Dell Considers Bundling Virtualization on Mobos

castrox writes "Ars Technica is reporting that Dell may be considering bundling virtualization on some of their motherboards. No more dual boot or VMs inside the running OS? 'Any way you slice it, though, putting the hypervisor in a chunk of flash and letting it handle loading the OS is the way forward, especially for servers and probably even for enterprise desktops. Boot times, power consumption, security, and flexibility are all reasons to do this ... The big question is: which hypervisor will Dell bundle with its machines? Vance suggests hypervisors from XenSource and VMware as two options, but I think that VMware is the most likely candidate since it seems to be the x86 virtualization solution of choice for the moment. However, if Dell doesn't try too hard to lock it down, this system could easily be modified in an aftermarket fashion to include almost any hypervisor that could fit on the flash chip.'"

Overwhelming Support

[Doc+Ruby]

Dell's gonna have a hell of a time supporting these complex features while it's closing down its call centers.

Re:Overwhelming Support

[Kadin2048]

Was anyone with a clue actually calling Dell's call centers anyway?

The only reason I've ever called a manufacturer's tech support line in years has been to get an RMA. And it's generally just irritating when they insist on taking me through their little script before they'll admit defeat and return the piece of junk.

The purpose of those call centers is probably mostly for "cupholder calls," and less so for support on their higher end products, which is where the virtualization hardware would be (at least initially). I assume corporations have direct access to Dell to process RMAs and warranty work, request on-site service, etc., without going through a callcenter drone.

Re:Overwhelming Support

[Forge]

Close.

A few tips on calling Dell tech support if you are a competent engineer who diagnosed the problem before reporting it.

1. For a home PC the techs are so incompetent that it's easier to just lie about the nature of the problem. I.e. If your hard drive is on the fritz, making rattly sounds and loosing data just say "The drive is completely dead. When I connect it the BIOS doesn't even admit that it's there".

2. Gold support is better than economy or even silver, but not for the reasons on dell.com. It's better because they connect you to the most competent support guys almost immediately when you call the gold support line. Competent engineers know when they are speaking to an equal and will dispatch the required parts immediately. They also send out "just-in-case parts".

3. Call late at night if your warranty allows it. The brightest tech support guys in Texas know that the graveyard shift is the best time to work. Less traffic on the commute, more pay and more time available for none work related tasks. Your shortest and most fruitful calls will be at 2:00 AM.

4. Don't be afraid to hang up. I once had an external tape drive (PV 110T) that was bursting tapes whenever I initiated a backup. The tech support guy insisted that I must reboot the server so I could see if the drive shows up in the BIOS before he could go any further. I hung up, called back latter and got a brighter support guy who dispatched a replacement drive in around 5 minutes.

Re:Overwhelming Support

[QuantumRiff]

The Roseburg, OR call center closure really pissed off the town.. They gave Dell an tax exemption, saving them $5mil over 5 years.. They also spent $1mil on other "incentives" and infrastructure upgrades to attract them to the area. As soon as that Tax exemption was over, they closed down the doors.. Just before, they made some of the best techs there go over seas and train their replacements.. The employees were told they were opening up an "additional" call center, not moving theirs.. Apparently, they also were a crappy tenant and trashed the building they were in...

I don't think Dell is going to be selling many more PC's in southern Oregon for a while...

Re:Overwhelming Support

[louisadkins]

You are right - company policy is company policy. But. Keep in mind that not every agent is going to follow company policy every time. Years ago I worked Dell tech support and I would regularly have to deal with getting customers that had previously dealt with someone who didn't follow policy. I'd spend an extra five to fifteen minutes telling them that, yes, I really did have to do it the way I was doing it. I really didn't feel like taking the approximately 4% chance that someone was listening to my calls and loose my job.

Top two possible misspellings:

[Roadmaster]

Dell considers bundling virtualization on mofos

or

Dell considers bundling virtualization on hobos

not pretty either way.

Re:Top two possible misspellings:

[Jeff+DeMaagd]

It's stupid slang. May as well call them fabos for fatherboards.

Re:First VM.

[morgan_greywolf]

Why wait for Dell to do this?

For that matter, who needs to?

You can get the benefits of this yourself.

1) Download Damn Small Linux.
2) Install on a USB pen drive.
3) Add Xen Source (or VMWare) hypervisor
4) ???
5) Profit! (sorry, couldn't resist)

Re:Yes, but: So what?

[Albanach]

In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card/[insert other stupid-simple method of booting from flash]?

The difference is that it's a supported set up from a major manufacturer. That means that when you pay for 24x7x365 support you are not faced with being told that you've modified the hardware and they can't support your setup. Indeed if your flash card dies a sudden death, the Dell engineer

can be there within four hours and should actually be carrying a spare.

For a hobbyist at home I doubt there's much of a difference at all, but for folk paying big $$$ for enterprise solutions, this is probably very welcome.

IBM does this on their iSeries

[dagar]

IBM is already doing this on their iSeries (AS/400). In order to manage it you have to have a Hardware Management Console (an x86 xSeries machine running Linux and their management software). I really think that they have done a good job of the virtualization, it also lets IBM throttle back the CPU. We have a 1000CPW (IBM's performance index) machine that with the Power5 1.5Ghz processor is limited to 43% utilization. In order to get all 100% of the CPU (2400CPW), we would have to pay through the nose.

