Client Hypervisors: Why Would I Need One of Those?

By Martin Ingram
published: Monday, July 20 2009

We have become accustomed to virtualizing and buying servers with hypervisors already installed, but why would we want hypervisors on our client machines? Are we just adding another component that needs to be managed? To answer this question we need to stop and look at desktop virtualization and, hence, see what benefits a client hypervisor will give us.

Current desktop virtualization implementations are focused on hosted solutions, typically referred to as VDI. Organizations are implementing VDI with the ambition of reducing management costs and delivering a better service to users. In this model, a number of client operating systems are hosted on a virtualized server with users accessing those images through a display protocol. However, merely moving the client operating system into the data center does not deliver the benefits we are looking for.  Essentially, we are still managing individual PCs on a mass scale, with all that entails in terms of management costs.  It's worth noting also that hardware costs have not gone down, and in many cases may increase because of the additional data center servers and storage needed.

The way in which organizations are achieving cost and service delivery goals is through componentization, standardization and automation: Treating the client image as a number of separable components that can be standardized and delivered automatically, on demand. Only by doing this can we achieve greater efficiency in the images users are running, which reduces user management costs by eliminating configuration drift which impacts service delivery.

Another way to think of this is that VDI achieves economies of scale across the estate by letting us manage a single instance of each of the components no matter how many users use it. Techniques in use to achieve this include OS streaming and linked clones to deliver the operating system; application virtualization and application publishing to deliver applications; plus user environment management to deliver all the user-specific aspects of the machine. User environment management is a critical component in this model because it allows us to deliver a user experience that is familiar and acceptable to the user while giving us the ability to standardize the underlying components and deliver them as we wish. The user environment consists of all user-specific aspects of the machine and may include user personalization to deliver a familiar look and feel, personal applications where these are allowed, user data, and the ability for the organization to set up the environment as necessary. In many ways, the user environment becomes the key to successfully managing in the componentized model because it represents what the user and the business regards as important.  This makes it critical to select a user environment management solution with high levels of manageability.

That is all well and good, but the reality of client computing nowadays is that this model will not work for all users in the business: Some users need advanced interactive graphics where the use of a display protocol would not give them acceptable interactivity, plus there are (roaming) laptop users. From an industry perspective, most effort is being directed towards the laptop. The install base of laptops in corporate use is now approaching 50%, and as we know, they are an expensive platform to manage. The techniques of componentization, standardization and automation being deployed in hosted VDI hold great promise for improving the management of laptops, but there are a number of challenges that need to be addressed before we can start managing laptops in this way.

One of these challenges is the lack of a client hypervisor, but more fundamentally, the management model will differ in a number of ways from that which is used for the hosted virtual desktop. First we will look at the client hypervisor and then move onto the particular management challenges of laptops.

Why do you need a hypervisor when you are only supporting a single user on the machine? The initial motivation for server virtualization was to reduce the number of servers by consolidating a number of workloads onto a single machine and so free up underutilized hardware. For this case, it is easy to see why a hypervisor was needed: To host multiple workloads on a single physical machine. In client virtualization we are only serving a single user but we still need a hypervisor for at least the following two reasons:

Componentization

In order to deliver the standardized operating system and be able to change it at will there needs to be something else on the machine which will host the operating system. Additionally, as we shall discuss shortly, it is part of a number of management models being developed.

Hardware Variances

While servers have very few variations in their hardware and, hence, in the drivers needed to support that hardware, the opposite is the case for laptops. Even within a particular model run you can find that hardware components will change. Across a typical enterprise you will usually find many differing models, all with different driver requirements. This didn't matter with a fixed operating system per machine, but as we move to treating the operating system as a standardized component across the business, we would not want to support all the hardware variants in that single image. Hence we need to abstract away the hardware variances. This is the other key role for the hypervisor - to abstract drivers out of the operating system so that we can standardize it.

In essence, the client hypervisor creates a well-defined boundary between the hardware and the operating system that allows us to hide hardware variations and easily replace the client operating system. Of course, that does not prevent us from running more than one operating system on the client.  In fact, some security vendors are planning to move some security capabilities out of the primary operating system into a self-contained and better-protected virtual machine on its own.