The Virtualization Practice

Have you ever considered the best way to plan, design and work with VMware Update Manager (VUM)? In the early days using VMware 3.x when VUM was first released, I would end up installing VUM on the vCenter server itself. After all, that was the recommendation from VMware at the time. I propose that this is no longer the case and I would like to present a list of best practices to follow when working with VMware Update Manager. This list came from VMware, but should only be considered as a guide. Each environment is different and your mileage may / will vary.

In the End-to-End Virtualization Security Whitepaper we review various aspects of server security with an eye to determining how the products would work together to create a secure virtual environment. While some of these tools are cross-platform, the vast majority of them are geared specifically to VMware vSphere.

In this post we will look at Server Security, and we will follow-up with another post about Desktop Security? Are these very different? I believe so, desktops have daily, second by second user interactions. For desktops, one of the most important aspects is look and feel such as response time for actions. So things need to be as fast as possible. With Servers however, user interactions are limited and therefore have slightly different performance and security requirements. What may be acceptable for a server may not be acceptable for a desktop. So what do the tools provide for servers?

Cloud.com had lined itself up with Citrix by using only XenServer in the commercially-licensed version of its IaaS product, and now is being used by Citrix to ensure OpenStack supports XenServer (which it doesn’t at the moment), presumably to keep Red Hat’s KVM under control and VMware out. We’ve also been trawling through the available OpenStack documentation to understand why NASA thinks its cloud is more scalable than Eucalyptus. It seems to be all to do with how the state information is passed amongst the various servers that make up the system. GPL-based Open Core models break down when you move to multi-vendor foundations because the cross-licensing of IPR under GPL immediately infects the recipient codebase, and precludes commercial licensing of the resulting combined work. The result is that the GPL Open Core business model doesn’t work in the same way, and both Eucalyptus and Cloud.com cannot apply their current business model in these multi-vendor foundations. It is a big blow for Eucalyptus. They have turned their biggest potential customer into a massive and credible competitor, built in their own image (only – at least from a PR perspective – much more scalable).

In OpenStack the API is implemented in a separate service which translates external http requests into commands across the internal message bus, and so it looks (on the face of it) possible for someone (preferably Oracle) to implement the Oracle DMTF submission as a separable new API server module without disrupting the OpenStack architecture. In OpenStack the API is implemented in a separate service which translates external HTTP requests into commands across the internal message bus, and so it looks (on the face of it) possible for someone (preferably Oracle) to implement the Oracle DMTF submission as a separable new API server module without disrupting the OpenStack architecture.

Who’s Who in Virtualization Management

Virtualizing business critical systems requires that a layer of virtualization management solutions be added to the virtualization platform. Virtualization management solutions in the areas of virtualization security, virtualization configuration management, virtualization service and capacity management, virtualization service and capacity management, virtualization provisioning and lifecycle management and backup and recovery should be added to the platform.

The Wall Street Journal had an interesting article on the United States General Services Administration has approved the acquisition of some cloud services for use by the Federal Government including many of the Google Apps such as Gmail, Google Docs, etc. Since these services are for sale as well as freely available this sounds more like an admission that they can be used. Will other governments follow suit? But should they be used? That is really the question.

There are two sides to any government, the classified and the unclassified. These are general terms that quantify how the government can use services. While all services require quite a bit of security, classified utilization requires even more, in many cases what most would consider to be “uber-security” requirements. The types of requirements that impact usability in some way. Can these tools provide adequate security?

With the release of vSphere 4.1 there have been some great enhancements that have been added with this release. In one of my earlier post I took a look at the vSphere 4.1 release of ESXi. This post I am going to take a look at vSphere 4.1 availability options and enhancements. So what has changed with this release? A maximum of 320 virtual machines per cluster has been firmly set. In vSphere 4.0 there were different VM/Host limitations for DRS as well as different rules for VMware HA. VMware has also raised the number of virtual machines that can be run in a single cluster from 1280 in 4.0 to 3000 in the vSphere 4.1 release. How do these improvements affect your upgrade planning?

Whilst I have been away on vacation, something fairly interesting has happened in the area of Open Source initiatives for Infrastructure as a Service in the form of a new initiative from NASA and Rackspace called OpenStack. You may remember in our last post in this area, we noted that there was a proliferation of offerings in the IaaS space, and it was in the customer’s best interest for there to be effective migrateability (or even mix and match) amongst public and/or private clouds. However, the API standards to support interoperability are proving elusive.

Virtualizing Business Critical Applications – A Reference Architecture

Virtualization Security, Configuration Management, Service and Capacity Management, Provisioning and Lifecycle Management, and Backup/Recovery are essential functions that must be added to a virtualization platform when virtualizing business critical applications. VMware vSphere is clearly the market leading and most robust virtualization platform – and clearly the virtualization platform most suitable as the foundation of a virtualization system designed to support business critical applications. However, the virtualization platform must be complemented with third party solutions in these areas in order to create a system that can truly support business critical applications in an effective manner.