The Virtual Data Center

Citrix has announced that they’ll be offering an alternative to traditional on-line VDI deployments (ala [Xen|Presentation]Server) in the form of a client hypervisor. In essences, a client hypervisor allows a user to run a full-blown virtual machine on their desktop — basically a throw-back to running VMware Workstation/Player in the enterprise before we had all these fancy virtual platforms like Virtual Infrastructure and Hyper-V.

Functionally, I’m a fan of this model: it allows users to work anywhere without concern about having an uplink. On planes, in coffee shops where there’s no Wifi or the connection is too small to reliably delivery a VDI experience, or even in the woods (solor panels for power optional). It also paves the way to true application virtualization, where the CPU-based hypervisor can be trimmed down to support running applications directly without the bloated guest operating system.

But this un-tethered model also brings up concerns, specifically around management. IT departments are going to have to face tough questions before deploying this type of technology. For example:

• How to deliver client VMs to users, especially remote users? Off-line via media or online?
• Change control: Will users be allowed to do anything with these images and run them like their own laptops? Will there be any type of reconciliation between the remote VM and a central policy source? How often?
• Mobility: Will users be able to transport these VMs between machines? Or will the VMs be bound to a single piece of hardware? If the latter, how will this be implemented and regulated?
• How are these VMs backed up and kept in state? What if the user drops the host (ie laptop) off the side of a ferry while finalizing her critical presentation just minutes before she’s scheduled to present (something a true VDI model would address)?
• In the case of remote users, what happens when the user “checks” their VM back into the corporate network when they’re at HQ?
• Remote access: Will these VMs be tied to a VPN solution? If so, how will that differ from how the host laptop/desktop connects?
• Policy management: How will tools like GPO apply to the host and guest simultaneously?
• Support: What happens when a user has a hypervisor-related issue? Will the support staff be trained to troubleshoot the host, the guest, and the hypervisor?

Many of these questions apply to any IT desktop policy, whether it’s a physical machine or a virtual machine. And to me, many of these issues beg the question “Are off-line client hypervisors worth the cost and effort?”  How does offering client VMs differ than just issuing everyone in the field a “normal” laptop?  In practice I’m inclined to agree with Kane Edupuganti on this issue:

We haven’t explored the idea of putting a [hypervisor] kernel on the devices, because you’d still need a regular PC.”

VDI solves many of the management problems listed above, but not all of them and also brings its own list of issues to the party (network, storage, advanced virtual platform management in the data center). There are security concerns for both models as well, but before we can address how to identify and solve security concerns, we need to be able to manage the environment first. If the goal is to make managing desktops easier and more streamlined, then I do think VDI is looking like a better alternative.

But I do think that the client hypervisor model is an important step towards pushing the computational tasks of running applications down to the client. That application hypervisor is getting closer, and steps to figure out how to manage local computing resources through a client hypervisor are all right by me.