Xen security issue prompts Amazon, Rackspace cloud reboots

Amazon Web Services and Rackspace are warning their customers of upcoming reboots they’re taking to address a new Xen hypervisor security issue.

In a premium support bulletin issued Thursday night, Amazon said fewer than 10 percent of all EC2 instances will require work but the affected instances must be updated by March 10. [company]Rackspace[/company] also notified customers of the issue, which will affect a subset of a portion of its First and Next Generation Cloud Servers, Thursday night. Later on Friday, Linode also warned users of an upcoming Xen-related reboot.

If you’re sensing a little bit of deja vu, it’s because the major cloud players were forced to reboot a bunch of their customers in September due to a Xen hypervisor issue, although the reason for the updates was not disclosed at first. Last time out, AWS also said 10 percent of its EC2 instances were affected.

Cloud vendors impacted by these security issues tread a tricky path. They have to address the vulnerability as fast as possible before the details of the flaw are made public, which can lead to a bit of a fire drill. In this case, more information about the flaw will be disclosed March 10.

In September, [company]Amazon[/company] was first out of the chute with notifications, followed by Rackspace and then IBM Softlayer made its disclosures the following week.

Note: This story was updated at 3:49 p.m. PST to note that Linode is also performing system updates.

The enterprise view of cloud, specifically Private Cloud, is confusing

Enterprise organizations are actively looking for ways to leverage cloud computing. Cloud presents the single-largest opportunity for CIOs and the organizations they lead. The move to cloud is often part of a larger strategy for the CIO moving to a consumption-first paradigm. As the CIO charts a path to cloud along the cloud spectrum, Private Cloud provides a significant opportunity.

Adoption of private cloud infrastructure is anemic at best. Looking deeper into the problem, the reason becomes painfully clear. The marketplace is heavily fractured and quite confusing even to the sophisticated enterprise buyer. After reading this post, one could question the feasibility of private cloud. The purpose of this post is not to present a case to avoid private cloud, but rather expose the challenges to adoption to help build awareness towards solving the issues.

Problem statement

Most enterprises have a varied strategy with cloud adoption. Generally there are two categories of applications and services:

  1. Existing enterprise applications: These may include legacy and custom applications. The vast majority was never designed for virtualization let alone cloud. Even if there is an interest to move to cloud, the cost and risk to move (read: re-write) these applications to cloud is extreme.
  2. Greenfield development: New applications or those modified to support cloud-based architectures. Within the enterprise, greenfield development represents a small percentage compared with existing applications. On the other hand, web-scale and startup organizations are able to leverage almost 100% greenfield development.

 

Private Cloud Market Mismatch


 The disconnect is that most cloud solutions in the market today suit greenfield development, but not existing enterprise applications. Ironically, from a marketing perspective, most of the marketing buzz today is geared toward solutions that service the greenfield development leaving existing enterprise applications in the dust.

Driving focus to private cloud

For the average enterprise organization, they are faced with a cloud conundrum. Cloud, theoretically, is a major opportunity for enterprise applications. Yet the private cloud solutions are a mismatched potpourri of offerings, which make it difficult to compare. In addition, private cloud may take different forms.

 

Private Cloud Models

 

Keep in mind that within the overall cloud spectrum, this is only private cloud. At the edges of private cloud, colocation and public cloud present a whole new set of criteria to consider.

Within the private cloud models, it would be easy if the only criteria were compute, storage and network requirements. The reality is that a myriad of other factors are the true differentiators.

The hypervisor and OpenStack phenomenon

The defacto hypervisor in enterprises today is VMware. Not every provider supports VMware. Private cloud providers may support VMware along with other hypervisors such as Hyper-V, KVM and Zen. Yes, it is possible to move enterprise workloads from one hypervisor to another. That is not the problem. The problem is the amount of work required to address the intricacies of the existing environment. Unwinding the ball of yarn is not a trivial task and presents yet another hurdle. On the flipside, there are advantages to leveraging other hypervisors + OpenStack.

Looking beyond the surface of selection criteria

There are about a dozen different criteria that often show up when evaluating providers. Of those, hypervisor, architecture, location, ecosystem and pricing models are just some of the top-line criteria.

In order to truly evaluate providers, one must delve further into the details of each to understand the nuances of each component. It is those details that can make the difference between success and failure. And each nuance is unique to the specific provider. As someone recent stated, “Each provider is like a snowflake.” No two are alike.

