Sep 092013

In working with a customer on a demo yesterday and they asked this question:

So Mirage is licensed by named user, we just need to license it for our users and the number of devices does not matter, correct?

“Yes, that’s correct,” I said.

The reality is that it is correct, although it may not appear to be.  Let me explain:

The best description of this scenario can be found in this VMware KB article entitled VMware Horizon Suite 1.0 licensing.

In the Q&A section in the bottom of this article, you will find the following question (as of this writing):

“Q: When I purchase a particular number of Horizon Mirage licenses, how do I count the named-user licenses used?

A: Each named user who has access to a Mirage-managed endpoint consumes one license. One named user can have multiple Mirage-managed endpoints, and this named user still consumes only one license. The Workstation virtual machines that the administrator creates for ThinApp packaging are not counted as named-user licenses. Nor are the Fusion Pro base restricted virtual machines, which will be distributed to end users.”

That sounds correct, exactly as I understood it.  Each named user consumes 1 license and they can login to as many devices as necessary.

My customer then asked, “Can you show me where I can see the number of licenses in use currently?”

I proceded to go to the license screen which showed our demo license for 500 CVDs.  (CVDs are Centralized Virtual Desktops.  They are a enpoint that is protected by Mirage.)

The customer then asked, “Since a CVD represents an endpoint, how is your 500 user count accurate if the product draws off one license for each endpoint?”

“That’s a great question,” I said.

It would appear that the product is not actually managing the licenses as the software license policy dictates.  I have run into this quandary before in Mirage and I’ve not dug deep into the info to figure it out until now.

Surely I’m not looking at the right screen in the product so I grab my latest version (v4.2.3 as of this writing) of the Mirage Installation Guide and head to the section entitled “Managing Horizon Mirage Software Licenses”.

There I find this: “The Horizon Mirage Management server requires a license. The license file enforces the number of CVDs that you can run on your system and the duration of the license agreement.”  

Uh, wait what???  The admin guide says that the license is consumed by each CVD (or endpoint) and the KB Article says that the policy is per user.  Who’s right?

The answer is the policy.  The reason the product is drawing off licenses for CVDs is because Wanova (the company who VMware acquired who created Mirage) origionally licensed the product by endpoint.  It would appear that VMware changed the licensing policy so that it would work in a unified fashion with the rest of the Horizon Suite.  Unfortunately, it would seem, that the change in policy has not been updated in the current release of the product.

What is a customer to do?

My recommendation to my customers has been that if they find themselves approaching the CVD limit in Mirage but they have not exceeded their named user limit, to file a support request with VMware to request additional licenses for Mirage and reference the KB article above.  I am very confident that VMware will correct the code in Mirage to reflect the current policy in an upcoming release.  Unfortunately this has been confusing customers until the product code and the licensing policy become concurrent.  Hopefully this helps in the interim.

Aug 132013

“The unsung hero of the Horizon Suite” has a new update this week.   Announced last week and then retracted.  This update is just a maintenance release but helpful none the less.  Here’s the What’s New section from the release notes:

Horizon Mirage 4.2.3 is a maintenance release focused on internal mechanisms to enable better handling of storage disconnects.
This version provides the following new features and improvements:

  • Better storage disconnects handling - Horizon Mirage servers now identify high load conditions on storage that can cause disconnects and can throttle down to allow storage utilization to return to normal.
  • SSL configuration option in Horizon Mirage server installation - The IT manager can now configure SSL communication during server installation. There is no need to perform this operation with the Management console after installing.
  • Branch reflector enhancements - The IT manager can better design and monitor branch reflector deployment by simulating the branch reflector selection on endpoints. The IT manager can now click any device from the Management console and see if it has a branch reflector in its vicinity.

You can find the binaries here.

You can find the reviewer’s guide here if you are taking a look for the first time.



