The document is a presentation about Red Hat Enterprise Virtualization (RHEV). It provides an overview of RHEV features such as live migration, storage live migration, high availability, and self-service portal. It discusses the RHEV hypervisor and KVM, including scalability and support for latest silicon virtualization technology. The presentation also covers RHEV integration, security using SELinux, cost advantages over competitors, and examples of RHEV uses such as UNIX to Linux migration, mission critical applications, and test/dev environments.

1. Red Hat Enterprise Virtualization
Symantec Technology Days
Syed M Shaaf
Solutions Architect
Red Hat
February 2013
1 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

2. RHEV Overview
2 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

3. RHEV MANAGER FEATURES
● High Availability
● Live Migration
● Storage Live Migration*
● Live Snapshots
● Load Balancing (DRS)
● Power Saver (DPM)
● Hot-plug disk and NIC
● Storage on local disk, FC,
iSCSI, NFS, Red Hat
Storage, IBM GPFS, POSIX
or Direct LUN
● Self Service Portal with
Quotas
● Eco-system marketplace
* Tech Preview at GA
3 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

4. RHEV HYPERVISOR/KVM OVERVIEW
SCALABILITY
SMALL FORM FACTOR, SCALABLE,
HIGH PERFORMANCE ● Host: 160 logical CPU
(4,096 theoretical
max), 2 TB RAM
(64TB theoretical max)
● Guest: 64 vCPU,
512 GB RAM
● Supports latest silicon
virtualization
technology
● Based on the latest
RHEL 6 kernel
● Microsoft SVVP
certified
4 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

5. SPICE: EXCEPTIONAL USER EXPERIENCE

User experience comparable to
a local desktop PC

Bi-directional audio & video

VoIP & video conferencing

HD quality video

Hi resolution 2560x1600 (each)

Up to 4 monitors

USB redirection for nearly any
device

Smart Card/CAC authentication

Copy & paste
5 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

6. SPICE: BUILT FOR VIRTUAL DESKTOPS

Adaptive Protocol

Dynamically chooses optimal point to
process graphics

Renders locally on client or falls back
to server or VM

Improved network support for WAN

Enhanced bandwidth and latency
tolerance

Optional SSL encryption

Highest server density levels
6 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

7. RHEV 3.1 REPORTING

Historical usage, trending,
quality of service

Integrated reporting engine
based on Jasper reports

Over 25 prebuilt reports and
dashboards included

Ability to create and customize
reports and templates
7 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

8. RED HAT ENTERPRISE VIRTUALIZATION
ISV PARTNERS
● Integrated through
the RHEV API
Operations
Monitoring ● Certified by Red Hat
Security
Capacity &
to work with RHEV
Performance
Management Backup &
Disaster
● Free trials available
Recovery via the RHEV
Capacity
Planning & Marketplace
P2V, V2V
Application
VDI
Delivery ● Visit our ISV
partners at the
Partner Pavillion
and RHEV
Campgrounds
http://marketplace.redhat.com
8 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

9. INDUSTRY LEADING VIRTUALIZATION
PERFORMANCE
Red Hat
VMware
● SPECvirt_sc2010: As of September 1, 2012, RHEV claims top 7
results and the only 8-socket server scores
9 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

10. RED HAT ENTERPRISE VIRTUALIZATION
HYPERVISOR
● Standalone hypervisor
● Small footprint
● Customized 'spin' of RHEL + KVM
● 'Just enough' RHEL to run virtual
machines
● Security hardened image
● Runs on all RHEL hardware
● with Intel VT/AMD-V CPUs
● Easy to install, configure and upgrade
● PXE boot, USB boot, CD or Hard
drive
10 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

11. SECURITY
RHEV inherits the security features of
Linux and RHEL
●
Red Hat Enterprise Linux 6, the basis
of the RHEV 3.x Hypervisor, achieved
Common Criteria Certification at
Evaluation Assurance Level (EAL) 4+
on 10/29/2012
●
SELinux security policy infrastructure
●
Provides protection and isolation for
virtual machines and host
●
Compromised virtual machine cannot
access other VMs or host
sVirt Project
●
Sub-project of NSA's SELinux
community. Provides “hardened”
hypervisor.
●
Multi-level security. Isolate guests
●
Contain hypervisor breaches
11 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

12. Security - SELinux to the rescue
SELinux is all about labeling
● Processes get labels – virtual machines with
KVM are processes
● Files and devices get labels – virtual images are
stored on files and devices
● Rules control how process labels interact with
file labels and other process labels
● The kernel enforces these rules
12 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

13. KVM guests are processes, so we can confine
them like processes
13 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

14. Compromised virtual machine guest
confined, despite its vulnerability
14 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

15. And of course, the guest operating system
can also run SELinux
15 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

16. RHEV ARCHITECTURE
16 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

17. RHEV 3.1 - Integration
● Hook scripts are called at specific VM lifecycle events
● VDSM (management agent) Start
● Before VM start
● After VM start
● Before VM migration in/out
● After VM migration in/out
● Before and After VM Pause
● Before and After VM Continue
● Before and After VM Hibernate
● Before and After VM resume from hibernate
● On VM stop
● On VDSM Stop
➔Hooks can modify a virtual machines XML definition before VM start
➔Hooks can run system commands – e.g.. Apply firewall rule to VM
17 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

18. SIGNIFICANT COST ADVANTAGE FOR RED HAT
● Simple subscription pricing
($499/ $749) per socket per
year
● Single comprehensive
edition with all features
● Lower acquisition cost
accelerates ROI
● New releases can be
immediately incorporated at
no additional cost
● 10 physical hosts (2 sockets)
● Same density across both
18 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

19. UNIX TO LINUX MIGRATION
Financial trading/ on-line banking
● Improve performance
system that supports 1 million relative to legacy
customers per day
UNIX hardware
● Tremendous cost
savings by moving
from proprietary stack
to commodity/x86
based RHEL/RHEV
stack
● Improved isolation,
manageability and
flexibility
19 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

20. MISSION CRITICAL APPLICATIONS
Consolidation of Oracle Financials, ● Virtualize mission
database and other mission critical
applications on RHEV critical applications
without sacrificing
performance
● Monster VM sizes
enable better
virtualized
performance on
RHEV
● ISV certifications on
RHEL transfer to
RHEL on RHEV
20 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

21. TEST/DEV ENVIRONMENTS
Private cloud for Linux application ● Provide self-service
development and hosting
for test/dev
environments with
Power User Portal
● Quotas and
permissions for
effective resource
management
● Linux CLI, advanced
REST-API, session
support for
customization and
extension
21 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

22. PHYSICAL TO VIRTUAL TO CLOUD
22 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

23. References
● Red Hat Enterprise Virtualization -
http://www.redhat.com/products/virtualization/
● Part of the presentation on KVM was first delivered
(and video recorded) at the June 2012 Red Hat
Summit
● http://www.youtube.com/watch?v=yhQIVXrCd68
●
Acknowledgements the original contribution presentation – Dor Laor
23 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf

24. Thank you
24 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf