virtualization.info Editors

Detection of a Virtual Machine Monitor (VMM) is still a hot topic since appearance of Blue Pill prototype.

Despite many authoritative opinions against its feasibility, security and virtualization communities are still debating around the topic.

Joining their efforts, VMware, XenSource and universities of Stanford and Carnegie Mellon produced a paper to better clarify why achieving VMM invisibility is impossible.

Compatibility Is Not Transparency: VMM Detection Myths and Realities was presented in May 2007 at HotOS 11, a Usenix workshop about hot topics in operating systems:

Recent work on applications ranging from realistic honeypots to stealthier rootkits has speculated about building transparent VMMs – VMMs that are indistinguishable from native hardware, even to a dedicated adversary. We survey anomalies between real and virtual hardware and consider methods for detecting such anomalies, as well as possible countermeasures. We conclude that building a transparent VMM is fundamentally infeasible, as well as impractical from a performance and engineering standpoint.

Read the whole paper at source.

After Intel also Cisco wants a piece of VMware.

Quoting from the VMware official announcement:

VMware, Inc. today announced that Cisco Systems will acquire an equity stake in the company.

Cisco will purchase $150 million of VMware Class A common shares currently held by EMC Corporation, VMware’s parent company, subject to customary regulatory and other closing conditions including Hart-Scott-Rodino (HSR) review. Upon closing of the investment, Cisco will own approximately 1.6 percent of VMware’s total outstanding common stock (less than one percent of the combined voting power of VMware’s outstanding common stock). VMware has agreed to consider the appointment of a Cisco executive to VMware’s board of directors at a future date.

…

In addition, VMware and Cisco have entered into a routine and customary collaboration agreement that expresses their intent to expand cooperative efforts around joint development, marketing, customer and industry initiatives. Through improved coordination and integration of networking and virtualized infrastructure, the companies intend to foster solutions for enhanced datacenter optimization and extend the benefits of virtualization beyond the datacenter to remote offices and end-user desktops…

This move is part of a strategy, possibly started with VMware involvement in VFrame development, which may be further detailed during Cisco keynote at VMworld 2007.

Cisco is well resoluted to make the most out of virtualization hype: it first declares Datacenter 3.0 initiative (more ambitiously than IDC, which claimed Virtualization 2.0), then it re-launches a technology obtained by TopSpin acquisition in April 2005 and offered since September 2005 under new brand: VFrame.

Obviously the press release doesn’t even mention that VFrame just moved from 3.0 (which exist since May 2004, when TopSpin was developing it) to 3.1 in more than three years.

Quoting from the official announcement:

Cisco announced today VFrame Data Center (VFrame DC), an orchestration platform that leverages network intelligence to provision resources together as virtualized services. This industry-first approach greatly reduces application deployment times, improves overall resource utilization, and offers greater business agility. Further, VFrame DC includes an open API, and easily integrates with third party management applications, as well as best-of-breed server and storage virtualization offerings.

…

VFrame DC is a highly efficient orchestration platform for service provisioning which requires only a single controller and one back-up controller. The real time provisioning engine has a comprehensive view of compute, storage and network resources. This view enables VFrame DC to provision resources as virtualized services using graphical design templates. These design templates comprise one of four VFrame DC modular components: design, discovery, deploy, and operations. These components are integrated together with a robust security interface that allows controlled access by multiple organizations…

InternetNews reports VFrame will be available in August at a starting price of $60,000 dollars per appliance.

This should clarify why Cisco CEO, John T. Chambers, will perform second day keynote at VMworld 2007.

A further confirmation is given by fact that VMware is involved in VFrame development program since May 2004, as reported in a Cisco confidential presentation of 2005 (page 35).

Cisco old presentation also adds a detail about what probably will be announced at VMworld, and an interesting claim:

…VFrame can provision ESX Servers over SAN.

…

VMWare needs Cisco for scaling on blades…

In any case this move, along with Opsware acquisition by HP, also re-fuels interest in other automation solutions like Scalent and Dunes.

From its corporate blog Brad Anderson, General Manager of Leading Product Development and Engineering for Microsoft’s Management and Solutions Division, discloses planned release period for System Center Virtual Machine Manager (SCVMM) 2007 R2:

…

For Windows Server 2008, new management packs/agents for MOM 2005 and SC Operations Manager 2007 will be available in H1. Along those lines, we’ll also have a release of System Center Configuration Manager (formerly SMS) and a second release of Virtual Machine Manager to manage virtualized workloads enabled with Windows Server Virtualization. With the release of VMM, System Center can manage the physical and virtual assets. We developed this technology as, increasingly, customers told us they want a single, unified solution for managing both. I’ve met plenty of customers with physical servers in the datacenter operating at only 15% CPU capacity. SC Virtual Machine Manager assesses and then consolidates suitable server workloads onto virtual machine host infrastructure; this frees up physical resources for repurposing or hardware retirement…

Public beta for this new SCVMM version is expected for Q1 2008 instead, as virtualization.info detailed in SCVMM 2007 beta 2 announcement.

