandwidth – making it an optimal solution for a WAN-based private cloud. Hybrid desktop virtualization meets the needs of both IT and the end user making it the best of both worlds and IT retains control of the mobile PC without compromising the end user’s experience or productivity.