Friday Apr 11, 2014

Friday Spotlight: Writing a Broker for Oracle Secure Global Desktop

We talked about the dynamic launch feature in Oracle Secure Global Desktop earlier and pointed out that the code providing the functionality is implemented in a broker.  Here, we'll look at the fundamentals of writing a broker before working through a scenario where a bespoke broker would simplify operations.

Broker Basics

The interfaces and classes you need to write a broker are in the com.tarantella.tta.webservices.vsbim package in the sgd-webservices.jar archive. 

IVirtualServerBroker is the key interface and all Secure Global Desktop brokers must implement it.  These are the methods where a broker writer would typically add logic.

void initialise(Map initParams) This method is called once when the broker is loaded by the Secure Global Desktop workspace.  It gives the broker a map of the key/value pairs configured on the dynamic application server object using the broker.  Typical parameters would be the name and port of a source of real or virtual application servers.
Map getCandidateServers(Map params) Secure Global Desktop calls this method to obtain a list of servers available to a particular user.  The broker receives a map of parameters, including the identity of the user, and the broker returns a list of candidate servers.  The broker writer is free to decide how to populate that list and whether to return one candidate or several.  For example, the broker could contact a database to reserve a single server.  Alternatively, it could use APIs or web services to contact a VM provider and get a list of available virtual machines.
ICandidateServer prepareCandidate(String type, ICandidateServer candidate) This method is called after getCandidateServers returns a single option or the user has selected one from several.  This is the place for any code needed to set-up the chosen server or virtual machine.
void destroy() This is where the broker would tidy-up, freeing any resources it had used, like sessions and connections.

A Sample Broker

Let's look at a scenario where writing a broker could simplify operations.  You are an administrator of a Secure Global Desktop deployment where users periodically need to access a key application.  Only a single instance of the application can run on any one server and you have a limited number of licenses.  When a user requires access to the application, they submit a service request to reserve one.  The traditional, broker-less approach in Secure Global Desktop would be to create an application object, configure it to run on the reserved application server and then assign it to the user who reserved it.  Time-consuming if you have to do this repeatedly and on a regular basis.

However, if we can access the reservation database, we can do it dynamically in a broker.  The operation now becomes:

  • Once only, the administrator assigns the application a dynamic application server configured with a custom broker

Then,

  • User submits a service request and reserves a server
  • User logs into Secure Global Desktop and clicks the link to launch the application
  • The broker queries the database, gets the server that the user has reserved and launches the application on it

For the administrator, there is no need to create, modify or destroy objects in the Secure Global Desktop datastore every time a user submits a service request.

Skipping many details, defensive coding and exception handling, the broker code would look something like this:

package com.mycompany.mypackage;

import com.tarantella.tta.webservices.vsbim.*;
import java.sql.*;
import java.util.*;

public class DbBroker implements IVirtualServerBroker {

    static private final String TYPE = "A Description";
    private Connection dbConn;

    public void initialise(Map<String, String> parameters)
            throws VirtualServerBrokerException {
        // Connect to reservation database.  End-point and credentials are
        // supplied in the parameters from the dynamic application server
        dbConn = DriverManager.getConnection(params.get("URL"), params.get("USER", params.get("PASS"));
    }

    public Map<String, List<ICandidateServer>> getCandidateServers(
            Map<String, String> parameters)
            throws VirtualServerBrokerAuthException,
                   VirtualServerBrokerException {
        Map<String, List<ICandidateServer>> launchCandidates =
                new HashMap<String, List<ICandidateServer>>();

        // Get the user identity
        String identity = parameters.get(SGD_IDENTITY);

        // Lookup the application server for that user from the database
        Statement statement = dbConn.createStatement();
        String query = createQuery(identity);
        ResultSet results = statement.executeQuery(query);
        // Parse results;
        String appServerName = parseResults(results);

        if (appServerName != null) {
            // Create the assigned server.
            CandidateServer lc = new CandidateServer(appServerName);
            lc.setType(TYPE);

            List<ICandidateServer> lcList = new ArrayList<ICandidateServer>();
            lcList.add(lc);
            launchCandidates.put(TYPE, lcList);
        }

        return launchCandidates;
    }

    public ICandidateServer prepareCandidate(String type,
            ICandidateServer candidate)
            throws VirtualServerBrokerException {
        // Nothing to do
        return candidate;
    }


    public void destroy() {
        // Close the connection to the database
        dbConn.close();
    }

