Big players in the virtualization world griped about the absence of performance benchmarks for virtual machines on CIO Talk Radio yesterday and discussed some of the issues surrounding virtualization standards.
Guests on the show included: Simon Crosby, Chief Technology Officer of the Virtualization and Management Division of Citrix; Tom Bishop, Chief Technology Officer, of BMC Software; Dr. Tim Marsland, Sun Fellow, Chief Technology Officer, for the Software Organization at Sun Microsystems Inc.; and Brian Stevens, Chief Technology Officer and Vice President of Engineering at Red Hat.
The glaring ommission in this lineup: VMware, Inc.
The panelists on CIO Talk Radio didn’t mention VMware by name, but did complain that some companies aren’t being open with their performance data, thus prohibiting the virtualization industry from publishing comparative performance data.
VMware’s licensing agreement for ESX allows users to conduct internal performance testing and benchmarking studies, and allows those users (and not unauthorized third parties) to publish or publicly disseminate the data provided that VMware has reviewed and approved of the methodology, assumptions and other parameters of the study.
Users that have published benchmark data, like Sr. Systems Engineer Mark Foster did on his blog, have had to unpublish results because of VMware’s stipulations.
Meanwhile, the SPEC Virtualization Committee has been working to create standard benchmarks for VMs. The committee’s goals are to deliver a benchmark that will model server consolidation of commonly virtualized systems such as application servers, web servers and file servers; provide a means to compare server performance while running a number of VMs; and produce a benchmark designed to scale across a wide range of systems.
SPEC expects these benchmarks to be available by the end of this year, but the timeline is not set in stone, according to the website.
Sun’s Marsland said benchmarking progress has been slow because there isn’t an easy way to define a workload, and a large number of benchmarks are required.
“We are talking about a virtual computer, with lots of aspects that need to be benchmarked,” Marsland said. “Every component that gets virtualized needs to be benchmarked.”
Having an open, standardized way of benchmarking is expected to push virtualization further into the mainstream because it will eliminate false perceptions about performance, panelists said. For instance, “there is the thought that I/O intensive workloads can not be virtualized, and the absence of benchmarks prevents us from proving otherwise. It is important for us to have good benchmarks out there,” one panelist on the show said.
Though users look at benchmarks, this type of data is most useful to vendors and OEMs who can use the performance standards to improve the technology, and of course, market their products.
“More open scrutiny of performance results will help us to improve as an industry overall,” Bishop said. “There are ways to measure performance in non-virtual environments, and people are adapting those techniques to get the most out of their virtualized environments.”
In terms of application performance in virtual environments, the issues differ depending on the data center infrastructure. The network, the servers and the storage all affect performance, said Stevens of RedHat.
Another problem with virtualization? There are support challenges. If an application running in a VM starts acting wacky, the application vendor may not support it, Crosby said.
Licensing and support in virtual environments has been a major gripe with Oracle, for example, which does not support running its applications with VMware.
“It is a reasonable concern…right now there is irrational market based control. Some folks are abstaining from supporting certain apps [in virtual envionments]. As customers demand support, things will hopefully get rational, by next year I hope,” Crosby said.
While Citrix Systems’ Xen’s ubiquity may help the technology earn a legacy as the invisible hypervisor, it may also prove the most challenging next step for IT administrators and developers who want to find or develop software that leverages, supports or extends the Xen hypervisor.
To understand the problem that Xen faces, take Java as an example. Java is great, and I am committed to developing applications that are truly cross-platform using what I consider this fantastic creation. But in all the years that Java has been around, it has failed to gain traction that NET has achieved in less time. Why?
Although Java is slower, it offers a greater advantage than .NET in terms of portability; but Java still hasn’t managed to gain a majority mindshare of developers. This is because Java’s true worth is its portability, its ability to blend into any system. Java has succeeded so well at being invisible that it has lost the sexiness associated with languages used to construct desktop and Web applications. Every once in a while, something like the Google Web Toolkit comes along that makes people take a step back and re-evaluate Java’s usefulness for end-user applications. Ultimately, Java has been left to the obscurity of providing enterprise, back-end applications.
