Các bước lưu ý cài Horizon Mirage làm giải pháp Cloud Intranet & Database Center
1. Horizon Mirage là gì ?
Horizon Mirage được coi là giải pháp quản lý mạng máy tính và phần mềm hữu hiệu nhất cho 1 Công ty, tập đoàn hoặc 1 trường học, có lượng máy tính lớn cần tập trung quản lý toàn bộ phần mềm:
- Hệ điều hành
- MS Office, Opera, FireFox, Chrome, Adobe, VS2010, VS 2008, SQL…
- Các ứng dụng khác, các dữ liệu phát sinh trong quá trình sử dụng trên máy cá nhân…
Các hệ cơ sở dữ liệu cũng như phần mềm trên máy cá nhân sẽ được tập trung lưu trữ và tìm kiếm hoặc khôi phục lại các máy cá nhân khi cần đồng bộ tự động hoặc do Admin khôi phục Sync Service.
Layers of a Horizon Mirage Desktop Image
2. Lỗi thường gặp khi cài và sử dụng HM
Installation Errors with wrong security privileges
The Mirage installation could fail with “Failed setting default server policies: BI rules.” if you are using Built-In AD groups. Built-In groups are cannot be used as a Mirage Administrator group.
3. Các bước cài HM
I’m sure you can and maybe your company is still on Windows XP as about 40-45% of companies in the world. But as you know Windows XP support is ending in April 2014 which is a good reason to migrate your desktops soon because Microsoft but also 3rd party software vendors won’t support the old Windows platform anymore.
Windows Migration and Hardware Migration are two of the use cases of VMware Mirage. There is probably no easier way of migrating from one OS to the OS or from one hardware platform to another. If you want to learn more about the migration use case in general you can check this whitepaper or read more about a reference story VMware did with ADAC, Europes largest automobile insurance association.
Enough marketing, no let’s dive into the Mirage Client installation piece.
As already mentioned in another article Mirage is a Client/Server application which can centralize the data of an endpoint and rollout new operating systems and applications in form of layers. To be able to do that you need the Mirage Management Server and Mirage Server I’ve installed last time and the Mirage Client which runs on the endpoint. The installation of the client application is quite easy.
Get the installation package in 32-Bit or 64-Bit (there are two MSI files) and then start the installer. If you’ve the .NEt Framework 3.5 not installed on the Windows XP, the installer will immediately stop at the first dialog. Install the framework and you’ll be fine. After accepting the license agreement you’re asked for a Mirage Server location. Enter the FQDN or IP address of the server into the text box and select the checkbox for an SSL connection if you’ve configured your server with SSL before.
As I’ve not configured SSL I just clicked Next which brought me to last step of the wizard. Just click Install and the wizard will finish, starting the Mirage Client installation. That’s it! In the task bar you’ll find the Mirage icon. Now I’ll give you a quick overview of the client’s functionality.
As you can see there are only a few options in the Mirage Client task bar app. Mainly the fronted helps the user to see if the Mirage client is working or idling. The user can check this clicking on Show Status. The other options help to create log files and the user can snooze the complete client operations for 15 minutes, 2 hours or 4 hours. But this doesn’t mean that the client does affect the user that much so he needs to snooze it. The Mirage Client is designed to only work in the background not affecting the user experience. But let’s go back to the Status windows quickly. Her’s a screenshot.
The Mirage Client is connected to the server but the status is Pending Assignment what means that the Mirage Administrator needs to activate this client first using the Mirage Management Console. Going back into the Mirage Management Console you can see the pending devices.
Right clicking on Centralize Endpoint you can start the wizard which leads you through the activation and first centralization of the Mirage Client. It’s just a 4-step wizard which asks for a few configuration parameters.
- The upload policy
- The base layer to configure
- The default volume where the client is being stored
What does that mean? The upload policy can be configured in the Management Console but I left it with the defaults. The policy is a rule which enabled you to control what type of data is centralized and which not. i.e. you could control that MP3 or video files are not going to be synchronized into the datacenter. The next option is the base layer configuration. The base layer is the first layer of a CVD which includes the operating system and the core applications. In my home lab I first wanted to just centralize desktop without assigning a base layer as I haven’t installed my reference machine with Windows 7 yet. I’ll do that later! Last step is the storage volume to store the CVD on. My server has only one volumes so this was a no-brainer.
After finishing the wizard you can see the client being transferred from the pending devices to the assigned devices node.
In that screenshot you can also see that the upload is initializing at the moment. This means that the Mirage Client is now kicking in. On that side you can see this:
After a while, depending on your network speed the whole desktop is available in the data center as a CVD. Quite easy! In my example the Windows XP installation had a total size of 2.3 GB which is not that much but there was only the plain operating system installed in my desktop. One of the most important functions of Mirage is the network optimization and the file and block based de-duplication. That means that if you’ve centralized your first Windows desktop, next time a client is being centralized, the server checks which part of the data is already available on the Mirage Server volumes and then only synchronizes the delta. Think about migrating a whole branch with 50 desktops. The network traffic will be reduced loads.
