Login Info

http://labs.hol.vmware.com/pex

Lab = HOL-MBL-1458

CONFIDENTIAL 1

2Hands-on Labs Workshops

Rick Terlep EUC Technical Enablement AdvisorDean Flaming Sr. Technical Marketing Manager - EUC

ELW-MBL-1458 - Application Management with VMware App Volumes and Horizon 6

Agenda

1 Introduction

2 The Lab Experience

3 Running your own workshops

4 App Volumes Basics + Q&A

CONFIDENTIAL 3

Your Hosts

Dean Flaming

Member of VMware EUC Enablement team

Responsible for EUC HOL All issues with this lab are his fault

Formerly an EUC Specialist

Focused on ThinApp

Rick Terlep

EUC Technical Enablement Coordinator

Formerly Core SE for 6 years

Specialist in EUC, Retail, ROBO

Lab Captain & Proctor for multiple years

Lab captain for vSphere Performance Lab

CONFIDENTIAL 4

The HOL Experience

CONFIDENTIAL5

HOL Environment: labs.hol.vmware.com

CONFIDENTIAL

Hosted on OneCloud

VMware Learning Platform via Web Browser (VLP formerly Project Nee)

Uses WebMKS/HTML5

Access to all latest VMW Products

No Licenses or Special Hardware

Localized Lab Manuals

~50 Labs 70+ hrs guided exercises

HOL-in-a-Box!

EUC Lab Environment: labs.hol.vmware.com/eucsolutions

CONFIDENTIAL

All the latest EUC labs from VMworld/PEX

Includes Horizon 6 Intro, AirWatch & App Volumes

Used for Virtual Marketing and Enablement

Grouped by Solutions

Localized Lab Manuals

Attendee Registration Link to SFDC

(via FEL and TESTDRIVE)

HOL Team Overview

Dedicated Hands-on-Lab Team

Supports up to ~50 Labs

First call for public lab support

Maintains Lab Environments for Customers

Run Partner HOL-in-a-Box

Use defined curriculum formats, tools, best practices, & time tables

CONFIDENTIAL

Hands-On-Labs Infrastructure Overview

300 Servers

XtremIO & Virtual SAN

ESXi vCenter Server NSX

vCloud Director

VMware Learning Platform (VLP a.k.a. Project Nee)

VMware & Partner Created Lab Content

vC

ente

r O

pera

tions

vC

ente

r Log Insig

ht

VMware Hands-on Labs Use Cases

Hands-on Labs Workshops

Host workshops at your site

Deeper engagements with your customers

Easy way to ramp up on products

Product configuration / validation

Practice for testing certification

Product / Feature Evaluation

Latest VMware products

Partner Lab integrations

Running your own workshop

CONFIDENTIAL13

Tips for running your own HOL Workshop

HOL in a box

http://blogs.vmware.com/hol/2014/08/hands-labs-box.html

Collateral to use for your own workshop

Most everything you need is outlined in this post

Workshop flow

Plan a desired outcome and work towards it

Introduce yourself to the attendees / show experience

Explain the UI people get confused

Companion content

Content to augment the lab content

Practice the lab ahead of time

CONFIDENTIAL 14

Agenda

App Volumes Product Overview

Features and Components

App Volumes Best Practices

Product OverviewApp Volumes 2.x Technical Product Overview

OS

Managed Application Containers

App Volumes agent

Disaggregate IT managed applications and user installed applications from the operating system

Just-in-time App Model

OS

Applications

Traditional

Data/Files

Settings App Container App Container User changes

Simple Application ProvisioningNo packaging, no sequencing, no streaming. Simply install applications natively.

Provision applications as easily as installing them.

2Mount the AppStack

and install applications 1

Create a new,

empty AppStack

3 Provision the AppStack

VDI

RDSH

Complete Application Lifecycle Management

Logically manage applications

based on line of business

requirements.

Deliver, update, and retire any set of applications in seconds.

Update immediately, or next login.

Simplify management of all of your

core applications through one AppStack

App Volumes FeaturesApp Volumes 2.x Features and Components

App Volumes components

App Volumes Manager

App Volumes Agent

AppStack volume(s)

Console for assignments and configuration Broker for App Volume Agent for the assignment of

applications and writable volumes

File system and registry abstraction layer running on the target system

Virtualizes file system writes as appropriate (when used with optional writable volume)

Read-only volume containing applications Can map more than one AppStack per user, target Deploy apps to VDI or RDSH

Writable volume Per user read-write volume used to persist changes written in the session

One writable volume per user

App Volumes Creating and Assigning an AppStack

Create & Attach AppStack

Install Application(s) in Provisioning VM

Complete AppStackCreation

Reboot Provisioning VM

Validate SuccesfulAppStackCreation

Assign AppStackto AD object(s)

