HyperV

You are currently browsing articles tagged HyperV.

Technology Short Take #29

Monday, February 4, 2013 in Networking, Security, Storage, Virtualization by slowe | 6 comments

Welcome to Technology Short Take #29! This is another installation in my irregularly-published series of links, thoughts, rants, and raves across various data center-related fields of technology. As always, I hope you find something useful here.

Networking

Who out there has played around with Mininet yet? Looks like this is another tool I need to add to my toolbox as I continue to explore networking technologies like OpenFlow, Open vSwitch, and others.
William Lam has a recent post on some useful VXLAN commands found in ESXCLI with vSphere 5.1. I’m a CLI fan, so I like this sort of stuff.
I still have a lot to learn about OpenFlow and networking, but this article from June of last year (it appears to have been written by Ivan Pepelnjak) discusses some of the potential scalability concerns around early versions of the OpenFlow protocol. In particular, the use of OpenFlow to perform granular per-flow control when there are thousands (or maybe only hundreds) of flows presents a scalability challenge (for now, at least). In my mind, this isn’t an indictment of OpenFlow, but rather an indictment of the way that OpenFlow is being used. I think that’s the point Ivan tried to make as well—it’s the architecture and how OpenFlow is used that makes a difference. (Is that a reasonable summary, Ivan?)
Brad Hedlund (who will be my co-worker starting on 2/11) created a great explanation of network virtualization that clearly breaks down the components and explains their purpose and function. Great job, Brad.
One of the things I like about Open vSwitch (OVS) is that it is so incredibly versatile. Case in point: here’s a post on using OVS to connect LXC containers running on different hosts via GRE tunnels. Handy!

Servers/Hardware

Cisco UCS is pretty cool in that it makes automation of compute hardware easier through such abstractions as server profiles. Now, you can also automate UCS with Chef. I traded a few tweets with some Puppet folks, and they indicated they’re looking at this as well.
Speaking of Puppet and hardware, I also saw a mention on Twitter about a Puppet module that will manage the configuration of a NetApp filer. Does anyone have a URL with more information on that?
Continuing the thread on configuration management systems running on non-compute hardware (I suppose this shouldn’t be under the “Servers/Hardware” section any longer!), I also found references to running CFEngine on network apliances and running Chef on Arista switches. That’s kind of cool. What kind of coolness would result from even greater integration between an SDN controller and a declarative configuration management tool? Hmmm…

Security

Want full-disk encryption in Ubuntu, using AES-XTS-PLAIN64? Here’s a detailed write-up on how to do it.
In posts and talks I’ve given about personal productivity, I’ve spoken about the need to minimize “friction,” that unspoken drag that makes certain tasks or workflows more difficult and harder to adopt. Tal Klein has a great post on how friction comes into play with security as well.

Cloud Computing/Cloud Management

If you, like me, are constantly on the search for more quality information on OpenStack and its components, then you’ll probably find this post on getting Cinder up and running to be helpful. (I did, at least.)
Mirantis—recently the recipient of $10 million in funding from various sources—posted a write-up in late November 2012 on troubleshooting some DNS and DHCP service configuration issues in OpenStack Nova. The post is a bit specific to work Mirantis did in integrating an InfoBlox appliance into OpenStack, but might be useful in other situation as well.
I found this article on Packstack, a tool used to transform Fedora 17/18, CentOS 6, or RHEL 6 servers into a working OpenStack deployment (Folsom). It seems to me that lots of people understand that getting an OpenStack cloud up and running is a bit more difficult than it should be, and are therefore focusing efforts on making it easier.
DevStack is another proof point of the effort going into make it easier to get OpenStack up and running, although the focus for DevStack is on single-host development environments (typically virtual themselves). Here’s one write-up on DevStack; here’s another one by Cody Bunch, and yet another one by the inimitable Brent Salisbury.

Operating Systems/Applications

If you’re interested in learning Puppet, there are a great many resources out there; in fact, I’ve already mentioned many of them in previous posts. I recently came across these Example42 Puppet Tutorials. I haven’t had the chance to review them myself yet, but it looks like they might be a useful resource as well.
Speaking of Puppet, the puppet-lint tool is very handy for ensuring that your Puppet manifest syntax is correct and follows the style guidelines. The tool has recently been updated to help fix issues as well. Read here for more information.

Storage

Greg Schulz (aka StorageIO) has a couple of VMware storage tips posts you might find useful reading. Part 1 is here, part 2 is here. Enjoy!
Amar Kapadia suggests that adding LTFS to Swift might create an offering that could give AWS Glacier a real run for the money.
Gluster interests me. Perhaps it shouldn’t, but it does. For example, the idea of hosting VMs on Gluster (similar to the setup described here) seems quite interesting, and the work being done to integrate KVM/QEMU with Gluster also looks promising. If I can ever get my home lab into the right shape, I’m going to do some testing with this. Anyone done anything with Gluster?
Erik Smith has a very informative write-up on why FIP snooping is important when using FCoE.
Via this post on ten useful OpenStack Swift features, I found this page on how to build the “Swift All in One,” a useful VM for learning all about Swift.

Virtualization

There’s no GUI for it, but it’s kind of cool that you can indeed create VM anti-affinity rules in Hyper-V using PowerShell. This is another example of how Hyper-V continues to get more competent. Ignore Microsoft and Hyper-V at your own risk…
Frank Denneman takes a quick look at using user-defined NetIOC network resource pools to isolate and protect IP-based storage traffic from within the guest (i.e., using NFS or iSCSI from within the guest OS, not through the VMkernel). Naturally, this technique could be used to “protect” or “enhance” other types of important traffic flows to/from your guest OS instances as well.
Andre Leibovici has a brief write-up on the PowerShell module for the Nicira Network Virtualization Platform (NVP). Interesting stuff…
This write-up by Falko Timme on using BoxGrinder to create virtual appliances for KVM was interesting. I might have to take a look at BoxGrinder and see what it’s all about.
In case you hadn’t heard, OVF 2.0 has been announced/released by the DMTF. Winston Bumpus of VMware’s Office of the CTO has more information in this post. I also found the OVF 2.0 frequently asked questions (FAQs) to be helpful. Of course, the real question is how long it will be before vendors add support for OVF 2.0, and how extensive that support actually is.

