RHVE09

Yesterday was the day of the RedHat Virtual Experience 2009, a virtual conference about RedHat’s virtualization technology. You’ve got different “tracks’ (business, technical, …) to satisfy your curiosity and match your needs. To be honest, I wasn’t able to assist all the conferences and to focus as much as I wanted (because I am overloaded with work). The RedHat Virtual Event conferences are now available on-demand, so if you are like me, you’ll get another chance to watch it again.

Nevertheless, it was interesting to hear the first Linux player’s position on virtualization. They offer a solution based on KVM – and not Xen – for this. No need to say it is completely integrated with their product, as a kernel module, working together with other features like SeLinux. This integration was presented as a big advantage because of the availability and maintenance aspects; which is something I could agree on.

RedHat insisted on the fact – what we already know – they are working closely with the Linux community to build their products, which means receiving but also contributing back to the community. The advantage of working with RH, compared to go alone or with another Linux player, is the support and compatibility. No need to mention that they are thousands of RH-certified engineers available. On the compatibility side, RH works closely with other vendors to ensure the good working, to pass the soft/hardware certifications, to bring improvements and to troubleshoot in case of problems.

I think those videos are worth taking the time watching them, to have a deeper insight on what’s going on in the open source world about virtualization and clouds (yes I said the word!).

CloudStorm Brussels

Today, Cloudstorm took place in the Atomium in Brussels. This events gathered various companies, vendors, providers to present the state of cloud computing.

The introduction was given by Sun Microsystems’ Patrick Crasson, dismissing the idea that cloud computing is vaporware, even if other point to the Gartner hype curve. He told us that until now, the cloud was a technical bottom-up approach (what can we do with that?) but that the trends is now moving to a more interesting top-down approach (where is the business?) inducing a new paradigm. The cloud is now becoming an “Infrastructure as a Service” (yes, everything is a service now), providing not only computing but also storage clouds, and can of different types: private/public/mixed cloud (echoes something in my mind).

Patrick de Schutter pointed out risks and benefits of the cloud though his experience with Contact Office: (low or lack of) SLA, costs (not necessarily cheaper) and flexibility with fast provisioning; all of this are definitely crucial for businesses.

Other speakers went on the importance of exchanges/interconnection between clouds and the administration tools. Most presentations did not go into technical details (except for B-virtual’s comments on raid/zfs shortcomings) and tried to give a good technically-oriented overview of Cloud computing today.

For the story, I met a non-technical friend of mine during the meeting and asked him why he was here. He answered that he is a manager and that to take decisions, you need to understand the technical things. I just wish more managers were thinking like him and stops denigrating technical stuff!

Clouds, clouds, clouds

Another day, another article about the much hyped “Cloud Computing” trend. Hopefully, there are a lot of discussions going on to put things in perspective. Some just asks if Amazon’s cloud differentiates itself from cheap hosting. As I said before, it all depends on the application and the cloud is maybe not the best solution for hosting. If you’re small, you simply don’t need the cloud; and if you’re big, (Amazon’s) low SLA is big downside for anyone trying to make anything serious and reliable.

Others just put last month’s McKinsey’s report in question, especially regarding costs. The savings you could get by using the cloud are not so clear. The best approach is surely to put priorities and to proceed step-by-step in the migration to the cloud.

On the other hand,we’ve got a new report from the university of Berkeley on Cloud computing. The document present the cloud just as an old idea becoming real (at last), as a natural evolution of “XaaS”, everything as a Service and marks the difference between the types of clouds: (virtual harware) Amazon’s EC2, (application) Google’s AppEngine and Microsoft’s Azure. They make an interesting comparison with programming languages, once again pointing out the importance of the application.

Globally, the document focus on flexibility and costs, claiming that Cloud computing is transforming CapEx in OpEx and that the costs (high for EC2) must be put in the balance with the risk of over/under provisioning (in a standard owned DC) as well as eventual the scaling down of your infrastructure.

It also highlights the obstacles for the Cloud, mainly: availability, lock-in, security and performance in general.

