7/17/2011

vmware.esxi5.licensing.thoughts

At surface level it looks to set an expectation of two things for their hypervisor: an assumed amount of memory allocated to a VM, and the role of the VM (server or client based). Unfortunately they are basing this off of today's model.


Example:
Server role: paying $6990 per 96GB RAM sounds like 24-32 VMs per box (2cpu,4core)

Now when you have a (2cpu,12core) host with 192GB RAM, they lost an additional $6990 revenue and you gained 24-32 more VMs. The new licening model is a way for VMware to get that money back before the cores/RAM grow too quickly.  That is the smart move on their part to capitalize on Intel and AMD's progress.
Unfortunately, it stiffles innovation: ie allocating large RAM amounts to VMs for system cache (thinking Citrix PVS and other RAM caching software) that would dramatically reduce SAN IOPS. How thoughtful of them considering EMC is their parent company, since we all can agree that the most compelling reason to increase the RAM on a VM is to decrease the OS interaction with the slower disk subsystem.   So long are the days of dreaming of a read-only OS with all system and application exectuables and dlls pre-cached in RAM ready to serve out apps with near 0 READ IOs and an efficient use or WRITE IOs when there is something important to put on disk..  We'll all continue to run Java QuickStarter, Adobe SpeedLaunch, and AntiVirus programs that thrash our disk arrays with wasted READ and WRITE IOs and buy bigger and better caching storage arrays to mitigate the problem.

Client role: with the desktop virtualization license from VMware, they now consider the role of the VM running on their hypervisor to matter? This is a very blurry line as we move out a few years and does provide incentive to only run their View product on ESXi 5 instead of any other brokers (thinking XenDesktop). Will there soon be a new cost for using 3rd party security VM appliances instead of vShield because of the role of the VM? When does running Microsoft Windows explorer.exe as your desktop shell not matter, and launching Windows applications from Apple IOS and Google Android desktop OS back to a multi-user Windows "Server" OS running Terminal Services and XenApp finally defeat spinning up hundreds of "Client" OS VMs? Maybe when VPNs die and application virtualization matures.. maybe..

10/17/2010

art.of.desktop.and .app.virtualization

Preparing for a presentation at the fall NCGLISA conference on desktop and application virtualization.  Topics will include include real world scenarios for implementing desktop virtualization for an entire organization and how to get there.  I am a bit disappointed that everyone is playing off VDI as a point-specific technology.  With the help of application virtualization and presentation virtualization you can form a strategy to centralize the full scope of your project.  
This concept is akin to private cloud with other goals of be dynamic via scalibility and app agile.. well, as agile as you can get with Windows-based applications.
A key point to remember is that Windows is a multi-user operating system.  I think this valuable tidbit has been lost over time during the VDI hype cycle.  This should lead you to think that I am not a proponent of delivering XP, Vista, or Windows 7 VMs to users.. if so, you are right.. until I hear that the Windows operating system is no longer multi-user then I'll rethink that last statement.

4/08/2010

apple.ipad.yar.with.other.thoughts.040810.txt

Ok, so after looking at my predictions for the iPad, I guess it was just more wishful thinking than reality..

So, there was plently of room for a multi-color LED it was not included.  Seriously, how difficult would it be to put an LED in the bezel so you can tell if you have a new email when you flip open the case?  The background email checks with the little new email sound is nice, but with no customization I don't think it would be fun in a room with one or more iPads (think classroom)

The Citrix Receiver for the iPad and immediate followup with the Citrix 2.2 Receiver as a wireless mouse for the iPhone was timed perfectly for that thin client proving ground concept.  It works great, it takes all of 2 minutes to setup and really if as simple as your email client.

Thoughts for the industry, start using SRV records for services over the internet in a more simple approach.  Upon watching the iPad waiting to resolve where my ActiveSync service was located for Exchange, it prompted a quick Google search that revealed the AutoDiscover process and the use of SRV records.  The implementation is undesirable to say the least.   Why would the service name be called _autodiscover?  That is the point of the SRV records, the service name should be named the service that is being offered!!  IE: _msactivesync, exchangeowa, etc..  AutoDiscover is precisely what the SRV records do, not something that should be shoved into on particular product and branded.. (thanks marketing.. your always there to stifle technology)

Along this same concept, Citrix should do the same for finding your external entry point for your CAG, CSG, WI, or whatever you may have stood up in front of the server farm.  That would really fall in line with the Dazzle concept quite nicely.

As for the iPad and the lack of filesystem.. this may have merit on the iPhone/iPod Touch, but makes for very unstable approach when you attempt to use the larger device as a laptop replacement.  I am not sure why you would take the time to expose your photo album across all applications and then sandbox all documents to each individual application.  And yes, the functionality is there.. I am waiting to jailbreak the device just so I can symlink the documents folders from each installed application to a central location.   The reality of this limitation is as follows...

You received a .doc/.docx attachment in you email client, if you have Pages installed, you have a nice "Open in Pages" integration button (so much for non-Apple apps doing the same.. follow your own rules Apple) the .doc now is in Pages, but you really want to make it available to GoodReader and file it away since it isn't something you need to edit.. Not possible.. unless you throw the .doc to a cloud-based storage service and pull it back down.. why should I have to do that when the .doc file is sitting in the filesystem already??  Again, this is a major short coming.. keep in mind without multitasking of non-Apple apps, you would never have to worry about document contention either..

