|
||
|
||
|
|
|
|
|
|
|||
|
|
|
|
|
|||
|
|
|
|
Interview conducted by Brian Gammage on 2 May 2008, in Cambridge, U.K.
Virtualization as the Platform for Cloud Computing Brian Gammage: This year, there's a new buzzword – 'cloud computing.' In recent years, it's been 'virtualization.' Your work into virtualization was initially targeted at supporting cloud computing implementations. How do you describe the link between these two trends? Ian Pratt: We got involved in this idea [of virtualization] in 1999, long before the term 'cloud computing' had been coined. We had this project at the University called the XenoServers Project, looking at how to turn computing into a service in a way that would enable people to deploy applications onto serviced machines that might be distributed around the world. We looked at how to provide the necessary security and isolation, so perhaps the Coca-Cola Company could be using half of a machine and PepsiCo could be using the other half, and for them both to be happy about the arrangement. The other key issue we were looking at was the location of the computing resource. The fundamental limit of the speed of light comes into play when determining how long it takes to communicate between two places. For modern computers, the speed of light isn't really fast enough – it gets in the way quite frequently. You have to mitigate that problem by moving computation around; the XenoServers Project looked at how you could make that happen. We had this vision of what we wanted to do to turn computing into a service, so people could buy fine-grained slices of a computer or large aggregates and be able to choose where in the network that computation was located. Also, [we wanted] to record accurately the amount of resources that were used and then bill people appropriately. Certainly, in 1999, that was a novel idea, so we set off looking at how we'd actually build such a system. It became pretty clear to us early on that having some kind of virtualization, or a hypervisor, to enable the machine to be securely partitioned and divided was going to be the best way to achieve that. So we got interested in virtualization. We looked around at what technology was available at the time. There was very little available for commodity x86 machines, and the techniques that were being used were painfully slow. You'd lose an awful lot of the native performance of the machine in running virtualization software, and we thought we could do better. We were also unconvinced about the isolation that existing solutions achieved. It's very important that you've got both – what we call spatial and temporal isolation. Spatial isolation is when you're convinced that you can't steal data belonging to some other user of the machine. You need temporal isolation, because if you're charging people for resources, then you want to ensure that if you give them a guarantee they're going to get so much resource, they actually will get it and that you've accounted for it appropriately. We realized the only solution was to build our own hypervisor, and that's when the work on Xen started. That work proceeded for a couple of years; we had some prototypes, which we started giving to friends, family and other folk in academia to play with. It was soon clear that this was interesting and that people were putting it to some real-world use. So we decided to release it under the GPL (General Public License) and open source, and we thought it might be a good way of getting the code out there and to create a community around Xen. The rest is history. We've progressed to the community we have today with many of the biggest vendors in the industry involved and many contributors to the project. But early on, even back in the days of Xen v.2, around 2003, some of the very early adopters were hosting companies that liked the idea that they could 'divide up' a single physical machine. Rather than selling a whole physical machine to a given user, they could run virtualization software on it and chop it up, perhaps into 10 virtual machines, and then sell those virtual machines as dedicated virtual servers. Then, one of the features that we added to Xen was the ability to transfer the location of virtual machines between different physical machines. The hosting companies loved this because it meant they could support more users from the same hardware by dynamically moving virtual machines around to balance the load. If you had a few users making heavy use of their virtual machines on one server, then you could arrange to move them to different physical servers and then rebalance that over time. Rather than selling your server capacity to (say) 100 users, this extra "statistical multiplexing game" would mean you could sell it to 200 users. As a result, these companies had a pretty good business, and they were always big supporters of Xen. That was certainly a forerunner for some of these cloud computing ideas. Another relatively early adopter of Xen was Amazon.com. It started using Xen in-house quite a bit for various projects, and so started thinking about how to build a service on top of that. That's where Amazon's whole elastic compute cloud service came from – much of that work is modeled on the work we did on XenoServers. We think XenoServers are still some way ahead of the curve, but you can look at that as a road map or a blueprint for how cloud computing services will evolve. The Promise of Cloud Computing Gammage: How real is the vision of cloud computing for the average organization today? Are we set to see a mass migration of IT functions toward external suppliers? Pratt: These things never happen as the people who are selling them propose, but I think there will be a movement over time. There are already plenty of startups whose entire IT infrastructure is cloud hosted and so they don't have any physical infrastructures. Clearly, companies such as Amazon are providing a service that is useful. But it's a far bigger deal to take things that are working and running well in a data center and then try to push them out into the cloud. There are obviously going to be a lot of concerns around security, and you have to do a good job of convincing people that you're going to look after their data in a secure fashion. I think the clouds that we have today are capable of evolving to do that. We have hypervisors. We know how to do a lot of these things, and I think that kind of strong isolation will evolve and be built into these cloud computing farms over time so they can provide those kind of guarantees: You can really create virtual data centers within a cloud and have confidence your data is being looked after, both when it's on