Complete AppStack

Entitlements

App Volumes Provisioning Volumes Workflow

Target System App Volumes Manager vCenter

1 2 3Configure AppStacks

- Target system- VMDK information- DataStore Information

Receives AppStacksMount Commands

Login

App Volumes Agent Events

Logout

Startup Shutdown

43

21

App Volumes Agent Startup

App Volumes Manager

Sends License Information & machine assignments

2

App Volumes Agent

1

Checks-in

App Volumes Agent Shutdown

App Volumes Manager

User based assignments detached

2

App Volumes Agent

1Checks-in

App Volumes Agent Login

App Volumes Manager

1. CV Agent checks into CV Manager2. CV Agents checks for pending

attachments/un-attachments3. CV Agents checks for machine

based attachments, if so no user based attachments are honored

4. CV Manager checks database for logged in user assignments

5. Attach assigned volumes - Writable then AppStack(s)

2

App Volumes Agent

1

Database

34

5

App Volumes Agent Logout

App Volumes Manager

User based assignments detached

2

App Volumes Agent

1

Checks-in

App Volumes Provisioning Workflow

App Volumes Manager

App Volumes Agent

AppStack volume(s)

App Volumes Provisioning

Start with Clean VM image

Create AppStack in CV Manager

Choose Provisioning VM

VMDK gets attached to Provisioning VM

Install application

Complete AppStack creation

VM restarts, VMDK is detached

Ready to assign AppStack

Pre-requisites & Requirements

Software Requirements

Server

2 vCPUs (Recommended 4 vCPUs)

4GB of RAM

1GB of Disk Space

Hypervisor: VMware ESX 5.x with Virtual Center 5.x or Hyper-V with SCVMM 2012 SP1

SQL Server 2008 R2 or 2012

Client

Windows 7 and above

1 GB of RAM

5 MB of Disk Space

App Volumes Management server

Windows Server 2008 R2 or Windows 2012

Supported Browser to access management console:

IE 9, 10

Firefox 10, 11

Safari 5.1x

Microsoft AD Domain, 2003 functional or above

App Volumes Agent

Windows 7* or above

System Requirements

App Volumes: Requirements

App Volumes Pre-Requisites

Database

SQL Express 2008 r2 supported for Testing/non-production

SQL 2008 r2 or 2012 standard and above for production

Active Directory users

Account with standard permission for initial setup/connection

Administrator level account for AppStack VM Provisioning

End-users administrator privileges required to install applications into their writable volumes (UIA).

Agent/Manager communication on port 80/443

App Volumes Installation Walkthrough

Install App Volumes Manager

Complete Initial Configuration

(License/Template)

Install App Volumes Agent on

Virtual Desktop

Build 1 or more Provisioning VM(s)

Now you are ready for AppStack

creation

Network & Security

vCenter

Firewall Ports

CONFIDENTIAL

Manager (Web Interface)

vSphere ESXi

SOAP

App Volumes Manager

NGINX

HTTP/HTTPS (80/443)

HTTPS (443)

hostd

App Volumes Manager uses HTTPS (443) for communication between vCenter and ESXi hosts

HTTP (80)

Direct connections to hosts is optional

LDAP (389) or LDAPS (636)

App Volumes Manager uses TCP 1433 to SQL

SQL Database

Virtual Desktops

Agent

Ruby

svmanager HTTP (80)

TCP 1433HTTPS (443)

Domain Controller

LDAP (389) / LDAPS (636)

CONFIDENTIAL 36

Security Considerations

Replace default self-signed SSL certificate for App Volumes Manager

Deploy ThinApp packaged applications to leverage isolation modes

AppStack is attached read-only

End user local profile and user installed applications use dedicated writable volume

Use a read-only Active Directory service account for App Volumes

vCenter Administrator privileges required

CONFIDENTIAL 37

App Volumes Best Practices and Lab

App Volumes Mantras

1. Know Thy App!

2. Test your AppStack before deploying at scale.

3. Ethics doesnt ship with the code.

4. Just because you can, doesnt mean you should.

5. Best practices are in the eye of the beholder.

6. Junk In? Junk Out!

App Volumes Best Practices

Install Kernel mode Drivers in Base Image, not in an AppStack

Install into the base image applications that need to remain running when the user is logged out

Use 3rd Party tools to do data replication of App Volumes folder across various locations (i.e., storage replication)

Install applications that are dependent on each other in the same AppStack when possible

Use drive encryption sparingly on Writable Volumes

Recommendation of no more than 20 AppStacks per Target System

AppStack Grouping Example

Jane Doe receives three volumes:

1. Writable volume

2. Department-level AppStack for

Accountants

3. AppStack for all university

employees

Accountant Jane Doe

Jane Does Writable Volume

Accounta

nts

AppS

tack

QuickBooks TurboTax

Accountants

All

Users

Ap

pS

tack

Microsoft

Office

University

App

Depart

ment

AppS

tack

Professors

Math Professor John Smith

John Smiths Writable Volume

MathematicaMicrosoft

Visio

John Smith receives three volumes:

1. Writable volume

2. Department-level AppStack for math

professors

3. AppStack for all university

employees

CONFIDENTIAL 41

Thank you!