Gosh, it's three and a half years since Xen 3.0 first shipped.  Time flies when you're having fun.  Xen.org has announced the availability of Xen 3.4, which offers the community the results of a couple of major evolutions of the Xen code base and its community, as it has become a major player in the industry (I've seen IDC and Yankee surveys that validate that Xen is used for ~20% of virtualized server sockets today, with an accuracy of +- 3%.  It's going to be an exciting year...  Anyway, back to Xen 3.4.  Here are some major categories:

-          Xen Client Initiative (XCI) - Xen 3.4 contains a first release of the Xen client hypervisor to offer the community a compact client hypervisor with tons of features for testing and further development.  For the first time the Xen project is moving away from providing simply the hypervisor, and leaving it to vendors/users/developers to build their own system.  This release contains the whole enchilada, including Dom0, the management tool stack and Xen.  In other words, everything you need to be up and running with a Xen client system.

-          Reliability - Availability - Serviceability (RAS) - From a server-side perspective, Xen 3.4 has a raft of new  features to avoid and detect system failures, provide maximum uptime by isolating system faults, and provide system failure notices to administrators to properly service the hardware/software. The combinations of these services provide for a robust Xen hypervisor with fault-tolerant and back-up capabilities built-in.

-          Power Management - Xen 3.4 substantially improves the power saving features with a host of new algorithms to better manage the processor including schedulers and timers optimized for peak power savings.  Many of these changes are applicable to both client and server machines, but for example one of the features that I like on the client side scheduler is an ability to synchronize clock ticks to VMs for which the timer frequency is known, to maximize  CPU idle time and maximally utilize CPU awake time.  This is good for battery life on client systems where in general users are up for disappointment when they realize that more VMs (read: more security/flexibility) can easily translate into worse battery life.  This is the key reason that I decided to ditch a type-2 client side product recently, because my Mac battery wouldn't make it through a flight.

You can find the bits at the Xen.org website at: http://www.xen.org/download

It's interesting to see VMware's latest spin on the concept of "free".  They have finally got around to offering service providers free trials of various bits of VMware stuff in the hope that they will adopt the clearly non-free vSomething or vOther. This at a time when just about every public cloud is built on Xen, which is absolutely free, and moreover easily integrated into massively scaleable service provider environments.  However, in a rare moment (for me) I'm about to praise my worthy competitor:  VMware is doing a good job by pushing the virtual appliance vendors to adopt DMTF OVF standard format for their virtual appliances marketplace (VAM).  Our joint work in the DMTF will play a vital role in addressing customers' desire for "mix and match" of public and private clouds.  

VAM is a good place to start if you are interested in the concept of virtualized infrastructure components, and a great place to explore if you are seeking to build an entirely free virtual infrastructure on XenServer, or looking to run a VA on Hyper-V because Citrix Project Kensho allows you to take VAs from the VMware site and pull them into a XenServer or Hyper-V environment. 

Our pursuit of interoperability and portability for virtual infrastructure has pased a new milestone:  The Tech Preview of the free XenConvert 2.0 utility is now available for free download.  We'd love to get your feedback on its features. 

For starters, XenConvert 2.0 supports direct import of VMware VMDK virtual hard disks into XenServer, including all v2v operations.  It has also productized the Citrix Project Kensho implementation of the DMTF portable application packaging format, OVF (Open Virtual machine Format), which Citrix has helped to develop and standardize.  OVF virtual appliance packages will now directly import in to XenServer to instantiate a complex virtualized application stack, together with all of its relevant infrastructure resource requirements. 

XenConvert's v2v capabilities mean that even VMware dependent OVFs will be able to be imported into XenServer, which in turn means zero switching cost to XenServer.   Since XenServer itself is also free, my guess is XenConvert 2.0 puts you well into the black on your next virtualization project.  Finally, any VM you import into VHD files for use by XenServer can also be used in our provisioning services engine (the artist formerly known as Citrix Provisioning Server for Data Centers) to allow you to dynamically stream a VM onto any hypervisor and even bare metal!

Here are some other nifty features that the XenConvert team have added :

• •  Offline conversion of VMware VMDK into OVF/VHD for future import into XenServer via XenConvert or Hyper-V via Project Kensho
  • P2V conversion of native workloads into OVF/VHD for direct or offline import into XenServer via XenConvert or Hyper-V via Project Kensho
  • XVA (XenServer internal runtime format) to OVF/VHD for direct or offline import into XenServer via XenConvert or Hyper-V via Project Kensho
  • Substantially improved import transfer time of OVF/VHD files into any XenServer SR
  • OVF Signing for security and to check that packages have not been tampered with since creation

XenConvert is rapidly becoming a vital component in our tool bag because it offers customers portability between virtualization platforms, native and clouds.  It offers the industry a powerful answer to proprietary virtualization solutions.  More cool features will be included when XenConvert 2.0 ships for real, likely within the next 90 days.  Give it a whirl and give us your feedback.

In a recent post I posted some data to show that we are getting terrific performance results for XenServer and Intel Nehalem based servers.  In the first formal set of tests we found that the bottleneck on performance lies in the fact that the hypervisor still has to perform I/O on behalf of all guests, and so the system scaling limit is the rate at which we can scale the internal I/O stack.  I postulated that we would get some impressive numbers for  Nehalem based platforms using IOV enhanced 10Gb/s NICs, and contacted our friends at  Solarflare, asking if they would help to run some numbers using their 10Gb/s NICs, which offer a powerful direct hardware-to-guest acceleration path that avoids the necessity for the hypervisor to process I/O on behalf of the guests - allowing guests to interact with the hardware directly.Below is a summary of the initial findings for the  the Nehalem tests using XenServer 5.0 and Solarflare I/O acceleration.  Thanks to Steve Pope of Solarflare for his help.  It turns out that with a smart I/O architecture such as the Solarflare offload stack, when guests interact directly with I/O safe hardware, we can dramatically change the system performance, and basically saturate a 10Gb/s link, in both directions at the same time! :

Here's how the experiment is set up.  We have 2 physical servers, A and B, connected back to back with Solarflare 10G Ethernet gear. Each server is running XenServer 5.0 Update 3 with a single 8 logical core Nehalem CPU.

To create a traffic workload between the servers we ran  NetPerf TCP_STREAM pairs between Linux RHEL 5 guests (each pair spans server A and server B) and measured the aggregate throughput both with and without acceleration.

Non-accelerated

The configuration used 4 guests transmitting from A to B and 4 guests from B to A.  Raw results were: 

• (A -> B) 1094 + 1068 + 1046 + 1128 = 4336 Mbps
• (B -> A) 1019 + 1028 + 1050 + 1021 = 4118 Mbps

Total: 8.45 Gbps; Bottleneck: Hypervisor CPU

In other words, we confirmed the hypothesis that there is plenty more system capacity but that the hypervisor is I/O bottlenecked on behalf of the guests.

Accelerated
As previously, the configuration used 4 guests transmitting from A to B and 4 guests from B to A.  Raw results were:

• (A->B) 2355 + 2318 + 2296 + 2289 = 9258 Mbps
• (B->A) 2285 + 2295 + 2315 + 2350 = 9245 Mbps

Total: 18.50 Gbps

In the accelerated scenario we have basically maxxed out bidirectional I/O on a single 10Gb/s link, with only 4 guests! This is awesome.  I should mention also that the Solarflare architecture is remarkably clean and avoids much of the pain of dealing with SR-IOV (which deserves a full post in its own right, and I'm half way through noodling on).

