What is VDI Architecture?
Virtual desktop infrastructure (VDI) architecture enables the remote delivery of virtual desktops and applications. Virtual desktops typically execute on virtual machines (VMs) hosted in a data center, and each virtual desktop contains an operating system (OS) and applications.
A VDI architecture typically includes a hypervisor, virtual machines (VMs) running virtualized desktops, and a connection broker that lets customers connect to the VDI site and access their desktop. Running VDI on-premises is complex, and requires large-scale infrastructure including servers, storage, networking, virtualization and management software.
VDI Components and Process
Let’s review the key components of a VDI system and the process by which it delivers virtualized desktops to users.
Hypervisor
The hypervisor creates and runs virtual machines (VMs) on physical hosts. Its role is to split the hardware into multiple VMs, each with its own operating system, configuration, and applications. The hypervisor creates desktop instances on virtual machines. Typically, each VM contains a virtualized desktop.
VDI deployments typically use a Type 1 hypervisor, also called a “bare metal hypervisor”, which is installed directly on physical hardware. Because there is no intermediate operating system, this type of hypervisor is known for its stability and high performance.
The Type 1 hypervisor itself includes a full operating system, and can also run virtual machines, known as guest operating systems. The physical machine running the hypervisor only provides virtualization capabilities and cannot be used for any other purpose.
Type 1 hypervisors are suitable for large-scale VDI deployments with hundreds to thousands of virtual desktops. They make it possible to achieve high density of VMs per machine and maximize ROI from the hardware.
Connection Broker
In a VDI deployment, the connection broker enables end-user devices to connect to the VDI system and gain access to a virtual desktop. It is responsible for:
- Providing a connection point for end user devices inside the corporate network, and enabling secure remote access
- Validating user credentials and determining which virtualized desktop or software the user is eligible for
- Reroute client connections to virtual machines or remote session servers
- Provision desktops to virtual machines and managing desktop pools
Desktop Virtualization Process
The hypervisor, virtualized infrastructure, and connection broker, work together to enable desktop virtualization:
- The hypervisor creates virtual machines (VMs) to host virtual desktops. If necessary VMs can be replicated between servers for high availability, or migrated to balance loads between servers. When virtual desktops are not in use, their virtual machines can be shut down or reused for other desktops.
- Administrators use VDI management software to create, manage, configure desktop pools based on shared images, and set policies.
- An employee logs into a desktop from client software deployed on their local device.
- The connection broker authenticates the request, processes it and routes the user to a virtual desktop.
Related content: read our guide to VDI deployment
VDI Architecture Examples
Here are two examples showing the architecture of leading VDI solutions – VMware Horizon and Citrix Virtual Apps and Desktops. This can make VDI architecture a bit more concrete, and help you understand real-life deployment models.
VMware Horizon
The VMware Horizon architecture includes the VMware Horizon client, which authenticates with the Connection Server. The Horizon Client then connects to a virtual desktop or Remote Desktop Session Host (RDSH) server.
Source: VMware
For remote access, the system uses Unified Access Gateway (UAG), a VMware secure access solution. The Horizon Client first communicates with UAG, and if authorized, proceeds to authenticate with the Connection Server. It then establishes a connection to a virtual desktop or RDSH server.
Source: VMware
The following figure shows the logical architecture of all Horizon components.
Source: VMware
Citrix Virtual Apps and Desktops
Image Source Citrix Virtual Apps and Desktops architecture
The Citrix Virtual Apps and Desktops architecture contains several layers, including:
- A user layer—defines the end user environment and endpoint devices allowed to connect to resources.
- An access layer—defines external and internal access privileges to the Citrix environment. Includes Citrix Workspace and a Gateway Service.
- A resource layer—defines the virtual desktops, applications, and data provided to each user group. Includes Remote PC Access and Windows Virtual Desktop.
- A control layer—defines the components used to support the environment.
- A host layer—defines the hardware components, including private, public, and hybrid cloud resources.
Addressing VDI Challenges with Hysolate
Creating and managing a VDI solution is a huge undertaking for an organization. Creating, planning the infrastructure correctly, and making sure everything is tested, has the proper sizing to support the target population requires thousands of hours of work and a huge investment. In addition, running the servers on premise leads to high OpEx and CapEx costs.
With that said, in today’s remote first world, users connecting to the datacenter VDI solution, sometimes over a VPN tunnel will get poor performance and user experience and desktops are not available when offline.
Hysolate solves these problems with an innovation called isolated workspace as a service (IWaaS). Users get a local isolated operating system running on their machine, which is deployed within minutes and managed from the cloud.
Isolated workspaces enable:
- A higher level of freedom on employees corporate devices
- Ability to receive 3rd party generated content in an isolated zone
- Access to IT admins, DevOps, developers, and other privileged users in their everyday environment
- Access to employees from personal, unmanaged devices
The behavior of the workspace is controlled from the cloud, while all of the computing resources run locally on user machines.
This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience, with offline availability.