Virtual machines, containers, functions. Market knowledge for IT decision makers since 2003
Massimo Re Ferrè, an IBM IT Architect and a very active VMware newsgroups user, wrote an interesting paper about Server Consolidation with IBM xSeries products.
After a first introduction about typical problems about server consolidation he introduces Blade Servers and VMware ESX Server solutions, trying to consider what kind of virtual machines are good for ESX and why.
An interesting work Massimo! We wait for the second paper…
Virtual SMP is an addon module, actually available only for ESX Server, that permit a VM to see more than only one CPU (only if host hardware is multiprocessor).
At today GSX Server and Workstation don’t benefit of this module nut with GSX 3.0.0 release something could change: if you carefully look at new GSX web interface you can notice a well declared “VM processors number” information. This doesn’t prove anything but I can imagine that this change is introduced for the next Virtual SMP version compatibility.
ATTENTION: No informations about next VSMP are available from VMware so this is just a speculation.
A new webcast is available on VMware website about the new server product. It’s lead by Erich Horschman, GSX Director Product Manager, and features Live Screencam scenes.
Here the summary:
Launching the next generation of VMware GSX Server.
VMware GSX Server is enterprise-class virtual machine software for software development and testing operations as well as departmental server consolidation projects.
New in GSX Server 3:
– VMware VirtualCenter support
– Virtual machine mobility
– Better Usability
– New unified console
– Snapshots
– VM Auto-start/Auto-shutdown
– PXE Support
– Improved Performance and Scalability
– Enhanced Windows Integration
– New Host OS Support
– New Guest OS Support
In this live, interactive introduction to the VMware virtualization technology, focusing on what’s new in GSX Server 3, you will see industry statistics, customer case-studies, a live demo and Q&A from attendees.
Just go to the webinars page and enjoy the 48 minutes show.
Because of the naming-convention change first unveiled by Bob Muglia at MMS 2004, the Virtual Server product previously tagged as ‘2004’, is now referred to as Virtual Server 2005. The first beta of Virtual Server 2004 released to testers last year was v1.1.321, here’s a quick preview of one of the first builds under the 2005 name, v1.1.416.
Virtual Server is Microsoft?s virtual machine (VM) solution that enables Windows servers to run multiple operating systems concurrently. Virtual Server enables simplified application migration, flexible server consolidation, and automated rapid deployment. Virtual Server represents a key deliverable on the Dynamic Systems Initiative (DSI) roadmap.
Overview of Changes:
– Security enhancements – Virtual Server now uses file system access control lists (ACLs) to manage access to virtual machines, virtual disks, and virtual networks.
– SCSI support – Small computer system interface (SCSI) support is now enabled for four buses with seven devices per bus, and each SCSI drive can be up to 2 terabytes in size.
– Improved large memory support – Virtual Server now includes improved support for running large numbers of virtual machines on physical computers that have up to 64 gigabytes (GB) of memory, provided Physical Address Extension (PAE) is enabled on the host operating system.
– Global Resource Allocation Page – Virtual Server now includes a Global Resource Allocation Page providing all virtual machine resource allocation settings on a single page.
– Globalization – Virtual Server now supports host operating systems that use double-byte characters.
– Named Password Authority service – Virtual Server now includes a Named Password Authority service. This supports automatic virtual machine startup because you can specify the logon credentials for a virtual machine.
– Clustering support – Clustering is now enabled for simple failover between two virtual machines.
*Not all of these features/changes are exclusive to the ‘2005’ build, some were present in previous betas.
Prices for the retail version of Virtual Server 2005 have not been unveiled yet, however Microsoft is promising low prices. According to Bob Muglia, senior vice president for Microsoft’s Windows Server Division, “Virtual Server will be the lowest cost way of doing this in the industry”.
Go to Winbeta (my news source) website to see many screenshots!
After my post about discovering Microsoft VM running, here the same for VMware VMs.
Credits to SecuriTeam.
Background:
VMware contains a program called “VMware Command Line Tools”, these tools need to communicate with the host via the VMware virtual machine (the same method is used by the official VMware-Tools).
The basic idea is that the communication is done through a special I/O port specific to the VMware virtual machines. The following sequence is used to call VMware?s environment:
MOV EAX, 564D5868h ; Magic Number
MOV EBX, COMMAND_SPECIFIC_PARAMETER
MOV ECX, BACKDOOR_COMMAND_NUMBER
MOV DX, 5658h ; Port Number
IN EAX, DX
Though it may appear to be an ordinary I/O access routine at first glance, several VMware specific mechanisms are involved in this. What is not apparent from this example is that data can be transferred to both directions with this routine. As shown in the example, the Magic number is stored in EAX and other certain values are stored in EBX and ECX prior to executing IN instruction. Although values in these registers have no effect on IN instruction in real machines, VMware?s environments use these values as their input parameters. Also some functions return their results in EBX, ECX and EDX as well as in EAX. Consequently, you can not use C library functions to access this Backdoor port (e.g. _inp() function in MSVC runtime library), because those functions never expect these registers to be changed by IN instruction.
Technical Details:
As the above I/O port doesn’t exist on non-VMware environments, a malicious code can detect whether it runs under VMware or not, and act accordingly.
