XenServer is virtualization and cloud tech, not thin client tech. You're thinking of XenDesktop and XenApp - both of which are sweet stuff if you need that sort of thing. XenServer being fully open source is cool because it creates a competitive environment for KVM, the native Linux virtualization solution. This competition will drive rapid adoption of technologies like PCI passthrough and partitioning of GPUs and coprocessors like Xeon Phi as well as other devices that seem to converge on what you seem to have meant to say. It will also promote technologies that pass user input back to the VM like voice, video and touch inputs, and support software defined networks. Everybody who possibly can will now integrate their devices with this.
This will of course spur Microsoft's Hyper-V team to redouble their efforts. VMWare will laugh and laugh until the joke's on them, but in the mean time they'll earn great profits.
/disclaimer: I work for a joint that plays with all these, but my opinion is my own. No stock in anybody but mutual funds. No benefit for me on any of these.
It will also promote technologies that pass user input back to the VM like voice, video and touch inputs, I can do all of that without dealing with the hypervisor as a middle man of any sort. Rather than using SPICE to a QXL video, I'd suggest the right answer would be a mechanism that works over IP to the hosted instance directly (e.g Xpra or RDP).
I also find PCI passthrough less interesting (it's too coarse grained) and technologies to more intelligently access GPU/Accelerator technology in a sane way more interesting. VirtualGL is a good example but doesn't include the facet of implementing that in a way a. And it was the best choice we ever made. Live migration is free (as in beer). And it runs its little heart out with no problems.
2 years now, 30 TB of files, 40 GB of mysql data, about 30 VMs on 4 hosts. Not one single problem. The only issue we've run into is getting fully paravirtualized FreeBSD.
It is a rather involved process. But once you have one VM you just copy it like a template.
And luckily ZFS On Linux is starting to be good enough so we don't have to really care about FreeBSD so much. Plain-vanilla Xen (not Xenserver) with DRBD (et al.) making instant failover is pretty awesome too. You fascist Nazi fuck! This is Slashdot. Learn to take the good with the bad. Being able to post AC is necessary regardless who abuses it.
Wait I have no problem free speach. But screaming RANCID ASSHOLE, COCK, ETC, ETC over and and over is just stupid and what the GP was posted had nothing to do with anything and I think it would be funny if everyone knew who he is since apparently he is so eager to post the same cut/paste message in every article. I'm not asking for him to be prosecuted or anything like that. I just want to know the time and IP address so I can track his identity down and post his picture and all these messages on facebook. Why do you believe that all homosexuals are pedophiles and in the closet? Is it because you're a pedophile and in the closet?
That would make sense - you can only imagine the world as you experience it. Maybe your were molested as a child.
Well, that's wrong and nobody should have to experience it. But you can break the chain, come out of the closet, and have normal homosexual relations with other adult men.
But I like the closet, It makes me feel warm and safe and I was trolling the troll Mr Anonymous Coward. You're not VMWare's target market. If you or any of your co-workers who handle Xen leave your company (or get hit by a bus/wiped out by vengeful spouses, etc.), how are they going to get support for Xen? All of a sudden your cheap IT budget explodes in one single incident, hiring someone (or paying through the nose for support) to rebuild/recover from scratch. Some businesses would basically tank at this point. While VMWare is pricey - I have yet to worry about any problems for the company I work for aris. You're not VMWare's target market.
If you or any of your co-workers who handle Xen leave your company (or get hit by a bus/wiped out by vengeful spouses, etc.), how are they going to get support for Xen? All of a sudden your cheap IT budget explodes in one single incident, hiring someone (or paying through the nose for support) to rebuild/recover from scratch. Some businesses would basically tank at this point. While VMWare is pricey - I have yet to worry about any problems for the company I work for arising from the few of us knowledgeable leaving. That is called responsible IT management.
