In part 1, I talked about what is Cloud Computing, what is Software + Services, and why IT Pros should care. Here in part 2, I focused on Microsoft’s efforts and offerings relevant to Cloud Computing, and introduced Microsoft Online Services with the following demos:
- Acquiring Microsoft Online Services
- Creating users
- Managing SharePoint
- Managing Exchange
So what are Microsoft Online Services? Very simply, they are enterprise solutions delivered through the Cloud with subscription services hosted by Microsoft. Specifically, Business Productivity Online Suite (BPOS) includes Exchange Online, SharePoint Online, Office Communications Online and Office Live Meeting. With BPOS, Microsoft Online Services offer business the capabilities of Microsoft Exchange Server, Microsoft Office SharePoint Server, Microsoft Office Communications Server, and Microsoft Office Live Meeting quickly, easily, and without the upfront costs of an on-premise deployment by hosting these solutions online. The best way to understand it is to try it out.
Directly form a just published case study:
Without MED-V, TÜV NORD employees in India would have had to connect to the company’s Terminal Services system in Germany, which would have required significantly more bandwidth (4MB instead of 500KB) at an additional annual cost of approximately U.S.$585,000.
“It’s much cheaper to install a MED-V image on a client than to give an inspector in India a separate computer and Internet connection,” Boerger explains. “Moving forward, we anticipate that offices in some countries won’t need complete, local IT infrastructures. With MED-V, we’ll be able to provide what they need at a fraction of the cost.”
Click the following image to bring up the case study and notice all Microsoft published case studies are available at http://ww.mircosoft.com/casestudies/
Recently there have been active discussions on cloud computing and Microsoft also has brought in a new IT service delivery model called Software + Services. This session based on the content delivered in Microsoft TechNet Events in early 2009 takes a 50,000 foot view and get a perspective on what has happened in the past two decades and appreciate:
- What is Cloud computing? What is Software + Services? And how did we get here?
- As IT Pros, why should we care? What are the opportunities and what’s in for IT Pros?
I won't repeat the information here. Just read the Windows 7 team post. If not already, absolutely now need to pay full attention on how to move from Windows XP to Windows 7. Also do pick a few Windows 7 technologies and get really good at them. Direct Access, Boot from VHD, BitLocker to Go, and Windows XP Mode are Windows 7 solutions on top of my list to master. I have been putting in many weekends and hours. Probably too many. What do you have on your list? And are you ready for Windows 7?
John (Baker), a good friend and a colleague of mine in the Microsoft US East Evangelist team, and I both attended TechEd 2009 in L.A. and the first thing that Monday we did was to walk in a little onsite studio and record a TechTalk session. Since we needed to get it done in our time slot which was 30 minutes including getting in and out, mingling with the crew, getting John off email (that was a tough one, if you know what I mean), and finding the right angle for me (which was the most important thing as far as I was concerned for the whole recording), etc. Everything happened real fast and basically we sit down, put on the microphones, smiled, talked, thanked you, then got up and left, so the crew could start recording the next session. And yes, we did it in one take. It was a little bit intense and stressful, yet I had a lot of fun doing it. John is fun to work with and we always have a good time hanging out. Not to mention I got to talk about Self-Service Portal, something I consider one of the key objectives for implementing a virtual machine manager infrastructure.
Take a look. It’s a 10-minute fame of me and Sir Baker in TechEd 2009. Maybe we will do it more on other interesting and frequently asked topics like Direst Access, Windows XP Mode, boot with VHD, Bitlocker to go, and many more.
Two sessions in the upcoming TechEd 2009, I will be presenting. One is on prototyping Groove solution with a laptop and the other is a TechTalk recording on System Center Virtual Machine Manager Self-Service Portal. Here’s some information:
OFC309
Prototyping Microsoft Office Groove Collaboration Solutions with a Laptop
5/15/2009 2:45PM-4:00PM
Room 150
TTK60
Virtual Machine Manager Self-Service Portal: What, Why, and How
For those who are not going, look for my screencasts on these topics in upcoming weeks. Else have a great trip and look forward to meeting you all in the city of angels next week.
Windows XP Mode includes a pre-packaged virtual Windows XP environment and Windows Virtual PC to run the virtual Windows XP environment. Applications installed in Windows XP Mode are automatically available on the Windows 7 Start Menu or Task Bar and can be launched just like any Windows 7 program. Further Windows XP Mode is pre-configured with the Windows XP firewall and to apply updates automatically from Windows Update.
