Disable Virtual SAN health check alarms

When using PCIE/NVMe SSDs in the capacity layer of Virtual SAN, the SSDs are generating a warning for the “Hardware Compatibility – SCSI Controller on Virtual SAN HCL” health check, even when the devices are on the Virtual SAN HCL.

alarm

The “Hardware Compatibility – SCSI Controller on Virtual SAN HCL” health check cannot detect the PCIE/NVMe SSDs because they do not use standard I/O controllers.

To disable the HCL health check alarm use these simple steps:

  • In the vCenter Web Client top level, navigate to Manage and select “Alarm Definitions
  • Navigate to the alarm and select Edit

alarm1

  • Deselect the “Enable this alarm” checkbox and click on Finish

alarm3

Another use case is to disable the HCL health check(s) in non-production lab environments that use Virtual SAN with hardware that is not certified.

Tested: VDI End User Experience monitoring tools

The success  and effectiveness of a VDI environment depends on the End User Experience (UX). When the End User Experience isn’t good, users will complain and the VDI project will fail. So the ability to analyze, report and troubleshoot when a problem occurs is critical in a VDI environment. To get this insight I tested ControlUp v6 and VMware vRealize Operations for Horizon v6.3. Both tools are tested against the following subjects:

  • Architecture
  • Troubleshoot performance problems
  • Reporting
  • End User Experience monitoring
  • Supporting End-Users
  • Licensing

The features of ControlUp and VMware vRealize Operations for Horizon are tested against a VMware Horizon View 7 environment.

Architecture

ControlUp

In the on-premises datacenter reside two components:

  • ControlUp Management Console. This is a .NET Windows  application which connects to the vCenter Server/vSphere clusters and VDI desktops.
  • ControlUp Monitor Service. This Windows service is responsible for alerting, reporting and uploading historical data to the Insight database which resides in the ControlUp Cloud.

The ControlUp installation is very simple. On a management server simply execute a single executable (ControlUpConsole.exe). It runs in memory, so there is no installation needed. For alerting and uploading data the ControlUp Monitor Service is needed. Here is an overview how a ControlUp hybrid (cloud and in-prem) infrastructure looks like:

architecture

On the left is the Enterprise Network displayed. This is the on-premises datacenter where the hypervisors and Horizon environment resides and where the ControlUp Monitor and Console are installed. There is a very minimal infrastructure needed for deploying ControlUp. All the backend components are hosted in ControlUp cloud that is  hosted on Amazon Web Services (AWS).

It’s possible to have the backend  components installed on-premises with a special version of ControlUp if you have special compliance requirements. With this version everything runs on-premises.

VMware vRealize Operations for Horizon

VMware vRealize Operations for Horizon is a monitoring solution that extends the capability of VMware vRealize Operations Manager to troubleshoot, monitor, and manage the health, capacity, and performance of VMware Horizon View environments. The architecture of vROps looks like:

architecture

The main components are:

  • VMware vRealize Operations (vROps). vROps can be deployed on Windows, Linux or when using the appliance.
  • VMware vRealize Operations Horizon management pack (PAK). After the vROps is installed and configured add the VMware vRealize Operations Horizon management pack to vROps.
  • vRealize Operations for Horizon broker agent. On one Horizon View Connection Server install the agent and pair this with vROps Horizon adapter.
  • vRealize Operations for Horizon Desktop Agent. In the Horizon View Agent enable this feature.

After installing and configuring these main components the gathering of statistics, events and performance data can begin. All the components are installed in the on-premises datacenter. Besides the VMware vRealize Operations Horizon management pack there are other management packs available that can be imported in vROps such as the Virtual SAN and NSX management pack. This improves the end-to-end visibility and monitoring.

User Interface

ControlUp

When executing the ControlUp Management Console the following UI is displayed after adding the central vCenter server.

CU Management Console1

This is a real-time performance dashboard.

On the left the managed hypervisor(s), vCenter(s) and servers and desktops are listed. On the managed Windows desktops a lightweight agent is pushed.

The following dashboards are available:

  • Folders
  • Hosts
  • Computers
  • Sessions
  • Processes
  • Accounts
  • Applications

You can easily search, filter, sort, group by,  customize and organize the columns that will be displayed in each dashboard.

vROPS for Horizon

The User Interface (UI) for vROps is accessible from the internet browser.

webportal webportal1

After logging-in there are Horizon specific dashboards available such as:

  • Horizon Overview
  • Horizon Help Desk
  • Horizon Infrastructure
  • Horizon User Sessions
  • Horizon VDI Pools
  • Horizon RDS Pools
  • Horizon Applications
  • Horizon Desktop Usage
  • Horizon User Session details
  • Horizon RDS Host Details
  • Horizon End User Experience

These are the default dashboards but it is possible to create own personalized dashboards with widgets and metrics you need.