And that’s it for this time around! Feel free to share your thoughts, suggestions, clarifications, or corrections in the comments below. I encourage your feedback, and thanks for reading.

Tags: Automation, Cisco, CLI, Encryption, HyperV, KVM, Linux, Microsoft, NetApp, Networking, OpenStack, Puppet, Storage, UCS, Virtualization, VMware

Technology Short Take #28

Thursday, January 10, 2013 in Macintosh, Microsoft, Networking, Security, Storage, Virtualization by slowe | 3 comments

Welcome to Technology Short Take #28, the first Technology Short Take for 2013. As always, I hope that you find something useful or informative here. Enjoy!

Networking

Ivan Pepelnjak recently wrote a piece titled “Edge and Core OpenFlow (and why MPLS is not NAT)”. It’s an informative piece—Ivan’s stuff is always informative—but what really drew my attention was his mention of a paper by Martin Casado, Teemu Koponen, and others that calls for a combination of MPLS and OpenFlow (and an evolution of OpenFlow into “edge” and “core” versions) to build next-generation networks. I’ve downloaded the paper and intend to review it in more detail. I’d love to hear from any networking experts who’ve read the paper—what are your thoughts?
Speaking of Ivan…it also appears that he’s quite pleased with Microsoft’s implementation of NVGRE in Hyper-V. Sounds like some of the other vendors need to get on the ball.
Here’s a nice explanation of CloudStack’s physical networking architecture.
The first fruits of Brad Hedlund’s decision to join VMware/Nicira have shown up in this joint article by Brad, Bruce Davie, and Martin Casado describing the role of network virutalization in the software-defined data center. (It doesn’t matter how many times I say or write “software-defined data center,” it still feels like a marketing term.) This post is fairly high-level and abstract; I’m looking forward to seeing more detailed and in-depth posts in the future.
Art Fewell speculates that the networking industry has “lost our way” and become a “big bag of protocols” in this article. I do agree with one of the final conclusions that Fewell makes in his article: that SDN (a poorly-defined and often over-used term) is the methodology of cloud computing applied to networking. Therefore, SDN is cloud networking. That, in my humble opinion, is a more holistic and useful way of looking at SDN.
It appears that the vCloud Connector posts (here and here) that (apparently) incorrectly identify VXLAN as a component/prerequisite of vCloud Connector have yet to be corrected. (Hat tip to Kenneth Hui at VCE.)

Servers/Hardware

Nothing this time around, but I’ll watch for content to include in future posts.

Security

Here’s a link to a brief (too brief, in my opinion, but perhaps I’m just being overly critical) post on KVM virtualization security, authored by Dell TechCenter. It provides some good information on securing the libvirt communication channel.

Cloud Computing/Cloud Management

Long-time VMware users probably remember Mike DiPetrillo, whose website has now, unfortunately, gone offline. I mention this because I’ve had this article on RabbitMQ AMQP with vCloud Director sitting in my list of “articles to write about” for a while, but some of the images were missing and I couldn’t find a link for the article. I finally found a link to a reprinted version of the article on DZone Enterprise Integration. Perhaps the article will be of some use to someone.
Sam Johnston talks about reliability in the cloud with a discussion on the merits of “reliable software” (software designed for failure) vs. “unreliable software” (more traditional software not designed for failure). It’s a good article, but I found the discussion between Sam and Massimo (of VMware) as equally useful.

Operating Systems/Applications

I found this article on the use of Chef and Soloist to automate the setup of OS X 10.8 to be quite interesting. I hadn’t heard of Soloist before reading this article.
Perhaps it shows my lack of Unix/Linux experience, but I’m not familiar with RCS, so reading this post about using RCS to “version control everything” was interesting to me. I’m going to have to give RCS a spin and see how I like it. I suppose the real question is whether it is worth trying to use RCS (or its equivalent) to version control everything, or just put everything into a configuration management system like Puppet or Chef.
I think I mentioned this on Twitter, but this PDF-to-Keynote conversion tool looks like it might be useful from time to time.

Storage

Want some good details on the space-efficient sparse disk format in vSphere 5.1? Andre Leibovici has you covered right here.
Read this article for good information from Andre on a potential timeout issue with recomposing desktops and using the View Storage Accelerator (aka context-based read cache, CRBC).
Apparently Cormac Hogan, aka @VMwareStorage on Twitter, hasn’t gotten the memo that “best practices” is now outlawed. He should have named this series on NFS with vSphere “NFS Recommended Practices”, but even misnamed as they are, the posts still have useful information. Check out part 1, part 2, and part 3.
If you’d like to get a feel for how VMware sees the future of flash storage in vSphere environments, read this.

Virtualization

This is a slightly older post, but informative and useful nevertheless. Cormac posted an article on VAAI offloads and KAVG latency when observed in esxtop. The summary of the article is that the commands esxtop is tracking are internal to the ESXi kernel only; therefore, abnormal KAVG values do not represent any sort of problem. (Note there’s also an associated VMware KB article.)
More good information from Cormac here on the use of the SunRPC.MaxConnPerIP advanced setting and its impact on NFS mounts and NFS connections.
Another slightly older article (from September 2012) is this one from Frank Denneman on how vSphere 5.1 handles parallel Storage vMotion operations.
A fellow IT pro contacted me on Twitter to see if I had any idea why some shares on his Windows Server VM weren’t working. As it turns out, the problem is related to hotplug functionality; the OS sees the second drive as “removable” due to hotplug functionality, and therefore shares don’t work. The problem is outlined in a bit more detail here.
William Lam outlines how to use new tagging functionality in esxcli in vSphere 5.1 for more comprehensive scripted configurations. The new tagging functionality—if I’m reading William’s write-up correctly—means that you can configure VMkernel interfaces for any of the supported traffic types via esxcli. Neat.
Chris Wahl has a nice write-up on the behavior of Network I/O Control with multi-NIC vMotion traffic. It was pointed out in the comments that the behavior Chris describes is documented, but the write-up is still handy, and an important factor to keep in mind in your designs.

