SlideShare a Scribd company logo

Design Summit - Smart State Analysis, aka VM Fleecing - Rich Oliveri

Download as ODP, PDF
ManageIQ
ManageIQ

"Fleecing" is a core part of ManageIQ - it allows users to pre-populate dashboards with information about hypervisors, its guests, and applications running on those guests. It allows ManageIQ to do auto-discovery of running services so that admins can spend more time doing what they need to do. For more on ManageIQ, see http://manageiq.org/

Technology
1 of 26
MMaannaaggeeIIQQ VVMM SSmmaarrtt SSttaattee AAnnaallyyssiiss ((FFlleeeecciinngg)) PPaasstt PPrreesseenntt FFuuttuurree
OOvveerrvviieeww ● Terms and definitions. ● History. ● Design considerations/requirements. ● Conceptual overview. ● Interface layers. ● Client access. ● GEM relationships.
TTeerrmmss aanndd DDeeffiinniittiioonnss Smart state analysis noun (pl. smart state analyses) A boring marketing term, referring to the process of extracting guest information from a virtual machine – usually, without requiring agentry, or for the VM to be running. Verb (?smart state analyze? - ?perform Smart state analysis?) The execution of said process. ORIGIN early 21st cent.: some marketing guy. See also: fleece
TTeerrmmss aanndd DDeeffiinniittiioonnss fleece noun The woolly covering of a sheep or goat. Verb 1 the removal of said woolly covering. 2 informal obtain a great deal of money or property from (someone), typically through nefarious means. DERIVATIVES Very concise and simple: fleece, fleecing, fleeced, fleecer
GGrraattuuiittoouuss FFlleeeecciinngg QQuuoottee “It is the duty of a good shepherd to fleece his sheep, not to skin (flay) them.” - Tiberius Ceasar
aanndd,, ttoo ppaarraapphhrraassee JJuulliiuuss CCeeaassaarr:: “I came, I saw, I fleeced” Semper infigo lingua mortua est “Veni, vidi, Velleris” (Things said, are) always more impressive in a dead language
TTeerrmmss aanndd DDeeffiinniittiioonnss ......sseerriioouussllyy ● Appliance – The ManageIQ appliance. The virtual machine through which the ManageIQ application is deployed and executed. ● Provider – The type, brand, or flavor of virtual environment. Ex: RHEV, VMware, OpenStack, etc.
HHiissttoorryy First released in 2007 ● Initially supported: – Windows: NTFS, Fat32 – Linux: LVM2, EXT3 ● Extended to support: – Windows: LDM – Linux: EXT4, XFS
DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss Flexible virtual disk access ● Access provided through extensible mechanism. ● Optimize access method for given providers. ● Supports provider-specific API access ● Eliminates the need for file-level access. ● Enables remote fleecing. ● Affords greater flexibility in appliance placement. – Proximity to storage need not be a factor.
DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss Lightweight ● Each fleece is performed in a single Ruby thread. ● Consumes a minimum of appliance resources. ● Imposes minimum impact on other appliance processes. ● Enables parallel fleecing of multiple VMs on the same appliance. ● Affords more flexibility in proxy deployment.
DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss Minimal Dependancies ● Only requires Ruby and requisite provider libraries. ● Does not encumber appliance configuration with additional dependancies. ● Enables the creation of self-contained proxy executables. ● Facilitates the deployment of proxies to foreign environments.
DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss OS and Environment Agnostic ● Written almost entirely in pure Ruby. ● Will run in most environments that support Ruby. ● Can run in Windows and Linux environments. ● Facilitates the development of proxies for deployment to foreign environments.
CCoonncceeppttuuaall OOvveerrvviieeww Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods
CCoonncceeppttuuaall OOvveerrvviieeww Virtual Disk Format XML/Sync MiqFS Disk Partition LVM FS MIQExtract Virtual Disk Access Methods OS ● Linux: LVM2 ● Windows: LDM
EExxtteerrnnaall IInntteerrffaacceess Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods ● VMware: VIM (SOAP) ●RHEV: RHEVM API (REST) ● Amazon: AWS (REST) ●OpenStack: Fog (REST)
EExxtteerrnnaall IInntteerrffaacceess Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods ● Direct file access. ● Access via proxy. ● Raw device access. ● Access via API (VixDIskLib, AWS/EBS, Glance, etc.)
EExxtteerrnnaall IInntteerrffaacceess Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods ● RAW ●QCOW, QCOW2 ●VMware: Sparse, COWD ●Microsoft: Fixed, Dynamic, Diff ● Etc. Virtual Disk Format
Virtual Disk Format XML/Sync MiqFS EExxtteerrnnaall IInntteerrffaacceess ● Implements a subset of File/Dir functionality. Disk ● Cannot be used by GEMs that expect File. Partition ● Clients must be MiqFS specific. LVM ● Forces re-implementation of existing code. FS MIQExtract Virtual Disk Access Methods OS
Virtual Disk Format XML/Sync MiqFS EExxtteerrnnaall IInntteerrffaacceess ● Berkeley DB through: MiqBerkeleyDB Disk ● Rpm Packages through: MiqRpmPackages Partition ● Sqlite3 through: MiqSqlite3DB LVM ● Conary Packages through: MiqConaryPackages FS MIQExtract Virtual Disk Access Methods OS
IInntteerrffaaccee LLaayyeerrss ManageIQ & Provider Specific ManageIQ Fleece Request Provider Metadata Access MIQExtract VM Metadata Vdisk Contents Virtual Disk Access Methods MiqFS Data Drilling Sync VMDB Provider Specific Common ManageIQ Specific
CCllaasssseess bbyy LLaayyeerr ManageIQ & Provider Specific Provider Specific Common ManageIQ Specific ExtManagementSystem Subclasses VmOrTemplate Subclasses MiqVm Subclasses MiqVm VirtFS MIQExtract Provider Libraries
MMiiqqFFSS →→ VViirrttFFSS ● General Pseudo FS support ● Integrates through File & Dir ● Provides mount and chroot semantics ● No need for specialized clients – will work with existing GEMs and scripts
VViirrttFFSS –– AAddddiittiioonnaall BBeenneeffiittss ● Compliance scripts can access VM image directly. ● No need to retrieve files and save in DB. ● Native scripts should work in ManageIQ context.
VViirrttFFSS:: BBeeyyoonndd FFlleeeecciinngg ● Database/Datastore backed FS ● Amazon S3 and Swift pseudo FS ● Sparse – overlay FS ● Cassette based FS – for testing ● Ruby files loaded from pseudo FS ● Self contained Ruby executables
GGEEMM RReellaattiioonnsshhiippss MiqVm* Types MiqVm* VirtFs Provider Libraries Filesystem Types uses uses plugs into based on Ruby Scripts export/mount * renamed appropriately
Fin Questions?

