For many IT organizations, the move to desktop virtualization, with all its benefits, can be a bit daunting. There’s a lot of new “stuff” to learn; new storage and networking infrastructure to manage, new types of end-point devices, and new ways to build and manage desktops. Although these new ways to manage desktops have many advantages, they are nonetheless new and that means that IT departments must undertake the effort to learn a new set of tools and concepts for virtual desktops and apps while continuing to use existing tools and practices for physical desktops. Not good.
Recognizing this, over the last several months we have been working with our friends at Microsoft to bridge the gap between physical and virtual desktop management. You’ll see the first results of this collaboration in the newly released XenDesktop 5.6 and the forthcoming Microsoft System Center 2012 releases. We added a number of new features to both products to make it easier for Configuration Manager admins to track and manage virtual desktops built with the Citrix XenDesktop solution. Here are some of the new features you find in these new versions:
New Virtual Desktop Attributes
Configuration Manager gathers a wide range of information about the server and desktop systems it manages, providing a powerful mechanism for definition of dynamic collections of systems that are grouped based on certain attributes of those systems. These collections can then be used for compliance monitoring and reporting and OS and software update policies. With XenDesktop 5.6 and System Center 2012 the following new machine attributes will now available to assist admins in building collections for their virtual desktops:
- CCM_DesktopMachine (Generic SCCM virtual desktop attributes; value below apply for XenDesktop environments)
- Host Identifier – Name of the XenDesktop broker site hosting the desktop
- Is Assigned to User – True if desktop has been assigned to a user
- Is Machine Changes Persisted – False if desktop provisioned from a shared image (i.e. with PVS or MCS)
- Is Virtual – True if desktop is a VM
- Partner – Citrix
- Citrix_VirtualDesktopInfo (Citrix-specific attributes)
- Broker Site Name – Name of the XenDesktop broker site hosting the desktop
- Desktop Catalog Name – Name of the machine catalog within the site
- Desktop Group Name – Name of the desktop group within the site
- Is Assigned – True if desktop has been assigned to a user
- Is Virtual Machine – True if desktop is a VM
- OS Changes Persist – False if desktop provisioned from a shared image (i.e. with PVS or MCS)
- Persistent Data Location – Location where machine ID information is stored (see below)
- Personal vDisk Drive Letter – Drive letter for the Personal vDisk that is attached to the VM (if any)
How do you use these new attributes? You may want to define SCCM collections that align to XenDesktop catalogs so that specific OS updates and application patches are correctly applied. For example, you can have slightly different endpoint protection policies for pooled desktops (i.e. OS Changes Persist = False) to avoid repeated applications of non-critical patches to the same virtual machine. With the updates to XenDesktop and Configuration Manager, admins now have the information they need to easily tailor their configuration management policies for virtual desktops.
Unique Machine IDs for Shared Image Desktops
Virtual desktops built on the shared image provisioning solutions provided by XenDesktop (Provisioning Services and Machine Creation Services) presented a bit of a challenge for Configuration Manager 2007. Because these machines concurrently share a single base image it was difficult to configure them to correctly register with Configuration Manager 2007. Without some scripting you would run into a problem of all the machines registering with the same ID or generating a new ID with every reboot, resulting in a lot of orphaned machine records.
With XenDesktop 5.6 and Configuration Manager 2012 that problem is now history. When you create your master image with either MCS or PVS simply install the SCCM agent and forget about it. When you create cloned/streamed machines from that master image, the SCCM agent will automatically generate and store machine IDs that persist for the life of the VM. Your virtual desktops will register and behave exactly like their physical counterparts. One record per machine and that machine will continue to use the same ID across reboots. This capability will also be available for XenApp servers streamed with Provisioning Services 6.1.
Update Control for Shared Image Desktops
Another challenge that has faced Configuration Manager admins is the fact that with shared image desktops you don’t want updates to be applied to the cloned/streamed desktops as those changes will be lost when the machines reboot. Instead, you only want updates to be applied to the “master VM” used to create and/or maintain the master image. Prior to System Center 2012, there was no easy way to disable updates without completely disabling the agent and thus losing visibility to the cloned/streamed desktops for compliance monitoring and reporting.
To address this, Configuration Manager 2012 provides a simple mechanism to disable the update deployment. In the Configuration Manager console you can define a custom client setting for the Computer Agent. Within that there is an option called “Agent extensions manage the deployment of applications and software updates.” Setting that to true instructs the SCCM agent to do all of its normal information discovery operations but not attempt to download/apply any software updates. Once you have defined this policy you can apply it to any collections of virtual desktops which are built on shared images. Your master VMs can be in different collections which don’t have this policy applied so that they will continue to download and apply updates.
This change is a nice complement to a feature we added to Provisioning Services 6.0 last year. That feature, called Automated Image Update, provides an automated mechanism to update Provisioning Services vDisks with System Center Configuration Manager. With the new update control mechanisms in System Center 2012 and Automated Image Update, admins will see very little difference in the way they target and deploy OS and application updates to shared image virtual desktops v. traditional desktops. Once the collections are defined and the image update policy applied, the admins can target updates as they normally would and updates will automatically be routed to the master/update VM and deployed to the streamed desktops on reboot by Provisioning Services Automated Image Update. This capability can be used for streamed XenApp servers as well.
These new features are just a start. As we continue to collaborate with Microsoft we will continue to look for ways to streamline virtual desktop and application management for Configuration Manager admins. In the meantime, if you haven’t already, download XenDesktop 5.6 and the System Center 2012 Release Candidate, give these new features a try, and let us know what you think.