Year: 2007

In a recent blog post published by CNET News, Matt Asay, Vice President of Business Development at Alfresco, reveals Novell tried to acquire XenSource nine months ago:

…

It’s also the reason that Novell failed to entice XenSource into an acquisition when it was knocking on Peter Levine’s door nine months ago. It tried the “fork” argument, and gave a low valuation as a result. Guess who acquired XenSource?…

After the XenSource acquisition by Citrix, a Xen fork may become a needed option for virtualization competitor Virtual Iron. If Novell was contemplating this scenario nine months ago, it may reconsider a partnership with Virtual Iron, or even an acquisition, to achieve the task.

As silently as with Propero acquisition, VMware acquired security firm Determina.

The news was passed to Gartner the same day the company launched its IPO:

On 13 August 2007, VMware informed Gartner that it has acquired Determina, a vendor of a host-based intrusion prevention system (HIPS) technology. There has been no public announcement of the acquisition.

Determina brings two HIPS capabilities to VMware. First, the Determina Memory Firewall HIPS solution protects an operating system (OS) and applications against unauthorized memory and program control-flow manipulation – for example, heap and stack overflows, buffer overflows, and similar techniques used by hackers to inject malicious code into running processes.

Second, as a byproduct of its memory protection approach, the Determina technology can also be used to inject new (or modified) code on the fly. This ability to perform “hot patching” is the foundation of the Determina LiveShield solution – a shielding alternative built by reverse-engineering patches used to protect vulnerable systems without a reboot until a permanent patch can be applied.

…

We believe that these capabilities will be included at no cost in one or more future versions of VMware products, including the ESX hypervisor. The Determina technologies will be discontinued for stand-alone purchase, regardless of whether they would be used for VMware-based guest OSs…

Read the whole Gartner analysis at the source.

Determina solutions are interesting: read a 12-pages whitepaper about the technology approach here, and watch a 1-hour video about the kind of attacks the company can protect against here.

Like Determina, other security firms adapted their technologies to new virtualization scenarios, but all of them are simply deploying existing products inside a virtual machine instead of a physical server. With Determina acquisition, VMware will probably introduce the first real security solution to protect virtual machines at the host level.

VMware is working also on another security solutions called Update Manager, which is able to simplify and in some cases automate the patching of guest operating systems. Update Manager will be part of upcoming ESX Server 3.1 as virtualization.info revealed last week.

Thanks to SearchSecurity for the news.

In March 2007 Ulrich Drepper, the GNU libc maintainer, was defending KVM project against immaturity claims.

One day before VMware IPO he’s back again on the topic, this time severely criticizing Xen / ESX Server hypervisor architectures (which implies criticizing upcoming Microsoft codename Viridian architecture as well):

People are starting to realize how broken the Xen model is with its privileged Dom0 domain. But the actions they want to take are simply ridiculous: they want to add the drivers back into the hypervisor. There are many technical reasons why this is a terrible idea. You’d have to add (back, mind you, Xen before version 2 did this) all the PCI handling and lots of other lowlevel code which is now maintained as part of the Linux kernel. This would of course play nicely into Xensource’s (the company) pocket. Their technical people so far turn this down but I have no faith in this group: sooner or later they want to be independent of OS vendors and have their own mini-OS in the hypervisor. Adios remaining few advantages of the hypervisor model. But this is of course also the direction of VMWare who loudly proclaim that in the future we won’t have OS as they exist today. Instead only domains with mini-OS which are ideally only hooks into the hypervisor OS where single applications run…

Drepper is employed by Red Hat, which is integrating Xen in its distribution for a long time, but recently stopped mentioning the term Xen at all. Now that XenSource, employing many Xen developers, has been acquired by Citrix, Red Hat may find difficult to still stick with Xen.

Is Drepper offering persuasive argumentations to make his employer switch to KVM?

Ulrich Drepper is not the only open source code guru against virtualization players: yesteday it emerged that also Christopher Helwig, Linux SCSI storage maintainer, is openly against VMware ESX Server, considering the hypervisor a violation of GPL license.

Thanks to OSNews for the news.

Apparently VMware is in hurry to clarify its channel on how much better its technology is compared to the new Citrix/Xensource platform. And didn’t go soft.

virtualization.info has received a letter addressed to VMware partners just one day after XenSource acquisition which clearly exposes how tough the competition will be:

…

XenSource failed to gain measurable market share. Its upcoming XenEnterprise v4 release still has major shortcomings compared to VMware Infrastructure 3.

Citrix provides impressive technology, but its competencies and resources are not in the field of system-level virtualization, which is what XenSource needs in order to deliver an enterprise virtualization solution.

…

XenSource still cannot deliver the capabilities of 3rd-generation VMware virtual infrastructure. Citrix technology will not fill those gaps. Citrix can only ask customers to wait and forego immediate VMware Infrastructure 3 savings and infrastructure benefits.

The core of the XenSource solution, the Xen hypervisor project, is failing as it splinters into incompatible, proprietary offerings. The Open Source community is shifting support to KVM. Citrix may end up in possession of an abandoned hypervisor.

