Daniel Ingitaraj (DPE, Singapore)

Building Bridges - Linux and Windows Interoperability: On the Metal and On the Wire

Why Build Bridges?

I would say it is safe to think that Microsoft is going to continue shipping Windows, and Red Hat and Novell will continue shipping Linux. With companies like Wall Mart, Southwest Airlines, City of Los Angeles (Ref:  Microsoft and Novell Celebrate Year of Interoperability for the list of 30 companies that are using mixed source environments) demanding interoperability, building bridges is not an option Enterprises can ignore. 

The market for heterogeneous solutions is growing rapidly. One visible sign of this is virtualization, an “indicator technology,” which by its nature promotes heterogeneity. Virtualization has become one of the most important trends in the computing industry today. According to IDC, enterprise spending on virtualization will reach $15B worldwide by 2009, at which point more than 50% of all servers sold will include virtualization-enabled processors. IDC also forecast that virtualization services market will levitate to $11.7Bn from $5.5Bn.

Reference another Report from Symantec: Data Centre Managers Turn to Virtualization for Peace of Mind

Given the ever improving x86 economics, companies are continuing to migrate off UNIX and specialty hardware down to Windows and Linux on commodity processors.

1. Customers are insisting on support for interoperable, heterogeneous solutions. At Microsoft, we run a customer-led product business. One year ago, we established our Interoperability Executive Customer Council, a group of Global CIOs from 30 top global companies and governments – from Goldman Sachs to Aetna to NATO to the UN. On the Microsoft side, this council is run by Bob Muglia, the senior vice president of our server software and developer tools division. The purpose of this is to get consistent input on where customers need us to improve interoperability between our platforms and others – like Linux, Eclipse, and Java. They gave us clear direction: “we are picking both Windows and Linux for our datacenters, and will continue to do so. We need you to make them work better together.”

2. Second, MS and Novell have established a technical collaboration agreement that allows us to combine our engineering resources to address specific interoperability issues.  As part of this broader interoperability collaboration, Microsoft and Novell technical experts are architecting and testing new virtualization scenarios to jointly develop the most compelling virtualization offering in the market for Linux and Windows and developing the tools and infrastructure necessary to manage and secure these heterogeneous environments.

Two major components of the future of Linux and Windows interoperability: Virtualization and Web Services protocols.

On the Metal focuses on the virtualization interoperability work being done between Windows Server 2008 and Windows Server virtualization, and SUSE Linux Enterprise Server and Xen. On the Wire covers the details and challenges of implementing standards specifications, such as WS-Federation and WS-Management; and how protocol interoperability will enable effective and secure virtualization deployment and management

On the Metal : Virtualization

Getting Started with Basics:

In non-virtualized environments, a single operating system is in direct control of the hardware. In a virtualized environment a Virtual Machine Monitor manages one or more guest operating systems that are in “virtual” control of the hardware, each independent of the other. A hypervisor is a special implementation of a Virtual Machine Monitor. It is software that provides a level of abstraction between a system’s hardware and one or more operating systems running on the platform.

Virtualization optimizations enable better performance by taking advantage of “knowing” when an OS is a host running on HW or a guest running on a virtual machine. Paravirtualization , as it applies to Xen and Linux, is an open API between a hypervisor and Linux and a set of optimizations that together, in keeping with the open source philosophy, encourage development of open-source hypervisor's and device drivers.  Enlightenment is an API and a set of optimizations designed specifically to enhance the performance of Windows Server in a Windows virtualized environment.

Hardware manufacturers are interested in virtualization as well. Intel and AMD have independently developed virtualization extensions to the x86 architecture. They are not directly compatible with each other, but serve largely the same functions. Either will allow a hypervisor to run an unmodified guest operating system without incurring significant performance penalties.

Intel's virtualization extension for 32-bit and 64-bit x86 architecture is named IVT (Intel Virtualization Technology). The 32-bit or IA-32 IVT extensions are referred to as VT-x. Intel has also published specifications for IVT for the IA-64 (Itanium) processors which are referred to as VT-i. AMD's virtualization extensions to the 64-bit x86 architecture is named AMD Virtualization, abbreviated AMD-V.

There are three Virtual Machine Monitor models.

