Rackspace stirred up a controversy recently with its comments about whether virtual servers are suitable for its customers. As one of the biggest players in the managed hosting market, it's interesting to hear the company's comments, as its experience is likely to be a macrocosm of what many enterprises will be going through as they plan their virtualisation projects.
Techworld recently published a news story in which we said that the company had backtracked on its virtualisation position - which in August last year was that its customers generally rejected virtual servers - and will be hosting virtual servers after all. Virtualisation was not yet ready for the big time, and was unlikely to save its users money, the company said last year.
Its comments came after a survey of its customers, which it released to the press, suggesting that some publicity is better than no publicity. Rackspace's customers said that most were unwilling to share a physical server even if their images were wrapped up in a virtual machine.
A first thought might be that this was for security reasons, although company CTO John Engates, who contacted Techworld after reading our report, said this was not the case.
Engates said that in fact security was not a major concern when it came to virtual machines (VMs) - until someone finds a way of tunnelling into the hypervisor. He was clear however to point out that security issues still remain within VMs themselves and that they need to be managed from a security standpoint just like physical boxes.
Rather, his customers were concerned about sharing a physical server because they would not have visibility into what other customers were doing on the hardware.
Since it makes no sense to virtualise an application that hammers the hardware, it's reasonable to assume that most virtualised applications don't generally hog resources. But, if an application in a VM gets hit hard - whether for legitimate reasons or because it's the victim of a DOS attack for example - and then hogs the CPU, storage link or Ethernet ports, all other VMs on that box would be affected. If company A's VM gets hit, company's B's applications slows right down - and there's nothing they can do about it.
The problem is, according to Engates, that there are few if any ways, given the current state of virtualisation technology, to prevent one VM hogging resources, especially I/O or CPU. He said that the tools just aren't there.
Engates acknowledged that the problems Rackspace faces in this regard is similar to that in most organisations, where departments that "own" a server - and are being charged for it - are frequently reluctant to share it with another department in the same company, often for similar reasons. At a recent meeting of IT admins, this issue was voiced as a matter of concern. So it's perhaps hardly surprising that those using managed hosting providers are wary of external organisations.
For the future, Engates said that he expected the hardware vendors to come up with technology to help manage the resources that VMs can access.
Rackspace uses VMware's VI3 product set, which is widely believed reckoned to be state of the art, so even though the tools aren't yet available to control VMs under ESX Server, you might reasonably expect them to appear for this platform first.
Virtualisation may be a red-hot technology, but it's clear that it's by no means a problem-free zone.