Simple compute nodes

[tji]

As others mentioned, similar things can be done now -- an IDE/Flash boot into a minimal hypervisor Linux for Xen or KVM. That would also allow some flexibility, to maybe run a few things directly on the hardware. I would be very interested in an approach like this for my home Linux server.

For larger enterprise uses, the really simple hypervisor is nice. Just slap another box in there, and it is quickly added to your compute cluster. If they do it right, that system could even net-boot and auto-install the latest hypervisor image when it's first added. Factor in VMWare's "VMotion" stuff, where VMs can be moved among compute nodes in a cluster, and that simple compute node, along with a big NAS, is really slick.

Already happening in game console market

[wdnspoon]

I think PS3s already get shipping with a built-in hypervisor to manage installing guest OSs in VMs on the console. Ostensibly it's a feature, but doing so has given them enough control to prevent access to accelerated graphics so people don't use the console to play games they downloaded and are instead forced to buy. There's certainly precedent for this, and we're sure to see a lot more of this in the future. Hopefully the PC market is competitive enough that Dell won't be restricting their own hypervisor to restrict certain hardware access, or only allow the use of VMs from "trusted" sources. If this is true, then this is excellent news.

reminds me of ...

DRM (Score:3, Insightful)
by Frank T. Lofaro Jr. (142215) on Tuesday June 07, @05:12PM (#12751680)
(http://www.linux.com/)

They are doing this for DRM.

Their Hypervisor will enforce DRM, so even linux can't override it.

They'll make it so all device drivers must be signed to go into the
Hypervisor which will be the only thing with any I/O privs that aren't
virtualized.

They'll make it so new hardware has closed interfaces and can only be
supported by a driver at the Hypervisor level.

Any drivers in any OS level won't be able to circumvent the DRM, since
they'll just THINK they are talking to hardware, but will get virtual
hardware instead - and the Hypervisor won't let it read any protected
content through the virtual I/O, it will blank it out (e.g. all zero
bytes from the "soundcard") or something similar.

The drivers designed for the Hypervisor won't work in any higher level,
since they'll need to do a crypographic handshake with the hardware to
verify it is "real" and the hardware will also monitor bus activity so
it'll know if any extraneous activity is occur (as it would if it was
being virtualized).

Everything will have a standard interface to the O/S, so Linux will still
run but be very limited and slowed down - since only Windows will be
allowed "preferred" access to hardware, other O/S will be deliberately
crippled.

They'll say you can still run Linux.

Hardware manufacturers won't release specs, they'll say use the Hypervisor
and you can still use Linux.

You'll still need to buy Windows to use any hardware - Linux won't even
boot on the raw hardware.

MS doesn't care if Linux isn't killed - the above allows them lock in - no
windows - your PC won't boot - since nothing but the Hypervisor will know
how to talk to the IDE card, etc.

What about manufacturers that want to support open interfaces, etc?
Microsoft will deny them a key which they will need to talk to the
Hypervisor - and the Hypervisor will refuse to talk to them.

Support anything other than solely the Hypervisor and you can't use the
Hypervisor. No Windows - lose too many sales.

And they can say other O/S's are still allowed.

They'll just not be able to give you freedom to use your hardware as you
see fit (DRM, need to pay more to get software to unlock other features
on your hardware), only Windows will run well, and you need a Windows
license and Hypervisor for every PC or else it is unbootable.

Please, do not make this the only option

[querist]

This frightens me on so many levels that it is difficult to know where to start. Unless that hypervisor is burned into a non-rewritable form of storage (e.g. ROM), it will be subverted.

As it has been demonstrated at Black Hat by the illustrious Ms. Rutowska, (as well as being fairly obvious to anyone familiar with hypervisors) a hypervisor is below the OS and can be impervious to the OS's probing, but it still lies between the OS and the hardware.

Properly implemented, this could be a very good thing. With no disrespect intended toward Dell, I suspect that the first several implementations (at least) will leave the resulting systems vulnerable to subversion, and this subversion would be difficult, at best, to detect.

This is an interesting concept, and it could be used for "good", but as the saying goes "the devil is in the details". The idea is good, it is the potential implementation that worries me.

Full Disclosure: I have a Ph.D. (2006) in InfoSec.

Re:Please, do not make this the only option

[Wesley+Felter]

So where are all the ESX exploits?

Re:Yes, but: So what?

[Burz]

Presumably having Dell's hypervisor load instantly at power-up could prevent other virtualizers from running, including hypervisor-based rootkits like Blue Pill.

Not sure what the big deal is

[Sloppy]

It's easy to see how moving more stuff from the disk to flash is "slicker" and can make things load a little bit quicker (but seriously: how much? I doubt transferring hypervisors, kernels, or boot managers (e.g. grub) from disk is a major factor in boot times). But what's so special about hypervisors? Forget making this "solution" so specific. Just build a few dozen megabytes of disk-like (bootable) flash into the board, and let the user decide if they just want to use it for a hypervisor, or move a whole bunch more stuff into there in an effort to try to get their modern machine boot as fast as an Amiga.