Troubleshoot performance problems

To demonstrate performance troubleshooting with both products we use a Windows 10 VDI desktop and run the tool “Heavyload.exe” to generate 100% CPU utilization.

heavy

ControlUp

With ControlUp Management Console we can troubleshoot performance problems on hosts, computers and,-sessions in real-time and  identify the process that is causing the 100% CPU utilization.

1 2a

vROPS for Horizon

With vROps we filter on “Percent Processor Time%”, select the session and perform a manual “Get Desktop Processes”.

3High CPU 1

The “Get Desktop Processes” task takes between 10-30 seconds to generate a list of process information per desktop. In ControlUp getting the processes list is in real-time. Besides identifying high CPU utilization other performance counters can be identified with both products.

Reporting

ControlUp Insights

With ControlUp v5 ControlUp Insights was introduced. ControlUp Insights is historical reporting and analytics platform in the cloud. In v6 ControlUp Insights is extended with new reports. Each month new reports are added to the portal. The portal is accessible from the following URL:

  • https://insights.controlup.com

When logging-in there are three main sections with a couple of sub-sections:

  • User Activity
    • Session Count
    • Session Activity
    • Session Details
    • Session Resources
    • Logon Durationreports
    • Protocol Latency
  • System Health
    • Computer Trends
    • Computer Statistics
    • Host Trends
    • Top Windows Errors
  • Application Usage
    • App Usage Details
    • Citrix License Usage

Each section has a several reports with information about user activity, user experience, resource consumption, application activity, system health and license information. The reports are simple, interactive and good-looking.  In addition, where applicable, ControlUp Insights presents global benchmark values for performance and user experience metrics. These metrics are calculated based on anonymize metadata sent to ControlUp Insights from the customers that use this platform

Here are 4 examples reports of Insights:

Computer Trends Host Trends Resource usage Toperrors

The report data can be exported as CSV files.

export

vROPS for Horizon

There are several predefined Horizon reports that can be run or scheduled on regular basis. These reports provide information about remote desktop and application usage, desktop and application pool configuration details, and license compliance. Here are some examples:

2016-08-15_15h39_39 2016-08-15_15h50_12 2016-08-15_15h50_30 2016-08-15_15h50_50

The reports aren’t as fancy and interactive as in ControlUp. The reports can be exported as CSV or PDF files.

End User Experience (UX) monitoring

Besides performance metrics User Experience (UX) metrics are very important in a VDI and SBC environment.

ControlUp UX metrics

  • PCoIP Session bandwidth usage and latency.
  • Desktop Load Time.
  • Group Policy Load Time.

Protocol LatencyUX metrics

  • Application Load Time.

appl load time

vROps for Horizon

  • PCoIP and Blast extreme protocol metrics
  • Profile Load Time
  • Shell Load Time

UX

Both products offer UI metrics. The Application Load Time is a new cool feature in ControlUp 6 that measures the time that it takes that an application become available for the end user. This is good indicator for the User Experience.

Supporting End-Users

ControlUp

Besides monitoring and reporting there are other features built-in to support the End-users. The following screenshot show some of these features:

2016-08-15_16h34_23

Script-Based Actions (SBA) allows the admin to extend ControlUp functionality. Scripts (either developed internally or by the community and then sanitized by ControlUp before being published), can be written using Batch, VBScript or PowerShell.
These scripts can be used and executed on one or more target computers. This following SBA list the PCoIP bandwidth usage for example

sba pcoip

The Application usage report lists the number of concurrent   instances and named users for the selected application.

2

This helps identifying who is using what application(s) and licensing applications.

The “top 10 Windows errors” report shows the most frequently occurring errors on all managed computers. If the error is known, it has a link with a possible solution and how to fix it.

1

All the errors are benchmarkend against other organizations.

vROps for Horizon

vROps focuses primarily on monitoring and reporting. So no other end-user supporting features are available as  in ControlUp. Other unique features are:

  • Horizon VDI and application pool indicator metrics
  • Besides PCoIP Blast Extreme protocol metrics are available in vROps for Horizon 6.3
  • Management Packs.  There is a lot (VMware and third party) management packs available such as Virtual SAN and NSX. This improves the end-to-end visibility and monitoring with there own metrics.