Mark Angelo of Lanamark has clearly just signed a deal with Symantec and/or Parallels for Lanamark's capacity planning tools (which look pretty interesting).  Either that, or Mark and his pals at Parallels know more about virtualization than VMware, Citrix, the Xen community, Microsoft and Virtual Box. 

Mark correctly points out that Symantec has a portfolio of interesting point products that are relevant in the delivery market.  Altiris SVS, nSuite, Appstream and possibly other technologies that we don't know about are all relevant in the market - particularly Altiris, which is a well established vendor in the PCCLM space.   He states that Symantec is going to announce a compelling portfolio that competes with VMware, Citrix and Microsoft.  And he states that a good acquisition by Symantec would be virtualization vendor Parallels.

As far as the Symantec play with its Endpoint Virtualization Suite is concerned, Mark has correctly observed that Symantec brings some interesting assets to the table.  They are a player in PCCLM, and presumably their customers are demanding that Symantec respond to the clear strategic trajectories of the major application and desktop delivery vendors.  At the same time, Symantec is a good partner of ours in many areas.  I think it's fair to say that we're very comfortable that customers will prefer our solutions in those areas where Citrix has always played a strategic role - delivery of apps and desktops as a service - but that customers will have environments that include Symantec even in those scenarios, and we will work with Symantec to enable customers to succeed wherever that is the case.

Where Mark's enthusiasm about his new found friends leads him toward hyperbole, is the role of Parallels. Mark says:

"Enter Parallels. While Parallels has taken its time to build a bare-metal hypervisor, the company knew that it could not bring a second rate product to market given the fierce competition. So instead of launching Parallels Server prematurely, Parallels continued to build and refine a virtualization offering that is technologically superior to anything currently available on the market"  [followed by a feature list that is .. pretty unremarkable in any virtualization context]

While Parallels is a very respectable vendor that owns the "microslice" web hosting market world wide as well as being the initial leader in type 2 virtualization on the Mac, they have very limited credibility in the enterprise.  Could they get there with "technology that is superior to anything currently available on the market"? Sure.  So what's this magical technology? A type 2 hypervisor that is becoming bare-metal capable over time?  Perhaps I'll leave it to my friends at VMware to respond to that one. 

At the end of the day, the argument that Mark is advancing is similar to those I've recently heard from Red Hat about the superiority of KVM.  Just as with Parallels, I have no problem with KVM. It's just another (currently immature, but advancing) virtualization technology that will be in Linux, that presumably will become great over the timescale that all software becomes great.  Open source KVM will, by virtue of cross pollination, be compatible with Xen, and via our contribution of VHD support, possibly even be compatible with Hyper-V.  (Parallels is none of those.)  But both are just another way to virtualize a server.  No more, no less, no magic.

But look at the competitive landscape: With ESXi and Microsoft Hyper-V the hypervisor itself is free, and in the case of XenServer, the complete virtual infrastructure is free.  So arguing about another way to use Intel VT seems like a waste of time.  The conversation that I find myself engaged in with our customers relates to a much larger issue in the enterprise:  How can Citrix Essentials for XenServer and Hyper-V enable IT and lines of business to automate the lifecycle of their workloads, automatically orchestrate complex data center storage networks,  data networks and their XenServer or Hyper-V based vitual infrastructure to offer an agile IT infrastructure service to the business.  Users and application owners need direct role-based access to a lights out IT environment that is agile and accountable, yet that takes advantage of virtualization features offered by multiple vendors.   So, much as I enjoyed using Parallels on my Mac, I thinkit is important to up-level the vendor view of customer challenges beyond simply OS virtualization.   

Finally, while on the topic of Parallels, I've recently switched to Virtual Box which apart from being open source (like Xen)  has a great UI and excellent performance, useability and simplicity.  With Parallels initial lead now being challenged by both Virtual Box and VMware Fusion, I can't see any reason why I would recommend it.   That said, Parallels support has been excellent, when I've had to use it, and their disk utilities are very useful.

The much anticipated Intel Nehalem platform is now available from leading server OEMs - finally available on servers rather than the new Mac Pro machines a month ago, that is.  Now known as the Intel Xeon 5500 series, Nehalem is the codename for an Intel processor micro-architecture, successor to the Intel Core micro-architecture. The first processor released with the Nehalem architecture was the desktop Core i7, last November. The first system to use Nehalem-based Xeon 5500 series processors was the Mac Pro workstation announced in March 09, but glancing around the various server vendors, I see compelling offerings from Sun, Dell, HP and IBM are all raring to go.

Also today, the new free XenServer virtual infrastructure platform is available for download from over 250 partner sites worldwide.  The response to our decision to change our go to market strategy for XenServer has been tremendous, and the list of partners who have volunteered to host downloads for the product is testament to the incredible interest in the product. 

The coincidental timing of the two announcements couldn't be better.  Intel is on record stating  that a single Nehalem octo-core server can replace nine single core servers.  And if you run free XenServer on that, and fully utilize the available resources, you can easily double the number of servers you can replace. At the same time Nehalem, by virtue of its new micro-architecture and 45nm process, reduces system power consumption by about 20 per cent.  So one new server can probably replace a rack full of legacy systems.   

Bernie Hannon in our performance lab has been doing some performance tests on Nehalem - pitting the  Xeon® E5570 against the Intel® Xeon® E5405 (Dunnington) using XenServer. His tests simulate a Microsoft SQL Server 2008 transaction processing workload and measure the I/O capacity of the configuration using SQLIO. His full results will be published this week and I'll link to them.  He has a blog out today too, which discusses some of the same results as I have below.  In the interest of minimizing redundancy, check his post for the authoritative performance results.

SQLIO allows us to benchmark disk read and write performance for the host server configurations used tests using DBHammer. We tested disk reads and writes using two common SQLIO sizes, 8K (random) and 64K (sequential), allowing for the fact that both are typically present in SQL Server workloads depending on how the user has optimized for IO. By their nature, random data reads and writes are not very efficient and are performed in smaller increments (8K) to minimize IO request servicing latency. On the other hand, sequential disk reads and writes are more efficient, produce less latency and can therefore be performed in larger (64K) chunks.  Most users optimize their SQL Server environments to minimize the number of random read/writes.

We simulated a transaction processing workload with a 10 million record database against which we used DBHammer to generate transaction typical SQL Server 2008 client workloads. We started with 200 simultaneous clients, and then steadily incremented the number of simultaneously active clients in the DBHammer workload. Each client workload test ran for 30 minutes, with measurements beginning at 10 minutes and lasting for 20 minutes.   We measured max transactions-per-second every fifteen seconds, and added additional client workload in increments of 200 clients until the average CPU utilization of the system under test reached 90%.  

To summarize the results: We found that the Intel® Nehalem Xeon® E5500 class CPU shows a remarkable performance gain over the Xeon® E5400 - offering an average speedup of about 53%. The Xeon® E5405 system reached peak utilization with about 1000 clients, and CPU utilization of 95% was reached at the 1,600 client workload level, with a maximum of 13,708 TPS.  The graph below summarizes the results.  Bernie's full results are herebut you may need a login to get them.  In these results the system appears to be substantially  I/O bottlenecked (the system is spending much of its time processing I/O on behalf of the guest(s)).  I'm looking forward to getting some test results for Nehalem platforms using IOV enhanced 10Gb/s NICs, which is currently in flight with our friends at Solarflare.  More results soon.

