Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Inside VMware's 'Virtual Datacenter OS'

Soulskill posted more than 5 years ago | from the closer-look dept.

Operating Systems 121

snydeq writes "Neil McAllister cuts through VMware's marketing hype to examine the potential impact of VMware's newly pronounced 'virtual datacenter OS' — which the company has touted as the death knell for the traditional OS. Literally an operating system for the virtual datacenter, VDC OS is an umbrella concept to build services and APIs that make it easier to provision and allocate resources for apps in an abstract way. Under the system, McAllister writes, apps are reduced to 'application workloads' tailored through vApp, a tool that will allow developers to 'encapsulate the entire app infrastructure in a single bundle — servers and all.' The concept could help solve the current bugbear of programming, parallel processing, McAllister concludes, assuming VMware succeeds."

cancel ×

121 comments

Sorry! There are no comments related to the filter you selected.

Wow, just imagine (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25084713)

A beowulf cluster of these!

Nothing to sell here, move along (3, Insightful)

$RANDOMLUSER (804576) | more than 5 years ago | (#25084731)

According to VMware execs, VDC OS will not be a product as such. Instead, it is an umbrella concept covering a range of capabilities that VMware will build into the next generation of its Virtual Infrastructure products.

So it's not just vaporware, it's an "umbrella concept" that will be built into future products.

Re:Nothing to sell here, move along (5, Funny)

eric-x (1348097) | more than 5 years ago | (#25084911)

Well, since there were complains from the /. community about vaporware (if not an actual product) and slashvertizements (if an actual product) we thought it would be an improvement to avoid these and hence introduce the "umbrella concept".

Re:Nothing to sell here, move along (1)

image77 (304432) | more than 5 years ago | (#25085309)

Wrong. It's an umbrella concept that that builds on existing products. VMware has been around for over a decade and has been shipping products that whole time.

Re:Nothing to sell here, move along (1)

belrick (31159) | more than 5 years ago | (#25085555)

So it's not just vaporware, it's an "umbrella concept" that will be built into future products.

In other words, it's plasmaware!

Re:Nothing to sell here, move along (2, Funny)

ionix5891 (1228718) | more than 5 years ago | (#25085821)

well clouds are made of vapor...

We've come full circle (4, Interesting)

timeOday (582209) | more than 5 years ago | (#25084733)

The whole point of time-sharing operating systems in the first place was to allow many competing applications to get along yet protect them from each other. We have layer upon layer of redundancy built in; a Java VM running on an x86 VM running on a CPU operating in protected mode. Then somebody comes along and says, "hey I have a breakthrough idea, let's just use ONE of those layers!"

The real nut of my questions is, what would we need to add to more conventional OS's (linux) to get the job done? For my money, the biggest problem is package interdependencies. IMHO much VM usage is actually just to address that issue. We need package management that isolates applications from each other, giving the appearance of a custom chroot environment for each, while silently sharing resources (such as .so's) that just happen to be the same in multiple applications.

Re:We've come full circle (2, Interesting)

giuntag (833437) | more than 5 years ago | (#25084961)

in short, are you advocating usage of virtuozzo?

Re:We've come full circle (1, Insightful)

timeOday (582209) | more than 5 years ago | (#25085075)

in short, are you advocating usage of virtuozzo?

Thanks, it sounds very interesting. Do the virtuozzo containers all share OS files (libraries) to the extent possible? One of my main problems with VMWare is that a VM itself takes so much disk space that it takes a long time to work with (copy, archive etc) and I can't fit many on my laptop. Somewhat paradoxically, it must be possible to snapshot an application with its entire environment so you have a known working version.

Re:We've come full circle (3, Interesting)

Ralish (775196) | more than 5 years ago | (#25086031)

One of my main problems with VMWare is that a VM itself takes so much disk space that it takes a long time to work with (copy, archive etc) and I can't fit many on my laptop. Somewhat paradoxically, it must be possible to snapshot an application with its entire environment so you have a known working version.

If I'm understanding you correctly, the solution you are after is already offered by VMware:
http://vmware.com/products/thinapp/ [vmware.com]

Make sure to check the features tab for a more summarized and technical overview of what exactly ThinApp does and is capable of. Unfortunately, ThinApp is currently Windows only; I have no idea if they are intending to support Unix OS's in the future.

Is this the sort of functionality you are thinking about? Apologies if I've misintepreted your comment.

It's just that all current OS's are lacking (4, Insightful)

Colin Smith (2679) | more than 5 years ago | (#25084967)

Except from IBM of course.

vmware is simply the logical extension of what the OS should be doing anyway.

or put another way.

Those who don't buy IBM kit are condemned to reimpliment (badly, and for the rest of their lives) what IBM have been doing for decades.

Re:It's just that all current OS's are lacking (1, Troll)

the_B0fh (208483) | more than 5 years ago | (#25085469)

See, all these baby trolls who think they know it all. Before you mod parent as troll, go read about LPARs.

Why can't mod points be given only to intelligent modders?

Re:It's just that all current OS's are lacking (1)

chez69 (135760) | more than 5 years ago | (#25090119)

It's sort of funny to see 'Mainframes are teh expensive' argument. I miss the old days of slashdot when more then 20% of folks knew there was more to computers then 'hello world' and javascript.

Re:It's just that all current OS's are lacking (2, Funny)

Anonymous Coward | more than 5 years ago | (#25085631)

IBM: the only company who can pack mainframe complexity into 2U.

No, thanks. Give me Sun over IBM ANY day of the week. Every time I have to deal with IBM/AIX, I wind up with a headache.

Re:It's just that all current OS's are lacking (1)

JAlexoi (1085785) | more than 5 years ago | (#25087257)

FYI: You can run SLES on IBM Mainframe instead of AIX.

Re:It's just that all current OS's are lacking (1, Insightful)

Anonymous Coward | more than 5 years ago | (#25087935)

You can't run AIX on a mainframe -- that'd be z/OS.

But yes, you can run SLES on a mainframe, thus neatly avoiding all that "too many applications to choose from" fuss. You can't take an existing x86 app and run it, you need a special mainframe version. If you've got source, you can recompile, but if you want a supported app from someone else, in most cases you're going to be SOL.

