Hot Patching would be sweet...
I saw a VI 3.1x presentation last week in which hot patching of the host OS was mentioned very briefly using existing VMotion, DRS, and maintenance mode technologies.
Jason
I saw a VI 3.1x presentation last week in which hot
patching of the host OS was mentioned very briefly
using existing VMotion, DRS, and maintenance mode
technologies.
Jason
Seems to me such a presentation would be under an NDA of sorts......
I didn't sign any type of an NDA that I know of. The presentation I saw was part of the VI3 Roadmap.
You may not have but your company might
I didn't sign any type of an NDA that I know of. The
presentation I saw was part of the VI3 Roadmap.
I'm 99.9% sure that any roadmaps from VMware require an NDA... my company had to sign one when we saw the roadmap a few months ago.
Not trying to argue.. just sayin... I'd imagine they'd start cracking down on that sort of stuff especially with the SEC and everyone involved since the IPO
I saw a VI 3.1x presentation last week in which hot
patching of the host OS was mentioned very briefly
using existing VMotion, DRS, and maintenance mode
technologies.
Jason
Heh, it doesn't look he's giving much away here... All he mentions is three existing technologies...
Today:
Put Server in maintenance mode... wait for all VMs to VMotion off
Patch Server
Take Server out of maintenance mode...
Someday?
Push one button in Virtual Center that does the above three automatically? Nice... welcomed by all... but hardly a revolution in virtualization technology that needs to be kept under lock and key.
(But little steps like these DO keep VMware ahead of the competition... It's all about enterprise management now... I'd certainly love to see that)
I think the main thing is that it can effectively patch security issues "softly" until you can afford the downtime. I don't see it as a true patch management solution, more as a bandaid until you can do the real work.
Did everyone read this press release to say that the 'soft/inline patching' would be for the ESX host? I got the impression that it would be for the Guest OSes that are on the ESX hosts. I saw a presentation by a company called Blue Lane (www.BlueLane.com) that claims to have a virtual appliance that provides inline patching for Windows Guest OSes on ESX Hosts. It did this by providing a gateway between the requesting network and the Windows OSes. They used reverse engineered Microsoft patches to basically implement the patches on the gateway and inject them into the data stream. I do not work for them and I am not a customer yet but it sounded like a good idea for companies that are having trouble keeping up with Microsoft patches or that can't patch certain machines for one reason or another.
Rob
Mendel Rosenblum and other VMware keynote speakers have touched on this potential evolution in the last 2 vmworlds if I remember well. The (grand) idea would be to not even secure anymore the guest OS'es since it is the hypervisor (perhaps complemented by "systems virtual appliances") that could "shield" the Guest OS. This could be patching, could be firewalls etc etc ... Think about putting a Windows 2000 virtual machine with no service pack out there in the wild and not even bother about malware, worms, viruses etc etc .....
I think this is where we are heading to. It's getting past the phase of "running vm's is like running virtual machines" .... to get into the phase of "running vm's is much better than running physical machines".
Of course this is just my take ... I am not talking about htings that I know nor I have heard ..... all out of my imaginations and words spoken during those keaynotes.
And by the way if you ever wondered what are you going to do with 8+ cores per socket ........ here it is a hint.
Massimo.
the last 2 vmworlds if I remember well.
Massimo - are you going to make it to San Francisco this year?
Yes. I guess you will be there too since I have seen your name in a few sessions including the VMTN panel ..... how can I miss that ....
Massimo.
Massimo,
I agree, I think the Determina acquisition is to primarily provide new security features at the hypervisor level, although who knows where the future will lead.
If this story about VMware licensing technology from shavlik is true, this is probably how Windows VMs will be patched from VMware.
http://www.virtualization.info/2007/08/vmware-partners-with-shavlik-for-new.html
VMs better than physical, that is the goal!
Great! I'll see you there (along with 9,998 of our closest friends )