Thanks to Andrew Dugdell for the news.

Microsoft published a 26-minutes on demand webcast about its licensing model applied to virtualization scenarios.

In it Eric Jewett, Lead Product Manager for Windows Server Marketing, covers following topics:

• Licensing capabilities in different Windows editions
• Differences between running and stored virtual machines
• Differences between Server+CAL and Per-Processor licensing models
• Application of Microsoft licensing to moving virtual machines (for example using VMware VMotion capabilities)

This video should clarifies some concepts already stated in whitepaper Microsoft released in June 2007 and in new Virtualization Calculator 2.0.

SAP is extending its interest to Xen universe, first investing in Virtual Iron, then supporting Novell-based Xen virtual machines, and now extending such supporting to Red Hat.

Quoting from the Red Hat official announcement:

Red Hat, the world’s leading provider of open source solutions, today announced that SAP AG, the largest provider of business software solutions in the world, has certified the SAP NetWeaver platform on Red Hat Enterprise Linux Advanced Platform. The certification includes the virtualization technology embedded in Red Hat Enterprise Linux 5 for use with SAP applications.

…

The virtualization technologies included in Advanced Platform have been successfully tested by SAP during the certification procedure and can be used in production environments after a general release of virtualized SAP application-based Linux environments over the course of the year…

Differently from Novell, because of Xen trademark issues with XenSource, Red Hat cannot mention which virtualization product it’s using.

Quoting from the EMC official announcement:

…

Compared with the second quarter of 2006, EMC systems revenue increased 18% year-over-year, led by strong revenue growth from the company’s mid-range information storage products. EMC systems revenue represented 43% of total second-quarter revenue. Software license and maintenance revenue increased 27% year-over-year, led by strong customer demand for RSA’s security offerings and for VMware Virtual Infrastructure. Software license and maintenance revenue accounted for 41% of total revenue in the quarter. Professional services, systems maintenance and other services revenue grew by 18%, driven by double-digit services growth in all four major EMC business segments. Professional services, systems maintenance and other services represented 16% of total second-quarter revenue.

…

VMware, an EMC subsidiary, grew sales 89% year-over-year to $298 million during the second quarter as it continued to unlock the value of virtualization for existing and new customers around the world…

Veeam released a couple of minor updates for its flagship product, Reporter, and its newest one, Configurator.

Veem Reporter 2.1 introduces capability to report raw LUN mapping, while Configurator 1.0.1 is a bugfixes only version.

Download both trials here.

The virtualization.info Virtualization Industry Roadmap has been updated accordingly.

WildPackets just announced availability of its OmnyAnalysis network inspection suite.

In this new release appears a new component called OmniVirtual, which basically is a relabeling of popular OmniPeek traffic analyzer when running inside a virtual machine.

WildPackets is granting OmniVirtual support when running on VMware or Microsoft (Virtual PC only) virtual infrastructures.

Quoting from the Intel official announcement:

Intel Corporation today announced two new Ethernet controllers that facilitate high traffic flow and optimize I/O performance in such enterprise server environments as multicore Intel Xeon processor-based systems and virtualized datacenters.

…

The Intel 82598 10 Gigabit Ethernet Controller provides energy-efficient, dual-port, PCI Express-based 10GbE connectivity to handle high-speed interconnects. This product addresses the networking bottlenecks associated with server consolidation and is ideal for virtualization and such demanding enterprise applications as storage and high performance computing.

…Intel 82598 10 Gigabit Ethernet Controller will be available for volume shipment in September…

More details about these features are available in May 2007 issue of Intel Magazine:

…

Intel’s VMDq (Virtual Machine Device Queues) technology in the NIC provides multiple hardware queues and offload features that can be used to reduce the software overheads associated with sharing a single networking device between multiple VMs. Traditionally a software switch within the I/O partition which abstracts the hardware capabilities to the guest operating systems in the VMs processes the packets one at a time, sorting, classifying, and delivering the networking packets from the device to the different VMs. This introduces overheads in the transmit and receive speed paths and hence severely impacts I/O performance. By associating individual hardware queues of the NIC to specific VMs, and sorting and grouping the received packets into the VMs designated queues, these software overheads can be reduced. The enhancements in the NIC hardware also include support for transmit fairness to avoid head-of-line blocking between the VMs…

CPUs purchase is already driven by presence of virtualization enhancements (Intel VT or AMD SVM). As soon as other hardware equipment will be able to simplify virtualization tasks, it will be preferred over traditional gears.

But Intel effort in the space is not surprising just because of that: earlier this month the company announced upcoming motherboards capable to handle virtual to virtual (V2V) migrations, and so far heavily invested in multiple virtualization companies:

• VMware – July 2007
• Virtual Iron – October 2005
• SWsoft – June 2005