It's a steal, too, at only $12,000 per "mainframe engine" (core). (That may sound like a lot, but it is apparently a ton cheaper than the equivalent z/OS license.)

The only question left would be: "why?" Since there's an estimated installed base of around 2,500 SLES instances on mainframes, there must be an answer. I will go out on a limb and guess that most of this is mainframers transitioning to Linux rather than traditional Linux folks deciding to add mainframe skills to their toolset.

I really doubt if very many people at all are going to bring in a mainframe and z/VM to a Linux shop that hadn't previously been a mainframe shop -- even if z/VM is much better than VMware or Xen, is it *that* much better that you have to drop that kind of coin and go through that much of a training investment?

Re:It's just that all current OS's are lacking (1)

the_B0fh (208483) | more than 5 years ago | (#25089319)

I know of a guy who used to go around installing mainframes as exchange replacement servers.

Re:It's just that all current OS's are lacking (2, Insightful)

sphealey (2855) | more than 5 years ago | (#25085943)

> Those who don't buy IBM kit are condemned to reimpliment
> (badly, and for the rest of their lives) what IBM have been
> doing for decades.

First, the troll rating is utterly unjustified. Mod parent up.

IBM is not without its own faults. Perhaps less so now than in the 1970s and 80s when the push for PCs took root, but it has its own weaknesses. Even taking that into account it _is_ ridiculous to see the Wintel world groping toward the kind if high availability and virtualization that IBM, DEC, CDC, and others perfected in the 1960s/70.

sPh

Re:It's just that all current OS's are lacking (0)

Anonymous Coward | more than 5 years ago | (#25086853)

mmmm, clustered VMS
delicious

Re:It's just that all current OS's are lacking (1)

lukas84 (912874) | more than 5 years ago | (#25086125)

I'm not sure if i entirely agree with you.

I was stuck with a side job to administrate IBM POWER running IBM i (formerly known as AS/400), and their virtualization capabilities aren't that grad.

It took them until V6R1 that was released in the beginning of 2008 to allow for sharing arms with multiple LPARs, something that every x86 virtualization solution could do from the beginning.

It took them until the POWER 6 Hardware generation to allow NIC sharing using HEAs. POWER 6 Hardware started being offered back in 2007, something that was there on the x86 virtualization market from the beginning.

LPARs are hugely expensive. They might make some sense with the really, really big machines, but in the SMB Market that uses POWER 520 or POWER 550 machines, they do not offer financial advantages.

Another point is licensing - IBM i is licensed by number of Core, not sockets. At around 5k-10k per Core, it is extremely expensive.

Re:It's just that all current OS's are lacking (1)

JAlexoi (1085785) | more than 5 years ago | (#25087279)

>At around 5k-10k per Core, it is extremely expensive.
Until you actually take into account all the other benefits that come with that system....

Re:It's just that all current OS's are lacking (1)

lukas84 (912874) | more than 5 years ago | (#25088015)

Most of the applications are extremely dated, still using 5250 as user interfaces, many of them not up-to-date on database technology (Unjournaled, without commitment control, without constraints).

A heavy set of developers that refuse to stray from platform-specific languages that were created in the 80ies and have only marginally been modernized (RPG). Most of those developers also prefer unjournaled, unnormalized databases made in the 80ies.

Running modern software on the i is a complete pain in the ass, as e.G. Java is slower on the small machines than a laptop and PHP/MySQL on the platform just doesn't make any sense.

No, the only reason to use an i is when you're stuck with some legacy software you can't afford to replace just yet.

As always, there are exceptions to this rule.

outdated apps? (1)

chez69 (135760) | more than 5 years ago | (#25090099)

You can run all kinds of modern software on a mainframe. You get anything linux can run, but outside of linux you can use java, websphere, DB/2, IMS, messaging (MQ on a mainframe is amazing).

Yeah, you can use RPG, COBOL, PL/1 and that other crap. but why would you =-)

Re:It's just that all current OS's are lacking (1)

chez69 (135760) | more than 5 years ago | (#25090095)

iSeries aren't as good for a reason. If you can buy a mini instead of a Mainframe then you won't buy the mainframe. VM on a real mainframe has been doing what these folks have come up with forever. with sysplex you get multiple machines, kick ass uptime, and multiple OSes like VM, Zos, linux, shit, you can run your OS from the 70s on it if you want.

yeah, it costs an craptastic amount of money, but if you have the cash and need the uptime....

Re:We've come full circle (3, Informative)

tji (74570) | more than 5 years ago | (#25085115)

They are not replacing Linux. You still run your what you want on Linux, but do you run everything on ONE Linux box? If yes, you're not a good candidate for a Datacenter OS. If you run many servers, then there is almost definitely room for efficiency in that structure.

Rather than dedicating the full bare hardware to your App, you deploy as a VM in your Virtual Datacenter ( mini cloud ). The DCOS takes care of managing the resources, things like:

- Moving your server VM from compute node to compute node to automatically balance load and optimize performance,
- Move VMs to work around failures, allow hardware upgrades, etc. without downtime.
- Expand capacity by dropping another compute node into the cloud (the big difference between the old mainframe world and the new DCOS. This scales easily with cheap powerful nodes)
- Move the machine images around your storage infrastructure, to allow for management, maintenance, upgrade, expansion, etc.
- Provide recovery and even fault tolerance of hardware. Servers can automatically move and re-start on hardware failure; or they can even run in lockstep to maintain full operation through a node failure.

This is VMware's big lead (and big need to leverage, as the revenue from the hypervisor layer dries up). They provide the management layer that enables all the above, and they keep improving it. From a central GUI, I can manage all my VMs, manage the compute resources as a cluster.

Re:We've come full circle (2, Informative)

ArsonSmith (13997) | more than 5 years ago | (#25085829)

Not exactly. VDC-OS does actually replace Windows and/or Linux. Think of it as a Linux kernel, and instead of InitV startup your app starts up. You don't maintain users and directories or storage or even log into a shell. The OS is reduced to just enough to run 1 application and only 1 application.