You may find that Windows XP Mode is a bit similar to the seamless integration in MED-V by making applications installed in the Virtual PC of a MED-V workspace available in the All Programs menu of the hosting OS as shown in my Screencast: Mad About MED-V Part 2 of 4, User Experience. Still notice Windows XP Mode is developed with small business in mind and in a standalone setting. While MED-V is part of Microsoft Desktop Optimization Pack (MDOP) available to only Software Assurance (or SA) customers at this time and offers an enterprise virtual machines lifecycle management capability. In essence, Windows XP Mode does not replace MED-V.
Either Windows XP Mode or MED-V, since a hosting OS will need to run a session of Virtual PC the resource requirements for RAM and disk space are higher. When it comes to virtualization, 2GB of memory in current PC computing environment should be considered as an entry point. Additionally, Windows Virtual PC requires a PC with Intel-VT or AMD-V enabled in the CPU, as it takes advantage of the latest advancements in hardware virtualization.
Here are two selected readings:
and also Windows 7 RC is now available from TechNet/MSDN subscription sites.
This is the part 2 of a 4-part Mad About MED-V series. This screencast presents the user experience of running MED-V applications by going through essential user operations of a MED-V client.
The Mad About MED-V screen series include:
and each link is to be updated once the associated screencast is published. The remainder of this posting highlights some of the content presented in Part 2.
Seamless UI Integration with Host Computer
As discussed in Part 1 of this series, a MED-V workspace policy optionally allows a MED-V application integrated into the All Programs menu of the host computer as shown below, despites the fact that the MED-V application is configured and running in a Virtual PC behind the scene.
Running MED-V Application
To run a MED-V application, the workspace must first be started. A MED-V client can be loaded at Widows startup time if specified in the MED-V Client Settings, in such case a workspace can be also set to start automatically. This ensures the workspace is always in place, should a user require running a MED-V application once the computer has been started. And if the workspace has not been initialized, it will start on demand followed by bringing up the application upon completing the workspace initialization. Once a workspace is started, additional options like locking/restarting/stopping workspace become available when right-clicking the MED-V client icon in the system tray. A user also at this time has the access to utilities like the File Transfer tool as shown below. The Fire Transfer tool enables a user to transfer files between the host computer and the MED-V application running in the Virtual PC in the background.
In MED-V workspace policy, a MED-V administrator can optionally configure a color border to surround a running MED-V application as shown above. The setting of showing a color border can be easily changed or disabled within workspace policy by a MED-V administrator.
Redirecting URL
A MED-V workspace policy can be configured to automatically redirect a request for a target website from the host computer to the browser in the Virtual PC. This allows every request to a target URL with a web application incompatible with the browser installed on the host computer gets redirected to a compatible browser running in the Virtual PC behind the scene. The following screen capture shows a request redirected from the host computer which runs IE7 to the IE6 (with a red border) running in the hidden Virtual PC.
Microsoft Enterprise Desktop Virtualization, or MED-V, is a desktop virtualization solution providing a self-contained computing environment including the OS, intended applications, and customized settings, if any. Desktop virtualization allows an application to run in a specific OS environment different from the OS running the hosting computer. MED-V uses Microsoft Virtual PC to provide a virtualized and customizable computing environment required by an intended application, yet incompatible or conflicting with that in the hosting computer. In other words, MED-V allows computing environments which are incompatible, conflicting, or with different requirements to run currently in the same physical device. For instance, running a legacy or line-of-business application requiring Windows XP SP2 in a Vista SP1 desktop or deploying a managed computing environment (like a corporate-managed desktop) to a non-managed (like a personal or home) desktop are some of the business challenges MED-V addresses.
MDOP now includes 6 tools and solutions as below and is available to Software Assurance customers.
Customers interested in MDOP should review the faq and contact their software vendor or Microsoft for additional information. For a comprehensive guide on Microsoft Virtualization from data center to desktop, download it here. I have produced the 4-part Mad About MED-V screencast series to offer a quick review of MED-V solutions including the following. I will update each link, once the associated screencast is published.
The following is the part 1 screencast with a focus on the MED-V fundamentals to establish a baseline for subsequent discussions in the series. The remaining of this post highlights the key concept, architecture, and pertinent information of a MED-V solution.