Is Xen is destined to a Java-like fate? While ultimately it may not prove difficult to develop cutting-edge technology compatible with the Xen hypervisor, it may prove so to market it. If you are in the business of selling virtualization add-on products, you want to ensure that your product is compatible with VMware Infrastructure, because that is where the sales are.
The marketplace has not been especially kind to Xen for two reasons: it was not first to market, which is an important factor for any industry, and Xen resellers do not have the power of the VMware PR machine. Also, all major virtualization vendors, including VMware, say that hypervisors should be ubiquitous — the difference is that the VMware CEO Diane Greene has been quoted on virtualizationreview.com and in person. VMware shouts the same thing everyone else is casually discussing and this makes headlines.
As Xen’s legacy may be to become the ubiquitous, embedded hypervisor for all to use, its strength may also be its greatest detriment to Xen-based virtualization platforms. Xen’s strength is its practical application as the invisible, reused, resold, embedded hypervisor, but invisibility just hasn’t worked in Citrix’s favor. Instead, it shields partners from building ecosystems around Xen and has marginalized the brand name.
Hypervisor price competition will get intense this year as Microsoft enters the market with Hyper-V, and VMware will have to respond, says Chris Wolf.
Wolf is Burton Group’s senior analyst for data center strategies, and he’s probably everyone’s go-to expert on virtualization. He predicted how the price wars will shake out in this short interview and said not to expect any vendors’ prices on production-level features to plummet.
I talked with Chris during TechTarget’s Advanced Enterprise Virtualization Seminar in San Francisco last week. He says to expect price drop and new virtualization product announcements in June, just before Burton Group’s Catalyst Conference in San Diego June 23-27.
If you haven’t heard Chris speak, you’re missing out. He knows virtualization inside out, way beyond the basics. And he isn’t shy about telling it like it is — much to vendors’ chagrin. Check out his sessions at the TechTarget seminars or the Catalyst Conference, or any other chance you get. I read his blog at ChrisWolf.com daily, and he has also written virtualization books, including Virtualization: From the Desktop to the Enterprise.
SearchServerVirtualization.com and SearchVMware.com have been covering cost and pricing wars between virtualization vendors, looking beyond the marketing hype to offer useful info for IT pros who are evaluating products. I particularly liked Rich Brambley’s blog post about the real story behind vendors’ competition for hypervisor market share.
Now that you know Chris Wolf’s views on virtualization product pricing, how about sharing yours? Will better pricing cause you to re-evaluate whether you continuing using VMware? Are you sticking with VMware because you’ve invested in its ecosystem and in staff training? Have you been waiting for Microsoft or Xen technologies to catch up before starting virtualization projects? Tell me about it in your comments below, by emailing me at firstname.lastname@example.org. Even better, respond to Chris Wolf’s interview or sound off on VMware in a video on YouTube, and send me the link. We’ll post it on this blog.
This blog post was written by Megan Santosus, Features Writer.
A recent white paper published by Embotics Corp. on the hidden costs of virtual machines (VMs) paints just the kind of picture one might expect from a vendor of VM lifecycle management software. According to the paper, an IT shop with 150 virtual machines will typically spend between $50,000 and $150,000 on VMs that are redundant. Those costs stem from four areas: infrastructure (processing, storage, memory and the like); management systems (backup, change and configuration management, etc.); server software (licenses for operating systems and applications); and administration (labor and training). David Lynch, Embotics’ vice president of marketing, said that it’s not unusual for customers to discover that half of their VMs are redundant.
Are VMs really sieves leaking that much money?
