Well, if you have been following my blog for the last couple of days – you will know that I’ve been upgrading to vSphere 4.0 U1. Just before I did it came to my attention that the upgrade process triggered via VMware Update Manager had an issue. This surfaced during the US Thanksgiving holiday period – so I treated as defcon 1 issue – because the upgrade could cause a PSOD – and I worried this problem could be caused by someone doing an upgrade during the holiday period – or it slipping over their radar during the holiday period.
In case you don’t know – if you have ESX “Classic” with the HP SIM Agents installed (which is very popular) then the VMware VUM Update would cause you problems. VMware hastily issues an KB article -
outlining the problem, the cause and work around….
Leaving aside about HOW such an important upgrade error wasn’t picked up by the internal VMware QA process – this KB has been recently updated, and it makes for uncomfortable reading for HP customers:
“Note: If you want to install the update, you must download the update manually. The update is no longer available for automatic download in Update Manager and the vSphere Update Utility. You can find the update on the VMware Downloads site and copy the download to your local depot as needed.”
So those of us lucky/unlucky enough to download the patches and U1 last week – get to do automated downloaded update via VUM, and those who do it now – will find that the update is not distributed through normal sources.
Now I’m going to be VERY generous to VMware, by saying it probably better to withdraw an update that comes with a known-issue – but I don’t think many customers will view it that way. I think most customer will conclude that there has to be better way of handling this problem? They will see that the way this issue had been created and handled – is yet another reminder that rolling out updates early is unwise – and that like other vendors automatic patch-management – it can’t be trusted.
Yes, that Steve Martin of “The Jerk” fame etc. He plays a pretty mean banjo too. He recently performed on Jools Holland’s Later (my favourite live music show!). I’m getting a banjo and mandalin for my Xmas & Birthday combined. Always fancied one!
Well, last week I made the leap into the great unknown. After using flavours of Windows since version 1.0 – I decided I’d had enough. So from Birmingham Airport (UK) I bought MacBook Pro 13″ with copy of Microsoft Office for Mac. Don’t worry, I haven’t completely lost it – and won’t be becoming a MacBore or LinuxBore. But I wanted to report my experiences and tips and tricks along my journey of coming to grips with the new environment.
Why the change of all those years of being a “Window Guy”. Well, I have this idea that our relationship with technology/ISVs is like a marriage. When you first get married your in the flush of your first love – and sure there are bad things about the new person in your life, but you overlook and forgive those. Then as the years roll-by those bad things seem to become more and more noticeable. The way they do the dishes or slurp their tea start to grate. So it is with technology. When you first get your new toy you love the thing, but as the days/weeks/months/years/decades(?) roll-by the technology begins to really annoy you. That’s how things ended up with me Microsoft Windows on a PC. I got to the point that whenever I saw “Not responding” when Explorer opened or when I changed an IP address – that I want to put my fist through the monitor. So in truth my decision change was as much an emotional one, as a technical one. My relationship with Microsoft had reach ‘irretrievable breakdown’ – we weren’t really talking to one another in the end. Now we are firmly in the divorce courts of technology, with the lawyers fighting over the spoils. I’m sure that in 15 years time I will be saying the same about Apple….
So what have my experience been so far? Well, I’ve tried my best to do everything in the last week using the Mac. In truth in the first couple of days I spent most of my time copying files, setting up email accounts, importing bookmarks, setting up my iPOD with iTunes (which is much, much better on the Mac!). I wanted to avoid running Windows applications as much as possible. Although I have downloaded and installed VMware Fusion 3 to run Windows XP. To be honest it was more because I wanted to see what its like – than really needing to. Most of what I need to can be done with the Mac, and I have RDP for Mac, VMware View4 for Safari set-up – so when I do need to get to my remote lab environment I can. I did download the full Citrix ICA Client ‘Program Neighborhood’ (yeah, I know they call it something else now) but in truth that’s mainly for legacy reasons – from here on in I’m going to use VMware View 4 and virtual desktop. My plan is try and get the native PCoIP client running under VMware Fusion – so I can have a PCoIP experience from my Mac. The web-based client support for Mac doesn’t support VMware Fusion.