Desktop and Application Virtualization Concepts
MED-V is perhaps the least understood piece in Microsoft Virtualization Solutions. A desktop virtualization solution MED-V is as opposed to App-V, an application virtualization. This distinction is an important one since they solve two different areas of business problems. Desktop virtualization addresses the incompatibility between a target application and the host operating system by virtualizing an entire desktop, i.e. a self-contained runtime environment including the operating system and the application. Such that a target application requiring, for instance, Windows XP SP2 and incompatible with Windows Vista can still be deployed to a Vista desktop by running the application in a hidden Virtual PC running Windows XP SP2 while using MED-V to seamlessly make the application accessible from the Start-All Programs menu on the host computer. App-V, on the other hand solves the incompatibility between two applications by offering a virtualized application runtime environment, the so-called bubble, while allowing these applications running on the same operating system instance. The following illustrates the concept.
Conceptually desktop virtualization using Virtual PC is easy to understand. Nevertheless to deploy desktop virtualization to enterprise, system administration and scalability are rather challenging. In essence, a Virtual PC lifecycle management solution is the key to make enterprise desktop virtualization a reality, and this is where MED-V comes in. MED-V makes Virtual PC deployable and saleable with a centralized lifecycle management solution including: image creation, delivery, monitoring, and maintenance.
MED-V Conceptual Model
To run a MED-V application the associated workspace must be first started. And if a user tries to start a MED-V application while the workspace is not in place, the workspace will start on demand and once the workspace is loaded, the application will start. A workspace is a Virtual PC image with a usage policy defined by a MED-V administrator. An administrator will use MED-V management console to configure usage policy which is a set of settings defining how MED-V applications will behave for a target Active Directory users or groups. Notice that the Virtual PC is where a MED-V application is configured, and the Virtual PC is also running in the background. MED-V workspace policy allows a MED-V application to seamlessly integrate into the All Programs menu on the host computer and runs transparently with the locally installed applications. A conceptual model of the integration is shown below.
MDE-V Architecture
The high level MED-V architecture as shown below starts with: (1) and (2) to create, test and upload Virtual PC images encapsulating a target computing environment of an OS, applications and optional management and security tools to the image repository by administrator; (3) MED-V Management Server, the brain of the whole system, enabling an administrator to control image repository which is an IIS virtual directory and (4) provision images for targeted Active Directory Users and Groups along with usage policies; and finally (5) delivering the images and usage policies to clients. And a client starts a MED-V application, the client will authenticate against the management server, retrieve the workspace policy, and acquire the workspace image.
Notice a MED-V Management Server also aggregates clients' events, and stores them in an external database (MS SQL) for monitoring and reporting purposes. Also a MED-V client has two functional components – the first connecting to the server and retrieving the usage policy and an associated image form the repository, while the second offering the end-user experience and managing the Virtual PC from user experience and troubleshooting aspects.
System Requirements
The information provided here is as of March of 2009.
Antivirus/Backup Software
In order to prevent antivirus activity from affecting the performance of the virtual desktop, it is recommended where possible to exclude the following Virtual Machine file types from any antivirus or backup processing running on the host:
*.VHD
*.VUD
*.VSV
*.CKM
*.VMC
*.INDEX
MED-V Trim Transfer™ Technology
One very interesting piece of MED-V solution is the Trim Transfer technology as illustrated below. Trim Transfer accelerates the download of initial and updated Virtual Machine images over the LAN or WAN, thereby reducing the network bandwidth needed to transport a Workspace Virtual Machine to multiple end-users. It uses existing local data to build the Virtual Machine image, leveraging the fact that in many cases, much of the Virtual Machine (e.g., system and application files) already exists on the end-user's disk. For example, if a Virtual Machine containing Microsoft Windows XP is delivered to a client running a local copy of Windows XP, MED-V will automatically remove the redundant Windows XP elements from the transfer. To ensure a valid and functional Workspace, the MED-V Client cryptographically verifies the integrity of local data before it is utilized, guaranteeing that the local blocks of data are absolutely bit-by-bit identical to those in the desired Virtual Machine image. Blocks that do not match are not used.
The process is bandwidth efficient and transparent, and transfers run in the background, utilizing unused network and CPU resources. When updating to a new image version (e.g., when administrators want to distribute a new application or patch), only the elements that have changed ("deltas") are downloaded, and not the entire Virtual Machine, significantly reducing the required network bandwidth and delivery time.