Type-2 VMM: A type 2 Virtual Machine Monitor runs within a host operating system. It operates at a level above the host OS and all guest environments operate at a level above that. Examples of these guest environments include the Java Virtual Machine and Microsoft’s Common Language Runtime, which runs as part of the .NET environment and is a “managed execution environment” that allows object-oriented classes to be shared among applications.

Hybrid Model VMM : shown in the middle of the diagram has been used to implement Virtual PC, Virtual Server and VMWare GSX. These rely on a host operating system that shares control of the hardware with the virtual machine monitor.

Type-1 VMM: A type 1 Virtual Machine Monitor employs a hypervisor to control the hardware with all operating systems run at a level above it. Windows Server virtualization and Xen are examples of type 1 hypervisor implementations

Development of Xen and the Linux hypervisor API paravirt_ops began prior to release of Intel and AMD’s virtualized hardware and were designed, in part, to solve the problems inherent in running a virtualized environment on non-virtualization-assisted hardware. They continue to support both virtualization-assisted and non-virtualization-assisted hardware. In keeping with the OS community’s philosophy of encouraging development of open source code, the paravirt_ops API is designed to support open-source hypervisor's.

Windows Server 2008 enlightenments have been designed to allow Windows Server 2008 to run in either a virtualized or non-virtualized environment *unmodified.* Windows Server 2008 recognizes when it is running as a guest on top of Windows Server and dynamically applies the enlightenment optimizations in such instances. In addition to a hypercall interface and a synthetic device model, memory management and the Windows Server 2008 scheduler are designed with optimizations for when the OS runs on a virtual machine. The Windows Server architecture is designed so that a parent partition provides services to the child partitions that run as guests in the virtual environment.

Native Windows Server Components:

1. VMBus – Virtual Machine Bus – Serves as a synthetic bus for the system.
2. VSP – Virtual Service Provider – Serves as an interface between the VMBus and a physical device
3. HCL Drivers – “Hardware Compatibility List” Drivers
4. VSC – Virtual Service Consumer – Functions as a synthetic device. For example, a filesystem will talk to the VSC controller instead of an IDE controller.

Interoperability Components:

1. Linux VSC – Interoperability component that serves as a synthetic Linux driver.
2. Hypercall Adapter – Adapts Xen hypercalls to Windows Server.

Like the WSv architecture, the Xen architecture is designed so that a special partition, in this case Dom 0, provides services to guest partitions that run in a virtual environment.

Native Xen Components:

1. Paravirt_ops is a Linux-kernel-internal function table that is designed to support hypervisor-specific function calls. The default function pointers from paravirt_ops support running as a host on bare metal. Xen provides its own set of functions that implement paravirtualization.

Interoperability Components:

1. Xen Virtualized Drivers – Windows synthetic device drivers must be converted to Xen-virtualized drivers.
2. Xen/Windows ABI – The binary interface that integrates Windows with Xen.

What is being done to engineer Interoperability?

1. SLES on Windows Server. 
2. We’re working with XenSource to provide the Linux VSC and Hypercall Adapter components to make SuSE Linux run on the Windows Server virtualization hypervisor implementation
3. WS2008 on Xen
4. Novell is working with us to provide the Xen virtualized drivers and Xen/Windows ABI to enable Windows Server 2008 to run on Xen 3.0 and beyond

On the Wire : WS Management and WS Federation

What is WS Management : It is a protocol.

What is the state of MS and OSS stacks for WS-Management?

• Microsoft is building in WS-Management as a core capability for System Center
• Sister technology to WMI – normal Windows management interfaces will be available through the WS-Management backplane
• OSS stacks include
  • openwsman (C implementation)
  • wiseman (Java implementation)

End state of these stacks

1. End-to-end interoperability
2. First-class citizen status for all management consoles against all infrastructures
3. Use OSS management tools to run Windows, including virtualized environments
4. Use Microsoft management tools to run Linux, including virtualized environments

Web-services management interoperability is hard to test - Why?

1. Protocol specifications cannot ever be completely unambiguous
2. Especially the case in the messy world of systems management
3. Multiple providers, multiple infrastructures
4. Virtualized and non-virtualized environments

On the Wire : WS-Federation

What are the key identity interoperability technologies today?

1. Open ID
2. WS-Federation
3. ADFS
4. Cardspace
5. Project Higgins
6. Samba

What are we doing to make them work better together?

1. Helping to develop open source implementation of WS-Federation with Novell
2. Bandit and Higgins work will be advanced
3. More to come

to be continued .......