Recommended

Autentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinosAutentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinos
Alejandro Pérez García
 
OSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet Mens
OSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet MensOSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet Mens
OSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet Mens
NETWAYS
 
OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)
OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)
OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)
NETWAYS
 
A brief history of Linux Containers
A brief history of Linux Containers A brief history of Linux Containers
A brief history of Linux Containers
Kirill Kolyshkin
 
Brief history of Linux containers
Brief history of Linux containersBrief history of Linux containers
Brief history of Linux containers
OpenVZ
 
MQTT enabling the smallest things
MQTT enabling the smallest thingsMQTT enabling the smallest things
MQTT enabling the smallest things
Ian Craggs
 
Arbiter volumes in gluster
Arbiter volumes in glusterArbiter volumes in gluster
Arbiter volumes in gluster
itisravi
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
Andrey Vagin
 

Recommended

Autentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinosAutentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinos
Alejandro Pérez García
 
OSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet Mens
OSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet MensOSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet Mens
OSMC 2014: MQTT for monitoring (and for the lo t) | Jan-Piet Mens
NETWAYS
 
OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)
OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)
OSDC 2015: Jan-Piet Mens | MQTT for your data center (and for the IoT)
NETWAYS
 
A brief history of Linux Containers
A brief history of Linux Containers A brief history of Linux Containers
A brief history of Linux Containers
Kirill Kolyshkin
 
Brief history of Linux containers
Brief history of Linux containersBrief history of Linux containers
Brief history of Linux containers
OpenVZ
 
