As a proof of concept, we’ve released a new Amazon EC2 ‘AMI’ (ami-34ba5f5d) that uses filesystem encryption (dm-crypt) for the ‘ephemeral store’. This image is available to the general public and we hope you get some good use from it. If you were holding back testing because of concerns around the security of your data, this should alleviate those concerns somewhat. We’re using the default AES-256 encryption of dm-crypt and the bits on disk should be well and good scrambled.
Note that this AMI is not designed to persist the data between reboots as we’re using a random key generated at boot time to do the encrypting. It’s just designed to alleviate concerns around your data possibly being snooped by someone else. And although it looks like Amazon has taken to heart encrypting the bits on disk sometimes it doesn’t hurt to be extra paranoid. ;-)
February 22nd, 2007
We’ve been incommunicado because we’ve been nosedown working on our upcoming product, the Virtual Server Room (VSR). Expect some fairly interesting announcements early next year. I’ll provide some teaser blog entries here in the next couple of weeks that give some more insight into the VSR.
In the meantime, for those of you who are Mac users, we wanted to point out that VMware has finally released their VMware Fusion BETA to the general public here. Should be fairly interesting to see how it compares to Parallels, which we have been very happy users of.
Have a fantastic holiday!
December 22nd, 2006
NetApp’s Founder, Dave Hitz, finally gets the merits of virtualization in his excellent blog.
The reality is that virtualization is changing the way we think about IT in a fundamental way. There is one important facet of Dave’s entry above I want to talk about for a moment. The principle of ‘one application, one server.’ Dave talks about this as an element of the Windows server world, which is unfortunately quite inaccurate.
‘One application, one server’ has less to do with the underlying OS and more to do with Best Practices in the IT world. The reality is that every IT practitioner wants to have a single application per server because it eases maintenance headaches, reduces complexity, and increases uptime. But wait, you say, doesn’t more machines == more complexity?
No, in today’s world, the complexity doesn’t lie so much in managing machines and operating systems as it does in the applications that run on them. Pain exists more in dealing with multiple applications per machine than it does in managing the machine itself.
An example will bring this home. Let’s say you have a single monolithic server that provides file serving, printing, authentication, source code revision control, directory services, and more. If you need to perform maintenance on a single aspect of this system (e.g. the source code repository) that involves rebooting the system or otherwise impacting the availability of the machine you impact every service on that machine. Likewise, if you upgrade one aspect of that machine (e.g. the web server software) and that upgrade requires an updated shared library or DLL, the odds are you may impact another application that also uses that library.
In an ideal world, the ‘One Application, One Server’ principle allows you to maximize uptime and minimize application conflicts by isolating applications from each other.
Historically, the only reason to avoid this problem was a scarcity of resources. An issue that no longer exists.
We now live in this ideal world where we literally have an overabundance of computation power, memory, and storage. Your average company running your average IT infrastructure easily affords 2-way or 4-way systems with 2+ GB of RAM and 100s of GBs of redundant storage to run something like Microsoft’s Active Directory or Exchange for < 100 people.
Microsoft's minimal system requirements for Windows Server 2003 R2 are a 133-Mhz processor with 128MB RAM; a 550Mhz processor and 256MB of RAM are recommended. This is for both Standard and Enterprise Editions. Of course, many/most Linux/UNIX requirements are likely even less. If you are following the principle of ‘One Application, One Server’, then the recommended requirements are certainly enough.
This trend towards an overabundance of computational power, memory, and storage is going to continue.
With this much abundance it only makes sense to isolate your applications from eachother and follow this principle. Virtualization technologies remove the scarcity issue. It is rapidly becoming the de facto standard to deployed virtualized IT servers, one application per server, regardless of OS. Nearly everyone I have talked to in the UNIX world is moving rapidly to Xen and the latest releases of key Linux distributions ship with it pre-installed and ready to go. Even Solaris, ships with it’s own virtualization technology, Solaris Zones, now.
Virtualization is here, it’s real, and ultimately it is not about ‘consolidation’, but about reducing Operational Expense (OpEx). There are many folks leveraging this technology in exciting new ways for purposes that are hard to see today because we are still stuck thinking about machines as physical hardware. This is, fortunately, rapidly changing.
If you are not today using virtualization, I strongly recommend at least experimenting with it in your infrastructure. I guarantee you will see immediate and important effects to your OpEx and management headaches. If not, I’ll give you your money back. ;)
–Randy
October 20th, 2006
What are ‘Virtual Machines’ and why should you care? This article explores that question with an eye to the impact on startups in particular.
