Automating VDI Gold Image builds – One image to rule them all

4 min read
Automating VDI Gold Image builds – One image to rule them all​

Desktop Virtualisation isn’t especially new – VMware Horizon has been around for well over a decade. Maintaining the infrastructure (protecting and updating the servers) has never been much of a challenge, however, the maintenance of managing entitlements, desktop images and applications has never been especially straightforward. In this post, we’ll look at where automation of the VDI gold image may lighten the load. 

Avoiding sprawl and making the best use of virtual desktops

Increasingly, whether through lack of skills or sometimes short-term thinking, tooling often available to simplify management gets overlooked. For example, the quick fix when a requirement for new users arrives is often “Let’s just do a new image, install their apps and do another pool”. The problem with this over time, is that we end up with a sprawl of images that then all need to be patched. Worse, a customer may even decide to retreat further into the traditional desktop paradigm and go with Persistent Full desktops – essentially shifting a PC to the data centre – negating many of the benefits of a VDI estate. 

How can we avoid this and best make use of a VDI estate?

Start with the Gold Image

Unless you have very specific application needs, try and default to the VDI solution’s rapid cloning technology, for example, VMware Horizon Instant Clones. Straight away, we’re looking at space efficiency, but, moreover, we’ve just made patching easier – Patch the Gold Image and this will update the deployed desktops to an identical state on demand. Patching full persistent desktops is a laborious hit-and-miss affair, even with modern tooling.  

Creating and managing the Gold Image is a key point where automation can help. Many organisations will hand-build the Gold Image, then, once happy, a snapshot is taken and the image deployed. Patching becomes; opening the image, patching, then redeploy. The problem with this is that, over time, the image can become stale and mistakes creep in due to human error. Consider poorly written components that may go in the base build but require manually anonymising before the image is turned into a template (a prime example is the SCCM Client, or some traditional Antivirus agents) – this can be easily missed. 

Instead, consider automating the build process for the Gold Image. There are numerous methods, such as Microsoft Deployment Toolkit or Hashicorp Packer, that will deploy the VM, install and patch the Guest Operating System and install the desired components. After some initial effort, the build of a fresh, up-to-date Gold Image becomes a simple, repeatable command with minimal input. This saves the administrator a great deal of time and effort on the monthly patch cycle and eliminates human input. 

Delivering the use cases

At the most basic level, use cases are met by applications and little else. Let’s try and use application delivery methods suited to Virtual Desktops. We can burn applications into the build of the VDI Gold Image, but that adds to the image management overhead and makes the Gold Image a one-trick-pony so leading to a proliferation of images. 

Traditional tooling such as Microsoft System Center Configuration Manager (SCCM) assume that the desktop OS is a physical device. As such, in general, they are based upon a scripted installation of an application. The success of this process varies by the health of the endpoint it is delivering to and can lead to inconsistent installation behaviour across the target estate, which, in turn increases support overheads. While this is adequate to an extent in persistent VDI where you’re treating them as essentially DC deployed Desktop PCs, traditional application delivery tooling is slow and unreliable in a modern non-persistent oriented VDI estate. 

Consider App layering technologies such as VMware App Volumes or Liquidware FlexApp – these are captured installations of applications that can simply be assigned to a desktop on demand. Not only is this much more rapid in the delivery of applications, but the application installation will be consistent across all desktops. This can even be applicable in persistent VDI pools – so packaging using, for example, App Volumes might be applicable across all pools for the simpler applications, leaving only the more demanding applications to a traditional deployment approach in persistent desktops. 

Combining a suitable application delivery mechanism with non-persistent desktops can eliminate the sprawl of Gold Images. A single image and a common pool may serve dozens of different use cases, so reducing the Image patching overhead. 

From an automation perspective, we have two parts to consider: 

  • Creation of the application packages – VMware App Volumes now includes a command line based tool that permits support for automation of application packaging, though mileage will vary depending on the application. 
  • Assignment of applications – Most solutions allow assignment of applications via Active Directory users and groups or even by machine or Active Directory Organisation Unit. As such, this can be managed by a number of existing automation workflow and scripting tools that support Active Directory. 

While VDI with manual work is perfectly adequate, we can see how we can turbocharge the solution with a little forethought and effort, so reducing the amount of effort keeping the solution fed and watered. This allows administrators to focus on other activities, such as new requirements or focusing on more immediate issues. Xtravirt have a long history of designing, deploying and supporting Virtual Desktop solutions. To find out more, contact us.

Table of Contents
Subscribe to the Xtravirt Newsletter

Receive updates from the Xtravirt team, including information on new technologies and the expert analysis of cloud trends and strategies you should know about, unsubscribe anytime using the link included in every email.

Solutions Architect