I suppose I should end it here, before this “short take” turns into a “long take”! In any case, courteous comments are always welcome, so if you have additional information, clarifications, or corrections to share regarding any of the articles or links in this post, feel free to speak up below.

Tags: Automation, HyperV, KVM, Macintosh, Microsoft, Networking, NFS, Security, Storage, Virtualization, VMotion, VMware, vSphere, VXLAN

Technology Short Take #23

Tuesday, June 12, 2012 in Linux, Microsoft, Networking, Security, Storage, Virtualization by slowe | 5 comments

Welcome to Technology Short Take #23, another collection of links and thoughts related to data center technologies like networking, storage, security, cloud computing, and virtualization. As usual, we have a fairly wide-ranging collection of items this time around. Enjoy!

Networking

A couple of days ago I learned that there are a couple open source implementations of LISP (Locator/ID Separation Protocol). There’s OpenLISP, which runs on FreeBSD, and there’s also a project called LISPmob that brings LISP to Linux. From what I can tell, LISPmob appears to be a bit more focused on the endpoint than OpenLISP.
In an earlier post on STT, I mentioned that STT’s re-use of the TCP header structure could cause problems with intermediate devices. It looks like someone has figured out how to allow STT through a Cisco ASA firewall; the configuration is here.
Jose Barreto posted a nice breakdown of SMB Multichannel, a bandwidth-enhancing feature of SMB 3.0 that will be included in Windows Server 2012. It is, unexpectedly, only supported between two SMB 3.0-capable endpoints (which, at this time, means two Windows Server 2012 hosts). Hopefully additional vendors will adopt SMB 3.0 as a network storage protocol. Just don’t call it CIFS!
Reading this article, you might deduce that Ivan really likes overlay/tunneling protocols. I am, of course, far from a networking expert, but I do have to ask: at what point does it become necessary (if ever) to move some of the intelligence “deeper” into the stack? Networking experts everywhere advocate the “complex edge-simple core” design, but does it ever make sense to move certain parts of the edge’s complexity into the core? Do we hamper innovation by insisting that the core always remain simple? As I said, I’m not an expert, so perhaps these are stupid questions.
Massimo Re Ferre posted a good article on a typical VXLAN use case. Read this if you’re looking for a more concrete example of how VXLAN could be used in a typical enterprise data center.
Bruce Davie of Nicira helps explain the difference between VPNs and network virtualization; this is a nice companion article to his colleague’s post (which Bruce helped to author) on the difference between network virtualization and software-defined networking (SDN).
The folks at Nicira also collaborated on this post regarding software overhead of tunneling. The results clearly favor STT (which was designed to take advantage of NIC offloading) over GRE, but the authors do admit that as “GRE awareness” is added to the cards that protocol’s performance will improve.
Oh, and while we’re on the topic of SDN…you might have noticed that VMware has taken to using the term “software-defined” to describe many of the services that vSphere (and related products) provide. This includes the use of software-defined networking (SDN) to describe the functionality of vSwitches, distributed vSwitches, vShield, and other features. Personally, I think that the term software-based networking (SBN) is far more applicable than SDN to what VMware does. It is just me?
Brad Hedlund wrote this post a few months ago, but I’m just now getting around to commenting about it. The gist of the article—forgive me if I munge it too much, Brad—is that the use of open source software components might dramatically change the shape/way/means in which networking protocols and standards are created and utilized. If two components are communicating over the network via open source components, is some sort of networking standard needed to avoid being “proprietary”? It’s an interesting thought, and goes to show the power of open source on the IT industry. Great post, Brad.
One more mention of OpenFlow/SDN: it’s great technology (and I’m excited about the possibilities that it creates), but it’s not a silver bullet for scalability.

Security

I came across this interesting post on a security attack based on VMDKs. It’s quite an interesting read, even if the probability of being able to actually leverage this attack vector is fairly low (as I understand it).

Storage

Chris Wahl has a good series on NFS with VMware vSphere. You can catch the start of the series here. One comment on the testing he performs in the “Same Subnet” article: if I’m not mistaken, I believe the VMkernel selection is based upon which VMkernel interface is listed in the first routing table entry for the subnet. This is something about which I wrote back in 2008, but I’m glad to see Chris bringing it to light again.
George Crump published this article on using DCB to enhance iSCSI. (Note: The article is quite favorable to Dell, and George discloses an affiliation with Dell at the end of the article.) One thing I did want to point out is that—if I recall correctly—the 802.1Qbb standard for Priority Flow Control only defines a single “no drop” class of service (CoS). Normally that CoS is assigned to FCoE traffic, but in an environment without FCoE you could assign it to iSCSI. In an environment with both, that could be a potential problem, as I see it. Feel free to correct me in the comments if my understanding is incorrect.
Microsoft is introducing data deduplication in Windows Server 2012, and here is a good post providing an introduction to Microsoft’s deduplication implementation.
SANRAD VXL looks interesting—anyone have any experience with it? Or more detailed technical information?
I really enjoyed Scott Drummonds’ recent storage performance analysis post. He goes pretty deep into some storage concepts and provides real-world, relevant information and recommendations. Good stuff.

