Paper: Cisco Validated Design for Citrix XenDesktop 7

Cisco has published a paper titled: “Reference Architecture for 500-Seat and 1000-Seat Virtual Desktop Infrastructure, Citrix XenDesktop 7 built on Cisco UCS B200-M3 Blade Servers with EMC VNXe and Microsoft Hyper-V 2012“. The paper which contains 418 pages contains a reference architecture for building a VDI infrastructure which is validated by Cisco, Citrix, EMC and Microsoft.

The paper describes provides the architecture and design of a virtual desktop infrastructure that can grow from 500 users to 1000 users. The infrastructure is 100% virtualized on Microsoft Hyper-V Server 2012 with third- generation Cisco UCS B-Series B200 M3 Blade Servers iSCSI booting from an EMC VNXe3300 storage array. The virtual desktops are powered using Citrix Provisioning Server 7 and Citrix XenDesktop 7, with a mix of hosted shared desktops (70%) and pooled desktops (30%) to support the user population. Where applicable, the document provides best practice recommendations and sizing guidelines for customer deployments of XenDesktop 7 on the Cisco Unified Computing System.

clip_image001

The paper covers the following sections:

  • Introduction
  • Solution Component Benefits
  • Summary of Main Findings
  • Architecture
  • Infrastructure components
  • Solution Architecture
  • Desktop Delivery Infrastructure – Citrix
  • Test Setup and Configurations
  • Login VSI Test Result
  • Scalability Considerations and Guidelines
  • Other Considerations
  • References

Release: VMware Horizon View Clients 2.3

VMware last week released a new version of the Horizon View clients for Windows, Mac, Linux, iOS, and Android. Customers using a View client on their device are able to access their Windows desktop hosted on a VMware Horizon backend infrastructure.

clip_image001

The following functionality was added in version 2.3:

iOS

  • Unity Touch sidebar enhancements
  • Advanced SSL options
  • Japanes 106/109 keyboard layout support
  • Log off, reset and roll back changes
  • Desktop serach
  • Multiple recent connections pages
  • Support for iPad mini with Retina display and iPad Air

Android

  • Unity Touch sidebar enhancements
  • Advanced SSL options
  • Japanes 106/109 keyboard layout support
  • Log off, reset and roll back changes
  • Desktop serach
  • Multiple recent connections pages
  • Support for Android 4.4. (KitKat)

Mac OS X

  • Support for Real-Time Audio-Video
  • Desktop Search
  • Reordering shortcuts

Linux

  • Ability to configure which keys are sent only to the local system
  • Hiding of server connection screen and desktop library when running in kiosk mode

Windows

  • New group policy security setting for configuring client systems to use a specific cipher list
  • Log file enhancements

Update: Capacity Planner for Hyper-V Replica

Image

Microsoft has updated the capacity planner for Hyper-V Replica tool first relased in May 2013.  The updated version offers the following:

  1. Support for Windows Server 2012 and Windows Server 2012 R2 in a single tool
  2. Support for Extended Replication
  3. Support for virtual disks placed on NTFS, CSVFS, and SMB shares
  4. Monitoring of multiple standalone hosts simultaneously
  5. Improved performance and scale – up to 100 VMs in parallel
  6. Replica site input is optional – for those still in the planning stage of a DR strategy
  7. Report improvements – e.g.: reporting the peak utilization of resources also
  8. Improved guidance in documentation
  9. Improved workflow and user experience

In addition, the documentation has a section on how the tool can be used for capacity planning of Hyper-V Recovery Manager based on the ‘cloud’ construct of System Center Virtual Machine Manager.

The tool and documentation have been updated for Windows Server 2012 R2 and can be download from here:http://www.microsoft.com/en-us/download/details.aspx?id=39057

Windows Server 2012 R2 Private Cloud Virtualization and Storage Poster and Mini-Posters

Image

These posters provide a visual reference for understanding key private cloud storage and virtualization technologies in Windows Server 2012 R2. They focus on understanding storage architecture, virtual hard disks, cluster shared volumes, scale-out file servers, storage spaces, data deduplication, Hyper-V, Failover Clustering, and virtual hard disk sharing.

