Year: 2006

While RackForce is already providing web hosting with SWsoft Virtuozzo technology, they just expanded offering introducing Virtual Private Servers with Microsoft Virtual Server 2005 R2 (which sounds a bit strange indeed).

Quoting from Host Search:

Web hosting provider RackForce has announced the launch of Windows-based virtual private server (VPS) options. The company claims to be the first to offer this technology (based on Microsoft Windows Server 2003 and Microsoft Virtual Server 2005 R2) to the web hosting market.

The latest addition to RackForce’s Dynamic Dedicated Server (DDS) products, the company’s VPS utilizes a Dual Xeon Processor server which creates eight environments that replicate dedicated Windows server functionality. The package also includes Windows Server 2003 Web Edition, a 10Mbps connection, Plesk for Windows (optional) and FortiGate Firewall Intrusion Protection…

Read the whole article at source.

Let’s Talk Computers ranks as one of the longest running radio computer talk shows, distributing up-to-the minute computer information since 1989. Produced in Nashville, Tennessee, USA, it is broadcast via radio in Tennessee, Kentucky, Alabama, Illinois, Indiana, Texas and New Mexico and on the world wide web via the Internet.

Yesterday they hosted Chris Henley from Microsoft to talk about Virtual Server 2005 R2:

Microsoft offers a wide range of products and services designed to empower people through great software — any time, any place and on any device. Chris Henley, Microsoft IT Specialist talks about the many advantages to using Virtual Server in our business applications. Virtual Server 2005 R2 is the cost-effective server virtualization technology engineered for the Windows Server System platform. As a key part of any server consolidation strategy, Virtual Server increases hardware utilization and enables organizations to rapidly configure and deploy new servers.

Here the podcast in Read Audio or Windows Media Player.

Let’s Talk Computers is also hosting another 1 month older podcast about Virtual PC: Read Audio or Windows Media Player.

Akimbi realized an interesting whitepaper about automatic provisioning with virtualization:

Two trends in enterprise software development – the accelerating adoption of distributed application architectures (the service-oriented architecture, or SOA, being the state of the art approach) and the outsourcing of software development activities – are undermining the effectiveness and efficiency of prevailing enterprise software development lifecycle (SDLC) processes and the infrastructure supporting these processes. Across the board, enterprise software development organizations are grappling with:

• Server Sprawl
  Organizations face an explosion in the number of machines required to develop and test enterprise applications, with some application development (AD) organizations reaching server- to-staff ratios of greater than 7:1, even though average server utilization rates are often below 10%. Servers are hoarded under desks and duplicated across underutilized labs housed in data centers that are short on space, power and cooling capacity.
• Setup and Provisioning Overhead
  An enormous amount of time is wasted on repetitive system setup, provisioning and configuration tasks, done in preparation for software development and test activities. These tasks often account for more than 50% of the total time expended in an application development and test cycle.
• Costly System Failures
  Difficulties reproducing, diagnosing and correcting software defects discovered in remote development facilities, or by outsourcing partners, are leading to serious system failures in production, when the cost to repair can be over 470x higher than if resolved earlier in the AD process.

…

Download it here and consider attenting the related webcast.

Akimbi is arranging a new webcast for 5th April:

Register now to join Mercury, Akimbi Systems, and our joint customer as we explore how new lab automation technology combined with functional testing tools is changing the way test and quality teams manage their test cycles and processes. As a QA professional, you must attend this one-hour webcast if you can identify with any of the following:

• You wait too long for your test environments to be configured and deployed
• You find it difficult to configure test environments to be “as close as possible to production”
• Reproducing bugs is challenging at best, impossible at worst, and delays the delivery (or compromises the quality) of your software
• Excessive servers, networking equipment and other resources are sprawled throughout the organization – yet you always seem to need more to support all the environments required to complete testing

Attend this Session and Learn:

• How the “automated test bed” will change testing best practices forever, from a customer perspective
• How to create this revolutionary “one-touch” testing using Mercury Quality Center and Akimbi Slingshot
• How this solution can deliver ROI to your organization

Register for it here.

Since years researchers looks for method of discovery when a program is running inside a virtual machine. In a near future this could be even more important if virtualization rootkits will really start to spread.