This OS/App bundle is created with a basic config file and is then started just like you'd start a virtual machine on an ESX server or server cluster. ESX can then handle the migration and resources of all the ESX servers in the cluster and your App will move between them to the one that will service it best.

I'm sure there will be a debug environtment that may included a more advanced shell like interface to run traces and such, but a stable app shouldn't need any of this. (By stable I mean well tested and developed to one specific environment of which this will provide. Think cartrage console game vs. PC game)

Re:We've come full circle (1)

tji (74570) | more than 5 years ago | (#25086119)

I'm not sure if you're talking about the hypervisor OS, or what.. Yes, ESXi is a very thin OS, but the servers / applications run in a VM which needs a standard OS. This is VMware's "Virtual Appliance" concept. The OS should be a really minimal stripped down build, usually Linux based, but it is a real OS.

The VDC-OS is just the underlying ESXi thin hypervisor, with VirtualCenter managing the resources. This is what VMware has been doing for quite a while now, the new name is partly some new features, and partly just a re-branding/positioning of their existing technology against some growing threats.

Re:We've come full circle (1)

ArsonSmith (13997) | more than 5 years ago | (#25086665)

ESX and ESXi are the underlying bare metal OSs. VDC-OS is a stripped down VM. Think of the virtual appliance concept reduced even further.

Re:We've come full circle (1)

ArsonSmith (13997) | more than 5 years ago | (#25086689)

VDC-OS is to Linux/Windows what ESXi is to ESX. Where ESX takes a couple hundred Megs of memory. you have to manage users and have a full Linux OS under the vmware application, ESXi is 16megs, has one user account used to join Virtual Center and the only console interface is where you set the password and ipaddress.

Yawn (1)

Viol8 (599362) | more than 5 years ago | (#25085845)

This is a sticking plaster for the lousy PC architecture which today is being forced into places it was never designed for. Read up on what IBM and Tandem were doing back in the 70s and 80s which hardware that was designed for this.

This isn't hot new tech, its putting lipstick on a turd so companies can save a few pennies.

Re:Yawn (1)

ArsonSmith (13997) | more than 5 years ago | (#25086001)

I have and it's the difference between a baby crawling and the star ship enterprise's warp drive. Sure they are both forms of transportation, but one does a lot more. And while PC hardware may not have been designed for virtualization, it has been redesigned for it.

Re:We've come full circle (0)

Anonymous Coward | more than 5 years ago | (#25085459)

Sounds like Solaris 10. Zones, Containers and the like.

(Open) Solaris (2, Informative)

d3xt3r (527989) | more than 5 years ago | (#25086315)

Solaris 10 and Open Solaris have the concept of zones and containers. The computer runs a single Solaris instance but can run isolated process trees in zones which share common libraries but can be updated for dependencies independently. The containers concept (in conjunction with zones) allows a fair share scheduler to guarantee a service level for each allocated zone (CPU/memory sharing, etc). IMHO, must better than Virtuozzo, VMware and Xen.

Re:We've come full circle (1)

kitgerrits (1034262) | more than 5 years ago | (#25086563)

Have you considered doing minimal Linux installs inside your VMWare? This way you can store more VMs on one machine.
You can also take the BSD approach and share your /usr from the host O/S to the guest O/S through NFS or the like, also saving disk space.
Xen on Linux already gets rid of a few layers by implementing paravirtualization.

If you combine all 3 measures, you can host several high-performance VMs one a relatively small machine.

Personally, I would simply buy a bigger disk and more RAM, because that $300 of equipment will save weeks on development.

Re:We've come full circle (1)

darkuncle (4925) | more than 5 years ago | (#25086961)

take a look at ESX using NetApp for backend storage - deduplication at a block level can achieve what you are proposing, and then some (only store one copy of whatever-it-is, e.g. explorer.exe or /usr/bin/vi; every VM that would otherwise have an identical copy of $foo has instead pointers to the one set of blocks on-disk that contains $foo. The more VMs you run, the better your space savings.)

Summary (2, Insightful)

wombatmobile (623057) | more than 5 years ago | (#25084739)

FTFA: "In short, if done properly, a meta-operating system based on networked virtual machines could streamline software development, make IT more flexible, and save customers money."

It is hard to argue with a truism. But what does "done properly" entail?

Re:Summary (5, Funny)

davester666 (731373) | more than 5 years ago | (#25084973)

In this case, if you ONLY use VMWARE products throughout your organization, then you have configured your systems properly.

Re:Summary (0)

Anonymous Coward | more than 5 years ago | (#25087379)

FTFA: "In short, if done properly, a meta-operating system based on networked virtual machines could streamline software development, make IT more flexible, and get people to spend more money on VMware instead."

There, fixed it for you.

I cant get them to use it now! (2, Interesting)

funwithBSD (245349) | more than 5 years ago | (#25084757)

Getting traditional "silo" orientated programmers to use distributed computing is hard now!

This server is for chocolate, this one for peanut butter... don't let them touch!

Even GRID enabled software like Informatica is hard to get them to understand. Don't worry where it runs, don't try to segregate workloads... the software is smarter than you!

Let it do it's damn job.

THAT is why VMWare is on the right track with this (3, Insightful)

khasim (1285) | more than 5 years ago | (#25085315)

Getting traditional "silo" orientated programmers to use distributed computing is hard now!

And (for many of them) it's never going to get any easier.

It is too easy for them to just think of "one program, one OS, one machine".

Their app takes all the resources it sees from the OS it sees on the machine it sees.

So VMWare "solves" this by making it easy (for a price) for each app to believe that it has it's own machine. So the programmers can keep working they've always worked.

Re:I cant get them to use it now! (1)

ArsonSmith (13997) | more than 5 years ago | (#25086169)

Wish I had mod points this post is very relevant to the resistance to VM where I am now.

"pronounced" (0)

Anonymous Coward | more than 5 years ago | (#25084811)

"Pronounced"...

I do not think it means what you think it means.