Todd Monahan, data center manager at Alcatel/Lucent’s Ottawa, Ont., facility, (and an Embotics customer, although he didn’t talk about his own company’s experience), finds the white paper’s conclusions on the money, so to speak. Monahan estimates that typical licensing costs incurred by a data center for his size – 500 servers split 50:50 between physical and virtual boxes – to break down per machine as follows: Monitoring, $250 to $300; backup, $600 to $700; and operating system for standard Windows $600 to $700. Add on the application licensing costs that vary widely, and you’ve got quite a bit more than chump change at stake.
And as for half the number of VMs being unnecessary, that resonates with Monahan as well.
“It’s so easy to create VMs when you go through a consolidation exercise,” Monahan said. “And because you can’t see them, it really becomes an issue of out of sight, out of mind.”
I was recently asked, “do you have any visibility of the storge utilization you provide your virtual machines?” I stopped, thought about it and said “no”. However, in my situation, this is not yet a problem.
A pitfall for most enterprise server virtualization strategies is in a reservation for storage, regardless of what the virtual machine has written on the virtualized filesystem to the defined maximums. For example, if I have a base installation of a Windows Server 2003 system, the footprint as I do my server builds will be around 5 GB. My standard build allocation is 32 GB. This makes this system only 15.6% utilized from inception. This rule of thumb applies to most servers, and a standard build has 32 GB as an accepted footprint per system.
Excluding backend storage virtualization and de-duplication strategies, what about systems that have a storage footprint larger than 32 GB? Well, luckily we’ve been down this path before:
The storage is the storage, virtual or physical.
Managing the percentage of utilization for shared storage should be a task of continuing diligence. I don’t (yet) have a large number of virtual servers with a footprint above the standard build, these systems face the same battles we have had for years with general purpose servers. As an example, take a main file and print server that is 2 TB on a general purpose server: It will be about 2 TB on a virtual server as well from the storage perspective. For large storage footprints using iSCSI or storage-area network (SAN) technologies, the difference in configuration is minimal.
However, how do we address the first question about under-utilized storage footprints for the virtualized systems? Is it best to look only at operating system metrics? That may be an adequate solution for each operating system, but the aggregation will be from different sources and outputs. What are you doing to address storage utilization when you are not using storage virtualization?
As new vendors enter the x86 virtualization space, pioneer VMware, Inc. is moving on to the next frontier, cloud computing, said VMware President and Chief Executive Officer Diane Greene in her keynote address at the JP Morgan Technology Conference in Boston on May 21.
“The dream of cloud computing is fast becoming reality,” she said.
With cloud computing, workloads are assigned to connections, software and services, which are accessed over a network of servers and connections in various locations, collectively known as “the cloud.” Using a thin client or other access point, like an iPhone or laptop, users can access the cloud for resources on demand.
Greene told the event attendees that the evolution of virtualization begins with users deploying VMs for testing and development, then easing into server consolidations for production environments. The third phase is resource aggregation, with entire data centers being virtualized, followed by automation of all of those aggregated workloads. The final “liberation” phase is cloud computing, Greene said.
“We now have competition going after the first two phases of virtualization evolution with 1.0 products, but we are very much in the aggregate, automate and liberate phase,” Greene said.
Other vendors have their sights set on cloud computing as well. IBM Corp. and Google announced plans to promote cloud computing in October by investing over $20 million in the hardware, software and services at universities, and Reuters reported this week that Microsoft expects companies will abandon their own in-house computer systems and shift to cloud computing as a less expensive alternative.
While VMware moves towards cloud computing, the company is in the thick of the automation phase and has released a number of virtualization automation products recently, including VMware Site Recovery Manager for Disaster Recovery, VMware Stage Manager and VMware Lifecycle Manager for lifecycle management and VMware Lab Manager, as well as product and service bundles.
The company is also focusing on desktop virtualization with Virtual Desktop Infrastructure and has introduced services and products to move that inititive forward.