VMWare support, in the few cases we have needed it, has been top notch. If I give notice tomorrow, vmware support will carry the company through any issues that would arise until they could bring someone else on board. You can't buy support for xenserver? Because that's what you're saying. Unless you actually work for vmware, because you know, nobody really uses the termp top notch unless they're writing from a script or just trolling. Vmware is just bullshit fleecing licensing.
Sorry dude, this is slashdot. You lost your epeen contest with the op when you admitted your organisation uses exchange and sql server. Would it be a good time to remind you that there aren't really any open source e-mail server products that are truly enterprise grade? Sendmail doesn't work so well, when you are required to allow users to keep 20 Gigabytes in their mailbox, Share calendars / Tasks; access mail on their iPhone or Android device, Spamassassin's spam filtering sucks even with Bayesian fil.
Despite what you're learned working with exchange, not all MTAs have be the same giant POS as your 'mailbox.' It's not MTA functionality. It is LDA functionality. Sendmail writes a flat file. This results in some limitations (1) The 'inbox' (mail spool file) cannot exceed 2GB. (2) Performance with monster sized mailboxes (very large number of mail messages) is extremely poor.
(3) In regards to open source mail clients and IMAP clients; nothing exists that scales satisfactorially. Definitely not P.
I think what you mean to say is the default MDA (or LDA) agent for sendmail writes a flat file. It looks a bit strange when you claim sendmail also has MDA duties. Unsure why you think a flat file cannot exceed 2GB. Of course, it's not optimal to have a mailbox file that big, but if you're running a mail system that deals with large mailboxes, you'd have switched to the Maildir format years ago. This also helps with mailboxes with a very large number of messages, or at least, it pushes the problem to the. Unsure what you mean by enforcing security policy. I'll give you some examples, with how this is achieved within an Exchange environment in a typical enterprise:.
Users outside the enterprise access their mail through Activesync or OWA (Outlook Web Access). These services are published to the internet by a Forefront UAG or TMG - smart card, or password and 2-factor access token are used for login via OWA, so this is secure. Activesync is the open standards-based protocol utilized with smart phones. Thanks for the clarification.
Some good information there, but still not as coherent as I'd like. Excellent points about the security policy. Other than Activesync also possible to use with open source software, I can't think of any equivalent ability for the other features you mention. I'm confused as to why you think OSS doesn't have adequate vertical scaling. Add more RAM, you can run more simultaneous connections. Add more/faster disks, you can fetch mail more quickly.
Add more CPU, and, well, it's j. We moved from Open-xchange (maildir, cyrus imap) to exchange 2010 a while back mostly for political reasons. Our email backups have become a nightmare. We can't backup exchange mailboxes while they're being replicated to our DR site - the exchange server blue-screens BY DESIGN to provent the mailstore from being corrupted. Thanks, Microsoft! After shutting dowen replication we have to backup the entire 200GB database as one blob, every time - this takes at least a couple of hours over the network. We can't backup exchange mailboxes while they're being replicated to our DR site - the exchange server blue-screens BY DESIGN to provent the mailstore from being corrupted.
It sounds like a possible storage sizing issue, or an issue with the way the replication has been put into place; it's not acceptable to block an Enterprise application's production I/O for DR operations: I wonder if your replication solution is freezing writes or using up all the disk IOPS. It is definitely possible to desig. Also, bitching because there's not an OSS platform that doesn't work with Windows proprietary solution doesn't mean that there's a problem with OSS. I am just disappointed that there is no OSS platform that is suitable, because I really want there to be. I would love for all the code required to implement Enterprise services to be open source, and for them to be scalable, proven, robust, self-maintaining, and not requiring ad-hoc script work and daily attention from highly experienced unix en. Would it be a good time to remind you that there aren't really any open source e-mail server products that are truly enterprise grade?