    // And the other methods
    public boolean isAuthenticationRequired() {
        // No user authentication needed
        return false;
    }

    public Scope getScope() {
        // Scope at the application level for all users.
        return Scope.APPLICATION;
    }
}

In summary, dynamic launch and custom brokers can simplify an administrator's life when operating in a dynamic environment.  The broker can get its data from any source with a suitable interface: a database, a web server or VM providers with open APIs.  Next time, we'll illustrate that with a broker connecting to Virtual Box.


Friday Apr 04, 2014

Friday Spotlight: Oracle VM update 3.2.8 is now available through My Oracle Support

Oracle VM 3.2.8 can be downloaded from My Oracle Support by searching patch ID 16410428 for Oracle VM server and 16410417 for Oracle VM Manager. This patch update is a complete Oracle VM Server 3.2.8 installer ISO and Oracle VM Manager update ISO, and includes all the cumulative bug fixes that have been integrated since the Oracle VM 3.2.1 release. Oracle VM Server can also be updated from Oracle Unbreakable Linux Network (ULN).

We also provide a separate Oracle VM Server 3.2.8 ISO built with a newer kernel,  UEK2-400 (or more specifically kernel-uek-2.6.39-400.214.3.el5uek). The default kernel still remains UEK2-300 but in case a customer requires this newer kernel it is now also available through a support request.

For more details about this release and a list of the fixed bugs visit our Wiki. This update will be available for download from Oracle Software Delivery Cloud at a later date.

Dynamic Launch in Oracle Secure Global Desktop

In an earlier entry, Oracle Secure Global Desktop and Oracle VDI, we mentioned the dynamic launch feature in Secure Global Desktop and described how we used that feature to connect the two products.  Here's a summary of that integration:

SGD and VDI

Now is a good time to dig a bit deeper into dynamic launch.

Dynamic Launch

There are three parts to it:

  • Dynamic Applications
  • Dynamic Application Servers
  • Brokers

Dynamic Applications

A dynamic application is a type of object in Secure Global Desktop that maps to one or more other applications and offers a user a choice between those applications.  Normally, you would map related applications, like a workflow, or alternatives, where you would expect a user to run only one of the applications at any one time.  'My Desktop' is an example of the latter: it is a dynamic application that maps to a Unix desktop and a Windows desktop, the thinking being that most users would run one or the other, but not both simultaneously.

Dynamic Application Servers

A dynamic application server is an object that tells Secure Global Desktop to execute some code to determine where an application should run.  It can be assigned to an application object just like other application servers and the code is executed when the application is launched.  The code is delivered as a broker.

Brokers

A broker is a Java class that implements a simple interface and is a property of a dynamic application server.  Currently, Secure Global Desktop ships with three brokers:

  • SGD Broker: when this is assigned to an application object, it grabs all the other (real) application servers assigned to the application and presents the user with a choice
  • User-defined SGD Broker: an extension of the SGD Broker that adds the option for a user to enter a host name
  • VDI Broker: this is used to provision hosts through VDI

Together, they provide a structured, flexible and extensible system: a single dynamic application in a user's workspace can open up a wealth of choices.  Let's consider a scenario where a user needs to run a range of web applications that require different browser types and versions.  One solution in Secure Global Desktop would be to create separate items for each type of browser and publish them to the workspace.  Alternatively, you could create a dynamic application that maps to the different types of browser and logically group them together.  And this can be taken a step further: by assigning a dynamic application server to an application, that browser could be run on a server dynamically provisioned through VDI or whatever hypervisor the broker has been written to handle.

Dynamic Launch

So, three key components make up dynamic launch.  Two of them, dynamic applications and dynamic application servers, are part of the Secure Global Desktop infrastructure and plumb the feature into the datastore, workspace and launch process.  They belong in the administrator's realm.  The third component, the broker, provides extensibility.  Secure Global Desktop ships with a broker to deliver VMs provisioned through Oracle VDI, but the open interfaces mean it does not have to stop there. To go further, we must enter the developer's world and write a little code.  Next time...