But centralizing the endpoint is only the first step. In my next article I’m going to setup the reference machine with a Windows 7 operating system and then create the base layer with it. Assigning this base layer to my Windows XP desktop means migrating it from one OS to the other. Mirage offers a few wizards which will handle all steps of the migration.
I hope this article has given you a great overview of the Client Installation and first centralization. If you have any questions please just comment on this article and I’ll come back to you as soon as possible.
4. Điều khiển Mirage Server
Mirage Server and the Mirage Management Console. This time you’ll get a walkthrough of the Console. I’ll try to explain all main options available.
The common wizards page is an easy way to perform the most common tasks used in Mirage. From here you can deploy, manager, support and protect all Mirage endpoints. Here’s a list of all wizards.
- Centralize Endpoint
- Disaster Recovery
- Assign Base Layer
- Capture Base Layer
- Windows 7 Migration
- Base Layer Provisioning
- Hardware Migration
- Update App Layers
- Capture App Layer
For now I’ll give you a brief description for each of the tasks but I’ll go deeper into detail in later parts of this series.
This option migrates the content of an endpoint to the Mirage Server. The endpoint needs the Mirage Client to be installed. After completing the centralization the endpoint will be protected and managed by the Mirage System.
Here you can restore a Client Virtual Desktop (CVD) to the same or to a new endpoint i.e. in case of a hard drive failure.
Assign Base Layer
Assigning a base layer to a CVD or collection of CVD’s is done here. After validation the layer will be deployed to the selected endpoints over the network.
Capture Base Layer
Capturing a base layer means creating a template for the default content of an endpoint. This layer includes commonly the operating system, service packs, patches and the core applications i.e. VPN client or anti virus solution.
Windows 7 Migration
This options helps migrating an Windows XP endpoint to Windows 7 preserving all end user data.
Base Layer Provisioning
When provisioning a base layer to an endpoint you’re going to clean up the device for corporate usage. After applying the base layer the device will automatically migrate it’s content to the Mirage Server.
During the hardware migration a CVD can be migrated to a new virtual or physical endpoint.
Update App Layers
Editing and assigning app layers to endpoints connected to the Mirage System.
Capture App Layer
Capturing an app layer allows you to capture a set or a single application into a layer for deploying it to a large number of endpoints.
The Dashboard provides a monitoring functionality for the system status and the operations. In a few statistics you can see the system activities and alerts. Information to be found in the dashboard is:
- System Status
- Server Information
- Update Progress
- Data Protection Information
- Compliance Meter gauge
- Capacity Status Information
- Efficiency Benchmarks
The information is provided in form of gauges, graphs and tables.
As the name already says the Task Monitoring gives you an overview of all tasks performed by the Mirage System. In a list you can see all tasks i.e. Cature an app layer or Assign a layer and their status, device and progress.
The Inventory node gives you access to all CVD’s and Collections. From here you can access devices in all states (Assigned, Pending and Rejected)
The Image Composer node is the main point to manage the base and app layers. Within this node you can also manage the Reference CVD’s and rules for all layers.
The driver library is a repository where all drivers for the Mirage endpoints are managed in. An Administrator can manage hardware specific drives here which are stored outside the layers. With an import wizard it’s possible to import new drivers. If configured the system will inject the necessary drivers to all relevant endpoints. The Driver Library copies the drivers from the Mirage system to the endpoints which will then be detected by the Windows Plug and Play mechanism.
The Mirage Reporting helps you to create different reports for storage, device, layer or hardware information. A very powerful tool.
Access the event and transaction logs from here. You can find loads of transactions information here i.e.
- Centralize endpoint
- Upload incremental changes
- Update base layer
- Update App Layer
- Base Layer Caching
- Base Layer Verification
- Restore Prefetch
- Restore streaning
The node gives you also the option to search and filter.
User and Roles
Within the user and role management you can define which user can access which functionality within the Mirage System. You can granularly define the roles as Mirage supports dynamic role-based access control (RBAC). A role can be grated to one or more groups from the Active Directory.
The System Configuration gives you control of the Mirage Servers, Volumes and Branch Reflectors.
I hope this has given you a first impression of the scope of the VMware Mirage solution. This is surely a very powerful tool!
