When we put a .NET application on Windows on Hyper-V (or a Java application on Linux on ESXi) we are actually virtualizing twice. Can we virtualize only once, by putting the CLR or the JVM directly on the VM Host? In this action of course we remove the operating system. Oracle is taking the lead in this area with JRockit VE JVM. There is no VMware support, the only hypervisor it supports is Xen, or more precisely Oracle VM. it only comes bundled only with an Application Server, namely Oracle WebLogic Suite Virtualization Option. The entire stack inside the virtual machine is in “User Mode” in other words the JVM and the drivers are all in the same memory address space and you don’t need to switch contexts into Kernel Mode in order to perform I/O or network access. Does VMware have a strategic initiative (or even a skunkworks) to engineer a similar bundle for its SpringSource runtimes? Or are they just concentrating on scaling out with as per the Google announcement?
Due to what I stated during GestaltIT’s TechFieldDay, I was invited with Bas Raayman and others to discuss Secure Multi-Tenancy (SMT) in more detail with Chuck Hollis at EMC World. In addition, during one of the Keynotes SMT was renamed from Secure Multi-Tenancy to Simple Multi-Tenancy. The current Cisco VMware Netapp solution is plainly not secure. During the TechFieldDay at Cisco, Cisco even claimed “we did not think about security” when designing the initial solution. Cisco is worried about Quality of Service, I.E. Bandwidth through out the system to the disk. Furthermore, their definition of ‘Tenant’ was quite a bit different than my own. So we should first start off by defining Tenant.
EMC announced VPLEX at EMC world however, it was hinted at during Getstalt IT’s Tech Field Day at least in its asynchronous mode. What does VPLEX do? What does it mean to the virtualization and cloud industries? These were the discussion within the Blogger’s lounge at EMC World.
• • 0 Comments
Just like a Telco, the ‘last mile’ of Virtualization is often the most difficult, I would say even more difficult than the initial phase of virtualization. What do I mean by the ‘last mile’?
The 5-10% of systems that you have LEFT to virtualize.
These systems are your most highly used, too X to virtualize, the most complex to migrate, dependent upon specific hardware, or travel around the world (such as laptops and other hand held devices). These issues are also highly political as well.
Many of us have to demo virtualization technologies to our customers and colleagues, run classes, develop code for virtualization, or just play around. For many of these cases, a cloud based virtual environment may be fine. However, what do you do when the network connection to the cloud is flaky at best? You have to rely upon your local system to do the job for you. Some solve this problem by having a ready slide deck, others solve this problem by using a fairly high end laptop, and still others tether their laptops to their phones and other cell phone cards. Which method is best?
I have always found local access to my laptop has always been the better way to run demos, classes, and presentations for my customers, colleagues, and friends. As I write software for and books about virtualized environments I almost always need access to various virtualization systems. Where I can I use network connections as going back to the office lab is in most cases much faster than local, but when I have to run things local due to telecommunication issues a high end laptop is a requirement. But which one?
“What do you wish to monitor?”, is often my response when someone states they need to monitor the virtual environment. Monitoring however becomes much more of an issue when you enter the cloud. Some of my friends have businesses that use the cloud, specifically private IaaS clouds, but what should the cloud provider monitor and what should the tenant monitor has been a struggle and a debate when dealing with them.
We all know that ESXi is the future for VMware are regards their Hypervisor strategy, however most of you are more that aware of my dislike of the current interation. Now that I have got that off my chest, what has prompted this latest outburst?
• • 0 Comments
I recently spoke at the InfoSec World 2010 Summit on Virtualization and Cloud Security and also attended the main conference sitting in on many Virtualization discussions. Perhaps it was the crowd, which was roughly 30-40% auditors. Perhaps it was the timing as SourceBoston was also going on, as well as CloudExpo in NY. But I was surprised to find that people are still ‘just starting’ to think about Virtualization Security. Since I think about this subject nearly every day, this was disappointing to me at best. I found ideas around virtualization security ranging from:
* Virtualization Security is not part of an architecture/design, what do I bolt on?
* My Physical Security will work
* Virtual Environments NEED More security than physical environments
* There are no new threats, so why have something more
* Security is a hindrance
During the last Virtualization Security Podcast, our guest had to postpone so we discussed to several interesting topics all related to Digital Forensics and how encryption would best work within the virtual environment. Our very own Michael Berman, in a previous life was a forensic investigator and had some great insights into the problem of digital forensic within the virtual environment.
Join my Circle on Google+
Plugin by Social Author Bio