This has been an awesome week for me filled with virtualization from 8:00am Monday till 5:00pm Friday. I've given my cloud presentation once again, briefed on an announcement of a new free product (that will be updated on Monday), visited the VMware Express bus, attended Virtualization Forum in Cincinnati, and attended Louisville VMUG to hear more about Veeam SureBackup. During all this madness, two products really drew my attention and it's worth letting other know about.
When I attended the VMware Express bus on Tuesday, I was given a tour by Scott Sauer and Aaron Sweemer from VMware and virtualinsanity.com. As soon as you enter the bus, you see a real-time side-by-side comparison of Xen Desktop vs VMware View w/ PCoIP. There is a set of scripts happening on the hardware behind the scenes that shows you what the average desktop user would be seeing. Next, you move on to see all the different types of devices that can be used within your Virtual Desktop Infrastructure (VDI). They have Samsung Zero Client monitors, Wyse Thin Clients, Wyse netbooks, and even an iPod Touch with the Wyse PocketCloud App. At the very end you can see all the hardware running the bus. There are 4 Cisco UCS chassis, an EMC CLARiiON, a NetApp array and a Xsigo box. Talk about hardware overkill for about 10 desktops. One product I was unfamiliar with was the Xsigo box. A person on the bus mentioned that it "virtualizes I/O". I couldn't just leave it at that and sent out a tweet asking if someone could explain it to me. I got a lot of responses from some VI tech folks such as William Lam, Steve Rossen, Scott Hanson, and Jon Owings with positive feedback. All of this chatter got me hooked up with Camden Ford, the Director of Product Management over at Xsigo. Cam was gracious enough to give me an hour of his time to have a webex over the product. I don't say this very often because most products might have a cool feature that seperates it from the crowd, but I was absolutely blown away at the Xsigo product. I believe Xsigo has a product that is going to be part of virtualization 2.0. Blades & UCS chassis take on server virtualization in the CPU and RAM realm. Storage vendors all have their own take on storage virtualization, whether it be NetApp using primary De-Dup, EMC w/ F(ully) A(utomated) S(torage) T(iering) or Compellent's Fluid Data. But what about the network in between? That's where Xsigo comes in. Using industry standards and off the shelf hardware such as infinibad, fiber channel, 10Gb and 1Gb ethernet, they are able to deliver virtual adapters to your ESX hosts. Instead of having 6-19 NICs coming out of the back of your ESX host, you can have an infiniband cable that leads to a Xsigo box. Think about the mess of cables that consolidates. Your storage network is fed into Xsigo and you deploy virtual nics or virtual HBAs to your ESX hosts via the infiniband connection. Since I/O adapters are now virtualized, your network becomes easily scalable. You can add or remove vNICs or vHBAs on demand without rebooting your host, and you can even QoS the virtual and physical adapters to make sure everything has a guaranteed amount of bandwidth. Xsigo can also do vNIC to vNIC traffic by using a loopback interface on a 10GbE port. I know what you're wondering, well what can that do? The vNIC to vNIC approach by Xsigo eliminates the need to talk to the network infrastructure thereby taking your vMotion from about two to three minute, down to 15 seconds. Take the time to check out Xsigo online and watch a video by Scott Hanson at http://www.delltechcenter.com/page/Xsigo (video towards bottom). If you want to go further, here is a deep-dive podcast by Nigel Poulten, Greg Ferro and Camden Ford.
At the Virtualization Forum in Cincinnati, I saw a booth that won "Best of Show" at VMworld 2008, yet, I never even heard of them before. After the first two minutes, I was sold. If you read my blog post last week on vShield Zones - Limitations and Use, you can very well figure out that I don't believe the product has the ability to be a game changer. vTrust by Reflex Systems takes what vShield zones "tries" to do and actually performs. vTrust is a security pack that has a very feature rich GUI with the ability to do much more. I'll try to list some of the coolest features from my 10 minute presentation.
- Virtual Machine Security and Firewall with vTrust: A big reason why we need a VM level firewall is because if 2 VMs are sitting on the same vSwitch, they can talk to each other before going out on the network fabric. vTrust leverages VMsafe and breaks boundaries. The granularity of the product makes it possible to create detailed and specific firewall rules. vTrust will still make vSwitch and Port Group additions to the VM environment like vShield Zones, but once I get vTrust up in the lab I'll have more details
- Host profiles with vProfile: vSphere does host profiles if you have enterprise plus licensing. vSphere host profiles uses about 100 different characteristics to create a profile. vTrust has the same capability except you don't need to have enterprise plus licensing and they use over 230 different characteristics to build the profile.
- VQL: Reflex has their own query language built into the product called VQL. VQL allows you to query almost everything within the VI, EVEN THE SOFTWARE APPLICATIONS INSIDE THE GUEST! How? There's no agent on the VM, the administrator doesn't have to make changes to a VM comments section, no. vTrust has the ability to look inside the VMDK files and drills down to the registry of a VM and it will pull out anything you can find in the Install/Remove Programs page. Use Case? Microsoft just came out with a patch that has now been deemed a vulnerability into the operating system. Using VQL, you can search through all your VMs for KBXX34XX44 and see where that patch has been installed. You can tag the VQL as a group, then quarantine that group. Pretty awesome.
- Management is Snappy with vWatch: Using a VM built with a fairly regular build, it can handle a few thousand VMs. The fluid motion of drilling down into ESX hosts or VMs and bringing up performance stats, errors, etc happen almost instantly. The management pack allows you to see everything that has happened over a period of time and do a playback of it all. There are other products that do that too, but GUI was very appealing and made it very easy for any VMware admin to follow.