We often compare the security of containers to virtual machines and ask ourselves “…which is more secure?” I have argued for a while now that comparing containers to virtual machines is really a false premise – we should instead be comparing containers to
Continue reading “Container Tidbits: The Tenancy Scale”
One of the most compelling features of Red Hat Enterprise Virtualization 3.6 is the ability to hot plug memory. Red Hat Enterprise Virtualization 3.5 provided the ability to hot plug vCPU’s to running virtual machines. Red Hat Enterprise Virtualization 3.6 completes this vision of hot plugging resources on demand.
Why do resource hot plugging capabilities matter to an enterprise IT organization? The two
Continue reading “Scaling Up On Demand with Red Hat Enterprise Virtualization”
Virtualization technologies have evolved such that support for multiple networks on a single host is a must-have feature. For example, Red Hat Enterprise Virtualization allows administrators to configure multiple NICs using bonding for several networks to allow high throughput or high availability. In this configuration, different networks can be used for connecting virtual machines (using layer 2 Linux bridges) or for other uses such as host storage access (iSCSI, NFS), migration, display (SPICE, VNC), or for virtual machine management. While it is possible to consolidate all of these networks into a single network, separating them into multiple networks enables simplified management, improved security, and an easier way to track errors and/or downtime.
The aforementioned configuration works great but leaves us with a network bottleneck at the host level. All networks compete on the same queue in the NIC / in a bonded configuration and Linux will only enforce a trivial quality of service queuing algorithm, namely: pfifo_fast, which queues side by side, where packets can be enqueued based on their Type of Service bits or assigned priority. One can easily imagine a case where a single network is hogging the outgoing link (e.g. during a migration storm where many virtual machines are being migrated out from the host simultaneously or when there is an attacker VM). The consequences of such cases can include things like lost connectivity to the management engine or lost storage for the host.
A simple solution is to configure
Continue reading “Steps to Optimize Network Quality of Service in Your Data Center”
In the past few years, virtualization admins have been hailed as heroes for enabling their organizations to significantly slash costs while improving service levels to the lines of business. Since the IT industry is constantly evolving, how can virtualization admins position themselves for success and avoid being rubber ducks in 2016? Below, we will look at 5 skills that should be in your toolkit in order to remain relevant in your organization.
1. Develop a deep understanding of how DevOps fits into your organization
According to Gartner, “By 2016, DevOps will evolve from a niche strategy employed by large cloud providers to a mainstream strategy employed by 25 percent of Global 2000 organizations.” Like many people, you might be asking yourself – what exactly does DevOps mean? DevOps is
Continue reading “Top 5 Skills Virtualization Admins Must Have to Stay Relevant in 2016”
In a commissioned study conducted by Forrester Consulting on behalf of Red Hat, 44% of IT professionals identified performance in their top three concerns for adopting container technologies. Benchmarks indicate that containers result in equal or better performance than virtual machines in almost all cases, with the runtime costs of containers as “negligible”.
What are the abstraction costs and what do you need to consider when running container-based applications on Atomic Enterprise Platform Public Preview?
Continue reading “10-FEB Webcast: Wicked Fast Container-Based Apps and Performance Tuning with Atomic Enterprise Platform”
In Architecting Containers Part 1 we explored the difference between user space and kernel space. In this post, we will continue by exploring why the user space matters to developers, administrators, and architects. From a functional perspective, we will explore the connection that both ISV applications and in-house application development have to the user space.
Continue reading “Architecting Containers Part 2: Why the User Space Matters”
Over the last 18 months, especially since the general availability of Red Hat Enterprise Linux 7, “containers” have emerged as a hot topic. With the more recent introduction of Red Hat Enterprise Linux Atomic Host, an operating system optimized for running the next generation of applications with Linux containers, one might wonder… what about virtualization? In that the benefits of containerization seem to overlap those of traditional virtualization, how do organizations know when to pick one approach over the other?
Continue reading “Virtual Machines or Containers? Maybe Both?”
Having access to quality random numbers is essential for correct and secure operation of operating systems. Operating systems need random numbers from an entropy pool for a variety of tasks, like creating secure SSH or GPG/PGP keypairs, generating random PIDs for processes, generating TCP sequence numbers, and generating UUIDs.
With Red Hat Enterprise Linux 7 we introduced the virtio RNG (Random Number Generator) device that provides KVM virtual machines access to entropy from the host machine. Red Hat Enterprise Virtualization starting version 3.5 also has exposed this feature. We have since made improvements to Red Hat Enterprise Linux guests to make the feature easier and more straightforward to use.
A Brief Introduction to virtio and Paravirtualized Devices
virtio is the paravirtualized transport framework for KVM virtual machines. Using the virtio framework, new devices can be
Continue reading “Red Hat Enterprise Linux Virtual Machines: Access to Random Numbers Made Easy”