The one thing that it occurs to me that such an answer would really help with, is working around a certain (dumb) Linux limitation. Booting off EVMS is tricky (or at least it was, last time I looked). Move your boot off-disk, then you can EVMS your whole disk.

And what's this about "security?" The article doesn't explain why it mentions security, and that's not a surprise, because there's no reason it would be more secure. As other have pointed out, "security" is obviously being used as a codeword for something very, very different (i.e. having the machine serve someone else's interest (e.g. MPAA) at the expense of the user's interest).

Re:I don't want a hypervisor thanks

[EvilMagnus]

Virtualization can be really useful to make sure you're making use of all available resources.

Consider a development environment. You might have ten developers, each with their own server. For most of the time, most of the capabilities of those development boxes are being unused, but they're still taking up space and power in your datacenter.

If you could virtualize those 10 dev boxes down to two or three bigger boxes, you could:
- save on space and power in your data center
- ensure you're using your available resources more efficiently (the cpus and RAM aren't idle most of the time; they're actually being used)
- makes it easier to 'add another box' to the mix if you get a new hire. Setting up a new dedicated (virtual) development server takes a matter of minutes, and can all be done in software for no additional cost. This is especially true if you keep all your server images and data on a shared network storage device (or hook the host OS box up to a SAN).

There's the increased risk of downtime from hardware failures, but buy the right boxes for the host OS and that's not a problem.

Dell's solution, if it works, would be really neat. It would probably simplify the act of virtualization even more, and means *none* of the host CPU or RAM is taken up running the VM server. It's all available for guest OS use.

Reality check

[Wesley+Felter]

Let's be clear; Dell is talking about servers with built-in hypervisors. Extrapolating these plans to desktop PCs is just unfounded speculation.

Their Hypervisor will enforce DRM, so even linux can't override it.

Servers don't care about DRM.

They'll make it so all device drivers must be signed to go into the
Hypervisor which will be the only thing with any I/O privs that aren't
virtualized.

OK, this is true. ESX requires special drivers.

They'll make it so new hardware has closed interfaces and can only be
supported by a driver at the Hypervisor level.

On the contrary; Dell has been driving companies like Broadcom and Adaptec to open up and offer open source drivers. AFAIK the only reason we have the tg3 driver is because Dell told Broadcom to provide Linux drivers.

Re:I don't want a hypervisor thanks

[Uruz+7]

Aren't you being a bit selfish? If you don't want Windows or Mac then don't install them. It's likely that your BIOS has support for tons of things which you are not using nor forced to use. And since you're a Linux user, I'm sure you're aware of all the crap that you'll probably never have to enable in the kernel but it's there if you want it.

I'm not really sure what you mean by slippery slope either. Slippery slope to what? More features? I also don't think this is for the desktop market. I couldn't tell from the article but I assume this is meant for server class machines where virtualization is awesome for fairly cheap HA setups and having this come straight from Dell this way makes it that much easier to pitch to a guy with an MBA.

Re:Yes, but: So what?

[adolf]

3) The USB headers are not going to have as high of an uptime compared to something dell could build onto the motherboard (in theory, supposing dell does'nt screw up. This is required due to what most server buyers need is reliability for servers that run 24/7/365.25. Adding in what you suggested, the first thing to fail would most likely be either the flash or the adapter.

I take issue with everything you say here.

There is no qualitative reason why USB should not have, as you say, "as high of an uptime" as anything else which plugs into a computer. In fact, the opposite is likely to be true: USB, having finally grown into something that generally doesn't suck, has been tested and revised for over a decade, and is far more likely to be resolutely reliable than any newly-developed interface technology which has not been so rigorously abused. It's a single point of failure, sure, but it share that disadvantage with SCSI, SATA, PCI Express, and all other likely candidates for connection.

I would further like to submit that the first thing to fail in any flash-based installation in a personal computer will be either the flash chip itself, its interface chip (ala "adapter"), or one of the supporting components (resistors, capacitors - that sort of stuff).

Finally, I'd like to speculate that all Dell will be doing is installing a flash device onto a USB bus. The hardware and software to accomplish this were finished years ago, and thus long ago entered the category of being free (as in beer) for Dell (particularly their marketing departments) to take advantage of.

Re:Probably a dumb question...

[ChrisA90278]

"How is adding more layers going to make anything faster?"

"Faster" is not the goal. Better machine utilization is. In the Windows PC world sysadmins know that loading multiple functions all running on the same machine is inviting trouble and can crash Windows so they spread their servers out. This allows the admin to consolidate the servers back into one machine by running multiple copies of the Windows OS on one server. He gets the stability gain of running one task on a box biox he stops wasting so many boxes.

The other use for VMs is so you can run multiple OSes at the same time on the same machine. But this is something developers, testers and suport people like to do and may as well be done using VMWare on a host OS.

Re:For someone not keeping an eye on this

[empaler]

Is there some sort of overview for this stuff? http://en.wikipedia.org/wiki/Comparison_of_virtual _machines
HTH :-)