Home > Blogs > VMTN Blog > Monthly Archives: October 2007

Monthly Archives: October 2007

Spooky, scary virtualization videos

Spooky, scary virtualization videos for your Halloween pleasure. For more technical and industry news, check out Planet V12n — never a shortage of good stuff.

The Night of the Bleeping Pager

The horror of an unvirtualized datacenter!
The relief of VMware Infrastructure 3!

Virtualization nightmares!

VMware technology as anti-anxiety prescription?

Video: customers speak about upcoming features

VMware customers Chevron, BMC Software, Natixis, Wyse Technologies, and Curtin University, talk about the benefits of new features and enhancements in VMware’s latest generation of its flagship virtualization software, VMware Infrastructure 3.

Customers provide commentary on ESX Server 3.5 and VirtualCenter 2.5, including Storage VMotion, Update Manager, Distributed Power Management, and the thin architecture of ESX Server 3i.

Pete has also added a lot of customer testimonials and has more in the queue,
including the rest of the fun VMworld video contest entries, so if I
were you I’d keep this this YouTube search for VMware handy. And he would like to remind you that Virtualized Hardware Hotel continues to ROCK:

Nice overviews: VI3, ESX 3i, VCB, and more

David Davis at Petri IT Knowledgebase has been writing some good articles recently on VMware — nice intros for the newcomer, and if you go take a look at the full list, getting into some advanced topics as well.

Link: How will VMware ESX Server 3i Change the future of Virtualization?

You are probably already familiar with what VMware ESX
Server is, how it is revolutionary, and how virtualization is changing
server infrastructure forever. Perhaps you are already an ESX Server
user, perhaps not. Either way, the latest version of ESX Server, 3i
(currently in Beta) could go even farther than ESX Server 3, in
changing the face of your server infrastructure. Let me show you how…

Link: How to choose the right VMware Infrastructure ESX Edition for you.

In our previous article, "VMware
Versions Compared
", we compared the various products in VMware’s
product line. For example, the difference between VMware Server,
Workstation, and Server ESX. In this article, we will focus specifically
on the VMware ESX product line and the VMware virtualization suite
called VMware Infrastructure. With a variety of VMware
Infrastructure suites and ESX Server product options, it is difficult to know which is
right for you. Let’s find out…

Link: How to Secure your VMware ESX Server.

As
VMware ESX is loaded directly on hardware and is its own virtualization
operating system, there are a number of factors to consider when
securing it. While, due to its design architecture, ESX is inherently
secure, there are still a number of security factors to consider. In
this article we will cover the vulnerability points of ESX and how you
can ensure that your ESX Servers are as secure as they can be.

Link: How can the new features in VMware Workstation version 6 help me?.

In
summary, VMware Workstation is, in my opinion, the most powerful
desktop virtualization package available. The new features in version 6
just "up the ante". While it isn’t free, like VMware Server is,
Workstation has enough features to justify the cost. The more I use
virtualization software, the more I find uses for it. It has gotten to
the point where I don’t know what I did without it. Try out VMware
Workstation and I think you will come to the same conclusion.

Link: 3 VMware Consolidated Backup (VCB) utilities you should know.

In
our previous article, "What you need to know about VMware Consolidated
Backup (VCB)", we provided an overview of how VCB can help you. In this
article, we will explore the command line utilities provided with VCB.
There is no GUI interface for VCB so these tools are THE tools that you
get with VCB. Because of that, if you are using VCB, you must know how
to use these CLI tools well. Let’s take a look…

Good stuff.

Virtualization Security Guidelines

Link: Virtualization Security Guidelines – blog.scottlowe.org

The Center for Internet Security (CIS)
has released some security benchmarks for VMware ESX Server 3.0.x.  The
ESX security benchmark joins recommendations and guidelines for
Windows 2000, Windows XP, Windows Server 2003, Red Hat Linux, and
Mac OS X that are also available from the CIS.  The CIS has also
published a generic virtual machine (VM) security benchmark as well.
Taken together, the ESX benchmark and the VM benchmark provide good,
solid recommendations around virtualization security.

