One of the cooler features of Citrix App Layering is Layered Images. My focus in this blog post is to describe Layered Images: what they are, how they are created, and WHY they are important to your environment.
It’s important to understand that our layering is not just an “app-layering” product, but really is a Windows Operating System and application management solution. The underlying technology, called layering, enables all components of a virtual machine to be independently assigned, patched, and updated. This includes the Windows OS and all applications. By individually managing both the OS and applications, we have the ability not only to connect applications to a user or machine from a shared layer, we also have the ability to BUILD IMAGES based on these layers. This becomes a true image management (or image content management) system that allows for the layering (packaging) of complex applications (such as boot time dependencies or drivers) such as the VDA, single sign-on tools, anti-virus, etc.
Now, of course, application layers can still be “attached” to the virtual machine, but it’s important to understand that we offer two ways to deploy these layers:
- Layered Images: Application layers can be combined with an OS Layer, in a process called image publishing. These generated images are pushed to existing provisioning systems (such as Citrix Provisioning Services, Citrix Machine Creation Services, or VMware View Composer).
- Elastic Layers: Application layers can also be attached to a VM, in a more classical App Layering model, at user login based on their AD group membership and app layer assignments. These app layers can also be attached to the machine based on machine assignments.
With that out of the way, let’s focus on the Layered Images. A Layered Image is a collection of layers compiled into a single virtual disk. This layering model allows us to solve three common IT problems: Image Sprawl, Boot Time App Support, and Cross Platform Management.
It’s common to find environments with 5, 10, 20 or even more “Gold Images.” These could be PVS vDisks or traditional gold images for tools like MCS or View Composer. This requires IT to patch common components (Windows, Agents, AV, Office, etc) every time an app or OS update is required — and for EACH image, adding time and complexity in their environment.
Layered Images allows the IT admin to manage a single copy of any App or OS Layer—solving the management pain (and saving time), while still serving their users’ diverse app requirements.
Using the example above, we have three different Citrix Delivery Groups — a small number, I know, but simplified for this example. All three delivery groups are using Windows Server 2016, and of course have some app overlap between some of the images. This is the essence of the problem with image sprawl.
In a Layered Image model, only a single copy of the OS, apps and agents are maintained and patched. Using the OS as an example: This OS Layer is updated one time, regardless of the number of images it is used in, and is then combined with the required App Layers for the different delivery groups. The admin will create logical templates, selecting the OS and App layers as required, then select the provisioning mechanism that will host the image.
The image is output from the App Layering appliance as a single virtual disk file that contains all selected layers. That virtual disk is automatically copied to the target provisioning system (with PVS, that is the PVS Store) where it can then be applied to individual devices or collections. This reduces the Citrix admin’s workload, as the OS and applications only have to be updated once across the environment, versus once for every image and configuration they are supporting.
Supporting Boot Dependent or Pre-Logon Required Apps
Many application delivery tools for virtual environments simply ignore “boot time” apps. Things like agents or anti-virus are often just “baked into” the images. Of course, on top of these applications that most vendors can’t support, numerous other apps (even as common as Microsoft Office) are often “baked into” the images because they are hard to virtualize or need to communicate with other apps being used. This is another benefit of Layered Images.
When a Layered Image is published to a provisioning system, Enterprise Layer Manager (the console for creating and updating layers) will create a single virtual disk containing all layers assigned to that image. This is done by simply creating a new virtual disk and “playing” the contents of the assigned layers into the target image. The results of this process are a native, bootable, single volume virtual disk containing all the apps that were assigned. Below is a simplified version of the image creation process:
- Create the virtual disk for the target image
- Connect that disk to the Layer Manager
- Format the target virtual disk
- Copy OS files and registry into the target disk
- Iterate through layers copying files and registry (in priority order)
- Disconnect virtual disk and copy Layered Image to target to location
During this process, the Layer Manager virtual appliance attaches to the target virtual disk, formats it, and then copies the required files from the Windows and App Layers to the disk. It also copies the base registry from the Windows OS Layer and reads the changes to the registry from each App Layer into the composite registry on the Layered Image.
The iteration through the layers for both files and registry entries is done in layer priority order, from the lowest priority to the highest. Once the Layer Manger has copied the files and registry settings needed, the virtual disk is detached from the appliance and copied to the target location, based on the settings the administrator has configured for the target platform.
The result is that any app layer assigned to the image is now running natively. There is a single volume C: drive containing the correct file system and registry as if the admin had hand-built a gold image with the chosen OS and App Layers. Agents like the Citrix VDA, anti-virus software, single sign-on tools and more are all supported in this model. Services, drivers, low-level devices will function as excepted. This gives the IT staff a single tool to deploy and maintain any application.
Cross Platform Management
In our current world, Cloud is no longer just a catch phrase. Organizations are moving DR environments, test systems and even active production workloads into cloud environments. On-prem solutions now involve a mix of hypervisors, including vSphere, XenServer, Hyper-V and Nutanix’s AHV. The IT problems that arise from this various mix of platforms are many. But in the EUC world IT admins know that each platform means a new image, with a reinstall of the applications, additional testing and additional man hours. Running a hybrid environment is complex!
Layered Images can help here. Because the layering system supports drivers and services and the management appliance can generate the image containing these drivers, the admin can now maintain just one copy of any given OS or app layer, regardless of the target environment (hypervisor or cloud) that they want to manage. The same OS and apps you are using on-prem today can be pushed into the cloud or to another hypervisor tomorrow. No image rebuilding or app repackaging.
This allows IT the flexibility to pick the right hypervisor or cloud provider for that application workload. No longer is there the overhead of maintaining multiple images and application packages across different environments. In addition, leveraging layering TODAY even for an on-prem single hypervisor environment, readies your applications for a move to the cloud when you are ready. No re-training of the IT staff or additional management tools!
Wrapping it up!
Layered Images allow you a ton of flexibility for the future, while still giving you an immediate savings in management time today. The ability to support applications that need to function from boot (or even pre-login) gives IT shops a single tool from which to patch and update the OS and applications. This consistency in packaging, regardless of the type of application or target environment, is truly something every environment should strive for.
If you would like to give Citrix App Layering a try, you can request a trial right from Citrix Cloud. Create a Citrix Cloud account (there’s no cost) and then select Citrix App Layering from the menu to access your 60-day free trial. The Citrix App Layering service includes full feature functionality and eligible customers with active Customer Success Services Select can use this service for production roll out.