shareVM- Share insights about using VM's

Simplify the use of virtualization in everyday life

Posts Tagged ‘microsoft

Unidesk Virtual Desktop VDI technology

leave a comment »

This is a summary of Kris Midgely’s (Founder and CTO, Unidesk) interview by Brian Madden

Unidesk is a PC Lifecycle Management company planning to provide

  • Virtual Desktop Management
  • Personalization
  • Storage reduction

with no agent on the desktop.

Supports VMware ESX today. Intends to support Citrix XenServer and Microsoft Hyper-VVMware Workstation, VMware Fusion, Citrix XenClient. and application virtualization technologies such as, VMware ThinApp, Microsoft App-V, etc.

CacheCloud

CacheCloud: is a content delivery network (think Akamai) for pushing out VDI gold images to different data centers, laptops/desktops in branch offices or machines that connect intermittently. Cloud consists of  a large number of virtual appliances, called CachePoints, running one per blade or laptop. Each CachePoint stores user personalization locally as well as replicates it out. CachePoint appliances are made of Linux, have virtualized storage that supports

  • thin provisioning
  • replication
  • versioning

Windows and app code is shared, user personalization is unique. This makes scanning for AV really fast since there is only image of code

Block-level replication of deltas, file-level replication for compositing.  Personalization data can be written from several individual CachePoints to a  NAS/SAN in the data center which enables legal discovery of changes to data, which was not possible until today.

Composite Virtualization

Composite Virtualization understands the abstract layers, Windows’, apps and user data and knows how to merge them together (composite) in real time to create a bootable C: device and provide a rich desktop experience. Virtualizes each desktop into  layers

  • exe, com objects and dlls are apps
  • Registry – configuration 
  • everything else is data 

It will support encryption in the future: Shared keys for windows and apps code, personal keys for private data

Composting engine sits on top of the device driver and form the individual layers by merging individual IO streams with the namespace knowledge it maintains.

A virtualization storage layer implemented as a NTFS file system filter driver provides a high performance block IO device that talks to the CacheCloud. It loads early in the boot cycle. Once it is loaded, it loads a vmdk disk image which contains Just Enough Windows pre-composited to provide a bootable C drive. The latter can be served from the Cache Cloud.

It Snapshots the system automatically by auto detecting application installs/uninstalls, ActiveX control downloads. An admin can get a timeline view of user-installed software to reconstruct a hosed machine easily from the CacheCloud. Lets you recover system state while retaining your data.

Availability

Currently in Beta with 22 customers spanning Financial Institutions, Higher Ed and the Government.

Distribution through a channel strategy, working with Top Channel providers for VMware, Citrix, Microsoft. Can replace WAN acceleration, Backup and DR and Persistent Personalization products.

Type 1 and Type 2 Client Hypervisors

with 2 comments

This post is based on insight gained from two of Brian Madden’s posts: A deeper look at VMware’s upcoming bare-metal client hypervisor and Bare-metal client hypervisors are coming — for real this time

Wikipedia distinguishes between two distinct types of hypervisors

Type 1 Hypervisor

Type 1 (or native, bare-metal) hypervisors are software systems that run directly on the host’s hardware to control the hardware and to monitor guest operating-systems. A guest operating system thus runs on another level above the hypervisor. Some examples are VMware ESX, Xen, Microsoft Hyper-V, etc.

Type 1 hypervisors are appropriate when you want to provide the only OS that is used on a client. When a user turns a machine on, he only sees a single OS that looks and feels local.

Type 2 Hypervisor

Type 2 (or hosted) hypervisors are software applications running within a conventional operating-system environment. Considering the hypervisor layer as a distinct software layer, guest operating systems thus run at the third level above the hardware. Some examples are VMware Workstation, VMware FusionMED-V, Windows Virtual PC, VirtualBox, Parallels, MokaFive, etc.

Type 2 hypervisors are appropriate when you want a user to have access to their own local desktop OS in addition to the centrally-managed corporate VDI OS. This could be for an employee-owned PCscenario, or it could be a situation where you have contractors, etc., who need access to their personal apps and data in addition to the company’s apps and data.

Client Hypervisors

Over the past 5 years, Type 1 hypervisors are dominantly used in the server market, whereas, Type 2 hypervisors are being used on clients, i.e., desktops and laptops. Recently, the need for a Type 1 hypervisor that runs locally on a client device, called the client hypervisor, has emerged for supporting the Virtual Desktop Infrastructure VDI).