disk and flying across the network, as well as when it's actually sitting in memory. Gammage: Will this be a five-year transition, a 10-year transition or longer? Pratt: Some companies will be more aggressive than others at deploying it, and it's possible that some people will always want to have their own data centers. There will be certain things that get moved into the cloud first, particularly things that are less sensitive. A lot of companies, for example, don't run their own Web sites; they rely on a hosting provider to do that. If it's a sophisticated Web site that has some back-end processing and so forth, then it typically couldn't have been done with a hosting provider today. This is the classic sort of work you could move out into a cloud fairly easily. I expect to see that kind of application moving out first, particularly as there are real advantages to having work like that in the cloud – in part, because the chances are that a company such as Amazon has been able to negotiate much better than any individual enterprise for the bandwidth it's going to get into that data center and the costs associated with that. Gammage: There are clear benefits in terms of industrialization and the exploitation of standardization to gain economy of scale. Are there other motivations? Pratt: So far, virtualization has been a consolidation story, and people understand its benefits; but I certainly see a day, perhaps not too far in the future, when all workloads will run virtualized. Once you're running a hypervisor on every machine, with the flexibility and control that gives you, plus the ability to encapsulate everything, then moving to the point where you no longer own the hardware and you're pushing out into the cloud may actually be quite a smooth transition. I could imagine tools where you would have a workload in production that needs patching, so you move it into a virtualized lab environment, apply the patch, test it, move it onto a production server and then use the same tool to move that machine out into the cloud. And you'd be managing those machines out in the cloud much as you would manage machines in your data center. Gammage: Technically, it seems fairly close. However, is our culture of IT security and risk management suited to deal with this kind of externalization? Pratt: I think the security aspect is paramount. Applications that handle sensitive corporate data will be the last to move into the cloud, and some never will. In the long-term it probably would, once the infrastructure is in place where people have that confidence; but it's certainly not going to be those applications that move first. Cloud Computing Today Gammage: If I'm a CIO, then should I be looking to move functions out to the cloud now or next year? Or should I sit back and watch? Pratt: I think we're in the pilot phase. Many CIOs can identify applications that are candidates now, particularly applications that are external network-facing – where the point of the application is to communicate with customers or partners. Those are the kinds of things that probably make sense to move out first, or to look at moving out because the end-user experience will actually be better as a result. It's a process, just as with virtualization. There were certain applications that people picked first, but you still have databases and things like that running on their networks. I think it will remain like that. At least it's still within your own data center. It's a leap of faith to push this out to the cloud. Although I believe it will happen eventually, it's going to take time. I think we're talking a decade. One of the analogies being used by various folks is power generation. A lot of people had their own generators for a long time and there are still reasons to have your own generator for backup so as not to rely on the grid. Ultimately, it's cheaper, makes more sense and is more reliable to use the grid than to have your own generator in most cases. Gammage: In addition to economies of scale, what are other drivers toward cloud computing? Pratt: There are a few fundamental factors that come into play. The security aspects and things such as that all need to be dealt with. But at the end of the day, you've also got the speed of light – the amount of time it takes to pass a message to a machine on the other side of the world, get a result and then get that message back. That plays in various ways. It may mean co-locating functions, which is essential to get the necessary performance, and that may mean you have to run them all on the same cloud. Or, if you're interacting with databases and services provided by partners, customer and so on, then you may need to get closer to the people you're interacting with. That might push you more toward a cloud model. Gammage: Are you suggesting that there's a critical mass point when you've externalized a certain amount you'll benefit from externalizing even more? Pratt: Yes. Virtualization Technology: Beyond Server Consolidation Gammage: Virtualization is currently used to get expensive equipment to do more – to increase utilization. Is that really all virtualization gives us? Pratt: That was certainly a benefit of first-generation virtualization, and the process of server consolidation has been quite a key driver until now – as faster hardware comes along, taking existing servers, retiring the hardware and moving the images onto a single machine. I think that we're entering a more-interesting phase of virtualization, where people are doing it as a matter of course – not just for consolidation, but as a strategic way of building their data centers. They get the benefits of improved manageability, the ability to move images onto any machine, not having to worry about hardware compatibility and so forth. Also, the ability to dynamically balance workloads by making use of live relocation and moving virtual machines between different physical servers are other benefits. The story is moving from consolidation to being just the way that you run your data center. Certainly our vision is that, ultimately, all machines will have a hypervisor on them, installed by the factory and it just will be part of the platform. That's how it was in the days of the mainframe and, I think, how it will be in the future. From a management point of view, having the ability to move workloads around, to enable some physical machines to be powered-down, bringing them up again and distributing workloads across them is certainly a far-more-efficient way of running a data center. And it's definitely a step toward being able to then outsource some of those physical computing functions, and perhaps make use of the cloud in