App Containers

Application containers for Citrix XenApp/XenDesktop, VMware Horizon 6, and Microsoft Remote Desktop Session Host (RDSH) are the rave. What exactly are application containers, and how did the market get to this point?

First, applications are the bane of many virtualization architects, administrators, and engineers. This application requires a specific version of .NET or Java, that application has embedded “click once” functionality, and some applications just don’t socialize well together. Especially in a virtualized application environment such as XenApp, where there are a multitude of applications in use, complexity is often extreme.

Application containers are different from application isolation. App-V is the de facto standard for application isolation. It requires a specific application packaging output to install apps into an isolated area of the registry on that same device so as to avoid conflict with applications that have been installed traditionally using the Program Files or Program Files (x86) folder.

When App-V and its predecessors first arrived on the scene, conceptually, it seemed like application nirvana. After all, it held the promise of distinct application packages that would enable administrators to mix and match applications based on need and without concern for application compatibility or socialization. Some organizations went so far as to decide that App-V would be used to address all applications, and the process of packaging and isolating all applications was initiated.

But…application nirvana was never quite achieved with App-V. The overhead for numerous App-V applications became exponentially worse as the volume increased. And while some applications packaged nicely, others required manual tweaks from an expert that were time consuming. Further, once all apps were packaged and the application library was fully stocked, software vendors had the nerve to update applications.

Conceptually, app containers enable administrators to maintain a pristine operating system image and one or more “bolt-on” application images. From a user perspective, it is indiscernible that the applications are coming from another image.

Before diving into app containers, let’s think through why you might want to use one. Of course, the aforementioned need to segregate the operating system from the application image(s) would be primary. Within a virtualization environment, there typically is a multitude of base images: e.g., one image for the accounting group, one image for the developers, one image for the sales team, and so on. With app containers, there is one base image and an app container for each group. For an organization that has only one or a few base images, app containers would be overkill.

In addition, applications that can’t be properly virtualized or socialized, such as those that contain specific drivers, may be good candidates for app containers. But then again, App-V may be a good option for these.

App containers came to the fore last year when VMware acquired CloudVolumes, which is now called App Volumes. Although App Volumes continues to function with Citrix XenApp/XenDesktop and Microsoft RDSH, the focus is clearly VMware vSphere and Horizon 6. App Volumes enable applications to dynamically attach to users, groups, or devices.

Citrix responded to this feature by enabling the new AppDisk functionality in the current XenDesktop tech preview. Citrix also adds AppDNA functionality to analyze applications, which provides administrators with the ability to determine whether application issues exist at all.

In this pre-release, the functionality of AppDisks enables assignment only by Delivery Groups. While this may address the needs of some administrators, being able to assign the app container based on this single criterion may be too basic to address most requirements.

Fellow Citrix Technology Professional Esther Bartel spent some significant time testing AppDisks, and she had some interesting comments: “AppDisks give us more flexibility in the update process of the vDisk. With AppDisks, I can choose to update my OS (basic) vDisk on a monthly basis, while I can update my virus scanner AppDisk on a weekly basis to keep up with the latest virus definitions. I can even have different application management teams perform the updates or quickly test the impact of a single application update on the virtual desktop.”

If app containers are deemed to be the right solution, a more advanced third-party solution, such as Liquidware Labs FlexApp Application Layering, may be required. FlexApp provides more than a dozen criteria for application assignment, thus offering the ability to very granularly select which users and/or devices should be provided with which applications under which circumstances. In the event of an unplanned app issue, removing FlexApp is as simple as stopping a service.

As with all technologies, the first question to ask is whether you need app containers for your environment. Once the technical and business success criteria are addressed and the need for app containers is confirmed, the key factor in determining which solution is best for your environment will largely rest with the granularity of application assignments required.

Posted in End User ComputingTagged , , , , , , ,