Cloud Computing/Cloud Management

After moving CloudStack to the Apache Software Foundation, Citrix published this discourse on “open washing” and provides a set of questions to determine the “openness” of software projects with which you may become involved. While the article is clearly structured to favor Citrix and CloudStack, the underlying point—to understand exactly what “open source” means to your vendors—is valid and worth consideration.
Per the AWS blog, you can now export EC2 instances out of Amazon and into another environment, including VMware, Hyper-V, and Xen environments. I guess this kind of puts a dent in the whole “Hotel California” marketing play that some vendors have been using to describe Amazon.
Unless you’ve been hiding under a rock for the past few weeks, you’ve most likely heard about Nick Weaver’s Razor project. (If you haven’t heard about it, here’s Nick’s blog post on it.) To help with the adoption/use of Razor, Nick also recently announced an overview of the Razor API.

Virtualization

Frank Denneman continues to do a great job writing solid technical articles. The latest article to catch my eye (and I’m sure that I missed some) was this post on combining affinity rule types.
This is an interesting post on a vSphere 5 networking bug affecting iSCSI that was fixed in vSphere 5.0 Update 1.
Make a note of this VMware KB article regarding UDP traffic on Linux guests using VMXNET3; the workaround today is using E1000 instead.
This post is actually over a year old, but I just came across it: Luc Dekens posted a PowerCLI script that allows a user to find the maximum IOPS values over the last 5 minutes for a number of VMs. That’s handy. (BTW, I have fixed the error that kept me from seeing the post when it was first published—I’ve now subscribed to Luc’s blog.)
Want to use a Debian server to provide NFS for your VMware environment? Here is some information that might prove helpful.
Jeremy Waldrop of Varrow provides some information on creating a custom installation ISO for ESXi 5, Nexus 1000V, and PowerPath/VE. Cool!
Cormac Hogan continues to pump out some very useful storage-focused articles on the official VMware vSphere blog. For example, both the VMFS locking article and the article on extending an EagerZeroedThick disk were great posts. I sincerely hope that Cormac keeps up the great work.
Thanks to this Project Kronos page, I’ve been able to successfully set up XCP on Ubuntu Server 12.04 LTS. Here’s hoping it gets easier in future releases.
Chris Colotti takes on some vCloud Director “challenges”, mostly surrounding vShield Edge and vCloud Director’s reliance on vShield Edge for specific networking configurations. While I do agree with many of Chris’ points, I personally would disagree that using vSphere HA to protect vShield Edge is an acceptable configuration. I was also unable to find any articles that describe how to use vSphere FT to protect the deployed vShield appliances. Can anyone point out one or more of those articles? (Put them in the comments.)
Want to use Puppet to automate the deployment of vCenter Server? See here.

I guess it’s time to wrap up now, lest my “short take” get even longer than it already is! Thanks for reading this far, and I hope that I’ve shared something useful with you. Feel free to speak up in the comments if you have questions, thoughts, or clarifications.

Tags: Citrix, FCoE, HyperV, iSCSI, Linux, LISP, Microsoft, Networking, NFS, Security, Storage, vCloud, Virtualization, VMware, vSphere, VXLAN, Windows, Xen

The OS is Dead, Long Live the OS

Wednesday, March 28, 2012 in Microsoft, Virtualization by slowe | 3 comments

I just finished reading a post on ZDNet titled “Are Hyper-V and App-V the new Windows Servers?” in which the author—Ken Hess—postulates that the rise of virtualization will shape the future of the Microsoft Windows OS such that, in his words:

The Server OS itself is an application. It’s little more than (or hopefully a little less than) Server Core.

The author also advises his readers that they “have to learn a new vocabulary” and that they’ll “deploy services and applications as workloads.”

Does any of this sound familiar to you?

It should. Almost 6 years ago, I was carrying on a blog conversation (with a web site that is now defunct) about the future of the OS. I speculated at that point that the general-purpose OS as we then knew it would be gone within 5 to 10 years. It looks like that prediction might be reasonably accurate. (Sadly, I was horribly wrong about Mac OS X, but everyone’s allowed to be wrong now and then aren’t they?)

It should further sound familiar because almost 5 years ago, Srinivas Krishnamurti of VMware wrote an article describing a new (at the time) concept. This new concept was the idea of a carefully trimmed operating system (OS) instance that served as an application container:

By ripping out the operating system interfaces, functions, and libraries and automatically turning off the unnecessary services that your application does not require, and by tailoring it to the needs of the application, you are now down to a lithe, high performing, secure operating system – Just Enough of the Operating System, that is, or JeOS.

The idea of the server OS as an application container—what Ken suggests in very Microsoft-centric terms in his article—is not a new idea, but it is good to see those outside of the VMware space opening their eyes to the possibilities that a full-blown general purpose OS might not be the best answer anymore. Whether it is Microsoft’s technology or VMware’s technology that drives this innovation is a topic for another post, but it is pretty clear to me that this innovation is already occurring and will continue to occur.

The OS is dead, long live the OS!

<aside>If this is the case—and I believe that it is—what does this portend for massive OS upgrades such as Windows 8 (and Server 2012)?</aside>

Tags: HyperV, Microsoft, Virtualization, VMware, vSphere, Windows

Why SR-IOV on vSphere?

Monday, March 19, 2012 in Virtualization by slowe | 21 comments

Yesterday I posted an article regarding SR-IOV support in the next release of Hyper-V, and I commented in that article that I hoped VMware added SR-IOV support to vSphere. A couple of readers commented about why I felt SR-IOV support was important, what the use cases might be, and what the potential impacts could be to the vSphere networking environment. Those are all excellent questions, and I wanted to take the time to discuss them in a bit more detail than simply a response to a blog comment.