MQTT enabling the smallest things
MQTT enabling the smallest thingsMQTT enabling the smallest things
MQTT enabling the smallest things
Ian Craggs
 
Arbiter volumes in gluster
Arbiter volumes in glusterArbiter volumes in gluster
Arbiter volumes in gluster
itisravi
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
Andrey Vagin
 
Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...
Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...
Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...
Allon Mureinik
 
Corwin on containers
Corwin on containersCorwin on containers
Corwin on containers
Corwin Brown
 
Minix3 fosdem2014
Minix3 fosdem2014Minix3 fosdem2014
Minix3 fosdem2014
keesj
 
Local file systems update
Local file systems updateLocal file systems update
Local file systems update
Lukáš Czerner
 
Local incident response
Local incident responseLocal incident response
Local incident response
Dmytro Korzhevin
 
Third-party software management under BSD
Third-party software management under BSDThird-party software management under BSD
Third-party software management under BSD
Andrew Pantyukhin
 
Ovirt and gluster_hyperconvergence_devconf-2016
Ovirt and gluster_hyperconvergence_devconf-2016Ovirt and gluster_hyperconvergence_devconf-2016
Ovirt and gluster_hyperconvergence_devconf-2016
Ramesh Nachimuthu
 
LibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey VaginLibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey Vagin
OpenVZ
 
Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)
Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)
Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)
data://disrupted®
 
Devconf.cz 2016 Linux as a guest on Hyper-V
Devconf.cz 2016 Linux as a guest on Hyper-VDevconf.cz 2016 Linux as a guest on Hyper-V
Devconf.cz 2016 Linux as a guest on Hyper-V
Vitaly Kuznetsov
 
[개념정리] DB: Concurrency Control
[개념정리] DB: Concurrency Control[개념정리] DB: Concurrency Control
[개념정리] DB: Concurrency Control
Kwangsik Lee
 
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
Deepak Shetty
 
DNSCurve
DNSCurveDNSCurve
DNSCurve
Sabbir Ahmmed
 
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreGlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
Atin Mukherjee
 
OpenNebula LXD Container Support overview
OpenNebula LXD Container Support overviewOpenNebula LXD Container Support overview
OpenNebula LXD Container Support overview
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Live Storage Migration in oVirt (Open Storage Meetup May 2013)
Live Storage Migration in oVirt (Open Storage Meetup May 2013)Live Storage Migration in oVirt (Open Storage Meetup May 2013)
Live Storage Migration in oVirt (Open Storage Meetup May 2013)
Allon Mureinik
 
LibCT и контейнеры на уровне приложений -- Александр Бурлука
LibCT и контейнеры на уровне приложений -- Александр Бурлука LibCT и контейнеры на уровне приложений -- Александр Бурлука
LibCT и контейнеры на уровне приложений -- Александр Бурлука
OpenVZ
 
NPM
NPMNPM
NPM
Squash Apps Pvt Ltd
 
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Andrey Vagin
 
Jolla hackday - Intro to Devaamo (Sept 2012)
Jolla hackday - Intro to Devaamo (Sept 2012)Jolla hackday - Intro to Devaamo (Sept 2012)
Jolla hackday - Intro to Devaamo (Sept 2012)
Carol Chen
 
Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016
Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016
Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016
Carol Chen
 
City of Salo - Open Source Communities (Nov 2014)
City of Salo - Open Source Communities (Nov 2014)City of Salo - Open Source Communities (Nov 2014)
City of Salo - Open Source Communities (Nov 2014)
Carol Chen
 

More Related Content

What's hot

Third-party software management under BSD
Third-party software management under BSDThird-party software management under BSD
Third-party software management under BSD
Andrew Pantyukhin
 
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Andrey Vagin
 

What's hot (19)

Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...
Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...
Disaster Recovery Strategies Using oVirt's new Storage Connection Management ...
 