“Desktop virtualization does require a major change in the infrastructure, so it could be 2011 before we see desktop virtualization adoption in the millions. We do have hosted desktop virtualization customers with large deployments…but [adoption] will happen at a measured pace,” Greene said. “I do think someday everyone’s desktop will run in a virtual machine, whether it be on PCs or MACs, thin clients or phones. With the advantages from a security, manageability and flexibility standpoint, it will become mainstream.”
The cost of desktop virtualization is a barrier to adoption, but Greene said the price per user of desktop virtualization will come down steadily over the next few years. It is in the $800 per user range today, she said.
VMware’s Virtual Appliance Marketplace has over 800 appliances available for download over a wide range of categories that can be used in your VMware environment. For those who may not be familiar, virtual appliances are pre-built, pre-configured virtual machines for use in virtual environments that are built to serve specific functions.
Some of the type of appliances available with VMware include anti-spam, database/app/web servers, firewalls, network monitoring, operating systems and administration tools. There is even an appliance for running DOS-based games from the early 90s. Most of the appliances are free to download and use except for some of the certified appliances from vendors such as IBM, Symantec, VMSight, Bluelane and Bea which must be purchased. Almost all of the appliances run various distributions of Linux to avoid operating system licensing costs and many utilize free open-source applications.
These appliances are compatible with any of VMware’s products including Player, Workstation, Server, Fusion and ESX. Appliances range in size from a few megabytes for some of the small router or firewall appliances to a few gigabytes for some of the bigger, more featured applications. A typical appliance download will usually include the virtual disk (vmdk) file(s), configuration (vmx or ovf) file and usually a few companion files. Once you locate an appliance that you want to use, simply download it and copy the files to your VMware server or workstation. After adding the VM via your management interface, you’re ready to power it on and start using it. Most appliances are pre-configured to use DHCP to automatically assign an IP address to the VM but they will usually allow you to manually configure a static IP address if needed. A new feature in VirtualCenter 2.5 allows you to automatically download and import ovf file-format appliances via a simple wizard interface. You can also use VMware Converter to import virtual appliances into ESX.
Below are a couple of notable appliances that you might want to check out:
ESX Deployment Appliance – (free) Makes deploying new ESX servers simple and fast
X-M0n0wall – (free) A great little firewall for protecting virtual networks
Network Security Toolkit – (free) Contains many open-source network security applications
NagiosVMA – (free) All-in-one open-source host and network monitoring system
LAMP Appliance – (free) A complete web environment including web server (Apache), database (MySQL) and scripting language (PHP)
Remote CLI – (free) Remote command line utility for managing ESXi servers
Browser Appliance – (free) Safely browse the internet inside a virtual machine to prevent malware from infecting your desktop.
LeftHand Virtual SAN Appliance – ($) Converts internal storage of VI3 servers into a iSCSI SAN
SpamTitan – ($) A full-featured email security appliance
VM Sight – ($) Provides virtual network reporting and analytics
VMware Infrastructure Perl Toolkit 1.5 – (free) Provides a Perl interface to manage and control a VI3 environment
vKernel – ($) ESX resource monitoring and reporting including chargeback reports
As this long running thread in the VMware forums indicates, many users are frustrated with VMware’s lack of support for a Linux-based Virtual Infrastructure client to manage VI3 environments. Currently, the VI Client will run only under Windows (as it’s written in .NET), so Linux shops are forced to purchase and install Windows to run it. An alternative web interface does exist; however, it can only manage virtual machine operations and not the ESX hosts which severely limits its usefulness to VMware administrators.
While VMware has not officially announced any plans to develop cross-platform versions of the VI Client or any of its other Windows-only applications, the above-mentioned thread includes one response from a VMware employee who hints that VMware may eventually release a Linux version. A Linux version of a VI Client would be considered a welcomed addition by many VMware customers, if not as an essential feature for those that are using ESX servers in non-Windows environments.