The ESX/VM benchmarks are available for download here.

With all the hype around virtualization’s impact on
security—positive or negative—it’s good to see some concrete and
actionable recommendations.  If nothing else, these documents will at
least provide a starting point for security professionals and
virtualization experts to discuss the best way to architect solutions
without compromising the security of the network/servers.  In fact, we might even find ways to enhance the security of the network/servers.

Google Tech Talk: Inside VMware Fusion

From VMware’s Ben Gertzfield — Google Tech Talk: Inside VMware Fusion – Infusion: The Fruit of Eris.

This week, I was invited by Amit Singh to present a Tech Talk at Google
on VMware Fusion.  I decided to do something a little different and dig
down into how VMware’s goals of bringing people the apps they need
wherever they need them is actually really similar to Google’s
“everything’s a web app” strategy.

If you’re a Mac programmer or are interested in how VMware approached developing for the Mac, go see Ben in action on YouTube:

Ben Gertzfield @ Google

More on virtual debugging with record/replay

More from VMware’s Slava Malyugin: Debugging the virtual world.: Configuring application debugging with Record/Replay.

In my previous article I explained how to debug processes running in Ubuntu 7.04 VM using Record/Replay technology built into VMware Workstation 6.0.1. This article tells how to use Record/Replay debugging with different distributions of Linux.

When
debugging an application using Record/Replay, you need to run the
debugger on the Host (outside of Virtual Machine). The reason for this
is obvious – if the debugger runs inside the Virtual Machine, it will
disturb the execution of the VM and you will not get 100% determinism.
The downside of running the debugger outside of the VM is that it
cannot use kernel services to debug processes.

We solved this
problem by teaching our debugger how to implement process-level
debugging by traversing Linux kernel data structures. Since the Linux
kernel is evolving rapidly, the format of these data structures changes
quite frequently. This is why we require users to tell us the offsets
of some kernel data structures with the "monitor linuxoffsets" command. …

Note that these scripts and Record/Replay feature in the WS6.0.1 are
not officially supported by VMware. If you have questions or
suggestions, the best place to express them is our forum. Thank you.

Wide Finder, Stacks of Lamps, and Virtualization

Sun’s Tim Bray has kicked off an interesting cross-blog conversation recently. He calls it the Wide Finder Project, and the basic issue is this: we’re moving toward a future of dealing with many CPUs with many cores but with (relatively) low clock rates. What are the interesting computer science and software development challenges this raises? How can we take advantage of architectures like this when dealing with parallelism is just so … painful using today’s paradigms and tools?

One thing I find fascinating about the discussion is how it’s coming from a strategic and futures-based motivation, but it’s taking place with a real roll-up-your-sleeves hacking ethic.  Tim postulated a simple, almost a toy, problem — parsing Apache log files. Tim and others are exploring this simple problem and how currently-available languages and language features affect how easy it is to take advantage of multi-CPU, multi-core architectures to rip through the file like a chainsaw through wet cardboard.

Tim started the ball rolling with Erlang (conclusion: wicked cool, but the I/O and regexp libraries aren’t up to snuff — likely a solvable problem) and others have run with it from there.

So why the Wide Finder problem on a virtualization blog? I ran across Kevin Johnson’s blog entry A Pile of Lamps.

He starts off in an earlier entry by scaring himself:

At the risk of sounding like a pessimist, I think we’ll end up with
thousands of little SOA web services engines. Each one handling a
single piece. Each one with its own HTTP stack. Each one using
PHP/Perl/Ruby/etc to implement the service functions. Each one sitting
on top of a tiny little mysql database. Eeeep!  I just scared myself – better drop this line of thought.  I’ll have nightmares for weeks.

