Year: 2008

VMware has a 2-years lead over competitors but will face a harsh price war

by

A new report published this February by the Yankee Group details an evidence: VMware currently has a technology lead over other virtualization players which then will compete on prices.

The analysis recognizes Microsoft, Citrix, Novell, Red Hat and the newcomer Oracle as main challengers, but fail to mention both Virtual Iron and the upcoming Sun, which is heavily investing in virtualization as well.

The Yankee Group expects a harsh bidding war mainly because VMware Infrastructure 3.5 offers less management capabilities than, for example Microsoft System Center Suite, at a higher price.

This depends on the fact that the former only covers virtual machines management, while the latter can spread over virtual and physical servers and desktops.

While this is absolutely true, just a very small portion of the prospects looking for virtualization also wants to replace their existing enterprise managemet solutions.

In most cases a company wants to return on its previous investments and integrate new virtualization consoles with what’s already available. This makes less meaningful a comparison between VMware VI 3.5 and Microsoft System Center Suite.

Obviously, those customers already implementing Microsoft management solutions will look forward to the Hyper-V + System Center Virtual Machine Manager (SCVMM) offering for the reasons mentioned above, but all the others using CA, IBM, HP, etc. will not see the same option as the preferred one.

Another major flaw of the Yankee Group report is related to the security level that VMware products offer compared to the competitors’ ones.

A fundamental lesson that the security industry can teach is that the number of security bulletins doens’t measure the inherent security of a product. Not until it’s directly related with the product’s diffusion on the market at least.

Considering that VMware has about 70% of the market share while Microsoft has above 20% (the analysis reports 30% which is uncorrect), it’s more than expected that the number of discovered security flaws follows this proportion accordingly.

All software in every IT industry is expected to have security flaws, but a straight comparison can be done only when two solutions have the same distribution. In all other cases many factors have to be included in the equation.

Nonetheless VMware will face a more harsh price war in the coming months as the Yankee Group states. But this will not depeding on the thesis above. This will rather depend on the fact that virtualization is slowing reaching the SMB market, where the price point counts much more than the enterprise management features.

Update: The improper comparison between VI 3.5 and SCVMM 2007 was so evident that VMware obtained to put it offline, as The Inquirer reports.

Some time may pass before the Yankee Group publish another analysis about virtualization technologies.

Benchmarks: VMware VMFS vs Raw Disk performance in SAN environments

by

VMware published an interesting 12-pages paper comparing the performance achieved in a SAN environment with ESX Server 3.5 virtual machines stored in a VMFS volume and in a raw disk volume (mentioned as Raw Device Mapping or RDM):

For random workloads, VMFS and RDM produce similar I/O throughput. For sequential workloads with small I/O block sizes, RDM provides a small increase in throughput compared to VMFS. However, the performance gap decreases as the I/O block size increases. For all workloads, RDM has slightly better CPU cost.

The test results described in this study show that VMFS and RDM provide similar I/O throughput for most of the workloads we tested. The small differences in I/O performance we observed were with the virtual machine running CPU-saturated. The differences seen in these studies would therefore be minimized in real life workloads because most applications do not usually drive virtual machines to their full capacity. Most enterprise applications can, therefore, use either VMFS or RDM for configuring virtual disks when run in a virtual machine.

However, there are a few cases that require use of raw disks. Backup applications that use such inherent SAN features as snapshots or clustering applications (for both data and quorum disks) require raw disks. RDM is recommended for these cases. We recommend use of RDM for these cases not for performance reasons but because these applications require lowe-level disk control…

Read the whole paper at the source.

3rd party plug-ins pose a security risk for VMware VirtualCenter

by

Ironically enough, the author of the first 3rd party plug-ins for the new VirtualCenter 2.5, Andrew Kutz, is also the one that has to warn about the security risks implied in using any non-VMware plug-in:

During the development of the Console plugin I had to register a message filter on the primary message loop to capture input for the SSH “terminal.” I was not sure if the VI client would allow me to do this, as the ability to so has nasty implications. Well, it does, and it does.

VMware has been informed of this flaw, and provided with a solution.

Try using the CheckForMsgFiler.exe application that comes with the KeySniffer client plugin. This application checks a given assembly and notifies the user if said assembly has any contains types that implement the IMessageFiler interface…

To proof the concept Andrew developed a malicious plug-in, KeySniffer, able to record any keystroke typed in the VirtualCenter GUI. Try it here.

Tool: SSH Console plug-in for VMware VirtualCenter

by

Andrew Kutz seems unstoppable and continues to release useful plug-ins for the new VMware VirtualCenter 2.5 architecture.

After one to manage Storage VMotion migrations and one to manage mass configuration of port groups, the last creation allows to embed a SSH client in the VirtualCenter GUI.

SSH Console plug-in

To realize this plug-in Andrew used SharpSSH, a SSH2 library for Microsoft .NET Framework, and ackterm for VT-100 emulation, but he has yet to implement the Public Key authentication.

Just like the others, this tool is totally unsupported by VMware and should not be deployed in production environments.

Download it here.