Satori was the original project name for the first XenSource / Microsoft project under which we delivered  components to Microsoft (for free download for use with Windows Server 2008 Hyper-V)to enable Xen-ready Linux guest OSes to run with optimal performance on the Hyper-V hypervisor.  This involved developing an adapter that ensured that what we call paravirtualized (and Microsoft calls enlightened) Xen VMs could interface directly to the hypercall API of the Hyper-V hypervisor and run with optimal performance, while respecting the need for a clear line of separation between GPL and proprietary code bases.   

In addition to the Satori hypercall adapter Satori delivered  enlightened disk (StorVSC) and network (NetVSC) drivers for Xen-enabled Linux guests on Hyper-V, that interface directly to the I/O Virtualization Stack in the Parent Partition of the hypervisor via the VMBus ABI.  This optimizes virtualized I/O for high performance and removes the need for emulation of legacy hardware.  Hyper-V VMs are completely compatible with the now free XenServer virtual infrastructure platform as a result of our close attention to driver and virtual hardware compatibility with Microsoft.

We are now adding an enlightened mouse driver (InputVSC) to offer major usability enhancements for Linux guests on Hyper-V.   The reason for the delay in releasing this driver is that it requires interaction with part of the USB framework in Linux, for which no GPL exports are available. To workaround this limitation the InputVSC driver code is based on a back-port of the HID driver used in upstream versions of Linux which does have GPL exports.  Code linked with the back-ported HID driver also needs to be released as GPL v2, which is what xen.org has now done. You can download the InputVSC driver for Linux guests for Hyper-V here.   (the enlightened mouse comes from [here|http://www.childrensillustrators.com/illustratorDetails.cgi/32627])

I'm not sure why, but there's a ton of speculation in the Blogosphere today about the so-called XenClient from Citrix.. (Apart from the fact that there is nothing called XenClient - it's Project Independence).

1. The writer is misinformed. If you want to see a video demo of one particular use case, see here.
2. It would be foolish to assume anything about the product that Citrix will deliver to market.  For starters, we're still evaluating key opportunities and putting pieces together to deliver on specific use case scenarios so any presumed intelligence is almost certainly wrong.
3. If you want to know what we're actually doing, show up at Synergy, and see for yourself.  There will be more relevant tech and more relevant product to your world than ever before at this event, and a whole lot less marketing BS.  Moreover Geek Speak Live offers a no-holds-barred opportunity for you to challenge presumed experts (including me) on every aspect of our strategy.

Meanwhile, consider this to be nothing more than nonsense anything else you read on the web without thinking.

Last week was a good one for XenServer.  Within just a few days of each other:

• Virtualization Review published benchmark performance test results that showed XenServer to be "the porsche of hypervisors" while acknowledging the excellent runner-up performance of Hyper-V (no surprise there - same architecture, smart chaps, large team) and the rather pokey performance of ESX
• An announcement that SAP has selected XenServer for virtualization of its XenApp farms, in a deployment over 500 servers
• An announcement thatTesco PLC is using XenServer to virtualize its mission critical point of sales transaction software in a deployment of over 500 HP servers.

(Oh, and XenServer Virtual Infrastructure, including all management is 100% free. Get it here)

Combined with the detailed and thorough independent benchmarks of Project Virtual Reality Check, these recent market validations place XenServer at the very forefront of virtualization, and are a tremendous validation of the hard work of the XenServer crew, and the incredible commitment by the powerful Xen community, which develops the engine of this Porsche. 

The Tesco announcement is personally important to me:  Some 40% of food in the UK is purchased at Tesco, and all those point of sale transactions cross XenServer in real time. So when my mum swipes her card at the check-out, XenServer needs to do its thing!  Personal too, in that this deployment, targeted at 1,500 servers, plays a key role in enabling Tesco to reach its commitments for a reduced carbon footprint.  Sure, XenServer does that every day, in countless enterprises and clouds, but this one is a little more personal.

The stand taken by Keith Ward and team at Virtualization Review is also personal.  Though Keith has been quick to point out that his team did not violate the VMware EULA in its performance benchmarking of XenServer, Hyper-V and ESX, FUD from the VMware side appears to allude to the fact that this may be so.  Hats off to this courageous team which attempted to provide a thoroughly unbiased comparison of the performance of the three hypervisors, and continually consulted VMware for guidance to ensure that they were using valid use cases:"The Porsche of hypervisors? XenServer. Raise your hand if you saw that coming. It outperformed Hyper-V and ESX in most categories. The pokiest? ESX. Again, not at all what I expected. In fact, even in the few tests ESX came out on top, it barely edged out the competition. Microsoft did well across the board, and is definitely a fine product."

Of course, I immediately wondered what my friends at VMware would do to spoil the party.   Remember, this is the organization that challenged IDC and Yankee group on their empirical research that showed VMware was vulnerable to Microsoft Hyper-V and Xen, and losing share to both.   

The VMware benchmarking team are smart folks.  They appear eminently reasonable:"Benchmarking is a difficult process fraught with error and complexity at every turn. It's important for those attempting to analyze performance of systems to understand what they're doing to avoid drawing the wrong conclusions or allowing their readers to do so. For those that would like help from VMware, we invite you to obtain engineering assistance from benchmark@vmware.com. And everyone can benefit from the recommendations in the Performance Best Practices and Benchmarking Guidelines paper.  Certainly the writers at Virtualization Review can."

However Eric Horschmann slaps Virtualization Review with the conclusion that "We're Not Against Benchmarking - We're Only Against Bad Benchmarking" implying that VMware had no input into or approval over the results, and moreover asserting that benchmarking is such a deep science that it clearly is only accessible to a small VMware clique whose methodology is not to be shared with mere mortals.

In Horschmann's rather lengthy but shallow critique of the work done by the Virtualization Review team, he only mildly alludes to the fact that VMware engineers were in full approval of the methodology and tests used.  Keith Ward confirms that"We talked extensively with VMware during the process, and an engineer in the benchmarking department approved our methodology before we went to press."
Moreover"To ensure the validity of our test results and testing environment, we enlisted the help of Stuart Yarost to formulate and validate the test plan. Yarost is an ASQ Certified Software Quality Engineer and Certified Quality Engineer with more than 22 years' experience in the software and quality fields. Yarost currently holds the position of Vice Chair of Programs for the ASQ Software Division. A special thanks to Yarost for his help."
Now, given that XenServer is doing so well, I'm inclined to be really positive to the folks in the corner with the black eye.  So let's assume Eric Horschmann and the lads at the VMware Ministry of Truth are right.  That means

1. Keith Ward, Rick Vanover, Stuart Yarost and team (including engineer from VMware who approved of the methodology), you're all idiots.
2. Benchmarking hypervisors requires deep science, and ESX as the industry leader is profoundly deep, requiring such profoundly, super deep expertise to tune and benchmark that it is just not possible for ordinary humans (hence the VMware EULA that forbids publications of comparative benchmarks - and Horschmann clearly states that this is why the EULA is so restrictive). Virtualization Review was foolish to think that even with a staff of trained VMware engineers, an independent consultant, and advice and approval from VMware, that it would be possible to reproduce the fine art that is uniquely owned by the VMware benchmarking team. (I've commented on this previously in "VMware Wins! (Bad Science Required)". What they didn't know of course is that results are meaningless - this is just spin.
3. Since rational, well disposed folks trying to make their ESX installation work as well as possible failed utterly in the attempt (that is, XenServer and Hyper-V clobbered ESX on performance), we conclude that probably no normal user could get ESX to perform either.  It really is a super complex (expensive) hypervisor, and it's so difficult to get to work that if you're merely a well intended VMware user, you have no hope.
4. Therefore, probably most VMware installations run extremely badly, since they are run by mere mortals who could never understand how deep and fickle the beast called ESX is.  And even if you've spoken to a VMware engineer about how to get it right, you're probably still doing it wrong.

