itgeek.co.nz

In my previous blog here I provided an overview and “what is” application virtualization and Microsoft App-V. In this post I will attempt to move beyond the basics and try to address the good, the bad and the ugly of application virtualization with Microsoft App-V.

Desktop and Application optimization…
If you read my previous post you should now have an idea what application virtualization and Microsoft App-V is and what it can provide to a computer network. I remember reading somewhere that “a operating system is at it fastest and optimal post a fresh install and before any applications are deployed”. This is something I and I am sure any IT pro will agree with and while we would love to keep our machines in this optimal state usually an application or two is required. Now meet my friend App-V, this neat little application can conceivability keep your machine as close to a fresh install as possible as applications are not installed in the traditional sense.

What do you mean the application is not installed?
Microsoft App-V for example provides a virtual registry and  virtual file system. When a sequenced or virtualized application is deployed to a Windows Vista workstation the application does not sit in c:\program files\… or write to [HKLM\Software\Microsoft\…] it is truly sandboxed and held at arms length from the operating system. As far as the application is aware it is installed locally however when it writes to the local registry that application call is redirected to a virtual or “faked” registry, this also hold true for the file system. 
What you see is an application laid down on disk but does not “taint” the local operating system with crazy registry entries or participating in DLL hell.

Can I virtualize application xyz?
Now not all applications are created equal and not all applications are a candidate for virtualization, what I mean is not all application will function within a virtual environment or even sequence correctly in the first place. Generally applications that fit the following list may not be candidates however all applications are different and everybody's experiences are different.

1. Applications that install a boot time service.
2. Applications that use COM+ (check here for more info and workarounds)
3. DLL’s that run in Dllhost.exe AKA COM DLL surrogate virtualization.
4. MAPI applications check the following link for help.
5. Internet Explorer (google or bing :-) this, some believe you can).
6. Device drivers or any application that uses them (unless you can install the device driver separately and locally from the sequenced application)
7. Applications for example that are tied to a machine or tied to a system’s MAC address.
8. Helper applications such as those with a multifunction printer… the root of all evil for any virtual environment :-)
9. Operating system hotfixes in any way shape or form.
10. most (but not all) antivirus applications that use filter drivers that interact with the operating system directly.
11. Some windows services.

So what is actually virtualized?
One of the great things about App-V or application virtualization in general is the ability to uninstall an application and ALL settings, binaries, registry entries, and random configuration files are removed no ugly desktop icons or folders in c:\program files or manually remove

When a file is sequenced the following is a list of what is wrapped up into well… a sequence.

• Files
• Fonts
• Registry entries
• INI files (oh the horror!)
• Namespaces
• Services
• COM/DCOM objects

What methods are available for application virtualization?
There are three methods available for deploying application virtualization when utilising Microsoft App-V, standalone, streaming and full infrastructure.

Standalone – Enables virtual application delivery to businesses that may not have the backend infrastructure to support streaming or the full infrastructure model. The only software required is the sequencer which can sit on a workstation. Applications are sequenced and packaged into a MSI (Microsoft Installer) which contains all the information required to deliver and install the virtual application. This model requires a method of application delivery either manual (CD/DVD or USB) or automatic (SCCM, AD or some other package deployment tool). This model is also best suited to users who are remote or disconnected from the network.

Streaming – Model consists of the streaming server, the sequencer and the App-V client. Applications are placed on the streaming server where they are downloaded or streamed to the client on demand. When streamed a client receives what is called “feature block 1” then obtains further blocks when needed this leads to faster start-up times for applications.

Full Infrastructure – Requires the largest investment in “infrastructure” as it consists of one or more Microsoft System Center Application Virtualization Management Servers and the App-V client on workstations or Terminal Servers.

Allot of IT adman's find the “streaming” model works for them and can easily leverage existing servers and software onsite.

Client considerations…
Always ensure a large enough cache has been provisioned (2GB standard) perhaps 4GB is better. Ensure clients are pre-cached on Terminal Server’s for best performance and user experience, and remember at this stage only 32bit (x86) operating systems are supported. (This will change with App-V 4.6)

Sequencer Considerations…
Provision an isolated and dedicated workstation for application sequencing. Ensure this workstation does not have any background applications or agent software loaded. If you are not sequencing Microsoft Office but it is part of your base workstation image make sure it is also loaded to the sequencing machine. The sequencing machine must have a second drive letter that matches the virtual drive used by the client, this could be a network drive or USB drive for example. The default drive is Q. Deploying to a staging environment is recommended.

My first post on App-V is available here.

