My colleague Mark Van Noy has a ton of experience in the realm of application virtualization as is evidenced in this recent article on our site where he provided an overview of different application streaming technologies and the major players in the application virtualization game. Knowing this, and having Mark show us what’s on the shelf as far as application virtualization solutions are concerned, I asked Mark to “give us a taste” of one of these solutions, and Mark chose the one he’s had the most hands-on experience with: Microsoft Application Virtualization (App-V). But before I turn the mic over to Mark, who says his walkthrough isn’t really a full tutorial but is intended mainly to make things a little easier for people who might want to try out the technologies, let me introduce him again by saying that Mark is a technical lead/architect at the University of Colorado Boulder in the Greater Denver Area. As an information technology generalist, Mark thrives on architecting new tools and services in ways that allow his customers to realize gains in efficiency, productivity, and cost savings while ensuring that IT remains a division that provides a competitive advantage. For more information about him, you can find him on LinkedIn. The floor now belongs to Mark.
Taking a close look at App-V
Microsoft’s App-V, formerly Softricity’s Softgrid before Microsoft’s acquisition in 2006, is one of the better-known application virtualization solutions that containerize applications. Our organization certainly felt it was a reasonably mature solution when we first adopted Softgrid as our application streaming solution in 2005. With more than 14 years to evolve, what can App-V do and should companies be using the technology today?
Pros of using App-V
One of the more compelling features of App-V is that it containerizes applications, thereby isolating them from both other applications and the operating system itself. This can be extremely useful for application versioning. The Python scripting language is a good example of an application that often has many versions with specific versions required by specific additional applications. Rather than trying to install multiple versions of Python and keep the various versions from conflicting — as well as managing their paths so the reliant applications do not experience conflicts — App-V can containerize applications with the version of Python they need. Thus, applications requiring different versions of Python can run side by side on the same computer without any conflicts since they all have the native environment they required wrapped up with them inside their container.
App-V is also unique in how it streams applications to endpoint computers. When an application is packaged — sequencing in App-V parlance — an analysis of the application’s startup requirements is automatically performed as part of the process. App-V then uses that information to allow only the portions of the software that are required for the application to launch to be streamed to clients for the initial launch. Then the remaining portions of the software stream down to the client in the background. This allows for a much faster initial launch in most cases than application streaming technologies that require a full download of the application before the application can begin loading.
With the release of Windows 10, the App-V client is built into the operating system for Windows 10 Enterprise and Education, so it no longer requires the purchase of the Microsoft Desktop Optimization Pack to use. However, the App-V client needs to be enabled despite being built-in. Simply setting the Microsoft App-V Client service to start automatically will not properly enable the App-V built-in client. The client must be enabled by either running the PowerShell cmdlet Enable-AppV from a PowerShell prompt then rebooting or setting a GPO for Computer Configuration>Policies>Administrative Templates>System>App-V>Enable App-V Client and set it to Enabled.
The App-V sequencer is part of the freely downloaded Windows 10 Windows Assessment and Deployment Kit (ADK). This high availability makes it easy for anyone to try out sequencing applications on Windows 10. Installing the sequencer into a Hyper-V environment makes it very easy to leverage snapshots to create a highly consistent sequencing environment. Since a reasonable number of application compatibility issues crop up during the sequencing process, using the ADK to test application compatibility can be an easy way to evaluate the technology. Note, however, that there has been an issue with the sequencer since the 1703 version of the ADK that prevents the sequencer monitor service from starting if Secure Boot is enabled, even in virtual machines. This potential problem has been confirmed to exist in the 1903 version of the ADK.
Application compatibility is good for applications that are not larger than 2GB to install. For the 10 years that our organization leveraged App-V, we managed to successfully sequence just over 70 unique applications. That number included some applications that required contacting a license server on launch. We were also successful in layering some applications with dependent middleware into separate App-V containers so that the middleware could be updated without having to update the application that depended on it. There were enough applications that were sequenced that imaging time was measurably reduced by removing applications from master images and network utilization was similarly reduced.
