virtualization.info Editors

Security contexts are functionally similar to a collection of independent physical firewalls but are much easier to manage. Because they are virtual devices, it is easy to add or delete security contexts based on subscriber growth. This reduces management costs, because organizations do not need to deploy multiple devices, yet they can achieve the same capabilities and maintain complete control over the firewall infrastructure from one consolidated platform.

Xen, an open-source project with growing ties to Red Hat, Novell and Hewlett-Packard, is emerging as the leading contender for providing open-source virtualization for the Linux environment.
Ian Pratt, the founder of the Xen project that originated from the University of Cambridge in England, confirmed that developers from Red Hat and Suse are preparing “testing packages” of Xen that will be released in the near future.
Additionally, Xen has joined forces with leading Linux distributors, chip vendors and platform vendors to create a consortium that will more broadly enable open-source virtualization development and deployment.
Xen backers are hopeful that support from heavy hitters in the Linux industry will make Xen a household name in the open-source community. The open-source project completed the first major update of Xen version 2.0 in November.
Steven Hand, another computer scientist at the University of Cambridge’s computer lab, said he expects the Red Hat drop will be available in the same time frame as Red Hat Enterprise Linux 4.0, which is due in the first quarter of 2005.

“Red Hat’s packaging Xen in the near future as part of Fedora. We’ve talked to Suse,” said Hand. “We have a lot of momentum in the open-source community. Now we’re pushing into mainstream Linux so when Xen goes into the latest versions of Linux, users can compile a Xen kernel out of the box.”
Red Hat will release test builds for Red Hat Fedora Core 3, and Novell will soon release test builds for Novell Suse Linux, Pratt said. The Xen components will be dropped into experimental Linux packages, but they won’t be commercially supported.

Xen does not support Windows today because it uses a technique called para-virtualization to achieve high performance that involves modifying the operating system kernel, Pratt said. However, the debut of virtualization features in next-generation CPUs from Intel and AMD will make it easier to support unmodified operating systems, Pratt said.
“At that time we will reconsider Windows support,” he said.

Neither Red Hat nor Novell would comment on their plans with Xen. A Novell spokesman said the company is “excited about what Xen is doing. But it’s premature at this point for us to talk publicly about our strategy and potential partnerships around virtualization.”
Xen will be available under the General Public License; some components may be available under a NetBSD-style license, Hand said.

Consultants and solution providers in the open-source market said they would welcome an alternative to VMware and Virtual Server, but Xen needs to add support for Windows. VMware supports Linux but is often an expensive add-on to an open-source stack, other observers said.
“Xen is very, very good, but it does not yet support Windows,” said Chris Maresca, senior partner at Olliance Group, Palo Alto, Calif. “A lot of people use VMware to support WinX on Linux.”
Ironically, Microsoft Research provided funding for the Xen group when it was founded two years ago, but has since back out, Xen officials said.

Xen is only one of several open-source projects devoted to offering virtualization software for the open-source and Linux environment.
Bochs, an open-source project founded in 1994 that evolved into Plex86, focused on Linux virtual machines. Observers said Plex86’s approach is more like VMware’s. Founder and developer Kevin Lawton said he talked with IBM, Red Hat and Novell about getting backing for the Linux VM project in 2003, but those discussions didn’t pan out.
The existing code, he said, is very experimental in nature and needs additional development before it could be classified as a “version 1.0” commercially ready server. The last update of Plex86 posted in December 2003. The project is now stalled, said Lawton, who is consulting for a startup company.
Top Linux vendors have also explored another open-source project, called user-mode Linux, or UML, said Lawton. UML is said to be slower than Xen but runs on more established technology and is often used for testing and debugging applications, observers said.

HP Labs and Intel Labs are other backers of Xen. HP is using Xen in its utility computing efforts, Hand said.
While HP would not comment on its plans for Xen, one HP executive said the company is working with several source projects and commercial companies as well as HP’s own virtualization technology to help enable utility computing.
“We’re primarily working with VMware and Microsoft in the virtualization space,” said Nick van der Zweep, director of virtual and utility computing at HP, noting that HP is not bundling Xen at this point but is investing in “various OS initiatives.”
Dave McCrory, founder of Surgient, an ISV and ASP whose platform uses virtualization technology, said there is a market for an open-source spin-off of VMware, but there are limitations to Xen that could stymie its acceptance.
“Xen is semi-virtualization. Right now, you can’t run Windows except a modified XP version and modified Linux. If someone could come up with an enterprise virtualization solution that was open source, it would be fantastic,” said McCrory, also chief scientist at the Austin, Texas, firm.
“Another problem that would face open-source solutions is that a lot of the real virtualization ground is consumed by patents created by VMware and Connectix and now owned by EMC and Microsoft,” he said. (EMC owns VMware while Microsoft now own Connectix’s virtualization software and is marketing it under the Virtual Server brand.) “This would pose another problem if corporations were considering adopting these types of solutions. I do believe there would be a market for it, however.”

The new INTEGRITY PC product creates a “virtual computer” that runs on top of Green Hills INTEGRITY operating system, allowing companies to run operating systems such as Linux without requiring porting of those applications. The company reports that Boeing is using the technology in several of its military development programs. Green Hills said that the product, based on its Padded Cell technology, allows multiple virtual computers to run in user mode on top of their operating system. Each of those virtual computers are separate, and even if they crash cannot affect other parts of the operating system.