Earlier this week, VMware released version 2206 of Horizon 8. And whoever reviewed the release notes probably came to the same conclusion as I did: wow!
This is one feature-packed release you don’t want to miss! And with this post, I’ll make sure you won’t, as I’ll cover some of the changes that I think are major.
vSphere Distributed Resource Scheduler support for vGPU
This is one that a lot of organizations have been waiting for, and we’re one step closer to getting it! Up to recently, vGPU-enabled virtual machines were only considered by DRS during initial placement.
The full description in the release notes is:
- vSphere Distributed Resource Scheduler (DRS) is now supported with vGPU for vSphere 7.0 U3f and later
This means that if you are running vSphere version 7, build U3f or newer, a virtual machine that uses a vGPU will now be able to be migrated automatically to a different host when placing another host in maintenance mode. Now don’t get your hopes up too much, as there is a small catch, though! As it’s still not supported out of the box, this has to do with the stun time that occurs when migrating a vGPU-enabled virtual machine, which harms the employee experience.
The stun time depends on the size of the vGPU frame buffer and different network conditions. VMware has some documentation available, which provides insights into what to expect. The table below is taken from this page and shows the different framebuffers and the associated stun times.
Used vGPU Frame Buffer (GB) | VM Stun Time (sec) |
---|---|
1 | 2 |
2 | 4 |
4 | 6 |
8 | 12 |
16 | 22 |
32 | 39 |
Now, if this isn’t relevant to you, or if the added benefit of having those VMs migrated is greater than the negative impact. You can opt-in to ignore this by setting the following advanced DRS cluster setting:
VgpuMMAutomationTimeoutSecs = “-1”
Source: VMware KB 88271
VMware is working on this (most likely with NVIDIA) to solve this in the future, so stay tuned!
Compute profiles for a single golden image snapshot
This change might sound small, but its impact on an organization in terms of manageability can be huge!
Not sure what I’m on about? Read what’s in the release notes below and give it some thought:
- Option to create multiple custom compute profiles (CPU, RAM, Cores per Socket) for a single golden image snapshot during desktop pool creation
Consider the following scenario: Within your organization, you have multiple use cases, each with its own performance characteristics. Now for the sake of science, all applications are delivered via App Volumes so that we can take those out of the equation.
Each use case would have its own golden image, or at least its own snapshot. For a large organization, this can mean an operational hell!
See the image below for a visual representation of the situation with and without the new compute profiles feature.
In the image above, you’ll see that for each use case, you’ll have to maintain a (tree of) snapshot(s). This might mean you’ll have to install the same operating system update multiple times.
Now look at the image below, notice how it differs from the one above?
The snapshot is created at the beginning of the tree, so any changes you’ll need to make only have to be made once.
So using these new compute profiles, you are able to reduce the number of snapshots even more. As the compute configuration is applied when the virtual desktops are created instead of when the initial snapshot is made. And when needed, you can update these values at a later stage by using the “push image” functionality.
Additional forensic capabilities
Over the years the need for forensic capabilities for virtual desktops has grown. This obviously comes from the increase in cyber attacks but also from legal guidelines that organizations have to deal with.
With Linked Clones (deprecated), you could put a desktop in maintenance mode. This meant that it wouldn’t be refreshed or recomposed. So forensics could be conducted. Now Instant Clones have a similar capability too:
- Forensic quarantine feature that archives the virtual disks of selected dedicated or floating Instant Clone desktops for forensic purposes
Now with the Forensics Select Hold, you can live capture a user’s desktop (be it floating or dedicated) and make it “persistent” for a period. During this period, the desktop won’t be refreshed, reimaged, or deleted, granting IT operations the capability to investigate the virtual desktop.
The first thing that must be done is to ensure the required privileges (Forensics) are assigned. A Horizon Super Administrator doesn’t have these privileges by default, which makes sense as forensics is typically done by a different department for both legal and privacy-related reasons.
After that, an Archival datastore must be set in Global LDAP, as it’s read from there.
Now the Forensic Administrator can start the workflow through the Horizon API. Do note that a Forensics Select Hold can only be applied to an individual AD user. Once the Forensic Administrator does that, the following happens:
- If already signed in, the Forensics Select Hold will be applied to that virtual desktop and any other virtual desktop assigned to the employee
- Upon signing in, a virtual desktop will be changed from stateless to stateful. When this happens, the desktop remains in its original desktop pool
- From this moment forward, the virtual desktop acts as a persistent desktop. Upon signing in again, the employee sees changes made during a previous session
- IT Staff can spot virtual desktops currently in Forensics Select Hold in the Horizon Administration with a new status indicator
- The same is done in vCenter by using a tag, to notify vSphere administrators to not make any changes to the virtual machine
- While in hold, the virtual machine is accessible by the forensics team to conduct any investigation on it
I think this is a great addition to enable organizations to conduct forensics on their non-persistent virtual desktops. Unfortunately, currently, you can only work with this through the API. So one can only hope they add this feature to the GUI in the foreseeable future.
Wrapping it up
In this blog post, I only covered three features, which I think stood out. But just these three features can and will make an impact on organizations. Fortunately for us, the list of changes is extensive, and all of them will have a positive effect one way or the other. This is definitely a great release and it makes you wonder what the future might hold.
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.