Technology•Feb 04, 2013
Designing an End-to-End Highly Available Virtual Desktop Infrastructure (VDI)
VDI is becoming a hot topic as IT administrators are looking for more efficient ways to manage desktops, lengthen the PC upgrade cycle, improve security, and go “green”, all while providing a rich user- experience. One point to consider is how to design a solution to keep hundreds of desktops running when a server goes down for maintenance or an unforeseen event. Instead of one BSoD, there are now hundreds of dead virtual desktops and multiple departments that are offline until the server becomes operational again! What happens to the desktops when a host fails? What can be done to eliminate downtime for desktops during planned maintenance? I’ll answer these questions and build you a plan to keep all of those desktops available for users.
Windows Server 2012 provides a platform for many types of desktops hosted in the datacenter. Any of the three configurations of Virtual Desktop Infrastructure (VDI) can be deployed entirely with just one server using local or network storage. Microsoft’s Hyper-V offers three options for VDI: (1) Session-based desktops (formerly Terminal Services); (2) pooled desktops; and (3) personal desktops. Each configuration has its own strengths and limitations, but all three can be made highly available (HA) from the top to the bottom, which is what we’ll focus on in this blog post. A HA system will be protected from a single machine failure at any level. There are six required machines – four may be virtual machines (VM) and two Virtualization Hosts must be physical.
Breaking out roles to separate servers allows for performance tracking as you scale out, and provides simple management via the Remote Desktop Management dashboard.
Remote Desktop (RD) Web Access servers should be load balanced and run on VMs
RD Connection Brokers in active/active setup (also VMs), backed by a SQL Cluster, a license server, and at least two domain controllers. Each of these could be virtualized as well.
RD Virtualization Host servers (physical) in a Hyper-V Cluster with network storage
Four supporting components will be needed for this HA VDI configuration (See Figure 2). Three of those components are servers: a mirrored or clustered SQL Server, an Active Directory domain with multiple domain controllers, and a RDS Licensing Server. The Licensing Server does not need to be made HA. If it becomes unavailable, the other machines will still work without it for 180 days before they need a new license. Place the License Server in a VM on a Hyper-V cluster if it needs to be made HA. The final component is a network storage location for the Virtualization Host cluster. A Storage Area Network (SAN) works well for this.
Start by setting up an enterprise grade network load balancer, like the F5 BIG-IP or Citrix NetScaler. Configure these to send requests to the multiple servers running the Remote Desktop Web Access role. A software load balancer, like Microsoft NLB or DNS Round Robin can be used. See Figure 3 below
This setup is similar to an IIS farm for websites, see Figure 4. Multiple Web Access servers will take requests from Internet Explorer clients and forward them to the Remote Desktop Connection Broker servers. The servers may be physical, but due to their light workload they work as well as VMs. Make sure you achieve redundancy by putting the VMs on separate Hyper-V hosts, and separate “preferred nodes”. Optionally, Remote Desktop Services can use a Remote Desktop Gateway in the same fashion. The gateway may be used alongside RD Web Access to provide multiple entry points to the virtual desktops
Windows Server 2012 introduced active/active clustering for the Remote Desktop Connection Broker, which provides better fault tolerance and scaling than the active/passive clustering used in Windows Server 2008 R2. Active/active clustering (see Figure 5) allows you to setup two or more RD Connection Brokers under a single DNS entry, providing both fault tolerance and load balancing. The Web Access servers should be configured with the fully-qualified name of the RD Connection Broker round robin record. Should one Connection Broker fail, requests will be rerouted to the alternate Connection Broker instantly. This configuration addresses HA concerns, as well as, scaling to high volumes of connections. As with the Web Access servers, an additional level of redundancy can be gained by putting the VMs on separate Hyper-V hosts
The Remote Desktop Virtualization Host role requires most of the horsepower used in the VDI deployment, see Figure 6. These servers should be physical machines with plenty of processor and memory. Use the Microsoft Assessment and Planning Toolkit to estimate the capacity required – http://www.microsoft.com/en-us/download/details.aspx?id=7826. Failover clustering provides HA in this final level of the deployment. Network storage for your VM images and snapshots allows the nodes to failover without clients being dropped from their desktop sessions. It is important to configure multiple network paths to storage in order to provide additional redundancy and scale with Windows Server 2012 Multipath I/O.
Since the hosts are doing the most work while users are logged on, here is where a failure makes the most difference. If you balance your collections and double provision them, a single host failure will end the session for all users on that host. The users can then re-open the Remote Desktop session and immediately connect to a new session on the other host. Their outage could be as little as 10 seconds. For planned maintenance, an IT Administrator can live-migrate the desktops from one host to another, then live-migrate them back, without user interruption
There are many possibilities to eliminate a single-point of failure for a VDI deployment. This setup strives for that 99.99% SLA, which is likely excessive for a desktop operating system. The difference here is that we are hosting hundreds of desktops and a single outage is a serious one. There are many cost saving measures that can be introduced to reduce the number of licenses used and still achieve 98% or higher uptimes. Adequate uptime for most desktops should be 95% and can be achieved with as little as two servers while still eliminating a single-point of failure.
MAKING THE PLUNGE TO VDI
VDI makes an excellent choice for users who need a standard desktop with similar applications. Increasing manageability and security are driving features, but also allowing access to a standard company desktop from any device with a remote desktop client access like thin clients, tablets, home PCs, teleworkers, and some smartphones make VDI an easy sell to management. VDI’s ability to lengthen the lifetime of your desktop hardware, and reduce the cost per desktop overall, further increases your ROI over a traditional full desktop solution.
Need help in deciding if Microsoft Server 2012 Remote Desktop Servers is right for your business or identifying which desktop model is the best fit? Credera is available to guide you through initiating a proof of concept implementation where you can choose to utilize one or all of the new Remote Desktop Services offerings.
To contact a VDI expert, email firstname.lastname@example.org or call 972.759.1836. For more information on Microsoft Server 2012 and RDS, please visit our blog or follow us at @CrederaMSFT.