5. Lần đầu Login Mirage Server
After installing the Windows Server 2008 R2 VM’s and the needed Windows patches (Windows Update with 147 Updates!!!) I was ready to go. First of course I’ve installed the VMware Tools to have the best possible user experience in my virtual machines. As I said yesterday you’ll need an Active Directory for the Mirage installation. That was what I did next. Configuring the first Windows Server as an Active Directory domain controller. I took some time to do the dcpromo so I had a read in the documentation again. I found an information that it might be useful to create a special group for Mirage Administrators so I did that. In the meantime I’ve started the second VM. Well, before starting the dcpromo I’ve created a copy of the Windows VM and ran sysprep on it to have a “Template” as Fusion does not support templates as vSphere with vCenter does. Anyway I’ve started the second VM and started the Mirage Management Server installation but the first message I got was that there is no .NET Framework in Version 3.5 present on my system. To be honest there was the hint about the .NET 3.5 in the documentation but I thought I could miss that one as I supposed that a Windows Server 2008 R2 with all updates would include that.
To enable the .NET 3.5 on a Windows Server 2008 R2 you need to add this specific role in the Windows Server Manager application. Choose features and you’ll find it. It will take some time for the installation as the role includes some features.
But as you can see in the next screenshot it helped. The setup started as expected. The setup for Mirage is straight forward and you need just a few information to run successfully through it. But it’s a good time to stop the setup again here as there is another requirement which should be fulfilled: A SQL Server should be available to create the Mirage database on and of course you need a user which has the permission to create a database. In my environment that wasn’t an issue at all as I’ve just used the Administrator account who has the correct permissions anyway. But bear in mind that in a production environment you should use dedicated accounts and NOT the standard administrator account to get a maximum of security.
In my home lab I’ve setup an SQL Express Server 2008 on the Mirage Server itself, but this is not recommended by VMware. Again – please setup the SQL Server on a dedicated system when using Mirage in production. For the setup you’ll need the SQL Server name, the instance name which is usually SQLEXPRESS for the edition I’ve used (but could also be different when someone changed the instance name during installation). As you can see in the next screenshot there are two other form field. A checkbox and a text box! Both are important. The checkbox must be checked if this is a new Mirage installation as the installer creates a new storage are for the Mirage Server. In case you’re installing only one Mirage Server as I did, you can add C:\MirageStorage i.e. to the text box as it will use the local hardisk drive for the storage. If you are installing a production environment with a Mirage cluster you’ll need to use a SMB/CIFS Share here. The Admin Guide gives you a good overview of everything what’s needed in that case. For example the share has to support Alternate Data Sreams.
Next step was adding an account which has enough permissions to run the Mirage Service. This account needs also permissions to communicate with the database so as I’ve mentioned before I’ve chosen the Administrator as this was the easiest way for me in my home lab. Don’t forget to add the Domain name in front of the username. As Administrators group I’ve created the MirageAdmins before and added the admin account to that group.
That roughly was the installation and I needed only a few Next, Next, Install clicks. But this was only the first step in the Mirage setup. The Management Server was only the controller for the Mirage Servers. Next step is now to setup the Mirage Server. Usually you install it on a different hardware but here I’ve installed it on the same machine as the Management Server. I’ll not go into details now as the installation is similar. In my case it wasn’t as I’ve installed it on the same machine. The installer detected that I’ve installed the Management Server before and wanted to do a Repair or Add Feature for Mirage. I’ve chosen Repair and the Mirage Server service was installed on the system.
Almost done! Next one was the management console. To save RAM on my iMac I’ve decided to run the Management Console on my Active Directory Controller. This was the easiest installation. Click, Click, Click, Done!
After installing the snap-in for the MMC the icon appeared on my desktop and I’ve started the Console.
At this time the Management Console wasn’t aware of the Mirage Management Server as it can’t know about it without an IP address. With a right-click on the VMware Mirage folder I’ve opened the context menu which gives the option Add System. Click on that and you can add the IP of the Mirage System – The Mirage Management Server.
Just for your information I’ve added the following screenshot which shows a Server Down status! Please be aware that if you connect successfully to the Management Server but there is no Mirage Server installed yet or not reachable by the Management Server, you’ll get that message. Another important point here is that you check the Network Requirement section in the admin guide. It will give you more information about open ports needed on your firewalls for the Mirage system to run properly. For a connection between the Management Server and the Management Console you need an open in/outbound port 8443 on your Management Server.
Doing it the right way you’ll see the system connected and you get the overview of all functionality in the tree menu.
That was easy so far! Ok, I’ve to say that I did it the easy way. It is important that you read the Admin Guide, especially the Requirements for the Mirage system. Without setting up the Firewall ports or software pre-requesits you won’t be successful. For me it’s know time to look deeper into the Mirage Console. In the next days I’ll come back to you with an first article about the options of the console.
6. Tổng kết
Tóm lại là chúng ta cài Horizon Mirage Server tuần tự theo các phần sau:
- Installing Mirage and connecting to the Mirage system
- Mirage Console overview
- Centralizing an endpoint
- Creating a base layer
- Working with the driver library
- Deploying layers to the Mirage client