…

XenSource’s architecture is unproven and less suitable for VDI. An integrated Citrix/XenSource VDI solution will be unavailable for a long time.

…

XenSource only has 500 customers, according to recent statements. Its lack of recognizable reference customers impedes partner selling efforts.

Citrix will need to address XenSource’s limited web-only support model and lack of professional services resources before partners can reliably trust XenSource products with their key customers…

VMware spent many months pushing Citrix VDI solution to its customers, and now finds the company as the biggest competitor, more capable to act than Microsoft.

Citrix may react on such aggression dropping VMware support from its Desktop Server connection broker product.

Two days after VMware IPO and one days since Citrix announcement of XenSource acquisition investors answer this way:

(VMware is compared with its parent company EMC)

(Citrix is compared against its new competitor VMware)

On Microsoft site dedicated to betas, Connect, a new program just appeared: codename Himalaya.

The brief description and enrollment survey reveal it’s a solution to automate patching of powered off virtual machines, a critical feature in large scale virtual datacenters.

Codename Himalaya may become a feature included in further versions of upcoming System Center Virtual Machine Manager 2007.

Enrollment period ends September 9. After that date Microsoft may release more informations about this new project.

Is this Microsoft answer to new VMware patch management solution, Upload Manager 1.0, to be released with upcoming ESX Server 3.1?

Update: Microsoft immediately removed the beta program from Connect.

In a post on its corporate blog, Larry Orecklin, General Manager at Microsoft, announced System Center Virtual Machine Manager 2007 (SCVMM) will be released at the end of this month.

He also hinted that more virtualization products will appear during Q3 2007, which means Microsoft will probably release a first beta of its upcoming hypervisore codename Vidirian in this timeframe.

The virtualization.info Virtualization Industry Roadmap has been updated accordingly.

Formerly called BrandZ, Solaris Containers for Linux Applications is a major improvement in Sun OS virtualization technology included with its Solaris 10.

Sun started this project at end of 2005, as a general framework to allow applications from other operating systems to seamless run inside a Solaris container (aka zone).

First implementation, focused on Linux and interanlly named lx brand, made its way inside OpenSolaris distribution in Septmber 2006. Now, after one year and a half since beginning, Sun is finally ready to include it in official OS code with upcoming Update 4.

Solaris Containers for Linux Applications, as it was finally renamed, will allow Sun customers to run unmodified Linux binaries made for Red Hat Enterprise Linux and CentOS.

The update is expected to be released August 27 at no charge as usual.

Sun was also expected to include Xen in further updates of Solaris, but Citrix acquisition of XenSource may halt this project.

Complexity of ESX Server architecture, using a custom Linux distribution for its Service Console component, always created doubts about how VMware should act to respect GPU license.

After its successful IPO, the topic attracted new interest, at a point that VentureCake assembled a very long and detailed analysis of why ESX should be considered illegal.

Agreeing or not with such analysis, it spread lights on a new and very interesting element: one of top Linux maintainers, Christopher Helwig is openly against VMware and would like to sue the company. In details:

VMware uses a badly hacked 2.4 kernel with a big binary blob hooked into it, giving a derived work of the Linux kernel that’s not legally redistributable. I unfortunately don’t have enough copyrights on that particular version to sue them. I do object to use of any open-iscsi code of my origin to be used with it, though.

VentureCake also reveals how VMware is well aware of this, since Zachary Amsden, VMware hacker, received a direct answer from Helwig about the topic:

Until you stop violating our copyrights with the VMWare ESX support nothing is going to be supported. So could you please stop abusing the Linux code illegally in your project so I don’t have to sue you, or at least piss off and don’t expect us to support you in violating our copyrights.

I know this isn’t your fault, but please get the VMware/EMC legal department to fix it up first.

Read the whole VentureCake analysis at source.

Read Slashdot discussione about it here.

Quoting from IT Week:

Oracle has admitted it is “too complicated” to develop a licensing model that accounts for software running on virtual servers, despite the growing adoption of virtualised environments at many large enterprises.

Speaking yesterday, Oracle president Charles Phillips said that customers remained happy with Oracle’s current licensing model, which is predominantly based on physical machines running the software.

“We license by the physical partition as there is no way we can know what [customers] are doing with [the machine],” Phillips said. “It is too complicated to do it any other way.”

…

Last year, Oracle modified its licensing to account for rising adoption of multicore chips, but Phillips suggested changes to deliver “virtualisation pricing” are unlikely…

Read the whole article at source.

At today Oracle is one of the major ISVs not recognizing virtualization technologies and not adjusting its offering accordingly.

Tents of roseate forecasts issued by top research analysis firms, VMware successful IPO and XenSource acquisition by Citrix don’t seem to change this state of facts.

And customers definitively don’t remain happy with current licensing model, as Oracle President reports, talking more about a nightmare.

virtualization.info recognizes virtualization-unfriendly licensing scheme as one of top issue negatively affecting virtualization adoption, and lists it at second place in Virtualization Industry Challenges report.