Oracle VM Blog: Basics of Oracle VM

I'd like to cover some basics about Oracle VM, what's the difference between Oracle VM and RHEL Xen and how it's related to the open source Xen hypervisor.

Oracle VM (http://www.oracle.com/virtualization) is Oracle's server virtualization and management solution for x86/x86-64 platforms. The components of Oracle VM are Oracle VM Manager and Oracle VM Server.

* Oracle VM Manager: Provides the web based user interface to manage Server Pools, Oracle VM Servers, virtual machines, and resources. Oracle VM Manager not only provides life cycle management of virtual machines such as creating and configuring guest VMs, but also performs advanced functionality to load balance across resource pools and automatically reduce or eliminate outages associated with server downtime.

* Oracle VM Server: A self-contained virtualization environment designed to provide a lightweight, secure, server-based platform for running virtual machines. Oracle VM Server is based on open source technology (Xen hypervisor for example) tailored by Oracle, and includes Oracle VM Agent to communicate with Oracle VM Manager for management of virtual machines. Oracle VM Server is installed on bare metal server hardware.

OracleVM-Architecture.jpg

Although Oracle VM server uses the Xen hypervisor, it's not the same as the one used in RHEL Xen. Similarly, both RHEL and SLES use the Linux kernel, but you won't say that one is repackaged from the other. Our development team compared the Xen source code between RHEL 5.2 Xen (3.1.0+ patches) and Oracle VM Server 2.1.2 (Xen 3.1.4), the diff file is 1.6MB, or 48,880 lines of code. It's not just a set of bug fixes or patches, there are big differences in what's actually deployed.

From a deployment perspective, multiple Oracle VM Servers are grouped into Server Pools in which every server in a given pool has access to shared storage, which can be NFS, SAN (Fibre Channel) or iSCSI storage. This allows VMs associated with the pool to start and run on any physical server within the pool that is available and has the most resources free. Given the uniform access to shared storage, VMs may also be securely Live Migrated or automatically (re-)started across any servers in the pool. The underlying core technology to form a server pool is the OCFS2 that Oracle developed and contributed to the Linux community, and accepted into Linux kernel 2.6.16. Obviously it's different in how the server pool is implemented in RHEL Xen or other Xen based solutions.

OracleVM-Deployment.jpg

Oracle is a member of the Xen Advisory Board which serves in an advisory capacity to the Xen project leader for all community and development activities as well as management for the Xen trademark. Oracle's Linux and Oracle VM engineering team contributes heavily to feature development of Xen mainline software. The most significant contributions are in the area of hardware virtualized timers, guest and hypervisor debugger and bugfixes, transcendent memory, SSL live migration and xend locking, as well as participation in XenAPI changes; Oracle is also working on Windows Paravirtualized drivers. The Oracle QA team also provides stabilization efforts through testing Xen configurations with Oracle workloads and Oracle Enterprise Linux kernels.

See additional resources:

* Oracle's technical contributions to Linux and open source communities
* May 2009, OTN TechCast Linux Engineering Update with Wim Coekaerts: Part 2 - Virtualizing the Oracle Stack (8 minutes)
* May 2009, OTN TechCast Linux Engineering Update with Wim Coekaerts, Part 1 - Linux Kernel Development at Oracle (8 minutes)

Comments:

There is no doubt from your article that oracle presents a fantastic virtualization solution. Also the technology for virtualization has matured, however the detractors of this technology keep raising the issue of security. How does your technology address the issue of security?

Posted by virtualization made simple on May 09, 2009 at 11:01 PM PDT #

It's an excellent question. Security is an important aspect when you plan the virtualization deployment. In the case of Oracle VM, the "Dom0" is a privileged management and control domain that provides isolation for the guest domains. By default installation, the Oracle VM server (Dom0) only contains minimal system software. As a best practice you should not add any "user" applications to Dom0. You can consider the hardening technique (disable unnecessary services, disable unnecessary boot devices, etc.). Furthermore, you should apply security considerations that involve controlling access to Dom0. For the guest OS security, you should apply the common best practices just like it's on the bare metal.

Posted by Honglin Su on May 10, 2009 at 03:20 PM PDT #

Hi Honglin, is OVM server based upon the Xen Opensource hypervisor ? Or is it based upon the RHEL port of Xen ? Cheers Simon

Posted by Simon Hayler on December 07, 2009 at 12:43 AM PST #

Hi Simon! Oracle VM server uses the open-source Xen hypervisor, and does not use the embedded Xen code of RHEL.

Posted by Honglin Su on December 07, 2009 at 02:46 AM PST #

We wish to deploy Oracle VM, where some of the virtual machines in the VM server will be in the DMZ and other virtual machines will be in the production/internal LAN. Is there any security risk in deploying it this way on the same VM server? Thanks, Ninad

Posted by Ninad on December 17, 2009 at 05:48 PM PST #

Ninad, If you use a dedicated network Interface for the DMZ traffic on the server then there should not be a security issue. I would still keep separate physical server for Internet DMZ zone as a security best practice. Regards, Ronald

Posted by Ronald on July 17, 2010 at 03:52 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Get the latest scoop on products, strategy, events, news, and more, from Oracle's virtualization experts

Twitter

Facebook

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
5
6
7
8
9
10
12
13
14
15
16
17
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today