As more and more ISVs, IT organizations, resellers, integrators and consultants of all flavors become more aware and familiar with the new virtual appliance packaging capabilities in the DMTF VMAN initiative and the OVF capabilities Citrix is adding to its products, it is useful to identify some of the advanced capabilities of the Project Kensho OVF Tool.

New in the Project Kensho OVF Tool v1.3 is a variety of options aimed at making virtual appliance packages more feature rich.  As a packaged entity, the attributes of the virtual appliance are important. 

Attributes like encryption, compressing files, digitally signing and validating or verifying the content prior to import add tremendous value. 

For example, if an ISV wanted to offer his XenServer based virtual appliance as an OVF, and had concerns about tampering with the OVF xml, the ISV has the option to digitally sign the OVF file.  On import, the user can verify the signature, if the verification fails, this indicates a change to the file from what the ISV produced. ISVs also need to attach end user license agreement (EULA) information.  During import, EULA text is presented to the user to accept or reject.  The ISV has the ability to incorporate whatever text necessary to fulfill the EULA display requirement.

Another example is if an IT administrator must move a VM from one physical location to another and requires an export of the VM to do so.  The contents (virtual disks) of the VM are sensitive and the administrator must secure them.  The administrator can choose to create an OVF and encrypt the contents.  As part of the process, she would like the appliance in a single file format (OVA).  Using the Project Kensho OVF Tool, she has the flexibility to do this. 

On import, there are also a number of options for the end user.  Many are verification and validation whereas others enable the user with mapping the OVF's VM resources requirements (NIC, storage) to the resources available from the XenServer host.

Summing this up, we've produced an Advanced Features video to describe some of these options.

As we can see from these features, the world of advanced virtual appliance creation and consumption is quickly becoming very feature rich and enabling for all parties involved.   

One of the more unique features about the Project Kensho OVF Tool v1.3 is its ability to manage Hyper-V servers. The Project Kensho OVF Tool can import OVF/VMDK from VMware products directly into Hyper-V servers as well as move content between Hyper-V and XenServer.

To assist with the understanding how quick and easy this is, we've produced a simple video that explains this process:

Some items to note with Hyper-V and XenServer compatibility:

1. When moving Linux workloads around, if the XenServer derived Linux workload is paravirtualized (PV enabled), the workload will not function on Hyper-V. Use an HVM type of VM if the intent of the workload is for cross hypervisor compatibility between XenServer and Hyper-V.
2. When moving Windows workloads around, Windows XP/Server 2003 and higher can be migrated between platforms without driver issues, e.g., one clobbering the other.

Share your experience and use cases on the forum.  Thanks for your interest in Project Kensho and the virtual appliance future of XenServer!

Summary

Project Kensho OVF technology provides the Citrix ecosystem with excellent tools to create and consume virtual appliances based on the OVF standard.  Project Kensho OVF technology is currently available in two utilities: 

• Project Kensho OVF Tool
• XenConvert 2.0.1

This article aims to describe basic use cases of each tool and where it fits within the greater context of deploying and consuming virtual appliances using the Open Virtualization Format (OVF).

Background

Project Kensho is a Citrix Labs endeavor tasked with de-risking and improving our understanding at applying DMTF OVF and CIM technology to XenServer. 

In the case of OVF, the standard is new and exciting. Its potential to reduce costs and improve virtual machine deployment for Citrix internal and external partners and customers is enormous.  Today, it is one of the most exciting technologies in the world of virtualization.

Project Kensho OVF technology is present in both the Project Kensho OVF Tool and XenConvert 2.0.1.  Each tool is unique in how it uses OVF and its position in the user community. 

In the simplest terms, the Project Kensho OVF Tool is aimed at OVF based virtual appliance creation and consumption where as XenConvert 2.0.1 is a P2V/V2V conversion utility supporting OVF virtual appliances.

Each offers the user different paths to create, convert and import OVF based virtual appliance content into XenServer.

Project Kensho OVF Tool

First released in October 2008 as an ongoing series of Tech Previews, the Project Kensho OVF Tool targets the creation and consumption of OVF based virtual appliances. This utility is part of the Project Kensho Tech Preview suite consisting of the Project Kensho OVF Tool and the Project Kensho XenServer CIM Interface. 

The Project Kensho OVF Tool is a full featured import/export utility offering users the latest OVF capabilities. The utility accommodates both the XenServer and Microsoft Hyper-V hypervisors and has the ability to directly import VMware OVF/VMDK content without conversion.

