Xen and the Art of Virtualization

By eweek  |  Posted 2007-08-01

Xen and the Art of Virtualization

Mike Vizard: One of the topics that is on everybodys mind these days is virtualization. Everybodys talking about it, yet I kind of feel like were in some kind of perennial state of pilot development. What is your sense of where we are in the adoption rate of virtualization these days?

Joe Wagner: Great question. Virtualization is a great disrupter to the traditional IT platforms and the adoption rate, I think, has been phenomenal. Its been growing very rapidly. But as you point out, its been used mainly in the test and development areas, and just recently moving into production. In those areas, whats preventing it has been the ability to manage virtualization and to provide the same types of assurance and risk management that our IT users expect.

Vizard: So are you saying that basically the systems and network management tools havent really kept pace with virtualization because it really is a whole new operating system kind of environment?

Wagner: Thats correct. Virtualization offers new paradigms of computing, new flexibility, new dynamic infrastructures to be possible. It makes your computing much more fluid. And like any technology that releases the availability like virtualization does, what typically comes in advance is the ability to control it. What users have seen is even the lack of knowing where their virtual machines are running and that, in itself, would prevent you from using it on very secure infrastructures in certain IT installations.

Vizard: So whats going to solve that problem? If we dont have the tools to manage it, we cant really deploy it? And then we feel like were stuck in some kind of Catch 22.

Wagner: I think those solutions you see rapidly coming to the market today - Novell is bringing some to the market, as well as others - is the ability to manage a virtual environment much like a physical environment. One of the things that users are experiencing is in that transition, theyre coming to realize that virtual environments are as difficult and require as much management as a physical environment, so theres a good analogy there to let you know whats coming. And the capabilities like Novells ZENworks Orchestrator to know where virtual machines are, discover them in advance, track where theyre used, account for their use, do cost accounting on their use - are brand new solutions just coming to market. Ours was announced in November 2006 and I think youll see the industry move rapidly toward bringing those types of capabilities to market.

Vizard: Novell is supporting Xen, if Im not mistaken, but are you going to have a management approach that supports multiple virtual machine environments in the same way that youll support, say, a Windows and Linux environment today?

Wagner: Sure. The desire of every CIO that Ive ever met in my career has been to have a single vendor, or to have at least a few vendors to work with to standardize their IT infrastructure. And virtualization, much like hardware, much like operating systems - we believe that Novell will become heterogeneous. The introduction of Xen and the introduction of Meridian for Microsoft are just examples of that. The capability we announced with ZENworks Orchestrator in November of last year, out of the box manages a heterogeneous virtual machine environment. So we already provide that capability to manage virtual machines created by VMware, or virtual machines created by Xen infrastructures and virtual machines that will eventually be created by Microsoft. That capability exists today from Novell.

Vizard: Is there any fundamental difference in your mind between the different approaches to creating these virtual machines, whether its Xen, Microsoft or VMware, or is it just simply a matter of where they got started and what platform they happen to be targeting?

Wagner: At the hypervisor level, the fundamentals are similar. The maturity of implementation is different, so you hear these very complex terms - full virtualization, paravirtualization, the ability to do live migration - all capabilities that are associated to the maturity and the depth of the hypervisor. So there are differences, but eventually, that layer, we strongly believe, will commoditize and commoditize very rapidly. At the management layer, there are strong differences. One of them is whether or not youre using open standards or proprietary standards. And VMware today, for example, allows you, an external party like Novell, to manage their virtual machines only if you already buy their management, so thats a very proprietary-oriented infrastructure. Novell, with the XenSource project, is bringing to the market a very open standards approach, all of the interfaces and APIs fully available for our management tools to interact with the virtual machines or anyone elses virtual machine management capabilities. And well see what Microsoft does. Its yet to be fully brought to market.

Vizard: In the context of where does virtualization show up, what role will virtualization play at, say, the processor level, and what role will it play at the operating system level? And if its playing at that level, doesnt it kind of sediment into the fabric of the infrastructure, and what am I going to actually need to buy then on top of that?

Wagner: Well, virtualization plays, you could say, almost at every layer of the typical IT stack, and even places you already know, in storage, today, virtual storage. We hear that term quite often. Youll be hearing virtual network capabilities. Within the traditional setup that you described, we have virtualization of the operating system running on a hypervisor. We have virtual capabilities at the application layer itself, by virtualizing applications and providing application streaming. Where I think your question drives is whether or not we see the hardware vendors or even the chip manufacturers picking up virtualization. We at Novell certainly see that trend. Its happening today where the hardware vendors are clearly picking up virtualization technologies, clearly thinking about options for the actual implementation, providing hardware thats more readily available for virtualization of operating systems. And the trend that you see, lets say, with Intels vPro technology, virtualization on a chip, I think, is foreshadowing that the hypervisor layer may eventually end up on the chip and youll have chip-ready virtualization.


