Some functions related to presentation and appearance won't be working properly if you don't have enabled JavaScript in your browser
Ed recent photo Follow earactingi on Twitter

Blogroll Links

Sign up to receive post notifications:


My Diggs



Why should VMware open source ESX Server

March 20, 2007

For some time, I started thinking that VMware should open ESX server to the open source community, not because I am an open source advocate, but for many reasons I'm listing here, and I think many of you agree:


  • ESX is already using many open source technologies and components, whether we say it's built on top of Linux OS, using Linux kernel, or is a Linux derivative, it is built on an open source foundation.

  • ESX Server make Linux users feel at home, and Linux community are used to find, evaluate and use open source projects before they recommend it to their employers and use it in the enterprise, imagine a project called OpenESX, and fully open source and free virutualization project where anyone if the world can contribute to the design, development, testing, and documenting of every part of it just like Fedora project and Redhat. VMware will sponsor the project and support the development.

  • It will provide rapid progress, more innovation, closeness to the users, and larger user exposure: open source's advantages.

  • It is Microsoft Virtual Server's competitor, many Open Source contributors build their environments on open source platforms and never user Microsoft's software unless they have to, those users and developers will definitely contribute to an open source project that will integrate with their current network, provide enterprise class support, without migrating to Windows hosts or Microsoft technologies.

  • By saying open source, and I'm not saying ESX will be totaly free and VMware going out of business, I admire VMware innovation and I actually think VMware business will be in a good shape with Open Source community support, (I don't want to go through the debate of opening Microsoft Windows source now, but I think the open source business model will be suitable for VMware)
  • It is the best way to [defeat] Open Source rivals, Xen, Qemu and other open source alternatives' advantage is user contribution and rapid progress, Vmware will soon realize that once those products are mature, it will be competing with them in the enterprise market along with the pressure of Microsoft.
  • VMware has always supported and relied on user community, VMTN is a big strength for VMware because of the users forums, blogs, local groups and add-ons, and they can give those users access to the core technologies where they can suggest, enhance and innovate to the seek of virtualization users back to VMware clients.
  • VMware already experience how much users base was expanded by giving away Vmware Server for free, those users most likely are going to recommend VMware as solution provider for virutalization after evaluating the product, and ESX will have much more powerful but similar affect.

When I say open source, I mean ESX OS, VMkernel, VMotion and VMFS, imagine how much users can contribute to those technologies, and how fast this development is going to be.
If you think that this is impossible, VMware is never going to release ESX Server's code, just think about Java, and solaris, after 10 years, Sun decided to open source those to stay in the competition (I think Solaris was open sourced too late that it may not recover easily anyway).

--------------------------------------------------------------------
Netflix, Inc.
Links to this:
http://vmblog.com/archive/2007/03/21/should-vmware-open-source-esx-server.aspx
http://blog.scottlowe.org/2007/04/05/open-source-virtualization-thoughts/
http://tarrysingh.blogspot.com/2007/03/should-vmware-open-source-esx-server.html

Posted by Ed at 12:51 PM | Comments (2) | TrackBack

Replace VMware Virtual Center SSL Certificate with Microsoft CA

October 20, 2006

Replace VMware Virtual Center SSL Certificate with Microsoft Certificate Authority PKI Trusted Cert.

VMware Virtual Center web access uses Tomcat Web Server to provide access through a browser and require secure connection by using a default self signed certificate with the name VMware Inc.
The problem with this approach is that browsers like Internet Explorer and Firefox complain that the certificate used by the website is not trusted, because it’s not signed by one of the major SSL Providers like Verisign or Thawte and the browser recommend closing the page or proceed on your own risk.Certificate Error in IE 7
The second problem is when you use custom code or third party tools and they require the use of VI3 SDK which requires negotiating secure connection to multiple destinations with the same cert.

It would be more secure, user friendly and less problematic to use your own Certificate Authority (Here I’m using Microsoft’s) where you can integrate Virtual Center web servers in your PKI or third party -signed certificate from Verisign or Thawte.

Note that users will keep getting the warning about non-trusted cert if you don’t make the browser to trust your own CA, Active Directory Group Policy makes it easier to enforce trusting the Domain Root CA on all domain members’s browsers.

