The trouble with VDI

The trouble with VDI

Summary: Virtual Desktop Infrastructure, where you run your desktops from servers, often sounds like a good IT idea, but it often doesn't work out that well. Here's why.


When I wear my IT hat, I like Virtual Desktop Infrastructure (VDI). With it you can easily and securely deploy complete desktops from servers to your users. Well, in theory, I like it. In practice, it's often another matter.

When a modern-day VDI works well, everyone gets their "home" desktop no matter what device they're using... when it works well. (Credit: Citrix)

I was reminded of why VDI drives me crazy at times in an excellent review of VDI programs by Tom Henderson and Lars Johnson. They found multiple problems that I've gotten to know all too well over the years.

First, there's the eternal network bandwidth problem. When your users are in the office, with Gigabit Ethernet and sufficient 802.11n Wi-Fi, delivering a solid desktop experience is easy. But, when your workers are often on the road with three to five Mbps DSL connections or over-subscribed Wi-Fi access points, it's another story. More often than not, there's insufficient bandwidth to deliver a quality experience.

Next, let's suppose they do have enough bandwidth at the business hotel or conference center. Hey, it could happen! Then they must have a virtual private network (VPN) connection, and that's not always easy. In these days of bring-your-own-devices (BYOD), not all devices will work with your network's VPN protocol.

There are other VPN-like solutions. For example, you can use technologies like Microsoft’s DirectAccess to either give secured access over iPV6, or tunnelling packets through HTTPS. In some situatations, you can also use Microsoft’s Remote Desktop Protocol (RDP) over HTTPS using Remote Desktop Gateway as a broker.

My response to the secure nework problem? Either the staffers use the official VPN or they're not allowed on the corporate intranet -- whether they're using VDI or just checking e-mail. It's already too easy to break into networks without someone providing an expressway into the heart of my business.

Assortment of Windows licenses

Another problem that a lot of companies face is dealing with Microsoft's bewildering assortment of Windows licenses. As Henderson and Johnson point out, "100 non-persistent sessions could decrement the entire 100-license pool quickly and permanently until the problem is found and resolved." Been there, seen that, hated it.

In addition, with Windows 8, all Windows desktop licensing got a major overhaul, so don't think that just because you had VDI licensing mastered early last year that you're still in the clear this year. Even if you have a volume license for Windows, you must be certain to carefully check the new Windows virtual machine licensing (PDF Link).

The real bottom license with Windows licensing, virtual or conventional, is it all depends on the deal you cut with your Microsoft account rep or value-added reseller (VAR). For example,  the Services Provider License Agreement (SPLA) model for service providers for public and off-premise private clouds are entirely different.  If you don't make sure all you i's are dotted and t's are crossed, you could find  find yourself in a world of hurt.

An eternal problem with VDI is that users love, love, love to customize their desktops. If you give them a persistent desktop that maintains their personalized settings, shortcuts, files programs and data, they'll love it. You, however, will have two problems.

First, the more stuff they add, the more storage it takes on the server. Even in these days when you can have a terabyte in your pocket, all that storage adds up. There are ways around the storage issue with templated shared images, session-based hosts, and disk depublication. Each VDI vendor handles these issues in a different manner so you need to check carefully into exactly what it is you're buying into and how that will effect your storage needs. 

Another VDI annoyance is what I like to call the Monday morning 9 AM login storm. That's when everyone in the company all log into their virtual desktops at once and, bang, your server red-lines and everyone desktop stalls out. That, you can plan for, but other events, such as those all hands video-conferences, can also stall out your desktops.

All the VDI vendors are constantly  working on the boot storm issue. Microsoft addresses it in Server 2012 with caching and by storing  user profile settings in a User Profile Disk. (PDF Link) This stores user data in pooled or session-based virtual machines. Others recommend the use of solid-state drives (SSD) for their much better Input/Output Operations Per Second (IOPS). 

If resources were free, you could just throw enough CPUs and RAM at this to make sure that your users aren't locked up. Alas, they're not. Few of us have the luxury of being able to build out an infrastructure that can handle an all-out VDI login storm. To deal with this, a cloud service might be ideal but I don't know of any production-ready VDI cloud solutions, aka Desktop as a Service (DaaS), that I can recommend at this time. Eventually, someone will eventually perfect it, but it hasn't happened yet.

VDI alternative

Even with all these new ways of handling storms and limitless resources, VDI isn't really suitable for truly big remote desktop deployments. Fortunately, there's a VDI alternative: Session virtualization. 

In session virtualization, instead of every user having their own virtual machine on the server, there's now centralized desktop installation that receives user keystrokes and pointer movements and returns each user's current display.  The good news is that session virtualization requires far fewer resources than VDI. Quest, a division of Dell, estimates that session virtualization can be done at 25 percent of the cost of a full VDI deployment.  The bad news is users can't typically install their own applications or personalize their desktops.  

Finally, now, as ever, no VDI program works with every device that users will attach to their computers. In a related issue, no VDI package will work smoothly with everyone's display. In both cases there will always be some users with peripherals and graphics that don't work and play well with a virtual desktop.

That's truer now than ever before. We used only need to worry about 1024x768 interfaces vs. 800x600 and 640x480. Now, with users replacing their laptops with smartphones and tablets, there's an almost endless variety of possible display modes and endless headaches for system administrators.

The major vendors have come a long way towards dealing with this issue. For example, I've heard of at least one hospital using Citrix on iPads. Even now, as I, and Henderson and Johnson, have found, there's still enough incompabilities out there to keep some BYOD end-users irrate and their tech support techs busy. 

