VMware’s own Mike DiPetrillo surveys the current state of patching virtualization platforms and it’s not pretty. Link: VMware Patch Tuesday from Mike’s blog A Little Truth.
Microsoft’s new hypervisor based product called “Hyper-V” requires a
Windows operating system in the Parent Partition. Given that you’ll
need to patch that Windows OS just like any other Windows OS I decided
to look at the history of Microsoft patches for Windows Server 2003. …Virtual Iron actually uses the Xen open-source hypervisor. There are a lot of other vendors out there that use that same
hypervisor (Red Hat, SUSE, SUN, Citrix/XenSource, and Oracle to name a
few). While the hypervisor itself is pretty good the architecture still
requires a general purpose operating system in Domain 0 (the Parent
Partition in Microsoft land). What does this mean? Well, you’re back to
having to patch a general purpose Linux operating system which
introduces downtime for you system. …Last, we’ll go into a totally different architecture for the last
vendor – Virtuozzo. … you to install the patch once on the host and everyone
inherits it. Guess what? It works! … Let’s say you deploy
that patch and it blows up one of the VMs on the host. If you’ve never
had a patch blow up something in your environment then I want to meet
you. Anyhow, something blew up so we’ll need to back that patch out. Oh
wait…all of the other VMs are inheriting that same patch. …
Mike isn’t shy about sharing from his long experience in virtualization, and in my experience he knows what he’s talking about. Welcome to the blogosphere, Mike. I hope we see more of you around here.