Awingu: Simpler Citrix alternative

hughrr 2021-08-19 07:15:28 +0000 UTC [ - ]

Complexity and price are not the problems with Citrix or any VDI solution.

The whole concept doesn’t work. I have spent years and years dealing with miserable staff who have to sit on the end of a mucked up, crawling semi paralysed Citrix deployment because someone ticked a corporate IT box and got a pat on the back of it. They literally have their potential productivity halved on a good day. Not to mention the pain of trying to get some desktop software I’ve pushed out to standard windows machines fine working with some fucked up implementation of partial profile redirection that some MSP thought was a fantastic idea.

Really 99% of Citrix and terminal installs I see these days are box ticking and a false promise of cost savings through density and centralisation.

The end story is an end user trying to use a LOB app in chrome with about 200Mb of RAM at their disposal with the CPU and IO rammed at 100% while the MSP who sold them this pile sells them the lie that it’s the LOB vendor who’s at fault.

Edit: AWS Workspaces is just as bad. It’s like working with oven gloves on after a heavy night drinking.

imagine99 2021-08-19 15:38:58 +0000 UTC [ - ]

I would argue that price and complexity are exactly what caused the other issues you mentioned. Add the ridiculously glossy, pie-in-the-sky marketing mumbo-jumbo that gets sold to execs and combine it with the fact that it us literally impossible to simply click to download it and spin up a lab of VDI setups (Citrix and other major players, even VMware's latest versions) to tweak and study them extensively 9is what leads to rollouts under pressure that too often go horribly wrong.

Microsoft offers free 180-day versions of Windows Enterprise foe download at the click of a button that you can test and destroy or even use for a very realistic PoC. Why can't other companies offer that?

rcarmo 2021-08-19 07:32:56 +0000 UTC [ - ]

All the HTML5/canvas clients are pretty much stopgaps for light use. Only a native client will give you a decent experience, since ICA/RDP etc. needs proper hardware access to accelerate rendering, and a canvas in Chrome just isn’t it.

imagine99 2021-08-19 15:45:12 +0000 UTC [ - ]

I know you are correct but I don't really see why it's gotta (continue to) be like that. If legacy protocols like RDP and PCoIP aren't up to a modern, multi-4k-monitor workstation environment, this field is ripe for disruption. Endpoints with surprisingly small footprints can stream multiple 4k videos and support cloud gaming... a potential sourxe for ideas? I would think that there is a lot more potential that even newer protocols such as Blast Extreme are only beginning to scratch...

hughrr 2021-08-19 07:40:06 +0000 UTC [ - ]

yep agree. But why deploy LOB SaaS browser applications on Citrix? It doesn’t add up.

rcarmo 2021-08-19 07:42:51 +0000 UTC [ - ]

It’s typically about control and auditing. You can record entire sessions, for instance, and limit the ability to scrape sensitive customer data. The list goes on and on if you have a security mindset.

hughrr 2021-08-19 07:51:33 +0000 UTC [ - ]

I’ve seen that promoted but never implemented or used successfully.

As for data exfiltration I’ve worked in the defence sector in IT which has pretty stringent security controls in place. At the same time it’s very easy to do without much effort.

The key thing with this technology is box ticking to say you have a policy in place and to avoid liability, not to solve the problem effectively. This is only done through picking ethical, rigorous and professional staff. But that doesn’t scale because they are the 1% which is the real problem. So back to liability box ticking.

e12e 2021-08-19 11:33:20 +0000 UTC [ - ]

I remember Sun Sunray working fine back in the day - I don't think the thin client concept / remote desktop concept is inherently flawed?

https://en.m.wikipedia.org/wiki/Sun_Ray

hughrr 2021-08-19 11:36:06 +0000 UTC [ - ]

Oh god no those were horrible if you put one next to windows 2000 and had to pick.

e12e 2021-08-19 15:09:54 +0000 UTC [ - ]

Really? For which use-cases would you be able to pick and choose? Running *nix software under w2k would mean cygwin and some kind of commercial x-server or something along those lines? Maybe the commercial ssh.com ssh client?

jordanbeiber 2021-08-19 07:42:42 +0000 UTC [ - ]

This is not completely true - I’ve implemented and maintained remote setups that have worked brilliant. It’s about using it as a tool where that tool fits.