Since November 2004 virtualization.info posted several articles about this topic:

• How to detect virtual machines softwares
• How an application can detect if is running inside a Microsoft Virtual PC virtual machine
• How an application can detect if is running inside a VMware virtual machine

Today the first methods posted, RedPill and scoopy_do, has been further developed and described in this new whitepaper: Detecting the Presence of Virtual Machines Using the Local Data Table:

The SIDT mechanism as implemented by Tobias Klein [1] and separately by Joanna Rutkowska [2] is a method for detecting the presence of a virtual machine environment. While the test is by no means thorough, it is an effective test for the presence of an emulated CPU environment on a single-processor machine. There are various problems with the implementation, however.
…
Our method is a variant on the SIDT process used by Redpill and scoopy_doo. We use the Local Descriptor Table (LDT) as a signature for virtualization. The LDT provides segmentation for operating privilege changes. It provides the base addresses, access rights, type, length, and usage information for each segment…

Sun Solaris 10 Express 3/06 has been released and it provides nice features for Zones.

Quoting from release notes:

Two new subcommands, move and clone, have been added to the zoneadm command.
Zone move and clone features enable the following operations:

• Relocate a non-global zone from one point on a system to another point on the same system
• Rapidly provision a new non-global zone based on the configuration of an existing zone on the same system

Download Solaris Express 3/06 here.

If you are interested in Solaris (and you would try Zones) you could find interesting my How to install Sun Solaris 10 inside VMware Workstation 5.5.

Since there is a lot of confusion about Solaris 10 I’d like to spend few words detailing differences:

• Solaris 10 is the official Sun release of its operationg system, updated just after consolidating many improvements and considering them stable.
  At today we just have Solaris 10 Update 1 (called Solaris 10 1/06).
• Solaris Express is the development version of Solaris 10, updated quite every month (so 3/06 means Express build for March 2006 ), and marked with a build name (this one for example is Nevada build 33).
  If you are confident with Microsoft technologies it’s what the Redmond giant is calling Customer Technology Preview (CTP) since some months.
• OpenSolaris is a subset of Solaris 10 (and then of Solaris Express), made available as open source, and providing operating system source code, ready to be compiled with Sun Studio 10 (and gcc after some more debugging from Sun engineers).

A little confusing huh? To summarize:

• If a new virtualization feature appears on Solaris Express it’s not to be considered stable and good for production until it’s included in a Solaris 10 Update.
• This virtualization feature could be not released as open source by Sun, so it won’t appear on OpenSolaris.
• Solaris 10 and further Updates are the only kind of Solaris operating system a virtualization platforms like VMware would support.

Fedora Core 5, expected for Monday, has been already released since yesterday and it’s circulating on several mirrors, torrents and so on.
And it’s opening the grand virtualization season of Red Hat, as anticipated in this press release.

Reading from release notes we can see deep integration of Xen:

Virtualization in Fedora Core is based on Xen. Xen 3.0 is integrated within Fedora Core 5 in the installer.
…
The Xen virtualization system has enhanced support. The tools to configure Xen virtual machines on your Fedora Core 5 system now use the standard graphical installation process, run as a window on your desktop. Fedora developers have also created gnome-applet-vm, which provides a simple virtual domains monitor applet, and libvirt, a library providing an API to use Xen virtualization capabilities.

The most important document about this integration is the Installing Xen Guests with Fedora Core 5.

Download FC5 here (while waiting official FTP upload).

The introduction of free virtualization tools Player and Server aren’t just going to change the virtualization market, but the company itself, starting from its sales channel.

At today VMware has a very articulated partnership network, counting Technology, OEM, Distributing, Reselling and Consulting partners.
Putting aside Technology partners, all others will be influenced and possibly invested by the VMware free virtualization strategy.

Resellers will be the first, real suffering part of the channel.

They are now divided in VIP Professional, authorized to sell VMware Workstation, ACE, VMTN, GSX Server and VirtualCenter products, and VIP Enterprise, authorized to sell all products (which translates in selling ESX Server, VirtualCenter and P2V Assistant).

GSX Server is gone for good, replaced by the free Server, and at today isn’t clear if the new product will be supported by VirtualCenter or not.
At the same time Workstation sales will be partially corroded by spread of free Player, hugely boosted up by the recent VMware Challenge.