Thursday Apr 03, 2014

Run Virtual Machines with Oracle VM

Each Oracle VM server is a separate virtualization platform which runs Oracle VM Server for x86 or Oracle VM Server for SPARC. An Oracle VM server's main job is to run virtual machines, enabling you to run multiple independent systems at the same time.

To learn more about Oracle VM, take the training course corresponding to your platform. You can take these courses via:

  • Live-Virtual Events: Attend a live event from your own desk, no travel required. Chose from a selection of events already on the schedule to suit different time zones.
  • In-Class Events: Travel to an education center to attend an in-class event. Below is a selection of the in-class events already on the schedule.

Oracle VM Administration: Oracle VM Server for x86

 Location

 Date

 Delivery Language

 Melbourne, Australia

 7 May 2014

 English

 Perth, Australia

 19 May 2014

 English

 Sydney, Australia

 18 June 2014

 English

 Montreal, Canada

 27 May 2014

 English

 Ottawa, Canada

 27 May 2014

 English

 Toronto, Canada

 26 May 2014

 English

 Prague, Czech Republic

 19 November 2014

 English

 London, England

 7 April 2014

 English

 Paris, France

 5 May 2014

 French

 Athens, Greece

 2 April 2014

 English

 Rome, Italy

 22 April 2014

 Italian

 Tokyo, Japan

 16 April 2014

 Japanese

 Riga, Latvia

 12 May 2014

 Latvian

 Mexico City, Mexico

 21 April 2014

 Spanish

 Auckland, New Zealand

 3 June 2014

 English

 Oslo, Norway

 23 April 2014

 English

 Makati City, Philipinnes

 5 May 2014

 English

 Warsaw, Poland

 26 May 2014

 Polish

 Bucharest, Romania

 22 April 2014

 English

 Singapore

 15 April 2014

 English

 Ljubjana, Slovenia

 14 May 2014

 Slovenian

 Istanbul, Turkey

 20 May 2014

 Turkish

 Phoenix, AZ, United States

 2 September 2014

 English

 Sacramento, CA, United States

 2 September 2014

 English

 San Francisco, CA, United States

 2 September 2014

 English

 San Jose, CA, United States

 2 September 2014

 English

 Roseville, MN, United States

 28 April 2014

 English

 Edison, NJ, United States

 27 May 2014

 English

 Columbus, OH, United States

 30 June 2014

 English

 King of Prussia, PA

 27 May 2014

 English

Oracle VM Server for SPARC: Installation and Configuration

 Location

 Date

 Delivery Language

 Canberra, Australia

 23 June 2014

 English

 Melbourne, Australia

 21 July 2014

 English

 Perth, Australia

 26 May 2014

 English

 Sydney, Australia

 31 March 2014

 English

 Bogoto, Columbia

 28 April 2014

 Spanish

 Prague, Czech Republich

 23 April 2014

 Czech

 Greece, Athens

 31 March 2014

 English

 Causeway Bay, Hong Kong

 26 May 2014

 English

 Tokyo, Japan

 25 September 2014

 Japanese

 Madrid, Spain

 3 April 2014

 Spanish

 Dubai, United Arab Emirates

 29 June 2014

 English

 Phoenix, AZ, United States

 6 August 2014

 English

 Sacramento, CA, United States

 6 August 2014

 English

 San Francisco, CA, United States

 6 August 2014

 English

 San Jose, CA, United States

 6 August 2014

 English

 Atlanta, GA, United States

 8 April 2014

 English

 Roseville, MN, United States

 16 April 2014

 English

 Caracas, Venezuela

 22 May 2014

 Spanish

To register for an event, request an additional event or learn more about Oracle's Virtualization curriculum, go to http://education.oracle.com/virtualization.

Wednesday Apr 02, 2014

PVH - Best Characteristics of All Virtualization Modes

We all know that Oracle VM Server for x86 incorporates an open source Xen hypervisor component, which has been customized and optimized to integrate into the larger, Oracle-developed virtualization server. At the same time, Oracle is behind the Xen project and has made a variety of contributions. PVH is just one of the examples.