Re:"pronounced" (1)

gardyloo (512791) | more than 5 years ago | (#25084909)

Actually, it's a perfectly cromulent use of "pronounced".

done already (1)

WindBourne (631190) | more than 5 years ago | (#25084887)

there is hardware available with XEN, that does just that concept. Of course, it is Linux in there, but each major app has its own set-up. That way, you have a DB, a webserver, a development env, etc.

Re:done already (0)

Anonymous Coward | more than 5 years ago | (#25084953)

VMware isn't saying "look we can do virtual servers" They're saying, "Look, we can do independant workloads across multiple servers, all while securing and ensuring availability ACROSS MULTIPLE DATACENTERS." The idea being that by pushing server virtualization beyond the hypervisor and down into the storage layer supporting it you can do all sorts of neat things. This last bit is the piece that is changing, and today, Xen isn't there.

"Comparing Xen and VMware is like comparing apples and oranges, VMware is a whole suite of applications, Xen is just a hypervisor. Vendors can add thier own management layers to Xen and bundle up services" -Simon Crosby

Re:done already (2, Informative)

TheRaven64 (641858) | more than 5 years ago | (#25085485)

Samsung did some work with Xen (not sure if it's published yet) on 'partial migration' where a group of independent machines appeared to be a single SMP (or, ideally, AMP) machine from the perspective of the OS and pages were synchronised between different nodes using a cache coherency protocol as required. Marathon have a Xen version which synchronises two VM instances in remote locations allowing either to act as a transparent fail-over for the other if one set of hardware goes down. Moving it down to the storage layer doesn't sound like it provides anything more than existing SAN solutions which can be deployed on most VMs already.

Oh, and Simon's a bright guy, but he works more on the marketing side of things. If you want technical comments, go to Ian or Keir.

encapsulation and abstraction (4, Interesting)

Anonymous Coward | more than 5 years ago | (#25084921)

I have used VDC OS. Ultimately it is just a convergence of the existing technologies Vmware has already been developing, upgraded to a new level. I can say, it is very, very nice and clean.

What it gives a data center manager is abstraction and ease of use. The physical way everything is deployed one-off into a datacenter, you need a new application, it involves buying new servers, racks, power and whatnot. If you need to move those servers to another center, or deal with business continuance and disaster recovery, it is a new discrete project.

With VDC, no more. You build all of that into the datacenter "OS", and when a new application comes along they are put into the VDC OS and they inherit everything, not just HA but BC, DR and all of the ease of use. If they don't want BC or DR, they don't pay into that bucket.

Need to move a Datacenter? Use the DR solutions in VDC OS, and you can do it in the middle of the day without your users noticing more than a slight 5-minute bump (or so--largely to let the network routes update).

VMware is so far beyond everybody else in the virutalization industry, it is almost comical to hear other people shout the battle cry of 'Xen' or 'Hyper-V'. Those are nice toys, but the surrounding tools are klunky and almost non-functional, leaving just the hypervisor. What VMware is trying to say with "VDC OS" is that the game already left the hypervisor, that is why everybody is all but giving the hypervisor away for free now.

I may sound like a fanboy, but after having worked in the datacenter for 15+ years I can say this technology really works, and its about time. We can now move the datacenter from the hobbiest market it has been in up to now, into the dialtone it should be.

Re:encapsulation and abstraction (2, Informative)

Anonymous Coward | more than 5 years ago | (#25085229)

I have to disagree with AC that "vmware is the only solution", 6 months ago we evaluated both vmware (which we had been using in dev and test for years) and the Citrix Xen product and decided to go for Xen for our production systems based upon performance we saw (yes yes YMMV) cost, and the open nature of the API. The problem was finding a strong partner/integrator to help us swing our server estate from physical to virtual in the time allotted.

So far the systems have been solid, and required only a couple of noncritical updates/patches to maintain. I agree that its not about the hypervisor (any more), with Hyper-V being practically free ($40-bucks?), but I would disagree that VMWare is the only game in town.

We were prepared to question the accepted wisdom in search of performance and savings, and it worked out well for us (so far). I can't comment on the other versions of Xen from Sun, Oracle, and Co, but we found Citrix Xen and a hardware virtualization appliance [360is.com] a solid, manageable system.

Re:encapsulation and abstraction (4, Insightful)

kscguru (551278) | more than 5 years ago | (#25085603)

6 months ago we evaluated both vmware (which we had been using in dev and test for years) and the Citrix Xen product and decided to go for Xen for our production systems based upon performance we saw (yes yes YMMV) cost, and the open nature of the API. The problem was finding a strong partner/integrator to help us swing our server estate from physical to virtual in the time allotted.

Then you missed the GP's point. If XenSource (Citrix XenSource : VMware VI as Xen : ESX) satisfies your needs, then you aren't doing anything for which you need a datacenter OS. (And if you evaluated anything more expensive than the cheapest VMware offering, you botched your product search too.)

For server consolidation and bare-bones start/stop management, there is not much difference between VMware, Xen, and Hyper-V. They all have roughly the same performance; ESX degrades least when overloaded and there's a small premium for an ESX cluster because of it. Go to the next tier where you need automated load-balancing, automated availability solutions, and automated backup, and VMware is the only game in town. (Short of IBM mainframes.)

Server consolidation != datacenter OS, despite the "me too!" claims of MSFT and Citrix. MSFT's roadmap puts them in the same ballpark in 2-3 years, Citrix 3 years back on the VMware roadmap, and VMware is there right now.

Re:encapsulation and abstraction (0)

Anonymous Coward | more than 5 years ago | (#25086077)

(Short of IBM mainframes.)

Or (Open)VMS clusters.

Re:encapsulation and abstraction (1, Interesting)

Anonymous Coward | more than 5 years ago | (#25086209)

Yeah, the price on the hypervisor layer has fallen so much, we're now pricing out options to customers where they don't have to pay for software. Small business looking to do a hardware refresh? Virtualize all your servers on this one system booting from a USB key, and mount this iSCSI array we set up for you over here.

