I’ve written (and reaffirmed) that “full” support for user-installed applications is critical for desktop virtualization to take off. I’ve since realized that instead of waiting for future products to fully support this feature, we can already satisfy what’s essentially the same requirement by simply giving our users two VMs each—a locked-down one for corporate apps and a second one for non-standard user-installed apps.
What is a “user-installed app?”
One of the ways that desktop virtualization (regardless of it’s specific incarnation) saves money is by giving administrators the ability to create and manage a single Windows desktop image that’s shared by hundreds or even thousands of users. Of course most environments of this size have differing requirements for different groups of users (in terms of the apps they need, hardware requirements, etc.). So the idea is that an admin creates a single “baseline” image that all users share, and then when the user logs in, that image is customized (on-demand) for the user’s specific needs. A big part of this customization can be the applications that the user needs, and today’s application virtualization technologies do a decent job of streaming or providing the applications “on demand” into the user’s Windows session.
The only problem with this is that these “on demand” deliveries of applications can only be done for the specific applications that the administer has pre-configured. This is fine for the standard apps that an organization needs. But what about all these “one off” apps that admins don’t have time to virtualize or package? In the old days users could just install their nonstandard apps on their workstations and be okay. But now that we need to share the master disk image with multiple people, we can’t let users install their own apps unless we give them each their own personal disk image.
ISVs to the rescue?
For the longest time, I really expected the vendors to solve this problem. I sort of assumed that one of the traditional app virtualization vendors would make a kind of modification to their product where it would always run in “package mode” (for lack of a better term). So anything the user did (or installed) during his or her session would be encapsulated and stored somewhere outside of the image, allowing the any apps they installed to be “put back” the next time they logged on.
Certainly the vendors are working on this. User workspace management vendors like AppSense, RTO Software, Scense, and RES Software are getting pretty close. Viewfinity has built a whole company around this concept from the start, and it’s rapidly becoming clear to me that this is RingCube’s future too. (I also wrote about how MokaFive was going down this path earlier this year.) Even companies like Atlantis (who plays in the disk I/O virtualization space) has a hand in the user-installed app department.
Who needs these ISVs?
It occurred to me after reading Daniel Feller’s blog “Do virtual desktops really need to support user-installed apps?” that the answer to that is “no.” (Well, “yes” we need users to be able to install their own apps, but “no,” we don’t need this to be a feature of the platform per se. Daniel’s blog post was really more about talking about why user-installed apps were a bad idea for VDI in general, though he does mention the concept of the user-managed PC.
Today’s user-installed app solution: Give the user a second, unmanaged VM
As I mentioned in the opening of this article, I initially thought that we needed the ISVs to give us “real” support for user-installed apps. But Daniel’s post made me realize that we don’t have to wait. It’s as simple as giving the user a second VM that they can use for all their own stuff. This VM can be right next to their locked-down corporate VM (whether it’s in the datacenter or on the client) and can be the “go to” destination when users need to install their own apps.
In addition to being possible today, I really question whether we’ll EVER be able to wholly solved the user-installed app problem. I mean Windows just wasn’t designed to be sliced into the thin layers we’re using today, so there are some things that just won’t work. (For example: What if you have an XP SP2 base image and the user installs an app which is encapsulated and stored somewhere persistent for the user. Then what if the admin updates the underlying Windows layer to SP3, but that user-installed app is not SP3 compatible. What happens? Do we remove the user-installed app? Do we continue to boot that user to SP2? Do we do something else?) The point is that all these products that try to make Windows more “layer-like” have their work ahead of them.
In the meantime, the rest of us can just give our users a second VM.
Moving forward you could even imagine something like Citrix’s VM-host apps feature growing to support user installed apps in a “personal” VM. Imagine if Citrix gave each user a persistent VM into which they could install whatever they wanted, and then those apps were automatically and dynamically recognized and delivered seamlessly into the user’s primary desktop.