Finally, let me put a good word on Amazon which is making progress as they announced monitoring, auto scaling and elastic load balancing to EC2 to improve reliability and scalability. What’s more: they also introduce import and export for physical data transfer. Is this an answer to the vendor lock-in that was pointed out?

Juniper summer school

Juniper offers online courses for juniper switching and routing this summer, including lectures and lab with instructors. You also get discounts on prometric exams. This comes for free but places are limited so register early.

Let me also remind you about the Juniper fast track program, which is more targeted to experienced users and provides content and vouchers for exams.

A great opportunity to improve your skills, pass new certifications or simply refresh your knowledge on Juniper.

Datacenter virtualization with VMware, Cisco, EMC

I had the opportunity  to attend a seminar organized by VMware, Cisco and EMC. It was about virtualization in the datacenter and a presentation of VMware’s last product: vSphere4.

The idea is basically to take the cloud in the enterprise and not out – that is, opposed to the proprietary clouds (like AWS for instance). This echoes what I said in my last article “Second thoughts on Cloud Computing“.  It goes even further by giving the opportunity to companies to build “private clouds”, that is, an internal cloud in their very own DC, eventually connected to some rented cloud from a provider.

VMware’s vSphere provides several interesting features. vApp provides a software-defined SLA (scalability, availability, …) for one or a group of Virtual Machines. Fault tolerance is implemented by letting two instances of a VM run: the real one and copy (shadow) on different machines. If the first fails, the second becomes active seamlessly. Power management is also covered by letting unused hardware power down (ie by night), but taking in account the HA/FT. VMsafe is one last new feature that act as a global security agent, replacing the scanner you had to install previously on each individual VM.

One of the problems with virtualization is shared networking. When a packet goes from a VM to another VM on the same machine, via the ethernet interface, the switch to which the interface is connected will drop the packet. This is because the ethernet specifications say that an incoming packet cannot be forwarded to the same port. And this is why a virtual switch is needed in virtualized systems. VMware implement such a virtual switch and provide an API to access it.

Cisco presented their Nexus 1000v virtual switch. It actually use VMware’s virtual switch’s API to give a Cisco-like CLI and to interconnect easily with other physical Cisco switches. The hypervisor is software and can be run on a applicance or on VM. Linecards are actually the machines’ NICs. Configuration is not done at the traditional physical interface level but is done by defining “port profiles”. This feature should probably be added soon in physical switches (and I wonder why they didn’t implemented that before).

There is multiple advantages of using the Nexus 1000v in place of the VMware’s virtual switch. Its separates clearly the roles of the network and the system administrators, giving to the firsts the tools they are used to (Cisco CLI). Every aspect of configuration in the port profile (ACL, SPAN, Port security) follow the VMs seamlessly during vMotion and ease the work of the administrator by ensuring automaticaly that the configuration is consistent across the cloud. It also bundles automaticaly redundant links between the Nexus 1000v and a physical switch with help of CDP.

Second thoughts on cloud computing

There is apparently a lot of criticism those days against Cloud Computing. CC was named by some people as the the silver bullet for datacenters, providing more flexible service, lower costs, easier and faster setup. But it seems that it finally reached its highest point of hype. With experience, people start to see CC’s limits and to realize that it isn’t simply going to replace all DCs.

We first got a report from McKinsey: “Clearing the air on cloud computing” (relayed on Techcrunch and the NY times).

While CC is great for SME (startups for instance, like commentag), it compete hardly with big companies’ owned-datacenters. Using the cloud implies also adaption to specific application and security architecture, as well as organisational changes to leverage its flexibility. It is said that CC is only really economicaly viable for pre-paid linux systems.

The report makes also a comparison for moving a whole DC to AWS. I personnaly think that the authors got it wrong in their comparison here. As I said before, I think that Cloud Computing is good for on-demand computing units, but nobody is going to use it in place of a usual DC. Another point is that the report examine cost of migration to the cloud but what about getting out of the cloud?

A good point in the report is mentioning low SLA available (if any). That was also one of my concerns when I investigated AWS for commentag.

