In one of my previous blogs, I wrote on Virtualization and its role in productivity and resource optimization. It also plays crucial part in having power savings by reducing the number of servers. Virtualization, as a solution, is considered very seriously by many organizations. In this blog, the review of one such Virtualization product, VMware Workstation is presented. Before starting, let me clarify. Neither I am an investor nor a paid reviewer. I try to present my personal views based on more than four years of experience with VMware workstation and one year experience with VMWare player.
Running Multiple VMs
VMWare workstation had a modest start and three years back, you cannot have more than one virtual machine running on your system. Meaning that you can create as many virtual machine as you need but you can have only one VM live and running. Over a period of time, this restriction was overcome and now one can run any number of virtual machines. When you start a virtual machine, you need to understand that you are running an operating system inside an application which runs on a physical operating system (or hardware). In order to explain clearly, each virtual machines (called as Guest OS), runs inside VMWare which is an application that runs on Linux/Windows (physical system). Often people forget this and expect that their virtual machines to be rocket fast. Really speaking, for every virtual machine you need to have at least 1GB RAM to run smoothly. Here the key is running so many virtual machines in parallel.
Modes of Networking
The next feature is that one can have so many network configurations like NATed environment, Host only networking, No networking and bridged networking. VMWare comes with virtualized DHCP server which takes care of IP address allocation to your virtual machines. The user has liberty to modify the IP addresses provided by VMWare through reasonably good user interface. Apart from this network configuration, one can form virtual team. The virtual team is the network of virtual machines. The virtual team is similar to that of real network and interestingly VMWare provides ways to configure network packets loss percentage.
Virtual Devices
Since all the devices are virtualized, one can add hardware to the virtual machine. VMWare workstation allows you to create 25 ethernet cards. One can increase the size of virtual hard disk or add new hard disk.
Snapshot Manager
VMWare also has Snapshot manager. A snapshot is nothing but a frozen state. At any instant of time, the user can freeze the state of virtual machine and the snapshot can be restored. VMWare comes with a nice and interactive Snapshot manager which makes archiving the states easier for you. This is the one of the cool feature that I like in VMWare. If you do not have time to analyze an issue, you can archive it and revisit later. The other features like record and playback and suspend are notable features.
Using VMWare workstation one can create virtual machines and run them. Typically, we will not be creating VM all times. We will create VMs once in while and put them in production by running the VMs. So, in order to run a VM, VMWare player is enough. In VMWare player, it just runs only one Virtual machine. You do not have the luxury of running a team or many VMs. By the way, Workstation is commercial product but Player is a free software.
Hope this write up will help you to understand VMWare better. More information can be found here.
Tuesday, July 15, 2008
Sunday, July 13, 2008
Design Pattern Tutorial (Design Pattern 101)
Learn from the mistakes of others is one of the famous quotes. Each one of us try to apply this in our life and we will be happy if we do it. The same thing, rather there is little different in Design Patterns. Design Patterns are solution to the common design problems. Software community after facing a lot of challenges and solving a problem in so many ways, has finally arrived to a optimal way. And this is called as Design Pattern. It is not at piece of code but concept which can be applied in variety of scenarios irrespective of the language and domain. Having said that, does it really help software community. Yes, really it is.
So, make up your mind to read further.
It has helped so many other developers and hence it should also help you. And one more interesting fact is that a lot of developers use design patterns without being aware that they are using one. For example, if you have used wait(), notify(), notifyAll() is an observer pattern. So you have been using it without knowing. Then why should you learn it. Because all the design patterns are solution to specific problem and focused towards object oriented concepts, reusability, maintainability. And also, it is not just one, there are 23 core design patterns and each one of them have an intent and the specific way of application. It is a reusable concept/solution.
Apart from the solution, the design pattern let the developers to speak a common and a quick language. For example, if you ask someone "how to go to a place where lot of people are standing on a platform to go to a distant place. The people will be carried by a series of wagons that are connected and pulled by an electric or diesel engine. Also, the entire vehicle goes on two tracks that are separated by 1.5 metres". What would be the answer? Aren't you elaborating and complicating too much. Instead of asking the way to railway station, you simply beat around the bush and simply irritating the stranger. The very same (shame) thing happens if you do not know design patterns. Design patterns improves your productivity by making you solve problems in a right way and also to have your discussion short and to the point.
