To say that the EUC Workspace is changing rapidly is an understatement. Client operating systems now update regularly, and the end point choices have never been wider with Apple and Microsoft ,thin clients retaining their fan base but an undeniable increase in systems utilising ChromeOS and even Linux.
Applications and endpoints update regularly with changes in architecture and function however the one exception to that rule for us is corporate applications. Customers can consume a vast amount of subscription based applications, SaaS apps and any number of modern and fast paced ways to get work done. However, there is always that little percentage of application estate which does not move so quickly and fails to keep up with change. Those applications are also typically ones that modern replacements are not available, suitable or customers just are not able to migrate away from them.
These applications also will cling onto their old system requirements meaning that they do not play nice or at all with what organisations need to use for supportability and new features that they understandably want to use.
This gray area is where Droplet Computing comes in.
Droplet Computing provides a neat answer to these issues in the form of user accessible containerisation while maintaining a high degree of enterprise ready capabilities too.
The premise of Droplet containers use virtualisation and emulation to createe the container. The software can then be run on Windows, Mac OSx, ChromeOS and Linux cover 99% of the end point use cases.
Droplet also provide guidance on using their solution within corporate environments covered Citrix Virtual Apps and Desktops, VMware Horizon View , AWS and Azure.
The droplet application has a small number of components to it these are:-
Droplet Installer – installer for the container framework
Licence File – no explanation needed ?
Container image(s) – disk files containing base OS and applications
Apps.json File – configuration file for the visible apps
Settings.json – Container settings including container sizing and network and drive access rules
Credentials File – encrypted administrative credentials file
The containers of the platform offer two flavours of supportability Modern and Legacy.
The Modern platform allows you to install applications that are compatible with Windows 7 while the Legacy container allows applications to run from a Windows XP type framework. Both container type are effectively locked down versions of the operating systems displaying the administrator configured applications only and a single shared document location.
Both platforms its worth noting utilise a dynamically expanding container which has a limit of 20GB’s so if you have a hefty application or a number of applications then this will need some consideration in how you provision these containers much the same way you might consider applications for layering technologies.
Client operating specs vary based upon the applications that you intend to containerise however the minimum recommended is to ensure the client has 1GB’s of RAM spare for very light programs, Notepad++ type applications and scale as necessary up to 8GB’s. For Windows 10 and Intel based devices HAXM can also be utilised to benefit from Intel VT/NX support.
Similarly, multiple CPU’s can be assigned to the container if required by default a single CPU is assigned however heavy legacy application containers can use more if needed.
Applications are installed in the container by placing the installer for the container within a shared folder that is created on the endpoint (C:\Users\%username%\AppData\Roaming\Droplet\Shared). When the container is running files placed in the endpoint will be replicated into container itself making it available for installation.
The container can be configured to either allow or deny access to network resources and contains a firewall type configuration which allows applications access to the bare minimum network resources in order to function correctly.
Additionally localhost drive access is limited to the secure shared folder allowing staff to move files in and out of the container using the same folder that administrators will use in order to move installation files into the container.
Containers can also be domain joined if required (not ideal but they can be) and options exist for using vpns or other connectivity tools as required.
Applications are presented to users in a very familiar format for anyone who has used any published application interface providing a simple click to launch interface. Once applications are installed they must be “published” in order for users to have access to them. Publishing an application requires you to enter the Name of the application the executable path a description and optionally an icon. These entries are then written to the apps.json file which can be exported and installed on the target endpoints.
Droplet is a great solution for full OS based endpoints with dedicated resources however options are also available for remoting infrastructures such as Citrix and VMware solutions as previously mentioned. When adding this solution to one of these environment types additional care and consideration must be given to sizing as you are effectively running a virtual machine within a virtual machine and the container plus installed applications will have their own requirements.
Consideration points for deploying Droplet should include but are not limited to:
- Target platform VDI/SBC
- Host OS type
- Additional CPU overhead
- Additional Memory Overhead
- Disk IOPS
- Container Storage requirements for x users (remember a single container for a single user)
- Source Container copy for new users
- Concurrency
- Network and disk access requirements
Installation automation is a little limited at present with the installer however if you are using MDT or SCCM etc you can use AutoIT to automate the installer and scripting the file movements or use Group Policy Preferences, however this obviously only covers a small subset of the use case as its more designed with disconnected non-windows devices and non-domain joined.
I would like to see a few extra features within the the product to make it a little more administrator friendly such as improvements to publishing applications, security enhancements, automated installation options however Droplet Computing are a great string to have in an organisations technology bow. It provides a level or portability and support to applications that would be challenging otherwise especially in an offline setting.
To find out more goto www.dropletcomputing.com
Author: Dale Scriven
