As of Service Pack 1, SUSE Linux Enterprise Server 11 (SLES) supports KVM for SUSE guests. This post follows on from our previous post regarding the demise of Xen in Red Hat Enterprise Linux, and perhaps suggests the beginning of the end for Xen-based virtualization in Linux, but the story is far from clear. A complex set of agreements with Microsoft mean that Novell is bound to preferentially support Windows guests, and it may be a while before KVM support is adequate, although Novell has a project called Alacrity to help get it there. In the meanwhile Novell may get split up into pieces by a private equity house and SLES find itself a new owner.
• • 0 Comments
During the Virtualization Security Podcast on 5/13, IBM’s David Abercrombie joined us to discuss IBM’s Virtualization Security Protection for VMware (VSP) which contains several exciting uses of the VMsafe API for VMware vSphere. These being:
* Network: Network Monitoring, Firewall, Access Control, and a Protocol Analysis Module
* Memory: Rootkit Detection
Welcome to our list of of top virtualization and cloud security links, references, conversations, etc. This is an aggregation of links that a beginner and experienced administrator will find helpful for both virtualization and cloud security. Books Refer to the Security tab of the Virtualization Bookshelf. Articles – Whitepapers/Presentations Secure Hybrid Cloud Reference Architecture produced…
• • 10 Comments
The CMDB’s that were designed and architected for static physical systems appear to be unwieldy, too difficult to keep up to date, and not real-time enough to make the transition into the virtualized and cloud based world. Virtualized environment change too fast for existing CMDB’s to keep up, and the notion of keeping a CMDB up to date as assets are moved into and out of public clouds seems hopelessly beyond the intended original use case of a CMDB. A new category of datastore is needed that will address the needs of virtualized and cloud based environments, while incorporating performance information with configuration information.
The panel of the Virtualization Security Podcast on 5/27/2010 was joined by an attorney specializing in the Internet space. David Snead spoke at InfoSec and made it clear that there was more to secure multi-tenancy than one would imagine. The first question was “how would you define tenant?” which I believe is core to the discussion of SMT as without definitions we have no method of communicating. Before we get to David’s response, we should realize that nearly every one has their own definition of Tenant for a multi-tenant solution.
PhD Virtual has gained its second round of funding with investment from Citrix amongst others as discussed within our post News: esXpress is no more but what does this mean for XenServer? Up until this point it looked like Citrix was out of the server hypervisor wars and backing Microsoft’s Hyper-V play. Yet this looks on the surface like a basic shift to that direction. Yes, XenServer was placed into the OpenSource community and the latest improvements, such as the Open VSwitch integration and a new releases emphatically say that XenServer is alive and well and that its ecosystem is growing for that matter so is Hyper-V’s.
Citrix Xenclient enters the bare metal hypervisor for desktops devices market and challenges the incumbents – Neocleus and VirtualComputer. As a solution to reducing management costs and improving the user experience such a funtion is undoubtedly a contender to change the way you think about your PC lifecycle management.
Cloud Performance Management needs to evolve and allow cloud vendors to provide their customers a customer specific Infrastructure Response Time metric. This in conjunction with cloud aware Applications Performance Management solutions is needed in order for customers to feel comfortable putting business critical applications in the cloud.
When we put a .NET application on Windows on Hyper-V (or a Java application on Linux on ESXi) we are actually virtualizing twice. Can we virtualize only once, by putting the CLR or the JVM directly on the VM Host? In this action of course we remove the operating system. Oracle is taking the lead in this area with JRockit VE JVM. There is no VMware support, the only hypervisor it supports is Xen, or more precisely Oracle VM. it only comes bundled only with an Application Server, namely Oracle WebLogic Suite Virtualization Option. The entire stack inside the virtual machine is in “User Mode” in other words the JVM and the drivers are all in the same memory address space and you don’t need to switch contexts into Kernel Mode in order to perform I/O or network access. Does VMware have a strategic initiative (or even a skunkworks) to engineer a similar bundle for its SpringSource runtimes? Or are they just concentrating on scaling out with as per the Google announcement?