Licensing

ControlUp

ControlUp is available as Pro, Enterprise, or Platinum edition. The main differences between these versions are in:

  • Insights retention data (1 Day for Pro, 1 Month for Enterprise, 1 Year for Platinum)
  • Multi Tenancy Support (Enterprise and above)
  • Multi AD support (Enterprise and above)

vROPS for Horizon

vROps for Horizon is licensed as:

  • standalone product.
  • Included in the Horizon Enterprise license

Conclusion

In this blogpost I tried to give a impression of both products. ControlUp and VMware vRealize Operations for Horizon are both great products for monitoring and reporting on your Horizon environment.  Each products has several pros against the other such as:

ControlUp:

  • Less infra structure is needed than vROps for Horizon.
  • Simplicity of the product with an easy learning curve.
  • Great tool for real-time troubleshooting. Process information is available is real-time.
  • Pre-defined interactive reports available for troubleshooting and management information.
  • Offers other functions such as: killing services, Script Based Actions, chatting, managing the file system and registry, application usage, top Windows events etc.

VMware vRealize Operations for Horizon:

  • Besides the VMware vRealize Operations Horizon management pack, there are other management packs (VMware and third party) available that can be imported in vROps such as the Virtual SAN and NSX management pack. Such components become more and more common in a VMware Horizon environment. Adding these management packs improves the end-to-end visibility and monitoring.
  • Ability to create personalized dashboards.
  • vSphere and Horizon Infrastructure related counters such as VDI and Horizon applications pool information.

What product do I need for Horizon environment? This depends on your requirements, use case and what licenses you already have. For example when having a Horizon Enterprise license, vROps for Horizon is included. Even when having a vROps environment, ControlUp adds great value by it’s unique features such as the interactive ControlUp Insights reports and complement vROps.

Define what devices are allowed in a Horizon View desktop with UEM Smart Policies

When designing  a new Horizon View environment, one of the design phases is to identify what requirements there are when accessing (redirecting) devices in a Horizon View desktop of published app. In other words what redirection and devices are available and permitted in the VDI desktop or published app such as:

  • USB devices
  • Clipboard (copy/paste) redirection
  • Client Drives Redirection (CDR)
  • Printing redirection

For the most environments different requirements are needed when accessing devices from inside or outside the company.  Here is an example what redirection/devices are allowed when accessing from inside or outside the company:

Endpoint

location 

USB Client drive redirection clipboard printing
inside yes yes yes no
outside no no no yes

In User Environment Manager (UEM) 9 there is a new functionality called “Smart Policies”. With Smart Policies you can define what devices are allowed in the VDI desktop based on dynamic conditions such as:

  • The endpoint location (inside or outside the company)
  • Horizon Tags
  • Desktop pool name
  • Other View Client variables such as:

vars

With the endpoint “Client location” condition it is possible to determine when accessing from inside or outside the company. When connecting through the internal Horizon View Connection server the “Client Location” gets the value Internal. When connecting through the Horizon View Security Server or Access Point the “Client location” condition get the value External. For the different requirements, 2 policies are needed, 1 for internal and 1 for external.

Exterbal Internal

After defining the policy a condition needs to be set.

  • For the internal policy: Property “Client Location” is equal to Internal
  • For the external policy: Property “Client Location” is equal to External

Example:

 

43

After defining the conditions both policies are ready to use. In this blog post I showed the strength of using the new Smart Policies option in UEM9. Smart Policies requires UEM9 and Horizon 7 to function.

Slow logoff from a Horizon View VDI desktop

When building a new Horizon Environment, the logoff and refresh  maintenance window takes a couple of minutes.

When a user is logging off from a Horizon VDI session the desktop refreshed in a floating pool. (A refresh action can be configured per pool). During the logoff and refresh window the desktop is in “maintenance mode” and the user is unable log in.

The following warning is displayed in the Horizon View Client when trying to connect:

The View Agent reports that this desktop is currently logging off a previous session. Please try again later.

1

The new installed Horizon environment has the following products and versions installed:

  • VMware vSphere 6.x
  • Virtual SAN 6.2
  • Horizon 7
  • App Volumes 2.10
  • User Environment Manager 9.0
  • Sophos Antivirus for vShield
  • Windows 7 desktop
  • Windows 2012 RDS

After some troubleshooting, I disabled the “Sophos Antivirus for vShield” appliance per ESXi server. After disabling the appliance the VDI desktop logoff and refresh window was finished in a couple of seconds instead of a couple of minutes. So the problem has something to do with the virusscanner or vShield Endpoint. After digging deeper it was VMware Tools related. In April 2016 VMware Tools 10.0.8 was released that fixes performance problems with NSX and VMware vCloud Networking and Security 5.5.x.

