This past year has been very exciting for the End-User Computing group at VMware. Almost one year ago, Sanjay Poonen joined us as General Manager of EUC. In October 2013, we acquired Desktone, allowing us to provide customers with a mature Desktop-as-a-Service solution. In January 2014, we announced partnerships with Google and F5 Networks. Then in February, we acquired AirWatch, the leader in enterprise mobility management – VMware’s biggest acquisition ever. We launched the industry’s first hybrid DaaS offering with VMware Horizon DaaS in March, and in April, we announced VMware Horizon 6 , a ground-breaking release that included fully integrated application publishing.
And today we’re thrilled to announce another major event: the addition of CloudVolumes to the VMware family. We’re so excited about CloudVolumes because they enable real-time desktop application delivery. Delivering desktop applications to users, especially in Windows environments, can be challenging and cumbersome. The installation paradigm for adding and removing applications from a system is heavyweight and fragile. Problems at runtime can easily crop up – such as incompatibilities or conflicts with existing apps – that can interfere with successful application delivery. Preventing these problems often results in complex workarounds, either through scripting or manual intervention. We need a better way, and CloudVolumes provides it.
Very cool technology
CloudVolumes’ product centers on a technology called layering. Layering is a method of decomposing a Windows instance into a set of discrete pieces. These pieces can be things like the base OS, one or more applications, and user data. Once these pieces are placed into separate layers, they can be easily added and removed from a system. The big difference here is that the applications in the layer are no longer being installed. Instead the layer is simply being delivered. This makes adding and removing applications much simpler and less error prone. Given the speed at which CloudVolumes can add and remove applications, we call this technology Real-time Application Delivery.
OK, but this still sounds like magic, right? How does it really work? Let’s dive a little deeper.
CloudVolumes works in both virtual and physical environments. It stores its layers on vmdks for virtual and VHDs for physical. When a vmdk or VHD is mounted, the CloudVolumes agent will query it to see if there’s a layer inside. If so, it will merge the application or user data as appropriate in seconds.
This architecture is extremely cool and technically savvy for a few reasons. First, there is no copy of data. CloudVolumes can map the vmdk or VHD in and immediately start operating on the layer inside of it. In fact, CloudVolumes can attach the same layer to multiple desktops simultaneously. This is important because it allows a single layer instance to scale seamlessly, serving multiple desktops and/or users without all the overhead of other approaches.
Second, the truly powerful aspect of CloudVolumes’ technology is that a layer can be added while a desktop is running. In fact, it can even be done while a user is logged in to that desktop. This means that when a user is entitled to an application, that application immediately appears in their Windows desktop (like sub-second in many cases!). Again, talk about powerful simplification. No longer does the admin need to coordinate an outage window to install an app or do an update. Now the new or updated app can be delivered to a running, logged in desktop in a completely transparent fashion.
Third, the best part about it all is that the application isn’t actually installed. Instead, CloudVolumes uses advanced techniques to make it appear as though it is. This ‘last mile virtualization’ enables CloudVolumes to avoid all the problems with installation-based delivery methods. No files are copied, no settings are changed, and desktops no longer need to be powered on for IT to manage applications. Instead, CloudVolumes leverages an innovative filesystem filter driver and, on Windows, a registry virtualization driver to make it appear to the guest operating system and other applications as if an application is installed, when in reality it resides on the layer that was added to the desktop. This also adds an extra layer of security, because the layer is read-only, meaning the user (or a virus!) can’t modify or corrupt the application.
Finally, I want to explicitly say that while we in EUC tend to focus on Windows desktops (and now Windows Servers RDS hosts too), the CloudVolumes technology actually works for all applications, whether they’re desktop or server, Windows or Linux. So while we will mostly talk about CloudVolumes as it applies to Windows, it is a generalized technology that works across the board.
Seamless integration and design simplification
So all the tech is cool, but what does it really mean in practice? I think there are two parts here. First, it means that you can now seamlessly deploy new or updated apps to any of your existing desktops. CloudVolumes works with physical, RDSH, and persistent and non-persistent VDI desktops. Given that applications are delivered via a separate, read-only layer and never copied or installed in the desktop, it leaves the desktop complete untouched. This is very powerful, because there is no need to rip and replace. You can start using CloudVolumes today, on your existing physical, RDSH, or VDI environment, and immediately take advantage of the powerful and simple application delivery CloudVolumes offers.
Second, CloudVolumes enables radically simplified VDI and RDSH architectures through its dynamic injection of apps and data. For RDSH this means no more siloing of application groups. You can now provision generic RDSH images and change application entitlements in real-time, simplifying your RDSH infrastructure. CloudVolumes can also enable VDI non-persistent desktops to have all the persistence properties of today’s persistent desktops because they support user data and user-installed apps even on non-persistent desktops. We see this as an opportunity to wipe away the distinctions between persistent and non-persistent VDI pools, focusing instead on VDI deployments that can now always be architected in a non-persistent fashion, with CloudVolumes delivering the customization and personalization of the desktop at login time.
In these new models for RDSH and VDI, users don’t see any difference, but for IT, it can simplify management and reduce costs. Simplification of management is driven through a single VDI or RDSH architecture serving all users, supporting knowledge workers and task workers from a single shared image with fully dynamic policy-based application access and personalization. Costs can be reduced for RDSH through application silo consolidation and for VDI by leveraging non-persistent architectures for all use cases while consolidating the number of pools and images under management. Non-persistent virtual desktop architectures are cheaper due to resource sharing (linked clones for storage and sharing a pool of desktops for compute), but previously couldn’t support all use cases (e.g. power users or knowledge workers). With user-state abstracted from the base image by CloudVolumes technology, even power-users demanding full flexibility can now be accommodated with a non-persistent pool, lowering TCO and broadening VDI’s appeal. Very powerful stuff!
Part of a bigger vision
But CloudVolumes also allows us to realize an even bigger vision. As I’ve said before, our goal is to unify management across all devices, both desktop and mobile. And we’d like to do it in a mobility management style, because with mobility, app delivery is simple: you import the app from the app store or from a file and then entitle users to that app. The app is automatically delivered to those users’ devices. It’s a simple point and click affair. The opportunity we have with CloudVolumes is to extend that same simple, mobile-like process to the desktop. Admins can now import and entitle apps that will seamlessly pop up on users’ screens, just as users expect, based on their mobile device experiences. VMware EUC technology now offers admins a consistent way to manage both desktop and mobile apps which helps drive down operational costs.
VMware Mirage focuses on delivering layers efficiently to roaming or sometimes offline physical machines which minimizes bandwidth consumption, while CloudVolumes focuses on delivering layers to desktops in the always-on and high-bandwidth context of modern datacenters. While Mirage and CloudVolumes layering are similar at a conceptual level and both avoid the traditional MSI installation hassles, their implementations are optimized for roaming vs always-on use cases, respectively. Mirage delivers layers through the network while conserving bandwidth, whereas CloudVolumes delivers layers primarily using the vmdk/VHD-attach mechanism that avoids needless copying of information in the datacenter where CPU & I/O resources are shared. With Mirage and CloudVolumes together, VMware has the industry’s most comprehensive application layer delivery solution with uncompromised efficiency for all types of desktops.
So in summary, we’re extremely excited to have CloudVolumes join the VMware family. CloudVolumes radically simplifies Windows application delivery, helping to solve a critical customer pain point. In addition, it’s a key enabling technology to support our integrated, cross-device management vision.
What’s the most exciting aspect of this acquisition for you? Let me know in the comments section below.