Dell Considers Bundling Virtualization on Mobos

castrox writes "Ars Technica is reporting that Dell may be considering bundling virtualization on some of their motherboards. No more dual boot or VMs inside the running OS? 'Any way you slice it, though, putting the hypervisor in a chunk of flash and letting it handle loading the OS is the way forward, especially for servers and probably even for enterprise desktops. Boot times, power consumption, security, and flexibility are all reasons to do this ... The big question is: which hypervisor will Dell bundle with its machines? Vance suggests hypervisors from XenSource and VMware as two options, but I think that VMware is the most likely candidate since it seems to be the x86 virtualization solution of choice for the moment. However, if Dell doesn't try too hard to lock it down, this system could easily be modified in an aftermarket fashion to include almost any hypervisor that could fit on the flash chip.'"

Overwhelming Support

[Doc Ruby (173196)]

Dell's gonna have a hell of a time supporting these complex features while it's closing down its call centers [google.com].

Re:

[Kadin2048 (468275)]

Was anyone with a clue actually calling Dell's call centers anyway?

The only reason I've ever called a manufacturer's tech support line in years has been to get an RMA. And it's generally just irritating when they insist on taking me through their little script before they'll admit defeat and return the piece of junk.

The purpose of those call centers is probably mostly for "cupholder calls," and less so for support on their higher end products, which is where the virtualization hardware would be (at least in

Re:Overwhelming Support

[Forge (2456)]

Close.

A few tips on calling Dell tech support if you are a competent engineer who diagnosed the problem before reporting it.

1. For a home PC the techs are so incompetent that it's easier to just lie about the nature of the problem. I.e. If your hard drive is on the fritz, making rattly sounds and loosing data just say "The drive is completely dead. When I connect it the BIOS doesn't even admit that it's there".

2. Gold support is better than economy or even silver, but not for the reasons on dell.com. It's better because they connect you to the most competent support guys almost immediately when you call the gold support line. Competent engineers know when they are speaking to an equal and will dispatch the required parts immediately. They also send out "just-in-case parts".

3. Call late at night if your warranty allows it. The brightest tech support guys in Texas know that the graveyard shift is the best time to work. Less traffic on the commute, more pay and more time available for none work related tasks. Your shortest and most fruitful calls will be at 2:00 AM.

4. Don't be afraid to hang up. I once had an external tape drive (PV 110T) that was bursting tapes whenever I initiated a backup. The tech support guy insisted that I must reboot the server so I could see if the drive shows up in the BIOS before he could go any further. I hung up, called back latter and got a brighter support guy who dispatched a replacement drive in around 5 minutes.

Re:

[Sylver Dragon (445237)]

#2 is the most important, I find. Dell's non-Gold support is worthless. On the other hand, their Gold support is pretty darn good. Needless to say, every system we buy (which are mostly laptops) are bought with the Gold support and Complete-Care. The former gets me to techs who speak some form of English (a southern accent is the worst I get) and the later covers the occasional, "I spilled soda on my keyboard" errors. Which, considering the nature of the users I support, happen with alarming frequency

Re:

[Lockejaw (955650)]

Was anyone with a clue actually calling Dell's call centers anyway?

I don't care if anyone with a clue is calling. I really only care whether anyone with a clue is answering!

Re:

[Jack9 (11421)]

Customers will just be calling Walmart shortly. Closing call centers and storefronts is just good business given the new opportunity to sell out of Walmart.

Re:Overwhelming Support

[QuantumRiff (120817)]

The Roseburg, OR call center closure really pissed off the town.. They gave Dell an tax exemption, saving them $5mil over 5 years.. They also spent $1mil on other "incentives" and infrastructure upgrades to attract them to the area. As soon as that Tax exemption was over, they closed down the doors.. Just before, they made some of the best techs there go over seas and train their replacements.. The employees were told they were opening up an "additional" call center, not moving theirs.. Apparently, they also were a crappy tenant and trashed the building they were in...

I don't think Dell is going to be selling many more PC's in southern Oregon for a while...

Re:

[Lockejaw (955650)]

In response to closures like that, I've heard of cities adding a stipulation that says the company has to pay fees, back taxes, etc. if they close up and move out.

Top two possible misspellings:

[Roadmaster (96317)]

Dell considers bundling virtualization on mofos

or

Dell considers bundling virtualization on hobos

not pretty either way.