In the latest release of Xen 4.4, Oracle has contributed a functional preview of a new virtualization mode called PVH currently available to virtualized guests. PVH is an extension to the classic Xen Project Paravirtualization (PV) that uses the hardware virtualization extensions available on modern x86 processors. PVH uses PV drivers for boot and I/O, and Intel hardware virtualization extensions for page table operations, system calls and other privileged operations. This not only improves performance and security, but also simplifies the architecture and Xen Project Hypervisor-Linux interface significantly.

The feature was made possible thanks to Mukesh Rathor. He talked about his work at the Linux Collaboration Summit last week. For more technical details, you can read Konrad Wilk's blog entry at Xen.org: http://blog.xen.org/index.php/2014/01/31/linux-3-14-and-pvh/. You can learn more about Oracle's technical contributions to Linux and open source communities.

Note that this is about the upstream Xen development, so the feature is not immediately available in the current Oracle VM release. For What's New in the Oracle VM releases, visit here.

Monday Mar 31, 2014

PARTNER WEBINAR (Apr 17): Deploy BeyondTrust's Powerbroker in Minutes with Oracle VM Template

Date: April 17, 2014

Time:  10am PDT / 1pm EDT

Oracle VM application-driven architecture is designed for rapid application deployment for both Oracle and non-Oracle workloads. Using Oracle VM Templates, entire application stacks can be pre-installed, pre-configured for rapid deployment. With Oracle VM Template for BeyondTrust's PowerBroker, customers can standardize the deployment of their security software, eliminate the installation and configuration costs, and reduce the ongoing maintenance and support costs, hence  helping organizations achieve faster time to market.

Join us in this live webcast to hear from Oracle and BeyondTrust experts on how you can benefit from the combined solution to further automate and simplify the deployment of real security in your IT environment.

Register today 


Saturday Mar 29, 2014

Oracle VM VirtualBox 4.3.10 New Features

Oracle VM VirtualBox 4.3.10 is primarily a maintenance release fixing bugs but also adds some new (experimental) features. Mac OS X users can now experience native full screen support for Mountain Lion and Mavericks. Simply press the "Host key" + "F" to toggle this on or off, or go the View menu to "Switch to Fullscreen".

Mac OS X native fullscreen support

An additional (experimental) new feature is the keyboard indicators (HID LEDs) synchronization for Mac OS X hosts. This feature makes the host keyboard lights match those of the virtual machine's virtual keyboard when the machine window is selected. This is a per-VM setting and it is disabled by default. To enable this for a VM use the following “VBoxManage" command:

./VBoxManage setextradata "GUI/HidLedsSync" "1"

Note: This is an experimental feature and works best when using the internal keyboard of eg your MacBook Pro.

- The Oracle VM VirtualBox team

Friday Mar 28, 2014

Friday Spotlight: New Features in Oracle VM Server for SPARC

The latest release of Oracle VM Server for SPARC 3.1.1 was announced recently. It has extended Single Root I/O virtualization (SR-IOV) benefits beyond Ethernet and Infiniband devices by adding support for Fibre Channel devices. In addition, it provides the ability to control the amount of physical network bandwidth consumed by virtual network devices, thus prevents guest domains from consuming excess bandwidth. To take advantage of the latest features to benefit your virtualization deployment, read Jeff Savit's blog here.

Oracle Secure Global Desktop and Oracle VDI

What is the relationship between these two products?  One view is that Secure Global Desktop (despite its name!) provides access to remote applications and VDI does the same for remote, virtual desktops (VMs).  A clean distinction, but slightly artificial: to Secure Global Desktop, a remote desktop, virtual or not, is really just a remote application.  There is little to differentiate the products when it comes to connectivity to remote desktops -  Secure Global Desktop has its native and HTML 5 clients, VDI has Sun Ray and OVDC, but both products connect to remote servers in the same way, typically using RDP.

Where the products differ is in their scope.  Oracle VDI is a comprehensive solution that enables an administrator to create, store, manage and destroy VMs, as well as allowing users to connect to them.  Secure Global Desktop is simpler and restricts itself to connectivity to the VMs.

So, do the products work together?  A most definite 'yes': use Secure Global Desktop for user connectivity and VDI for management of VMs.  In fact, Secure Global Desktop ships with a component specifically for communicating with VDI.  You can find full details at http://docs.oracle.com/cd/E41492_01/E41495/html/dynamic-launch.html#broker-vdi-3-3 but we can do a short overview here.