Wake up VMware.  Your response rings hollow, and we are afforded yet another laugh at your expense.

I've spent the last day or so at Cannes meeting channel partners and customers who have been responding to the announcement that Citrix has declared XenServer virtual infrastructure to be absolutely free, and our additional annoucements of our  powerful value-added virtualization management capabilities in Citrix Essentials for XenServer and partnership with Microsoft to offer Citrix Essentials for Hyper-V.

The response has been fantastic, and almost overwhelming.  Across the board, customers, analysts and partners I have met have responded positively to the Citrix announcements.   Every CIO I have met in the last couple of quarters has had their budget cut, and is faced with the difficult task of moving IT forward in challenging economic times.  XenServer offers, free of charge, a complete virtual infrastructure package that delivers what every enterprise and every cloud needs to accelerate their goal towards a virtualized, automated, service-centric IT function that is agile and responsive to business needs.  

The powerful response to our announcement both in person and via blogs and email shows how important our move has been.  Customers who have been purchasing virtual infrastructure for resource pooling, live migration, optimal VM placement and who need built-in HA for management, powerful storage management, resource pooling, built-in DR and backup enablement, and with powerful AD-integrated, role based centralized managment for multiple resource pools  will find in XenServer a complete free Enterprise Virtual Infrastructure solution.  Citrix partners I've spoken to are excited because they think this accelerates their opportunities for value-added feature sales of Citrix Essentials for XenServer, as well as offering them a compelling value-added sale to the rapidly growing Microsoft Hyper-V footprint.  Here are just a couple of the over 150 positive news responses I've seen:

"[XenServer's] performance is great, the software is quite easy to install, use and manage, and it provides nice features in terms of management and Storage management." - LeMagIT

"When Citrix releases such a rich enterprise package for free, what company can afford to skip a XenServer evaluation in the current economy?" - virtualization.info

"Here's the real VMware dig---it eliminates virtualization's high entry price in a tough economy" -HP SysCon
 

"The highlight of the Citrix announcement - is going to put a lot of competitive pressure on VMware, commented Andi Mann, vice president of research at Enterprise Management Associates." - eChannelLine

Today a couple of commentators and interviewers asked me whether our move was one of desperation - essentially questioning whether Citrix is commited to XenServer and the virtualization market.  Of course we are. XenServer revenue grew over 800% last year!  What we are doing is accelerating our opportunity and at the same time offering customers and partners a unique opportunity to change the game in how virtualization is delivered and used by customers.  We are just shy of 6000 enterprise customers with XenServer, and whenever we compete head to head, we win.  This move is designed to get our product into use by more customers, ensuring that our commercial opportunity (in terms of Support and Citrix Essentials for XenServer sales) is further accelerated by direct pull from the customer base.  Xen is the engine powering the largest virtualization deployment in the world, Amazon Web Services.  The future is bright for Xen and XenServer. Over 100,000 different organizations use XenServer today, and XenServer is used in some of the largest production deployments of virtualization. (The largest of which I am aware is just shy of 10,000 servers).   

XenServer is the software foundation of the Citrix Delivery Center portfolio and the fact that we have chosen to accelerate the adoption dynamic for our core platform is nothing more than a clear signal of our commitment to Xen and XenServer. "Free Virtual Infrastructure" is much more than a "Free HypervisorIt's important to realize that Citrix is giving away a free virtual infrastructure platform and offering for-fee advanced virtualization management capabilities for those customers that choose to add on these capabilities. The advanced capabilities are those that customers will want for different production deployments of virtualization, for which we fully expect purchases of Citrix Essentials for XenServer, together with production Support.  We fully aim to dramatically accelerate the growth of our business in virtualization, by addressing advanced needs for automation, including High Availability, Dynamic Workload Management (DRS), StorageLink dynamic storage automation, complete workflow based orchestration, dynamic provisioning of VMs, and complete virtual machine lifecycle management including virtual Lab and virtual Stage management.  At the same time, users should compare the  free XenServer with VMware's free ESXi base hypervisor gimmick that has no production level features whatsoever.  We fully expect the free version of XenServer will satisfy the virtualization needs of the vast majority of organizations and remain committed to enhancing the value of the product over time.

Microsoft And Citrix Partnership

The response to our partnership with Microsoft in virtualization, with our offering of Citrix Essentials for Hyper-V and Microsoft's commitment to support  XenServer with System Center Virtual Machine Manager, has been equally powerful.  The Microsoft field is charged up and ready to run with Citrix Essentials for Hyper-V, and does so confident in its long standing partnership with Citrix.   Citrix has built a strong and sustainable business during its 20 year partnership with Microsoft, and our move enables us to offer customers a rich set of virtualization managment capabilities for both XenServer and Hyper-V.   I must confess being dumbfounded by VMware CEO Paul Maritz's statement yesterday to the effect that users are no longer developing applications for Windows or Linux, but instead for VMware.- further proof that VMware continues to believe in the imminent "death of Windows.".  Citrix enjoys a strong alliance with Microsoft for application, desktop, and server virtualization. We believe that many customers will adopt Hyper-V, and given our rich set of advanced management tools applicable to both XenServer and Hyper-V, it makes perfect sense to extend our partnership with Microsoft and capitalize on the Hyper-V market opportunity while we continue to move forward with Xen and XenServer.  Citrix Essentials for XenServer and Hyper-V respectively are designed to offer equivalent price/feature capabilities to both platforms, effectively doubling our market opportunity.

The Xen Hypervisor goes from Strength to Strength 

 While I'm sure my friends at VMware would like to see Xen go away, they are probably completely oblivious to the fact that the xen.org Xen Summit is under way at Oracle this week, with over 120 of our developers present, representing more than 30 key contributing organizations to the open source hypervisor.  This is amazing given the down economy and pressure on travel budgets.  Xen continues to go from strength to strength, and what's more amazing still is that one single code base offers the world's most scalable open reference hypervisor from clouds, to enterprise datacenters and to rich client desktop devices and PDAs.  Can ESX match that?  No, ESX is still a 32 bit x86 only hypervisor with narrow focus and highly limited capabilities.  Customers tell me one of the reasons they are throwing out ESX is that it takes 6 months for VMware to offer supported drivers for new hardware that they purchase.  What a waste.  What a great example of a proprietary code base .failing to keep up with the pace of innovation.  ESX has become a burdensome, bloated OS in its own right.  Its requirement for patching and regular maintenance has ballooned over the years; over 150 patches have been issued for VI 3.5 in just over a year since its release.  VMware also experienced a very high profile reliability issue with the recent Update 2 bug, which brought many of their customer environments to a halt.  By comparison, XenServer 4.0 has been on the market for over 18 months and has required issuance of just 4 patches.  Despite VMware's claims about cost-savings, they ignore the new, ongoing maintenance costs that are introduced with their solution.

