VMware out of business soon?https://blogs.vmware.com/tribalknowledge/2015/07/vmware-aligns-business-mobility-asia-pacific.html
Sounds quite promising, so far!VMware ESXi
, in fact, is nothing else, but a Linux kernel 2.4. derived, grsecurity hardened
kernel, based on former Bochs
, today called KVM / QEMU
VMware not only faces Canonical's LXC / LXD solution as direct competitor, but also a lawsuit by FSF and Christoph Hellwig, because of GNU copyright violation: http://sfconservancy.org/news/2015/mar/05/vmware-lawsuit/
GNU license forces them to open their sources. So, it's just a question of months, until VMware will have to open up their Linux GPL code.
There are clear indications showing, that VMware, in fact, is using Linux kernel and KVM:
security bug is a serious threat for VMware, Xen, KVM
: Surprisingly no threat for AppArmor
hardened LXC containers.
That nasty "VENOM"
buffer overflow can be forced while copying data from the network buffer of the hosting machine into the buffers of the guest machines. And that 'shoveling mechanism'
also exists in VMware, Xen, KVM, QEMU, Bochs, Oracle VirtualBox
As expected, VMware is offering a patch: http://thecybersecuritysentinel.blogspot.de/2015/07/us-cert-alert-vmware-releases-security.html
Here a proof of concept, an "exploit"
by famous "solar designer"
But not only VMware, KVM, Xen, Oracle VMs... are concerned. To my surprise, Microsoft's Hyper-V is concerned too, since it is based on - Xen!
Whole U.S. billion dollar "virtualization business"
- founded on free and open software!
Surprising, isn't it? Next NASDAQ bubbles upcoming?
So, UBUNTU "Snappy" containers
, unlike VMware, not only come with ZERO overhead (because there is one TCP/IP stack for all containers!)
, but you even can host much more containers on the same hardware, thanks to KSM (Kernel Samepage Merging)
, the "memory deduplication mechanism"
between containers: https://insights.ubuntu.com/2015/05/18/lxd-crushes-kvm-in-density-and-speed/
And, it finally looks like, that 'AppArmor'
secured Linux LXC containers are even safer, than 'full virtualization'
: "Less code, less bugs!"
Have fun!#VMware #VENOM #VSPHERE #KVM #XEN #SECURITY #EXPLOIT #Microsoft #HYPER-V #AppArmor #LXC #LXD #PROFUSION #FSF #GNU