At least you didn't go so far as to try to defend MS SQL Server. Who mentioned OSS? The reason the MS unholy trinity of server services (by which I mean exchange, sql server and IIS) are immediately disqualified for me is that they all need a GUI based operating system. Something about that just makes me want to run screaming while waving my hands in the air. If you are doing anything serious (or even moreso if you aren't), you generally don't have the RAM to waste on a bloated operating system that has to start up and maintain a GUI whether you are using it or not.
So there is a bit of this RAM used to provide GUI functionality. It's worthwhile, because it means some maintenance tasks to junior staff whose skills for picking up CLIs are more limited; on the other hand, they can still be trained to manage the server, using remote management tools of course. There is practically no reason an administrator should be logging into the server and starting up a graphical console, since all administration tools can be installed on their workstation and used remotely.
In 2008, core install was introduced, which no longer includes a GUI for servers, and this is supported with SQL 2012 In Windows Server 2013; with some exceptions, the desktop experience is not required on servers, and generally, there will be no GUI. The success of a hypervisor should not be judged based on the perceived quality of the applications it has virtualized.
It is not a more meaningful feat to run MySQL in a hypervisor than it is to run MS SQL in a hypervisor. With MySQL there are fewer sizing hints, AND the operational metrics provided by the database engine are much sparser than the detailed instrumentation that MS SQL provides - with MS SQL, you get a heck of a lot better information about the performance and sizing. At least you didn't go so far as to try to defend MS SQL Server.
Who mentioned OSS? MS SQL server is the only backend supported by some applications, and some developers. Personally, I would favor Oracle, but getting anyone to agree to pay for it, is a problem. The fact of the matter is SQL server provides robust hitless failover clustering functionality. Postgres and MySQL do not provide this; although they are getting closer. They are worlds apart in terms of features, so it's not really fair to pick one or the other as a dilemma play, now is it?
Some application owners will demand MS SQL, and some will demand PostgreSQL, and that's OKAY. Think of it this way: how much unused memory is going to waste in a server that only hosts one instance of something? The answer is a whole lot, because application owners and novice sysadmins very frequently overestimate or intentionally overstate memory and CPU requirements, thinking more is always better. So rightsizing, requiring justification for resource allocation, and time spent tuning and studying possible $/Compute improvements are important parts of capacity management.
But page sharing. The Zimbra Open Source Edition is probably a very good choice. 99% of all companies don't need features then the open source edition. it supports large mailboxes very well. ( some of our employees have 21gb mailboxes, it still runs smooth ) - You can buy a plugin for encryption if you really need it.
Mail (IMAP), Calender (iCal) and adressbook (LDAP) sync is possible to almost any device. You can always get the commercial version if you need the extras.
I don't think you can remotely wipe your mail using an open source product but nowadays you might simply get any android of iphone device and use a wiping app. Maybe not as convenient but it works. Spamassasin can work very well ( it certainly does for us ) using external blocklists and distributed mail analysis services ( dcc, razor2 ) in addition to it's core filters. We added greylisting as well.
Backup Xen Server 6.2
Everything runs as part of the Amavis product. We don't use Bayesian filtering though. While good on paper we found it to be to unpredictable in real life. ( people reporting valid mailing lists as spam instead of unsubscribing, etc ) Instead we added around 15 additional custom spam filter lines over the years but that's it. Now all our spam is gone. We filter mail for over 1500 domains and our customers have never been happier. I managed a zimbra system some time back and it was OK, support was pretty good.
But it was all for the outlook plugins. Too much overhead otherwise (imo). Citadel is another good product. Still, when all is said and done, count me in as a fanboy of sendmail on a xenU; despite my peers always singing the praises of postfix.
I use it with selinux, the milters, razor, pyzor, dcc, clam, combined with a virtusertable that routes non-existant users to the pit: @some-domain.com error:nouser No such user here and req. Well for starters, ditch Sendmail, use Exim, and then implement DRBD with linux HA, Dovecot, and Perdition.