All the software is free (as in beer) and some is even Free (as in speech) as well, and this is all low end offerings. Everyone else is behind the game once you move past that arena. I'm not fond of monoculture at all, but VMware has the high end market for this tech locked up. At home I'm experimenting with the likes of VirtualBox and kvm/qemu on a quad core server, but I've no illusions of these solutions competing with VMware's high end. Not for a few years, anyway. (As an aside, I really think kvm will be awesome down the road, it just needs a lot of refinement and work)

Re:encapsulation and abstraction (1, Troll)

Martin Blank (154261) | more than 5 years ago | (#25085455)

I see VDC OS as a possibly bigger headache for those of us in security. Where I work, we already have issues with the ESX systems. VMWare's virtual switches are more akin to virtual hubs. Efficiently segregating the individual servers from each other within the same virtual network is difficult if not impossible.

Some solutions may be coming up for this. We've talked to Checkpoint and Reflex about their technologies to address these issues. Even so, I can't help but think that virtualization providers are in a race to make the sweetest, softest, gooiest center possible for attackers. It's only the threat of host compromise and VM escape that has allowed us to convince management to not approve multi-homing an individual host across multiple DMZs. I don't know how much longer that will last, though.

Re:encapsulation and abstraction (2, Informative)

mattmarlowe (694498) | more than 5 years ago | (#25087419)

You apparently missed the the announcement from Cisco that they've released their own virtual switch with enterprise features to replace the limited capabilities in VMware's. And, yes, vmware will fully support it and it will be plug and play compatible. Furthermore, on a cluster of ESX hosts, you can have multiple Cisco supervisor appliances running for HA/management, while a Cisco switch configuration/etc is shared across all nodes and ports being logically linked to each vm, regardless of where vm is located and even during vmotion.

Cisco details at: http://www.cisco.com/en/US/products/ps9902/index.html [cisco.com]

Re:encapsulation and abstraction (1)

Martin Blank (154261) | more than 5 years ago | (#25089723)

I did miss that. Thanks for bringing it up. This kind of thing does go a long way towards addressing the risks that we've identified. I wonder how much it will cost, though. So far, pricing doesn't seem to have been announced.

The supervisor appliances may also be a serious cost issue, as we're not a Cisco shop. In our entire datacenter, we have maybe six or seven Cisco devices. (I work for a California county government, so even a small purchase of a few thousand dollars is a significant cost issue these days.)

Re:encapsulation and abstraction (4, Funny)

cain (14472) | more than 5 years ago | (#25085565)

With VDC, no more. You build all of that into the datacenter "OS", and when a new application comes along they are put into the VDC OS and they inherit everything, not just HA but BC, DR and all of the ease of use. If they don't want BC or DR, they don't pay into that bucket

Yeah, but what about TR, WD, RF, and GH? Not to mention NR, SS, and BD? How could they leave thouse out - I mean WTF?

Re:encapsulation and abstraction (2, Informative)

Ralish (775196) | more than 5 years ago | (#25086173)

To clear up the acronym soup a little:

HA = High Availability
Technology that aims to ensure (high) availability of virtual machines across a virtualised cluster through intelligent monitoring of VM's and cluster resources.
http://www.vmware.com/products/vi/vc/ha.html [vmware.com]

DR = Distributed Resource Scheduler (I assume that's what parent meant)
Provides much more advanced and fine-grained control of the available resources in a virtualised cluster.
http://www.vmware.com/products/vi/vc/drs.html [vmware.com]

BC = Consolidated Backup (guessing)
Backup technology for virtualised clusters, providing backup features specific to virtualisation scenarios that conventional backup products don't traditionally offer, although, BC can integrate with them to an extent.
http://www.vmware.com/products/vi/consolidated_backup.html [vmware.com]

Re:encapsulation and abstraction (0)

Anonymous Coward | more than 5 years ago | (#25088589)

If you don't know what those terms are then you shouldn't be in charge of a datacenter, or any enterprises systems using VM.

Re: what about persistent TCP connections? (0)

Anonymous Coward | more than 5 years ago | (#25085799)

I understand and believe that moving VMs around works well for machines serving stateless transactions, but I'm a tad skeptical that they can move a machine and keep all of its TCP connections alive during the migration. Is this problem solved?

Re: what about persistent TCP connections? (2, Informative)

Ritchie70 (860516) | more than 5 years ago | (#25085949)

I think it is, actually.

We've got some VMware guys at my job doing a proof of concept for us. (I work for one of those big companies where people hear the name and that cha-ching noise happens in their head.)

Each VM has its own MAC address, and the virtualization layer includes a network switch. So long as the switch knows where to send the packets, and the other end of the TCP connection is willing to tolerate a few moments of silence while the VM moves, it should work.

Re: what about persistent TCP connections? (2, Informative)

image77 (304432) | more than 5 years ago | (#25085987)

Yep - the "cutover" happens faster that the TCP timeout window. The connection stays alive, and even if a packet is lost it simply gets resent when the ACK goes missing.

Re: what about persistent TCP connections? (2, Informative)

Ralish (775196) | more than 5 years ago | (#25086211)

Yes, VMware provides a technology for its datacenter level products called VMotion that does exactly that, moving VM's between physical virtualised servers in a cluster while preserving all active networking connections.

I don't know the specifics of how it works and manages that feat, but I have seen tech demos that show it in action. I watched one a while ago published by Dell showing a VMotion task in progress, I'm sure you can find it on the web somewhere with some digging around.

Regardless, it does work and has been available as part of its enterprise products for some time.

If you want to know more:
http://www.vmware.com/products/vi/vc/vmotion.html [vmware.com]

Re:encapsulation and abstraction (0)

Anonymous Coward | more than 5 years ago | (#25088795)

15+ years in the datacenter market and you still think it is a HOBBIEST market?

Now I have to disregard everything else you said, on the grounds that you've obviously been working for mom & pop reseller operations these last 15 years.

Death knell for OS's (1)

oneal13rru (1322741) | more than 5 years ago | (#25084963)

Remember. If this works, NOONE will prefer to keep their own data, their own apps and programs... everyone will ENJOY going back to the days of just using a dumb terminal. Speaking as probably one of the youngest people to have had to use a green lined plaintext terminal from a remote location back when we were moving and my dad had to keep the home computer up... I think I'll stick with having my services local. Nothing worse than not being able to play nethack because the internet wire is down...

