VMware’s whitepaper Microsoft Virtualization Licensing and Distribution Terms has generated a flood of articles by the IT trade press, and SearchServerVirtualization.com is no exception (See ‘VMware criticizes Microsoft virtualization licensing‘). Now that the story is up, I’m left wondering whether in this case, is Microsoft really trying to stymie competition, as VMware contends, or is it also possible that Microsoft, like every other software vendor on the planet, is grappling with how best to approach software licensing in this brave new virtualization world?
In Microsoft’s defense, the company has made some very virtualization-friendly moves as of late. In October, it announced Windows Server 2003 Datacenter Edition, which allows for an unlimited number of Windows Server VMs running on a system. According to Microsoft’s Windows Server Virtualization Calculator, it’s more cost-effective to buy the unlimited virtualization license over Enterprise Edition after just nine VMs on a two-processor server. The company made a similar announcement last week with SQL Server 2005 Enterprise Edition — pretty cool.
The revelation that reassigning Windows Server licenses between hosts is prohibited more frequently than once every ninety days came as a surprise to everyone I talked to, so I’m wondering whether this is more of hypothetical threat than a reality? Have any actual VMware customers out there changed or discontinued their use of VMotion and Distributed Resource Scheduler to comply with this license provision? If that describes you, email me at firstname.lastname@example.org.
Thomas Ptacek writes about two ways virtualization complicates life for systems security people in his blog entry, Dark Reading on Virtualization Security.
First of all, he says, “you now face the spectre of guest-hopping attacks, which are vulnerabilities in your hypervisor that allow you to beat VM protection and gain access to other hosts. The driver for these attacks is that a hypervisor has to provide at least the illusion of a ‘ring 0’ for a guest operating system to run in.” Secondly, he adds: “If you’re on the same hardware as your target, you have significantly improved timing channels to pry encryption secrets out with.”
Fortunately, he has some ideas on how to handle these problems. So do the other writers for Matasano Chargen, a blog about information security.
Virtualization security is on our readers’ minds, too, and we’re answering their requests for advice. Check out Chris Wolf’s advice on virtual switch security on Virtual Server, VMware and XenExpress and the virtualization security series by Harley Stagner, in which he suggests ways to improve Microsoft Virtual Server security.
What aspect of virtualization security is bugging you? What should IT shops really be worried about?
This week, Microsoft revamped pricing for SQL Server 2005 whereby “Enterprise Edition” customers can run unlimited instances of SQL Server within virtual machines of any denomination — VMware, Microsoft Virtual Server, etc… Compare this with SQL Server Standard Edition, which is licensed per physical or virtual processor.
At first blush, this seems like a pretty good deal, kind of like the unlimited virtualization with Windows Server 2003 Datacenter Edition. But the more I think about it, the more I wonder — just how many folks is this really pricing really going to affect? First of all, how many SQL Server instances would one need to run per host in order for this deal to make economic sense? More to the point, how many shops are really running databases in virtual machines? And even if they are, don’t virtualization best practices state that we need to mix up our workloads?
Anyway, these are just some preliminary thoughts. If you’re running databases within VMs — particularly big honking I/O intensive ones — leave a comment; I’m curious to hear about how it’s working out.
Since I joined the site, I’ve watched our contributors help our tip section grow with some phenomenal series-length tips. To date, the best have been:
- Optimizing Microsoft Virtual Server 2005, by Anil Desai
- Getting started with VMware on Windows, by Andrew Kutz
- Microsoft Virtual Server from the ground up, also by Anil Desai
- Step-by-step virtualization, by Alessandro Perilli
- and Choosing the right virtualization solution, another by Andrew Kutz.
…at least in my opinion. Have you used them? Were they helpful? Comment and tell us. Also let us know what you’d like to see more of.
Just recently published a new guide by Alessandro Perilli, which talks about virtual machine backup, how to create failover structures, configure clusters and automate the provisioning of virtual machines.
Next up is a new series by Anil Desai. He gets in to detail about automating Virtual Server using Visual Studio .NET and VBScript.
Lastly, welcome to our blog! We’ve been talking about this for a while, and we’re all pretty excited about it. We hope you join right in and comment away. After all, it’s our readers that make our site.