When working with VMware ESX there are some tips that I can share that can help you manage your environment. This tips are not anything really new or exciting but rather a reinforcement of some best practices to live by in order to improve auditing for compliance and troubleshooting. Use of the following in conjunction with remote logging functionality will improve your compliance stance and improve your ability to troubleshoot over a period of time.
How you may ask? By using a tool that logs all local administrator actions to a remote logging host. There are two ways to do this today for ESX (SUDO and the HyTrust Appliance) and only one mechanism for ESXi and vCenter (the HyTrust Appliance).
Java based applications can now be moved between not only a SpringSource TC-Server Java platform on VMware vSphere, but also between the same platform on VMForce, and now Google AppEngine. This level of support from VMware, Salesforce.com, and now Google is starting to make SpringSource look like the early leading technology for PaaS Clouds. This is a significant advance in the state of PaaS clouds as there were previously no examples that offered such broad support for one platform by such a diverse set of industry leaders. However as is always the case, platform advances have outstripped security, management and performance assurance capabilities.
With virtualization technology we, the system administrators, have a lot of tools available to make our day to day operation and administration of our environments easier to work with and speeds up the time it takes to do a lot of administration tasks. Take for example the ability we have to add resources to a virtual machine. You can add processors, memory and or increase disk space within a matter of minutes and very little downtime. On a physical host you would need to purchase the hardware first and wait for it to arrive and then schedule the downtime to add the resources to the machine. This speed and power can be both a blessing and a curse. Once application owners understand how easy it is to add resources to the virtual machines then comes the requests for additional resources any time the application owners think there is the slightest bit of need for any additional resources.
Citrix have invested an unspecified amount of money in Kaviza whose grid architecture eliminates the expensive infrastructure that VDI solutions. With Kaviza’s solution all the functionality needed to provision and manage virtual desktops is consolidated into a single virtual appliance that scales on commodity servers. Will this announcement herald a major take-up of VDI? Indeed, can you really offer a turnkey solution to support your desktop centralisation strategy?
On the most recent Virtualization Security Podcast, the panel was joined by VMware’s Charu Chaubal to discuss the latest draft of the VMware vSphere hardening guide.
On March 18, Microsoft embarked on a major offensive to focus the desktop virtualisation market away from VMware View. Microsoft announced updates for their desktop virtualization technologies and solutions, including virtual desktop infrastructure (VDI). The question is, are these announcements marketing hype or do they actually help deliver an improved VDI experience? Indeed, are you a VMware View in peril? The announcements from Microsoft and Citrix to little to impact on this marketing statement especially when we consider that, licensing changes aside, this announcement is an announcement of things to come, not an announcement of things available now.Perhaps an effective rescue for VMWare’s VDI will be to for VMware to deliver their client side hypervisor first and offer a single management environment for a business desktop delivery, regardless of device.