A document created by VMware’s Keith Johnston explains how VMware View 4.5 manages Linked Clone operations. These LC operations are those tasks executed by View Connection servers through vCenter Server on a daily basis for the purpose of Provisioning and Customisation, Refresh, Re-Compose and Rebalance.
I have to mention here that the VMware Desktop Team have done an amazing job streamlining these operations and making VMware View 4.5 smarter and more efficient than its predecessor.
Before moving forward I recommend reading of for VMware View 4.5 Linked Cloning explained as this article to a certain extent is a continuation of my previous article.
Using the words in this document with few modifications and some pictures I will explain how View 4.5 Linked Clone operations work and how they differs from previous VMware View releases. This is a two part article and this is the first part. Part two can be found at http://myvirtualcloud.net/?p=1246
The diagram above demonstrate where in the VMware View stack each tasks is originally triggered, and the diagram below demonstrate where the tasks is executed. If you are not familiar with the VMware View stack I recommend reading of the VMware View 4.5 Architecture Planning Guide.
- View Manager creates the linked clone entry in ADAM and puts the VM into the Provisioning state.
- View Manager calls View Composer to create the linked clone.
- View Composer Server creates the machine account entry in Active Directory for the new clone and creates a random binary password for the newly created computer account.
- If there is not yet a replica for the base image + snapshot in the target datastore for the linked clone, View Composer creates the replica in the target datastore (unless a separate datastore is being used for all replicas, in which case a replica is created in the replica datastore).
- View Composer creates the linked clone using the vCenter API.
- View Composer creates an internal disk on the linked clone. This small disk contains configuration data for QuickPrep/Sysprep. It is also used to store machine password changes that Windows performs every 30 days as per policy setting and stores the machine account password retrieved from Active Directory in this disk. This ensures domain connectivity is maintained when a checkpointed desktop is refreshed.
- View Manager puts the VM into the Customising state.
- If the pool is configured to use Sysprep, View Manager calls the vCenter API customizeVM_Task to customise the VM with the customisation specifications. Note that any domain / administrator information in the customisation specification is not used. The VM is joined to the domain using the guest customisation information entered through the View UI.
- View Manager powers on the linked clone.
- When the VM powers on, inside the Guest OS on the linked clone, the View Composer Agent sees that it is starting for the first time and calls NetJoinDomain with the machine password cached on the internal disk. The machine is now joined to the domain. Note that this is done for both QuickPrep and Sysprep.
- If the View pool is configured to use Sysprep, Sysprep is now run on the linked clone from within the guest.
- If Sysprep is being used, the View Composer agent waits for Sysprep to finish before notifying the View Agent that customisation is complete.
- The View Agent waits for the View Composer Agent to say that customisation is complete. When customisation is complete, the View Agent sends a message to the View Manager server.
- The View Manager Server powers off the clone and takes a snapshot of the customised, powered off clone. The snapshot is called “vdm-initial-checkpoint”.
- The linked clone has now been created, customised, and a snapshot has been taken in the customised state. View Manager puts the linked clone into the Provisioned state. If the VM is then powered on, it moves into the Available state.
- The figure below demonstrates the initial snapshot called “vdm-initial-checkpoint” created during the customisation process.
While a linked clone is powered on and the View Composer Agent is running, the View Composer Agent tracks any changes made to the machine account password.
In many Active Directory environments, the machine account password is changed periodically. If the View Composer Agent detects a password change, it updates the machine account password on the internal disk that was created with the linked clone. This way when the linked clone is reverted to the snapshot taken after the customisation during a refresh operation, the agent will be able to reset machine account password to the latest one.
As of View 4.5, a refresh operation now simply triggers a revert operation to the snapshot that was taken after customisation is completed. This allows View to preserve the customisation performed by Sysprep. Prior to View 4.5, a refresh operation essentially threw away the current OS disk for the linked clone and created a brand new one.
- View Manager puts the VM into the Maintenance state.
- View Manager reverts the VM to the post-customisation snapshot “vdm-initial-checkpoint”. Only the OS disk is checkpointed. All other disks are created as independent disks and are not part of the snapshot.
- When the guest starts back up, the View Composer Agent detects if it needs to update the machine account password. If the machine account password saved in the internal disk is newer than the one in the registry, the agent will update the machine account password from the one stored on the internal disk to maintain domain connectivity.
In the second and final part of this article I will cover Re-Compose and Rebalance processes. Keep tuned.
Part two of this article can be read at http://myvirtualcloud.net/?p=1246