Citrix takes bare-metal hypervisor to PCs
XenClient less than it could be
On Wednesday, Citrix Systems kicked out XenClient, a bare-metal (or type 1 in virt lingo) hypervisor aimed at desktop and laptop PCs, perhaps in an attempt to steal a little thunder from VMware and its upcoming VMware View 4.5 virtual desktop infrastructure software, expected to be announced at the VMworld conference in San Francisco next week.
If you want a true bare-metal hypervisor for your PC and don't want to be monkeying around with hosted hypervisors running on Linux or Windows, then the XenClient hypervisor will probably sound interesting to you. But if your notebook, PC, or workstation doesn't sport Intel's vPro business PC add-ons, or heaven forbid you are trying to use x64 chips from Advanced Micro Devices, you're going to be disappointed with XenClient.
The XenClient effort was launched in January 2009 as "Project Independence", and is conservatively eight months late to market as a commercially supported product. But as a free-standing, bare-metal, commercially supported hypervisor goes — which is what many customers want — XenClient has not really arrived at all.
To be fair, XenClient is going to be available in an Express freebie edition that individuals or companies can download and put on as many as ten machines. But according to Sumit Dhawan, vice president of the XenDesktop VDI lineup at Citrix, a fully supported XenClient hypervisor for PCs will only be available in the XenDesktop 4 Enterprise and Platinum Editions. XenClient will not add to the cost of those editions. The freebie XenClient Express will have support only through the Web forums at Citrix, which is not the kind of support that makes most companies comfortable.
Although it did not say so in its announcement, Citrix has no doubt come to the conclusion that it needs to focus on supporting XenClient on a restricted set of PCs, and in specific use-cases that can help drive sales of XenDesktop. And more importantly, it needs to position XenDesktop against VMware's View 4.5, which is expected to sport so-called offline VDI capability. Dhawan says that this offline VDI capability will allow customers to check out a virtual machine from a central repository and then run it offline, checking it back in and resynchronizing it when the machine reattaches to the network. He called this approach "cumbersome and complex."
Back in July, when VMware was going over its second-quarter financial results, Paul Maritz, president and chief executive officer at the virtualization juggernaut, confirmed that VMware had spiked its own bare-metal hypervisor for PCs and would be putting offline capabilities into the View VDI stack.
"The feedback that we got from our customers is the market is not ready yet for a bare-metal, naked hypervisor," Maritz said back in July. "So instead we are supplying essentially a Windows-within-Windows hypervisor, which gives us much better coverage over the installed base in particular. The challenge with the bare metal hypervisor is: 'how do you address the installed base?' So we made that change based on customer feedback."
This is, of course, perfect nonsense.
What is closer to the truth is that neither Citrix nor VMware can afford to provide technical support on a new bare-metal hypervisor for PCs that runs across myriad combinations of processors, chipsets, graphics cards, and other peripherals and still make a buck. And they only figured that out after promising to do the right thing for customers, which is to give them a bare-metal hypervisor just like x64 servers have.
Those x64 servers are less varied in their processors and peripherals, and they're run by intelligent IT shops who pay big bucks for the hypervisors, their extensions, and support contracts. So this is a business, while a desktop hypervisor that doesn't rely on a Windows or Linux host to do most of the work is not.
In this regard, a bare-metal hypervisor faces the same chicken-egg problem as desktop Linux does. No one can make enough money doing it at $25, $50, or even $100 per seat per year to do the job right, and so everyone pulls back on Linux desktops except in very precise cases, such as call centers.
Citrix XenClient woven into XenDesktop is not a complete solution to the problem IT shops face in coping with PCs these days, just like VMware View 4.5 will not be. But XenClient, at least, is a true bare-metal hypervisor that can provide the kind of isolation between virtual machines that companies are looking for to secure their applications and data, particularly on laptops that need to be functional when they are off the network.
XenDesktop includes VDI as well as application-streaming functionality taken from XenApp (formerly Presentation Server), and VM-hosted applications, a kind of hybrid that wraps legacy applications up in a hypervisor back on the server and streams them down to PCs. XenDesktop, which now includes XenClient, weaves them all together to create a Swiss army knife of PC virtualization. XenDesktop itself supports a wide variety of PCs and servers, and even lets customers pick VMware ESX Server or Microsoft Hyper-V hypervisors on the backend.
Not for everybody
But the XenClient hypervisor for PCs, as you can see from the specs, is fairly limited in terms of the machines it supports. Your PC needs an Intel Core 2 Duo, Core i5, or Core i7 processor, and Intel's GMA 4500 or HD Graphics adapters. Intel's wireless electronics are supported, and you need 4GB of main memory and 160GB of disk to use XenClient. Intel's vPro extensions for managing PCs are strongly recommended.
So far, HP's EliteBook 6930p, 2530p, 8440p; Dell's Latitude E4300, E6400, E4310, E6410, E6500, and E6510 and Optiplex 780; and Lenovo's ThinkPad X200, T400, and T500 PCs are supported. If you have one of those machines, you can download it and see what it is all about. If not, well, there are always hosted hypervisors such as Oracle's VirtualBox (if you want to spend nothing) and VMware Workstation (if you want to give VMware some money).
The problem with XenClient, and with modern office workers and contractors, is that many of them are using their own PCs and don't want the IT department of their full-time or temporary employer mucking about on their machine — Dhawan cited a statistic from an unnamed source that says 20 percent of the US workforce is comprised of contractor employees.
This is probably the resistance that Maritz was alluding to back in July when he said that VMware had pulled the plug on its own bare-metal hypervisor. If you don't buy the PC, then it's a little hard to be all that demanding about what can be installed on it. If companies shelled out a couple grand for a brand new laptop with a bare-metal hypervisor, and could use one partition for private use, it would probably gain a lot more acceptance. But it would cost more money for the IT department, too.
And so for mobile and contract employees, Citrix has cooked up a little something called XenVault, which is an encrypted directory on a PC that is controlled by XenDesktop. When applications are streamed down from XenDesktop to PCs, any data created by or used by these applications is stored in this encrypted directory.
If applications are streamed down to a PC in a way that allows them to work offline, they can continue to do so because the data is on their machine in that encrypted folder. And if an employee if terminated or a laptop is stolen, the IT department can sync up with the machine once it hits a network and either lock the encrypted files or wipe them off the machine. Because it's a just a directory on a PC, XenVault will work on any PC that can have a XenDesktop receiver on it.
The bundled XenClient hypervisor and XenVault secure directory for XenDesktop 4 will both be added to Feature Pack 2 for XenDesktop, which will ship in the last week of September. ®