The VMware FUD Accelerates

VMware has issued a FUD-focussed response to our announcement.  I received it moments after they blasted it out to attendees at VMworld and to their channel, clearly rattled to the core by our announcements.  VMware's responseis 100% inaccurate, and wholly unworthy of a tit-for-tat response.  To my mind any vendor that adopts an approach of blatantly misrepresenting the facts, and actively misleading its partners, customers and the ecosystem in response to announcements by its competitors clearly signals its fear and desperation - and ought to leave its customers questioning the wisdom of their investment in a closed, proprietary, one-vendor-fits-all, expensive and out dated virtualization platform.
 

If you're reading this, you already know the news: XenServer, our enterprise virtual infrastructure platform is now free (including resource pooling and live relo), and we have announced Citrix Essentials for XenServer, and Citrix Essentials for Hyper-V as our virtualization management portfolio that offers a rich set of automated functions that drive the compatible virtualization layers beneath - the free Hyper-V hypervisor from Microsoft, and the free XenServer Enterprise virtual infrastructure platform from Citrix.  Finally, and most importanly, we announced a powerful go-to-market roadmap with Microsoft.

Response to our announcements has been extremely positive, from our partner Microsoft to our channel partners and resellers, and many many customers and users.  There are the expected nay-sayers too, but someone had to drink the only thing that you get free from our competitor - VMware koolaid.

That said, I wanted to explain why we've made this change and why it is so important for Citrix and the XenServer crew:

1. Times are tough, and they are probably going to get tougher.   Now is a good time to dramatically ease the cost of adoption of virtualization, and a good time for Citrix to make a very significant contribution to the well-being of its customers. 
2. There are about a million servers running XenApp / Terminal Services.  With the incredible work that the XenServer team has put in optimizing for this workload, we can state with great confidence that just about every one of those workloads is a good candidate for consolidation.  We want to help our customers save money and gain agility.  Including XenServer as a supported component of the XenApp product, and therefore as an entitlement for our 220,000+ XenApp customers is the best way to accelerate this trend.
3. The Xen footprint in the enterprise to date has been predominantly delivered as a component in Enterprise Linux.  But the Linux management tools for Xen are pretty weak or non-existent.  We want anyone using Xen in Linux in the enterprise to start using XenServer instead.  You'll get better performance, greater reliability and fantastic management, with full Linux and WIndows support, absolutely free
4. We know that when we get into deals head to head with VMware, we tend to win.  XenServer's reputation for performance, ease of use and functionality at an incredible price, has led us to victory recently in major enterprise accounts such as Tesco PLC, where XenServer runs complex mission critical software systems.   To grow the XenServer business faster, we want to get more value to customers, sooner, and get them to demand fulfillment of the upgrade functions in Citrix Essentials, in a more scaleable fashion.  Hence, having the complete resource pooling, shared storage and dynamic infrastructure control in the free platform allows us to make the product that much more compelling out of the box, and encourages customers to want to purchase both support and additional features
5. There is a wealth of cloud/MSP vendors that today use Xen in Linux to virtualize their infrastructures and enable them to become VM-agile.  There is no reason why every such cloud should not use XenServer, and in so doing also offer hosted Windows VMs, with all the features of dynamic hot-plugging etc.
6. Simplifying the XenServer product line with XenServer and Essentials allows us to develop a powerful market partnership with Microsoft for server virtualization - framing a key aspect of our ongoing partnership in virtualization

That's about it really.  Changing the dynamics, adjusting to the reality of the market.  Aiming to win more share with a direct appeal to our end cutomer, and strong value propositions for our channel partners to deliver. 

See you in Cannes

Today Dutch Meyer of UBC, and Jake Wires of the Citrix XenServer storage team in Vancouver submitted our implementation of the Microsoft VHD virtual hard disk format to the Xen community for inclusion in the open source code base.    So, if you want to write applications that read/write and process VMs in VHDs, you now have everything you need.   The software is licensed under the BSD license.

Why are we doing this? 

• First, the various Xen implementations from the Linux vendors vary wildly in their support for virtual hard disk images, and the performance of their implementations.  Thus far we have yet to see any good implementations of VHD in the Linux vendor category.    Cluttering users' storage with raw image files without any of the benefits of the built-in capabilities for snapshotting, cloning etc that are fundamental primitives in any production virtualization environment, is just a bad idea.    
• Second, since the majority of VMs will be in the VHD format in future, we want to enable the ISV ecosystem to adopt the format and quickly deliver a rich set of add-on capabilities that allow users to be more productive in their virtual environments.   VHD is more than just a VM format used by Hyper-V - it's a delivery format from Microsoft for future versions of Windows.  The format is documented publicly and the specification is available under the Microsoft Open Specification Promise program.   
• Third, with Xen as the dominant hypervisor in use in the world's largest clouds, we want to enable cloud operators to benefit from our optimized implementation of  the VHD format to accelerate their progress towards hosting Windows in their clouds.    Being an optimistic chap, and noting VMware's sudden warming to open source, there is presumably a non-zero chance that they will pick up our VHD code, realizing that VMDK will at some point go the way of the dinosaurs. 
• Finally the code also supports QCOW, which means it should be easy to adopt for Linux distros that have been living in a parallel universe without VHD support.  Hopefully the QCOW team will implement the VHD support as another supported format within QCOW, which would be extremely powerful.

The release notes follow.These patches contain a completely rewritten blktap implementation and are an open source release of what Citrix intends to use in future releases of XenServer.   
They also contain Citrix's implementation of the VHD image format.

VHD is what XenServer uses to store file-based images, and this code is considerably more robust and efficient than the qcow implementation that is in the tree today. 
Benefits to blktap2 over the old version of blktap: 
* Isolation from xenstore - Blktap devices are now created directly on  the linux dom0 command line, rather than being spawned in response  to XenStore events.  This is handy for debugging, makes blktap  generally easier to work with, and is a step toward a generic  user-level block device implementation that is not Xen-specific. 
* Improved tapdisk infrastructure: simpler request forwarding, new  request scheduler, request merging, more efficient use of AIO. 
* Improved tapdisk error handling and memory management.  No  allocations on the block data path, IO retry logic to protect guests  transient block device failures.  This has been tested and is known  to work on weird environments such as NFS soft mounts. 
* Pause and snapshot of live virtual disks (see xmsnap script). 
* VHD support.  The VHD code in this release has been rigorously  tested, and represents a very mature implementation of the VHD image  format. 
* No more duplication of mechanism with blkback.  The blktap kernel  module has changed dramatically from the original blktap.  Blkback  is now always used to talk to Xen guests, blktap just presents a  Linux gendisk that blkback can export.  This is done while  preserving the zero-copy data path from domU to physical device. 
These patches deprecate the old blktap code, which can hopefully be removed from the tree completely at some point in the future.

Under the guise of science (lots of graphs, configuration parameters and techno speak must mean they are impartial, right?) the "performance team" at VMware has published compelling performance data for ESX 3.5 versus XenServer 5.0 and native, for virtualized XenApp workloads.  

