Behind the scenes of Wellesley College's desktop virtualization rollout
Although desktop virtualization is still a relatively new technology, Ravi Ravishanker is no stranger to it. He helped implement VDI projects at Pace University and Wesleyan University in recent years and now is overseeing a rollout at Wellesley College, the all-women's school west of Boston where he serves as CIO. I met with Ravishanker earlier this year in person and followed up by email with this series of questions that he and his staff answered about the school's deep dive into virtualization technologies.
Give me a thumbnail sketch of your overall IT setup.
Wellesley has both wired and wireless networks on campus, exclusively Cisco hardware. From the fall of 2011, we decommissioned the wired connectivity in the residence halls based on usage patterns over the past several semesters and the cost of upgrading the back-end infrastructure for supporting wired connectivity there. We have 1Gbps connectivity to the commodity Internet through Lightower Fiber Networks, a 100Mbps backup connection through Cogent. We have a secondary 1Gbps connection to Harvard for Internet 2 connectivity that is currently not being used and we are working with Lightower to reuse it for other purposes such as redundancy. Our servers are both Windows and Linux; we use Active Directory, Oracle, SQL Server, MySQL, Java and PHP. Our Learning Management system is Sakai (hosted by Longsight) and we have moved over 3,500 users to Google Apps for Education and the remainder will be moved by the end of this calendar year. Our ERP is Banner. We are a merged library/IT organization with 85 staff members (not all of them full time). We have approximately 2,400 students (the population on campus varies because of study abroad) and about 1,500 faculty, staff and others.
Tell me about the VDI project.
We are piloting a virtual desktop environment for two purposes. First, we are increasing access to Windows-only software for faculty and students with Macs or a different version of Windows. Second, we are rolling out thin clients for the first time to approximately 30 administrative staff, with plans to grow this further for shared student workstations, kiosks and other administrative staff with minimal computing requirements (e.g., Web-based applications, productivity software, etc.). We are also participating in a pilot called LabSTOR sponsored by NITLE (National Institute for Technology in Liberal Education) in collaboration with Longsight that is modeled after the [Virtual Computing Lab] developed at NC State. We will be able to provision virtual desktops for various classes with the appropriate academic software installed so students and faculty can use these remote desktops. The limitation of this is that the use times have to be scheduled ahead of time.
We have a group of five or so Library & Technology Services staff members who have done initial testing and we plan to roll it out to about 30 users (this would be our pilot). We do not have set goals at this point on how many this will expand to, because we need to be sensitive to the cultural aspects of this. We know that we will be installing several kiosk-like machines and thin clients for student workers in the department. According to NetApp, we have capacity for 50 concurrent medium-use clients and with the hardware upgrades scheduled for this fall, we will have capacity for closer to 125 concurrent users, which is a significant increase. Our hope is that through the initial pilot of thin clients, Mac use of Windows software and remote access we will be able to bring in more users to the table.
BACKGROUND: Desktop virtualization users discuss challenges
What inspired the college to adopt VDI?
The major benefit for users is improved access to critical applications, high reliability, and shifting the responsibility to maintain the operating system and software security from the users to IT. Whereas the initial cost of hardware may be looked at as not favorable, the added benefit of data security (because they are not residing on desktops or even home machines), the ease with which restores can be done (using snapshots via NetApp) and the ease of OS and other software upgrades justify this. I have helped implement this at Wesleyan and Pace University successfully and have learned a lot about what is needed to make this a successful project and was convinced that we had all the basics to be able to do it.
When did the project start and how far along are you?
The project began in late spring with configuring the back end, building and testing sample desktop environments, and consulting with interested departments about their software needs. Part of what delayed the project is we are upgrading the central storage. This is a huge cultural shift for many users, so we needed to make sure there would be buy-in from key administrators before proceeding further. I have been using it effectively from my Mac for browser testing of apps and for testing Outlook-Gmail connectivity. It is great. We are talking to some faculty members about using a virtual desktop to run statistical software, which we believe will get going after the usual beginning of the semester activities settle down.