After upgrading the VMware Tools version to 10.0.8 in the golden image the slow logoff and refresh was solved. Within a couple of seconds the user is now able to log off again to a fresh new VDI desktop.

More information on VMware Tools 10.0.8: Link.

The mobile SDDC and EUC lab environment

With my  company I work for (Ictivity), we decided to develop a mobile Software Defined Data Center (SDDC) and End User Computing (EUC) lab environment. This mobile lab environment will be used to demo the VMware SDDC and End User Computing (EUC) stack with integration of third party solutions.  One of the reasons to use a physical lab environment instead of cloud services was flexibility and  having no dependencies.

The past moths I’ve got asked what components we used to build this lab environment. So here is an quick overview. The environment logically looks like the picture below:

Demo Environment

This environment contains three physical hosts with VMware ESXi installed and one switch. One ESXi host function as management host. On this management host the following software bits are installed:

  • vSphere 6
  • VSAN Witness
  • NSX Manager
  • Fortigate VMX
  • vRealize components
  • The End User Computing stack such as Horizon View, App Volumes, User Environment Manager and Identity Manager
  • Veeam

The other 2 ESXi hosts function as demo cluster. On this 2-node cluster the following software bits are installed:

  • vSphere 6
  • Virtual SAN (VSAN) All Flash (AF) configuration
  • NSX integration
  • Windows 10l
  • Windows Server 2012 R2

A laptop is used to connect to the lab environment.

What component are used? 

Some highlights of this lab are:

  • 4U rackmount flightcase
  • Mini-ITX motherboard
  • Intel Xeon D-1541 single socket System-on-Chip 8 core processor
  • 2 x 10 GbE Ethernet adapters
  • Only SSD is used
  • IPMI port

Case

The case is a robust custom made 19″ 4U rackmount flightcase with a removable front and back. It has two wheels so you can carry it easily around. This case contains 3 servers and one switch.Here is a picture of the case including alle the hosts and the switch.

IMG_0622Indeling Flightcase

Hosts

The flightcase contains three SuperMicro SYS-5018D-FN4T 1U Rackmount hosts with the following hardware specifications:

  • Chassis: SuperMicro 19″ 1U with a 200W Gold level power supply. Optimized for Mini-ITX (SuperChassis SC505-203B)
  • Motherboard: Super X10SDV-8C-TLN4F Mini-ITX board
  • Processor: 1 x Intel Xeon D-1541 single socket System-on-Chip. This processor contains 8 cores with 16 threads (hypertreading)
  • Memory: 4x DDR4 DIMM sockets (maximum 128 GB, 4 x 32GB DDR4 ECC  memory)
  • LAN: 2 x 10GbE and 2 x 1 GbE and 1 x IPMI LAN port
  • Expansion slots: 1 x PCIe 3.0 x16 slot and a M.2 PCIe 3.0 x4
  • Video: Aspeed AST2400
  • USB: 2x USB 3.0 and 4x USB 2.0

Management host

  • Memory: 4 x 32GB = 128 GB
  • SSD: 2 x Samsung PM863 MZ-7LM1T9E – SSD Enterprise – 1.92 TB – intern – 2.5″ – SATA 6Gb
  • Disk: Seagate Enterprise 6 TB disk (for backup)
  • USB Stick: Sandisk Ultra Fit USB3 16 GB (for booting ESXi)

Demo hosts 

Each host contains the following hardware:

  • Memory: 2 x 16GB = 32 GB per server
  • SSD: 1 x Intel P3500 SSD 1.2 TB PCIe 3.0 x4 (NVMe) and Samsung 950 Pro V-Nand M.2 PCI-e SSD 512GB
  • USB Stick: Sandisk Ultra Fit USB3 16 GB (for booting ESXi)

Switch

  • Switch: Netgear ProSafe Plus XS708E 8 x 10 Gbps +SFP slot

Cables

  • 6 x UTP CAT6 0.50 cm cables
  • 1 x UTP CAT6 5m
  • 1 x UTP CAT6 10m

 

Processor host NIC

With this mobile SSDC lab environment we archived the following benefits:

  • Mobile and easy to carry around
  • Flexibility to install the latest VMware SDDC and 3e party software
  • No dependency
  • Enough horsepower
  • Low noise and power consumption
  • Remote accessible from our datacenter
  • IPMI and KVM support