Unlike XenConvert, the Project Kensho OVF Tool is not targeted at static file format or physical to virtual conversion.  The utility requires the user to have administrative privilege to the hypervisor.  It interfaces directly with the hypervisor enumerating VM content for export and identifying hypervisor hosts for import.  The Project Kensho OVF Tool's primary function is to manage movement of OVF packages into and out of the hypervisor.

Project Kensho OVF Tool – Appliance Creation (Export)

Virtual appliance producers have the ability to create virtual machine appliances by exporting one or more virtual machine guests as an OVF package from either the XenServer or Hyper-V host. 

OVF supports one or more virtual machines within a single package.  This enables virtual appliance producers with the ability to package entire datacenter suites into a single file.  This is very useful when distributing suites like XenApp or other multi-server products.  Currently, the Kensho OVF Tool is the only Citrix utility capable of exporting OVF content directly from a hypervisor.

When exporting the appliance, the user has the ability to embed an End User Licensing Agreement (EULA) into the OVF.  The EULA is presented during import forcing the consumer to agree or decline the terms of use of the appliance. 

For added security, the user can digitally sign the OVF file and encrypt the virtual disk content.  These features add additional value to the virtual appliance's integrity.  Users can also compress and add a file manifest to OVF package.

Project Kensho OVF Tool – Appliance Consumption (Import)

Consumers of the OVF package have the option to import the virtual appliance into a XenServer or Hyper-V hypervisor.  Among other features, the Project Kensho OVF Tool enables this process with features such as hardware mapping and integrity validation of the OVF package.

Hardware mapping eases post virtual appliance import configuration steps.  For example, a user could map the network interface card (NIC) described in the OVF to the virtual networks unique to the target XenServer. The same support exists for storage and system mapping.

One highly useful feature is the direct import of VMware OVF/VMDK content into a XenServer or Microsoft Hyper-V environment.  This capability reduces time and costs as Project Kensho implements fix up capabilities making migration of the VMDK easier and less time consuming.

XenConvert 2.0.1

As the first mainstream XenServer utility to adopt OVF, XenConvert 2.0.1 applies Project Kensho OVF technology to the conversion process.  As a Physical to Virtual (P2V) and Virtual to Virtual (V2V) converter, XenConvert 2.0.1 now gives virtual appliance users a number of options to either create OVF content for import into XenServer or convert OVF content produced by 3rd party products like VMware. 

Unlike the Project Kensho OVF Tool, XenConvert 2.0.1 does not require administrative rights to a XenServer in order to convert physical or virtual machine assets into formats compatible with XenServer.  The utility can perform its conversion functions without any XenServer interaction.  However, in scenarios where the user chooses to import into XenServer as part of the conversion process, the utility conveniently offers this capability thus requiring the user to authenticate to a XenServer with administrative credentials.

In the P2V scenario, XenConvert 2.0.1 facilitates the creation of an OVF based virtual appliance by using a physical machine as the appliance reference.  This is a unique use case as the creator of the virtual appliance now has another avenue of flexibility in determining the source of the virtual appliance.

One helpful use case is converting an existing XenServer XVA virtual disk to an OVF/VHD package.  This gives virtual appliance users the option to easily convert the XVA to a standards based virtual appliance format.

Another use case is converting from a VMware OVF/VMDK to XenServer.  Kensho OVF technology allows XenConvert to convert and import VMware OVF content into a XenServer environment.  This is very helpful when moving between hypervisors and gives users the freedom of OVF interoperability at the virtual disk level.

There are many more possible use cases employing Project Kensho OVF technology found in XenConvert 2.0.1.  XenConvert 2.0.1 supports OVF packaging options like compression, digital signatures, encryption and archiving the OVF package as well as attaching EULA information to the virtual appliance.

For use cases where P2V and V2V conversion is a must, XenConvert is an excellent tool to convert and import OVF content into XenServer.  And, it represents yet another method of creating and consuming OVF based virtual appliances. 

Conclusion

Project Kensho OVF technology offers users a variety of options whether using the Project Kensho OVF Tool or XenConvert 2.0.1.  Each utility allows creators and consumers of OVF based virtual appliances a variety of paths into XenServer creating flexibility for all users of the technology. 

By providing tools to address the conversion of physical and virtual disk formats to XenServer as well as the import and export of OVF content, Citrix is actively positioning customers and partners for the move into the virtual appliance world.

Summary

This article provides a basic overview of the Open Virtualization Format (OVF) specification as used in Project Kensho and XenConvert.