First, it’s important to point out—and this was stated in John Howard’s original series of posts to which I linked; in particular, this post—that SR-IOV is a PCI standard; therefore, it could potentially be used with any PCI device that supports SR-IOV. While we often discuss this in the networking context, it’s equally applicable in other contexts, including the HBA/CNA space. Maybe it’s just because in my job at EMC I see some interesting things that might never see the light of day (sorry, can’t say any more!), but I could definitely see the use for the ability to have multiple virtual HBAs/CNAs in an ESXi host. Think about the ability to pass an HBA/CNA VF (virtual function) up to a guest operating system on a host, and what sorts of potential advantages that might give you:

The ability to zone on a per-VM basis
Per-VM (more accurate, per-initiator) visibility into storage traffic and storage trends

Of course, this sort of model is not without drawbacks: in its current incarnation, assigning PCI devices to VMs breaks vMotion. But is that limitation a byproduct of the current way it’s being done, and would SR-IOV help alleviate that potential concern or issue? It sounds like Microsoft has found a way to leverage SR-IOV for NIC assignment without sacrificing live migration support (see John’s latest SR-IOV post). I suspect that bringing SR-IOV awareness into the hypervisor—and potentially into the guest OS via each vendor’s paravirtualized device drivers, aka VMware Tools in a vSphere context—might go a long way to helping address the live migration concerns with direct device assignment. Of course, I’m not a developer or a programmer, so feel free to (courteously!) correct me in the comments.

Are there use cases beyond providing virtual HBAs/CNAs? Here are a couple questions to get you thinking:

Could you potentially leverage a single PCI fax board among multiple VMs (clearly you’d have to manage fax board capacity) to virtualize your fax servers?
Would the presentation of virtual GPUs to a guest OS eliminate the need for a paravirtualized video driver, and would the lack of a paravirtualized video driver streamline the virtualization layer even more? The same goes for virtual NICs.

I’m not saying that all these things are possible—again, I’m not a developer so I could be way off base—but it seems to me that SR-IOV at least enables us to consider these sorts of options.

Regarding networking, this is where I see a lot of potential for SR-IOV. While VMware’s networking code is highly optimized, the movement of Ethernet switching into hardware on a NIC that supports SR-IOV has got to free up some CPU cycles and virtualization overhead. It also seems to me that putting that Ethernet switching on an SR-IOV NIC and then adding 802.1Qbg (EVB/VEPA) support would be a sweet combination. Mix in a hypervisor-to-NIC control plane for dynamically provisioning SR-IOV VFs and you’ve got a solution where provisioning a VM on a host dynamically creates an SR-IOV VF, attaches it to the VM, and uses EVB to provision a new VLAN on-demand onto that NIC. Is that a “pie in the sky” dream scenario? I’m not so sure that it’s that far off.

What do you think? Please share your thoughts in the comments below. Where applicable, please provide disclosure. For example, I work for EMC, but I speak for myself.

Tags: Hardware, HyperV, Microsoft, Virtualization, VMware, vSphere

SR-IOV Support in the Next Version of Hyper-V

Sunday, March 18, 2012 in Virtualization by slowe | 7 comments

While browsing my list of RSS feeds tonight, I came across a series of articles by John Howard, a senior program manager on the Hyper-V team at Microsoft. The post was one of a series of posts describing SR-IOV support in the next version of Hyper-V, found in Windows “8″. I hadn’t heard that Microsoft was adding SR-IOV support to the next version of Hyper-V, so when I saw that I was surprised. Personally, I think SR-IOV support is a big deal (see the note at the end of this post for why).

If you’re not familiar with SR-IOV, I suggest you read this quick SR-IOV tutorial I published on this site in late 2009.

Here are the links to John’s SR-IOV in Hyper-V posts:

Everything you wanted to know about SR-IOV in Hyper-V, part 1
Everything you wanted to know about SR-IOV in Hyper-V, part 2
Everything you wanted to know about SR-IOV in Hyper-V, part 3
Everything you wanted to know about SR-IOV in Hyper-V, part 4
Everything you wanted to know about SR-IOV in Hyper-V, part 5

It’s great to see Microsoft adding SR-IOV support to Hyper-V; this brings SR-IOV out of the niche Linux market and into a broader, more mainstream market. This also applies some competitive pressure against market leader VMware, who now has to respond in some fashion—either by adding SR-IOV support to their ESXi hypervisor, or by explaining why SR-IOV support isn’t necessary. Personally, I hope that VMware does the former and not the latter.

(By the way, for those of you wondering why SR-IOV is important, there are lots of potential synergies here—in my view, at least—between hardware switching on an SR-IOV NIC and things like software-defined networking.)

Tags: Hardware, HyperV, Microsoft, Networking, Virtualization

Technology Short Take #18

Sunday, December 11, 2011 in Networking, Storage, Virtualization by slowe | 4 comments

Welcome to Technology Short Take #18! I hope you find something useful in this collection of networking, OS, storage, and virtualization links. Enjoy!

Networking

The number of articles in my “Networking” bucket continues to overflow; I have so many articles on so many topics (soft switching, OpenFlow, Open vSwitch, MPLS) that it’s hard to get my head wrapped around all of it. Here are a few posts that stuck out to me:

Ivan Pepelnjak has a very well-written post explaining the various ways that virtual networking can be decoupled from the physical network.
I stumbled across a trio of articles by Denton Gentry on hash tables (part 1, part 2, and part 3). This is an interesting perspective I hadn’t considered before; as we move more into software-defined networks (SDNs), why are we continuing to use the same mechanisms as before? Why not take advantage of more efficient mechanisms as part of this transition?