Hyper-V and Failover Clustering Mini Poster.pdf

Scale-Out and SMB Mini Poster.pdf

Storage Spaces and Deduplication Mini Poster.pdf

Understanding Storage Architecture Mini Poster.pdf

Virtual Hard Disk and Cluster Shared Volumes Mini Poster.pdf

Virtual Hard Disk Sharing Mini Poster.pdf

Windows Server 2012 R2 Private Cloud Virtualization and Storage.pdf

 Download

Release: Hyper-V Recovery Manager (HRM)

From the Microsoft Virtualisation Blog:

We are excited to announce the General Availability of Hyper-V Recovery Manager or HRM for short. HRM is an Azure hosted service which orchestrates the protection and recovery of virtual machines in your datacenter. Hyper-V Replica replicates your virtual machines from your primary datacenter to your secondary datacenter. To re-emphasize, your VMs are not replicated to Windows Azure. HRM is a service hosted in Azure which acts as the “control plane”.

The high level solution is as follows:

image

A step by step guide on setting up HRM is available @ http://www.windowsazure.com/en-us/documentation/articles/hyper-v-recovery-manager-configure-vault/

If you have questions on HRM, visit the TechNet forum @ http://social.msdn.microsoft.com/Forums/windowsazure/en-US/home?forum=hypervrecovmgr

Pricing, SLA details for the service is available @ http://www.windowsazure.com/en-us/pricing/details/recovery-manager/

Brad Anderson’s blog on HRM – http://blogs.technet.com/b/in_the_cloud/archive/2014/01/16/announcing-the-ga-of-windows-azure-hyper-v-recovery-manager.aspx – provides more details on the solution.

vCenter Server Appliance 5.5 root account locked out after password expiration

A new VMware KB article has been published which could potentially have wide spread impact, particularly in lab, development, or proof of concept environments.  The VMware KB article number is 2069041 and it is titled The vCenter Server Appliance 5.5 root account locked out after password expiration.

In summary, the root account of the vCenter Server Appliance version 5.5 becomes locked out 90 days after deployment or root account password change.  This behavior is by design which follows a security best practice of password rotation.  In this case, the required password rotation interval is 90 days after which the account will be forcefully locked out if not changed.

The KB article describes processes to prevent a forced lockout as well as unlocking a locked out root account.

Approximately 90 days have elapsed since the release of vSphere 5.5 and I imagine this issue will quickly begin surfacing in large numbers where the vCenter Server Appliance 5.5 has been deployed using system defaults.

Release: VMware vCenter Server 5.5.0.b & vCenter Server Appliance 5.5.0.b

On December 22 VMware released vCenter Server 5.5.0.b as well as vCenter Server Appliance 5.5.0.b.

This release (version b) does not contain new features or enhancements but contains resolved issues only.

The release notes are here.

Download here

Resolved issues

Upgrade and Installation

  • Upgrading the vSphere Web Client to vSphere 5.5 fails with an error
    Attempts to upgrade the vSphere Web Client to vSphere 5.5 fails when they are installed in a custom, non-default location. An error message similar to the following is displayed:Error 29107. The service or solution user already registered...This issue is resolved in this release.

vCenter Server, vSphere Client, and vSphere Web Client

  • vCenter Server 5.5 displays a warning message in the yellow configuration issues box on the Summary tab of the hosts
    When you connect to VMware vCenter Server 5.5 using the vSphere Client or the vSphere Web Client, the Summary tab of the ESXi 5.5 host displays a warning message similar to the following in the yellow configuration issues box:Quick stats on <hostname> is not up-to-dateThis issue is resolved in this release.
  • Attempts to export log bundle using the Log Browser fails
    When you attempt to export a log bundle using the Log Browser interface, the browser window displays a Secure Connection Failed error page with the following message:Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.This issue is resolved in this release.

    Note: If you are upgrading from the vCenter Server 5.5 version, see the workaroundprovided in the known issues section.