Aside from that, it is just like any other weather report.. all of the nice things and expected things that could be said will just be forgotten or assumed.  I would like to see a case that incorporates a holder for the iPhone or iPod touch and more app developers taking advantage of bluetooth or ad-hoc wifi pairing to create interesting mixes.. heading off to test the Camera A, Camera B app now..

1/31/2010

twitter.zero.following..change.predicted.v013110.txt

Not really anti-social here, but there is an inherent problem with twitter that will likely cause people to rethink their following lists.  The 0 following may reduce DM functionality but there are always tradeoffs and mentions are fine in a public timeline perspective.

30 minute follow-up, it would appear that the linkage is stronger if you protect your tweets..

1/24/2010

apple.10.inch.ipod.slate.pad.err.qualcomm.tablet.best.guess.012410.txt

Everyone gets a guess at this right?  It is brilliant that Apple can keep something like this from mainstream media so well.

My best guess without justifications:

- Qualcomm Mirasol 10" display to advance the ebook reader market
- Qualcomm Snapdragon single-core with 1-2GB RAM, 32-64GB NVRAM
- Qualcomm GOBI chip supporting over-the-air activation for AT&T and Verizon

- Based on iPhone OS 4.0 with code-signing and application approval through AppStore, not a full OSX.
- More initial applications that run backgrounded besides Safari and Mail.
- Push notification will be more robust.
- A multi-color LED indicator
- Limited theming (based on AppStore approved themes)

- Price: $599

- Time to jailbreak: 4-7 weeks from launch date by @geohot

1/18/2010

yet.another.vmware.zimbra.take.011810.txt

Yet another response to zimbra acquisition by vmware.. in this case, the catalyst was an article provided by Gestalt IT: http://gestaltit.com/all/tech/virtualization/rich/vmware-zimbra-vmail

First, no software application should be "optimized" for a specific hypervisor. Citrix claims this with XenApp and then doesn't openly publish what the optimizations are. Why do I want a hacked up hypervisor that can run specific applications faster than others? Imagine if RAM and Hard Drive manufacturers started making claims that Adobe Photoshop runs faster because of specific optimizations on the controllers provided by Crucial and Western Digital.

VMware's sudden diversity isn't really all that sudden, they've stagnated Thinstall's application a year ago while they were trying to break into the application virtualization market. While I would love to see the product mature, it appears to have back burnered it to launch VMware View without an effective way to delivery applications with minimal images. Read the forums regularly, you'll understand the dilemma.

Finally, to the Zimbra purchase. IMHO, email is already a hybrid cloud solution with dependencies on DNS (hybrid cloud) and plenty of users and devices connecting from disparate internet connections. Plenty of businesses have moved their primary mail exchangers (MX) into the cloud for spam filtering since it tends to reduce the amount of traffic to filter locally thus providing more bandwidth.

After that is done let's get to the real issue if you move your mailboxes into the cloud in an environment with many LAN users. If every user has to pull an email over the internet that contains a 1MB attachment (work-related or not) then you've just increased your demands on your internet pipe. With an in-house solution, that 1MB email came in from the outside and now can be redistributed to users internally without the need for any additional internet bandwidth consumption. If their solution involves "caching" VMs, I don't think we've simplified IT, we've just made it more complex.

Are they "EMC/VMware" planning to utilize the RSA wing to make the product compliant with security regulations.. much like's Google's purchase of Postini for Google App users? What about the VCE coalition and Cisco's purchase of Ironport? Could that be the agreed upon spam firewall in the cloud as well? I can't seem to get a timeline on when the Ironport will be virtual appliance, so maybe not anytime soon.

When it is all said and done, it's just email and it either has a per socket cost with mailbox scalability limits or it's another per mailbox charge.

Imagine VMware/Zimbra as a slider bar:

[Microsoft Exchange] <----> [VMware/Zimbra] <----> [Google Apps/Postini]


1/14/2010

adobe.9.3.remote.code.fix.security.categories.011409.txt

After the upmteenth time of having to upgrade Adobe Acrobat Reader because of remote code exploits that we see everyday, I took a look under Edit - Preferences and noticed the "Security" and "Security (Enhanced)" tabs are visible in 9.2 and in 9.3. Although there are slight changes, just the fact of having a "security" category with an "advanced security" button and yet another "security (enhanced)" category it is time for some consolidation, or maybe not!


My suggestion, based on current industry practices and just to clarify would be to go with the following new categories:

Security (Bronze)
Security (Silver)
Security (Gold)
Security (Platinum)
Security (Titanium)
Security (Titanium Plus)
Security (No really, we mean it, we are just going to render PDF files, you'll be safe, really!)



Your own recommendation for the security flaw in 9.2 (APSA09-07) involves making a change under Edit -> Preferences category for the javascript blacklist functionality. Again, not even under the security category.. Maybe it's time to take some of your money put into the NOS Installer and invest into a 3rd party company to address your security issues instead.