“Not sure. As a pure guess, I’d say as long as the single machine has an OS license, you can run as many VMs as you want on that machine using that same OS.”
Although the MSVPs insist you need a license for each machine, I rang MS Product support and asked and was told I could have a total of 4 instances IIRC.
However, the scenario I quoted was VirtualPC, Windows XP Pro running at home. It may be different if you are not using Virtual PC or (most likely) you are a corporate user.
In other words, call them and ask. Don’t listen to anyone, including me.
“Although the MSVPs insist you need a license for each machine, I rang MS Product support and asked and was told I could have a total of 4 instances IIRC.”
Assuming you mean MS MVPs then yeah - rightly or wrongly we’re only passing on what Microsoft have told us.
Answers on the subject from Microsoft employees in their newsgroups are quite google-able, incidentally.
There is an interesting wrinkle with the volume licenced versions of Windows OS and virtualisation which makes things a bit easier. Also google-able - as I can’t remember the exact details and don’t want to misspeak.
I’d love it if you’d take a look and leave some advice if you have it. Some of the issues I have run into are related to your “software will run in it’s own VM” idea. Ultimately I agree with you, though I still think it will be a while (read: a couple of years, maybe) until what you propose is a viable option. Cool article though and I share your enthusiasm for making the OS irrelavant.
I wonder who the major vm provider is going to be for the future since we now have vmware, parallels, bochs, QEMM, and a few others to choose from. It creates the issue of compatability between images for those virtual machines which has always been the problem with compatability between operating systems for file types and processor differences. Solving the old problem, only to create it a new way?
Just some comments on your “all software will eventually be distributed as virtual machine images” points:
It’s the ultimate security sandbox
I think putting everything through a VM might be overkill in this case. In your example you talk about IE and how its security holes broke the OS. I think an easier solution (in terms of using existing hardware / software) would be to fix the OS so userland applications don’t run as root, or some kind of OS which makes sure applications can’t access the OS.
The operating system doesn’t matter
Java rings a bell here
So instead of having a host OS which has all applications downloaded as VMs, you can instead have an OS which is based on a *NIX operating system which only runs Java apps
Hi Jeff,
Just happened to read ur blog. You have presented some great arguments and insights towards the future of VMs. I am myself an implementor of VMs - as a student I created VMs from my own specifications for my own hypothetical machine with its own byte-code language and machine architecture.
Nowadays I am into writing an object oriented VM, much like the JVM and CLR, and somtehing of an Intel emulator; I was considering the possible benefits of a VM environment - how CORBA and XML standards can be integrated into it, how virtualzations can alleviate, if not eliminate security threats,etc.
I hope that future microprocessors will lead to faster and safer execution of VM based applications.
A couple of years have passed since the article and virtualization was last years hot-topic buzzword and will be even hotter and buzzier this year. Every issue of every trade paper I read has articles on virtualization and consolidation.
This article was more of a security/sandbox scenario, but enterprises are now moving toward virtualization to consolidate servers. Instead of having five servers running at 10% capacity, stick them all on the same physical box and you save on hardware, energy, and cooling. It is not only cheaper and easier to run and maintain, but it is greener too. At least that’s the goal now.
Of course virtual machines still have other (original?) uses as well, like sandboxing for security vendors to test and running old OSes so that gamers can play classic DOS games.
As for the questions about licensing, check the EULA. Many have updated to account for VMs, and even before virtualization became prominent, EULAs often specified what they consider to be a computer; usually they will say something like “per CPU” or these days even “per core”.
Oh, and I can’t for the life of me find it right now, but I do remember reading in 2006 or 2007 about a proof-of-concept virus that is able to not only detect that it is running in a VM, but to escape/break out and infect the host. There are already plenty of places where you can find code to detect whether it is running in a VM, debugger, etc.
It is just a matter of time until VMs become bigger targets, especially as more businesses deploy them. In fact, just this afternoon I read an aritcle about how VMware is teaming up with McAfee et. al to create the VMsafe API to faciliate securing VMs, and yesterday another article about the need for admins to treat VMs as they do physical machines and install security software, policies, etc. on them.
Chris Nahr has a good point - it’s easy to get careless with your VM’s and forget to patch them like you would a “real” machine. An unpatched but network connnected machine on a corporate network can let worms in, and it doesn’t help that it’s virtual.