Finally, McKinsey’s report advises big companies to do virtualization in their own DC in place than CC and insists on standardization of services through whole company.

Here is also a white paper on cloud computing from Maya design. They believe in a P2P-based cloud and not in the vendors’ (AWS, Google, Microsoft) solutions. The white paper points out that clouds today are proprietary and not compatible between them, and warns about the risk of vendor lock-in.

Finally,  I can also mention a discussion I had with a strategic business from Sun microsystems some time ago. As pointed by Maya Design, there is indeed the vendor lock-in and the difficulty of getting out of the cloud or migrating from one cloud to another. This can lead to many issues and, because of the migration, eventually higher costs in the end.

As a conclusion and based on my experience, I think that Cloud Computing is a great tool to answer specific needs; to help during traffic spikes for instance, or for a startup as the time to market is very short. But Cloud Computing is probably not going to replace the traditionnal Datacenter (at least not a external cloud). For big companies, I believe more in virtualization in the datacenter.

LPIC-1 passed, now linux certified

Got my results today for the LPI-101 and LPI-102 exams I took last week at the FOSDEM!

Some questions weren’t easy, as they are related to tools I never use (and probably nobody does).

Actually, I think that LPIC-1 need a little update. Some of the questions covers topics or tools that are not relevant anymore or changed during the last years. While it’s not that difficult for someone using Linux for years (I use Linux daily for more than 8 years now), it can be very challenging for newcomers and even disappointing to have to learn not-up-to-date stuff .

Studying for LPIC-1

Ok I’ll put my CCNP study on hold again. There is the opportunity to take the Linux Professional Institute (LPI) exams with approx. 50€ rebate during the FOSDEM (Free and Open source Software Developers European Meeting). It will take place in Brussels, February 7 & 8th.

I will try both LPI-101 and LPI-102 exams to get the LPIC-1 certification. I know there is lot to know to pass the exam but since I am using Linux daily for more than 8 years (good old Redhat 5.2), I think I have a chance to pass. BTW, I also learned a lot this year by administrating Commentag’s servers; including apache, squid (proxy), pond (loadbalancer) and more.

On the other hand, I have been more on network than on Linux lately. I’m not sure that I’m really up to date with recent changes in the Linux world. Hope two weeks will suffice to get updated.

Juniper Enterprise Routing book delivered

I mentioned some time ago that you could get a book from J-central if you register on their web site. Just received my copy of Juniper enterprise routing today.

The state of switching

Got a meeting with integrators lately. Very interesting discussion about the switching world.

Cisco’s new Nexus platform seems promising. It tries to merge network and storage worlds, in a completely virtualized system. While its core is based on a UNIX/linux system, the NexusOS keeps full compatibility with Cisco’s syntax as the CLI as been ported to the new platform. But since Nexus is new, we can put its maturity in question. Besides this, there is not much blades available yet.

Cisco’s Nexus is presented as 6500′s successor but in practice it won’t probably replace it so quickly. First, because the 6500 is a very performant platform which as proven over year its robustness. Second, it is very versatile, counting dozen of service modules. And on the other hand, the Nexus has to prove itself.

With Nortel planning to stop their metropolitan ethernet products line (and thus, its switches), it doesn’t leave much actors in Europe to compete with Cisco.

Of course, you’ve got Juniper, who recently released a switches product line. But as for the Nexus, those switches are relatively new. Anyway, it isn’t that complicated to find Juniper switching engineers

The discussion also was about the strategy of functionalities. The first is to use services modules like 6500′s FWSM or ACE. Pros are: ease of use, lower consumption and no compatibility issues. The problem with this strategy is vendor lock-in. Second strategy is to connect external pizza-boxes to your switch with a one-armed topology. Pros: flexibility, no vendor lock-in. But of course you have no central management and maybe compatibility issues.

One final point is support. A lot of switches vendors actually exist but most of them are based in the US and offer few or no support in Europe. Support is a concern for big companies and can influence their choice when selecting a vendor.