Congratulations are in order.  The VMware team has done a fabulous job of searching to find a single instance of a set of parameters for ESX & XenServer that, under a carefully crafted set of "simulated user behaviors" shows ESX outperforming XenServer for the XenApp workload. 

As a former academic, I'd give this mumbo jumbo an F grade.  Bad science, bad scientists, uneven playing field: 

• First, the VMware claims are not independently reproducible.  Like every claim on performance that VMware makes, only they can make it and nobody can refute it, because nobody else can publish results for comparative tests between VMware and any other product.Their EULA forbids it.  So, these results are true by definition, from your pals at the VMware ministry of truth.  By contrast, an open, independent set of tests run by Project Virtual Reality Check, a benchmarking project conducted jointly by two Citrix/VMware solution providers in the Netherlands finds results wholly at odds with VMware's.  Our own performance tests have also been independently validated by the Tolly Group (to whom VMware also denied permission to publish comparative results against ESX).   Project VRC concludes that
  • XenServer supports between 118-128% more users per host than VMware ESX for XenApp VMs configured with 1 vCPU.  For example: Test 5 on XenServer and Test 8 on ESX (which were identical tests) tested 4 VMs with 1 vCPU and 4Gb of memory per VM, and shows that XenServer's optimal user workload is 86.5 users whereas ESX is just 38 users
  • XenServer supports between 42-68% more users per host than VMware ESX for XenApp VMs configured with 2 vCPUs.  For example Test 8 on XenServer and Test 16 on ESX (which were identical tests) tested 4 VMs with 2 vCPUs and 4Gb of memory per VM, and shows that XenServer's optimal user workload is 124.5 users whereas ESX is just 82.5 users.
    
• Second, the VMware "study" is not a thorough exploration of a valid set of parameters for the Terminal Services / XenApp workload.  Instead, it is a narrow look at a particular set of configurations which are not reasonable in practice:
  • No test of 32 bit workloads - the primary candidates for server consolidation for this workload because a 32 bit OS exhausts its memory at 4 GB and a modern server can pack hundreds of GB and many cores.  Our work in this area has shown a compelling benefit to virtualizing TS/XenApp 32 bit workloads on XenServer, and an equally compelling set of reasons not to use ESX for this purpose.
  • Unrealistic configuration - The server used in the tests is certainly punchy - the machine had 64 GB RAM and 4 processors--each with 4 cores (16 total processor cores).  Anyone familiar with 64b TS/XenApp knows this machine could easily  support hundreds of XenApp sessions.  But the "scientists" at VMware don't.  They instead chose to run exactly  one VM (with only 2 vCPU's and using only 25% of the available memory) and XenApp at minimal levels of concurrency (i.e. 10-40 users).  No multi-VM scenarios, no tests at useful user-counts.  Based on their measurements they appear to gleefully extrapolate deeper into the realm of fiction to proudly pronounce their horse the winner. 
    ** In our own work in this area, we found XenServer and other virtualization platforms to be roughly equal for this rather absurd set of parameters.  But for high user counts, the numbers are radicaly different.  We suitably anonymized the non-XenServer results, which are reproduced from the Tolly report.  Quiz of the day, which result do you think is ESX?:
     
• Third, even VMware's users and partners are challenging their "results".  This study is so one sided that the majority of the blog followups on VMware's site from its partners and customers point out how ridiculous they are.  Since the "performance team" may well redact them, here are a couple, saved for posterity:
  

VMware's continued blunders in the performance arena are nothing short of embarrassing.    So I've decided to issue an open challenge to VMware CTO Stephen Herrod: Steve, it's time to rein in the monkeys behind the keyboard, end VMware's indefensible EULA restrictions and allow independent performance comparisons of your products with others, by third parties with a vested interest in accuracy and independence.  This sort of nonsense does nothing for VMware's brand credibility, its customers, channel partners or competitors other than give us all a hearty laugh at your expense. 

I've long been opposed to the VMware ESX EULA restriction on publication of performance comparisons between VMware's products and those of its competitors.   VMware clearly believes that "it's all too complicated for normal users" so you can only publish comparative results if you first get VMware's approval, which tells me that (a) they underestimate their users and (b) they likely have something to hide.  And judging from the VMware VMTN forums, many of their users agree.    By contrast, our view is that if we (either in xen.org or in XenServer) have a performance or security issue, then we'd like to see it publicized as loudly as possible, because it will get fixed sooner that way.   Even VMware IHVs and ISVs can't publish their own performance comparisons with VMware (let alone other products).

When we launched XenServer 5, we used independent performance consultancy The Tolly Group to verify our claims of vastly superior performance for XenApp/Windows Terminal Server environments virtualized on XenServer, by comparison to other virtualization platforms.  Both Citrix and Tolly Group requested permission from VMware to publish comparative results.  Those requests were denied.   Nonetheless, we claimed on the basis of the Tolly tests that XenServer is up to 70% more efficient than other virtualization platforms for this workload (a mere million or so servers, worldwide it turns out).  But we still really needed an entirely independent, technically qualified validation of our claims - and other virtualization performance claims in general.

 In that spirit, it is a great pleasure to welcome the contribution of two of the smartest virtualization practitioners in the value-added reseller community, Jeroen van de Kamp of Login Consultants, and Ruben Spruijt of PQR have launched Project Virtual Reality Check to provide independent, thorough, validated and vendor neutral performance data for virtualized environments.  To quote Ruben:

"This is an independent research joint venture between our companies Login Consultants and PQR. The primary purpose of VRC is to release multiple whitepapers to provide information about the scalability and best practices of virtualized Terminal Server and Desktop workloads. The first phase of Project VRC on virtualizing Windows XP and 32-bit Windows 2003 Terminal Services on ESX, XenServer and Hyper-v. The whitepapers can be downloaded freely from www.virtualrealitycheck.net. The goal of Project VRC is to investigate, validate and give answers to the following questions:

• How do various Microsoft Windows Client OS's scale as a virtual desktop?
• How does a VDI infrastructure scale in comparison (virtualized) Terminal Server?
• Which performance optimization on the host and guest virtualization level can be configured, and what is the impact of these settings on user density?
• With the introduction of the latest hypervisor technologies, can we now recommend running large scale TS/CTX workloads on a virtualization platform?
• How do the two usage scenarios compare, that is Microsoft Terminal Server [TS] only, versus TS plus XenApp?
• How do x86 and x64 TS platforms compare in scalability on bare metal and virtualized environments?
• What is the best way to partition (memory and vCPU) the Virtual Machines the hypervisor host, to achieve the highest possible user density?

All together over 150 test have been carried out. However, project VRC is not finished, and probably never will be. Additional publications are planned about virtualizing x64 workloads and the other (Vista and Windows 7) client OS's. Also, we look forward to evaluate new innovations in the hypervisor and hardware arena."

Hats off to these guys for making this  a freely available resource and for contributing their expertise for the benefit of the virtualization user-community.   They will doubtless be talking about this in more detail at the upcomingVirtualization Congress - the industry's firstvendor neutral virtualization showcase. 

It will be fascinating to see the VMware response.  If they're smart they'll embrace this effort.  So who knows what to expect?

Tom Valovic posted an interesting article about an interview with Stuart Robinson of Teradici on the purported benefits of Teradici's PC over IP protocol licensed by VMware.  Tom reports on a Teradici claim that PC over IP has a lead over ICA in that it has an ability to dynamically adjust the bandwidth needed by the remoting protocol, in response to available network bandwidth.  Specifically, Robinson (who actually knows better) claims that ICA has no such ability. 

