With two clear players emerging in the premier virtualization space, VMware’s ESX Server platform and the Citrix XenServer, every serious virtualization shop needs to evaluate XenServer for fair comparison. Why? Well, right now ESX is the top product in the popular opinion, but after attending a summary of the recent Citrix iForum it became clear that XenServer will pose a significant challenge in all areas to the VMware offering as the resources of Citrix are integrated to the XenServer platform as the products mature. Just to be fair, VMware is constantly working to improve their offerings as well.
Following in the Footsteps of Free Software
Just as Microsoft and VMware released virtualization products as free pieces, XenServer Express Edition is available to use as a free download. The full enterprise management pieces are not available on the free download (as is the case with VMware Server vs. ESX), but this is a great way to get started with being familiar with the XenServer platform. This is critically important as virtualization in the x86 world is relatively young in the data center, so in my opinion there will be many arrivals quickly onto the scene and I do not want to entrap myself into one product without full knowledge of the other offerings.
Explore Additional Management
In part of your evaluation, it may be a good idea to determine the differences from the management side between VMware ESX and Citrix XenServer Enterprise edition. There are some differences, and as the next release of XenServer that has had the Citrix touch on the whole build, there should be some exciting new features that will surely give VMware a challenge for the best enterprise virtualization product. Regardless, we all win, as a better suite of products will be made available to the enterprise.
Two weeks ago, I wrote an article about VMware ACE virtual desktop alternatives Kidaro and vThere. Michael Brennan, a SearchServerVirtualization.com reader and a principal at the 17-year-old Barrington, Ill.-based consulting company Advanced Logic Corp., wrote in with an interesting point of view:
I find it puzzling that the industry is now considering client-side virtualization at all. It will doubtlessly add to the total cost of ownership of the most expensive computing devices in the environment and poses a security risk for the data in the virtual machines (VMs). (Unless you truly believe that the security of a VM can’t or won’t be an issue.)
It also adds a layer of complexity to the user experience that has already been eliminated by the secure deployment of applications and information on corporate portals.
While the client-side virtual desktops could provide application delivery, how will you reconcile the data component on a desktop image?
If you are using only virtual desktops to deliver applications, I would offer that there are several tried-and-true mechanisms for doing that today.
Even virtual desktops running on servers, like VMware Virtual Desktop Infrastructure and Citrix’s XenSource products are essentially trying to reinvent thin client computing with a small twist: by letting the user customize his or her desktop. Using Citrix published applications on PCs rather than Microsoft’s Terminal Services or Citrix’s published desktop, you can achieve the same result. On the client side, you still need the same device for virtual desktops, either a PC or a thin-client device.
(The cost differential between these device types has nearly vanished.)
For mobile computing devices, without technology in place that prevents users from copying corporate data to it in the first place, the whole security enhancement allegedly provided by desktop virtualization is negated.
The issue of lost mobile devices is another serious problem. It can be best handled by existing technologies that automatically disable the device if it doesn’t “phone home” within a configurable time.
The key for our clients: provide appropriate access to corporate applications and data securely and cost-effectively while being sensitive to where the client is and what device he or she is coming in on.
We can deliver on that need cost effectively without client-side virtualization.
Server virtualization blog readers of the world: What are your thoughts? Are client-side virtualized desktops necessary, or did the previously existing technologies serve the needs remote workers well enough?
Are you looking at client-side virtual desktops in your company? What technologies are you looking at (VMware ACE, Kidaro, vThere)?
Just a few days after my last post about Virtual Iron and their wheeling-and-dealing, they sign an OEM agreement with Dell. This little train is starting to sound more and more like a serious contender to the Triad of Virtualization – VMware, Microsoft, and Citrix, with their bargain-basement prices attracting the big OEM deals from the Triad of Server Hardware – IBM, Dell, and HP. Perhaps I’m wrong about them playing in the small sandbox for a while to come – I really expect to see a big bump in their sales numbers, maybe even an IPO someday. While their CEO says they have no intention of direct competition in the Fortune 500 space, the SME space is wide open. Taking on that small-to-midsize enterprise market can mean big bucks, just as much, if not more, thant the F500 if they can get enough market share. The way to do it – OEM deals. Putting their prices in their with VMware’s prices on a web-based server configuration tool is sure to make any manager pause and think.
For most shops, VMware Inc.’s Virtual Infrastructure is plenty scalable — but not for all. Managed service provider Mosso expects to outgrow VirtualCenter within the year, so the company is evaluating the alternatives. It will probably choose something based on Xen. As virtualization matures, I suspect we’ll hear a lot more about the problems plaguing truly large VMware deployments.
In most virtual environments, all the virtual machines on a box share hardware devices, but what if you want to isolate a PCI device to a specific virtual machine? This tip by Xen expert Sander van Vugt shows you how.
