For quite a while, virtual appliances have been one of the hottest server virtualization themes. The idea is to package an application as a pre-built, pre-configured and ready-to-run virtual machine. Virtual appliances provide important benefits:
· An ISV can pick and custom-configure the OS, which becomes merely a library, much like QT, STL or MFC. There is only one platform to develop and test for, and the configuration is always known.
· Zero installation and zero configuration – just copy down the image and run it. Plus you get all the manageability benefits of virtual machines – migration, backup/restore, HA, etc.
However, there is a price to pay for having an entire OS embedded into each appliance.
· OS sprawl – every application now comes with its own OS instance that needs to be maintained and updated. I’ve already written about it here and here.
· Size – each appliance image contains an entire OS and a swap partition/file for it – at least 1GB, even of the OS instance is highly customized and stripped down. It takes a non-trivial time to send such image over network. It also takes a non-trivial amount of storage to keep a library of such images.
Images are large because the OS inside the appliance, however customized and stripped down, is still responsible for the bulk of the image size. Compared to the OS, application is much smaller and much less complex. Remember the old joke?
A man is walking down the street with two large suitcases. Someone asks him what the time is. The man puts down his luggage, looks at his watch and tells the exact time, temperature, air pressure, weather forecast for next week and closures of the local roads for next month. “Wow, nice watch” – “indeed”, says the man, looking at the suitcases, “but these batteries are killing me.”
Only in this case a proper analogy for the OS would be a pick-up truck, not two suitcases.
· Desktop – Windows cannot be distributed with an application, which means that desktop appliances, which in my opinion may have even greater potential than server ones, are out – at least for now.
· Updates – since the OS inside the appliance is probably customized, standard update and patch management software won’t work. This means that each ISV now needs to become a service provider just to distribute the updates for the applications. Administrators, in turn, will have to deal multiple service providers just to get the applications updated.
· Security – typically, enterprise IT tightly controls which OSes are allowed and how locked-down they are. With virtual appliances, they lose this control and have to completely trust the appliance vendor to take all the necessary security measures.
To be fair, virtual appliances are a great idea and these problems are not at all insurmountable. Virtuozzo already solves most of them, and we know how to solve them in the Parallels products line, too. It’s only a matter of time and resourcesJ