Re:

[Jeff DeMaagd (2015)]

It's stupid slang. May as well call them fabos for fatherboards.

Yes, but: So what?

[adolf (21054)]

In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card/[insert other stupid-simple method of booting from flash]?

Re:

[BuR4N (512430)]

"In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card"

Its more secure having the actually memory embedded inside the machine instead on the outside in a port, accessible for anyone that have physicall access to your office.

Re:

[jmorris42 (1458)]

> Its more secure having the actually memory embedded inside the machine instead on the outside
> in a port, accessible for anyone that have physicall access to your office.

So? CF to IDE bridge taped down in a drive bay. Flash to IDE header gadget plugged direct to an IDE header. They even have em that plug direct to USB headers on the MoBo now. Give em a while and they will have em to direct plug to SATA, assuming they don't now and I just didn't see em last time I was looking stuff like that.

Poin

Re:

[PalmKiller (174161)]

yes, but its a marketing feature, not something that is of any real importance

Re:

[Ironsides (739422)]

1) Cost. They would have to design the mobos and test them.
2) The IDE header is not going to be used in profesional servers. For one, they don't have IDE anymore. They have SATA or SCSI.
3) The USB headers are not going to have as high of an uptime compared to something dell could build onto the motherboard (in theory, supposing dell does'nt screw up. This is required due to what most server buyers need is reliability for servers that run 24/7/365.25. Adding in what you suggested, the first thing to f

Re:

[adolf (21054)]

3) The USB headers are not going to have as high of an uptime compared to something dell could build onto the motherboard (in theory, supposing dell does'nt screw up. This is required due to what most server buyers need is reliability for servers that run 24/7/365.25. Adding in what you suggested, the first thing to fail would most likely be either the flash or the adapter.

I take issue with everything you say here.

There is no qualitative reason why USB should not have, as you say, "as high of an uptime" as

Re:

[couchslug (175151)]

"Its more secure having the actually memory embedded inside the machine instead on the outside in a port, accessible for anyone that have physicall access to your office."

The same pieces could easily be inside the case. Not all USB ports are external. Of course, SATA CF adapters have been available for sometime:

http://www.fastsilicon.com/storage-reviews/addonic s-adsahdcf-sata-cf-adapter-review-6.html?Itemid=27 [fastsilicon.com]

By the way, anyone have links to tutorials for installing a hypervisor to such a setup?

Re:

[Chirs (87576)]

It's vendor-supported.

Re:

[badfish99 (826052)]

Anything is vendor-supported if I pay for vendor support. It doesn't have to be embedded in a flash chip.

The advantage of this is that it is vendor-supported by a vendor of Dell's choice. Presumably they then give Dell a kick-back. OK, that's an advantage for Dell, not for the purchaser.

Re:Yes, but: So what?

[Albanach (527650)]

In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card/[insert other stupid-simple method of booting from flash]?

The difference is that it's a supported set up from a major manufacturer. That means that when you pay for 24x7x365 support you are not faced with being told that you've modified the hardware and they can't support your setup. Indeed if your flash card dies a sudden death, the Dell engineer

can be there within four hours and should actually be carrying a spare.

For a hobbyist at home I doubt there's much of a difference at all, but for folk paying big $$$ for enterprise solutions, this is probably very welcome.

Re:

[Znork (31774)]

If you were paying big $$$ for enterprise support, would you get a server with GRUB or LILO embedded on the motherboard?

Would you buy one with the kernel and initrds on flash installed on the motherboard?

Personally I wouldnt; Dell has no competence in those areas, and even should they try to build it, they'd end up constantly trailing the OS vendors, introducing random bugs and being far less integrated and standardized than what the mainline products are.

I see little difference in the hypervisor area; hard

Re:

[stoolpigeon (454276)]

I'm guessing that you might get a slight advantage not having to wait for the bios to reach a point where it has usb functioning - and possibly the ability to read the chip faster off the board than over usb. Just wags on my part. I personally don't get the big deal over doing it this way as compared to the way a hypervisor loads now to run on bare metal. It might take a touch longer to boot - but so what? I'm not bouncing my servers that often anyway. And on the desktop? That's where I really struggl

Re:Yes, but: So what?

[Burz (138833)]

Presumably having Dell's hypervisor load instantly at power-up could prevent other virtualizers from running, including hypervisor-based rootkits like Blue Pill.