Wrong.  Citrix ICA has had an ability to dynamically adapt its coding algorithm not only in response to availability of network bandwidth, but also in response to available encode/decode capabilities at the server and client side respectively, for over two years.  This allows ICA to deal with complex rendering problems with grace and to deliver high fidelity across a highly disparate set of server/network/client combinations, dynamically adapting as system conditions change. 

Of course PCoIP is interesting, but it's "just another protocol" with small user base.  It's not even particularly useful as a software based encoding algorithm, which seems to indicate that VMware is rather desperate.  Moreover, conversations I've had with the OEMs who adopted Teradici chips to hard code PCoIP into the server, that approach is proving to be a difficult sell to customers, since it  ties the server forever to a particular (version of a) delivery protocol from a particular vendor in a narrow proprietary architecture, and moreover it is really only useful in tethered enterprise LAN based configurations today.   In contrast, in both XenApp and XenDesktop ICA is an optimized software only solution and runs superbly on any server, meaning that the server can be repurposed at any time.  Moreover, when running Microsoft TS / XenApp virtualized on XenServer, the architecture has been independently shown to be 70% more efficient than any other virtualization platform.    Just the benefits in terms of number of users per server with XenApp on XenServer would completely obviate the need for any hardware based encoding.    Bottom line: if your hypervisor can't offer the raw performance needed for remote delivery protocols such as TS/ICA, licensing a hardware-optimized protocol in the hope that it will work well in software definitely is not going to change the game much.

If you're addicted to virtualization.info like me you'll have seen the announcement by Alessandro Perilli that the industry's first vendor neutral virtualization conference, Virtualization Congress 2009, will be hosted virtualization.info in Las Vegas at the same time as Citrix Synergy 2009 - May 4-8 2009.

Alessandro's goals for the Virtualization Congress are to make it the industry's premier showcase for virtualization technology, products and business strategy.   If you're under the illusion that VMware's VMworld serves that purpose today, you probably also failed to notice that at VMworld even gold sponsors (like Citrix and Microsoft) are only offered one opportunity to present at the conference, and that 99% of the sessions are dedicated to VMware's technology and products.  Indeed at VMworld in Las Vegas in 2008 I found that my session was somehow miraculously scheduled to occur in the last hour of the last day in the meeting room furthest from the elevators and escalators, and with barely enough seating.  The Microsoft folks complained of similar treatment.  (The highlight of the show for me was the huge showing of the press, who afforded Citrix generous coverage for the launch of Citrix XenServer 5).

So, will Virtualization Congress 2009 be a Citrix copy of VMworld?   Absolutely not.  Indeed Citrix has no influence or control over  the Virtualization Congress program whatsoever.   Alessandro and his independent program committee (which does not have any representation from Citrix), together with the readers of virtualization.info, will independently develop their agenda, select speakers and run the event.  Like other vendors, Citrix has submitted session proposals, but I have no idea whether or not they will be accepted. 

Why host Virtualization Congress with Citrix Synergy then?  Well, for three reasons. 

• First, tight budgets and the tough economic situation means that  travel budgets will be cut for everyone next year.  Citrix has reserved all of the facilities at Summit that will be needed to host our partners, customers and ecosystem partners  and we can leverage our purchasing clout to secure a good deal for the facilities that Virtualization Congress needs.
• Second, a large customer base (for all virtualization vendors) will be in Vegas for Citrix iForum - our customer conference, and a large subset of the virtualization channel partners  will be present for Citrix Summit - our channel conference.  
• Third, the ISV and IHV ecosystem that has developed around Citrix Delivery Center, Xen, XenServer, Microsoft Hyper-V and VMware will be at Citrix Expo to showcase their wares to our channel partners.  By broadening their exposure to a larger audience in a vendor neutral context we can maximize their opportunity to secure business with both customers and resellers. 

So, by co-locating Virtualization Congress with Synergy 2009, Citrix gets all it could want: A vendor neutral, independent virtualization conference in which the content is determined by the leading independent industry analysts and strategists; and an opportunity to give our customers attending iForum, and our channel partners attending Summit an opportunity to see the other 90% of the virtualization industry in a completely neutral showcase that allows them to learn, question and demand an open agenda free of a single vendor's bias.   And save on time out of the office and travel costs while they are at it.

Indeed the value proposition is so clear that it deserves a call to action:  All major virtualization vendors should step up to co-sponsor the event to reduce the cost for the attendees and demonstrate their commitment to an open, technology and solutions focussed debate. 

Though I will probably still go to VMworld to do my pitch in the furthest room on the last hour of the last day, 2009 and the first Virtualization Congress will usher in a welcome change toward an open, virtualization vendor neutral and customer and solutions focussed debate.  As you plan your travel for 2009, I strongly recommend that you plan to be in Vegas May 4-9 for Synergy (including Summit, iForum, Expo, Geek Speak Live and more), Virtualization Congress and Network World Live - everything you'll need to know about application delivery, application networking, data center automation and management will be on show.

Best wishes for 2009

In ancient Greece, it was common for those seeking prophetic and spiritual wisdom to seek counsel from an Oracle, while in Zen Buddhism, a Zen master is one who offers spiritual guidance and teaching to others.  Well, the Xen project can now offer both forms of wisdom - for virtualization at least:  Xen.org today announced that Oracle has joined the Xen Project Advisory Board.  Big deal? Yes.  First, the Oracle appointee to xen.org is Wim Coekaerts, Oracle's "Mr Linux" (the Oracle of Linux, perhaps?) and the person behind the Oracle Unbreakable Linux effort.   Wim is one of the nicest guys you'll ever meet, and a great leader of the open source cause.  It's a pleasure to welcome him to the Xen AB.  With him as an Oracle observer comes Dan Magenheimer, formerly of HP and the leader of the Itanium Xen port, and Kurt Hackel, who leads the Oracle VM dev team.  These guys have done some heavy lifting for Xen, and the project will benefit from their leadership.

Oracle has become a major mover in the open source world. It's initial partnership with Red Hat has morphed into open competition, based on Oracle's own Enterprise Linux distribution that is both compatible with Red Hat Enterprise Linux (RHEL) and (according to Oracle) more rigorously tested and for mission critical (Oracle, of course) database workloads.    Like it or not, Oracle Enterprise Linux (OEL) plays an important role in delivering value to end users. First, it is available free, with optional support - unlike RHEL, for which source code is made available, as required by the GPL (so you can build it yourself), but not the binary product.  This keeps an affordable enterprise Linux distribution within reach of the masses, and you can always buy support if you want it. Second, OEL is heavily tested (not that RHEL isn't) and validated for a demanding application workload. Oracle's Xen effort is quite different to OEL.  Whereas Oracle Linux is a derivative of what Oracle euphemistically terms "Enterprise Linux" (in other words, RHEL) the Xen in Oracle VM comes directly from the upstream Xen.org code base, and not via an intermediate distro.  This means that Oracle VM tracks the xen.org upstream code base more closely than OEL can track kernel.org.  Oracle has already offered a valuable set of set of patches and contributions to the project, and will host the next Xen Developer Summit.