Background
Machine virtualization technology has existed for a very long time. From the days of IBM’s VM/CMS operating system, created in 1996, in fact. Although treated as a fairly serious technology in mainframe environments it has long languished in terms of it’s support in x86 hardware. Some of the latest processor technology from Intel and AMD however brings real hardware support for virtualization. Combined with today’s dual core 64-bit processors, it is now possible to run a single machine that hosts 8 or even 16 smaller profile ‘virtual machine’ servers.
For more background, I recommend this article from Thomas Weisel Partners and Wikipedia’s entries on Virtualization and Virtual machines.
The State of Play
Today virtualization of machines is on the rise, due in part to new hardware support virtualization, the rise of 64-bit processors, Moore’s Law, and the continued commoditization of x86 hardware. It is now possible to build a single 64-bit system with 4 processors (2 x dual-core AMD or Intel Xeon) and 16+GB of RAM in a single 1U or 2U form factor for less than $2500. This system could in turn host up to 16 guest ‘virtual machines’, each with ~1GB of RAM. Combined with the incredible low cost of storage today and the costs involved with deploying 16 servers (virtual in this case) have dropped dramatically.
But is the added complexity worth the cost savings?
Virtual machine (VM) technology provides more than cost savings. By adding a layer of abstraction between the hardware and the OS a number of tremendous advantages are realized, including:
- Increased redundancy and resilience for mission critical servers
- Ability to ’snapshot’ a system for easy system restore or system duplication (e.g. testing changes/upgrades)
- ‘One server - one service’ principle increases up-time and eases maintenance hassles
- Server portability from your provider to you
- Server as a file on disk
On the other hand, this layer of abstraction does provide an impediment for any application that relies on speaking directly to hardware.
Bringing it Home
It was not immediately obvious to me how VM technology could save time and increase uptime when I first encountered it and bringing it home with concrete examples will help cement understanding here.
Example #1: Server Upgrades
VMs are simply files on a disk when powered off. This means that is quick and easy to make a complete backup or snapshot of these disks in a known good state. If performed immediately before a system upgrade you a ‘known good’ state to roll back to in case of problems during your upgrade or update process. Many VM products even make this process extremely simple for you with a single button to click to ’snapshot’ or ‘restore’ a machine. This significantly reduces the risk involved with server upgrades.
On top of this, if you wanted to test an upgrade or reproduce and environment it is as simple as copying the VM files, copying them to another system, and booting them back up. In effect, a 100% exact duplicate of the environment in production. The advantages for QA groups seem obvious.
Example #2: The Server in the Network
If a server is a file that resides on disk. And if the ‘disk’ in question is a LUN out in the network, either a SAN or NAS on a Gigabit Ethernet network, then the question of hardware failures becomes moot. In today’s environment hardware failures are most frequently due to problems with RAM or disk drives. Deploying RAID in every system is complex and painful. Running Fiber Channel to all of the 16 hosted systems mentioned above would have been painful at best compared to connecting 1 or 2 host hardware platforms.
And, in the case of NAS, when using pre-existing Gigabit Ethernet networks and iSCSI it is possible to simply centralize all storage in a few places and access it using the infrastructure you have in place today.
Now your server is a file in the network on redundant storage, capable of being easily moved between host hardware, resilient against failure and with proper architecting capable of being failed over in real time between hosts.
Some VM vendors are in the process of making it easy to move your VM server between while it is running.
Example #3: Server! Server! Get your Server here!
Need a web server quick? Or perhaps you need a custom mail or groupware server in a hurry? With servers as simply files, the day of simply purchasing a ready-to-use custom server are here. Technology is being built today, by folks such as rPath, that even allows you to ‘cook’ your own server up from components and download it as a virtual machine. And this technology is nascent. I fully expect that someone like Microsoft will simply deliver you new servers on-demand in the future.
VM in the Future
The advantages of virtual machine technology seem apparent, even given the obvious drawbacks. However, with new hardware support for virtualization, new techniques for creating and deploying virtual machine technology, and the ever increasing power of today’s x86 machines it seems a matter of time before virtual machine technology has a far deeper penetration than it’s current 6%. I might even speculate that longer term VMs might be the rule instead of the exception, especially for simple appliance servers.
Conclusion
Virtual machine technology is an important new IT tool beginning to reach maturity and acceptance that can deeply impact your business. For smaller organizations it allows better utilization of hardware resources, eases the pain of moving or upgrading hardware, and allows much more agility than ever before for IT tasks. Both the cost savings in hardware and in maintenance strongly suggest that everyone should look at the benefits of virtualization. With the advent of cheaper, easier NAS, more powerful machines, ubiquity of Gigabit networks, and mainstream acceptance and support of VM it is ‘no-brainer’ to begin exploring how your organization can use this technology today.
June 4th, 2006
Next Posts