To Achieve True Cloud (X/Z)en, One Must Leverage Introspection
Back in October 2008, I wrote a post detailing efforts around the Xen community to create a standard security introspection API (Xen.Org Launches Community Project To Bring VM Introspection to Xen
The Xen Introspection Project is a community effort within Xen.org to leverage the existing research presented above with other work not yet public to create a standard API specification and methodology for virtual machine introspection.
That blog was focused on introspection for virtualization proper but since many of the larger cloud providers utilize Xen virtualization as an underpinning of their service architecture and as an industry we’re suffering from a lack of visibility and deployable security capabilities, the relevance of VM and VMM introspection to cloud computing is quite relevant.
I thought I’d double around and see where we are.
It looks as though there’s been quite a bit of recent activity from the folks at Georgia Tech (XenAccess Project) and the University of Alaska at Fairbanks (Virtual Introspection for Xen) referenced in my previous blog. The vCloud API proffered via the DMTF seems to also leverage (at least some of) the VMsafe API capabilities present in VMware‘s vSphere virtualization platform.
While details are, for obvious reasons sketchy, I am encouraged in speaking to representatives from a few cloud providers who are keenly interested in including these capabilities in their offerings. Wouldn’t that be cool?
Adoption and inclusion of introspection capabilities will overcome some of the inherent security and visibility limitations we face in highly-virtualized multi-tenant environments due to networking constraints for integrating security functionality that I wrote about here.
I plan a follow-on blog in more detail once I finish some interviews.
Related articles by Zemanta
- Where Are the Network Virtual Appliances? Hobbled By the Virtual Network, That’s Where… (rationalsurvivability.com)
- The Cloud & eHarmony’s 29 Dimensions Of Compatability… (rationalsurvivability.com)
- Incomplete Thought: Virtual Machines Are the Problem, Not the Solution… (rationalsurvivability.com)
- Variety & Darwinism In Solutions Is Innovation, In Standards It’s A War? (rationalsurvivability.com)
- Silent Lucidity: IaaS – Already A Dinosaur? The Evolution of PaaSasaurus Rex… (rationalsurvivability.com)
- Incomplete Thought: Storage In the Cloud: Winds From the ATMOS(fear) (rationalsurvivability.com)
- Redux: Patching the Cloud (rationalsurvivability.com)
- Cloud: Security Doesn’t Matter (Or, In Cloud, Nobody Can Hear You Scream) (rationalsurvivability.com)
- The Emotion of VMotion… (rationalsurvivability.com)
- Standards-Based Virtualization: Critical To The Future Of Cloud Computing (techcrunchit.com)
- VMware cloud initiative raises vendor lock-in concerns (infoworld.com)
- Where Are the Network Virtual Appliances? (gigaom.com)
- Is Virtualization Magic? (And Other Questions Your Manager May Ask) (readwriteweb.com)
- A Fluid Network is the Result of Collaboration Not Virtualization (devcentral.f5.com)
- The Road To Open Federated Clouds: Xen, VMware And More (cloudave.com)