  • Attempts to log in to vSphere Web Client result in an error message
    Attempts to log in to the vSphere Web Client result in an error message if the Local OS identity source is not configured in the SSO configuration page. An error message similar to the following is displayed:Failed to authenticate to inventory service <server IP>:10443This issue is resolved in this release.

vCenter Single Sign-On

  • After installation of vCenter Single Sign-On 5.5 attempts to connect to the vCenter Single Sign-On server might fail
    After you install the vCenter Single Sign-On 5.5 on a Windows system that is not domain joined and has multiple network interfaces, attempts to connect to the SSO server from other components might fail. You might see a message similar to the following:Could not connect vCenter Single Sign On....make sure the IP address is specified in the URL.This issue is resolved in this release.
  • When upgrading from vCenter Server Appliance 5.0.x to 5.5, vCenter Server fails to start if you select an external vCenter Single Sign-On
    If you select an external vCenter Single Sign-On instance while upgrading the vCenter Server Appliance from 5.0.x to 5.5, vCenter Server fails to start after the upgrade. In the appliance management interface, vCenter Single Sign-On is listed as Not configured.This issue is resolved in this release.
  • Attempts to upgrade vCenter Single Sign-On to 5.5 fails if the SSL certificates being in PKCS12 format
    When you upgrade from vCenter Single Sign-On 5.1 to 5.5, the installer fails and rolls back, before you select an SSO deployment method, with the following error message:vCenter Single Sign-On Setup Wizard ended prematurely because of an errorAn error message similar to the following is logged in the vim-sso-msi.log file:

    DEBUG: Error 2896: Executing action ExtractKeystoreInfo failed.

    This issue is resolved in this release by displaying the following warning message:

    Setup has detected a problem with your current configuration which will cause upgrade to fail. Your certificate key store format might be unsupported. See VMware KB 2061404.

  • Upgrade to vCenter Single Sign-On 5.5 fails before you select the deployment type
    Attempts to upgrade to vCenter Single Sign-On 5.5 fail before you can select the deployment type. Error messages similar to the following are logged in the vminst.logfile:VMware Single Sign-On-build-1302472: 09/26/13 15:18:19 VmSetupMsiIsVC50Installed exit: Error = 1605
    VMware Single Sign-On-build-1302472: 09/26/13 15:18:19 VmSetupGetMachineInfo exit: Error code = 1605This issue is resolved in this release.
  • Active Directory is not added automatically as identity resource in vCenter Single Sign-On 
    When you initially install the vCenter Single Sign-On in a Windows system that is part of an Active Directory, the Active Directory is not automatically added as the default identity resource in the vCenter Single Sign-On server.This issue is resolved in this release.
  • Unable to edit a vSphere 5.5 Identity Source in the vSphere Web Client
    You cannot edit a vSphere 5.5 Identity Source in the vSphere Web Client as the Edit icon is disabled for the Active Directory Identity Source. You see a warning message similar to the following:Edit Identity Source (Not available)This issue is resolved in this release.
  • Unable to modify password or remove users from system-domain after you upgrade from vCenter Server 5.1 to 5.5
    After you upgrade from vCenter Server 5.1 to vCenter Server 5.5, you are unable to remove the users from system-domain or modify the password for these users.This issue is resolved in this release.
  • vCenter Single Sign-On Identity Management service repeatedly logs the message: Enumerate trusts failed Failed to enumerate domain trusts for domain_name (dwError – 5)
    When you configure the Active Directory (Integrated Windows Authentication) Identity Source in vCenter Single Sign-On, the vmware-sts-idmd.log file, located atC:\ProgramData\VMware\CIS\logs\vmware-sso, repeatedly logs the following message:INFO [ActiveDirectoryProvider] Enumerate trusts failed Failed to enumerate domain trusts for domain_name(dwError - 5)This issue is resolved in this release.

Virtual Machine Management

  • Attempts to clone, create, or storage vMotion a virtual machine fails when the destination data store is a Storage DRS POD
    In vCenter Server, operations that consume storage space such as virtual machine creation, cloning, or storage vMotion might fail if the destination data store is a Storage DRS POD and the storage device has the de-duplication feature turned on. The following error is displayed:Insufficient disk space on datastore xxxxxThis issue is resolved in this release.