Corwin on containers
Corwin on containersCorwin on containers
Corwin on containers
 
Minix3 fosdem2014
Minix3 fosdem2014Minix3 fosdem2014
Minix3 fosdem2014
 
Local file systems update
Local file systems updateLocal file systems update
Local file systems update
 
Local incident response
Local incident responseLocal incident response
Local incident response
 
Third-party software management under BSD
Third-party software management under BSDThird-party software management under BSD
Third-party software management under BSD
 
Ovirt and gluster_hyperconvergence_devconf-2016
Ovirt and gluster_hyperconvergence_devconf-2016Ovirt and gluster_hyperconvergence_devconf-2016
Ovirt and gluster_hyperconvergence_devconf-2016
 
LibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey VaginLibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey Vagin
 
Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)
Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)
Operation Unthinkable – Software Defined Storage @ Booking.com (Peter Buschman)
 
Devconf.cz 2016 Linux as a guest on Hyper-V
Devconf.cz 2016 Linux as a guest on Hyper-VDevconf.cz 2016 Linux as a guest on Hyper-V
Devconf.cz 2016 Linux as a guest on Hyper-V
 
[개념정리] DB: Concurrency Control
[개념정리] DB: Concurrency Control[개념정리] DB: Concurrency Control
[개념정리] DB: Concurrency Control
 
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
 
DNSCurve
DNSCurveDNSCurve
DNSCurve
 
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreGlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
 
OpenNebula LXD Container Support overview
OpenNebula LXD Container Support overviewOpenNebula LXD Container Support overview
OpenNebula LXD Container Support overview
 
Live Storage Migration in oVirt (Open Storage Meetup May 2013)
Live Storage Migration in oVirt (Open Storage Meetup May 2013)Live Storage Migration in oVirt (Open Storage Meetup May 2013)
Live Storage Migration in oVirt (Open Storage Meetup May 2013)
 
LibCT и контейнеры на уровне приложений -- Александр Бурлука
LibCT и контейнеры на уровне приложений -- Александр Бурлука LibCT и контейнеры на уровне приложений -- Александр Бурлука
LibCT и контейнеры на уровне приложений -- Александр Бурлука
 
NPM
NPMNPM
NPM
 
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
 

Viewers also liked

Viewers also liked (6)

Jolla hackday - Intro to Devaamo (Sept 2012)
Jolla hackday - Intro to Devaamo (Sept 2012)Jolla hackday - Intro to Devaamo (Sept 2012)
Jolla hackday - Intro to Devaamo (Sept 2012)
 
Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016
Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016
Community Discussion - Carol Chen, Sergio Ocón - ManageIQ Design Summit 2016
 
City of Salo - Open Source Communities (Nov 2014)
City of Salo - Open Source Communities (Nov 2014)City of Salo - Open Source Communities (Nov 2014)
City of Salo - Open Source Communities (Nov 2014)
 
開源x節流:企業應用經驗分享 (一)+(二) [2017/02/03] @臺中市政府
開源x節流:企業應用經驗分享 (一)+(二) [2017/02/03] @臺中市政府開源x節流:企業應用經驗分享 (一)+(二) [2017/02/03] @臺中市政府
開源x節流:企業應用經驗分享 (一)+(二) [2017/02/03] @臺中市政府
 
Nice Tuesday (20 May 2014)
Nice Tuesday (20 May 2014)Nice Tuesday (20 May 2014)
Nice Tuesday (20 May 2014)
 
開源 x 節流:企業導入實例分享 (二) [2016/03/31] 文件自由日研討會
開源 x 節流:企業導入實例分享 (二) [2016/03/31] 文件自由日研討會開源 x 節流:企業導入實例分享 (二) [2016/03/31] 文件自由日研討會
開源 x 節流:企業導入實例分享 (二) [2016/03/31] 文件自由日研討會
 

Similar to Design Summit - Smart State Analysis, aka VM Fleecing - Rich Oliveri

Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container Platform
All Things Open
 
Improving Scalability of Xen: The 3,000 Domains Experiment
Improving Scalability of Xen: The 3,000 Domains ExperimentImproving Scalability of Xen: The 3,000 Domains Experiment
Improving Scalability of Xen: The 3,000 Domains Experiment
The Linux Foundation
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
Tim Mackey
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
Black Duck by Synopsys
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
WSO2
 

Similar to Design Summit - Smart State Analysis, aka VM Fleecing - Rich Oliveri (20)

OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack Cinder
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container Platform
 