the future. Gammage: Environmental and green concerns have moved quickly up the IT organization's agenda, and virtualization is often touted as a 'green' technology because it helps to consolidate workloads onto fewer servers. Is that a fair assessment or is it just marketing spin? Pratt: If you switch off 20 old servers and replace them with one new server, then you won't get a 20-to-1 reduction in power, but you'll probably get a good factor of five in there, maybe more. New processors probably do consume more power, but there's still a lot of hardware you're switching off – all the disks in those machines and the power supplies that generate a lot of heat and so forth. So, there are definite savings from a consolidation point of view. If you're using virtualization as part of the fabric of your data center, then you're getting the ability to dynamically change where you run workloads and to consolidate them on given machines, to move them around as the demand from applications changes. This gives you the ability to dynamically power up and power down physical servers, so you'll certainly get power savings. There are all sorts of applications that need to run 24/7. But when the load on them is lower, you can start moving them to a smaller number of servers and then power-down the servers that have no virtual machines running on them. There are various tricks that the hardware does to dynamically adjust how much power it consumes, but the savings are small compared to physically turning the machine off – that's what virtualization enables you to do. Gammage: Is it a fair description of the promise of virtualization to say that by modularizing computing functions and standardizing the way the modules fit together we gain portability? Pratt: I would say so. I don't know if I'd use the word modularization. I'd use 'encapsulation' or 'isolation.' But it's definitely putting things in a container and then enabling you to move the container around easily. As a result, the system is more modular. You haven't got an operating system tied to a physical server anymore; instead, you've got flexibility in moving that around. Gammage: How do you think virtualization will impact the function of the IT organization? The Broader Implications of Virtualization Pratt: First, it will certainly improve the ratios and the number of given things that can be managed on a given system administrator, because you've simplified some of the problems. They will not have to worry about as many physical servers or about the failure of components and so forth. Also, having a single image that can be deployed on any of these physical servers because of the virtual machine encapsulation means not having to maintain separate images for all the brands of servers you might have in your organization. So there's a lot of simplification. One of the big areas we (the industry) are working on is how to reduce the amount of labor you need to manage a given number of applications. You can take a 'gold' operating system image and then inject applications into it, then perhaps inject configuration and personality for those applications to synthesize a complete virtual machine image that then gets deployed to a machine. It means there's only one image you're worrying about applying operating system patches to, and so everything gets constructed from that in an automated fashion. That will certainly reduce the labor required to keep applications running. At the end of the day, the function of the IT department is to provide applications to the various users. Users don't want to worry about operating systems and physical servers – a hassle that today the IT department must worry about to be able to deliver the applications. Gammage: Are we talking about a savings in IT head count, or just shifting people around to new skills and functions? Pratt: I certainly think it's going to result in an overall reduction [in head count], quite significantly, particularly as the tools get more sophisticated and reduce the number of things that you have to manage – that is the real trick. The fact that you've managed to get 20 operating system images running on a single machine helps reduce the number of physical machines you have. But if those 20 virtual machines are just as hard to administer and manage as they were when they were running on physical hardware, then you haven't achieved very much. That's the next step – taking advantage of the fact that you haven't got to worry about different hardware versions and so on. You need to pursue the dynamic synthesis of those images by combining the operating system, applications and configuration dynamically and just in time to create the image that is then run as a virtual machine. Gammage: It sounds as though we need new skills to exploit this technology successfully and achieve reductions in cost. Are those skills readily available? Pratt: The tools are being created to make it easier to manage the technology. There are organizations that do this kind of work today. They've built practices for how they take gold images, how they patch them, add applications and deploy them. I think that to make that accessible to a broader part of the market, you've got to wait for the various tools to come along. I think you're going to see that in the not-too-distant future. Changing the IT Industry Gammage: Virtualization changes the role and function of some software components. If it is set to be something that comes in the box, then does that have broader implications for the IT industry? Pratt: Well, I think the role of the operating system will evolve over time. It's certainly the case in a virtualized world that the barrier to entry for new or specialized operating systems is reduced because they don't have to worry about hardware compatibility and so forth. One of the things you will see is application vendors looking to specialize the stack they are selling, perhaps to include an operating system dedicated – or at least tuned – to that particular application. On a simplistic level, that might just be to throw out the various functions that you don't need, but we'll also see people porting applications to run on bare metal hypervisors. For example, we've seen the work Sun Microsystems has done – at least at the prototype stage – of getting things such as a JVM (Java Virtual Machine) running natively on a hypervisor. We've also seen work done on getting Web servers working on native hardware. You'll certainly see vendors tuning the operating system to better service their applications. Database vendors are bound to want to make changes to the operating system to better run their databases. Perhaps they wouldn't have