If by enterprise grade, you mean 'good enough for an ISP to use', then open source does just fine with a bit of tweaking and fine tuning. So spamassassin uses a lot of CPU? Have you seen the resources an exchange DAG requires?
Granted, exchange has a nice calendar system and the extra goodies that businesses want, but that's a real cost/benefit analysis given licensing and the amount of hardware you have. If by enterprise grade, you mean 'good enough for an ISP to use', then open source does just fine with a bit of tweaking and fine tuning.
I think by enterprise grade he means that it has the FEATURES the modern enterprise user expects. What is typical ISP mail? POP+IMAP with a couple hundred megabyte limits. No calendar/contact sync to my phone or desktop client.
No remote wipe of my phone. No Calender sharing, no global address book, no encryption, no certificate authentication. The email i get from an ISP. So spamassassin uses a lot of CPU? Have you seen the resources an exchange DAG requires? I have, and Spamassassin/Amavis is orders of magnitude more expensive CPU-wise. This is probably due to the very massive amount of spam being attempted, and the inability of RBLs and tools such as DCC and Vipul's razor to effectively divert them, before Spamassassin starts chugging away at massive concurrency.
All the more bothersome, when some domains want 'wildcard forwarding rules', so brute-force spam. I run in what I'd say is a small shop, we have 21 sites the smallest of which have two hosts 13 'guests' with 12TB of shared storage. Our average site has four hosts, 22 'guests' and 48TB of storage (almost ready to double those as they are nearly full). The two data centers each have 11 hosts, over 100 hosts (virtual sprawl I'll admit I'm losing count and that's a bad thing) and 120TB of storage each. For VMWare with that many nodes we were looking at hundreds of thousands of dollars that no one wanted.
AFL Artistic ASL 2.0 BSD BSD-like LGPL (v2+, v2.1, v2.1+, v3+, v2+ with linking exception, with linking exception) GPL (v2, v2+, v3, v3+, unspecified version, v2 with linking exception) OSL MIT (v1.1, unspecified version) OpenLDAP Zlib PSF That list also includes: Qlogic (link is to qlogic.com, but that's borked) Public Domain pubkey (artefact; refers to GPG keys for some reason) Proprietary Distributable Freeware I'm just a simple hyperchicken lawyer from Andromeda, but in my galaxy, proprietary licenses aren't 'open source' let alone Free software licenses. Same goes for freeware, public domain, etc. For the curious, the proprietary-licensed stuff includes software from Brocade Communications, Citrix Systems (!), Emulex, and QLogic. Yes, you may be a simple hyperchicken lawyer, but you have a good eye. The problem is that you don't know what you are looking.
All the proprietary stuff is licensed to Citrix, Brocade, or QLogic, and it is most likely firmware. Proprietary software can still be licensed for distribution, but firmware is very often closed source. It is unfortunate for those who want to get very low to the hardware, but in reality, very few people demand the source code for their BIOS, firmware, and other devices.
Indeed, many of the proprietary-licensed items are obviously firmware, but others are ambiguous: elxocmcore, conversion-plugin, brocade-bfautil, iscli, sm-closed, xenserver-transfer-vm, and xha, to be precise. Whether or not all the proprietary stuff is firmware, and whether anyone other than a 'purist' should care, Citrix still shouldn't say that XenServer is 'Fully Open Source' as they do in their press release because it isn't. As an aside, I wonder if they could get in trouble with the SEC for misleadin.
It's been a few years since Citrix started giving it away, free as in beer. They gave away what used to be called XenServer Enterprise functionality for free.
6'2 In Meters
What they don't include for free is:. 'Hot' snapshot (Snapshot a virtual machine including its online RAM/Memory status) - using VMware's hypervisor it's a free feature, Citrix makes you pay for it. Cluster-wide robust per-target resource Storage and Network 'QoS' functionality. High availability. Not included with XenServer free as in beer; Citrix provides it as an addon. Live migration of virtual machines between backend datastores (E.g.