One successful example is a support call-center with 2000 users. The specific role used about 30 apps and they were all packaged and maintained by my team. Using a ci/cd fashion to build os image and apps we could roll out updates to base image and sandboxed applications completely seamless to these users.

(Side note: We built an automation that synced the two latest versions of all applications to a locally attached SSD drive on all hosts - app startup was near instant for all users which was fantastic at this point in time)

Running the clients inside the datacenter brought the latency to a minimum which greatly improved the performance of specific business critical apps.

Managing all parts pertaining to logon properly had the users ready to take calls in 10-15 seconds - a great improvement compared to the previous distributed client/server setup.

- Reducing latency between application and backend was a major win. Greatly appreciated by users as we saw massive reduction in latency for specific operations (crappy apps).

- Being able to integrate with the ip-telephony call-center software required a windows workstation environment hence the choice of “VDI”

- No noticeable os and app updates EVER was greatly appreciated by the users. Even when moving from XP to 7 at one point.

- Our ability to roll out massive OS and app updates at will to pilot groups who can roll back with a logoff/login was greatly appreciated by the team

Granted, this was 10 years ago and my opinion was always that these business applications should be rewritten - BUT I have yet to see a better managed and performing windows client & app delivery.

Citix provisioning services (PVS) coupled with app-v/app streaming was an incredibly progressive way of delivering windows workspaces.

During my time at citrix I often raised the fact that PVS for linux coupled with docker was an amazing setup - never got any traction on this though… everyone was way too focused on windows delivery.

hughrr 2021-08-19 08:07:38 +0000 UTC [ - ]

Did anyone sit with the users for a few days?

I hear the same success stories from the MSPs while simultaneously their users are crying into their coffee on a daily basis. In fact “sorry our systems are slow today” is a normal catchphrase these days.

Only high performance call centre outcome I’ve seen in recent years is run by Indian scammers.

OrvalWintermute 2021-08-19 12:48:03 +0000 UTC [ - ]

I sat with users on our own setup as a technology demonstration, used the system as my primary desktop only for several months, and I have used other setups where I needed high security (mil/gov) paired with high degrees of access using crypto authN from another CTO.

Our technology demonstration operated beautifully but in the end we decided not to go with it because (1) we needed to rearchitect our SMB storage to centralize it, so there were no round trips or long distance SMB (2) Our network performance could be inconsistent at times due to jitter, which was not a problem with the solution, but the underlying network performance as specified, vs as-built, for some recent WAN enhancements.

A colleague at another location built a solution that I utilized as a desktop for sometime. Despite being ~1400 miles away and over our Center to Center network, performance was comparable to my engineering workstation, was always patched, excellent graphics performance, and was highly accessible provided strong authN.

There were some substantial differences in both of these:

(1) No oversubscription

(2) Fully capable of handling bootstorms

(3) Dedicated hardware / high performance VDIs

(4) Not viewed as a cost avoidance but as an access enhancer

(5) Optimized for expensive engineers / scientists where labor rates are the overwhelming cost, so 5 minutes of extra productivity more than pays for a solution.

jordanbeiber 2021-08-19 09:08:18 +0000 UTC [ - ]

The users were working claims in the insurance industry. They used a lot of really specific, custom built software that all were integrated with each other as well as to ip-telephony system, mainframes and office suites (MS and Domino).

These integrations was built at HQ, ”works on my laptop style”, but at a branch office 1000km away… no fun at all!

An unholy mess that would take many years and a couple of $100.000.000 to untangle.

I had weekly “continual improvement meetings” with the power/super users, one or two from each branch office. The whole team spent a lot of time at the local branch offices dog fooding the service and talking to the users.

I used the service as my only workplace for three years in a development & ops role.

The success factor here was that we built a solution for a specific set of users that we continuously improved. I’m talking “make something slightly better today than it was yesterday - every day” type of mindset.

We started out with a PoC by brokering sessions to physical machines located in the datacenters. First users was the assigned "super-users". They were assigned due to being the most demanding and loud user base.

After a few week they _demanded_ that every user should get the same setup - we interpreted this as a successful PoC and went on to explore options.