done that before virtualization because of the burden to support all the different hardware platforms and for certification reasons. That work is being done by the hypervisor. Now that vendors have this uniform interface they can work to, I think we could see much more of a golden age of operating system diversity rather than a monoculture – or the small number of mainstream operating systems that exist today. Gammage: By shifting the center of power from the operating system into the virtualization software, isn't there a risk that we will replace one type of dynasty with another? Pratt: It's perhaps more about putting power back in the hands of the application vendors. They had to port their applications to a number of different operating systems, and that meant doing multiple certifications. Now, they can just pick a given operating system or even write their own and do that work once, knowing the operating system will work when deployed on the hypervisor. I see the hypervisor as part of the platform – a component that will ship with the hardware, running from flash, much as the various embedded editions of XenServer and VMware do today. I think that the application vendors are certainly in a good position because, in the end, the applications are what people care about. From a user's point of view, having to install an application and an operating system to run it on means just another thing for them to worry about patching and maintaining. By putting the application and the operating system in one box, you solve a lot of those problems. The Future Role of the Operating System Gammage: Is the operating system set to become less important? Pratt: The key sticky thing about operating systems is the API (application programming interface) they export to applications is a very broad and complex API that requires a lot of machinery behind the line to actually implement. Getting application vendors to write to new APIs, and hence binary interfaces, is a very slow process. I'm sure that current operating systems will be around for an awfully long time, just as the x86 processor architecture is. Operating system vendors have to look at making use of techniques such as virtualization to free themselves of having to support older applications in the same manner. I think you'll see people using virtualization as a way of supporting legacy systems and then building new APIs that are better suited to applications from this point on, particularly when you start looking at software as a service (SaaS). The kinds of interfaces, Web services and changes in security, when imposing SaaS on many older applications, will be very difficult. Wrapping them up and running them in a virtualized context seems to be a good way of going about this. You'll see more modularity in the way operating systems are constructed. Software Licensing: What is being measured? Gammage: Thanks in part to virtualization, it no longer seems clear how we should be measuring what we pay for with software. Something has to change. How do you see this evolving? Pratt: One way would be to use a metered model and usage-based charging. That's a long way removed from the arguments we've had over the last five years around whether licensing should be per machine, per socket, per core or per logical CPU. And there's a big gulf in moving from there to a usage-based charging model. But there are all sorts of conundrums created by a physical licensing model when applied in a virtualized context. If you've got multiple applications sharing the same physical CPU, because you're running a hypervisor, then should you be paying for one nth of a core for each of those, or should you be paying the full price for each of them? Similarly, when you have a virtual machine suspended to disk, should you be paying for them? What about things such as gold templates, which never even get run but are instances of the operating system stored on disk? The whole area is quite complex. The industry is moving in the right direction, but it's taking time. Microsoft is certainly heading in the right direction regarding simplifying the licensing model, but the application vendors have some catching up to do. The ultimate place where we will end up will likely be some sort of usage-based charging, but I don't think we're going to get there overnight. Most application vendors see that virtualization is important. For any given application, their customers are bound to be running it in a virtualized environment somewhere, and so they are thinking through how to change their licensing policies to reflect that. That's contractual work, and things involving lawyers are usually the slowest moving part of any business. Gammage: Most organizations have a fixed budget and want predictability in cost. Do you expect to see an extension of enterprise-type agreements as well? Pratt: There are usage-based models that aren't so unpredictable, where you make some sort of prediction of the amount that you're actually going to use, agree on an amount upfront, and then look at what happens three months later and adjust. I think those sorts of models will happen before true usage-based ones come up. Someone will come up with arbitrage that enables that sort of model. Gammage: Do you think these kinds of licensing models will be critical to the pricing of cloud-type services as well? Pratt: Absolutely. There's interest in having the licenses owned by the cloud operator rather than by the end users, enabling licenses to be used to supply services to different customers and then multiplexing that over time. These sorts of things are only happening because the application vendors are behind in their thinking, but these tricks will probably go away when they actually come up with sensible models. Gammage: You've suggested a couple of times that virtualization is set to become a default – that we won't be deciding to virtualize, it will just be done. When we arrive at that point, do you think we'll still be using the word virtualization? Or is this a word we're ultimately destined to retire from the vocabulary? Pratt: I certainly don't see virtualization as a thing people worry about. It's a technology, not something that people want to think about on its own. It's just a part of delivering an application to users, which is the top line thing an IT department wants to do. We won't be worrying about what hypervisor is underneath the covers, or even worrying about the virtualization stack. It will just be ubiquitous. Probably, people will forget the days when we never had a hypervisor, it will just be part of the fabric. Gammage: Ian, thank you very much.  |
|
|
||||||||||||||
|
||||||||||||||||||||
|