Kevin points to Andrew Clifford’s The Dismantling of IT, which is not talking about v12n per se, but certainly fits into the picture we’re drawing here:

The most obvious change is that the new
architecture would remove technical layers, such as databases and
middleware. These capabilities would of course still exist, but they
could be standardised and hidden inside the systems. They would not
need so much management, and we would need fewer specialists.

Mark Masterson urges
him to reconcile with our future world of cooperating tiny little machines, all
busy message-passing and presumably acting somewhat autonomously to
avoid the nightmare management burden. Sounds a bit like a job for … virtualization and resource pools? Or as Kevin puts it:

Is the answer a combination of LAMP, embedded computing, cluster management, and virtualization?

JeOS boost is 25-50%?

Nice overview of the current situation from InformationWeek’s Andrew Conry-Murray. Although it spends a while on the MSFT vs VMW angle, I thought this tidbit on BEA’s new LiquidVM-based appliance was interesting — 25-50% less memory and CPU — and I assume that’s compared to running the JVM on top of Linux.

Link: VMware: New King Of The Data Center? — Server Virtualization — InformationWeek.

Applications will always need an operating system to run, right? Not
with BEA’s WebLogic Server Virtual Edition, or WLS-VE. It replaces the
conventional OS with LiquidVM, a microkernel-based Java virtual
machine. In turn, the Java VM runs directly on a VMware hypervisor,
without the need for Windows or Linux. "We realized the hypervisor had
eaten into a lot of what an application needs from an OS," says Guy
Churchward, VP and product manager of WebLogic products at BEA.

Java-based applications are ideal candidates for running without a
general-purpose operating system, because they already run inside a
Java virtual machine, which abstracts the OS functionality of Windows,
Linux, and Unix variants. The Java VM provides some OS functions,
including memory and CPU allocation, as well as networking (see chart,
below). BEA added other capabilities, such as input/output management,
that normally are handled by an operating system to the LiquidVM.

Meanwhile, the hypervisor is handling other functions, such as loading
device drivers, which are also usually managed by the operating system.
The result, says Churchward, is that the OS ended up completely
replicating the functionality of the Java VM and the hypervisor.

By jettisoning the OS entirely, Churchward says, WLS-VE consumes 25% to
50% fewer resources, such as memory and CPU cycles, while boosting
overall system performance. Other benefits include reduced management,
because IT doesn’t have to maintain a separate operating system.

VMWare Fusion Best Windows Experience Ever

Link: VMWare Fusion On Mac Delivers My Best Windows Experience Ever – The Apple Blog.

After installing Windows and Microsoft Office from a ghost image, I rebooted Windows XP from inside VMWare Fusion, and it was as if I had a brand new computer within a computer. Rather than the sluggishness I had expected from a virtual machine, working within Windows on my Mac was just as fast as it ever was on my Dell. Outlook connected with the company network and recognized my login credentials. Internet Explorer and Firefox, utilizing the Internet connection on my Mac, connected to the Web. I could even maximize the Windows OS to full screen (1440 x 900 on my laptop). While seeing a Windows desktop on my Mac was undeniably weird, I knew I had the world’s best Windows laptop on the planet.

Debugging the virtual world

From VMware’s Slava Malyugin: Debugging the virtual world..

My previous article
explained how to use Replay debugger with the kernel. The key benefit
of Replay is that you get 100% reproducibility of bugs with low
overhead, and can analyze the recording using existing debuggers.

You
can debug Linux processes running in the Virtual Machine as well. The
approach is similar. First, you need to set up a replayable Virtual
Machine. The easiest way is to convert existing Virtual Appliance. Here
is how to do it in four steps:

There’s a little bit of kernel-specific fiddling that goes on (You need to know different offsets for different kernels, not that you have to recompile your kernel or anything), but for a developer this is like a virtual chainsaw and magic freeze ray combined.

The Replay feature remains experimental in the VMware Workstation
6.0.1. If you have a question or suggestion, or if you discovered a
bug, please post here. The engineers working on Replay are checking the forum and will be happy to talk to you.

Check out the new guestdebugmonitor community as well.