Background

Virtual Machine deployment and use has exploded in recent years. Many vendors, including Citrix, have been instrumental in the widespread adoption of virtual machines in today's computing climate. New use cases, including the distribution of virtual appliances, require a more standardized way to describe and deliver virtual machines. This article aims to shed some light on OVF as used in currently shipping Citrix products.

What OVF Is

Comprised of the Virtualization Management Initiative (VMAN), the Distributed Management Task Force (DMTF) standards body created a standard representation of virtual machine metadata named Open Virtualization Format (OVF).  OVF seeks to allow virtual machine hypervisor vendors and the users of virtual machine technology to create and consume virtual machine metadata free from proprietary formats.

Virtual machine metadata includes a virtual machine's name and configured memory as well as CPU, network and storage settings among other attributes. A standards approach to creating and consuming virtual machine metadata eases the ability to move a virtual machine from one platform to another as well as distribute virtual appliances to end users.

However, OVF goes beyond just the description and virtual hardware attributes. OVF allows a virtual appliance vendor to add items like a EULA, comments about the virtual machine, boot parameters, minimum requirements, security attributes and a host of other features.

An OVF is not just limited to a single virtual machine. An OVF can describe multiple virtual machines. These virtual machines can be packaged as a virtual appliance suite all wrapped up in a single file. Creators of the appliances also have the ability to encrypt, compress and digitally sign OVF content.

With these capabilities, there is a wide range of packaging and deployment possibilities when using features provided by the OVF specification found in Citrix utilities.

What OVF Is Not

OVF is not a specification that describes a virtual disk. To import OVF content requires hypervisor compatibility with the associated virtual disk.

For example, to import a VMware produced OVF, which includes a VMDK disk into XenServer, the user needs to convert the VMDK into a virtual disk format compatible with XenServer.. The same process is needed to import a XenServer OVF which includes a VHD into a VMware hypervisor.

To assist end users with dissimilar disk formats, Citrix provides XenConvert 2.0.1 which converts VMware OVF/VMDK content into a XenServer compatible format (OVF/VHD). The Project Kensho OVF Tool enables direct import of OVF/VMDK content into XenServer without converting into an intermediate format. Using this method, the Project Kensho OVF Tool reduces migration time by ~ 40%.

With Microsoft Hyper-V content, no conversion is necessary as XenServer natively supports the VHD format. The Project Kensho OVF Tool facilitates the import and export of OVF based VHD content for users of Microsoft Hyper-V.

OVF File Components

From a file perspective, OVF is not just one file. It is a collection of files representing everything from virtual machine metadata, virtual disks, manifests, certificates and archive files. These files can be encrypted, digitally signed, compressed and archived.

The most apparent file is the metadata file. It is an XML document that has the extension of .ovf. This file contains the metadata describing one or more virtual machines and contains the location of the virtual disks associated with the virtual machines. It also contains information about how to manage the virtual machines during import, EULA information and other capabilities described in the specification. A file of this type could appear as myappliance.ovf.

Accompanying the .ovf are one or more virtual disks. Citrix uses the .vhd format for virtual disks associated with a Citrix produced OVF. The .ovf file provides the location to one or more VHD disks. VHD disks can be relative to the OVF or can be a URL.

The OVF specification defines two specific groups of files:

OVF Package
An OVF package is a group of files required for importing the virtual machine.

• The .ovf file containing the metadata. Example: myappliance.ovf
• One or more .vhd virtual hard disks. Example: myappliance.vhd
• A manifest file describing the package and checksum. Example: myappliance.mf
• If a user chooses to digitally sign the OVF file, a certificate file. Example: myappliance.cert

OVA Package
An OVA package is a single file archive of the .ovf file, .vhd file, .mf file and, if applicable, the .cert file. The OVF specification requires an archive to be in the TapeARchive (TAR) format. TAR is a Unix derived archiving format.

• All files associated with the OVF are included in this file. Example: myappliance.ova

The OVF specification allows users to compress an OVA.

• OVA compression uses the gzip algorithm. Example: myappliance.ova.gz

OVF and XVA

OVF is the natural successor to XVA. Accompanying an XVA package is a file named ova.xml. This is XenSever's proprietary metadata descriptor. Citrix utilities like XenConvert 2.0 convert an XVA into an OVF/VHD combination. XenConvert is useful in creating distributable virtual appliances based on the OVF standard from existing XVA content.

DMTF VMan OVF Specification

There is much more to OVF than the simple description above. To learn more about it, please refer to the OVF specification on the DMTF website.

DSP02431.0.0 Open Virtualization Format Specification

With the new Xen.org announcement, there is a lot of motivation and excitement at Citrix and the Open Source Community. Adding to this, two weeks ago, Citrix released the latest Project Kensho Tech Preview:  Project Kensho 1.3.