Linux container & docker
Linux container & dockerLinux container & docker
Linux container & docker
 
Security on a Container Platform
Security on a Container PlatformSecurity on a Container Platform
Security on a Container Platform
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container Platform
 
Secure container: Kata container and gVisor
Secure container: Kata container and gVisorSecure container: Kata container and gVisor
Secure container: Kata container and gVisor
 
31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection
 
Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
 
Kvm and libvirt
Kvm and libvirtKvm and libvirt
Kvm and libvirt
 
Improving Scalability of Xen: The 3,000 Domains Experiment
Improving Scalability of Xen: The 3,000 Domains ExperimentImproving Scalability of Xen: The 3,000 Domains Experiment
Improving Scalability of Xen: The 3,000 Domains Experiment
 
Introduction to Cinder
Introduction to CinderIntroduction to Cinder
Introduction to Cinder
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack Cinder
 
Bridging the Semantic Gap in Virtualized Environment
Bridging the Semantic Gap in Virtualized EnvironmentBridging the Semantic Gap in Virtualized Environment
Bridging the Semantic Gap in Virtualized Environment
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdf
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker Security
 

More from ManageIQ

More from ManageIQ (20)

ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide Deck
 
ManageIQ - Sprint 235 Review - Slide Deck
ManageIQ - Sprint 235 Review - Slide DeckManageIQ - Sprint 235 Review - Slide Deck
ManageIQ - Sprint 235 Review - Slide Deck
 
ManageIQ - Sprint 234 Review - Slide Deck
ManageIQ - Sprint 234 Review - Slide DeckManageIQ - Sprint 234 Review - Slide Deck
ManageIQ - Sprint 234 Review - Slide Deck
 
ManageIQ - Sprint 233 Review - Slide Deck
ManageIQ - Sprint 233 Review - Slide DeckManageIQ - Sprint 233 Review - Slide Deck
ManageIQ - Sprint 233 Review - Slide Deck
 
ManageIQ - Sprint 232 Review - Slide Deck
ManageIQ - Sprint 232 Review - Slide DeckManageIQ - Sprint 232 Review - Slide Deck
ManageIQ - Sprint 232 Review - Slide Deck
 
ManageIQ - Sprint 231 Review - Slide Deck
ManageIQ - Sprint 231 Review - Slide DeckManageIQ - Sprint 231 Review - Slide Deck
ManageIQ - Sprint 231 Review - Slide Deck
 
ManageIQ - Sprint 230 Review - Slide Deck
ManageIQ - Sprint 230 Review - Slide DeckManageIQ - Sprint 230 Review - Slide Deck
ManageIQ - Sprint 230 Review - Slide Deck
 
ManageIQ - Sprint 229 Review - Slide Deck
ManageIQ - Sprint 229 Review - Slide DeckManageIQ - Sprint 229 Review - Slide Deck
ManageIQ - Sprint 229 Review - Slide Deck
 
ManageIQ - Sprint 228 Review - Slide Deck
ManageIQ - Sprint 228 Review - Slide DeckManageIQ - Sprint 228 Review - Slide Deck
ManageIQ - Sprint 228 Review - Slide Deck
 