As reported in a number of other places, Virtual Iron has been making some great deals lately. They’ve picked up a new CEO, received a large sum (13m) in their most recent round of financing, and have been releasing products fast enough to keep the buzz going even though some (including me) have questioned their viability in light of the Xen/Citrix merger. While there’s no clear word on VI’s strategy for dealing with the merger’s consquences to the codebase, it’s clear that they’re doing the rigjht thing – focussing less on the merger and more on continuing their campaign against VMware. Namely, they’ve been forging ahead with their partnership with Platespin. This partnership has interesting benefits – for those few unhappy VMware customers who are happy with virtualization but not with VMware itself, it’s quite easy to make the change to Virtual Iron VMs using Platespin. It also lends VI an enterprise-credibility because of Platespin’s pervasiveness in the enterprise P2V / V2P / P2P / V2V market.
Then there’s always the price-war Virtual Iron started with VMware. Virtual Iron is not kidding when they say their prices are 20% of the cost of VMware’s VI3 Enterprise. Couple this to the fact that VMware still can’t manage to get the SKU out for their Mid-Sized Acceleration Kit, and Virtual Iron has a strong chance of remaining a serious (if small) competitor to VMware over the long term. In the end, this can only be good for the consumer in the smaller enterprises that Virtual Iron targets. With the backing of Intel, AMD, Platespin, and the of OEM alliances VI has made (HP and IBM offer Virtual Iron and VMware on their hardware), Virtual Iron is looking strong in the face of all comers – Citrix and VMware included.
What about Viridian? I’m waiting on that… given what I think of Virtual Server (nice toy), Vista (insert expletives here), and Server 2k8 (hyper-hype), I’m not any near convinced that Microsoft will put out a real hypervisor to compete with VMware or Xen. Truthfully, I’m more interested in what Phoenix is doing… but that’s for another blog. Time will tell.
Is VMware a better product? Yes, it’s far more mature, and has a much greater support based, it’s also not being limited the way Virtual Iron is by Xen’s requirement to have newer AMD or Intel virtualization-friendly CPUs to run Windows natively. I think real question is this – Is VMware a superior product? On that, I’d have to say no – the little Xengine That Could has caught up quickly, serves similar markets, and beats them on price.
How “three times less overhead” became “three times better performance” is beyond me; but whatever the case, the issue of database performance in a VM is hot again, with VMware bloggers firing back at Oracle’s superiority claims. But with Oracle’s clout in the enterprise, analysts seem to think that IT shops will take a good, hard look at the latest Xen variant.
If you’re testing Xen, we have a new tip for you on hardware drivers in a paravirtualized Xen environment, and the vagaries of dom0, domU, QEMU and the like. And the takeaway is this: Hardware-driver issues become quite complicated on a platform that supports both paravirtualized and fully virtualized drivers.
Meanwhile, over at SearchVMware.com, we learn that VMware’s brand of paravirtualization — paravirt-ops and the Virtual Machine Interface (VMI) — is wowing early adopters. By running paravirtualized Ubuntu on VMware Workstation, blogger Mark Mayo witnessed impressive performance gains compared with running it with VMI disabled.
Also, for those of you following the Microsoft Viridian — ahem, Hyper-V — developments, SearchWinIT news director Margie Semilof uncovers some inconsistencies in Microsoft’s claim that Hyper-V will be a “standalone” and “bare metal” hypervisor. “The reason for all the guessing,” she wrote, “is that Microsoft has offered an architectural picture of Hyper-V that runs on Windows certified hardware and drivers. Since that’s the case, ‘something like Server Core or PE must be inside.'” she quotes Nelson Ruest, a Microsoft MVP and principal at Resolutions Enterprise, a consulting firm in Victoria, B.C., as saying.
Chris Wolf and I were presenting Virtualization 101 in Seattle yesterday when something he said sparked an idea in my usually dormant brain. Okay, it’s not usually dormant, but Seattle is so cold I think half of my synapses aren’t firing! In the process of discussing virtual machines (VMs), Chris mentioned that each major virtualization solutions provider has registered itself with the Institute of Electrical and Electronics Engineers (IEEE) and received one or more Organizationally Unique Identifiers (OUIs). An OUI is 24-bit number that makes up the first half of all of the Media Access Control (MAC) addresses assigned by an organization to devices it produces. MAC addresses are most frequently associated with Ethernet adapters, so why are virtualization vendors registering with the IEEE to obtain OUIs?
Virtualization vendors also produce Ethernet adapters — virtual network interface cards (NICs). Most VMs would be rather useless if they could not access some sort of network, so virtualization vendors must create virtual NICs in order for the VMs to get on the big wide world of Webs. And since these virtual NICs have to participate on the network just as if they were physical, they must use MAC addresses. Because the first 24 bits of these MAC addresses, the OUI, is organization-specific, there is a real potential for network administrators to detect not only if a machine on the network is virtual by its MAC address, but also what type of virtual machine it is (what vendor’s software is hosting it). While best practices dictate that you do not change the MAC address of VMs, enterprise virtualization solutions do present this as an option, and, because of this, here is the scenario I see occurring.