Not if it's REALLY doing its job

[Ungrounded Lightning (62228)]

Presumably having Dell's hypervisor load instantly at power-up could prevent other virtualizers from running, including hypervisor-based rootkits like Blue Pill.

Not if it's really doing its job.

A virtual machine should be able to virtualize another layer of similar virtual machines - including instances of itself. Otherwise there's something defective about the virtualization.

IBM does this on their iSeries

[dagar (84678)]

IBM is already doing this on their iSeries (AS/400). In order to manage it you have to have a Hardware Management Console (an x86 xSeries machine running Linux and their management software). I really think that they have done a good job of the virtualization, it also lets IBM throttle back the CPU. We have a 1000CPW (IBM's performance index) machine that with the Power5 1.5Ghz processor is limited to 43% utilization. In order to get all 100% of the CPU (2400CPW), we would have to pay through the nose.

Re:

[kpharmer (452893)]

I'm not going to use the right terminology here (since it changes quarterly) but...

this is just one pricing option: you can buy everything up front, or you can pay more to have them put in 'emergency' resources - that can be added later if you need it.

This later scenario can be good if you want to avoid overbuying but still have resources available in case you wildly underestimated what you'd need.

For someone not keeping an eye on this

[Bluesman (104513)]

There seem to be a lot more options for "virtualization" lately than VMWare, but never having needed to use multiple OS's at one time, I'm clueless as to the details of how these all work. Are they taking advantage of some new functionality on Intel/AMD chips?

Is there some sort of overview for this stuff?

Re:

[Znork (31774)]

Take a look at the virtualization [wikipedia.org] article at wikipedia. It covers most of the tech in a fairly good overview.

Simple compute nodes

[tji (74570)]

As others mentioned, similar things can be done now -- an IDE/Flash boot into a minimal hypervisor Linux for Xen or KVM. That would also allow some flexibility, to maybe run a few things directly on the hardware. I would be very interested in an approach like this for my home Linux server.

For larger enterprise uses, the really simple hypervisor is nice. Just slap another box in there, and it is quickly added to your compute cluster. If they do it right, that system could even net-boot and auto-install the latest hypervisor image when it's first added. Factor in VMWare's "VMotion" stuff, where VMs can be moved among compute nodes in a cluster, and that simple compute node, along with a big NAS, is really slick.

I don't want a hypervisor thanks

[Viol8 (599362)]

Virtualisation I have no doubt is extremely useful in certain applications. I howerver have no use for it on any PC I own or work on. I exclusively use linux and I don't want Windows or OS/X or anything else running alongside it. I *WANT* my OS to have full control over the machine - its faster , its more flexible and theres less to go wrong (not to mention who's to say a hypervisor couldn't be hacked by a virus somehow?). I don't want some virtual hardware locked into the BIOS that may or may not have feat

I was thinking that, too

[CdBee (742846)]

I suppose a hpyervizor doesn't need or take control of hardware components the way an O/S would but even so, I'd be concerned that a virus if it could somehow get into the flash ROM (or be compulsorily included there by the US National Security Agency) might be undetectable to O/S based virus scanning as the Boot ROM doesn't appear as a mountable volume and is never checked....

Re:

[dpilot (134227)]

Virtualization is not just for multiple OS's.

One use you might be interested in is a security barrier. The base system boots, but very little really runs on it. Instead you start guest images, and the stuff runs under the guests. Compromise a guest and you haven't compromised the machine. In fact, one thing you might run on the host is an Intrusion Detection System that monitors the guests and shuts down any that might go rogue. Better yet, you could "freeze" the rogue by ceasing to schedule CPU cycles to i

Smoke and Mirrors.

[twitter (104583)]

Compromise a guest and you haven't compromised the machine.

What outside the "guest" is of any use to a desktop user?

I'm with the OP, I don't want Windoze or OSX so I don't want a non free VM getting between me and my OS or my OS and hardware. I don't have boot or power management problems with my OS, so the VM offers me nothing.

Re:

[dpilot (134227)]

Run your user account inside a guest, and at least the base OS won't get compromised, and you won't need to reinstall. Run your browser and/or email inside a guest inside your account, and you won't have to worry about virii or web nasties compromising your precious code and data. It's all about damage limitation/confinement.