Blog, Virtualization, Windows app-v, virtualization

Microsoft Application Virtualization or App-V (fits in nicely within the *-V naming scheme, Hyper-V, MED-V...) is Microsoft’s application virtualization and application streaming technology that competes with the likes of Citrix XenApp streaming, VMware ThinApp or Symantec’s AppStream. Microsoft App-V was previously named Microsoft Softgrid which was acquired in July 06 through the acquisition of Softricity a Boston, Massachusetts software company.

Application Virtualization and streaming provides and enables the deployment of software into na isolated or sandboxed operating system environment without modifying the local OS file system or registry. This ensures operating system integrity, reduces application and DLL conflicts and reduces the need for application and environment testing on different hardware and operating system environments. Applications such as Office XP and Office 2007 can be sequenced then deployed and executed on the same end user device without any application conflicts.

Applications are profiled or sequenced (installed) usually on/to a dedicated workstation, these applications are as stated sequenced or packaged (think of this as the installation being monitored, looking for where files are installed to or registry entries are added) the binaries are bundled into a single file or .CAB and located somewhere accessible on the network (this is a highly simplified explanation!).

A sequenced application is then assigned to a user or group. Depending on how this application is assigned an icon is provided to the local desktop via the locally installed App-V client. When a user double clicks the icon the sequenced application is streamed to the local machine only downloading the parts of the applications required to execute into this isolated or sandboxed virtual environment on the local PC and executed. Often only 20-40% of an application is required to be downloaded before it can execute leading to improved start-up times. Downloaded binaries are cached on the local machine for faster retrieval when next required.

The network storage location provides a common set of binaries for all operation systems both desktop’s and server’s alike. If an admin needs to patch an application only the common source of binaries is patched/updated, the App-V client next requests this application the patched or changed binaries are automatically downloaded to the local machine and executed removing the requirements to visit each machine or deploy a patch through Active Directory, SCCM or your favourite deployment tool.

Microsoft provides a centralised management tool and core to App-V is the App-V management Web Service, this provides a central service for the admin of App-V servers and sequenced applications. Administrators communicate with the web service via the App-V Management Console through this console you can publish, assign, remove applications, configure settings, metering and permissions. The central management platform is not always required as Microsoft has provided alternative methods for deployment of streamed applications with a standalone mode, this allows the sequencer to package the virtual application into a MSI. This allows the delivery of sequenced applications to App-V desktops via the Microsoft Windows Installer with the Windows Installer loading and configuring the virtual applications. This in turn allows application delivery via your favourite ESD (Electronic Software Distribution) method or even from USB drive or CD/DVD.

While applications are retrieved from the network in real-time applications or end user devices can be configured for “offline” mode which allows the full application to be downloaded and cached on the local drive for full functionality offsite or while not connected to the network. Of course this is only possible when an application can function offsite or offline such as Adobe Reader or MS Office - don’t expect your SAP client to magically function without it’s backend database available!

At this time Microsoft only provide a 32bit (x86) client so this technology does not work on Vista x64 or Windows 2008 x64 however this is set to change in App-V 4.6 which is set to provide a x64 App-V client.

Not all applications are candidates for application virtualization and each IT professionals experiences with application virtualization are different. Some applications just plan refuse to sequence while applications such as MS Office may best be installed locally in the traditional manner to ensure all application can access Office outside of its sandbox. My only recommendations to you is test, test and then test again. With App-V 4.5 some say you can even virtualize windows services, however I have no such experience.

Microsoft Application Virtualization for Terminal Services or App-V for TS is the version of App-V that runs under Terminal Services (Remote Desktop Services) or Citrix XenApp (just to confuse) and extends its capabilities to profile management (among others) allowing the use of things such as mandatory profiles with the ability to capture user settings and configuration data and in turn saving this data to the network. This delivers a dynamic yet locked down profile that saves all user settings while providing all the stability benefits of mandatory profiles in Terminal Services environments. (Anyone remember flex profiles!)

Currently App-V is available via the Microsoft Desktop Optimization Pack (MDOP) to SA covered desktops for the cool price of $10 per end user device.

The following PDF while a little dated now with the new releases of referenced software versions still provides a good comparison of competing application virtualization products.
http://virtualfuture.info/wp-content/uploads/2008/09/vf-appvirtchart092008.pdf

Microsoft’s App-V site.
http://www.microsoft.com/systemcenter/appv/default.mspx

Microsoft App-V for Terminal Services.
http://www.microsoft.com/systemcenter/appv/terminalsvcs.mspx

Excellent community App-V blog.
http://www.softgridblog.com

Blog, Virtualization virtualization, app-v, xenapp