So, so far so good – what have been the downsides – and challenges yet to overcome?
Keyboard Strokes - The Mac Keyboard is different but similar to a Window Keyboard. And the instinctive urge to press some conjunction keys is still there – even though there isn’t a 1-2-1 mapping. I’m using the mouse and menus more than I would normally… must print out a page of the keystokes and print it above my desk until the become second nature. This is part made more complicated by my View4, RDP and Citrix sessions having their own keyboard shortcuts – its possible to get in a bit of muddle
Right-Click Trackpad – a lot of people complain about a lack of right-click environment – to be honest I don’t know why Apple don’t just enable this by default. You have to go into System Preferences, Trackpad and tick of an option called Secondary Click, and ask it to be in the ‘Bottom Right-hand corner’ – and then away you go
Screen Capture – Apple’s ‘Preview’ comes with its own tools for grabbing parts of the screen. In Windows I used snagit – which is much better – under Fusion. I’m kinda of reluctant to go out and buy a dedicated screen capture utility – but I can see in the long run – I’m gonna have to bite the bullet and purchase – some screen capture/video thing for the Apple…
Entourage – Is part of MacOrifice. It’s fine as an email client – but I don’t rate as much as Microsoft Outlook. For start I can’t check my hotmail with it, and it doesn’t appear to have RSS Feed support like Microsoft Outlook 2007 did. I quite like all my **** being in one place. I need to do some research on this – so I might be able to find a plug-in for both hotmail/RSS feeds – so I have one place to go. There real problem with Entourage – is despite it being a Microsoft mail client – there is NO import facility for the Outlook PST format. To be honest this was the biggest pain the arse I’ve had so far. The work around is to install Mozilla Thunderbird on the old Windows PC – then use it to import the mail/settings/address book. Once imported (it did take a long time with my 9,000 items!!!) You can then open the mail store in Thunderbird to get to the mail. Each folder in outlook becomes a separate mail file – and you can rename the inbox files to have a inbox.mbox extension – drop them on a removal hard-drive and import them into Entourage.
UPDATE: I did manage to get my hotmail in Entourage even though MS say you need an extra special hotmail account to do it. I think I’ve had my hotmail account so long it was upgraded to Plus (or some such status) – which meant it worked with Entourage after all. Problem solved…
iPAQ and Windows Mobile - The Mac has no support for Windows Mobile and Synchronization. That was going to be first step to getting my address book. Nothing doing. You have buy special software to get Windows Mobile enable PDAs to sync with Mac. As is my iPAQ is nearly 4years old. It was one of the first phones to have touch-sensitive screen, wifi, bluetooth and satnav. Anyway, its on its last legs – and I’ve secretly be harbouring a desire for an iPhone. My provider, VodaFone get the 3G enable version of the iPhone in the new year which is weeks away. So I plan to switch away. I also plan to get the TomTom cradle for the iPhone. It’s pricey, but boosts the GPS signal and comes with all the usual hands-free, mute music for turn-by-turn instructions and phone calls.
Pricey Accessories – Before I bought the MacBook Pro I took a look at some of the accessories – and more importantly their prices. You know, look I’m prepared to pay the mark-up for the MacBook Pro. It’s a quality product blah, blah, blah. But I mean £50 for a fucking mighty mouse – who is hell Apple kidding? £20 quid for DisplayPort to VGA adapter? The piss-de-le-resistence is of course, the £1K+ LED 30” inch cinema display – a must have item for all “creative professional” (my arse!) look I know LED will be great, but I’m sticking with my old HP SVGA flatpanel and VGA connector for the time being. I almost bought the wireless keyboard and mighty-rip-off mouse on the apple store when I was in Norway the other week. Unfortunately, every time I selected a patrotic “British” keyboard, the basket updated it to a German keyboard. Are they trying to tell me something here…?
Well, now I have upgrade to vSphere 4 U1, I’m just doing an upgrade of the PowerCLI (VMware’s addition of some 200+ cmdlets together with access to the VMware SDK too). I’m avid fan and believe in the powers of PowerCLI. Although I wouldn’t claim to be the warrior monk status of Hal, Luc or Al…
PowerCLI has been overhauled with a whole new raft of cmdlets which will go a long way to shortening my PS1 scripts. That said I don’t when I’m gonna get the time replace my lengthy referrences to much short cmdlets.