Migration between SANs) without shutting the virtual machine down. DRS-Like Workload balancing. True memory overcommitment - you get a more limited technology, no transparent page sharing, no swapping via SSD RAM cache or page compression. Role-based access control and AD integration for login to Xen servers. Resource pools with servers having different CPU versions. (Enhanced 'VMotion' Compatibility).
No distributed power management. Alarms and e-mail notifications. Storage array offloaded cloning/copy/zero. No SR-IOV/GPU or other passthrough device support. I have to thank Citrix XenServer. My company, which runs a virtual datacentre environment in Australia, used to be 100% XenServer based until version 6.1 came out.
It was -so bad- and -so incredibly unreliable- and caused so many problems that I started looking around at alternatives. So technically, it's thanks to the terribleness that was XenServer 6.1 that we now run Hyper-V 2012 on all our servers and I am much happier.
I used to like XenServer up until v6 but I am much happier on Microsoft's offering. The most interesting thing about ganeti, IMHO, is the basically unlimited read speeds on inexpensive hardware, thanks to the way it operates with DRBD. With a SAN based solution (like almost all others virtualization solutions use) your disk I/O is limited to network speed, while even a single 7200RPM 1TB+ SATA drive can saturate a gigabit network.
A SAN with just a few hard drives should saturate a fairly expensive 10GbE port. Bonding several is possible, but gets expensive very fast. Assuming a low-end se.
Xen A hypervisor that provides the fundamental isolation between virtual machines. Xen is open source (GPLv2) and is managed by Xen.org, a cross-industry organization and a Linux Foundation Collaborative project. Xen is a component of many different products and projects. The hypervisor itself is very similar across all these projects, but the way that it is managed can be different, which can cause confusion if you're not clear which toolstack you are using.
Make sure you know what toolstack you want before you get started. Privileged and unprivileged domains A Xen host runs a number of virtual machines, VMs, or domains (the terms are synonymous on Xen). One of these is in charge of running the rest of the system, and is known as domain 0, or dom0. It is the first domain to boot after Xen, and owns the storage and networking hardware, the device drivers, and the primary control software.
Any other VM is unprivileged, and is known as a domU or guest. All customer VMs are unprivileged, but you should note that on Xen, the OpenStack Compute service ( nova-compute) also runs in a domU. This gives a level of security isolation between the privileged system software and the OpenStack software (much of which is customer-facing). This architecture is described in more detail later. Paravirtualized versus hardware virtualized domains A Xen virtual machine can be paravirtualized (PV) or hardware virtualized (HVM). This refers to the interaction between Xen, domain 0, and the guest VM's kernel.
PV guests are aware of the fact that they are virtualized and will co-operate with Xen and domain 0; this gives them better performance characteristics. HVM guests are not aware of their environment, and the hardware has to pretend that they are running on an unvirtualized machine. HVM guests do not need to modify the guest operating system, which is essential when running Windows.
In OpenStack, customer VMs may run in either PV or HVM mode. However, the OpenStack domU (that's the one running nova-compute) must be running in PV mode.
Management network: RabbitMQ, MySQL, inter-host communication, and compute-XAPI communication. Please note that the VM images are downloaded by the XenAPI plug-ins, so make sure that the OpenStack Image Service is accessible through this network.
It usually means binding those services to the management interface. Tenant network: controlled by nova-network, this is used for tenant traffic. Public network: floating IPs, public API endpoints. The networks shown here must be connected to the corresponding physical networks within the data center.
In the simplest case, three individual physical network cards could be used. It is also possible to use VLANs to separate these networks.
Please note, that the selected configuration must be in line with the networking model selected for the cloud. (In case of VLAN networking, the physical channels have to be able to forward the tagged traffic.). When you use a XAPI managed hypervisor, you can install a Python script (or any executable) on the host side, and execute that through XenAPI. These scripts are called plug-ins. The OpenStack related XAPI plug-ins live in OpenStack Compute's code repository. These plug-ins have to be copied to dom0's filesystem, to the appropriate directory, where XAPI can find them. It is important to ensure that the version of the plug-ins are in line with the OpenStack Compute installation you are using.
