Next up in our Rolling Review of virtual desktop infrastructure (VDI) systems is Sun Microsystems' new and improved virtual desktop offering, VDI 3.0. Released in March, the latest version includes new capabilities such as Active Directory support for client authentication, integration with VMware's ESX/VirtualCenter for Virtual Desktop hosting, and built-in support for Remote Desktop Protocol.
The architecture of Sun's VDI 3.0 comprises a back-end virtualization engine, which in this case can be VMWare's ESX or Sun's xVM VirtualBox hypervisor. Sun's VDI Core software sits on top of the hypervisor and contains all of the brokering and management logic. The final piece is the client access layer, which can be a thin client, a Microsoft Terminal Services Client (RDP), or Sun's Secure Web Access portal.
Running VDI 3.0 means you have to embrace Solaris, because VDI Core and VirtualBox require 64-bit hardware running Solaris 10 Update 6. You can run Solaris on any 64-bit-ready x86 box, and if you're using ESX as your hypervisor, then you'll only have to worry about managing Solaris on the VDI Core box.
Into The Pool
After installing VDI Core, we configured either ESX or VirtualBox to serve out virtual desktops. Once a provider is configured, desktop pools must be created to organize and distribute virtual desktops to clients.
Like other systems we've tested, desktop pools can contain dynamic or static desktops. Dynamic desktops don't save changes or state information after logging out. Static desktops, in contrast, are permanently assigned to users and maintain all changes after logout.
At the desktop pool level, we had no problems tying virtual desktop access to the Active Directory user accounts and groups in our test environment. VDI Core also can authenticate against LDAP databases.
VDI Core comes with a relatively basic set of performance management and provisioning features compared with other connection brokers, such as Sychron and Quest. This means IT can't prioritize connection requests based on the desktop pool, which means one group of users may take server resources from another group. We'd also like to see more application awareness, load balancing, and support for other hypervisors.
On the plus side, VDI Core can be configured to automatically clone new virtual desktops in a given desktop pool based on increasing user demand, and then spin them back down when demand drops.
Provisioning worked well in the lab. In particular, Sun VDI makes good use of a Microsoft tool called sysprep to avoid problems caused by cloning desktop images. Each computer, physical or virtual, that participates in a Windows domain must have a unique security identifier, or SID. If you clone a machine that's already joined to a Windows domain, each clone has the same SID and won't be allowed to log in to the domain. Sun lets you create a master image not joined to the domain, and then works with sysprep, which changes the clone's SID and joins it to the domain automatically. Other players possess this capability, but Sun executes it very well.
Our virtual desktop images ran a variety of software, including Office, applications served out via terminal services, and a connection to Salesforce.com. All the applications worked well in a virtual desktop environment, and actually performed faster than they do on a regular fat client computer.
We accessed virtual desktops via the Web portal and through thin clients. Using the portal, we were quickly able to log in to our virtual desktops using our AD credentials. While the portal itself worked as advertised, nothing made it stand out from the other connection brokers we've tested.
We were impressed with the SunRay 270 thin clients. Aside from the aesthetic appeal of the devices, they include a smartcard reader for two-factor authentication. The token associated with the smartcard can be tied to a particular user or desktop pool so that when users log in, the appropriate virtual desktop is automatically launched.
Clouds On The Horizon
While there's plenty to like about VDI Core 3.0, enterprises must also consider a few variables, not the least of which is whether VDI Core will exist a year from now with the recent acquisition of Sun by Oracle. According to Sun's PR team, no guidance from Oracle has yet been issued. Given Oracle's ongoing investments in virtualization, including the purchase of hypervisor vendor Virtual Iron, we think it's unlikely Ellison & Co. will do away with Sun's VDI line, but caveat emptor is the name of the game.
Product strategy aside, the most glaring omission is support for Hyper-V at the virtualization layer. Sun also limits your storage choices to Sun OpenStorage or Sun's Unified Storage Server (aka Amber Road) if you use Sun's VirtualBox hypervisor. Note that neither storage platform supports Fibre Channel. If you use ESX, you can use any storage system.
Finally, we wonder if Microsoft-centric IT shops will embrace Solaris, particularly when Solaris administration is a skill set that's relatively difficult to find and expensive to obtain. That said, if you have Solaris expertise in house or are willing to get it, Sun VDI is worth consideration.
Sun VDI 3 can be licensed at $140 per concurrent user or as a subscription, including support, for as low as $40 per user annually.