Re:Death knell for OS's (0)

Anonymous Coward | more than 5 years ago | (#25085625)

Who's NOONE, and why do I care if he wants to keep his own data?

It's TWO WORDS!

NO

ONE

AAaaaargh.

Network security in a "virtual datacenter OS" (4, Interesting)

infomodity (1368149) | more than 5 years ago | (#25084997)

We have IEEE and RFC for standardization of ethernet/switching and routing respectively. What standards exist for virtual environments? As commercial security vendors move into this space, we're headed back into a cycle of supporting multiple architectures. "Security Vendor X" must now understand how VMWare, Hyper-V, Xen, and other VM environments perform their networking. Virtualization of the entire OSI model renders the physical and data link layers obsolete. Why emulate them at that point? Not to say ethernet will disappear, but I can see a point where operating systems evolve branches that run in pure play virtual environments. Those offshoots will shed unnecessary things like MAC addresses as the VM vendors begin defining the new network standards themselves.

Re:Network security in a "virtual datacenter OS" (1)

kitgerrits (1034262) | more than 5 years ago | (#25086935)

Technically, the bottom 3 rungs of the OSI ladder remain intact, because Virtual Machines use discrete MAC addresses and all machines are joined with VLANs. The firewall (usually at the border of the VLAN) will not notice if the VM moves from one host to another, because the MAC address stays the same, only the switch in between the VM hosts might notice the MAC has moved.

Hmm OpenMosix (2, Interesting)

Culture20 (968837) | more than 5 years ago | (#25085021)

Openmosix project closed earlier this year and suddenly vmware has a way to run one "OS" over multiple computers. Hmmm...

All of IBM's old ideas are new again (3, Insightful)

Lictor (535015) | more than 5 years ago | (#25085083)

VM? LPAR? Parallel Sysplex? Haven't IBM mainframes been doing this since the '70s (okay, Parallel Sysplex has only been since the '90s)?

No doubt a "cloud" of UNIX boxes is harder to marshall than a couple of zSeries though.

Re:All of IBM's old ideas are new again (5, Insightful)

image77 (304432) | more than 5 years ago | (#25085405)

Maybe, but IBM mainframes don't use cheap off the shelf components that you can pick up at the local Fry's. You can build a small VMware cluster with HA, DRS, etc for a few thousand bucks. How much is an IBM mainframe these days?

Once you have that VMware cluster you can run your choice of 70+ operating systems and millions of apps on it. Can you run Exchange on a mainframe? Sieble? Your existing billing and accounting app?

Re:All of IBM's old ideas are new again (2, Insightful)

BASICman (799037) | more than 5 years ago | (#25085611)

Once you have that VMware cluster you can run your choice of 70+ operating systems and millions of apps on it. Can you run Exchange on a mainframe? Sieble? Your existing billing and accounting app?

Well, you can run whatever runs on Linux on top of a mainframe. And if you're a Fortune 500 corporation, chances are your existing billing and accounting applications are *already* running on a mainframe. That is, after all, what the old girl is built for.

Re:All of IBM's old ideas are new again (4, Insightful)

image77 (304432) | more than 5 years ago | (#25085911)

Well, you can run whatever runs on Linux on top of a mainframe.

Only if you recompile those apps to run on the special versions of Linux that run on mainframes. Let's see: I can recompile my app to run on some weird offshoot of Linux on expensive, proprietary hardware or I can take it and "P2V" it onto VMware running which ever flavor of mainstream Linux I prefer? Oh, and I can P2V my Windows apps onto that same VMware cluster? And all that for a fraction of the price? Sold.

Just to be clear I'm not saying that the mainframe has no place in the modern datacenter, I'm just saying that VMware is a better fit in many situations. (And it's certainly an order of magnitude cheaper.)

And if you're a Fortune 500 corporation, chances are your existing billing and accounting applications are *already* running on a mainframe. That is, after all, what the old girl is built for.

Not sure where the F500 argument came from, but since 486 out of those 500 already use VMware I think they're already sold. (All 100 of the F100, BTW.) http://www.vmware.com/customers/ [vmware.com]

In any case, my original point remains. Mainframes are expensive and proprietary whereas VMware is cheap and offers the flexibility to run whatever app on whatever OS you choose. This new VDC-OS stuff just builds on an already good thing. We'll be happy to renew our ELA when it comes up next year.

Re:All of IBM's old ideas are new again (1)

kitgerrits (1034262) | more than 5 years ago | (#25086977)

I just migrated a few very important clusters to HP/9000 to Intel Linux, because the HP hardware was seriously out of date and the Intel platform (DL380) provided nearly the same fault-tolerance and seriously more horsepower for 1/10th of the price.
(Keep in mind, this was done because the App itself tended to provide 99% uptime, so moving from 99.99% hardware to 99.9% hardware goes unnoticed)

Re:All of IBM's old ideas are new again (1)

RedK (112790) | more than 5 years ago | (#25086307)

If you run a Datacenter off of Hardware you bought at Fry's, I don't want to be near it when it blows up. x86 hardware isn't all cheap, especially if you're thinking of a solid storage solution. Think stuff like HP XP arrays. Disks are the most fragile things, we swap at least a few per week where I work, there's no way we're running 1 SATA drive off the local controller for anything.

Re:All of IBM's old ideas are new again (2, Insightful)

image77 (304432) | more than 5 years ago | (#25086591)

You're missing the point. No matter how you slice it the x86 stuff (even the high end x86 stuff) is WAY cheaper than an IBM mainframe, and if I need some memory or a CPU or something I can find it practically anywhere. That was my only point, and IMHO it's one that really can't be argued.

As for the point that I think you were trying to make - of course architecting for redundancy is important. VMware makes that easy too. Even if one of the cheap nodes in my VMware cluster unexpectedly melts down the VMs will automatically restart on another node. I can take my time to repair the broken node and add it back into the cluster when I'm done - at that point DRS automatically rebalances load across the cluster. Same deal with adding capacity.