Servers/Operating Systems

Nigel Poulton and I traded a few tweets during HP Discover Vienna about SCSI Express (or SCSI over PCIe, SoP). He wrote up his thoughts about SoP and its future in the storage industry here. Further Twitter-based discussions about fabrics led him to say that HP buying Xsigo would bring the competition back against UCS. I’m not so sure I agree. Xsigo’s server fabric technology/product is interesting, but it seems to me that it’s still adding layers of abstraction that aren’t necessary. As SR-IOV, MR-IOV, and PCIe extension matures, it seems to me that Ethernet as the fabric is going to win. If that’s the case, and HP wants to bring the hurt against UCS, they’re going to have to invest in Ethernet-based fabrics.
Speaking of UCS, here’s a “how to” on deploying the UCS Platform Emulator on vSphere. You might also like the UCS PE configuration follow-up post.
Here’s what looks to be a handy Mac OS X utility to track how long until your Active Directory password expires. Sounds simple, yes, but useful.

Storage

Andre Leibovici bucks the “common wisdom” and recommends that EFDs should be used for the linked clones, not the base replica. I can’t really argue with his recommendation; it’s based on a pretty thorough analysis of I/O patterns against a VMware View environment. It’s a great article for any architect attempting to design a storage solution for a View environment.
Andre also conducts a good analysis of the effectiveness of FAST Cache in VDI environments that’a also worth a read.
A “black box” for storage? Interesting idea—more information is available here.

Virtualization

Jason Boche, after some collaboration with Bob Plankers, wrote up a good procedure for expanding the vCloud Director Transfer Server storage space. It’s definitely worth a read if you’re going to be working with vCloud Director.
Microsoft has released version 3.2 of the Linux Integration Services for Hyper-V. The new release adds integrated mouse support, updated network drivers, and fixes an issue with SCVMM compatibility.
Julian Wood, who I had the opportunity to meet in Copenhagen at VMworld 2011, has published a four-part series on managing vSphere 5 certificates. Follow these links for the series: part 1, part 2, part 3, and part 4.
Thinking of deploying Oracle on vSphere? You should probably read this three-part series from VMware’s Business Critical Applications blog: part 1 is here, part 2 is here, and part 3 is here.
I’m so used to dealing with VLANs in a vSphere environment, I didn’t consider the challenges that might come up when using them with VMware Workstation. Fortunately, this author did—read his post on mapping VLANs to VMnets in VMware Workstation.
I thought that this article on virtual disks with business critical applications would be a deep dive on which virtual disk formats (thin, lazy zeroed, eager zeroed) are best suited for various applications. While the article does discuss the different virtual disk formats, unfortunately that’s as far as it goes.
Fellow VMware vSphere Design co-author Forbes Guthrie highlights an important design concern with AutoDeploy: what about a virtual vCenter instance? Read his full article for the in-depth discussion.
This post by William Lam gives a good overview of when vSphere MoRefs change (or don’t change).
Here’s a good explanation why NIC teaming can’t be used with iSCSI binding.
Cormac Hogan also posted a nice overview of some new vmkfstools enhancements in vSphere 5.
Terence Luk posts a detailed procedure to help recover VMware Site Recovery Manager in the event of a failure of one of the SRM servers. Good information—thanks Terence!

And that’s it for this time around. Feel free to add your thoughts in the comments below—all comments are welcome! (Please provide full disclosure of vendor affiliations/employment where applicable. Thanks!)

Tags: HyperV, Macintosh, Networking, Storage, UCS, vCloud, VDI, Virtualization, vSphere

Technology Short Take #16

Monday, November 7, 2011 in Networking, Storage, Virtualization by slowe | 1 comment

Welcome to Technology Short Take #16. It’s been quite a while since my last Technology Short Take (a month!), and I don’t know if that’s a good thing (so readers didn’t have to listen to my rambling) or a bad thing (readers missing out on what I hope are useful or interesting links). In any case, here’s my latest collection of various data center-related links, articles, and thoughts. Thanks for reading!

Networking

A great of my networking-related reading over the last few weeks has been focused on OpenFlow and trying to better understand what it is and how it affects things (both today and in the future). I won’t share all of them here (I’ll probably post a separate collection of all the links I’ve gathered), but I did want to mention that briefly. Of particular interest to me is the interaction/integration between OpenFlow, Open vSwitch, and OpenStack. Any notes/thoughts/ideas there that readers would like to share are welcomed.
While this post on NVGRE, VXLAN, and what Microsoft is doing right is a bit slanted in favor of Open vSwitch, I do agree that standardizing the control plane for managing the virtual networking platform is a worthy goal. We all know, intuitively, that we need better orchestration and more extensive automation; providing a standardized control interface is one step closer to achieving that, in my opinion.
Ivan has a great treatise on why virtual switches need BPDU guard. As usual, his post is spot on—with one minor exception. Current recommendations for vSphere HA state that, in most cases, isolation response should be configured to leave VMs powered on. Thus, the scenario he describes in which a misconfigured VM might take down all the links on an ESX/ESXi host and then cause the VMs to be rebooted is far less likely to occur. Even so, that’s a minor nit, and the point of the article remains valid and useful.

Servers

For a bit of a real-world look at Cisco UCS, read this post by Chris Atkinson, a fairly recent adopter of UCS in his environment.