If you want to download and install the latest PowerCLI you will find it here:
I’ve been looking at the new cmdlets and trying to make a hit list one’s I should look at first. So what my personal favourites/highlights by looking at the release notes:
Managing the failover and load-balancing policies of VirtualSwitch and VirtualPortGroup objects with Get-NicTeamingPolicy and Set-NicTeamingPolicy. Previously, these setting were only accessible by navigating the complicated SDK environment
Working with host storages and iSCSI HBA devices with Get-VMHostHba, Set-VMHostHba, Get-iScsiHbaTarget, New-iScsiHbaTarget, Remove-iScsiHbaTarget, Set-iScsiHbaTarget, and Set-VMHostStorage. Previously, these setting were only accessible by navigating the complicated SDK environment
Upgrading hosts with Install-VMHostPatch
Running BAT (Windows) and BASH (Linux) scripts with Invoke-VMScript. I think these cmdlets maybe very useful in the SRM environment.
Uploading firmware packages with Set-VMHostFirmware.
Extending, cloning, inflating, and reallocating virtual hard disks with Copy-HardDisk, New-HardDisk, and Set-HardDisk. I’m hoping these cmdlets will able tell me if my virtual disk is eagerzeroedthick – the format valid for VMware Fault Tolerance. The conversion process can take sometime – so it will be helpful to know because it factors into your maintenance windows.
(I picked this title because I am a big Hunter S. Thompson fan – and I had plenty of fears before contemplating the upgrade! The loathing came later! [JOKE] Actually, the upgrade was no better or worse than any other I have previous undertaken. In fact compared to one nightmare upgrade from vCenter 1.0 to 2.0 it was a walk in the park. What follows is blow-by-blow account of my experiences – it got quite lengthy. If you want a quick summary – scroll to the end and just read the conclusions)
UPDATE:
Since writing this post – I’ve had a thought. What if I’d fully patched the ESXi host first with vCenter4.0 BEFORE upgrading vCenter4.0 to vCenter 4.0 U1. Would that have stopped the disconnect from taking place? I can’t test that approach myself – but I would LOVE to hear from those who can. So I can perhaps find a work around to the disconnects that took place in my upgrade process.
Well, it’s the time already – a new update to VMware’s flagship virtualization platform – vSphere4. I probably would have not upgraded from 4.0 to 4.0 Update 1, if it hadn’t been for the almost simultaneous release of View4 and the eagerly awaited – PCoIP protocol. One of View4 pre-requisites is for vSphere4 U1. Despite this I started of with a deploy of View4 on vSphere4.0 to see how hard and fast that “pre-requisite” was. In truth I was a bit nervous (perhaps more than normal) about this Update 1 roll-out.
I was actually in the process of writing an article about my upgrade. Fortunately, I caught wind of this upgrade bug before hand. I’ve decided its too important to wait for the completion of the article. The people in the US are lucky they are on holiday – and so might be with their families rather than in datacenter doing upgrades – that said holiday times are ideal for upgrades…
Well, I thought it would be nice to discuss the attributes and features of VMware View4 new PCoIP protocol which will be released very shortly. In case you don’t PCoIP stands for PC over IP – and then intention is to deliver remote display protocol which rivals “legacy” thin-client protocols such as RDP/ICA with a new protocol that offers a “PC-like” experience over the wire. Historically, protocols like RDP/ICA have not performed will in graphics intensive applications like scanning, CAD, and streaming video.
If you want to see what PCoIP looks like to the end-user – prior to the GA some folks have put videos up on youtube.com. Of course, the quality of those videos vary – how ironic!
VMware’s main competitor in this will be Citrix XenDesktop’s HDX protocol. It’s been a long time in the gestation. VMware has been talking about PCoIP for some time, and its been an on-going project with Teradici which historically has specialized in hardware and software bases remote display delivery. VMware View4 delivers a software experience, but the co-development will allow smart terminal manufacturers to fit graphics cards that leverage hardware based graphics acceleration.
