Month: October 2010

Virtualisation Has Changed: Microsoft Announces Azure VM Role

I attended the PDC party that was held by Microsoft Ireland.  During his keynote, Bob Muglia talked about the soon-to-be-beta Azure VM Role.  This is a new feature of MS’s cloud service. 

Azure that you know now is Platfor-as-a-Service (PaaS).  PaaS provides a framework that a developer can develop an application on, store data in, etc.  It’s a lock-in, i.e. if you decide that Azure isn’t for you then you can’t move your application.  You will have to redevelop it.

VM Role gives Azure customers Infrastructure-as-a-Service (IaaS) which you may know as VPS hosting, similar to what Amazon EC2 does.  You get a virtual machine with a Windows Server 2008 R2 OS, the roles, features, etc.  You can RDP into it, etc.  You can develop your application and the good news is that anything you do here will be possible to do on other hosting platforms, i.e. your application is portable.

But this is much more than VPS.

Let’s start at the management portal.  It looks just like System Center Virtual Machine Manager (VMM) v.Next.  That’s the tool that Hyper-V administrators will use to manage many Hyper-V hosts.  There’s a good reason for this which I’ll come back to later.  An Azure customer can quickly deploy new VMs from a template.  The VM is provisioned and you log into it.  I didn’t hear all of this but it looked like that the RDP login might have used your Live ID.  That would be cool if it did.

Services such as SQL (database) and IIS (web) will be virtualised using Server App-V.  That means SQL is running in a sandbox or virtual machine within the virtual machine.  This means these services can be quickly deployed without doing the usual setup.exe-next-next-configuration routine.  It also means that MS can patch their OS templates, and your provisioned VM’s can be swapped out from underneath the virtual services.  That SQL server will magically stay running while MS patches the OS!  That is sweet!  It’s also a feature of VMM v.Next.

A nice thing that I did not expect was cross-premises integration.  Your Azure VMs can be members of your internal Active Directory domain(s).  Now you have a single sign-on infrastructure.  You could use Azure as a DR site.  You could use it for automated elastic computing services.  You could use it as an alternative virtualisation platform.

And that brings us to Hyper-V.  We have been told that a future version of VMM (maybe v.Next) will allow us to move VMs from our private cloud (essentially an internal Hyper-V infrastructure) to the public cloud as needed.  For example, a developer could produce an application on cheap internal resources that are conveniently located.  When it’s ready, it could be put into production with a VM move onto Azure.  There’s no redeployment of all the resources. 

The messy bit with cross-premises VM migrations will be the licensing, i.e. volume licensing versus SPLA.  The price of per CPU licensing in SPLA will scare a lot of people.  And if it isn’t SPLA then MS can expect class action and/or anti-monopoly court cases.

If you are a System Center house then there’s great news.  The cumulative update 3 release of OpsMgr 2007 along with a new Azure management pack (RC release but supported in production) will mean you can monitor internal and Azure infrastructure/platform applications with one management system.  You can even build distributed application and/or SLA monitoring for off-premises/on-premises/cross-premises applications/systems.

Azure VM Role will go into CTP/beta sometime by the end of 2010.  My guess is that RTM will be between MMS and PDC 2011.  I would bet that VMM v.Next (2011) will need to be RTM at the same time or before Azure VM Role.

These are very exciting times to be in the virtualisation or cloud world.  On the other hand, it is not going to be a great time to be working for a small or medium sized hosting company.  Microsoft and Amazon are effectively stepping on the necks of these competitors and twisting.  It’s very difficult to compete with what they do and the prices (which are impossible to understand/budget for) that they offer.  Anyone who is a MS hosting “partner” will have to realise that they compete with MS and find a unique selling point (USP).  There are two things I see:

  • The Patriot Act: I’ve talked long about this before and won’t go back over it in detail.  Anyone outside of the USA that is worried about data protection needs to be concerned about operating in a US owned (not located) data centre.
  • Support: A smaller operator will be able to provide much better and more personal support than Amazon or MS.  Fact!  They will always be the big, remote organization that will be slower to respond.  Smaller providers will be able to support their customers more.  By the way, there’s probably going to be a market for MS/Amazon partners to support/monitor MS/Amazon cloud services on behalf of their clients, offering a 1st line of support that MS/Amazon cannot do themselves in a timely manner.

The rules of the game haven’t changed; the game has changed.  The virtualisation wars just become much, much bigger.

