The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

Link your Clouds using AFORE Cloudlink

AFORE Solutions has created AFORE Cloudlink, which won the Best of VMworld for Security at VMworld 2011 in the United States. Yet, many people were scratching their head saying, who are AFORE and why did they win. AFORE moved from a physical appliance to a virtual appliance about 3 years ago providing a way to move data between data centers in an encrypted fashion, which at the time was desperately needed. After three years they have made quite a few changes, but still have their core functionality, but now included data at rest encryption and the ability to stretch layer-2 and layer-3 networks between locations amongst others.

On 9/22 was held the Virtualization Security Podcast featuring Anil Karmel, Solutions Architect at Los Alamos National Library (LANL), to discuss their implementation of secure multi-tenant Cloud. LANL makes extensive use of the entire VMware product suite from vCloud Director down to the vShield components to implement their SMT cloud. They have also added into their cloud their own intellectual property to improve overall cloud security. It was a very interesting conversation about the state of SMT today.

Since the introduction of virtualization there has been sheer joy and excitement when having to work with application owners on the amount of resources they will need and not what they really think they want. I have seen all kinds of minimum, maximum, and special recommendation for all kinds of application over the years. In most cases, applications have evolved to be able to thrive in a virtual environment without too many limitations. Now it seems we have to verify which VMware features are fully supported with certain virtualized application also.

“The latest challenge on the security front isn’t necessarily an exotic new threat vector: it’s the attackers themselves. They’re organized, well-resourced and patient. And there’s no silver technology bullet to effectively combat them.”

This is a very important point, and one that I have seen at other security conferences for the last 5 years or so. However, attacks are possible because there is a lack of confidentiality and integrity of the data held within the systems under attack. So the system becomes the week point.

One of the cool things about attending VMworld every year is seeing what is new on the horizon and this year, ironically, there is something called Project Horizon and the first milestone of that project called VMware Horizon Application Manager. Horizon is a hosted service that will centrally manage the provisioning, access and usage of software-as-a-server (SaaS) applications while at the same time applying the companies standardized security and access controls. This will give the end users of the application the ability to use the applications via VMware ThinApp or View products to stream the application across multiple devices all with a single login. The end users will also have self-service access to a corporate store for their SaaS and Web-based applications. Managing these applications will be completely user based with no need to worry about the underlying device the software or application is running on.

Is it Time to Reorganize Data Center Operations?

If automated IT Operations is going to succeed and deliver its promised benefits then IT Operations is going to have to get reorganized – with supporting hardware teams part of the virtualization team. Furthermore Application Operations will have to be instantiated as a function that is responsible for the actual service level delivered by the applications to their constituents.

There is now a huge amount of movement in the area of what we have called “Diverse” Platform as a Service i.e. PaaS that delivers a number of different application infrastructure technologies on a mix-and-match basis and where there is no proprietary technology layer at any point in the platform stack. Amongst these we would include OpenShift, Cumulogic and CloudFoundry from our recent set of posts. AppFog sits in this category, and the fact that it has been recently renamed from PHPFog highlights a major trend in the space, the vendors typically start by developing a single technology, build an initial business plan and gain some market traction within that niche, and then move on to supporting a broader range of platforms.

Secret Shopper Report – VMware CloudFoundry

To recap the story so far, I’m prototyping an application and deploying it to various PAAS environments. I am not getting any special help from any of the vendors in this exercise – you can think of me as a “secret shopper” for PaaS, although I don’t hide my identity. I am approaching each platform on its own merits, and in these posts I am recounting and contrasting my experiences and reaching some general conclusions about the PaaS market.

VMware Articulates a Compelling Management Vision – Automated Service Assurance

VMware deserves an enormous amount of credit for promising to reinvent IT Operations around automation and the guaranteed performance of applications. VMware either has or is working on all of the building blocks required to execute upon this vision for the vSphere platform. The combination of innovation by VMware, and by the third party ecosystem on this front will create a new compelling benefit to virtualization, that will allow virtualization to comfortably address business critical and performance critical applications.