Since View3.1, VMware has endeavored to support other protocols such Sun’s Appliance Link Protocol (ALP), and HP’s Remote Graphics Software (RGS). Additionally, by supporting RDP – they pushed out the envelope beyond just supporting virtual machines, but access to Blade PC and Terminal Services. VMware wants to continue supporting these other protocols – but the hope is over time that folks will favour PCoIP.
First things first – some practical things. There is no “special” client or agent for PCoIP that has to be installed and configured – PCoIP is built-in to both the View Agent (installed to the VM) and the View Client (installed to the Windows PC – it’s an optional component). Incidentally, you mist install the FULL View Client (not just use the View web-pages) to get the PCoIP driver installed to the client device. Installing the agent installs special audio and graphics drivers (codecs) into the virtual desktop. You would expect that with all this capacity for graphically rich user experience that PCoIP would be undesirable on the WAN. However, according PCoIP can degrade the user experience to compensate for increase in latency or narrow-bandwidth.
It’s perhaps with that sentence that I should issue disclaimer. After this point much that I’m going write is based on me reading documentation. I wasn’t allowed on to the View4 beta programme. In fact a great many of peers (other vExperts) weren’t on the View4 Beta Programme. I’ve been told that many of the FTSE 100 companies – weren’t on the beta programme either. In fact its been one of the most elusive beta programmes that VMware has run in recent years. So its VERY difficult at this stage to really properly benchmark these claims for performance. The other thing I would say, is even if this FUD turns out to be groundless – there maybe other reasons to with this implementation of PCoIP that might make it a “LAN” based technology rather than a “WAN” or more properly speaking a “Internet Protocol”. I dare say there will be al ot of FUD around the PCoIP protocol, and in fairness VMware will only have themselves to blame – after making access to the beta programme so exclusive. With that said, beta code is notorious for being unsuitable for true bench tests – it still has debug symbols included in it – with GA code doesn’t. Anyway, according to VMware – even if you WAN link displays 150ms-250ms latency – PCoIP will still deliver satisfactory performance. As I write this – I’m sat in a hotel in Bergen, Norway – ping my equipment in Nottingham, UK. The latency is 55ms via the hotel Wifi link. Latency is often seen as the be all and end all when it comes to remote desktop displays – in my experience the frequency of dropped and retransmitted packets are as important. The maximum my latency has been (while I was typing this article) was 452ms and I lost 3% of the packets during that time.
Anyway, before I go further let have a look at the features of PCoIP – and explain how it manages to achieve it magic. PCoIP gets most of acceleration from special codecs which process the graphical data to the users screen – the clever bit is that PCoIP can identify different graphical components – and then render that portion the sceen with the correct codec. So if you think about the screen – that screen will built with many graphical components such as icons, video, text, photos and the kind of graphics that you might see in PowerPoint or Excel Charts. PCoIP has a codec for each type, and can idea the types of screen content and then render with the right codec.
Another critical feature is “progressive build”. But very simply PCoIP races to get the information to the user screen as quickly as possible – in a lossy format. Typically, a web-page will show text, first and basic image. Then quickly and in the background these images get progressive sharper and better quality. This is particular good for rapid web-browsing (where the user goes backwards and forwards rapidly) because the user isn’t waiting for images to be built slowly – in a line by line - pixel by pixel basis – like RDP does.