These are some of the reasons why one should know design patterns. After all, it is you, who is going to benefit by learning it. You ll end up giving a better and nicer software to your customer.
Watch out for a series of blogs on patterns.
Upcoming Write-up: Types of Design Patterns.
So, make up your mind to read further.
It has helped so many other developers and hence it should also help you. And one more interesting fact is that a lot of developers use design patterns without being aware that they are using one. For example, if you have used wait(), notify(), notifyAll() is an observer pattern. So you have been using it without knowing. Then why should you learn it. Because all the design patterns are solution to specific problem and focused towards object oriented concepts, reusability, maintainability. And also, it is not just one, there are 23 core design patterns and each one of them have an intent and the specific way of application. It is a reusable concept/solution.
Apart from the solution, the design pattern let the developers to speak a common and a quick language. For example, if you ask someone "how to go to a place where lot of people are standing on a platform to go to a distant place. The people will be carried by a series of wagons that are connected and pulled by an electric or diesel engine. Also, the entire vehicle goes on two tracks that are separated by 1.5 metres". What would be the answer? Aren't you elaborating and complicating too much. Instead of asking the way to railway station, you simply beat around the bush and simply irritating the stranger. The very same (shame) thing happens if you do not know design patterns. Design patterns improves your productivity by making you solve problems in a right way and also to have your discussion short and to the point.
These are some of the reasons why one should know design patterns. After all, it is you, who is going to benefit by learning it. You ll end up giving a better and nicer software to your customer.
Watch out for a series of blogs on patterns.
Upcoming Write-up: Types of Design Patterns.
Virtualization - A new wave
It was three years back, it was an accident that I was hooked up with Virtualization without knowing that one day it would become a hot area. Today (at least from end of 2006), there has been so much advancements in Virtualization. It clearly remember that VMWare workstation was my first virtualization software and Linux was my first virtual machine.
During end of 2004, I wanted to learn Linux and experiment with it but did not have a desktop where I can install a farm of variety of Linux distributions. Once I thought, installing many distributions would make me Linux geek. Soon I realized that it wouldn't and got rid of so many distributions but I retained VMWare workstation simply because it was (is) a cool tool. My first assignment with Linux was to learn POSIX threads and compare the threading behavior with Solaris. As I was doing the first assignment, since I am a monkey, I wanted to jump to writing system calls. Taking a snapshot in my virtual machine (which will save the current state), I moved to a fresh state and started the experimentation of Linux system call. (Actually I completed both the work and published two articles in Linux for You - Confession to say that I m trying not be a monkey).
Two years later, I got a chance to install the new version of VMware workstation and to my surprise it had hell a lot of features like running multiple VMs, networking them, wide range of virtual hardware configuration, record and play back. After exploring the entire VMWare workstation, I realized that it is killer tool which could actually be used for maximizing resource utilization and also to improve productivity. If you are impressed and want to read more, I would recommend you to read some white papers on Virtualizaton from VMWare
These days, many of the organizations are trying to use virtual machine to reduce the cost of hardware and more importantly I feel Virtualization has key role to play in making this world green. Since you virtualize so may PCs, you end to using lesser power and your system dissipate less heat which is good for our planet. If you are a software developer or a decision maker and an environmentalist, you got to seriously consider in using virtualization.
Apart from commercial virtualization software, you can also find few open source or free virtualization software. Shortly, I will be writing on more blog on virtualization products. both commercial and open source.
During end of 2004, I wanted to learn Linux and experiment with it but did not have a desktop where I can install a farm of variety of Linux distributions. Once I thought, installing many distributions would make me Linux geek. Soon I realized that it wouldn't and got rid of so many distributions but I retained VMWare workstation simply because it was (is) a cool tool. My first assignment with Linux was to learn POSIX threads and compare the threading behavior with Solaris. As I was doing the first assignment, since I am a monkey, I wanted to jump to writing system calls. Taking a snapshot in my virtual machine (which will save the current state), I moved to a fresh state and started the experimentation of Linux system call. (Actually I completed both the work and published two articles in Linux for You - Confession to say that I m trying not be a monkey).