Next Page: Virtualization at Every Layer.

Virtualization at Every

Layer ">

Vizard: So down the road, what I might ultimately see is the virtualization layer, itself, is going to be in the operating system. Its going to be in the chip level. And then what Im buying above that may be the ability to virtualize an application or the management layer above that, but the actual machine may just embed itself into the infrastructure.

Wagner: Yeah. If I understand your point, I think youll see virtualization almost at every layer, and customers will have the flexibility to implement it for the most productive use. Now we consistently say here at Novell, we focus on user productivity, and customer productivity and the business productivity, and all of these technologies that we have available should be targeted at that. Many of the technologies that you see, and the targeting by many of the vendors that bring them to market, is about machine productivity. Wed like to turn that around and reduce this complexity that you see in the market and take all of that flexibility and focus it at user productivity.

Vizard: Do you think, ultimately, that means that people will buy fewer machines? On the server side, in theory, I can run multiple operating instances. So why am I going to need to buy the same number of servers?

Wagner: I think they said the same thing about storage many years ago. Storage, as you know, is one of the fastest growing areas of the IT infrastructure. I think as you align to the business needs and provide business users what they want, they have almost an insatiable consumption of what IT can bring to bear. And so in the short run, or on any particular instance, you may be able to consolidate servers. Thats probably a short-term effect. And in the long run, the amount of value that IT can bring to the business community will circumvent that short run consolidation and youll bring back the demand. I think we all see that. If, in fact, that effect was anticipated to be the long-term effect, weve consolidated and used a lot less of IT resources; there may be less interest in virtualization from the large ecosystems. What we see in the trends is that the large ecosystems, as well as how Novell manages them, will take full advantage of what virtualization has to offer to provide flexibility. And that flexibility drives new possibilities, which then drives demand.

Vizard: Do you think virtualization plays any kind of new or interesting role in the client side of the equation, rather than all the conversations today is on the server side? Do you think people will start virtualizing their client machines to create different personalities for themselves and the clients? I may have my end user personality for my personal life and my business life on the same machine, but running on different virtual machines.

Wagner: Yeah, absolutely. We see that today happening with many of our customers. With the introduction of the SUSE Linux desktop, you have the capability to run virtual machines within the Xen environment on your desktop. And we see that the term used much in the industry is VDI or virtual desktop initiatives, and different types of virtualization, be they a thin client implementation utilizing browser technology on the client served by a blade farm with the desktop, thicker pieces of the desktop running virtual machine on the servers themselves as one implementation. We see flexible computing architectures where you have a thicker client on the desktops and stream applications out in a virtualized way to the desktops to provide different economics to the desktop for usage charging. Instead of "I have to buy the application," I can use it time of use of that application. There are many forms and there is a lot of investigation, a lot of piloting going on of different techniques. And I think youll see a pretty strong wave continue over the next year to three years.

Vizard: What is your take on the implication that virtualization has on rolling out applications, or for that matter, a subset of that whole conversation would be disaster recovery and business continuity. But has virtualization kind of changed the way people need to think about how they provision applications?

Wagner: Well, I think you could say in one breath, virtualization changes everything, and in another breath say virtualization almost changes nothing, but it depends on your implementation, Mike. What we see is virtualization opens up so much flexibility that it puts a lot of pressure on management and management policies, and the practices of both desktop management and data center. So Novells bringing forth, as you know, enterprise management technologies, as we say, from desktop to data center to help our customers simplify and manage, not just a virtual environment, but the physical environment as well, and the marriage of those two so that they can have a minimized risk environment with the assurance of business productivity without the inherency and the concerns that come with virtualization; losing track of things, not knowing where things are running. So virtualization has great promise. Theres no question about it. It actually is an enabler of disaster recovery capabilities, but you have to bring together an enterprise management approach that minimizes the risk and provides the regulatory and compliance components required to fulfill on that promise.

Vizard: In that same context, what does virtualization do for enhancing security across the board? Does that create another layer between the operating systems and the applications that afford some greater level of protection? What are we going to see there?

Wagner: I hate to bring up the complexity of it, but in the layers of a stack, the various types of virtualization can, in some cases, provide more security issues and, in many cases, reduce security issues. So if youre implementing operating system-based virtualization and isolating the operating environments from themselves with some of the management capabilities that we bring to offer, as well as others, you actually enhance security. Because by creating virtualized environments, theyre containerized and isolated from each other. Other virtualization technologies, typically those that are provided within one operating environment - lets call them zones or virtualized containers - sometimes introduce new security risks because they dont have that type of isolations that operating system virtualization does. So Mike, it really depends on the implementation approach that youre using and how youre managing that implementation.