KB2230887: Dynamic Memory for W2008 Web and Standard Editions

Dynamic Memory makes use of the ability to insert memory using plug and play.  That’s something that was restricted to Enterprise and Datacenter editions of Server.  Good news: MS plans to make this available to Web and Standard editions via hotfixes and service packs.

A hotfix has been released for Windows Server 2008 Web edition and Standard edition.

“When Dynamic Memory is enabled for a virtual machine system that is running one of the following operating systems, the memory of the virtual machine does not increase after the virtual machine is started. 

  • Windows Server 2008 Standard Edition Service Pack 2 (SP2)
  • Windows Server 2008 Standard Edition Server Core SP2
  • Windows Web Server 2008 SP2 
  • Windows Web Server 2008 Server Core SP2”

Install the update, install the SP1 integration components and then you can configure DM for these VMs.

By the way, no fixes will be required for Windows Server 2003!  Windows Server 2008 R2 VM’s should be updated to SP1.

SP1 RC for Windows 7 and Windows Server 2008 R2

Microsoft just announced the release of the Service Pack 1 release candidate for Windows 7 and W2008 R2.  This will be the only RC release before the eventual RTM release.  You can download it now.  The download page still talks about the beta release.  I guess that’ll get updated pretty quickly?

I haven’t seen any details on additional changes since the beta.  I know that MS demonstrated an additional Hyper-V feature at TechEd NA 2010 that was not in the beta.  This allowed Hyper-V admins to use PowerShell to configure virtual switches to filter out traffic from VMs if they used a non-assigned IP address – useful where you don’t trust the delegated admins of those VMs who are logged into them with admin rights (and could change the IPs to try do a spoof attack).

No Windows 8 Until 2012

It’s been widely reported this afternoon that news of a Windows 8 release schedule appeared very briefly on a Dutch MS website (before being pulled).  I have a nagging feeling that something similar happened there with Windows 7 sometime back …

Anyway, the story was that we wouldn’t see an RTM of the new server/desktop OSs for another 2 years.  I used to think that we’d see some announcements at TechEd Europe in November.  It is 2 years since we had the Windows 7/Server 2008 R2 “Better Together” announcements at TechEd Europe in Barcelona.  If you stick to the promise of 2 year release cycles (to the Software Assurance customers) then we should be entering that cycle now.  But it appears that we won’t enter that for another 6-12 months.  My guess would be TechEd NA 2011.

OK, so SA customers might be peeved that their recent SA purchases won’t bring an upgrade – they do get other benefits, some which they might value and others they may not.  But there is a bright side for the rest of us.

Think back 5 years.  Windows XP arrived in 2001.  It didn’t exactly go through a widespread deployment straight away.  In these parts, many people didn’t start to deploy it until 2004-2006.  Seriously!  The long time between XP and Vista gave businesses a chance to get off of the old hardware and onto XP. 

That doesn’t exactly suit the revenue generation of Microsoft.  They want people buying SA or upgrade licenses.  That means they need to provide a reason to pay extra.  And that mean more frequent releases.  Vista came along and it went down like the Hindenburg.  It wasn’t awful but the reaction was.  Mainly the issue was that it was very different and people/businesses had invested in an XP platform.  Official sales figures were misleading because SA figures are presented.  In reality, few deployed it. 

Windows 7 has had a positive critical response.  Think about this; it’s effectively Vista 1.1.  What’s changed?  There are improvements (drivers, performance and usability) but businesses have had more time to get used to it.  But it’s still not widely deployed in the business.  Money is short and upgrade projects take time and money.  Many of the better together solutions are excellent but most businesses have already purchased 3rd party solutions so the motivation to move might not be there now.

The fix is time.  And that’s why I’m happy about Windows 8 not being directly around the corner. 

Example:  Many people want x64 laptops in the office for 4GB+ RAM.  Fair enough.  But the catch is the firewall.  Why?  Cos the stupid VPN clients that they have right now are 32-bit only and a 64-bit client is only available if they purchased the firewall vendor’s equivalent of Software Assurance and many business don’t.  And the likes of CheckPoint go and require backdating of support + a new per user VPN license!  There’s an opportunity to deploy Windows 7 Ultimate/Enterprise with DirectAccess.

Windows 7 will gain more and more acceptance.  Eventually business applications will drive an upgrade like happened with XP. 

And what’s nice for an IT Pro that works with lots of technology: time to learn the stuff.  The constant churn means you can’t get in depth knowledge.  With time, you can learn the products, use them, adapt to the quirks, get inventive, etc.

So what if Windows 8 is “late”?  It’s a good thing.  Plus it means that MS has more time to come up with something cool and get it right.  I’d rather have late than wrong.