What VIP Professional will sell then? Workstation, ACE (which is in absolute the less pushed VMware product since ever) and the VMTN subscription.

But, and I speak after an experience of 1 year and a half heading a VMware VIP Professional reseller company in Italy, isn’t a secret that buying Workstation or VMTN subscription by a reseller is quite unpractical for customers: both products can be bought online with immediate availability of registered serial numbers, while buying them through resellers take a whole month (and sometimes even more).
And considering low discounts a VIP Professional is able to apply, is quite unlikely a customer would give up online purchase just to save 10 dollars.
Finally, it’s quite probable VMware will lower resellers discount margin at the Server market launch, to amortize the huge investment done converting GSX Server in a free solution.

So, whatever Server will have or not VirtualCenter support, VIP Professional are doomed to disappear, unable to sustain profits just selling few copies of ACE and a bunch of Workstation and VMTN.

On the other side Enterprise resellers and partially distributors will have soon to face problems as well: their sales, already compromised by direct bundling of VMware products with OEM datacenter hardware (IBM or HP for example), will lower even more when the so called Virtual Infrastructure 2.0 (ESX Server 3.0 + VirtualCenter 2.0) will be out on 2H 2006.

New features this release will offer and the many will follow with new releases, will oblige a customer, new to virtualization and decided to adopt it through ESX Server, to immediately buy certified servers (by IBM or HP for example) and a Storage Attached Network (by IBM or HP for example).

So the more powerful the VMware infrastructure wil become, the more chances OEMs will have to sell products from themselves, mutilating VIP Enterprise partners and distributors businesses.
At the same time Consulting partners will have every day less space, obliged to resell their skilled professionals directly to OEMs, which will be able (and are already able today) to offer a complete bundle to customers.

At a point, and I’m informed it’s already happening, OEMs will give VMware products for free, just to place their hardware on customers datacenters. How others could ever compete?

At the end of the day we should expect a deep crisis in the sales channel unless VMware does one of these 2 things or both:

• remodel the channel to adapt it to the ongoing strategy
• release soon new products to be sold on today’s sales infrastructure

In any case it won’t be easy.

Ready or not virtual infrastructures are a reality. And exactly like physical infrastructures they need security tools to protect traffic through the virtual networking.

To do so you can put a traditional tool (firewall, IDS, IPS) on a virtual machine and act as usual, but there is a big problem: 100% security products are not supported inside virtual machines at today.
So it’s very good to finally see a product born to be deployed in virtual environments.

Quoting from the Reflex Security official announcement:

Reflex Security, a pioneer in network intrusion prevention, today announced Reflex VSA, the industry’s first virtual security appliance for virtualized environments. Reflex VSA allows enterprises deploying virtual computing technology to secure virtualized networks with firewall protection and intrusion prevention.

The patent-pending technology fills the security void left by traditional network security solutions that reside outside of the virtual machine host and are not fully capable of detecting and protecting against breaches inside virtualized resources.
…
Reflex VSA creates a virtualized network security appliance that operates within a virtual network and replicates the operational attributes and interfaces of a physical network security appliance, while supporting the Reflex Security software applications.
…
Features available in the Reflex VSA include:

• Access firewall, providing permission policy enforcement for intra-host and external network communication
• Intrusion Prevention via deep packet inspection and inline blocking/filtering for virtualized networks
• Anomaly, signature, and rate-based threat detection capability to defend against DoS attacks, flood attacks, malicious content, viruses, etc.
• Network Discovery to quietly discover and map all virtual machines and applications running in the virtualized environment
• Network Defender, allowing the ability to remove a virtual machine from a network by communicating with a virtual switch and blocking the port
• Reflex Command Center, providing a centralized configuration and management console, comprehensive reporting tools, and real-time event aggregation and correlation

The Reflex VSA will initially support the VMware ESX server…

Another script from Ben Armstrong.
This time he teaches how to automatically launch virtual machines in a Virtual Server 2005 environment when the host operating system boots up:

Set objVS = CreateObject(“VirtualServer.Application”)
Set objVM = objVS.FindVirtualMachine(“VM Name”)
objVM.RunAsDefinedAccount = True
result = objVM.SetAccountNameAndPassword(“DOMAIN\Username”,”Password”)
objVM.AutoStartAtLaunch = 2

Be sure to read the original post for comments and updates.