What technologies did you wind up going with and why?
Back end -- VMware, NetApp for file storage, Active Directory for access control. On the Macs, we use the VMware View client. As I mentioned earlier, when appropriately configured, this combination works. We also have tremendous expertise in all of these technologies in our organization.
What end user devices are being supported via VDI?
Macs, PCs and tablets, thin clients.
What if any changes needed to be made to the university's network to support VDI?
Nothing much. We have a lot of capacity to support this through the wired network and also we have a lot of capacity left in our Internet connectivity.
What sort of resources (people, money, time) are you putting into the project?
One systems engineer configured the server and is responsible for maintaining the back-end and provisioning accounts as required.
One desktop administrator is responsible for building and maintaining the client desktops and consulting with users on customizations.
One project manager is responsible for identifying potential new uses for VDI and consulting with users.
Several desktop support staff have been involved in testing. It is very hard to quantify this, but none of the staff has spent a lot of time on this. I would say that the total effort would be four weeks of one staffer's time. We did consult a fair amount with NetApp on setting this up.
What special skills are needed by staff to plan and roll out this project?
Deep understanding of VMware, SAN architectures (in our case NetApp and how IOPS works, how to use the analysis tools to monitor and manage capacity), managing Windows images, Active Directory and networking (especially for efficient routing).
Anything that you would have done differently if you could start over?
No. I strongly believe this is a strategic direction for us. Cost reduction, easy manageability, security and the anticipated increase in the use of tablet devices are clear driving forces. The sheer number of boring and routine calls that an IT staff has to make to "fix" individual computers today will be reduced by orders of magnitude through centralized image management and by simply swapping the end device such as a thin client (when needed). Of course, there are many in the academic community who still need powerful computers to carry out their work and those devices will continue to exist. But for many, whether software runs on a window on their mobile device or their own computer is less relevant than being able to get the work done -- which will potentially be done quicker and safer.
What have been the biggest surprises, good or bad, with VDI so far?
When we began this at Wesleyan [Ed.'s note: not to be confused with Wellesley] three years ago, we quickly realized that it is not a turnkey system. It has come a long way, but still, there are so many moving parts to it and having a clear understanding of how to architect them is key to this. I am proud to say that we have top-notch technologists here at Wellesley in the areas of VMware and NetApp, and this makes a whole lot of difference as to whether you are going to succeed or not or whether you are in for surprises.
Has the school already implemented any other virtualization technologies?
We have been using VirtualBox to run Windows software on Macs for the last two years.
Give me a few pieces of advice you'd have for organizations thinking of making the move to VDI.
Make sure to do the research (a lot of it!). Make sure that you have the expertise in the areas that are required to support VDI. Talk to the vendors regarding capacity (NetApp has been great in running some of the diagnostic software to profile our existing hardware and you need that level of analysis before jumping in). Invest in thin clients carefully based on the actual need and not just price (some are poor in delivering video). Be honest in understanding and presenting that the project is not going to save actual dollars in the first cut and that the savings are going to be realized over time and in total cost of ownership/management. Also, consider server-side antivirus software.
Anything else worth noting?
If you can afford it and your needs are met, move to tablet devices and to cloud. IT organizations have to realize that by doing this, they can begin adding real value to the core mission of the organization. In our space, that means we can become the source to partner with the faculty and students on how technology can enhance teaching, learning and research.
Editor's note: Thanks to Wellesley College's Erin Richardson (assistant director of computing and media support), Leonor Martins (manager of Systems Group), Tim Cantin (network engineer), Don Nightingale (network engineer) and David Rabinowitz (virtualization support leader) for their contributions to this article.
Follow Bob Brown on Google+, and for the latest on network research, follow his Alpha Doggs blog.
Read more about data center in Network World's Data Center section.