Storage

If you haven’t had a chance to catch up with Rob Peglar’s “Architecture Matters” series of blog posts, I think it’s worth checking out. Part 1 is here and part 2 is here. (Rob, by the way, is the Americas CTO for Isilon.)
The “readiness” of FCoE for the enterprise is a topic that has come up once again. Stephen Foskett stirred the waters—something that he seems to be doing more frequently now—with this article. Predictably (and I don’t mean that in a bad way), J Metz has come out squarely on the side of “FCoE is ready” (read his post); Greg Ferro has come out swinging against FCoE (read his post). I can see both sides of the argument; personally, I think that these two sides are operating on different measurements. J Metz is working from the perspective of standards readiness and product availability; Stephen and Greg are working from the perspective of market adoption. Neither is a good indicator alone of enterprise readiness; rather, both need to be taken together.
Interested in a bit more detail on how VNX volumes work? Check out this article by Joe Kelly of Varrow.
Scott Drummonds has a great series going on titled “The Flash Storage Revolution”. In part 1, Scott discussed why flash is so important in enterprise storage today; in part 2, Scott addressed the factors that companies must consider when deciding how to best use flash in their environments. I’m looking forward to part 3!
Brandon Riley has a good couple of posts showing some differences between PowerPath/VE and Round Robin on VMAX (part 1 and part 2). The differences with “out of the box” settings are quite dramatic in favor of PowerPath/VE; with some tuning, Round Robin pulls in much closer. Of course, raw performance is important, but failure behaviors are also important; it would be great if Brandon could incorporate some failure scenario behaviors into his scorecard.
Jeramiah Dooley of VCE has a good article examining the value of FAST VP and FAST Cache for service providers. It’s a good read that I’d recommend.

Virtualization

It seems that writing a series of articles is all the rage these days; Chris Colotti has a series going titled “vCloud Director Clone Wars” that discusses the considerations around the use of vSphere clones in vCloud Director environments. Have a look at the series: part 1, part 2, and part 3.
Want to use PXE with VMs under VMware Fusion? This post shows you how.
Interested in running Hyper-V under ESXi 5? It’s possible; this VMware Communities document provides some information. I’d also recommend having a look here as well.
While we are on the top of nested VMs, William Lam wrote up how to install the VMware VSA in nested ESXi 5 host.
Here’s another article series, this time from Itzik Reich and addressing VMware SRM 5 with EMC Symmetrix (part 1 and part 2).
Cisco UCS VM-FEX is the subject of this 3-part series from Joe Keegan at Infrastructure Adventures (part 1, part 2, and part 3).
More nesting madness: running Virtual PC inside Hyper-V? Ben Armstrong discusses the need for MAC spoofing in that scenario.
Want an opportunity to win a $50 gift card? Go supply your VDI read/write IOPS data statistics over at Andre’s site.
It’s no secret that I’ve been discussing stretched clusters for quite some time (as far back as last September with this presentation, and then again here and here), so it’s great to see other people in the virtualization community talking about the subject as well. Duncan posted an article focusing on failure scenarios and Chad Sakac posted an article on the new stretched cluster HCL category. This December at the Brisbane and Melbourne VMUG events, I’ll be presenting some new content on stretched clusters, so stay tuned for that.

I guess it’s time to wrap up now. Thanks for reading, and feel free to share any useful or pertinent links in the comments below.

Tags: HyperV, Microsoft, Networking, Storage, vCloud, Virtualization, VMware, vSphere

Is the Pot Calling the Kettle Black?

Tuesday, April 26, 2011 in Microsoft, Virtualization by slowe | 15 comments

A recent post by Microsoft on the Windows Virtualization Team Blog titled “Hyper-V VM Density, VP:LP Ratio, Cores and Threads” caught my eye this morning as I was scanning my RSS feeds. In this post, the author (the anonymous WSV_GUY) works through the idea of cores vs. logical processors. The distinction here, in case you didn’t already know, is that many modern multi-core CPUs also support symmetric multi-threading (SMT, also referred to as hyperthreading), which means that an eight core CPU can actually process 16 threads simultaneously and would therefore be considered to have 16 logical processors.

<aside>I can see where this might be an area of some confusion; in fact, I was just discussing hyperthreading with a colleague last week. In my opinion, it’s far more accurate to refer to current-generation functionality as SMT than hyperthreading, but that’s another story for another day.</aside>

What really caught my eye was the part of the article where the author compares and contrasts Microsoft’s approach and others’ approaches. I’ve taken a screenshot here in case the original article changes. Keep in mind that the article is based on the discussion of maximum virtual CPUs (or VPs, as WSV_GUY calls them) per logical CPU:

Microsoft blog quote
Figure 1. Screenshot of Microsoft blog post

So, two things pop to mind immediately. Let’s take these in order.

First—since it’s fairly obvious that Microsoft is targeting VMware as the primary “other virtualization vendor”—it should be noted that VMware does not consistently use cores as their unit of measure. As a point of proof, I present to you this screenshot taken from VMware’s Configuration Maximums document for vSphere 4.1 (available in PDF here). I’ve taken the liberty of highlighting the two key takeaways:

Figure 2. Screenshot of VMware configuration maximums document

As you can see from the documentation, VMware inconsistently switches back and forth from logical CPUs to cores. From that perspective, VMware has some work to do on presenting consistent messaging and consistent documentation. Point taken. VMware, are you listening?

But that’s not really my major beef with the article.

The second thing I noted was the statement in the Microsoft blog (see Figure 1) about “Vendor A” and statements about ratios. Remember that the entire blog post appears to be about maximum ratios: “Vendor A response 16:1 (with the qualifier that your mileage will vary)”. It seems to me that the author is referring to the statement at the bottom of the VMware configuration maximums document (see Figure 2) that discusses the achievable number of virtual processors per core. However, we’re not talking about achievable ratios, we’re talking about maximum ratios, right? Or are we?

Although the Microsoft author appears to ding VMware for making a statement about achievable ratios in an article discussing maximum supported ratios, later in the same article the author does the same thing (the emphasis is mine):

You can see that even with an 8:1 VP to LP ratio (or 16:1 VP: Core, if you prefer), Hyper-V supports very dense VM configurations. Even on a server with two physical processors, Hyper-V supports a staggering number of virtual machines (up to 256). The limiting factor won’t be Hyper-V. It will be how much memory you’ve populated the server with and how well the storage subsystem performs.