Anyway, putting aside these core components there are some other PCoIP features which you should be aware of:
Multi-monitor Support (4 displays of the same resolution
32-bit colour
1920×1200 Resolution
Clipboard functionality (Cut & Paste Text to/from local device to PCoIP Session)
Control Bandwidth allocated to media formats like Flash (think youtube.com!). This is done by the View Agent installing a special control into the web-browser – so the system is aware it is running inside a virtual desktop. It then uses the VMware Adobe Flash Optimizer to control the bandwidth for different “Flash” experiences such as youtube.com or interactive flash demonstrations
USB is supported
Multimedia redirection is supported if the device supports (this is where video is played locally using local graphics/audio control – and redirected away from the ICA/RDP/PCoIP session
So far – wonderful stuff. OK, well I guess it time of the downsides – because they always are. In View3, VMware acquired a license for “ThinPrint” which they dubbed “Virtual Printing”. It’s a not full implementation of the ThinPrint product incidentally. Virtual Printing and PCoIP are incompatible. This means unless you procure a solution that IS compatible – you will be forced to use native printer drivers – which eat up precious bandwidth. In fact, printing has been the bane of everyone’s life who operates in the thin-client arena. I speak as someone who started with NT4 and Citrix MetaFrame 1.8 and finished with Citrix Presentation Server 4.5
PCoIP must be currently used with “Direct Connection” to the View Connection Server. Currently, PCoIP is incompatible with VMware Views “Security Server”. In case you don’t know. Connection Servers sit on your private network, and are joined to domain. As such you should never put them in a DMZ because they are vulnerable. Security Servers on the other hand are designed to facilitate firewall traversal – and are suitable for the DMZ. If you unfamiliar with the relationships my buddy, Tom Howarth who has real world experience of VMware View implementations has this handy diagram:
This is quite important limitation. It means any existing View implementation that uses a combination of Connection & Security Servers – cannot be used with PCoIP. It means introducing a different access mechanism - such VPN connection to make the PCoIP protocol secured with SSL and ”firewall friendly”. Those of you have been this business for while will now that although this limitation isn’t a show-stopper as such – it’s a stumbling block. Historically, users haven’t like VPN clients. They can be arse to setup and get working. And most users who rarely appreciate the distinction between the [SHIFT] key and the [SPACEBAR] rarely appreciate the reason why the VPN session must be brought up first before they can do any work. Certainly, most Citrix and View end-users are used to cranking up client or web-browser – typing in their username/password – and getting their desktop. PCoIP will work with 128-bit SSL, but again its unclear what the performance overhead might be with that additional payload.
You might be interested to know why a PCoIP session can connect to Connection Server, but not Security Server. It’s quite simple. PCoIP sessions are established with UDP packets (Port 50002 to be precise) to the Connection Server – and Security Servers only support TCP sessions. Whilst the PCoIP protocol does have built-in encryption – its not clear at this stage how this SSL session established. From what I tell it is NOT certificates based, but generated by internal algorithm. This is very similar the kind SecureICA that existed in the early Citrix MetaFrame product – prior to the introduction of certificates based encryption with things like the Citrix Secure Gateway and the Citrix Access Gateway. It’s fair to say that the competition (Citrix) has in the past introduced feature such as “Session Reliability” which have in the 1st instance been incompatible with their Security Systems. So to some degree ALL the thin-providers are guilty of this:
“Here’s brand new feature that massive improves performance and the user-experience – Oh, and by the way its incompatible with all our firewall traversal products…”
The good news is View4 is configurable in such way – that you could allow the user to select PCoIP if they were on the corporate LAN, and use thinner-more firewall friendly protocol when they are on the WAN/Internet. Whether they appreciate the difference is any one’s guess! By default the preferred protocol is PCoIP unless changed by the administrator or the end-user in the client.
On the audio side – PCoIP does support high quality audio OUTPUT, but it currently lacks an audio INPUT. This means such devices as voice-recorders – popular say in hospitals where doctors/consultants like to “record” their notes would have be delivered some alternative method.
So. There we have it the good, the bad and the ugly. Certainly our industry has been crying out for replacements for RDP/ICA for some years – and both Citrix and VMware have put some good R&D into the new protocols. Clearly, PCoIP is work in progress – and there’s much that can be done in the world virtual desktop to improve the manageability such as good deployment tools – and the flexible ways of delivering the apps to the virtual desktop. Additionally, there are still specific weakness in the world of printing and bolting down the desktop – where old methods such as Microsoft GPOs simply don’t cut the mustard. There are interesting days ahead!
techtarget.com has very kindly taken one of my chapters from my soon to be released book on vSphere4. The chapter was original meant to be VMware View3. Unfortunately, because of length and publishing deadlines – the VMware View3 chapter didn’t make the final cut my book. So techtarget.com very kindly offered to serialize it over a number of days/weeks. The first chunk is quick introduction to what VDI is – nothing too challenging, the next episode is all about View3 – each part will eventually build up into 90 pages of content that covers the core functionality of the product. When View4 is released I’ve promised the folks at TechTarget.com an update.
RSS
iTunes