Benefits

VDI’s promise lies in realizing a significant cost reduction for managing desktops. A client hypervisor is useful because it combines the centralized management of VDI with the performance and flexibility of local computing. It offers several advantages:

  • It provides a Hardware Abstraction Layer so that the same virtual disk image can be used on a variety of different devices.
  • The devices do not need a “base OS” when the client hypervisor is present. The maintenance overhead of patching a “base OS” frequently on each of the devices is greatly reduced.
  • Once a virtual disk image has been provisioned, it runs and the display is driven locally. This frees up the client from the need to support remote display protocols.
  • It decouples the management of the device from the management of Windows and the user; administrators can spend their time focusing on user needs instead of device maintenance.

Type 1 Server and Client Hypervisors

Server hypervisors are designed to make VMs portable and increasing the utilization of physical hardware. Client hypervisors are intended to increase the manageability of the client device and improve security by separating work and personal VMs.

The bottom line is that even though they’re both called “Type 1” or “bare-metal hypervisors,” there are some philosophical differences in how each came to be. (This could help explain why it has taken over five years to extend the Type 1 hypervisor concept from the server to the desktop.)

Dimension Type 1 Server Hypervisor Type 1 Client Hypervisor
Design Goal Host multiple VMs and make each VM seem like a “real” server on the network. The user shouldn’t even know that there is a hypervisor or they are using a VM.
Virtualization Goal I/O: Disk and Networking Native device support that affects user experience, e.g.,
a) GPU and graphics capabilities
b) USB ports and devices
c) Laptop battery and power state
d) Suspend/Hibernate states
Tuning Maximum simultaneous network, processor and disk I/O utilization Graphics, multimedia and wireless connectivity
Hardware Support Narrow set of different preapproved hardware models Should (ideally) run on just about anything
Intrusiveness Controls most if not all of the hardware platform and devices and provide a near complete emulated and/or para-virtualized device model to the virtual machines running on top a) Should support full device pass-through to a guest VM.
b) Should also support dynamic assignment and “switching” of devices between different guests


Type 1 Client Hypervisor Vendors
In the Type 1 client hypervisor space, there are Neocleus NeoSphere and Virtual Computer NXTop. There are product announcements from both VMware and Citrix, however, there is no shipping product to date. There is also the Xen Client Initiative – an effort to port the open source Xen hypervisor to the client.

Editorial Opinion
Today, hypervisors are a commodity. While they are indeed foundational technology, they are “out of sight is out of mind”, i.e., most users do not perceive their presence and hence ascribe no/low value for this technology. Hypervisor developers will be hard pressed to build a lasting public company solely based on selling hypervisors.

Best Practice: Defrag VMDK, VHD, VirtualBox Virtual Disk

leave a comment »

Wikipedia describes defragmentation as

a process that reduces the amount of fragmentation in file systems. It does this by physically organizing the contents of the disk to store the pieces of each file close together and contiguously. It also attempts to create larger regions of free space using compaction to impede the return of fragmentation.

Generically, the defragmentation of a Windows guest within a virtual disk running on a Windows host (Windows on Windows) requires a three-step process:

  1. Defragment the guest
  2. Defragment the virtual disk
  3. Defragment the host

On a Linux host or guest, the ext3 and ext4 file systems are more resilient to defragmentation.

Windows on Windows

You should perform the following steps whether you are using a Microsoft VHD, VirtualBox VDI or VMware VMDK virtual disk,

  1. On a Windows guest OS, run the Windows Disk Defragmenter to defragment the files within the volumes stored inside the virtual disk.
  2. Next, power down the virtual machine and defragment the virtual disk using contig. Defragmenting the virtual disk simply reorganizes the blocks so that used blocks move towards lower-numbered sectors and unused blocks move towards higher-numbered sectors.
  3. Run the Windows Disk Defragmenter to achieve an overall defragmentation of all files on the host including the virtual disk.

VMware VMDK specific

The following steps can be used generically for VMware VMDK, for Windows on WIndows or any other suppoted platforms. vmware-vdiskmanger:is a standalone tool for defragmenting a growable VMware Workstation, VMware Fusion or VMware Server, vmdk when it is offline. Note that you cannot defragment:

  • Preallocated virtual disks
  • Physical hard drives
  • Virtual disks that are associated with snapshots.