Technorati Tags: ,

Live Essentials 2011; First Impressions

I installed Live Essentials 2011 on my netbook earlier this evening.  My overall first impressions are good.

I use Live Messenger to chat to some friends in the UK and USA.  I’m not a heavy user but it’s handy.  Now it has the ability to integrate into other social networks including Facebook, LinkedIn, and MySpace.  It has been set up to be extensible.  The social media stuff is a little cluttered with 2 columns.  I’d rather have 1 column like in Facebook.  The core piece of Messenger looks tidy enough.

The Mesh Beta proved to be very useful to me over the last 18 months as I worked on two books.  I could sync up different machines so I could work on my netbook on the train or a laptop at home.  One thing annoyed me; it was messy to set up.  I could do it but I wouldn’t expect any end user to be able to do it.  Live Mesh is much better set up for the ordinary end user and less annoying.  You can sync up IE favourites and Office configurations with the selection of a few checkboxes.  Adding folders to sync is an absolute breeze.  Everything syncs via a dedicated Skydrive sync folder (maximum data of 5GB).

Sugarsync looks good and is recommended by friends of mine in case more than 5GB is needed.  Test it for yourself.

Live Writer is how I usually write blog posts when I am at home or on the road.  Like all of the other tools, it features the ribbon interface.  So far, so good.  It seems to be a little fast to me on my netbook than the previous version.

The Windows Live Mail client is the rich client for Live/Hotmail.  The big thing I see there is conversation view.  And you know what –> it’s done better than than I saw in the Office 2010 pre-RTM versions (I still use Office 2007 because my publisher makes big changes to the ribbon).  Live Mail gives me simple one-click access to a complete conversation.  That’s going to make a big difference to me because I’m on some mail lists where the threads can be scattered over time and intermingled.  Now I have something to sort all of that out.

Most digital camera owners are casual photographers, using the JPEG format.  They’ll like Live Photo Gallery.  The ribbon reveals more functionality that can be done, including basic editing and adding metadata to photos.  I work more in the Photoshop world.  However, I do use Live Photo Gallery to quickly add photos to Flickr.  It continues to excel there, and also offers uploads to YouTube, Facebook, Live Groups, and Skydrive.  There are additional upload plugins that you can configure via a built-in link.  One tool that I liked in the past was ICE (Image Composite Editor).  It seems to have been integrated, allowing for simple and high quality stitching of photos to create panoramas.

That’s it for now.  So far, so good!

Technorati Tags: ,

Hyper-V Cross-Premises Cloud with OpenStack in the Pipes

Cloud.com is working with Microsoft to integrated Hyper-V into their OpenStack project. 

“OpenStack is a collection of open source technology products delivering a scalable, secure, standards-based cloud computing software solution. OpenStack is currently developing two interrelated technologies: OpenStack Compute and OpenStack Object Storage. OpenStack Compute is the internal fabric of the cloud creating and managing large groups of virtual private servers and OpenStack Object Storage is software for creating redundant, scalable object storage using clusters of commodity servers to store terabytes or even petabytes of data”.

My guess is that we’re seeing an implementation of OVF, the Open Virtualization Format.  This provides for a portable package containing a virtual machine and its metadata.  This means we move one step closer to interoperable clouds – the subject of a presentation I did 2 days ago at Eurocloud Ireland.

Microsoft calls this sort of this a cross-premises cloud.  That means your private cloud (Hyper-V with SCVMM and SCVMM SSP 2.0) can integrate with Azure “virtual machine hosting” (Bob Muglia @PDC09) and other public clouds.

Think about it … an app developer likes “the cloud” because they don’t want to care about the infrastructure.  They just consume as required.  But they still need to care about which cloud they use.  In the near future, they’ll just work in “the clouds”, just using whatever cloud is cheapest and, hopefully (pending licensing and hosting company cooperating) be able to move VMs or application components between clouds as they see fit.  We may even see the emergence of cloud computing brokers just like we have insurance brokers now.  You just pay them to find you the cheapest and most suitable service and they do the moving on a day-by-day or month-by-month basis.  That’ll probably need some sort of white/black list for service providers that you set up.

BTW, this is my first post with Windows Live Writer 2011.  It’s got the ribbon interface and is very like Office/Windows 7.

