The Virtualization Practice

Tag Archive for Xen

As of Service Pack 1, SUSE Linux Enterprise Server 11 (SLES) supports KVM for SUSE guests. This post follows on from our previous post regarding the demise of Xen in Red Hat Enterprise Linux, and perhaps suggests the beginning of the end for Xen-based virtualization in Linux, but the story is far from clear. A complex set of agreements with Microsoft mean that Novell is bound to preferentially support Windows guests, and it may be a while before KVM support is adequate, although Novell has a project called Alacrity to help get it there. In the meanwhile Novell may get split up into pieces by a private equity house and SLES find itself a new owner.

In a slightly strange “didn’t they already have Xen in the kernel” kind of way, Novell has certified Suse Linux Enterprise Server as a “perfect guest” running on Citrix XenServer, allowing joint support of the combined solution. The deal is asymmetric (it wouldn’t really make sense to run XenServer on SLES) but it reflects an open approach characteristic of the way Novell operates, in embracing the reality that customers will want to use one of a number of possible hypervisors, and that Novell has to get along with everyone. In return Novell is starting to push it’s PlateSpin Recon product through the Citrix channel.

VMware is today a product, the start of an architecture and almost certainly a culture. How this changes as VMware adapts in order to continue to grow and drive its market share will be interesting to watch. A great deal of very technically competent people have become part of the VMware ecosystem because VMware is both difficult t to fully master completely and because it drives great benefits to the enterprises that adopt it and the service providers that implement it.

Intrusion Protection Systems (IPS) differ quite a bit from Intrusion Detection Systems (IDS). An IPS is designed to modify some form of security setting when an intrusion is detected, thereby preventing the intrusion from being successful. An IDS on the other hand is just the detection component used by an IPS. Like all security tools used within a virtual environment there are four major ways to implement such devices. We will discuss later some best practices for managing a security tool. We will look at what is currently shipping over products hinted at for the future such as the OpenVSwitch, Xen Instropection API.

Citrix has recently joined the Linux Foundation, and there is a report (which they seem to have endorsed) that they plan to open source XenServer. That’s not Xen, it’s XenServer – not the kernel, the product, the thing you stick on your server instead of ESXi, or sometimes vSphere.

It is entirely possible that Citrix’s lawyers have noticed that XenServer was so infected with GPL code that it was already Open Source anyway.

There is a great debate on which hypervisor vendor works with ISVs and which do not. You have a number of ISVs working with VMware that are just now starting to work with Hyper-V. A number of ISVs that are struggling to catch up in the virtualization space. Hypervisor Vendors that are directly competing with ISVs as well as welcoming ISVs. This story is not about any of this, but about how easy is it to launch a new product for each of the hypervisors available with or without help from the hypervisor vendor. In essence, is there enough documentation, community, and code out there to be interpreted as welcoming ISVs.