|
Virtual machines have been available for a number of years and
they have progressed to the point where they are implemented on a
server level. This has allowed companies to consolidate multiple
physical servers onto a single physical server that runs multiple
copies of virtual servers. This means significant savings can be
made in server hardware costs, although it is important to point
out that the single physical server needs to have sufficient
resources to run the multiple virtual machines.
Once they’ve configured the physical machine, the administrator
loads their chosen virtual server product. They then create the
virtual server by performing a normal server installation or using
a pre-existing virtual machine, in the form of a Virtual Hard Disk
(VHD) file. The virtualised server appears to users as just another
server on the network.
Softly,
softly…
Software virtualisation adds a new
dimension to deploying and using software applications on the
corporate desktop. If we consider the traditional role of software
applications, the IT administrator had to acquire the application
from either a vendor or the software development team. The
application was then installed on the corporate users’ desktops
using an appropriate tool, such as Microsoft Systems Management
Server (now known as System Center Configuration Manager 2007). If
a revision to the software became available, the application had to
be retested and repackaged for distribution. This led to delays in
implementing the latest version and meant multiple versions could
be in use.
Administrators also had to ensure that applications did not clash
with each other and sometimes had to install multiple versions for
different groups of users. Finally, they had to stop people making
unauthorised copies of applications and ensure that all copies of
the software were licensed.
Microsoft SoftGrid solves all of the above issues by virtualising
the application (Figure 1) through a process called sequencing,
which is similar in concept to repackaging an application. Once
sequencing is complete, the administrator makes the application
available to the user. If the user is not permitted to use an
application, it is simply not displayed to them. To use the
application, the user clicks on its icon and the application is
streamed to them. It’s very quick and the user is unaware that the
application is being streamed.
Many of the applications we use are designed to both run and
present their user interface on the same machine. This is fine most
of the time, but it has its downsides. For example, organisations
with large installed bases of desktop machines must ensure that
sensitive data is kept secure. They must also spend significant
amounts of time and money managing the applications installed on
these machines. If the application is run on a Terminal Server,
organisations can secure the application better. The user is only
presented with an interface to the application, allowing the
administrator to secure access to it. The amount of time spent on
maintaining the application is reduced because the administrator
only needs to maintain the copy of the application stored on the
Terminal Server, not separate copies on multiple client
computers.
That’s not
all…
Examples of other virtualisation
technologies are network virtualisation and storage virtualisation.
We can describe network virtualisation easily by use of a virtual
private network (VPN) connection. Users connect to the corporate
network by tunnelling through the Internet. Once connected, the
user experience is as if they were physically connected to the
corporate LAN, albeit not at LAN speeds! Microsoft’s implementation
of VPN technology is via Internet Security and Acceleration (ISA)
Server 2006 and Internet Application Gateway 2007 products.
Storage virtualisation, broadly speaking, is the provision of
remote storage to a user. An example is folder redirection, where
data is stored remotely from the user on a network server. A much
more powerful and complex approach is a storage area network (SAN),
but the principle is the same.
Looking to the future, Windows Server 2008 includes virtualisation,
which is a separate install, and is set to ship within 180 days of
the release of the new operating system. This 64-bit technology
uses the same VHD format as Virtual Server 2005 R2, which means
migration paths are simple.
Management
issues
The application management lifecycle is
a challenge that many organisations face. This is the cycle of
deploying, updating, supporting and terminating all of the hundreds
or even thousands of applications in an organisation. If
organisations can reduce the amount of time spent on managing the
desktop, this will have an impact on the company’s bottom
line.
Traditional methods of deploying applications to the desktop, such
as CD/DVD or in-situ installations, are rare. An organisation with
many installed desktops to manage will use products such as System
Center Configuration Manager and Tivoli. As we saw above, Terminal
Server can also be used to deliver applications to the corporate
user via Terminal Services Application mode. Using SoftGrid,
companies can reduce the amount of effort required to deploy
applications. The SoftGrid client agent is installed on the
corporate machine and will interact with the SoftGrid server to
receive updates, report software usage and perform client
management of the virtualised applications. Once the sequenced
application is available for deployment to the client, the
administrator will import the application into the SoftGrid
Management Console and make it available to users.
Updating applications covers patching, service packs and upgrades.
Patches need to be fully tested to ensure that no conflict with
other applications occurs. If a conflict is discovered, the
administrator must decide what action to take. If the application
is a critical security patch, for example, there may be no option
but to install the patch and disable or remove the conflicting
application. If the application is critical, the administrator may
not upgrade. However, with SoftGrid, applications live in their own
software bubble and do not need to interact with other
applications. There is no need to do any testing and the
application can be deployed as soon as it has been sequenced.
For applications that require service pack updating, the same
considerations apply. The administrator will perform tests on the
application to ensure that the user’s documents still work with the
service packed application. Upgrading applications in an
organisation can be a time-consuming and costly exercise. The
administrator needs to determine the current version of all the
applications. Upgrading applications can mean users can’t use their
existing data because of changes to the file format, and rogue
versions of later applications can render data inaccessible through
changes to the original data file format.