Cumulative Update 3 for Microsoft System Center Operations Manager 2007 R2

Microsoft released cumulative update 3 for OpsMgr 2007 R2.  There’s lots of fixes/changes.  The one big one is the ability to monitor Azure applications.  So now you can use your on-premises OpsMgr installation to monitor the SLA of your Azure application (using Distributed Applications).  You can also monitor cross-premises applications because OpsMgr doesn’t really care where stuff is located.

Mastering Hyper-V Deployment Book is Available Now

Amazon has started shipping the book that I wrote, with the help of Patrick Lownds MVP, Mastering Hyper-V Deployment.

Contrary to belief, an author of a technical book is not given a truckload of copies of the book when it is done.  The contract actually says we get one copy.  And here is my copy of Mastering Hyper-V Deployment which UPS just delivered to me from Sybex:

BookDelivered

Amazon are now shipping the book.  I have been told by a few of you that deliveries in the USA should start happening on Tuesday.  It’s been a long road to get to here.  Thanks to all who were involved.

LiveKD 5.0 Kernel Debugging Running Hyper-V Virtual Machines

Microsoft Sysinternals has updated their LiveKD kernel debugging utility so you can analyse and troubleshoot running VMs on a Hyper-V host.  That’s pretty impressive!  Mark Russinovich has blogged about it, giving some basic instructions.  Now you can start poking around what’s happening in a VM that is running on the host, including the current memory.  It’s unlikely that you might need to do this by yourself, but you may be asked to do some of this stuff by MS support.

This brings up an important point.  Security for virtualisation is not like normal server security, mainly because of the flexibility and mobility of VMs.  In my opinion, you need to treat a virtualisation infrastructure (no matter what brand it is) like an Active Directory.  There should be a few overall administrators (domain admins) and you can delegate on a granular basis.  This can be done with Windows and AzMan in Hyper-V.  I prefer using Virtual Machine Manager delegation. 

Think about this: you have a large organisation and you have contracted in helpdesk operators.  They have some minor role to do with VM management.  You don’t think too much about security or delegationa dn just give them admin rights on the Hyper-V hosts/parent partitions.  They can install LiveKD and then start poking around in VMs and their memory, able to access sensitive information.  In reality they can do much more. 

However, implement your delegation model correctly and they cannot access anything “above their pay grade”.   That means you are using the idea of physical access but applying it using virtual machine placement.  For example, all helpdesk VM’s would be placed on hosts in a helpdesk host group (managed in VMM).  The helpdesk people would be members of a delegated administrator group in VMM that only has the ability to manage members of that host group.  That means any new VMs they’d create could only be placed there.

Mastering Hyper-V Deployment Excerpts

Sybex, the publisher of Mastering Hyper-V Deployment, have posted some excerpts from the book.  One of them is from Chapter 1, written by the excellent Patrick Lownds (Virtual Machine MVP from the UK).  As you’ll see from the table of contents, this book is laid out kind of like a Hyper-V project plan, going from the proposal (Chapter 1), all the way through steps like assessment, Hyper-V deployment, System Center deployment, and so on:

Part I: Overview.

  • Chapter 1: Proposing Virtualization: How to propose Hyper-V and virtualisation to your boss or customer.
  • Chapter 2: The Architecture of Hyper-V: Understand how Hyper-V works, including Dynamic Memory (SP1 beta).

Part II: Planning.

  • Chapter 3: The Project Plan: This is a project with lots of change and it needs a plan.
  • Chapter 4: Assessing the Existing Infrastructure: You need to understand what you are converting into virtual machines.
  • Chapter 5: Planning the Hardware Deployment: Size the infrastructure, license it, and purchase it.

Part III: Deploying Core Virtualization Technologies.

  • Chapter 6: Deploying Hyper-V: Install Hyper-V.
  • Chapter 7: Virtual Machine Manager 2008 R2: Get VMM running, stock your library, enable self-service provisioning.  Manage VMware and Virtual Server 2005 R2 SP1.
  • Chapter 8: Virtualization Scenarios: How to design virtual machines for various roles and scales in a supported manner.

Part IV: Advanced Management.

  • Chapter 9: Operations Manager 2007 R2: Get PRO configured, make use of it, alerting and reporting.
  • Chapter 10: Data Protection Manager 2010: Back up your infrastrucuture in new exciting ways.
  • Chapter 11: System Center Essentials 2010: More than just SCE: Hyper-V, SBS 2008 and SCE 2010 for small and medium businesses.

Part V: Additional Operations.

  • Chapter 12: Security: Patching, antivirtus and where to put your Hyper-V hosts on the network.
  • Chapter 13: Business Continuity: A perk of virtualisation – replicate virtual machines instead of data for more reliable DR.