The first thing you need to know is that Virtual Center uses SSL Certificate stored in “C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL” where you find these files:
rui.crt
rui.key
rui.pfx

You need to replace those with a certificate issued for that server using your own CA

Follow these steps to achieve that:

  1.  On your CA certificate request web form, choose advanced then on Advanced Certificate Request page select Web Server template and type in the name of the server (usually the DNS or FQDN) in Name text box.Certificate Add-in in MMC
  2.  Select “Mark keys as exportable” check box and submit
  3.  Install the certificate in your certificate store
  4.  Open a new mmc (Start – Run – mmc and enter) and add Certificate add-in for the current user
  5.  Go to personal store and find the certificate that you just issued
  6.  Write click on it and select (All tasks – Export)
  7.  In Certificate Export Wizard, select Yes, Export the private key and then Next
  8.  In Export file format screen, select Personal Information Exchange – PKCS #12 (.PFX)
  9.  Type and confirm private key password
  10.  Browse to a location on your machine to store the PFX file
  11.  Download the SSL Certificate Utility.
  12.  Extract the zip file to a location on the local hard drive. There are four necessary files: ssleay32.dll, libeay32.dll, openssl.cfg and openssl.exe.
  13.  Move the pfx file exported from step 10 to sslcert folder to facilitate finding it.
  14.  Go to sslcert folder and type:
    openssl base64 -in filename.pfx -nocerts -out filename.pem
  15.  Supply the password used when you created the Personal Information Exchange file during the export in step 9
  16.  You will then be asked to create and verify a "PEM pass phrase". You will need to supply this pass phrase in order to convert the "PEM file" to a KEY file. This pass phrase will be used only once.sslcert in dos prompt
  17.  Go to sslcert folder and type:
    openssl rsa -in filename.pem -out filename.key
  18.  After entering the "PEM pass phrase", the .key file will be generated.
  19. Now you have three files filename.pfx, filename.pem, filename.key

Replace the old certificate with the new files

  1. On Virtual Center server go to “C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL”
  2.  Backup the old file in a new folder or new names (Virtual Center service will not start without a valid certificate, so have a backup before you proceed) and protect them from user by setting read permission for system and Adminstrator only.
  3.  Copy the three files from the sslcert folder (filename.pfx, filename.pem, filename.key) to (rui.pfx, rui.pem, rui.key)
  4.  Restart “VMware Virtual Center Server” service from services mmc
  5.  Close and relaunch your browser and go to your virtual center web page, the browser should not complaint
  6.  Examine the certificate and make sure it is using the newly created one signed by your CA, if this is correct and your browser is still complaining about non-trusted certificate, your root CA is probably not trusted by your browser, use either group policy or manually trust your root CA

The same steps can be done for ESX servers but remember that ESX 3.0 store the SSL Certificates in “/etc/vmware/ssl”

References and Credits:

Posted by Ed at 12:43 PM | TrackBack

Monitor VMWare ESX with Whatsup Pro

October 15, 2006

This article applies to VMware ESX 3.0.1 in addition to older versions 2.5.3 - 3.0

VMware ESX server has snmpd daemon that can be used to monitor performance and send snmp traps
Virtual Center monitor many performance metrics, like CPU, Memory, network and disk I/O, but it is expensive and it is limited to those metrics.
What if you need to monitor disk space on /var/log partition? and want to receive an alert when it reaches 90%; What if you want to monitor httpd on ESX and receive a message when it fails.
If you are working in an environment with many servers and a team of systems administrators, you are most likely using a system monitoring tool or at least evaluating one.

  • Edit snmpd.confWhatsup pro
    # vi /etc/snmp/snmpd.conf
  • Configure it to point to the management server IP address and use a community name (here it's public)
    trapsink *.*.*.* trapcommunity public  
  • Then start snmpd service
    # service snmpd start
  • Configure it to autostart
    # chkconfig snmpd on
  • Test it on local machine
    #snmpwalk -v 1 -c public localhost system
  • Test it on another system (x.x.x.x is the esx server's IP)
    #snmpwalk -v 1 -c public x.x.x.x system
  • Open the firewall esxcfg-firewall -o 162,tcp,in,snmp
  • Go to Whatsup machine (or any management station your have like Dell Open Manage IT Assistant or Nagios)
  • Compile ESX MIBs from ESX server
    /usr/lib/vmware/snmp/mibs/
        VMWARE-ESX-MIB.mib
        VMWARE-RESOURCES-MIB.mib
        VMWARE-ROOT-MIB.mib
        VMWARE-SYSTEM-MIB.mib
        VMWARE-TRAPS-MIB.mib
        VMWARE-VMINFO-MIB.mib
  • If you haven't added the server to be monitored yet, run discovery or add device to add the server to the database
  • Create monitors for SNMP and configure credentials and communities (public, private etc...)
  • Open the firewall on the management station ( here it is Whatsup pro)
  • Write click the machine you want to monitor and select the monitored items (ping, http, cpu, disk space... etc.)
  • Configure the actions to be triggered (email, page, event log...)