Perhaps more importantly, at a time when Red Hat's enthusiasm for bare metal virtualization is waning - and its focus on KVM accelerating - Oracle appears to be betting that the market will continue to adopt (a) a type 1 hypervisor and (b) in the form factor of a virtualization platform, as opposed to virtualization delivered in an OS.  Contrast this with Xen in Linux or Hyper-V in Windows Server (which is type 1 delivered in an OS) and KVM on Linux or MSVS on Windows (which is type 2 - hosted virtualization). 

Arguably Red Hat is being smart by  offering both Xen in RHEL 5 and KVM (likely for RHEL 6) - leaving customers free to choose.  But I think that they've missed the point:  whether the technology is KVM or Xen in RHEL 5 the product will still offer OS based virtualization (competing with Hyper-V in Windows and Xen in SLES) whereas all of the other players in the market have opted for a platform based model independent of any OS.    Finally, it is well known that Oracle only supports Oracle apps virtualized on Oracle VM, which is, as I said earlier, all but identical to mainline Xen.  Is this a reasonable position? No, it's ridiculous.   Hourly and daily regression tests on mainline Xen ensure that every guest ever built for Xen, and every application ever tested on Xen, is  known to run perfectly.  So Oracle's support position is nothing more than the Oracle brandwagon wielding its market muscle.  It's a position that we in the Xen project hope to persuade Oracle to change over time - another good reason to welcome Oracle to the Xen AB.  By contrast, SAP has an open virtualization partnering program and  a rigorous validation and support program for SAP apps on 3^rd party virtualization platforms.  SAP is building a strong ecosystem of virtualization partners around its products to ensure that they run optimally and can be supported on any virtualization platform.  Oracle would do well to learn about the business of partnering from the community and the ISV ecosystem.  Which is the final reason why it is great to welcome Oracle to the Xen Advisory Board.

Chris Hoff is generally right as rain when he rants about technology, but he's still wrong on my position about Citrix's role in the addition of security features to Xen and XenServer. 

The recently launched Xen Introspection project is a very promising addition to the open source Xen project, adding a set of APIs that can be used to inspect the contents and I/O of a running virtual machine - and similar in some respects to VMware's VMSafe API.  The potential uses of this for enhancing guest security by allowing re-tooled security toolkits to identify attacks and compromised guests are very significant.  A key requirement is that the API itself be suitably secured so that an attacker cannot utilize it as a way to launch an attack by inspecting a VM's data and I/O, but assuming that this problem can be solved (and if it can be solved, then the community will do so), the opportunity for the security boffins to add very substantial value to Xen-based virtual infrastructures is obvious. 

Chris is right on all this stuff, but he's still confused as to Citrix's role in this.  Our job, both in the Xen community and in XenServer, our product, is to firstly make Xen bulletproof, through platform enablements that substantially enhance system security through design, and secondly provide enablements that offer security vendors an opportunity to extend Xen based products with specific value-added solutions that identify guest vulnerabilities, threats, compromised systems and the like.  We are manically focussed on securing the platform itself, but the Xen project is not a security project.  Moreover Citrix is not a vendor with a core competence in finding the bad guys that attack guests.  We want to make Xen the most secure hypervisor by (open, community based) design, while providing interfaces that securely extend the platform to offer those security vendors that are good at finding bad guys, a single way to go to market on all Xen based products. 

Unlike VMware, which with its acquisitions of Blue Lane, and Determina seems set for head to head competition with the security industry, we believe that this capability set is best added on top of the Xen hypervisor base by an ecosystem of vendors and the community, in a way that allows those vendors to add value to all Xen based products, independent of the particular Xen vendor.  If, say, a McAfee or Symantec product were released for the Xen Introspection API, then it is our specific goal that it would work for XenServer and for all other Xen based products on the market.  Leading the Xen project is a role that demands openness and integrity when working with the ecosystem of vendors.  Ian Pratt, the leader of the project, is a passionate defender of the independence of the project from any vendor bias, and in the area of security specifically, his goal is to foster an ecosystem of community and vendor based security enhancements to Xen that will enable Xen users to achieve far better security than is possible with a closed source virtualization platform such as VMware's that also competes with the security ecosystem.

Re-reading Hoff's posts, I find that I agree with him in just about every respect in his assessment of the technology and its implications, and I think we're doing exactly as he would recommend, so I'll be interested to hear if he has more to say on this. 

No, I'm not talking about the band. I'm talking about August 27, "Power IT Down Day."

Citrix, HP, and Intel have banded together to ask government and industry IT users to make a little change to their work habits on that day: when you leave work for the day, turn off your PCs, monitors and printers. (And unplug the transformers from the wall, too - no sense in letting them sit there even converting a little bit of power to keep devices in standby.)

We're underscoring putting our money where our press release is by donating our savings to the American Red Cross of the National Capital area - putting our power savings to use bringing resources to those who might need them in an emergency.

The potential for power savings goes beyond the power switch, of course. I visited a major Web 2.0 cloud the other day - I'm not naming names, but if you have 16-year-olds (or are one), it's a web-place they're likely to hang out a lot. Their service is powered by XenServer - all 4,000 servers of it.

Can you think of a more critical workload than the entire user-facing end of a Web 2.0 service? (Maybe you'd have a few more favorite candidates, but your 16-year-old probably doesn't.) The levels of consolidation achieved, and the savings from dynamically deploying servers only when the load requires it, is driving power reductions that can power a small town. A real one, that is, not a virtual-reality one.

On July 15^th, we at Citrix announced our work on Project Kensho, a set of tools that makes it easier to adopt the DMTF OVF (Open Virtual Machine Format) specification for virtual machine portability between different hypervisors and virtualization platforms.  OVF will allow IT organizations and software developers to capture, deliver and import virtual machines in a common format; Kensho will make it easy to do so. 

This morning in my keynote at LinuxWorld I announcedthat the tools will not only be easy to use... but the core Kensho components will also be free, not only distributed at no cost ("free beer") but licensed under an open source license ("free speech") as well, to encourage open development and wider adoption. 

The free distribution of Kensho will include the export/import tools we've already talked about, making it easy for ISVs and IT to export any VMware, Hyper-V or XenServer virtual machines and to import them into XenServer and Hyper-V (VMware is shipping its own OVF import capability). The open availability of source code, and the right to extend it, will make it possible for other Xen implementations, other hypervisors, and even other non-hypervisor technologies to participate in, and benefit from, the OVF ecosystem.  This will enable easier distribution, opening the floodgates for a vast pool of powerful and innovative apps and tools. As proliferation of both free and proprietary software in virtual machines grows, and users will benefit from increased portability, a greater number of technology choices, and reduced operational friction in selecting their platforms. 

For maximum flexibility and portability, Kensho will support all major virtual disk file formats -- including the Amazon Machine Image (AMI) format used in the Xen-based Amazon Elastic Compute Cloud (EC2). In addition to OVF support, the Kensho code will include a complete DMTF SVPC (System Virtualization, Partitioning and Clustering) CIM provider for Xen.  This will extend the management options for implementations of Xen, including but not restricted to XenServer.

We are on track to make the first tech preview available in September.

Together, these capabilities released in Kensho will increase choice for users, and help remove some barriers.  The candidate pool of servers that can benefit from virtualization is barely tapped.  With the free availability of the Kensho technology, we're taking another step toward making virtualization fast, free, ubiquitous, and compatible.