Sounds to me like Microsoft is saying that they have a maximum ratio of virtual CPUs to logical CPUs, but that the actual ratio can you achieve (the achievable ratio?) might be less than that. How is that any different from the statement in VMware’s configuration maximums document? How is Microsoft’s “approach” with regard to ratios any different, better, or clearer for the customer? Yes, VMware’s documentation is inconsistent. But when it comes to maximum ratios vs. achievable ratios, it seems to me that the pot is calling the kettle black.

If I’m off or I’m overlooking something, please let me know by speaking up in the comments. Please use full disclosure of your employer where that employment might affect your viewpoint. Thanks!

Tags: HyperV, Microsoft, Virtualization, VMware, vSphere

Technology Short Take #10

Thursday, January 27, 2011 in Networking, Storage, Virtualization by slowe | 4 comments

Welcome to Technology Short Take #10, my latest collection of data center-oriented links, articles, thoughts, and tidbits from around the Internet. I hope you find something useful or informative!

Networking

Link aggregation with VMware vSwitches is something I’ve touched upon a great many posts here on my site, but one thing that I don’t know I’ve ever specifically called out is that VMware vSwitches don’t support LACP. But that’s OK—Ivan Pepelnjak takes care of that for me with his recent post on LACP and the VMware vSwitch. He’s absolutely right: there’s no LACP support in VMware vSphere 4.x or any previous version.
Stephen Foskett does a great job of providing a plain English guide to CNA compatibility. Thanks, Stephen!
And while we are on the topic of Mr. Foskett, he also authored this piece on NFS in converged network environments. The article seemed a bit short for some reason. It kind of felt like the subject could have used a deeper, more thorough treatment. It’s still worth a read, though.
Need to trace a MAC address in your data center? CiscoZine provides all the necessary details in their post on how to trace a MAC address.
Jeremy Stretch of PacketLife.net provides a good overview of using WANem. If you need to do some WAN emulation/testing, this is worth reading.
Jeremy also does a walkthrough of configuring OSPF between Cisco and Force10 networking equipment.
I don’t entirely understand all the networking wisdom found here, but this post by Brad Hedlund on Nexus 7000 routing and vPC peer links is something I’m going to bookmark for when my networking prowess is sufficient for me to fully grasp the concepts. That might take a while…
On the other hand, this post by Brad on FCoE, VN-Tag, FEX, and vPC is something I can (and did) assimilate much more readily.
Erik Smith documents the steps for enabling FCoE QoS on the Nexus 5548, something that Brad Hedlund alerted me to via Twitter. It turns out, as Erik describes in his post about FCoE login failure with Nexus 5548, that without the FCoE QoS enabled fabric logins will fail. If you’re thinking of deploying Nexus 5548 switches, definitely keep this in mind.

Servers

In the event you haven’t already read up on it, the UCS 1.4(1) release for Cisco UCS was a pretty major release. See the write-up here by M. Sean McGee. By the way, Sean is an outstanding resource for UCS information; if you aren’t subscribed to his blog, you should be.
Dave Alexander also has a good discussion about some of the reasoning behind why certain things are or are not in Cisco UCS.

Storage

Nigel Poulton tackles a comparison between the HDS VSP and the EMC VMAX. I think he does a pretty good job of comparing and contrasting the two products, and I’m looking forward to his software-focused review of these two products in the future.
Brandon Riley provides his view of the recently-announced EMC VNX. The discussion in the comments about the choice of form factor (EFD) for flash-based cache is worth reading, too.
Andre Leibovici discusses the need for proper storage architecture in this treatment of IOPs, read/write ratios, and storage tiering with VDI. While his discussion is VDI-focused, the things he discussed are important to consider with any storage project, not just VDI. I would contend that too many organizations don’t do this sort of important homework when virtualizing applications (especially “heavier” workloads with more significant resource requirements), which is why the applications don’t perform as well after being virtualized. But that’s another topic for another day…
Environments running VMware Site Recovery Manager with the EMC CLARiiON SRA should have a look at this article.
Jason Boche recently published his results from a series of tests on jumbo frames with NFS and iSCSI in a VMware vSphere environment. There’s lots of great information in this post—I highly recommend reading it.

Virtualization

What, you didn’t think I’d overlook virtualization, did you?

I like the idea of CLASH. It just needs more development.
Running VMware Fusion? I am. Ever needed guest VMs on Fusion to have a static (fixed) IP address? I have. Here’s how it’s done (hint: Fusion uses a hidden DHCP server with its own configuration file).
This VMware KB article tells you how to change the default password hashing mechanism from MD5 to SHA512.
If you haven’t yet upgraded to vSphere 4.1, this VMware KB article is a nice supplement to the vSphere Upgrade Guide.
In Technology Short Take #9, I referenced Part 1 and Part 2 of Frank Denneman’s series of articles on the impact of oversized virtual machines. Since then Frank has published part 3, in which he looks at oversized virtual machines from the perspectives of CPU scheduling, memory management, and bootstorms.
I also liked Frank’s article on setting cluster resource percentages correctly. That’s a “little thing” that people often overlook, I think.
Oh, and one other thing: Frank, I think you can stop beating the CPU affinity dead horse now, OK?
Ben Armstrong posts a couple of useful Hyper-V posts (off-topic question: should he change his handle from “Virtual PC Guy” to “Hyper-V Guy”?). First is a discussion of how Hyper-V handles VM shutdowns, followed by a post on how to use PowerShell to determine which physical computer you’re running on.
Duncan has a great post on the interaction between SIOC (Storage IO Control) and “external” workloads. This is something that both Scott Drummonds and I discussed earlier (see my post and see Scott D’s post), but it’s good to see it get some additional attention. Duncan and I traded some comments and some tweets about the issue, particularly with regard to the interaction of SIOC and low-RPO replication solutions. I’ve got some thoughts on that interaction that I need to work through, but don’t be surprised to see a blog post on that in the near future.
Hany Michael has a tutorial on getting vCloud Director working with vShield Edge and vShield App.