One way to harden the Apache Web server is to use mod_security to alter the Web server’s signature. For example, you can fool clients into thinking that the Web server hosting their favorite videos is actually a Microsoft Internet Information Systems (IIS) 5.0 server instead of Apache 2.2. Administrators do this in order to fool attackers into attempting the wrong types of attack vectors. Even though best management practices dictate that administrators NOT alter their VMs’ MAC addresses, I forsee them doing so anyway in order to fool would-be hackers into attempting the incorrect attack vectors on VMs. For example, if a VM is hosted on ESX and its MAC address has an OUI registered by Microsoft, then a would-be attacker may try known Microsoft Virtual Server or Hyper-V exploits on the VM instead of ESX exploits.
Who knows? Twelve months from now altering a VM’s MAC address to be that of another vendor may be considered a best practice, but right now, with the already complex problem of managing virtual hardware, IT administrators are best served to leave their VM MAC addresses well enough alone.
Of course, that doesn’t stop the idea from being completely and utterly cool!
Hope this helps!
It may be free, but it’s not forgotten — or is it? VMware Server 2 is officially in beta, and while Yankee Group’s Gary Chen took the release as a sign of continued development on the part of VMware, virtualization.info’s Alessandro Perilli isn’t so sure:
It’s evident the company is spending most of its R&D and marketing efforts around ESX Server and Workstation. In 11 months no company (in a big ecosystem of over 200 technology partners) developed products for VMware Server, despite its price and wide feature-set could push adoption like no others.
In other virtualization news, Sun Microsystems Inc. CEO Jonathan Schwartz will take the stage at Oracle’s OpenWorld conference today and is expected to officially announce the company’s xVM virtualization strategy: an x86 hypervisor based on Xen and Sun xVM Ops Center for unified management. Sun has also rounded up support for xVM from Advanced Micro Devices (AMD), Intel, Microsoft, MySQL, Quest Software and Symantec and is launching OpenxVM.org, which Sun describes as “an open source community for developers building next-generation datacenter virtualization and management technologies.”
Speaking of Oracle, VMware isn’t taking this whole Oracle VM thing lying down. Going live today on VMware’s Web site is a page devoted to running Oracle on VMware ESX, with links to white papers, case studies and other resources.
Meanwhile, on our newest site, SearchVMware.com, check out a tip by blogger extraordinaire Scott Lowe on Virtual Desktop Infrastructure and connection brokers, where he breaks down for us exactly what a connection broker does. Pool management, anyone?
Editors’ note: Virtualization Log is a daily roundup of virtualization news and tips published on SearchServerVirtualization, as well as on sister TechTarget publications.
ESX 3i is a great opportunity not only to reduce the local storage footprint requirement, but also provide additional RAM and CPU available to virtual machines. ESX 3i is a small footprint, featuring a hardware integrated hypervisor that provides the VMWare ESX server on a small local footprint at around 32 MB.
While the small footprint is attractive in providing a quick install and minimal build time for adding additional hosts and consistent configuration linearly to the VMWare Infrastructure. The other more attractive, and possibly overlooked piece, is that by removing the customized Red Hat Enterprise Linux (RHEL) operating system that hosts the hypervisor in ESX 3.0.2 and earlier, this can free up between two or three percent of local CPU and RAM resources. Alone those are not much, but consider a large VMWare implementation – saving that much local resources can effectively reduce your number of required VMWare ESX hosts systems by providing that much more resources back to the virtual machines. For example, if you have 100 VMWare ESX hosts, you have effectively added the CPU and RAM power of 2 or 3 VMWare hosts by removing the RHEL layer from the host with certain host configurations.
This is a positive direction for the ESX product. For those of you who are historically Windows administrators, how frequently have you tried to do something in the ESX RHEL that didn’t quite turn out as you expected? My secondary virtualization mentor told me:
“If you don’t know anything about Linux or Unix – that will be great for an ESX administrator. If you do have experience there, don’t make assumptions based on the standard product” when introducing ESX.
For most situations where I have tried to do tasks outside of Virtual Center or the ESX install, some other issue has arisen. This, of course, is excepted when VMWare documentation gives Linux commands to perform tasks, David Davis’ recent blog on enabling SSH and SFTP on ESX is a good example. By removing that layer, the ESX product is more aligned to what it needs to do — providing horsepower to guest operating systems with central management.
Does the world really need another hypervisor? Oracle clearly thinks so, and it announced Oracle VM, its version of the open source Xen hypervisor. The cool thing is Oracle pledges to support a wide swath of its enterprise apps running in a VM. But for now, the company’s per-CPU pricing remains unchanged, negating much of the economic incentive to virtualize an application.
In the market for a new server? Dell’s new PowerEdge R900 server is seemingly tailor-made to run as a virtualization host. Among other impressive specs, the 4U behemoth features a 32 dual in-line memory module slots, which by my feeble math, equals 128 GB of total system memory (32 GB*4 GB=128 GB).
Or if its Hewlett-Packard hardware that your data center sports, know that there are some new virtualization features available in HP Insight Control, the company’s x86 server hardware management software. Among them are Virtual Machine Manager 3.0 and the HP Server Migration Pack, which will take you from physical to virtual and back again.
Editors’ note: Welcome to Virtualization Log, a new feature we’re trying out on the SearchServerVirtualization.com blog. Look here for a daily roundup of virtualization news and tips published on the main site and on sister TechTarget publications.