The document is a presentation about Red Hat Enterprise Virtualization (RHEV). It provides an overview of RHEV features such as live migration, storage live migration, high availability, and self-service portal. It discusses the RHEV hypervisor and KVM, including scalability and support for latest silicon virtualization technology. The presentation also covers RHEV integration, security using SELinux, cost advantages over competitors, and examples of RHEV uses such as UNIX to Linux migration, mission critical applications, and test/dev environments.
1. Red Hat Enterprise Virtualization
Symantec Technology Days
Syed M Shaaf
Solutions Architect
Red Hat
February 2013
1 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
2. RHEV Overview
2 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
3. RHEV MANAGER FEATURES
● High Availability
● Live Migration
● Storage Live Migration*
● Live Snapshots
● Load Balancing (DRS)
● Power Saver (DPM)
● Hot-plug disk and NIC
● Storage on local disk, FC,
iSCSI, NFS, Red Hat
Storage, IBM GPFS, POSIX
or Direct LUN
● Self Service Portal with
Quotas
● Eco-system marketplace
* Tech Preview at GA
3 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
4. RHEV HYPERVISOR/KVM OVERVIEW
SCALABILITY
SMALL FORM FACTOR, SCALABLE,
HIGH PERFORMANCE ● Host: 160 logical CPU
(4,096 theoretical
max), 2 TB RAM
(64TB theoretical max)
● Guest: 64 vCPU,
512 GB RAM
● Supports latest silicon
virtualization
technology
● Based on the latest
RHEL 6 kernel
● Microsoft SVVP
certified
4 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
5. SPICE: EXCEPTIONAL USER EXPERIENCE
User experience comparable to
a local desktop PC
Bi-directional audio & video
VoIP & video conferencing
HD quality video
Hi resolution 2560x1600 (each)
Up to 4 monitors
USB redirection for nearly any
device
Smart Card/CAC authentication
Copy & paste
5 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
6. SPICE: BUILT FOR VIRTUAL DESKTOPS
Adaptive Protocol
Dynamically chooses optimal point to
process graphics
Renders locally on client or falls back
to server or VM
Improved network support for WAN
Enhanced bandwidth and latency
tolerance
Optional SSL encryption
Highest server density levels
6 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
7. RHEV 3.1 REPORTING
Historical usage, trending,
quality of service
Integrated reporting engine
based on Jasper reports
Over 25 prebuilt reports and
dashboards included
Ability to create and customize
reports and templates
7 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
8. RED HAT ENTERPRISE VIRTUALIZATION
ISV PARTNERS
● Integrated through
the RHEV API
Operations
Monitoring ● Certified by Red Hat
Security
Capacity &
to work with RHEV
Performance
Management Backup &
Disaster
● Free trials available
Recovery via the RHEV
Capacity
Planning & Marketplace
P2V, V2V
Application
VDI
Delivery ● Visit our ISV
partners at the
Partner Pavillion
and RHEV
Campgrounds
http://marketplace.redhat.com
8 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
9. INDUSTRY LEADING VIRTUALIZATION
PERFORMANCE
Red Hat
VMware
● SPECvirt_sc2010: As of September 1, 2012, RHEV claims top 7
results and the only 8-socket server scores
9 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
10. RED HAT ENTERPRISE VIRTUALIZATION
HYPERVISOR
● Standalone hypervisor
● Small footprint
● Customized 'spin' of RHEL + KVM
● 'Just enough' RHEL to run virtual
machines
● Security hardened image
● Runs on all RHEL hardware
● with Intel VT/AMD-V CPUs
● Easy to install, configure and upgrade
● PXE boot, USB boot, CD or Hard
drive
10 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
11. SECURITY
RHEV inherits the security features of
Linux and RHEL
●
Red Hat Enterprise Linux 6, the basis
of the RHEV 3.x Hypervisor, achieved
Common Criteria Certification at
Evaluation Assurance Level (EAL) 4+
on 10/29/2012
●
SELinux security policy infrastructure
●
Provides protection and isolation for
virtual machines and host
●
Compromised virtual machine cannot
access other VMs or host
sVirt Project
●
Sub-project of NSA's SELinux
community. Provides “hardened”
hypervisor.
●
Multi-level security. Isolate guests
●
Contain hypervisor breaches
11 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
12. Security - SELinux to the rescue
SELinux is all about labeling
● Processes get labels – virtual machines with
KVM are processes
● Files and devices get labels – virtual images are
stored on files and devices
● Rules control how process labels interact with
file labels and other process labels
● The kernel enforces these rules
12 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
13. KVM guests are processes, so we can confine
them like processes
13 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
14. Compromised virtual machine guest
confined, despite its vulnerability
14 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
15. And of course, the guest operating system
can also run SELinux
15 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
17. RHEV 3.1 - Integration
● Hook scripts are called at specific VM lifecycle events
● VDSM (management agent) Start
● Before VM start
● After VM start
● Before VM migration in/out
● After VM migration in/out
● Before and After VM Pause
● Before and After VM Continue
● Before and After VM Hibernate
● Before and After VM resume from hibernate
● On VM stop
● On VDSM Stop
➔Hooks can modify a virtual machines XML definition before VM start
➔Hooks can run system commands – e.g.. Apply firewall rule to VM
17 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
18. SIGNIFICANT COST ADVANTAGE FOR RED HAT
● Simple subscription pricing
($499/ $749) per socket per
year
● Single comprehensive
edition with all features
● Lower acquisition cost
accelerates ROI
● New releases can be
immediately incorporated at
no additional cost
● 10 physical hosts (2 sockets)
● Same density across both
18 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
19. UNIX TO LINUX MIGRATION
Financial trading/ on-line banking
● Improve performance
system that supports 1 million relative to legacy
customers per day
UNIX hardware
● Tremendous cost
savings by moving
from proprietary stack
to commodity/x86
based RHEL/RHEV
stack
● Improved isolation,
manageability and
flexibility
19 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
20. MISSION CRITICAL APPLICATIONS
Consolidation of Oracle Financials, ● Virtualize mission
database and other mission critical
applications on RHEV critical applications
without sacrificing
performance
● Monster VM sizes
enable better
virtualized
performance on
RHEV
● ISV certifications on
RHEL transfer to
RHEL on RHEV
20 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
21. TEST/DEV ENVIRONMENTS
Private cloud for Linux application ● Provide self-service
development and hosting
for test/dev
environments with
Power User Portal
● Quotas and
permissions for
effective resource
management
● Linux CLI, advanced
REST-API, session
support for
customization and
extension
21 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
22. PHYSICAL TO VIRTUAL TO CLOUD
22 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
23. References
● Red Hat Enterprise Virtualization -
http://www.redhat.com/products/virtualization/
● Part of the presentation on KVM was first delivered
(and video recorded) at the June 2012 Red Hat
Summit
● http://www.youtube.com/watch?v=yhQIVXrCd68
●
Acknowledgements the original contribution presentation – Dor Laor
23 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf
24. Thank you
24 RED HAT ENTERPRISE VIRTUALIZATION Update | Syed M Shaaf