You can configure which folders are indexed on the host as part of the Trim Transfer protocol according to the host OS. These setting are configured in the ClientSettings.xml file which can be found in the Servers\Configuration Server\ folder.
I had the opportunity to be one of the reviewers of the just published Hyper-V Security Guide. And want to invite those who are interested in virtualization security to download and review it as well. This document is about Hyper-V in Windows Server 2008 and provides IT professionals with guidance, instructions, and recommendations to address key security concerns about server virtualization. Specifically how to harden Hyper-V role, safely and securely delegate administrative access to virtual machine resources, and protect virtual machines are examined. Check it out.
The demo environment as shown above included MyHost (my laptop running Windows Server 2008 Enterprise with Hyper-V Server Role) and 2 running virtual machines were APEX (the domain controller of contoso.corp) and SC (a member server with SCVMM installed) while MyHost also joined the domain.
This screencast walked through the steps to add MYHOST into the SCVMM as a host.
Here are the screencasts of this series:
The demo environment as shown above included MyHost (my laptop running Windows Server 2008 Enterprise with Hyper-V Server Role) and 2 running virtual machines were APEX (the domain controller of contoso.corp) and SC (a member server with SCVMM installed) while MyHost also joined the domain.
This screencast walked through the steps to add MYHOST into the SCVMM as a host.
Here are the screencasts of this series:
A Self-Service Portal is basically a Web site to be installed on a web server with ASP.NET, IIS6 Metabase Compatibility, and IIS6 WMI Compatibility Server Role Services. By accessing the Self-Service Portal, authorized users can create and operate their own virtual machines (VMs) as permitted by each user's User Roles, while the created VMs are placed in a Library Server managed by the System Center Virtual Machine Manager, or SCVMM. A User Role here is essentially a policy with membership, authorized hardware and software profiles, allowed scope of operations, and assigned templates applicable for creating and managing VMs using Self-Service Portal. In a Self-Service Portal session, an authorized user sees only those virtual machines that the user owns or is authorized to operate upon. And as a VM is created or deleted by a user, the user's quota points are subtracted or regained with the amount of quota points that the VM is assigned in an employed template. Once a user has quota points fewer than what are needed for creating a new VM, the user has reached the maximal number of VMs allowable for the applicable User Role to create.
The system requirements of components for constructing a Self-Service Portal include
To prototype a Self-Service Portal using a laptop, here are the steps:
- Install Windows Server 2008 in a laptop and enable Hyper-V Server Role
- Create VMs and construct a domain environment
- Install SCVMM on a target VM in the domain
- Optionally join the laptop into the domain
- In SCVMM admin console, add the laptop as a host in the Active Directory Domain
- In laptop, create a network share for later sharing VM resources like sysprep generalized images, iso files, disks, etc.
- In SCVMM admin console, add the laptop as a Library Server with the network share
- In SCVMM admin console, create hardware/software profiles and template, as needed
- In SCVMM admin console, create User Roles and add members
- Install Self-Service Portal from SCVMM media on a target web server and associate the Self-Service Portal with the SCVMM (this step may be included in step 3 if both SCVMM and Self-Service Portal are to be placed on the same server)
- Log in Self-Service Portal as a Self-Service Portal User and start creating and managing VMs as permitted by the user’s User Roles
The following screencasts present the user experience and walk through the operations carried out from steps 5 to 11:
The demo environment as shown above included MyHost (my laptop running Windows Server 2008 Enterprise with Hyper-V Server Role) and 2 running virtual machines were APEX (the domain controller of contoso.corp) and SC (a member server with SCVMM installed) while MyHost also joined the domain.
This screencast walked through the steps to add MYHOST into the SCVMM as a host.
The screencasts of this series include:
Microsoft's User Research Group is conducting a study for SharePoint product and technology. This is a great opportunity for SharePoint IT Administrators to test out the newest version of SharePoint Designer and have a direct impact on the design. The study will be based in Redmond, WA during the week of March 9, 2009.
The research team is looking for SharePoint Administrators who:
- Work with, build on or support SharePoint
- Have experience developing or customizing sites or applications on Microsoft SharePoint Platform
- Are available for 2 hour study session during the week of March 9, 2009
- Can make it to Microsoft’s main campus in Redmond, Washington
Each participant will receive a gift item they select from a list of some of Microsoft's most popular hardware and software titles.
If you are interested please email itusable@microsoft.com and insert SharePoint Admin into the subject line.