BTW, with ESXi you don't even need any local disks (which as you said are the most likely component to break down.) You run the hypervisor from flash memory and store the VMs on some sort of shared disk like SAN, iSCSI, or even NFS. (Using proper RAID technology and backup proccedures of course.)

Of course you'll also want to address disaster recovery and business continuity. Those are also something that VMware can help you accomplish with their SRM and VCB products.

Anyway, VMware is the ONLY company right now that has products to address EVERY aspect of virtualization. They can do it all and they do it all very well. Sure, mainframes still have a place in some datacenters but VMware is natural fit for almost every datacenter. That's my last post on the subject - I don't want to be accused of being a marketing drone or something. (I'm not - I'm just a happy customer.)

Re:All of IBM's old ideas are new again (1)

image77 (304432) | more than 5 years ago | (#25086941)

Actually I will say one more thing.

To VMware: (If you're reading this.) Not everyone lives on the West Coast, and I for one have no desire to go back to San Fran for next year's VMorld. Last year San Fran SUCKED. The venue was too small, the food horible, the party lame. The sessions (the ones that I could get into) were good, but the lines to get in were really frustrating. Vegas this year was 1,000,000 percent better. (Well, the Vegas party was also pretty lame but everything else was great.)

Even though Vegas was a lot of fun (and much better overal than the year before,) it's still a long trip for us East coasters. Why not switch between Orlando and Vegas every year?

Please - no more San Fran!

Re:All of IBM's old ideas are new again (0)

Anonymous Coward | more than 5 years ago | (#25090473)

Mod UP! No more Frisco!

Yeah , they have (1)

Viol8 (599362) | more than 5 years ago | (#25085861)

But people in IT rarely read up on their own history so think everything they haven't seen before is cutting edge tech.

Re:All of IBM's old ideas are new again (2, Interesting)

Comatose51 (687974) | more than 5 years ago | (#25086627)

VMware isn't claiming these ideas are new. IBM and computer science departments around the world has been talking about these ideas for many years. The difference is that VMware has an implementation that will work on x86 hardware that can bring the benefits of these ideas to a large market. In some sense we've come full circle as we moved from mainframes and room size computers to PCs and commodity hardware and now back to computers in a datacenter (a very big room). However, you can't just dismiss the new-old idea and say "I told you so" because there are differences between the current implementation and the old one. The x86 hardware is one difference. Another is the fact that the computing hardware are clusters of relatively inexpensive servers rather than a few large boxes. These kinds of hardware are more much prolific than the IBM hardware and thus the VMware solution is more accessible. I can't say if one solution is technically better than the other. However, the VMware solution works in the current x86 environment/market that is a result of the history of the industry.

Re:All of IBM's old ideas are new again (0)

Anonymous Coward | more than 5 years ago | (#25086653)

Apples and oranges. Mainframes and VMWare both address similar problems but each have their own place in the data center. Even IBM uses and re-sells VMware on their x86 hardware. http://www.ibm.com/virtualization/vmware [ibm.com]

Good blog on future Virtual Data Center mgmt (0)

Anonymous Coward | more than 5 years ago | (#25085105)

Theres an interesting little article on the future of these virtual data centers and the kinds of management features/software that will be required to drive them over at the 360is blog [blogspot.com] . They draw parallels with the evolution of storage management and NAS/SAN features we have grown to love over the last 10 years.

AG.

Parallel how? (1)

kriebz (258828) | more than 5 years ago | (#25085171)

I fail to see how this "solves the parallel programming problem". If you have a monster server, bandwidth and latency are low for process running on it and communicating with one-another, whether they are running in a VM or not. If you have the same server running *nix with all the programs running, the performance can't really be worse than if you use it to host this OS. It would just be harder to maintain. The only useful feature I saw from the article is that it seems to be able to checkpoint guest OSs. They can't be the first to offer this, not counting IBM, but they might be the first to have it integrated and support un-modified guest OSs.

Disclaimer: I have a CS degree, but I've never used VMware other than Server and Workstation

The History of Virtualization (1)

peteybear (915711) | more than 5 years ago | (#25085421)

As a dinosaur who started cranking code more than 40 years ago, I've been out of touch with things like virtualization for some time. The last word on virtualization in the mainframe world in the 70's and 80s was IBMs VM series of virtual machine operating environments: CP/67, VM/370, VM/SP, etc., coupled with CMS, the Conversational Monitoring System OS for each virtual machine. These were spectacularly useful across a wide spectrum of user profiles. In concept, how do current virtualization strategies differ from these early IBM products, and what took so long for products of this type to return to the mainstream?

Re:The History of Virtualization (1)

FlyingGuy (989135) | more than 5 years ago | (#25085883)

Indeed on an IBM Mainframe you could run any number of VM's of various flavors and they were all under the control CMS and life was very very good indeed, but those days are ....

Ohh yeah, they are still here! VMWare is just re-inventing a very well designed wheel that has been rolling for the last few decades so what is the point?

Is it just a reincarnation of the Not Invented Here syndrome, yet again?

Well it goes like this... (1)

Viol8 (599362) | more than 5 years ago | (#25085903)

Mainframes in the late 80s suddenly became big , nasty and old fashioned systems and desperately untrendy. The PC and unix boxes suddenly became the system de jour and all the supposed hot new talent went in that direction. Unfortunately , not being very good at reading history they had zero clue as to what mainframes actually got up to and so its taken them this long to effectively re-invent the wheel. So endeth this tale.

Interesting, but not the only solution ... (1)

iaamoac (206206) | more than 5 years ago | (#25085771)

VMWare is neat and has its uses. As a developer, I've found it quite useful for OS development and testing. In the data centre it too can have its uses, but it is also has its limitations. That's one of the reasons why our IT department is exploring the Trigence solution--application virtualization. It gives them better performancee, easier migration of apps to newer OS versions and lower costs (hardware and fewer OS images to maintain).

thhis isn't new, amazon's been doing it for a long (1)

illuminum (1356693) | more than 5 years ago | (#25085779)

thhis isn't new, amazon's been doing it for a long time

What about Microsoft? (5, Funny)

joib (70841) | more than 5 years ago | (#25085823)

And after a few years when Microsoft follows VMWare, we'll have Microsoft DataCenter OS, abbreviated MS-DOS.