Through the use of PowerShell cmdlets, applications can be fully pre-cached to systems. This is a very useful feature in situations in which an application is known to be used regularly. By pre-caching an application, it performs like a local install while the pre-cache operation can occur during off-hours to prevent end-user disruptions.
Cons of using App-V
The App-V streaming server still requires MDOP to obtain. Additionally, the server component has not been updated since 2015 and the sequencer has not been updated since Windows 10 version 1607 in 2016. It appears that App-V has not had any updates in more than three years to any of its components. Such little attention to the product gives the impression that Microsoft is not highly committed to the technology.
The App-V streaming server can only provision applications based on user groups. For scenarios where applications should follow a user around from Windows computer to Windows computer, this functionality is all that is needed. For situations where an application should be tied to a specific computer — for educational computer labs with multiple users, for example — the streaming server is a poor fit at best. SCCM does have native support for App-V and it supports deploying applications by computer collection as well as the streaming functionality. If an IT organization is already using SCCM, then this may not be a con.
Unfortunately, application compatibility has stagnated. Application compatibility has never been great with App-V. The compatibility was improving with each release, but the releases have slowed considerably. App-V still does not support sequencing drivers and only conditionally sequences services. Also, large applications that exceed 2GB in size can be expected to fail to sequence. Some large and complicated applications such as ArcGIS, AutoCAD, and Solidworks cannot be sequenced to the best of my knowledge. At least, we never successfully sequenced them.
App-V containers do a great job of preventing conflicts while making other management tools work much harder to manage those applications. The Registry is virtualized so making Registry edits to do things like change a license server can be difficult to impossible. The file system is also virtualized preventing copying files in or out of the container. All containerized technologies suffer from these types of difficulties to some extent. However, some vendors have richer tools for tweaking how containerized an application remains. Communication between containers can be very useful for things such as shared middleware or plugins so that multiple pieces of software do not have to be repeatedly wrapped in application containers. Moving from a monolithic gold image to quasi-monolithic containerized applications is an improvement while remaining far from where application virtualization promises to someday be.
MSIX and the future of App-V
Microsoft has stated in various documents and blogs that App-V is a core technology in the MSIX software delivery platform that is slated to replace the legacy MSI platform. It is currently a bit vague how App-V fits into the MSIX platform. However, after limited testing with Microsoft’s preview environment, it seems like the MSIX packager may be using some part of the App-V sequencer. My test of 7-Zip indicated that the MSIX packager had the same problem capturing the install of the software as I had previously seen with App-V: the File Explorer looks for 7-Zip when a file was right-clicked did not get captured breaking the functionality. If MSIX is building on the App-V technology then it will likely share the application compatibility challenges of repackaging that App-V suffers from.
If Microsoft completely rolls App-V into MSIX then the technology has a different challenge: deployment. Currently, MSIX applications require Microsoft Store functionality. Even if an application is signed and locally copied to the target computer, a message will pop up to the end-user informing them that sideloading must be enabled to install the application. Sideloading is marked as a developer option and when it is turned on it pops up a warning about how side loading potentially allows harmful software to be installed. Managing sideloading is easy enough to do through Group Policy for managed computers. For BYOD systems sideloading will likely prove more problematic as we have been teaching users to choose not to continue when they see a warning about potentially harmful software. I also suspect that MSIX will require a full copy of the software to be present before it can install and launch, but nothing is keeping Microsoft from adapting their technology to do more than they have announced.
With the unenthusiastic reception the Microsoft Store has received to date, MSIX’s future does not look promising. Third-party vendors are unlikely to natively package their applications to customers in a way that will require customers to turn on developer mode side loading. As the system currently stands it is a poor customer experience. Therefore, it seems reasonable to expect vendors to continue distributing their software in the setup.exe format. Thus, if Microsoft rolls all App-V functionality and support into MSIX and the MSIX method of software distribution fails to gain traction, then MSIX could drag App-V into obscurity with it.
Featured image: Shutterstock / TechGenix photo illustration