Waiting for VMworld Europe 2008 – Last part

by

During the entire January and February virtualization.info published an exclusive series of videos showing several VMware product managers and staff engineers introducing their sessions at upcoming VMware Europe 2008:

At the same time we detailed a list of new products and initiatives that VMware is going to announce (or it’s supposed to) on stage:

Next week virtualization.info will be in Cannes covering the keynotes and all the product announcements above. Before that anyway we’d like to close this video series with our last guest: Jay Judkowitz, Senior Product Manager for the new Site Recovery Manager.

QT_OnloadWriteOBJECT_XHTML(‘http://www.vi3demo.com/vmworld/Jay1_2.mov’, ‘400’, ‘240’, ”,
‘autoplay’, ‘false’,
’emb#bgcolor’, ‘black’,
‘align’, ‘middle’);

If you still did not, register for VMworld Europe 2008 here.

The long VMware road to (CPU) para-virtualization

by

VMware spent great efforts over the last years affirming that its virtualization technology, the binary translation, was more performant and flexible than para-virtualization (used by the Xen hypervisor and its commercial derivates since ever) in most scenarios. But at the same time the company worked to use para-virtualization and increase the guest OS performance as much as possible.

One major step in this progression was the introduction of a para-virtualization standardized interface, the Virtual Machine Interface (VMI), which the company hoped to integrate in the Linux kernel.

Because of the long dispute with XenSource (now Citrix), VMI made its way in the Linux kernel only one year later in version 2.6.21. (Oracle was so sick and tired of the delays that proceeded building its own hypervisor).

Meanwhile VMware announced its plan to support VMI-para-virtualized guest OSes in its entire product line.
Today VMI is supported inside Workstation 6.0 and ESX Server 3.5. The upcoming Server 2.0 will support the interface as well.
The Linux distributions that support VMI out of the box are Novell SUSE, Ubuntu and Fedora.

Now, to further validate all its para-virtualization effort, VMware is publishing a benchmark analysis, comparing the performance of two Linux distributions (32bit only) with and without VMI flag on ESX Server 3.5:

This paper shows that VMI-style paravirtualization offers performance improvements for a wide variety of workloads. However the performance gains depend heavily on the nature of those workloads. Workloads that spend the majority of their time in user mode provide only a modest gain when run in a VMI virtual machine.
Workloads that spend a significant portion of their time in kernel mode, or that are memory management unit intensive, see the largest benefit from running in a VMI virtual machine.

Non-VMI-enabled guests continue to perform quite well with binary translation, and remain an appropriate choice for many situations. VMware is also working with hardware vendors to improve hardware virtualization. With support for binary translation, hardware virtualization, and VMI-style paravirtualization, ESX Server 3.5 allows the choice of the best virtualization technique for each virtual machine based on its workload and guest operating system.

Read the whole 17-pages paper at the source.

VMware to launch VMsafe at VMworld Europe 2008?

by

It’s known since September 2007 that VMware is working at a new security initiative, Vsafe, with major industry players: a set of APIs which could be used by anti-virus, IDS and patch management vendors to enforce security at the hypervisor level.

Possibly renamed VMsafe, the program may be unveiled at VMworld Europe 2008 as The Guardian is briefly reporting:

Partners in the effort — dubbed VMsafe — include Symantec Corp, McAfee Inc, the Internet Security Systems division of International Business Machines Corp , EMC Corp’s RSA security unit and Check Point Software Technologies Ltd, they said…

If true this announcement will pile up with the many related to new products expected next week: Site Recover Manager (SRM) and VMware Operational Framework (VOF), Lifecycle Management and Stage Manager.

It’s even likely that VMware will announce official availability of its Server 2.0, in beta since November 2007.

VMware will release a VI client for 64bit OS in H2 2008

by

In January Douglas Brown published an interesting step-by-step work around to install a VI 3.5 client on an unsupported 64bit Windows operating system.

In his article Douglas mentions a thread in VMTN Forums where Andre Kemp, Sr. Product Marketing Manager at VMware, provides an interesting answer about the topic:

We have seen development issues with our new client on a 64-bit host, so due to other priorities the engineers put in the blocking issue to prevent installing the client.

It appears right now the most valid work around is to run a 32-bit VM until we have our 64-bit client available sometime 2nd half next year

If the above plan is confirmed it’s easy to imagine it as part of a possible launch of a long awaited 64bit Virtual Infrastructure 4.0 with ESX Server 4.0 and VirtualCenter 3.0. Obviously this is a complete speculation at this point.

ManageSoft extends Enterpise Compliance Manager support to VMware ESX Server

by

Quoting from the ManageSoft official announcement:

ManageSoft — the leading supplier of Enterprise Software Management solutions — announced today it now supports VMware ESX Server with its Enterprise Compliance Manager software that enables its customers to fill the license compliance chasm created by the virtualization wave. This software provides a path to resolution for companies embracing application and server virtualization, but concerned about software publishers’ licensing policies…

ManageSoft is one of the companies which joined the Federation Against Software Theft (FAST) to discuss the implications of virtualization in software licensing.