Firstly, a slight digression.  There are two main entry points to Secure Global Desktop.  The common approach is for users to log in through their browser and go to their Workspace (formerly known as their 'Webtop').  The Workspace presents all the applications that an administrator has published to the user as links and an application can be launched by clicking its link.  The second entry point is 'My Desktop'.  Here, a user logs in through the browser but, rather than going to the Workspace, a desktop is launched automatically.  Quite a good fit for delivering virtual desktops and the approach we will use in our example.

Let us assume it is a clean installation of Secure Global Desktop.  The first task is for the Secure Global Desktop administrator to configure 'My Desktop' to talk to VDI.  The steps are:

1. 'My Desktop' is a dynamic application object, meaning that it can map to one or more real application objects.  Since all the VM providers accessed through VDI emit RDP, we are interested in 'Windows Desktop' and not 'Unix Desktop'.  We delete the mapping to 'Unix Desktop', leaving a single mapping to 'Windows Desktop'.

Next, we configure the 'Windows Desktop' application.  Traditionally, this would be done by assigning it an application server object that points to a real Windows server.  Here, we are going to use a dynamic application server.  It is 'dynamic' because it uses code (in this case, the VDI Broker) to define the server or servers, rather than a static setting for DNS name or IP-address.  So, next:

2. We create the dynamic application server, set its 'Broker Class' to 'VDI Broker' and configure it with the particulars of our installation.  Configuration involves providing the URL for the VDI web services and, if they are secured with a certificate from an untrusted certificate authority, installing the certificate (or chain) into Secure Global Desktop.
3. We assign this dynamic application server to 'Windows Desktop'

That is the administrator's job done.  The user scenario is:

- User clicks the 'My Desktop' link in the browser and authenticates.
- The VDI broker code runs and gets a list of VMs available to the user.  If there is only one candidate VM, Secure Global Desktop connects the user directly to the virtual desktop.  If there are several, the user is given the option to select one before a connection is made.

By using the VDI broker included in Secure Global Desktop, you can deliver virtual desktops to users through Secure Global Desktop and manage the desktops with VDI.  For users familiar with Secure Global Desktop, the desktop is just another application and they face no learning curve.  And administrators can continue to manage desktops through VDI, or even add desktops from other providers without changing the user experience.

There are references to 'dynamic application server objects' and 'dynamic application objects' in this discussion.  These types of objects, along with some open interfaces, form the 'dynamic launch' feature in Secure Global Desktop. This feature is used to extend the product and the VDI Broker is an example of this extensibility - by simply implementing a public interface (see http://docs.oracle.com/cd/E41492_01/E41499/html/com/tarantella/tta/webservices/vsbim/IVirtualServerBroker.html), the VDI Broker plugs into the Secure Global Desktop infrastructure and provides additional functionality. 

Dynamic launch will be the topic of a later entry.

Thursday Mar 27, 2014

Webcast: Simply Your Cloud Deployment with Oracle Virtual Compute Appliance

Join us and learn about Oracle Virtual Compute Appliance, an integrated, “wire once”, software-defined infrastructure system designed for rapid cloud deployment.

Find out how this first converged infrastructure solution from a single vendor provides superior ease-of-purchase, product integration, simplified management and support to customers.

Register here to discover how you can use Oracle Virtual Compute Appliance to:

  • Transform your IT systems with a range of Cloud deployment models from IaaS to DBaaS
  • Significantly reduce your solution deployment time to hours not days or weeks
  • Consolidate Linux, Windows, and Oracle Solaris applications onto one platform
  • Leverage proven enterprise technologies in a simple Engineered System

Date: April 16, 2014
Time: 10:00 AM PDT

Duration: 60 minutes

View local time here

Tuesday Mar 25, 2014

Oracle VM VirtualBox 4.3.10 Released

VirtualBox.png

Oracle VM VirtualBox 4.3.10 has just been released. This maintenance release improves stability and includes some new experimental features.

For more details see the ChangeLog, or just simply download it now at the community or Oracle download sites.  

- The Oracle VM VirtualBox team

Sunday Mar 23, 2014

Oracle VM for x86 Customer Feedback Survey - help us help you!