Jul 312013

For those that may have missed it, VMware snuck out a point release of Mirage labeled 4.2.2 which has replaced the 4.2.0 binaries (even though many of the labels on the download site still state 4.2.0.)  Over the last month, I have had a few customers ask how to do this upgrade.  If you take a look at the Administrator’s Guide or the release notes for 4.2.2, you will find information on installing Mirage to a net-new system but there are really no steps to describe how to upgrade an existing installation to the latest release.  Until now.  This little nugget of information can be found in the recently released Mirage Reviewer’s guide as well as a recently released KB Article.

The procedure looks like this (copied from the Reviewer’s Guide as of the time of this writing, Page 29):

The upgrade procedure to Horizon Mirage 4.0 involves uninstalling the prior Horizon Mirage components and then reinstalling the 4.0 versions.

Uninstall the Horizon Mirage datacenter components in the following order:

  • All Mirage Servers
  • Mirage Management Console*
  • Mirage Management Server

* To uninstall in Windows 7, use the Windows Control Panel > Programs and Features (Add/Remove Programs for Windows XP)

Note: Uninstalling the Mirage Servers does not remove any data from the storage volumes that were connected to the Horizon Mirage System.

To install the Horizon Mirage components with the new MSI’s in the following order:

  • Mirage Management Server
  • Mirage Management Console
  • Mirage Servers

The SSL and port configurations are not preserved; you need to reconfigure these after you install the new versions of the Horizon Mirage components.

After the upgrade of the datacenter components is complete, when a Mirage-endabled endpoint connects to the network, Horizon Mirage automatically upgrades the Mirage Client and prompts for a reboot.

Not too bad of an upgrade but one to be aware of none the less as the previous versions need to be uninstalled.  Make sure to reference the detailed KB article with more detail and caveats to avoid.


Jul 222013

Horizon Mirage is a part of the Horizon Suite from VMware and it is generating a lot of buzz.  I’m not going to go into the benefits why, you can read the link I’ve provided for that.  However, one of the most amazing things about Mirage is that it user a technology called sourced-based deduplication in order to backup all of the desktop endpoints.  Let’s talk about that technology, how it works and when it works best.

Source-based deduplication works by having a server in the datacenter with a lot of capacity attached to it.  We’ll refer to this server as the “repository.”  Now for the endpoints (which, in the case of Mirage, are Windows-based desktop/laptops.)  The client will begin by taking backups of the endpoints (Mirage calls them snapshots) and copying them to the repository.  It’s this process and how it works that is so amazing.  You would immediately think that when I take a backup of a endpoint that is 10GB on disk, the system will send 10GB over the network.  For the FIRST machine that you backup, it typically does.  It sends practically the whole image of the endpoint to the server for the first endpoint you backup.  It’s when you go to backup the second endpoint where the magic starts to happen.  Once the first endpoint has been “ingested”, for any additional endpoints added, the repository will use the data it has already seen to comprise all future backups.  I know this can be somewhat confusing, you can look at this article for some comparisons of different deduplication technologies.  For our example, let’s go a little deeper into exactly what happens during this process.

We will begin with the first Windows desktop that is 10GB on disk total and back it up.  The repository will “ingest” the files from the endpoint.  When it does this, it runs a hashing algorithm against the file to give it a hash code.  Once it does that for every file, the client also breaks the file into “blocks” or “chunks.”  It then runs a hashing algorithm against those chunks.  After all this it stores the backup down on disk in the repository.  Now, for the next (and every subsequent) client we want to backup or capture:  The client will ask the server for it’s hash table of files.  This is a small amount of data sent from the server to the client because the hash table is a list of all of the hash codes for all of the files in the repository not the actual data in the files.  The client then takes this data and analyzes each file on the second endpoint’s file system.  It develops a list of files that it has never seen before in the repository (and tells the repository which files are on this endpoint that the repository has seen before.)  Typical we see about 90-95% common files between images.  This is where it starts to get even more crazy efficient.  So the client has figured out which files the server already has in the repository and has told the server a list of those files that are on Endpoint #2 that the server has seen before.  Now the client looks at the files that the server has not seen before.  Let’s suppose there are 100 files that list that the server has not seen before.  The client will separate those files into blocks at the client (this is why it’s called sourced-based, the majority of the processing and checking for deduplicated data happens at the enddpoint, not the server).  So the client has separated the 100 files into blocks and runs the same hashing algorithm on the blocks.  Now the client compares the blocks to the blocks the server has in the repository and develops a list of blocks that the server has not seen before.  Let’s say the client finds 10 blocks that the server has never seen before.  It tells the server to mark down all of the blocks that are on this endpoint as being part of this endpoints backup.  Note: to this point in the process, the client has not sent any of the backup actual data to the server yet.  The last step is to take the blocks of files that are unique to this endpoint and compress them and send them to the server for storage, thus completing the backup, inventorying all of the common data and sending the unique data.