Next Page: Virtual Machines as Resources.

Virtual Machines as


Vizard: I guess Im asking that because it just strikes me that these are areas that Novell, historically, has had some strength in. So Im just curious about whether or not you see Novell playing a greater role in the application development rollout process or the security process, as it relates to virtualization.

Wagner: Absolutely. Novell, as you know, brings to bear 10-plus years of enterprise management in both identity and in systems and resource management. Its that unique combination where we can provide an identity-based infrastructure. So in this context, identities are not just human beings or passwords, theyre actually resources which can be virtual machines, physical machines, and apply the same dynamics of policy and role against that identity-based infrastructure to allow the automation technologies and the management technologies to be fully deployed, again driving at the business productivity result that we are after. So when you think about a dynamic IT infrastructure, what we want you to think about is reposing that into its identity components, right, the resources, applying roles and policies that will securely deploy those resources in the most automated fashion to drive business productivity. Novell, in our strategies, we plan to play a very strong role.

Vizard: When you add up all this stuff, what do you think is holding back the adoption of virtualization by order of, I guess Ill call it, ranking of hurdle? Is it in the lack of the management tools? Is it going to be a security issue? Is it the implications around the economics of what it does to peoples hardware buying cycles? What is the combination of things?

Wagner: I think you had put together 10 of them in a recent article, which I had a chance to look over. And I think you hit a lot of them on the head from the perspective we have. What we see holding people back is a few things: one, it is a complex environment, and virtualization is a single word that can mean many things in the IT infrastructure. So the complexity of it, itself, requires a bit of education. And anything that requires education is a bit slower to adopt than something thats already known. So theres this complexity and educational aspect. Then theres the fear of implementing something thats so dynamic into an infrastructure thats been so physical for so long. Ive been able to look at a box that runs my application and know whether or not its performing, versus Im looking at my IT infrastructure with workloads dynamically moving around. Its a bit more abstract and a bit more difficult to think about. An analogy I use is the difference between the pilot landing the plane and automation landing the plane. If you were sitting in the plane, what would make you more comfortable? A very similar thing is happening to the data center and the management of the data center. Those types of things are happening themselves, and then the lack of management tools that bring automation with audits, and compliance and risk management to bear, at the same time, are vastly maturing. So as those come and merge together, youll see adoption rates continue to climb.

Vizard: When you start thinking about that, one of the things I think I hear people saying all the time is theyre going to virtualize everything. And yet, when you look at it, maybe a fileserver lends itself more to virtualization than, say, a database does, because there are certain IO performance issues that will have to be tackled around virtualization. Is that correct?

Wagner: Oh, absolutely. Ive been in this industry 20-plus years and the industry cycles itself to an economic cycle of moving the bottleneck, as we call it. So today, you might have the bottleneck being my server processor, which, if I release that, becomes the server memory, if I release that, becomes the storage ability to respond to the server needs, if I release that, becomes the network. What virtualization does is it allows us to more dynamically move things around that environment. And as you were pointing out, puts pressure on the network infrastructure of the data center and even, depending upon how youre implementing, the LAN infrastructure and the WAN infrastructure, because some of the virtual machines can be very large images, 4-gigabyte images. You start moving those around the network, youre going to create a network bottleneck. So clearly, again, it depends on implementation, but the flexibility of moving workloads dynamically will move the bottleneck to the network.

Vizard: Are we just going to move that again as a bottleneck, or is there ever going to be this kind of perfect yin and yang IO balance between the advances at any given point?

Wagner: At least in my 20 years, weve constantly moved it. And some of them, Mike, are all moving at the same time, no question. But as you see certain companies grow very rapidly, its typically because there has been the need to exploit new capabilities within that particular area of the IT infrastructure stack. And at least in my 20 years of experience, we tend to, on a macro scale, move the bottleneck around the IT infrastructure. Even though were constantly trying to push on all edges of it, these new technologies that are very disruptive, the commoditization of hardware and operating systems software, impinging width, this new one, virtualization probably will move the macro bottleneck to how quickly we can move information around to the resources to dynamically respond to the business needs.

Vizard: What is your best advice to somebody listening to this podcast? Should I continue to pursue virtualization or should I just kind of wait for all these issues to shake themselves out?

Wagner: I would clearly implore users to take a look at virtualization. It is a technology that is not going away. Its a technology that will have multiple choices. It allows choice, as long as youre using virtualization technology that is deployed using open standards across the board, and will allow you to more effectively respond to users, and minimize the risk to your business through some of the disaster recovery things we spoke about. But what your users and your listeners need to pay close attention to is providing that enterprise management approach like Novell can offer to help with that implementation and assure that those business needs are met.


Rocket Fuel