Dear customers and partners
As part of our continues effort to improve Oracle VM we are conducting a survey which will help us determine what are the features to focus on in the next releases of Oracle VM. The survey covers a broad range of features and our goal is to understand which ones are more important for our customers as  well as validate our current plans as we move forward. Since it is a bit difficult to dive deep into each and every area we would like to follow up with customers and partners who are willing to share more in depth information with us and learn their use cases and needs in more details.

Please find some time to take the survey and provide us with valuable feedback on those things which will make a difference for you. We are looking forward to reading your comments and following up with you to make sure we deliver a solution which optimally fit your needs.

The link is here

Thank you,

Oracle VM Product Management Team 

Friday Mar 21, 2014

Friday Spotlight: Oracle Secure Global Desktop 5.1

Happy Friday, everyone! Our Friday Spotlight this week is a blog entry from the Oracle Secure Global Desktop engineering team, with some info on what they've been up to: 


Hadn't noticed that this blog has been quiet for a while.  Time to catch-up!

So, what's been happening with Oracle Secure Global Desktop recently?  The biggest event was the release Oracle Secure Global Desktop version 5.1 in November 2013.  This version builds on the tablet support for iPads introduced in version 5.0 and extends it to Android devices.  It also supports the use of the tablet client, using HTML 5 technology, in Chrome browsers.  The traditional Oracle Secure Global Desktop clients are not being neglected and a Patch Set Update was delivered in February 2014 to support their use in Internet Explorer 11.

Talking of "Patch Set Updates", that's the other big, recent development.  In early 2014, we released 'tarantella patch' commands that can be retro-fitted to Long Term Support (LTS) maintenance releases of Oracle Secure Global Desktop and Oracle Secure Global Desktop Gateway to patch existing installations.  Using these commands, you can keep current with third-party components, like the JVM, and apply bug fixes to Oracle Secure Global Desktop.  It's not an alternative to upgrading to the latest version to get the latest features, but helps alleviate immediate problems until an upgrade can be scheduled.

Finally, the other big change is the relationship between Oracle Secure Global Desktop and Oracle VDI, but that's a big topic that needs an entry to itself...


We'll see you next week with another Friday Spotlight!

Tuesday Mar 18, 2014

Oracle VM Server for SPARC 3.1.1 Released

We are pleased to announce the latest Oracle VM Server for SPARC 3.1.1 release. The major changes for this release are as follows.

For information about the hardware and software requirements for the Oracle VM Server for SPARC 3.1.1 release, see the Oracle VM Server for SPARC 3.1.1 and 3.1 Release Notes.

Oracle VM Server for SPARC 3.1.1 has been integrated into Oracle Solaris 11.1 beginning with SRU 17.5. To download the software, refer to Oracle Solaris 11.1 Support Repository Updates (SRU) Index [ID 1501435.1]  from My Oracle Support.

Oracle Premier Support for Systems provides fully-integrated support for your server hardware, firmware, OS, and virtualization software. Visit oracle.com/support for information about Oracle's support offerings.

For additional resources about Oracle VM Server for SPARC

For more information about Oracle's virtualization, visit oracle.com/virtualization.

Friday Mar 14, 2014

Friday Spotlight: Get Hands-on Virtually or In Person With Our Upcoming Events

March 18th Virtual Sysadmin Day

Join us in this half day virtual event hands-on lab guided Oracle product experts where you can learn to:

  • Run multiple, isolated instances of Oracle Linux with extremely low overhead using Linux Containers
  • Deploy and manage a private cloud with Oracle VM and Enterprise Manager 12c
  • Virtualize and deploy Oracle Database in minutes using Oracle VM Templates

Register here

For our European audience, you can attend the upcoming in person seminars for the below locations Please note, seating is limited so please register soon:

  • 3-Apr-14 Paris, France - Oracle Linux and Oracle VM enabling private cloud seminar. Register
  • 30-Apr-14 London, UK - Oracle Linux and Oracle VM enabling private cloud seminar. Register
  • 1-May-14 Stockholm, Sweden - Oracle Linux and Oracle VM enabling private cloud seminar. Register

About

Get the latest scoop on products, strategy, events, news, and more, from Oracle's virtualization experts

Twitter

Facebook

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
5
6
7
8
9
10
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today