So, what can you do about all this? Well, first, you need a best-of-breed VDI program. For Henderson and Johnson, that was Citrix's VDI-in-a-Box. I'd agree with that assessment. I've been recommending products to business CIOs and CTOs since the company introduced its Windows VDI program MetaFrame. Citrix knows VDI.

VDI, however, even with Citrix products, is never easy. That's why today if someone were to ask me if they should introduce a VDI system into their company I'd ask them a lot of questions. The gist of these would be "Do you have a strong enough IT staff and sufficient server resources to management a VDI rollout?"

If the answer is no, and it often is, I'd recommend looking into a constantly updated cloud desktop operating system, such as Google's Chrome OS, or software as a service (SaaS) applications such as Google Docs or Office 365. Leery of cloud services? Well, as James Kendrick recently observed, chances are you're already using them anyway.

If you answered yes, though, then I wish you good-luck. VDIs can work really well for some offices. Just never forget that even with the best of intentions, deploying and running a VDI is never easy.

Related Stories:

Topics: Virtualization, Broadband, Cloud, Enterprise Software, Networking, Bring Your Own Device

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Good article that gives the readers

    a lot to think about. VDI may be a great thing in moderation though. It is interesting to see MS addressing better interoperability in its latest server offerings. It is a problem that needs more work as BYOD grows and the OS becomes less relevant.
  • This was a good overview until...

    ...seeing who wrote it I figured out the magic bullet. No, Linux (even described as Chrome) does NOT solve all the ills in the world. And with BYOD and the company not providing (or forcing) the "D" part SVJN might as well get over it, the world will not be filled with flightless aquatic fowl.

    The real problem is that no matter what the sales speak is (even from the open source side) a virtualized experience is NOT and will NEVER be an equivalent to a native experience. It will always be chasing the tail of the native dog. When the hardware and bandwidth catches up to deliver "today's" experience, that extra oomph would deliver a seriously improved native experience, often with better controls and native (meaning direct and active) security as well. Then (you can guess it) the virtualization guys will just say, we're usable, and we'll eventually get there. Meanwhile the world outside the cloud moves on...
  • Oh my gosh!

    For once I agree with you, well done on the article. More like these and less click bate will be welcomed. I doff my hat to you sir.
  • Good Discussion

    A few minor quibbles. I think you meant deduplication you said depublication (probably an auto-correct thing).

    The boot storm (and its evil brother virus scan) issue has a relatively simple solution in augmenting the shared storage cache (which "large-scale" vdi is almost always implemented on) with Flash /SSD drives. You only need a few hundred gigs to support thousands of persistent VDI desktops. This is available from several vendors.

    Your comments about network bandwidth being an issue and licensing are pretty irrefutable.

    I think most of the issues can be surmounted by going with a pre-configured stack of Compute, Network, and Storage. These are available from several major manufacturers. WHat they do is give you a known environment which supports a relatively well understood number of virtual desktops.

    In my experience the issue is that VDI fails when it is sold by IT (the tech geeks) as saving money on buying new laptops. There are no real savings in capital expenditure. The savings are operational if there are any.

    Usually someone sets up a "test" VDI environment with a few hundred VDI. They do it on the cheap without a lot of testing and benchmarking. It usually goes well. Then they roll it out more broadly and hilarity ensues. VDI gets a bad name.

    So as you say sometimes great, sometimes not so much.

    Old saying... You can have it fast, cheap or good... pick any two. You can have it good and cheap but it wont be fast. You can have it fast and cheap but it wont be good. You can have it fast and good but it won't be cheap. Regards...
  • Left hand, meet right hand

    This, at the exact same time ZDNet publishes "Research: Desktop virtualization growing in popularity."
    • Whats the problem?

      It is growing in popularity...

      As are the problems caused by it...
  • VDI isn't always the answer

    I do prefer session virtualization, and offering Windows Server 2012 as an on-site SPLA offering via rented hardware is definitely something that business like. Businesses (especially incorporated ones) prefer OPEX spending, and IT is never calculated as an asset. Instead, it is a necessary expense - a utility service. SPLA is built for businesses that operate this way, and the license agreement even has provisions for private on-site cloud computing, so you don't have to get it from an Internet-based hosting service.

    There's always application virtualization too. Application virtualization lets you run an app on a disparate system without seeing the background environment that it's truly launching from. For a few corporate applications, this is sometimes preferable over the "heavy" full OS environment because you don't get into the complications of users "need" to play around with settings. My rule of thumb is that if it's an enterprise LOB database app, I'd prefer to "turn off" access to the underlying OS. The user doesn't need access to a file system in a database app anyway.
  • Licensing hassles, storage costs, network tuning: DVI not worth it

    For a complementary view on why there simply are better strategic investments than VDI, I offer
  • Hybrid desktop environment

    VDI is here to stay. It will not be the holy grail as projected a couple of years ago, but it will be an additional technology used to deliver a desktop to the user. I've seen many VDI implementations going wrong and many going right. The ones going right uses Workspace Virtualization to enable quicker adoption by masking technology changes and give IT the possibility to manage non-persistent VDI pools.

    This is achieved by decoupling everything that has to do with the user from the underlying technology. Profile is one thing that is decoupled and becomes Windows OS independent, but equally important are desktop/application configuration and security.

    With Workspace Virtualization from vendors like RES software, IT can now manage the desired user state from a single console. A user can log on to a laptop move to a virtual desktop and launch a published or virtual application. Everything controlled and secured.

    User's are going to be happier because they will receive a personal desktop where services will be injected based on their location, ID, device and time of day, and IT will be really happy because now they've masked the technology from the end user allowing them to implement new technologies without disrupting the user.

    Workspace Virtualization is key, but not limited, to any VDI implementation.