Sprint 227
Sprint 227Sprint 227
Sprint 227
 
Sprint 226
Sprint 226Sprint 226
Sprint 226
 
Sprint 225
Sprint 225Sprint 225
Sprint 225
 
Sprint 224
Sprint 224Sprint 224
Sprint 224
 
Sprint 223
Sprint 223Sprint 223
Sprint 223
 
Sprint 222
Sprint 222Sprint 222
Sprint 222
 
Sprint 221
Sprint 221Sprint 221
Sprint 221
 
Sprint 220
Sprint 220Sprint 220
Sprint 220
 
Sprint 219
Sprint 219Sprint 219
Sprint 219
 
Sprint 218
Sprint 218Sprint 218
Sprint 218
 
Sprint 217
Sprint 217Sprint 217
Sprint 217
 

Recently uploaded

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

Design Summit - Smart State Analysis, aka VM Fleecing - Rich Oliveri

  • 1. MMaannaaggeeIIQQ VVMM SSmmaarrtt SSttaattee AAnnaallyyssiiss ((FFlleeeecciinngg)) PPaasstt PPrreesseenntt FFuuttuurree
  • 2. OOvveerrvviieeww ● Terms and definitions. ● History. ● Design considerations/requirements. ● Conceptual overview. ● Interface layers. ● Client access. ● GEM relationships.
  • 3. TTeerrmmss aanndd DDeeffiinniittiioonnss Smart state analysis noun (pl. smart state analyses) A boring marketing term, referring to the process of extracting guest information from a virtual machine – usually, without requiring agentry, or for the VM to be running. Verb (?smart state analyze? - ?perform Smart state analysis?) The execution of said process. ORIGIN early 21st cent.: some marketing guy. See also: fleece
  • 4. TTeerrmmss aanndd DDeeffiinniittiioonnss fleece noun The woolly covering of a sheep or goat. Verb 1 the removal of said woolly covering. 2 informal obtain a great deal of money or property from (someone), typically through nefarious means. DERIVATIVES Very concise and simple: fleece, fleecing, fleeced, fleecer
  • 5. GGrraattuuiittoouuss FFlleeeecciinngg QQuuoottee “It is the duty of a good shepherd to fleece his sheep, not to skin (flay) them.” - Tiberius Ceasar
  • 6. aanndd,, ttoo ppaarraapphhrraassee JJuulliiuuss CCeeaassaarr:: “I came, I saw, I fleeced” Semper infigo lingua mortua est “Veni, vidi, Velleris” (Things said, are) always more impressive in a dead language
  • 7. TTeerrmmss aanndd DDeeffiinniittiioonnss ......sseerriioouussllyy ● Appliance – The ManageIQ appliance. The virtual machine through which the ManageIQ application is deployed and executed. ● Provider – The type, brand, or flavor of virtual environment. Ex: RHEV, VMware, OpenStack, etc.
  • 8. HHiissttoorryy First released in 2007 ● Initially supported: – Windows: NTFS, Fat32 – Linux: LVM2, EXT3 ● Extended to support: – Windows: LDM – Linux: EXT4, XFS
  • 9. DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss Flexible virtual disk access ● Access provided through extensible mechanism. ● Optimize access method for given providers. ● Supports provider-specific API access ● Eliminates the need for file-level access. ● Enables remote fleecing. ● Affords greater flexibility in appliance placement. – Proximity to storage need not be a factor.
  • 10. DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss Lightweight ● Each fleece is performed in a single Ruby thread. ● Consumes a minimum of appliance resources. ● Imposes minimum impact on other appliance processes. ● Enables parallel fleecing of multiple VMs on the same appliance. ● Affords more flexibility in proxy deployment.
  • 11. DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss Minimal Dependancies ● Only requires Ruby and requisite provider libraries. ● Does not encumber appliance configuration with additional dependancies. ● Enables the creation of self-contained proxy executables. ● Facilitates the deployment of proxies to foreign environments.
  • 12. DDeessiiggnn CCoonnssiiddeerraattiioonnss aanndd RReeqquuiirreemmeennttss OS and Environment Agnostic ● Written almost entirely in pure Ruby. ● Will run in most environments that support Ruby. ● Can run in Windows and Linux environments. ● Facilitates the development of proxies for deployment to foreign environments.
  • 13. CCoonncceeppttuuaall OOvveerrvviieeww Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods
  • 14. CCoonncceeppttuuaall OOvveerrvviieeww Virtual Disk Format XML/Sync MiqFS Disk Partition LVM FS MIQExtract Virtual Disk Access Methods OS ● Linux: LVM2 ● Windows: LDM
  • 15. EExxtteerrnnaall IInntteerrffaacceess Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods ● VMware: VIM (SOAP) ●RHEV: RHEVM API (REST) ● Amazon: AWS (REST) ●OpenStack: Fog (REST)
  • 16. EExxtteerrnnaall IInntteerrffaacceess Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods ● Direct file access. ● Access via proxy. ● Raw device access. ● Access via API (VixDIskLib, AWS/EBS, Glance, etc.)
  • 17. EExxtteerrnnaall IInntteerrffaacceess Virtual Disk Format VM Metadata Virtual disk Images Provider Metadata Access Virtual Disk Access Methods ● RAW ●QCOW, QCOW2 ●VMware: Sparse, COWD ●Microsoft: Fixed, Dynamic, Diff ● Etc. Virtual Disk Format
  • 18. Virtual Disk Format XML/Sync MiqFS EExxtteerrnnaall IInntteerrffaacceess ● Implements a subset of File/Dir functionality. Disk ● Cannot be used by GEMs that expect File. Partition ● Clients must be MiqFS specific. LVM ● Forces re-implementation of existing code. FS MIQExtract Virtual Disk Access Methods OS
  • 19. Virtual Disk Format XML/Sync MiqFS EExxtteerrnnaall IInntteerrffaacceess ● Berkeley DB through: MiqBerkeleyDB Disk ● Rpm Packages through: MiqRpmPackages Partition ● Sqlite3 through: MiqSqlite3DB LVM ● Conary Packages through: MiqConaryPackages FS MIQExtract Virtual Disk Access Methods OS
  • 20. IInntteerrffaaccee LLaayyeerrss ManageIQ & Provider Specific ManageIQ Fleece Request Provider Metadata Access MIQExtract VM Metadata Vdisk Contents Virtual Disk Access Methods MiqFS Data Drilling Sync VMDB Provider Specific Common ManageIQ Specific
  • 21. CCllaasssseess bbyy LLaayyeerr ManageIQ & Provider Specific Provider Specific Common ManageIQ Specific ExtManagementSystem Subclasses VmOrTemplate Subclasses MiqVm Subclasses MiqVm VirtFS MIQExtract Provider Libraries
  • 22. MMiiqqFFSS →→ VViirrttFFSS ● General Pseudo FS support ● Integrates through File & Dir ● Provides mount and chroot semantics ● No need for specialized clients – will work with existing GEMs and scripts
  • 23. VViirrttFFSS –– AAddddiittiioonnaall BBeenneeffiittss ● Compliance scripts can access VM image directly. ● No need to retrieve files and save in DB. ● Native scripts should work in ManageIQ context.
  • 24. VViirrttFFSS:: BBeeyyoonndd FFlleeeecciinngg ● Database/Datastore backed FS ● Amazon S3 and Swift pseudo FS ● Sparse – overlay FS ● Cassette based FS – for testing ● Ruby files loaded from pseudo FS ● Self contained Ruby executables
  • 25. GGEEMM RReellaattiioonnsshhiippss MiqVm* Types MiqVm* VirtFs Provider Libraries Filesystem Types uses uses plugs into based on Ruby Scripts export/mount * renamed appropriately