Proof of Concept:
Andrew Hintz has created a small Linux based program that detects whether it runs under the VMware environment:
/*
* 4tphi-vmchk.c
* Detects if you are in a VMWare virtual machine.
*
* Written by Andrew Hintz
* and AAron Walters
* Fortify Research Laboratories
*
* “Oft at the hives of his tame bees
* They would their sugary thirst appease.”
*
* This program is based on info and code from:
* http://chitchat.tripod.co.jp/vmware/
* by [email protected]
*
* Notes:
* The program can be run as a normal user.
* We tested the program only in x86 Linux.
* The m4dn3ss lives on!
*/
#include
#include
#if __INTSIZE == 2 /* 16 bit environment */
typedef unsigned int uint16;
typedef unsigned long uint32;
#else /* 32 bit environment */
typedef unsigned short uint16;
typedef unsigned int uint32;
#endif /* __INTSIZE */
void segfault(){
printf(“Not running inside VMware.\n”);
exit(1);
}
int main(){
uint32 verMajor, verMinor, magic, dout;
signal(SIGSEGV, segfault);
__asm__ __volatile__ (”
mov $0x564D5868, %%eax; /* magic number */
mov $0x3c6cf712, %%ebx; /* random number */
mov $0x0000000A, %%ecx; /* specifies command */
mov $0x5658, %%edx; /* VMware I/O port */
in %%dx, %%eax;
mov %%eax, %0;
mov %%ebx, %1;
mov %%ecx, %2;
mov %%edx, %3;
”
: “=r”(verMajor), “=r”(magic), “=r”(verMinor), “=r”(dout)
);
if (magic == 0x564D5868) {
printf(“Running inside VMware. “);
printf(“(Version %lu,%lu)\n”, verMajor, verMinor);
/* I’m not really sure what the versions mean. */
}
return 0;
}/* end main */
/* end of file */
Not happy enough to release WS 4.5.1 and GSX 3.0.0, VMware folks released a new free utility, called DiskMount:
With the VMware DiskMount utility, a VMware virtual disk file can be mounted as a Windows drive letter for read/write access to the files it contains. VMware DiskMount supports virtual disk files created with VMware Workstation 4, VMware GSX Server 2.5.1 and 3 and VMware ESX Server 2. VMware DiskMount can run on Windows 2000/XP/2003 hosts
It’s great, but there are two limitations:
1) It doesn’t work with Workstation 2.x and 3.x virtual disks generations (to mount them you’ll still need to use the optimum VDK tool from Kenji Kato)
2) VMware doesn’t provide support for DiskMount
Anyway a great release!
What if you are a developer and don’t want your application to run in a VM? Or what if you want your application to install (or behave) in a different way when target OS is a virtual one?
Paul Adare, one Virtual PC Most Valuable Professional (MVP), wrote a simple WMI query that verify if you are running on a VM:
On Error Resume Next
strComputer = “.”
Set objWMIService = GetObject(“winmgmts:\\” & strComputer & “\root
\cimv2”)
Set colItems = objWMIService.ExecQuery(“Select * from Win32
_BaseBoard”,,48)
For Each objItem in colItems
if objitem.Product = “Virtual Machine”
Thanks Paul!
Old VMware products supported SUN Solaris 8 guests, but in the last generations don’t provide this support anymore (probably because only few customers use it).
Since some months a new thread started on official web forum about Solaris support, and a large number of customers are strongly requiring official support return.
What is really interesting is that these customers are asking support not only for guestOS, but mainly to have Solaris as hostOS, claiming that VMware server products would be used in large farms immediately.
VMware folks should reconsider Solaris support for guestOS and evalutating SUN platform use for hostOS, mainly because Solaris 10 is coming and SUN has already released AMD Opteron 64 bit servers where to deploy the new OS.
This events could bring Solaris to a key position in most wanted virtualization hardware platforms table.
P.S.: Even if official support for Solaris guestOS doesn’t exist, it’s proven that Solaris 8, 9 and 10 beta works well on VMware VMs.
According to my previous post MS is preparing Automated Deployment Services 1.5 that will be able to provide P2V (and eventually V2P) migration at no cost (considering that ADS 1.0 at today is a free package).
If so and if ADS will work for VMware VMs also, all commercial P2V solutions available (from VMware itself, Platespin, Leostream) could become senseless.
Then the only reason to pay for a commercial P2V solution could be having the tool available for Linux platforms, but this will be enough to justify costs around $15.000…?
Posted at 11:43
Taken from MSFN:
In spite of a significant delay in its release, Microsoft this week will tout its forthcoming Virtual Server 2004 as a key deliverable of its Dynamic Systems Initiative and plans to enable its existing management servers to manage virtual machines.
At the Microsoft Management Summit 2004 in Las Vegas, executives will discuss plans to make available during the second half of 2004 several new offerings for virtual machine management, including the Microsoft Operations Manager 2004 Virtual Machine Management (VM) Pack as well as Systems Management Server 2003 Service Pack 1 with virtual machine support, sources say. Additionally, Microsoft is readying to move into beta this May an Automated Deployment Services 1.5 upgrade that will ease deployment and management of multiple virtual images on a single server, sources say.
Microsoft would not comment on this story…
Read whole article at CNR website.