The plugins should typically be copied from the Nova installation running in the Compute's DomU, but if you want to download the latest version the following procedure can be used. Create temporary files/directories: $ NOVAZIPBALL=$(mktemp) $ NOVASOURCES=$(mktemp -d). Get the source from GitHub.
The example assumes the master branch is used, and the XenServer host is accessible as xenserver. Match those parameters to your setup. $ NOVAURL=$ wget -qO '$NOVAZIPBALL' '$NOVAURL' $ unzip '$NOVAZIPBALL' -d '$NOVASOURCES'. Copy the plug-ins to the hypervisor: $ PLUGINPATH=$(find $NOVASOURCES -path './xapi.d/plugins' -type d -print) $ tar -czf - -C '$PLUGINPATH'./ ssh root@xenserver tar -xozf - -C /etc/xapi.d/plugins/. Remove temporary files/directories: $ rm '$NOVAZIPBALL' $ rm -rf '$NOVASOURCES'.
Prepare for AMI type images To support AMI type images in your OpenStack installation, you must create the /boot/guest directory on dom0. One of the OpenStack XAPI plugins will extract the kernel and ramdisk from AKI and ARI images and put them to that directory. OpenStack maintains the contents of this directory and its size should not increase during normal operation. However, in case of power failures or accidental shutdowns, some files might be left over. To prevent these files from filling up dom0's filesystem, set up this directory as a symlink that points to a subdirectory of the local SR. Run these commands in dom0 to achieve this setup: # LOCALSR=$(xe sr-list name-label='Local storage' -minimal) # LOCALPATH='/var/run/sr-mount/$LOCALSR/os-guest-kernels' # mkdir -p '$LOCALPATH' # ln -s '$LOCALPATH' /boot/guest.
Establish a root trust between all hypervisor nodes of your deployment: To do so, generate an ssh key-pair with the ssh-keygen command. Ensure that each of your dom0's authorizedkeys file (located in /root/.ssh/authorizedkeys) contains the public key fingerprint (located in /root/.ssh/idrsa.pub).
Provide a /images mount point to the dom0 for your hypervisor: dom0 space is at a premium so creating a directory in dom0 is potentially dangerous and likely to fail especially when you resize large servers. The least you can do is to symlink /images to your local storage SR. The following instructions work for an English-based installation of XenServer and in the case of ext3-based SR (with which the resize functionality is known to work correctly). # LOCALSR=$(xe sr-list name-label='Local storage' -minimal) # IMGDIR='/var/run/sr-mount/$LOCALSR/images' # mkdir -p '$IMGDIR' # ln -s '$IMGDIR' /images. The following section discusses some commonly changed options when using the XenAPI driver.
The table below provides a complete reference of all configuration options available for configuring XAPI with OpenStack. The recommended way to use XAPI with OpenStack is through the XenAPI driver. To enable the XenAPI driver, add the following configuration options to /etc/nova/nova.conf and restart OpenStack Compute: computedriver = xenapi.XenAPIDriver xenserver connectionurl = yourxenapimanagementipaddress connectionusername = root connectionpassword = yourpassword These connection details are used by OpenStack Compute service to contact your hypervisor and are the same details you use to connect XenCenter, the XenServer management console, to your XenServer node. Agent The agent is a piece of software that runs on the instances, and communicates with OpenStack. In case of the XenAPI driver, the agent communicates with OpenStack through XenStore (see for more information on XenStore).
If you don't have the guest agent on your VMs, it takes a long time for OpenStack Compute to detect that the VM has successfully started. Generally a large timeout is required for Windows instances, but you may want to adjust: agentversiontimeout within the xenserver section.