I was at VMWorld last week. Unfortunately, my network connectivity was limited so I was unable to post my notes during the conference.

Keynote – Diane Green / President and CEO of VMWare

The most interesting part of the keynote for me was the introduction of ESX Server 3i. The existing ESX Server has a 2 GB footprint. ESX Server 3i has a footprint of 32MB which can be embedded in flash memory by hardware manufacturers. Virtual Center will also be fed hardware status information including CPU, Power and temperature information. The chief marketing officer for Dell, Mark Jarvis, came on stage to demonstrate 3i on some new hardware Dell plans on shipping in November. Other vendors announcing support for 3i include Dell, IBM, HP, Fujitsu / Siemans and NEC.

Other announcements included disaster recovery and desktop consolidation products.

Keynote – Pat Gelsinger, Sr. VP and General Manager, Digital Enterprise Group, Intel

Virtualization is disaggregating the OS. It breaks the 1 to 1 relationship between the operating system and hardware.

Intel is viewing support for virtualization in 4 areas:

  • Processors- VT-x / VT-i architecture
  • Core Platform – Intel VT for directed IO
  • Networking & Storage – Intel VT for Connectivity
  • Standards

VMDq Network Architecture: Allows hardware to queue packets per virtual machine (instead of ESX figuring it out) which should improve network throughput.

Keynote– Hector de J. Ruiz, PhD, Chairman and CEO, AMD

Barcelona quad core architecture was released the prior day. In addition, includes better support for virtualization, especially VMotion.

AMD Senior Fellow Leendert Van Doorn can on stage to discuss the architecture in more detail.

Virtual Center Administration: Top Ten

1. Overview of Virtual Center Architecture

2. Virtual Center Updates

All updates are full releases
Basic procedure: Shutdown virtual center, backup database, apply update

When Virtual Center is updated, the Virtual Center agent is pushed out to each ESX Server. For this to succeed, the directory /tmp/vmware-root directly must exist. Unfortunately, there is a cron job that will remove the directory. There is a script,
CreateTmpDirs.vbs, that will create these directories but the script will only work it ssh root access is enabled.

3. What is new in Virtual Center 2

2 patch / maintenance release in past year.

2.0.1
Patch 2

  • Came out in February, build #40644
  • Improve statistics with rolling process (TempDB growth issue)
  • Server recovery options
  • License directory instead of 1 file

2.0.2

  • Came out in July, build #50618
  • Support SQL Server 2005 SP2
  • Installer enhancements with better database advisor
  • Alarm on VM heartbeat
  • Performance improvements

4. Virtualizing Virtual Center

VC can be run in a VM and is fully supported.

Since license server usually runs in VC, need to get a host based license for ESX server running VC.
Database should be kept in a seperate VM or physical center

5. Virtual Center Availability

Options:

Run VMWare HA, VC in a VM
MS Clustered Server

Note: VC will shutdown on DB connectivity issues
Prior to 2.0.1 patch 2, VC reported a non-error exit code when shutting down so service control manager thought it was an expected shutdown.

6. Virtual Center Database

DB schema is often modified with VC updates

A DB restart will require a VC restart

Statistics collection level can be set to 1-4. Default is 1. Do not run more than 2

New sizing calculator available

Recovery mode should be set to simple if not backing up transaction logs

7. Virtual Center Diagnostics

Look up slides from last year VMWorld on VC diagnostics

VC log files found in c:\windows\temp

8. Understand VMotion CPU compatibility

9. VC-Support Scripts

Used when contacting tech support — zips up various system configuration and log files for sending to support

May want to run on a regularly scheduled basis to track trends.

10. Common VC Support Issues

Port conflicts
Administrator lockout (can disable authorization checks temporarily)

VI3 Resource Management and DRS – Performance Use Cases

Aravind Pavuluri, VMWare
Chirag Bhatt, VMWare

DRS – Distributed Resource Scheduler

A VM will only start if its reservations can be guaranteed (CPU, memory, etc.)

Reservations – Minimum requirements
Limits – Maximum usageShares – Allow VMs to compete for resource pools.

RM – Resource Manager (single host)

Better performance generally occurs with reservations

If no resource pools are specified, the default pool is used

Internal memory swapping – avoid if possible. 2 types of swapping, within the guest and at the ESX server

Memory balooning – requires VMWare tools be installed in guest OS. Will swap out guest memory which is not in use when ESX server needs additional memory.

Performance Benchmarking in Virtual Environments

Hemant Guidhani, Technical Marketing Manager, VM Ware

Common mistakes

  • Physical to virtual comparisons but settings are not comparable
  • Using different virtual products (VMWare server vs ESX server)

Benchmarking

  • Standard benchmarking guidelines still apply
  • No tuning should be required for VI3 (ESX should be optimal out of the box)
  • Virtual overhead depends on work loads

General Guidelines

  • Always use release or GA builds
  • Use hardware on the compatibility list
  • When benchmarking specific components, make sure other system resources are not constrained

Creating VM

  • Install latest version of VM Tools
  • Disable unused components

Recommendations:

  • Set minimum reservation to the working set of the application
  • Do not disable memory ballooning or page sharing
  • Set appropriate caching and IO policy (Read & write cache. Write back and NOT write through policy)
  • Create virtual disk from Virtual Center to ensure disk is aligned
  • Use vmxnet network adaptor from VMWare tools for network performance
  • Use esxtop to monitor VM / ESX interactions

IT Service Management – A technical overview

Eddue Dinel, Product Manager, VMWare

As a system progresses through the SDLC process:

  • Lots of copies of the system in development (Lab Manager)
  • Fewer copies in staging and other pre-production environments
  • Single system in production

Lab Manager

  • Optimized for high churn environment
  • All copies of VM in lab manager are linked clones (not full copies)
  • Network fencing – can duplicate IP addresses, machine names, etc.

Stage Manager

  • Product in development to support pre-production environment
  • Work on servers as a group (as a system, not individual VMs)
  • Access control
  • Integrate workflow
  • Service operations: start, stop, clone, promote, demote, archive


Design Implementation and Management of Computing Security Lab Environment

Brian Hag, University of Alaska, Fairbanks

I had hoped that this would be a discussion of how to study real world security exploits in a safe environment. Instead it ended up being about a lab where students could learn how to scan systems, sniff traffic and look for vulnerabilities in their own projects.