The recommended steps for defragmenting a vmdk are:

  1. On a Windows guest OS, run the Windows Disk Defragmenter to defragment the files within the volumes stored inside the VMDK.
  2. Next, power down the virtual machine and defragment the vmdk using the command vmware-vdiskmanager -d myVirtualDisk.vmdk. Defragmenting the vmdk simply reorganizes the blocks so that used blocks move towards lower-numbered sectors and unused blocks move towards higher-numbered sectors.
  3. If the host OS is also Windows, run the Windows Disk Defragmenter to achieve an overall defragmentation of all files on the host including the VMDK.

Why do Windows C drives get full in virtual disks?

leave a comment »

A real life experience posted by a member in the VMware vCenter Server Communities yesterday (Feb 8, 2010):

I have installed vc with sql 2005 express, now my vCenter server c:\ is almost full
is it possible to move my vCenter database to another drive

The solution recommended by an expert is:

you can install a new server with more space and migrate the data as following.
link to kb post
But you can use also tolls like gparted or dell_expart to incrase your space.

While this recommendation is consistent with the perceived state of the art, it does have the following impact:

It is not going to affect the running VMs and also ESX but you/VSC may see a disconnect for a while.

Another member recommends a different approach

A different approach would be to extend the c-drive.
We have recently released a tool (fatVM) to make this easy (or easier).
It creates the extended VM in a new directory (with the original as parent). Does not touch the original files. Is able to extend most VM in a couple of minutes.
Here is the link: http://www.gudgud.com/fatvm

A third member is contemplating a similar move:

I have a 4 host ESX 3.5U4 system.My VCenter is pointing to an external SQL server. I am about to upgrade to vSphere and want to have the SQL running on on the VCenter server itself – most likely using SQL Express. I have the same concern about space.

You must have noticed the pattern that is emerging. Your C:drive can get full when you are using a database system, or a log aggregation server, within a VM that has a pre-allocated disk and size of the data is growing. As a best practice, review your apps for potential of data growth before pre-allocating the size of the VM.

Who is the virtualization storage administrator?

leave a comment »

Interesting post on The changing role of the IT storage pro by John Webster who interviewed the CIO of an unnamed storage vendor

The CIO observed that the consolidation of IT infrastructure driven by server virtualization projects and a future rollout of virtual desktops is forcing a convergence of narrowly focused IT administrative groups. This convergence will cause IT administrators to develop competency in systems and services delivery in the future, rather than remain silo’ed experts in servers, networks, and storage.

Virtualization has brought about the convergence of systems and networks; the convergence of Fibre Channel and Ethernet within the data center changes the nature of the relationships between enterprise IT operational groups as well as the traditional roles of server, networking, and storage groups.

As the virtual operating systems (VMware, MS Hyper-V, etc.) progress, we will see an increased tendency to offer administrators the option of doing both storage and data management at the server rather than the storage level. Backups and data migrations can be done by a VMware administrator for example. Storage capacity can be managed from the virtualized OS management console.

John’s observations tie-in with the lessons from the two preceding posts where we explored Netapp’s virtualization storage features and thin provisioned thin virtual disks, where we learnt that the administrators have to understand not just the file system nuances but also the storage features to use storage for virtualization effectively.

Written by paule1s

December 3, 2009 at 11:03 pm

Virtual Humor (or is it virtual insanity?)

with one comment

Dr Pinto advised fatvm to check out various exercise options and guess what the Google searches revealed:

Is it funny that this is real, or is this virtual insanity? 😉

Top 10 VMware Virtual Appliances for Security

with one comment

I have reviewed several appliances in the Secure Content and Threat Management and Identity, Access and Vulnerability Managament categories of the VMware Appliance Marketplace to identify the Top 20 appliances. Here are the steps I followed for selecting the appliances listed below:

  • I have relied on the Average customer Rating, expressed as a 5 star, or a 4 star, etc., rating (you may wish to review my analysis of VMware’s ratings)
  • I discarded all virtual appliances that solely package OS distributions, primarily, ubuntu, fedora, etc. My rationale is that an OS by itself provides low business value to an IT Administrator. While an IT administrator can use these just as if they were using a ghost image, these virtual appliances neither package applications in a usable form, nor simplify the task of installing and configuring the applications that provide business value. Besides, the base OS virtual appliances are available in a category by themselves
  • I also discarded several appliances rated 4 star or less, which are present in the directory but have either broken or stubbed out download links. They seem to have been retained in the directory to beef up the appliance count, however, they are not useful to the community.

