What is the VMware time-bomb bug?
Can you imagine coming in to the office one morning to discover that you couldn't turn on or restart any of your PCs? It sounds ridiculous, but this is exactly the situation that a number of VMware customers found themselves in recently.
Tick tick boom
On August 12th, users running the latest versions of VMware's enterprise virtualisation software, VMware ESX, were automatically locked out of their systems. While servers that were up and running before then continued to run, users were unable to restart running machines, or start new ones.
The problem itself was exceedingly simple -- the developers had added a "time bomb", code specifically designed to prevent the program from running after a certain date.
These time bombs are very common during beta testing, where they prevent users from using out-of-date betas and hence filing bug reports for problems that were fixed in more recent betas. They're meant to be removed before the final release is made, of course, but in this case, it was somehow overlooked.
Virtualisation has become critical
It's not hard to see why virtualisation has caught on so rapidly: it simplifies server management, boosts server utilisation, and can minimise or eliminate downtime due to hardware maintenance, all of which save time and money. Server consolidation through virtualisation is also a major component in many IT carbon-reduction strategies.
As a sysadmin, I know first-hand just how useful it is -- you get addicted to being able to commission a new web server in under 15 minutes, or being able to restart a server without ever needing to do a site visit if something goes wrong.
The VMware problem really highlights just how critical virtualisation has become, and how ready many organisations have been to trust the fate of their systems to a proprietary solution. VMware has earned its success by producing an excellent product, but even an excellent product can have flaws, and with any proprietary system, only the vendor is in the position to address those flaws. In this case, the problem was simple, but it still took VMware nearly a day to issue a patch.
Open-source is the way forward
As virtualisation moves from a time-saving add-on to a core part of IT infrastructure, open-source has to be the way forward. You'd never see a time-bomb in an open-source virtualisation solution, and even if a similarly simple issue did come up, you can bet that preliminary patches would be available within hours or even minutes, Even more complex issues are likely to be solved more quickly when potentially thousands of developers can dive in to the code, rather than relying on a single vendor with finite resources.
Xen and KVM already offer compelling alternatives to proprietary virtualsation solutions, and while they may not yet offer the same enterprise-level management tools as VMware, it's only a matter of time until they eventuate.
Other Blog Entries written by Leigh Dyer:
Thoughts on this article? Add a comment below.
Comments: 1
|
midbear
Aug 28, 2008 10:34 AM
|
Hi Leigh is it possible for you to do a comparison of the different VM programs out there at some. As a small business owner I have often considered using VMware to keep IT cost's down and for added redundancy but I am a little reluctant at this stage due to having limited knowledge in the area, so an in depth look at it from you guys would be very helpful |