The Virtualization Practice

Tag Archive for Xen

During the Virtual Thoughts podcast on 6/29/2010, the analysts discussed various hardware aspects of virtualization trying to determine if the hypervisor was to move into the hardware? and if so how much of it? as well as whose hypervisor? and lastly such a move part of any business model?

Virtual Thoughts is a monthly podcast that looks at the entire scope of virtualization to discuss new trends and thoughts within the virtualization and cloud communities.

This weeks podcast started with a discussion of TPM/TXT and the boost it gives to virtualization security. Since TPM/TXT is based in the hardware and provides a measured launch of an operating system, the next logical discussion was on whether or not the hypervisor would be placed into the hardware?

As of Service Pack 1, SUSE Linux Enterprise Server 11 (SLES) supports KVM for SUSE guests. This post follows on from our previous post regarding the demise of Xen in Red Hat Enterprise Linux, and perhaps suggests the beginning of the end for Xen-based virtualization in Linux, but the story is far from clear. A complex set of agreements with Microsoft mean that Novell is bound to preferentially support Windows guests, and it may be a while before KVM support is adequate, although Novell has a project called Alacrity to help get it there. In the meanwhile Novell may get split up into pieces by a private equity house and SLES find itself a new owner.

In a slightly strange “didn’t they already have Xen in the kernel” kind of way, Novell has certified Suse Linux Enterprise Server as a “perfect guest” running on Citrix XenServer, allowing joint support of the combined solution. The deal is asymmetric (it wouldn’t really make sense to run XenServer on SLES) but it reflects an open approach characteristic of the way Novell operates, in embracing the reality that customers will want to use one of a number of possible hypervisors, and that Novell has to get along with everyone. In return Novell is starting to push it’s PlateSpin Recon product through the Citrix channel.

VMware is today a product, the start of an architecture and almost certainly a culture. How this changes as VMware adapts in order to continue to grow and drive its market share will be interesting to watch. A great deal of very technically competent people have become part of the VMware ecosystem because VMware is both difficult t to fully master completely and because it drives great benefits to the enterprises that adopt it and the service providers that implement it.

Intrusion Protection Systems (IPS) differ quite a bit from Intrusion Detection Systems (IDS). An IPS is designed to modify some form of security setting when an intrusion is detected, thereby preventing the intrusion from being successful. An IDS on the other hand is just the detection component used by an IPS. Like all security tools used within a virtual environment there are four major ways to implement such devices. We will discuss later some best practices for managing a security tool. We will look at what is currently shipping over products hinted at for the future such as the OpenVSwitch, Xen Instropection API.

Citrix has recently joined the Linux Foundation, and there is a report (which they seem to have endorsed) that they plan to open source XenServer. That’s not Xen, it’s XenServer – not the kernel, the product, the thing you stick on your server instead of ESXi, or sometimes vSphere.

It is entirely possible that Citrix’s lawyers have noticed that XenServer was so infected with GPL code that it was already Open Source anyway.