Re:What about Microsoft? (1)

SHaFT7 (612918) | more than 5 years ago | (#25086289)

nice

..and ME? (0)

Anonymous Coward | more than 5 years ago | (#25086337)

Mainframe Edition, too?

I.e., multi-threaded, protected memory DOS (1)

ibsteve2u (1184603) | more than 5 years ago | (#25086067)

...a universe of sandboxes.

This is the real deal (4, Interesting)

Natales (182136) | more than 5 years ago | (#25086213)

Disclaimer: I work for VMware, and I just came back from VMworld in Vegas (exhausted BTW).

In all my 5 years in the company, I must say that this is the most comprehensive re-thinking of the long-term strategy for virtualization I've seen to date. It brings a new sense of direction that matches where the markets are going.

I agree with most of the comments in this thread regarding the benefits of the VDC-OC, but this is just one part of this picture. IMHO, the biggest change is the "Federation with the Cloud" strategy, where a company may choose to use, move or spawn new or existing workloads directly into a service provider on-demand, maintaining the SLAs (from security to capacity) and then bring them back to the internal cloud if needed.

I mean, go a talk to a CFO or a COO, and they'll [most of the time] politely complain about IT being expensive, and not fast enough to react to the changes the company needs. Shared services are still seen as optional and many business units still prefer to implement their own thing. With this model, IT becomes a true utility, with a pay-as-you-go menu that implements a coherent chargeback model that will bring a smile to the guys in dark suits.

Even if VMware doesn't succeed in these efforts, the genie is out of the bottle and somebody else will make it happen.

Really interesting times to be in IT.

Re:This is the real deal (1)

uassholes (1179143) | more than 5 years ago | (#25086493)

Someone gives you a binary executable file to run. It's a two thread program compiled and linked for say, an IBM 360 or maybe a MIPS R6000, it doesn't matter. You say "fine", and submit it to your virtual cloundWare, and one thread executes in Greenland, and the other in Malaysia.

When you're ready for that, it's the real deal.

Re:This is the real deal (1)

Jay L (74152) | more than 5 years ago | (#25088249)

Here's the thing I don't get:

For decades, we've seen the promise of "location agnostic" resources. RPC, CORBA, middleware, etc. etc. was all supposed to provide you with a unified way to Do Things, whether you were Doing Things on the same machine or in a different data center.

No, none of them were as seamless as VDC. But they didn't fail because they were clunky; they failed because they were too slow. For every "abstract out the data repository" groundswell, we've countered it with "stored procedures run inside the repository for speed". Heck, even Rails, the poster child for "hardware is cheaper than developers", has now discovered that the most performant solution is a non-threaded event loop.

In the end, every new abstraction layer is (a) a terrific way to make development easier, and (b) discarded with great sadness once you start worrying about Big Scaling. We have reliable message queues over reliable TCP, and you still end up building fast-fail and pooling logic into the apps.

But VDC is aimed at the big data center. So what's changed? Is it just that networks are now fast enough that we really don't need to optimize the resource distribution at the application level? If so, why haven't other, lesser abstractions been almost as useful?

Can you say, "Buggy Whip Industry"? (1)

mosel-saar-ruwer (732341) | more than 5 years ago | (#25088581)


I mean, go a talk to a CFO or a COO, and they'll [most of the time] politely complain about IT being expensive... IT becomes a true utility, with a pay-as-you-go menu that implements a coherent chargeback model that will bring a smile to the guys in dark suits.

Really interesting times to be in IT.


Or not.

Everything you've just written indicates that the chores which are currently being performed by 10 IT dudes might, in the near- to mid-term-future, be acccomplished by a single IT dude [who himself might be halfway around the world in Bangalore].

Can you say, "Buggy Whip Industry"?

PS: On the other hand, this might drive IT costs so low that it would make sense for the Bangaloreans to ditch their own physical infrastructures and rent virtual time out of the USA.

Trigence already does this -- really well (1)

mclearn (86140) | more than 5 years ago | (#25086373)

Sounds like something Trigence [trigence.com] already does. No need for OS-level virtualization in which you need to allocate tonnes of memory for an entire OS. Just allocate what the app needs. It encapsulates servers/services and the entire firesystem supporting it on both Windows and Linux. Their online demo is really, really well done. We looked at this product not too long ago because we were sick and tired of having our machines thrash under so many VMs that need X amount of resources (memory, disk space) just so they could run an encapsulated application requiring 10% of the resources.

Re:Trigence website; the usual crap (2, Insightful)

uassholes (1179143) | more than 5 years ago | (#25086663)

Great... maybe. I just took at look at their website and found a lot of shit written by sales and marketing that I just don't have the patience to try to understand what they are babbling about.

And, of course the obligatory photos of models pretending to be employees, happy customers, or drunken vagrants; who the fuck knows.

And why do the marketeers that they hire to advise them on their "onlin presence" insist on that shit?

Does anyone here get a boner when they see those fucking pictures of happy corporate people on every fucking corporate website?

pronounced? (1)

alta (1263) | more than 5 years ago | (#25086463)

I always wondered how you pronounced 'virtual datacenter OS.'

Now, I wonder if they'll ever announce this as a product.

Cisco VFrame (1)

omarabas (1349901) | more than 5 years ago | (#25086795)

I know Cisco has been trying to flog their VFrame (http://www.cisco.com/en/US/products/ps8463/index.html) technology which sounds very similar to this. Funny thing is, VFrame supports VMware itself, so im not sure how that relationship is going to continue.

Multithreading problem? (0)

Anonymous Coward | more than 5 years ago | (#25087139)

Multithreading is not a big concern for server side developers, who are the ones who make use of datacenters this new "OS" claims to replace, nor are they under pressure to take advantage of all the CPU cores. In fact, most multithreading problems are taken care of by underlying application server platforms (apache, jboss, etc.). It's actually rarely a good idea to have multithreaded code handling single transactions on the server side.

That isn't to say that VMware's datacenter OS isn't interesting, but I hope they aren't trying to solve the multithreading "problem" like McAllister is saying.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>