Building dangerous things into products.

  • Article

In the comments an earlier post, "PMunro" raised an interesting point, and I mentioned it when talking to [a well known firm who visited us this week].

Back when I had my first had my grubby mitts on a copy of "Windows Server Virtualization" - now "Hyper-v" it was a build which supported over-commiting memory and dynamically adding processors. This, on my newly arrived Dual Core laptop was a great wheeze*. The demo went like this

  • Start a VM with on processor
  • Run task manager in the VM - show one processor and Close task manager again
  • Go to machine settings and change processors from one to two.
  • Re-run task manager - ta-da Two processors.

And then the product group took the feature out. I was cross. Then I had a conversation with one of them

ME: "What did you take that out for ?"
HIM: "Were you just showing a new proc in task manager ?"
ME: "Yes. It was a GREAT demo ?"
HIM: "Have you any idea what Oracle does when you do that ?"
ME: "Well.... no".
HIM: "Neither have we "

The point being that Hyper-V is expected to run critical software from all vendors. Without some kind of application validation programme you don't if they these kind of things are safe or dangerous. What will an application do if you add a processor ?  Or if an application requests that Windows allocates memory for it from the non-paged memory pool, how does it perform if you over commit-memory and the virtualization stack pages that same memory out to disk ?  Is it worse to over-commit memory and have the virtualization stack do paging than to have an VM do it's own paging ? (Yes, if applications try to use memory they see as "unused" for caching ... they'll read stuff from disk to cache only for it - or something the app thought was still in memory - to be paged out again) Over committing really delivers when virtualization is able to detect identical pages of memory in multiple VMs and share them; so for any given combination of machines what proportion of pages are common ? 0.5% ? 5% ? 50% ? 90% ? And the answer to all these questions is a resounding "It depends"

As I've mentioned, back at IT forum we pre-announced the "Server Virtualization Validation Program" and I hope this is going to bottom out some of these questions before we put these tools in peoples hands. I remember Active/Active clustering in Exchange 2000 only too well. People wanted it, we gave it to them; but it was only safe to use in such a small set of circumstances that one of the product group said to an audience I was in "For the love of God... Don't use active/active". Hopefully this won't be a repeat.

Technorati Tags: Windows Server 2008,Windows Server,Virtulization,Hyper-v,VMware

* Footnote, after reading this post of Sharon's I should say this in the sense of "a good idea or clever plan" not "noisy and difficult breathing"