I don't want a non-free VM, either. I'm figuring that right now Linux has so darned many virtualization options that whenever I have the right hardware, I can just pick one.

This also pr

Re:

[Sancho (17056)]

Maybe the people who make operating systems should fix these problems WITHIN THE OS. Operating systems are supposed to do this anyway!

Re:

[EvilMagnus (32878)]

Virtualization can be really useful to make sure you're making use of all available resources.

Consider a development environment. You might have ten developers, each with their own server. For most of the time, most of the capabilities of those development boxes are being unused, but they're still taking up space and power in your datacenter.

If you could virtualize those 10 dev boxes down to two or three bigger boxes, you could:
- save on space and power in your data center
- ensure you're using your availabl

Re:

[Uruz 7 (986742)]

Aren't you being a bit selfish? If you don't want Windows or Mac then don't install them. It's likely that your BIOS has support for tons of things which you are not using nor forced to use. And since you're a Linux user, I'm sure you're aware of all the crap that you'll probably never have to enable in the kernel but it's there if you want it.

I'm not really sure what you mean by slippery slope either. Slippery slope to what? More features? I also don't think this is for the desktop market. I couldn'

Re:

[Viol8 (599362)]

>I'm not really sure what you mean by slippery slope either. Slippery slope to what? More features? I

Completely undetectable viruses and worms, remote disablement of PC hardware , frankly anything you want to do with the maqchine if the hypervisor is compromised somehow since you won't ever detect it in the OS. An OS is called an Operating System because it operates the system. If its little more than some sock puppet on a hypervisor then whats its purpose other than a glorified scheduler?

Already happening in game console market

[wdnspoon (560602)]

I think PS3s already get shipping with a built-in hypervisor to manage installing guest OSs in VMs on the console. Ostensibly it's a feature, but doing so has given them enough control to prevent access to accelerated graphics so people don't use the console to play games they downloaded and are instead forced to buy. There's certainly precedent for this, and we're sure to see a lot more of this in the future. Hopefully the PC market is competitive enough that Dell won't be restricting their own hypervisor

reminds me of ...

[by Anonymous Coward]

DRM (Score:3, Insightful)
by Frank T. Lofaro Jr. (142215) on Tuesday June 07, @05:12PM (#12751680)
(http://www.linux.com/)

They are doing this for DRM.

Their Hypervisor will enforce DRM, so even linux can't override it.

They'll make it so all device drivers must be signed to go into the
Hypervisor which will be the only thing with any I/O privs that aren't
virtualized.

They'll make it so new hardware has closed interfaces and can only be
supported by a driver at the Hypervisor level.

Any drivers in any OS level won't be able to circumvent the DRM, since
they'll just THINK they are talking to hardware, but will get virtual
hardware instead - and the Hypervisor won't let it read any protected
content through the virtual I/O, it will blank it out (e.g. all zero
bytes from the "soundcard") or something similar.

The drivers designed for the Hypervisor won't work in any higher level,
since they'll need to do a crypographic handshake with the hardware to
verify it is "real" and the hardware will also monitor bus activity so
it'll know if any extraneous activity is occur (as it would if it was
being virtualized).

Everything will have a standard interface to the O/S, so Linux will still
run but be very limited and slowed down - since only Windows will be
allowed "preferred" access to hardware, other O/S will be deliberately
crippled.

They'll say you can still run Linux.

Hardware manufacturers won't release specs, they'll say use the Hypervisor
and you can still use Linux.

You'll still need to buy Windows to use any hardware - Linux won't even
boot on the raw hardware.

MS doesn't care if Linux isn't killed - the above allows them lock in - no
windows - your PC won't boot - since nothing but the Hypervisor will know
how to talk to the IDE card, etc.

What about manufacturers that want to support open interfaces, etc?
Microsoft will deny them a key which they will need to talk to the
Hypervisor - and the Hypervisor will refuse to talk to them.

Support anything other than solely the Hypervisor and you can't use the
Hypervisor. No Windows - lose too many sales.

And they can say other O/S's are still allowed.

They'll just not be able to give you freedom to use your hardware as you
see fit (DRM, need to pay more to get software to unlock other features
on your hardware), only Windows will run well, and you need a Windows
license and Hypervisor for every PC or else it is unbootable.

Reality check

[Wesley Felter (138342)]

Let's be clear; Dell is talking about servers with built-in hypervisors. Extrapolating these plans to desktop PCs is just unfounded speculation.

