The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

In the first Virtualization Security Podcast of 2011, we had Brad Hedlund with us once again. Not to talk about the Cisco Virtualization Security Gateway (VSG), but about the security of what I call physical-virtual devices that provide network virtualization within the hardware. Or what Brad Called Network ID Virtualization (NIV). Cisco has taken its VN-Link technology to extend the networking of a VM directly into the core switch when using vSphere.

Digging out after a Snowstorm: Similar to our virtual environments?

Sooner or later that perfect landscape of white is marred by new mounds of snow and clear-cut paths through it to the various locations on the property. When you look at these paths and the snow is high enough, they look like tunnels. The large tunnels (driveway) meet smaller and smaller ones. The perfect landscape of snow is now marred. This is just how a firewall looks when you put holes in it to let through various services. The more services, the more tunnels and paths will be cut. When speaking about the cloud or virtual environments, the increase in paths and entry points becomes a serious issue.

The acquisition of Akorri by NetApp demonstrates the importance of Infrastructure Performance Management solutions as virtualization progresses into the realm of business critical applications, and as public clouds hope to do the same. However rather than signaling a “game over” this acquisition really raises both the visibility and the importance of both the problems that Akorri solved, and the true end-to-end problems that remain.

Given that vSphere provides significant benefits in terms of cost savings and business agility, those benefits are tied to and constrained by the ability of vSphere to provide backward compatibility with existing legacy enterprise systems. This backward compatibility makes it impossible for vSphere to provide infinite horizontal scalability. Moving to the same architecture as the most highly scaled out public cloud vendors provides for a more radical set of benefits, but at the cost of breaking backward compatibility for many applications.

It is the start of 2011 and I hope everyone has not broken their New Year’s Resolutions already. To start the year off, I would like to encourage and or challenge you to become a part of your local VMware User Group or VMUG as we like to call it. Last year I did a post on My Experience with VMUGs and I am a full supporter of this program and the good it can bring. Although I have a bias for the VMUGS over other types of user groups, the concept of people helping people rates high in my book and I would like to challenge you all to get involved.

Threat Analysis: Layers upon layers

When we think of the threat to a virtual environment or the cloud, what do we think about? First it is important to understand how the cloud is layered ontop of the virtual environment. Given a cloud stack, where are the entry points for SaaS, PaaS, IaaS, and Cloud management? At the recent Minneapolis VMUG I attempted to relay that information to the attendees. Once we understood the layers we could then concentrate on the threat vectors to the cloud and virtual environment.

Net Neutrality and the Cloud

Cloud Computing will rely upon adequate Internet bandwidth being available to ensure that users of cloud computing services have an acceptable end user experience, and that providers of these services can promise that acceptable experience to their customers. The Internet needs a funding model that ensures that the right capacity is available to the applications (cloud services) that need it. We face a choice as to whether or not FCC regulation will help or hurt the progress towards the correct funding (and ultimately payment for Internet services model). Choosing incorrectly may severely inhibit the growth of Cloud Computing services due to confusion over bandwidth and pricing decisions.

The desktop virtualization year opened with a bang at CES with the explosion of vendor announcements introducing the next generation of mobile tablets. The obvious winner this year being Apple and the iPad but with many more vendors showing off Windows-based tablets including HP, Archos and Pegatron, as well as Android tablets from manufacturers such as Archos (again), Compal, Dell, HP (again), and Motorola. The key challenge of course being the delivery of existing enterprise applications onto these platforms, something that’s desktop virtualization and presentation virtualization is ideally suited for. The inescapable consequence of this was a steady stream of announcements from Citrix, VMware, and Wyse as they leapfrogged each other’s announcements on availability, functionality, and usability of their respective mobile tablet client offerings. The level of competitiveness here producing major benefits for potential adopters as each strove to outdo the other in terms of user experience innovation and performance.

It is the last few days of the year and time for a review of virtualization 2010. Although VMware was founded in 1998 it was not until 2001 that I first heard of VMware and played with the workstation product to be able to run different flavors of Linux. So for me, 2010 closes out a great year in virtualization as a whole as well as a decade of virtualization and what a ride it has been.