The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

Todd Nielsen has already succeeded twice at what he is now being asked to do at VMware – once at Microsoft and once at BEA. This time what hangs in the wind is VMware’s ultimate destiny. Will VMware be the device driver to the dynamic data center (vSphere), or will VMware be that and the next generation application platform for IT as a Service and Public Cloud based applications?

At last year’s VMworld in San Francisco Stephen Deasy (Director, R&D, VMware) and Srinivas Krishnamurti (Senior Director, Mobile Solutions, VMware) announced VMware’s plans for a type II mobile hypervisor platform. Three months later VMware and LG have announced a partnership to install VMware Mobile Virtualization Platform (MVP) on LG smart phones starting in 2011. While significant questions remain about the viability of this partnership, the need for a mobile virtualization solution cannot be stressed enough.

Monitoring from the Cloud

I have started the year 2011 out by looking at some of the different monitoring solutions available for us to have an insight into the health and welfare of the systems that we support. In your typical monitoring solution you would install the monitoring server in your environment and let the system discover all the devices in your infrastructure and or to control the licenses we would manually enter the devices that we want to monitor. Some of these monitoring servers solutions have to have a beefy box to begin with and all solutions will need a great deal of “tweaking” to control the number of false positives as well as time put in to be able to report on what exactly we care to be alerted about.

You heard the buzzwords and drunk the kool-aid and now you want to move to the cloud, how do you do this? This has been the a fairly interesting question on the VMware Communities Podcast yesterday, when the vCloud team showed up to talk about the current reference architecture. Yet almost all the questions were about going to the cloud and not about the architecture. Does this mean people do not understand what is required to go to the cloud? I think so. So to take a few elements from the podcast and put them in writing is the goal of this article. The Simple Steps to move to the cloud.

Chad Sakac mentions on his blog that VNXe “uses a completely homegrown EMC innovation (C4LX and CSX) to virtualize, encapsulate whole kernels and other multiple high performance storage services into a tight, integrated package.” Well this has gotten me to thinking about other uses of VNXe. If EMC could manage to “refactor” or encapsulate a few more technologies, I think we have the makings of a killer virtualization security appliance. Why would a storage appliance spur on thinking about virtualization security?

Monitoring the performance of the infrastructure, applications and services in IT as a Service environments will require that monitoring solutions become multi-tenant, can be instantiated by ITaaS management tools without any further configuration, and that they automatically “find” their back end management systems through whatever firewalls may be in place. These requirements will probably be the straw that breaks the camel’s back for the heavyweight complex legacy tools that were in place prior to to the onset of virtualization, the public cloud and now IT as a Service. ITaaS is the tipping point that should cause most enterprises ignore every monitoring tool that they have bought in the past and to start over with a clean sheet of paper.

In the first Virtualization Security Podcast of 2011, we had Brad Hedlund with us once again. Not to talk about the Cisco Virtualization Security Gateway (VSG), but about the security of what I call physical-virtual devices that provide network virtualization within the hardware. Or what Brad Called Network ID Virtualization (NIV). Cisco has taken its VN-Link technology to extend the networking of a VM directly into the core switch when using vSphere.

Digging out after a Snowstorm: Similar to our virtual environments?

Sooner or later that perfect landscape of white is marred by new mounds of snow and clear-cut paths through it to the various locations on the property. When you look at these paths and the snow is high enough, they look like tunnels. The large tunnels (driveway) meet smaller and smaller ones. The perfect landscape of snow is now marred. This is just how a firewall looks when you put holes in it to let through various services. The more services, the more tunnels and paths will be cut. When speaking about the cloud or virtual environments, the increase in paths and entry points becomes a serious issue.