At this time neither Citrix or vmware had a concept called VDI and we started out using pre-release code from vmware.

First prod version was using vmware but we only gained performance, which ofc was a win, but we still needed to manage all the vm's through standard automations (os patches, asset and inventory, application repackaging and roll-outs)

When Citrix bought ardence to get PvS it was a no-brainer - ICA protocol, PvS and app-v streaming was a great combo to rapidly deliver a high performing workplace. BUT - you need automations and reliable network links, both of which we could provide.

We had dedicated hypervisor hosts with the fastest local storage available. You should NEVER user SAN/NAS or other centralized storage systems for these workloads IMO.

Also, monitor the performance closely! Caching all application to host local SSD really took care of a lot of the potential perf issues we saw early on.

Depending on user role they could get dedicated hardware as well, but this was only for a select few users.

It was set up as a specific service delivery and my team was dedicated to improving and supporting the users.

One of the most rewarding projects I've been involved in, mainly due to the really close collaboration with end-users.

jordanbeiber 2021-08-19 09:49:24 +0000 UTC [ - ]

How we migrated to thin clients was also a fun project.

First batch of users used a windows client on their pc. When we after some time commited to the solution we built a really tight linux os image with only the citrix client that we pxe booted the PC’s with.

This allowed us a fallback in case of emegergency by simply rebooting a user.

This was a fun project in and of itself!

As we grew confident together with the users we started to phase in thin client instead of buying new PC’s - all in all we ended up with a really cost efficent and high performing setup.

We started to move the central infra from “hyperconverged” to commodity 2u servers with local solid state disks which really made it easy and cheap for us to scale.

It also made the whole service more reliable compared the integrated blade and storage solutions we were ushered in to at first.

imagine99 2021-08-19 15:30:31 +0000 UTC [ - ]

Looks potentially interesting and I might check it out. At first glance, a few caveats and potential deal breakers occurred to me from a non-technical perspective:

- the 14-day trial (PoC'ing something like this in anything less than 8 weeks is just not something that happens in my experience, especially if upper management is involved and you still need to build the infrastructure around it)

- lack of lab licenses for free or cheap (I'd want to put that through its paces myself for a significant amount of time and dogfood it before recommending this to clients or moving over a large org)

- seeing 20 or 50 licenses min. purchase requirement is particularly disappointing when positioning yourself as a Citrix alternative. There is a ton of small outfits in niche industries out there with a requirement of 5 to 15 seats who might jump at this if it performs well.

- lack of attractive education and non-profit pricing which, again, might be a particularly thankful and interested target audience.

VDI is awesome, flexible and efficient if it performs well and is done right. Unfortunately in practice too often neither is the case. However the concept's potential still has a future if it sees further improvement and innovation. Cloud gaming, among others, shows that algorithms and tech stacks exist that can make this happen.

tyingq 2021-08-19 04:36:17 +0000 UTC [ - ]

I understand why things like Citrix and Awingu need to exist, but I hate using them. Applications just don't work well with that much latency between the keyboard and the display.

Unfortunately, once a company has something like this, they use it like a crutch to solve problems that are better solved the right way.

I saw a setup where people were forced to develop software over Citrix because of some mumble/security/mumble reason. Meaning everything via Citrix: IDE, browsers, test tools, terminal session, and so on. The productivity was atrocious.

xyzelement 2021-08-19 04:40:36 +0000 UTC [ - ]

I am with you but have to see the other side as well.

I am SUPER sensitive to latency. When things are slow, it just feels broken to me.

But, I worked at a really successful company where everything happened in an Amazon Workspace and despite the annoyances, the place was productive and in particular, transitioned seamlessly to WFH with Covid. Seen a lot of other places like that.

So yeah it's annoying but you can't just look at the cons without the pros.

osigurdson 2021-08-19 05:47:00 +0000 UTC [ - ]

I've used Citrix every day since the pandemic started. I don't see any issue with it at all really on Windows using standard HD resolution (two monitors).