Whew!  What does all this look like in reality?  Let’s take a look at this log entry from a Proof-of-concept we are running for a customer right now:

Screen Shot 2013-07-21 at 10.17.42 AMThis is a initial first upload from a client to the Mirage repository.  This endpoint is running a Windows 7 base image.  It is about 7,634 MB on disk (listed by the total change size.)  Since this is the first time this endpoint has been backed up, all of the data on the endpoint is listed in the total change size.  On all subsequent backups, this capacity will be the size of the files that have changed since the last backup.  The next statistic is the killer number: Data Transferred is 29MB!  Mirage took a full backup of this system’s 7,634 MB and only sent 29MB (the unique data) over the network to the repository!

Here’s how it got there: Mirage inventoried 36,436 files on the endpoint that had changed since the last backup (all the files on the endpoint had “changed” since there was no previous backup of this endpoint.) Mirage ran the hash on all of those files and found that there were 2,875 files that it had not seen before in the repository  (the Unique Files number).  These 2,875 files totaled 221MB (the Size after file dedupe number).  Then Mirage pulled those files apart and looked for the blocks of those 2,875 files that it had not seen before.  Once Mirage found those unique blocks they wittled down the 221MB of files that were unique to 95MB of blocks that were unique (the Size after Block Dedupe number).  Mirage then takes the 95MB of unique blocks (which is the real uniqueness of this endpoint) and compresses it.  Every single step in processing at this point has happened at the client.  The last step is to send the unique data to the Mirage Server (repository).  This data sent is 29MB of actual data for a full backup! (the Size after compression number)  This whole process took 5 minutes and 11 seconds on the client.  This first backup of the endpoint will take longer because the hashing has to happen on all of the changed files (36,436 files for this backup).  However, all subsequent backups from this machine will only look at the files that have changed since the last backup because we already have a copy of the files that have not changed.

Where source-based dedupe works and where it does not

Sourced-based dedupe works the best when we have tons of endpoints with very similar OSes, apps and data (this is why it’s perfect for desktops and laptops).  Where source-based dedupe has it’s challenges is when the files are big and really unique.  Audio and video files are like this.  Unless the files are copies, no two video files are alike, at all.  Not all is lost if your users perform video or audio editing or just work with a lot of these files.  There are ways to accommodate that as well.  We would typically recommend using folder redirection or persona management to move those files to a network drive where we would backup with the typical methods and offload them from the endpoints.  We can also exclude certain file types from being backed up at all by Mirage.

Screen Shot 2013-07-21 at 11.14.29 AM

As shown above, Mirage includes an upload policy which allows you to set rules on file types you do not want to protect from the endpoints.  Some standard ones included already are media files (however as you see in rule exceptions, media files in the c:\windows directory will be backed up).

Mirage is definitely the way to go for any mobile endpoints or branch office endpoints where bandwidth limits and connectivity reliability make  VDI a less-than-optimal choice for the management a recoverability of these endpoints.  I don’t recommend products that don’t work as advertised.  Once the light bulb kicks on and customers understand this technology the real value of it shines thru.  Make no mistake, Mirage is not a mirage, it’s a reality and a really good one at that.