Using SoftGrid, the administrator can deploy different versions of
the same application and they can all coexist on the same computer
and be available to
the user. Document extensions can also be linked to the different
versions of software. For example, Microsoft Word has, until the
release of Office 2007, used the same extension, namely .doc. Using
SoftGrid, the administrator can link the Office 2003 version of
.doc to run with that application. If a .doc file from Office XP is
used it can be linked to start with that version of Office. Another
advantage to this system is that the old version of the application
can be removed very easily without a support engineer having to
visit every machine.
Licence to
thrill
Organisations can also manage their
licences using SoftGrid. This can be done in one of two ways. You
can either select Audit mode, which tracks usage of an application
and, based on usage, make licensing decisions. Or you can use
licence ‘enforcement’ where the client checks a licence store to
see if a licence is available. If a licence is not available, the
application will not launch. Organisations can save on licence
costs using the licensing features in SoftGrid. Naturally, the
licence model applied by the software vendor will affect any
savings – for example, a site-wide licence covering all usage of an
application would render licence enforcement redundant.
Supporting an entire library of applications in large organisations
can be a daunting task. Users may damage applications by mistake by
deleting critical application files, thus adding to maintenance
costs. But by using SoftGrid the administrator can simply redeploy
the application to the user’s computer, saving time and
money.
When an application needs to be replaced or retired, it has to be
removed from the user’s machine. Traditionally this involved an
engineer visiting the machine to remove it or using application
deployment methods to remove it with the application’s uninstall
program or script. This process often left orphaned files, which
could create problems later on, for example by being identified by
another application as part of its install process or by
conflicting with other applications.
To terminate an application using SoftGrid, the administrator
deactivates or removes the application in the SoftGrid Management
Console (Figure 2). The application is then no longer available to
the user. The new or updated application can then be made available
to the user. This functionality should provide real cost savings to
organisations.
Virtualisation
architecture
To support the functionality
described above, SoftGrid uses a technology called System Guard,
which enables applications to run locally but within a protected
environment. The applications execute locally without altering the
client’s operating system, but they still have all the key
functionality of the application and normal response times. There
is little or no dependency on how the client machine is configured,
with the exception of the client’s operating system. This feature
allows multiple applications to run side by side without the user
experiencing any application conflicts. System Guard removes common
application deployment and management problems by:
- Removing application conflicts.
- Allowing different versions of the same application to run
simultaneously on the same computer.
- Enabling applications that were unable to run in multiuser mode
to do so on Terminal Services or Citrix MetaFrame.
- Enabling multiple instances of the same application to run using
different database paths on the same computer at the same
time.
- Removing the need for multiple separate server farms and
time-consuming regression testing.
System Guard works by running applications within a virtual runtime
sandbox (Figure 3). The client operating system is not altered by
applications as they are installed and the client computer’s
registry, file system, INI files, fonts and environment variables
are not changed by the applications. However, since the
applications run locally, access is still available to all local
services, including cut and paste, printing and network drives. The
only read and write changes made to the local client computer are
to profile data and system services using cut and paste, printers
and OLE calls. The application runs using a virtual registry and
virtual file system.
The System Guard and sandbox operation is not limited to desktop
computers. Laptops use the same technology but operate in
‘disconnected mode’. The laptops also benefit from the
virtualisation of applications, even though they are physically
disconnected from the LAN.
Getting
ready
Sequencing is the process whereby an
administrator prepares an application to run in a virtualised
environment (Figure 4). However, certain applications, such as
those requiring access to a firmware device driver, can’t be
sequenced. It is very important to note that no code changes are
made to an application while it is being sequenced. This means that
an administrator can be confident that the application should run
successfully with System Guard.
Sequenced applications behave as if they had been installed on
the local machine. However, these applications are only virtually
present and run within their own sandbox. This isolation means that
applications are much less likely to conflict. This reduces cost
and effort in maintaining and upgrading applications and avoids
costly testing procedures.
Sequencing applications is not as simple as it sounds, though. IT
staff will need training and it’s a good idea to run a pilot
project.
Regression
testing
Wikipedia defines regression testing
as “… any type of software testing which seeks to uncover
regression bugs. Regression bugs occur whenever software
functionality that previously worked as desired stops working or no
longer works as previously planned. Typically regression bugs occur
as an unintended consequence of program changes.”
So in the context of this definition we can evaluate how effective
SoftGrid is in reducing regression testing. If we assume that we
use a standard application, one that does not have any hardware
dependencies such as a dongle, then it often takes more than 40
hours to test against every known configuration within the
organisation. If we translate this into cost terms by applying it
against the usually very large library of applications that
organisations have, then we can see that by using SoftGrid
considerable savings can be achieved. You don’t need to spend time
testing; the only time now required is for sequencing of the
application.
There’s no doubt that SoftGrid will change the way companies look
at deploying software. Once IT staff have mastered sequencing
techniques, the savings will be immediately apparent. The isolation
of applications from each other and the reduced testing and
repackaging that is required makes a compelling case for moving to
software virtualisation.
|