This is an exciting time for Citrix as we strive to improve and build virtual appliance creation and consumption capabilities into the XenServer product line. Project Kensho is the primary driver for Citrix's use of DMTF virtualization standards.  As with previous Project Kensho standalone releases, this release includes support for the Open Virtualization Format (OVF) and the Common Information Model (CIM). Two different utilities are provided at the Project Kensho download site:  The Project Kensho OVF Tool and the XenServer CIM interface.  

In the coming days, the Project Kensho team will provide more information and details on these utilities.  However, before getting too involved in the details, let's quickly highlight what each utility offers.

XenServer CIM Interface

The XenServer CIM interface facilitates access to XenServer management functions from standards based APIs.  This greatly simplifies coding for partners and customers who create utilities to run against a XenServer environment and other hypervisors by reducing the amount of code to maintain for each environment. 

There are quite a few improvements in the interface, let's take a look:

Easy to Use:

•  Simple installation onto a XenServer host 
•  Training video describing installation 
•  Fast, attentive and helpful online support

Interoperable:

•  Enable 3rd party manageability of XenServer using standards based interfaces 

Versatile:

•  Provides access to major classes of XenServer functionality 

Accessible:

•  Built on standards based DMTF VMAN specification 
•  Free of charge; anyone can use 
•  Open source; anyone can build management tools for XenServer 

The Project Kensho OVF Tool

Now, OVF is not new to Citrix.  Citrix has been a driver in DMTF in the creation of this specification.  We also see Kensho OVF technology in XenConvert 2.0.  With the Project Kensho OVF Tool 1.3, we open the door wider to a whole new world for Citrix partners and customers.  By leveraging the OVF standard, Citrix is piloting tools to make XenServer family the best of breed in virtual appliance offerings.  In fact, today, the Project Kensho OVF Tool is the fastest and easiest way to import VMware OVF/VMDK content into a XenServer environment.  More impressive, it can take that same VMware OVF/VMDK and import it into Microsoft's Hyper-V as well.  The Project Kensho OVF Tool manages both XenServer and Hyper-V environments whether the task is creating or consuming OVF content. This utility enables virtual appliance  creation and consumption never experienced before via XenServer.

What makes OVF impressive is that it enables software vendors, integrators and end users of virtuallization technology with the ability to package virtual appliances in ways unattainable until now.  This standards based specification gives virtual appliance packagers and consumers a long list of options to ensure secure appliance packaging, package virtual appliance suites, archive into singe files, compress them, attach EULAs, as well as whole host of other capabilities. Imagine what this flexibility can do for your environment!

Below lists the numerous improvements and features in version 1.3:

Easy to Use:

•  Simple installation on a Windows workstation or server class computer 
•  Easy to navigate, user friendly UI  
•  Can learn to use in minutes  
•  Detailed admin guide 
•  Training videos describing installation and virtual appliance packaging/deployment available from CitrixTV 
•  Fast, attentive and helpful online support

Interoperable:

•  Manage XenServer or Microsoft Hyper-V virtual appliance creation and consumption from the same UI at the same time 
•  Consume VMware OVF content produced from any VMware utility in production 
•  Directly import VMware VMDK virtual disks into XenServer or Hyper-V environments in one quick step 
•  Automate fix up of VMware imported virtual machines (Windows or Linux) to boot cleanly into XenServer and Hyper-V environment 
•  Share virtual appliances between Project Kensho OVF Tool and Citrix XenConvert 2.0.1  
•  Compatible with localized Hyper-V hosts 

Versatile:

•  Virtual appliance packaging of one or more virtual machines in to a virtual appliance suite 
•  Compress virtual appliances into smaller files saving space and lowering transport time when copying
•  Create single file archives of a virtual appliance making management of appliance content simple and straightforward 
•  Easy mapping of resources between virtual appliance and hypervisor host during import into XenServer or Hyper-V 
•  Attach EULA to virtual appliance to ensure end user agreement of virtual appliance application content prior to import 
•  Create virtual appliances from virtual machines with snapshots 

Secure:

•  Apply and verify digital signature to OVF to protect against tampering 
•  Encrypt virtual appliance files to protect appliance content from unauthorized use 

Reliable:

•  Create and verify a manifest of each file and its checksum in the appliance package 
•  Verify OVF formatting for errors prior to import 

Accessible:

•  Built on standards based OVF 1.0.0 virtual appliance specification 
•  Free of charge; anyone can use 
•  Open source; anyone can build virtual appliance tools for XenServer