Editor's Notes

  1. Notes for slide 1
  2. - Terms and definitions. - History. - Design considerations/requirements. - Conceptual overview. - Interface layers. - Client access. - GEM relationships.
  3. **Smart state analysis -Official term -Long and cumbersome term -Actual selection in menu -Clumsy to use in docs and email -What does this cumbersome term mean? **noun (pl. smart state... -Use as verb even more clumsy **Verb (?smart state... -If so hard to use, how did it originate? **ORIGIN early 21st... -Best we can tell... **See also: fleece
  4. **fleece -Original internal/development term. -Fell out of favor due to bad connotations. -Let's see if we can determine why. **noun... -Nothing too bad there... -What about as a verb... **Verb 1... -Nothing too bad there either. -What else... **Verb 2... -Ah, that mist be it. -Any def with “nefarious” can't be good from a marketing perspecitve. **DERIVATIVES... -But its usage is so concise and simple, it would be great if we could use this term again, even if only informally.
  5. - the term “fleece” didn't always have this bad connotation. - In fact, here's a quote from... ** Quote here... -See, fleecing is good, skinning is bad
  6. -Now that we're an opensource project, I'm happy to see that the term “fleece” seems to be back in favor. -For those of you who have watched the ManageIQ podcasts, you've seen fleece used on the intro and exit screens. **Quote 1 (English) -Actually, the podcast uses “we” instead of “I”, but I've changed to so it would translate more cleanly into Latin. **Quote 2 (Latin) -Of course I only translated this into Latin because... **Quote 3 (English) -Or, more impressively... **Quote 4 (Latin)