Their Hypervisor will enforce DRM, so even linux can't override it.

Servers don't care about DRM.

They'll make it so all device drivers must be signed to go into the
Hypervisor which will be the only thing with any I/O privs that aren't
virtualized.

OK, this is true. ESX requires special drivers.

They'll make it so new hardware has closed interfaces and can only be
supported by a driver at the Hypervisor level.

On the contrary; Dell has been driving companies like Broadcom and Adaptec to open up and offer open source drivers. AFAIK the only reason we have the tg3 driver is because Dell told Broadcom to provide Linux drivers.

Please, do not make this the only option

[querist (97166)]

This frightens me on so many levels that it is difficult to know where to start. Unless that hypervisor is burned into a non-rewritable form of storage (e.g. ROM), it will be subverted.

As it has been demonstrated at Black Hat by the illustrious Ms. Rutowska, (as well as being fairly obvious to anyone familiar with hypervisors) a hypervisor is below the OS and can be impervious to the OS's probing, but it still lies between the OS and the hardware.

Properly implemented, this could be a very good thing. With no disrespect intended toward Dell, I suspect that the first several implementations (at least) will leave the resulting systems vulnerable to subversion, and this subversion would be difficult, at best, to detect.

This is an interesting concept, and it could be used for "good", but as the saying goes "the devil is in the details". The idea is good, it is the potential implementation that worries me.

Full Disclosure: I have a Ph.D. (2006) in InfoSec.

Re: Please, do not make this the only option

[Dolda2000 (759023)]

[...]I suspect that the first several implementations (at least) will leave the resulting systems vulnerable to subversion, and this subversion would be difficult, at best, to detect.

I know! Whatever will happen to my CVS servers?

Re:

[Wesley Felter (138342)]

So where are all the ESX exploits?

No Vista Basic or Premium

[MSRedfox (1043112)]

For Vista, the only option OS wise will the the more expensive models. Both Vista Basic and Premium aren't allowed to run on any kind of VM. I guess that will limit Dell's usage for home users.

Not sure what the big deal is

[Sloppy (14984)]

It's easy to see how moving more stuff from the disk to flash is "slicker" and can make things load a little bit quicker (but seriously: how much? I doubt transferring hypervisors, kernels, or boot managers (e.g. grub) from disk is a major factor in boot times). But what's so special about hypervisors? Forget making this "solution" so specific. Just build a few dozen megabytes of disk-like (bootable) flash into the board, and let the user decide if they just want to use it for a hypervisor, or move a whole bunch more stuff into there in an effort to try to get their modern machine boot as fast as an Amiga.

The one thing that it occurs to me that such an answer would really help with, is working around a certain (dumb) Linux limitation. Booting off EVMS is tricky (or at least it was, last time I looked). Move your boot off-disk, then you can EVMS your whole disk.

And what's this about "security?" The article doesn't explain why it mentions security, and that's not a surprise, because there's no reason it would be more secure. As other have pointed out, "security" is obviously being used as a codeword for something very, very different (i.e. having the machine serve someone else's interest (e.g. MPAA) at the expense of the user's interest).

Lame shorthand

[Thaelon (250687)]

Dell Considers Bundling Virtualization on Motherboards

There, fixed that for you. Asshat.

Re:

[morgan_greywolf (835522)]

Why wait for Dell to do this?

For that matter, who needs to?

You can get the benefits of this yourself.

1) Download Damn Small Linux.
2) Install on a USB pen drive.
3) Add Xen Source (or VMWare) hypervisor
4) ???
5) Profit! (sorry, couldn't resist)

Re:

[Mattsson (105422)]

Not all improvements are there to produce more speed.
Sometimes, an improvement will give better functionality at the cost of a little speed.
And with the speed we have in our pc's today, it does seem more rational to concentrate on improving funtionality and reliability rather than speed.

Re:

[ChrisA90278 (905188)]

"How is adding more layers going to make anything faster?"

"Faster" is not the goal. Better machine utilization is. In the Windows PC world sysadmins know that loading multiple functions all running on the same machine is inviting trouble and can crash Windows so they spread their servers out. This allows the admin to consolidate the servers back into one machine by running multiple copies of the Windows OS on one server. He gets the stability gain of running one task on a box biox he stops wasting so ma