Many customers have also been wanting a Linux version of VirtualCenter, VMware’s centralized management product for ESX, and support for open source databases like MySQL. VirtualCenter will only install on a Windows server and its required database only supports Microsoft SQL Server or Oracle databases. You can also use SQL Express with VirtualCenter, but it is not recommended or supported for production environments. Because of this limitation, customers that wish to use VirtualCenter must also plan on the additional expense of Windows operating systems licenses for the VirtualCenter server as well as a database license if they do not already have an existing SQL/Oracle database server that they can use for the VirtualCenter database.
Unless more customers speak up and request that VMware produce cross-platform versions of their current Windows-only applications, they will probably not end up developing them. If the demand exists, there’s a better likelihood of it happening. Having Linux versions would also help VMware compete in an increasingly competitive virtualization market. If you would like to see VMware develop a Linux version of the VI Client and other applications, contact your VMware sales representatives and let them know.
Almost every virtualization admin that I interact with has materially changed their strategy at some point with their first generation of server virtualization before the entire project is complete. Among the strategy changes are those related to network zoning, which will become a more important consideration as organizations approach higher levels of virtualization.
Specifically, the placement of external facing systems on the same virtual host as systems which house internal systems can put both sides of the network at risk if a compromise is made to the hypervisor from the external facing systems. This becomes especially important as the virtual appliance space allows organizations to easily consider firewall, intrusion detection, VPN and other external facing roles to be placed into the virtual environment as well as the frequent goal to virtualize everything.
A more isolating strategy creates a separate environment with hosts dedicated to hosting virtual machines (VMs) that are external facing and not simultaneously host VMs on the internal network. While the hosts may be connected both to the internal and external networks in a DMZ network role, a compromise to the hypervisor or host system would not have as direct of an impact to the VMs running only on the internal networks. This also helps in emergency remediation by allowing a virtual host to be fully isolated or powered off until the issue is identified without impacting the internal network VMs.
When planning your next generation of server-side virtualization, consider the risks of placing internal and external network zones on resources that may contain external facing and internal only VMs. This type of architecture can bake in some inherent security into your environment that may save the day in the event of a zero-day vulnerability situation that affects the guest operating system or the virtualization hypervisor.
The page that displays by default when you enter the hostname of an ESX or VirtualCenter server has links that some administrators like to suppress. In addition to the option to log into the server, there are also links to download the installation program for the VI Client application and the VI SDK and also to log into the scripted installer. Because authentication is not required for the default web page of the server, anybody can download the VI Client to the chagrin of administrators.
Having only the web access login page displayed instead is the preferred way. To get to the login page, you have to click the link from the default page or add “/ui” to your URL.
You can modify the default web page on both the ESX and VirtualCenter servers so the download links are not displayed or simply force a re-direct to the login page instead. To do this, simply follow the steps below. Please note that future upgrades to VirtualCenter or ESX will usually overwrite your changes and you will need to do this again after any upgrades.
For ESX servers, you will need to modify the index.html file that is located in the /var/lib/vmware/hostd/docroot directory on the ESX server. Be sure and make a backup of this file before editing it. You can log into the Service Console and edit it with Nano or use an application like WinSCP to connect to the server and edit the file. For VirtualCenter servers, you will need to modify the index.html file located in the C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\docRoot directory.
If you simply want to hide the download links, you can comment out those lines of code in the index.html file. The comment tags tell the browser to not execute a section of code and are usually used to add documentation to programming code. The start tag is “” (without the quotes). Add “” on a new line after the second tag to comment out the two download links under getting started. Then save the file and refresh your browser and the links should be gone. Alternatively, you can remove the code completely so the links will not be visible if you viewed the source of the web page.
If you wish to automatically re-direct the default welcome page to the login page, add the following line at the beginning of the index.html file: If you do not want the main page to show before the redirect, either delete all the other code in the file or add a “” at the very bottom of the file. This comments out all the code in the file except the first line.