Posted by Ed at 01:48 PM | TrackBack

Extend the root partition of Windows Virtual Machine in VMware

October 05, 2006

Here is somebody who put togather a detailed instruction on resizing Windows root partition in VM:

Extending a Cloned (Deployed) Windows VM’s root partition without using any third party tools

And He also saves you some time providing a script ready to backup VMX files
VMware: Backing up your ESX Configuration/VMX file:

Posted by Ed at 09:01 PM | TrackBack

Install EMC Navisphere Agent on VMware ESX Server

September 29, 2006

VMware ESX Server includes SAN management services and tools, like cos-rescan or esxcfg-rescan to scan HBAs and vmkfstools or esxcfg-vmhbadevs for other san related tasks. But EMC provides Navisphere Agent for Linux that can run on ESX and is supported by EMC/VMware.
The Host Agent can :
  • Retrieve information from the storage system automatically at startup or when requested by Manager or CLI.
  • Send drive mapping information to the attached CLARiiON® storage systems.
  • Monitor storage-system events and can notify personnel by email or pager when any designated event occurs.
  • Retrieve LUN World Wide Name (WWN) and capacity information from Symmetrix® storage systems.
To install and run the agent , you need:
  • Download Navisphere Host Agent / CLI from EMC Powerlink, latest version as of this writing is 6.22
  • Extract and run ./linux/ESX_installer.sh to open required ports
    • # # ./ESX_install.sh naviagentcli
##############################################

ESX_install.sh ver 1.1
The following ports need to be enabled for the software to operate properly

port -> 6389,tcp,in,NaviCLI
port -> 6389,tcp,out,NaviCLI
port -> 6390,tcp,in,NaviCLI
port -> 6391,tcp,in,NaviCLI
port -> 6392,tcp,in,NaviCLI
port -> 443,tcp,out,NaviCLI
port -> 2163,tcp,out,NaviCLI

Do you want to enable <yes/no>? [yes]

Enabling ports now!
  • Install or upgrade the RPM ( in this example I'm upgrading)
    • # rpm -Uhv naviagentcli-6.22.20.0.94-1.noarch.rpm
Preparing...                ########################################### [100%]
   1:naviagentcli           ########################################### [100%]
Shutting down Naviagent: [  OK  ]
  • Start or restart the service:
    • # service naviagent start
Starting Navisphere agent: [  OK  ]
  • go to Navisphere Control Center and update the host and make sure it reflect the same agent version

Posted by Ed at 08:55 AM | TrackBack

VMware Delivers Free VMware Server 1.0 Final Release

July 12, 2006

It's still free, but now it can be managed with special version of Virtual Center! which costs about $600
Learn more and download it from http://www.vmware.com/news/releases/server.html

With support to 64bit, 16 CPUs, 2way guests, 64G Memory, run on Linux host and runs linux guests, templates... it is really athe ideal introduction to virtualiation.

But I still prefer ESX though! here is a comparison between the two.

Posted by Ed at 09:55 PM | TrackBack

Apple releases bootcamp to run Windows XP on Mac

April 05, 2006

It's bootcamp public beta from Apple: http://www.apple.com/macosx/bootcamp/
Allowing the installation of Windows XP natively on Intel based Mac OS x

While many in PC community has tried to install Mac on regular PCs and In Virtualization environment, only few (I heard www.parallels.com supports Mac OS ) could do the opposite.
And as Redhat/Fedora included support for XEN in the 5th release and Windows will have Virtual PC included in Vista, Apple may include a built in virtualization in Mac Os X 10.5 (Leopard) read more...

As I always predicted, Apple soon is gonna be a primary OS vendor for PCs competing with Microsoft and this is a new step to ensure to the people with stacks of software and apps for there Windows Desktop that they can get a Mac and still have access to their apps occasionly.
The next few years are going to be internesting!

Posted by Ed at 04:15 PM | TrackBack

VMware give away GSX server for FREE

February 06, 2006

How anyone would compete with Microsoft? go the linux way, go FREE!!
VMware, the leading virtualization software company, announced a free server product http://www.vmware.com/products/server/ . The announcement came after Microsoft started gaining more popularity for its Virtual Center due to the new licensing scheme ($99-$199 for enterprise version)
The VMware Server software seems to have GSX features like:
- Support for wide variety of operating systems including Linux and Solaris
- Support of x64 OSs, like Windows XP x64 bit.
- Can run on Windows or Linux hosts.
- Support up to 16 CPUs and 64GB of Ram
- Guests can have 2 CPUs
- Cluster two guest on the same host.
- San connectivity (Through host)

But without those cool features of ESX:
- Cannot be managed by Virtual Center
- Cannot move VMs though VMotion
- Cannot use Templates to provision new guest.
- No cross-host clustering
- No support for VLan Switchs

I still think of VMware ESX server as the enterprise class virtualization solution with its high availabilty and power management tool Virtual Center.

Posted by Ed at 11:32 AM | TrackBack