The large company problem

Compounding the problem is a wide field of providers trying to capture a slice of the overall pie. Even large, incumbent companies are failing miserably to deliver private cloud solutions. There are a number of reasons companies are failing.

Time to go!

With all of these reasons, one may choose to hold off considering private cloud solutions. That would be a mistake. Sure, there are a number of challenges to adopting private cloud solutions today. Yes, the marketplace is highly fractured and confusing. However, with work comes reward.

The more enterprise applications and services move to private cloud solutions, the more opportunities open for the CIO. The move to private cloud does not circumvent alternatives from public cloud and SaaS-based solutions. It does, however, help provide greater agility and focus for the IT organization compared to traditional infrastructure solutions.

Pluribus Networks gets $50M to route traffic in the data center

Pluribus Networks, a software-defined networking (SDN) startup, wants to make a case for virtualizing the functions of the switch, and it landed a $50 million series D investment round to help do so, the company said Wednesday. The startup now has $95 million in total funding.

At the core of Pluribus Networks’s technology is its network hypervisor called Netvisor, which acts as a distributed operating system that spans multiple switches throughout the data center. With Netvisor installed in a company’s data center, users can coordinate network traffic by using Netvisor to tether together all of the switch hardware devices and enable the switches to be understood as one big device.

“Every switch literally shares the state and configuration with each other,” said Pluribus Networks founder and CTO Sunay Tripathi.

It’s sort of parallel to what some software defined storage startups like Primary Data are doing. Many of these startups tout technology that links the various storage arrays in a data center so they can be read as one big device that can be configured to better accommodate the needs of an application.

Tripathi said that his startup is different from other SDN startups and those who follow the OpenFlow SDN standard in that while these entities have followed the promise of SDN by “separating the data plane from the control plane,” Pluribus Networks believes that the centralized SDN controller should not be separate from the switch, explained Tripathi.

Pluribus Networks diagram

Pluribus Networks diagram

OpenStack users should be able to connect the OpenStack controller with the Netvisor hypervisor so that when the OpenStack controller calls for the overall system to create a virtual load balancer or similar virtual appliance, “all of that gets extenuated on the switch hypervisors,” he said.

Pluribus Networks also sells hardware appliances in addition to its network hypervisor, but it derives a significant portion of its revenue from the applications it sells on top of its hypervisor that gives users analytics, security and monitoring capabilities through all the networking information that the hypervisor captures.

“These are areas where people don’t mind paying good money,” Tripathi said.

The Palo Alto startups counts [company]Tibco[/company], CloudFlare and Lucera as customers.

Temasek Holdings, a Singapore-based investment company, drove this new founding round along with Ericsson and Newtech along with previous investors New Enterprise Associates, Menlo Ventures, Mohr Davidow Ventures and AME Cloud Ventures.

Primary Data brings Woz aboard and talks virtualized storage

Storage startup Primary Data is ready to demo its technology to potential customers looking to improve their existing data-center storage setup. The startup also said today that Apple co-founder Steve Wozniak is now Primary Data’s chief scientist; as part of Wozniak’s new gig, he will be helping the company build out its technology and advocate for the company as it courts clients.

Well played, EMC.

EMC might be smarter than we thought it was. If it handles the rumored spin-out and the Maritz-Gelsinger transition well, the companies under its banner could do great things. Of course, there are a lot of moving parts here and the transition won’t be easy.

Meet Nicira. Yes, people will call it the VMware of networking

Nicira, the networking startup that is not so stealthy but seriously hot, is ready to tell the world what it offers and who is buying its software. The list of customers is impressive. Nicira’s Network Virtualization Platform is used at eBay, NTT, AT&T, Fidelity Investments and Rackspace.

Hypervisor bout rages on, no end in sight

Surprise! The hypervisor battle rages anew and is in fact getting more heated as VMware tries to push vSphere (not just the free ESXi hypervisor) to customers and Microsoft vies to win market share and credibility for Hyper-V.

Look, it’s VMware’s mobile play!

VMware, long synonymous with servers, today began its encroachment into mobile devices with a new product and two new projects aimed at getting enterprise access onto mobile phones and tablets. The products offer consumer-like web services while giving corporations control over access.

4 trends to watch for at VMworld

In our cloudy times, VMware is a barometer for IT, and VMworld is what CES is to the consumer electronics industry. So check out what this week’s hoopla in Las Vegas is telling us about enterprise IT and the cloud.