S. No.

Virtual Appliance

What is it used for?

Download Link

Average Customer Rating

Number of Reviews

Pricing

1

Stonesoft

Protects Internal Networks from Malicious Traffic in Demanding Virtual Environments

Download

5

0

Free trial with registration

2

Profense Base Web Application Firewall

Web application firewall with automated adaptive learning and HTTP load balancing

Download

5

0

Free Trial, USD 2950 per subscription

Profense Web Application Firewall (ESX)

Web application firewall with automated adaptive learning, load balancing and XML support. PCI DSS and OWASP Top Ten compliant

Free Trial, USD 5950 per subscription

3

FalconStor Virtual tape Library

The only VTL solution that improves the quality and efficiency of tape backup in virtual enviroments.

Download

5

0

Registration 30 day trial

4

WiKID Strong Authentication Server 3.3.8

The WiKID Strong Authentication Enterprise Edition VMware 3.3.8. Support for Google SSO/SAML has been added

Download

5

0

USD 24 per user

5

Altor VF Virtual Firewall

1st Purpose-Built Virtual Firewall

Download

5

0

Free trial with registration

6

HyTrust Appliance Community Edition

HyTrust Appliance provides a single point of control for hypervisor configuration, compliance, and access management.

Download

5

0

Free

7

CensorNet Web Security Virtual Appliance

Total Web Security software for any organisation

Download

5

0

Free Trail, USD 5 per

8

Kinamik Secure Audit Vault v1.1

Provides data integrity protection by centralizing and preserving sensitive data,making it tamper-evident at the highest detail.

Download

5

0

Free Trial, EUR 10,000

9

AEP Netilla SSL VPN

AEP Netilla SSL VPN is a secure application access gateway that enables secure, web browser access to a range of business apps.

Download

5

0

Free trial, USD 1

10

Trend Micro InterScan Messaging Security Virtual Appliance

Comprehensive email security gateway reduces TCO with immediate protection from spam, phishing, malware and data leaks

Download

5

0

Free Trial, USD 19.67 per user

11

Trend Micro InterScan Web Security Virtual Appliance

InterScan Web Security Virtual Appliance applies real-time web reputation, flexible content scanning and powerful URL filtering.

Download

5

0

Free Trial, USD 13.45 per user

12

LinHost Backtrack 3

BackTrack is a penetration testing oriented live CD and is the result of the merger of WHAX and Auditor.

Download

4.5

0

Free

13

Symantec Brightmail™ Gateway Virtual Edition (formerly Mail Security 8300)

Inbound and outbound messaging security, antispam and antivirus protection, advanced content filtering, and data loss prevention

Download

4.5

0

Free Trail, USD 15 per user

14

JanusVM

Internet Privacy Appliance : Encrypts your Internet traffic, hides your IP address, and is easy to setup.

Download

4.5

0

Free

15

SpamTitan

*SpamTitan allows you create a Email Security Appliance for your Gateway

Download

4.5

0

Free hosted trial, USD 395 per subscription

16

gateProtect Virtual Appliance

gateProtect solutions combine state of the art security and network features such as firewalls, bridging, VLAN, single sign-on, traffic shaping, QoS, IPSec/SSL (X.509), IDS/IPS, web filters, virus filters, real-time spam detection and HTTPS proxy in one system

Download

4.5

0

Free

17

Accellion Secure File Transfer – Virtual Appliance

Secure File Transfer Virtual Appliance – secure, economical and easy to use secure file transfer for today’s global enterprises

Download

4.5

13

Free hosted trial

18

Network Security Toolkit (NST) Virtual Machine

Best-of-breed open source network security applications with supporting scripts and a web-based front-end management interface.

Download

4.0

0

Free

19

LogLogic Security Change Manager- Great for Firewall Coversions!

Streamline the design and deployment of network security rules for firewalls, routers, switches, VPN, and IPS’s.

Download

4.0

0

Free

20

Check Point VPN-1 VE (Virtual Edition)

Proven Security for Virtual Environments

Download

4.0

0

Free Trial

Which virtual appliance do you use the most and why do you like it?

Written by paule1s

September 25, 2009 at 1:18 pm