It is quite a different story on my 5K iMac however. The latency of that setup is too much for me.

tyingq 2021-08-19 05:52:33 +0000 UTC [ - ]

I'm not surprised it works well for some. But, there are lots of variables around distance, client hardware, home user bandwidth, etc. I imagine it's a pretty rare setup to have most users happy.

rcarmo 2021-08-19 07:31:20 +0000 UTC [ - ]

It all depends on connection and encode/decode speed. I have been working atop Windows Virtual Desktop (RDP based) for the past two years and it works beautifully on a 3-monitor setup (5K iMac plus dual 4K external monitors).

I do have a fiber connection, but the entire setup is good enough to have Teams calls over redirected devices (video is laggy, but voice works OK).

rcarmo 2021-08-19 07:37:13 +0000 UTC [ - ]

Well, I’m a small sample size, but I actually prefer to RDP over to a development workstation and not have my own CPU clogged with builds.

Then again, I do have a fast connection, and have long learned to tweak some things that make a massive difference (you don’t need 32bit color to code, for instance).

It’s a tool. Like all tools, it can be misused if you just use it to beat down nails without some forethought…

senectus1 2021-08-19 04:58:17 +0000 UTC [ - ]

yeah, WFH and closeness to data means citrix is a necessary evil. But yeah i work as hard as i can to try and find ways to NOT use citrix.

aitchnyu 2021-08-19 09:14:43 +0000 UTC [ - ]

My wish would be crisper text. The compression doesnt look optimised for text. And the latency between US and India is too high, IT should be able to launch machines close to users in a single click. Github codespaces should have more than 4 zones.

silisili 2021-08-19 05:42:23 +0000 UTC [ - ]

I feel like it should be better titled(on the site) as a Citrix Workspace alternative.

They are a pretty big company with a wide portfolio.

Or is Workspace all they are known for anymore?

mgiampapa 2021-08-19 07:23:13 +0000 UTC [ - ]

From and enterprise perspective Citrix is very inexpensive compared to most other VDI platforms. It's not that hard to maintain and keep a farm running well if you limit your application deployment to me office and run your weird stuff on small app specific farms.

imagine99 2021-08-19 15:50:42 +0000 UTC [ - ]

Can I ask what other platforms you have in mind that have feature parity with Citrix (more or less) but have even less attractive price points or are more convoluted to set up? I mean there are only like three or four major players in this field that I can think of and at least two of them are definitely easier and cheaper than Citrix (for VMware it is also true if you already have a vSphere infrastructure anyway)...

jordanbeiber 2021-08-19 05:16:59 +0000 UTC [ - ]

Fun fact: the Citrix remote desktop product, whatever it’s called these days, was initially a unix product.

I seem to remember the company was called a more unixy “Citus” early on.

Spent a few years working there with customers using it on solaris and eventually linux as well.

ksm 2021-08-19 07:04:47 +0000 UTC [ - ]

Not really, it was to bring Unix style multi-user remote terminal capability to DOS / OS/2 world.

Here's an interesting article on installing v1 of their product (on the same site there's follow-up articles on v2 of the Multiuser) - which builds on very early MS version of OS/2: https://virtuallyfun.com/wordpress/2017/11/17/installing-usi...

jordanbeiber 2021-08-19 07:46:38 +0000 UTC [ - ]

What I meant is that the backend - i.e the workspace/terminal delivered was a unix one with a client for OS/2.

I helped manage many solaris servers running citrix metaframe at one point, many years ago.

silisili 2021-08-19 05:37:09 +0000 UTC [ - ]

Close, it was actually shortly called Citrus, due to its Florida roots I presume. They renamed to Citrix using citrus + unix.

jordanbeiber 2021-08-19 07:50:36 +0000 UTC [ - ]

Typoed the “r”!

I remembered almost correctly then - something about it having unix roots. :)

anonisimportant 2021-08-19 05:34:09 +0000 UTC [ - ]

I remember using NX NoMachine way back in the day in a Linux lab and thinking about how that could replace a lot of what Citrix did back in the day.

NX never really took off and is now somewhat obscure. I rarely see it mentioned anywhere!

lost_soul 2021-08-19 04:46:13 +0000 UTC [ - ]

The best use I have seen for Citrix et al is in environments where multiple users will use the same computer during the day. Especially useful with RFid authentication.

2021-08-19 04:40:36 +0000 UTC [ - ]