Two years later, I got a chance to install the new version of VMware workstation and to my surprise it had hell a lot of features like running multiple VMs, networking them, wide range of virtual hardware configuration, record and play back. After exploring the entire VMWare workstation, I realized that it is killer tool which could actually be used for maximizing resource utilization and also to improve productivity. If you are impressed and want to read more, I would recommend you to read some white papers on Virtualizaton from VMWare
These days, many of the organizations are trying to use virtual machine to reduce the cost of hardware and more importantly I feel Virtualization has key role to play in making this world green. Since you virtualize so may PCs, you end to using lesser power and your system dissipate less heat which is good for our planet. If you are a software developer or a decision maker and an environmentalist, you got to seriously consider in using virtualization.
Apart from commercial virtualization software, you can also find few open source or free virtualization software. Shortly, I will be writing on more blog on virtualization products. both commercial and open source.
Phishing - We are in six month high
A couple of months back, my friend and I spoke at a Conference on Software Testing held at Bangalore on Web Application Security. It was a just few days after one of the famous Indian bank's E-Banking website was attacked. The attacker launched the attack from Asia and the news came in almost all popular dailies.
Roughly after six months, today, I happened to read an article on Phishing which says that Phishing is very active and more than 150 banks globally are targeted. Phishing is at six month high. I am sure the list will contain the bank where I hold an account. There are many fraudulent companies which setup web site simple for grab the data and before the world identifies that it is phishing, the attacker would have stolen enough. However, the security agencies need to protect others from falling prey further.
Though the way the software is built itself is an issue, we cannot the entire blame on the software developers :-(. Each one of us, as the users should have security awareness. But the important thing is that we, the normal human being (layman) never try to understand the techniques used by attackers and we don't even care thinking that the probability being stolen due to phishing is very less. You are absolutely right, the probability is less and not zero. We never really care about the current trends in web attacks and certain basic security awareness is very much crucial.
Here are some of the points that one needs to care
1. Try to avoid logging from public systems like Internet cafe
2. Whenever you log off, delete all the history and cookies
3. Don't not click the images in the web banking sites
4. Do not launch your e-Banking website through a hyper link from an external website.
5. Take time to read the address in the address bar. Check whether the address exactly matches the address of your bank's website. Make sure that first part of the address, the protocol, is "https". These days none of the banks and commercial websites use "http".
6. Do not save passwords in the browser and do not be lazy to key in your password everytime.
7. Periodically, change your passwords and use strong passwords (with alphabets, numbers, special characters)
8. Since most of the phishing takes place through fraudulent emails, ensure that you different between the emails from your bank and the attacker. You can find some ways of identifying phishing email in one of my previous blogs.
9. Above all, if you happen to receive any phishing email, report to your bank as they can sensitize other account holders.
And now, if you have time and energy, just go and read about security and phishing especially. :-)
Roughly after six months, today, I happened to read an article on Phishing which says that Phishing is very active and more than 150 banks globally are targeted. Phishing is at six month high. I am sure the list will contain the bank where I hold an account. There are many fraudulent companies which setup web site simple for grab the data and before the world identifies that it is phishing, the attacker would have stolen enough. However, the security agencies need to protect others from falling prey further.
Though the way the software is built itself is an issue, we cannot the entire blame on the software developers :-(. Each one of us, as the users should have security awareness. But the important thing is that we, the normal human being (layman) never try to understand the techniques used by attackers and we don't even care thinking that the probability being stolen due to phishing is very less. You are absolutely right, the probability is less and not zero. We never really care about the current trends in web attacks and certain basic security awareness is very much crucial.
Here are some of the points that one needs to care
1. Try to avoid logging from public systems like Internet cafe
2. Whenever you log off, delete all the history and cookies
3. Don't not click the images in the web banking sites
4. Do not launch your e-Banking website through a hyper link from an external website.
5. Take time to read the address in the address bar. Check whether the address exactly matches the address of your bank's website. Make sure that first part of the address, the protocol, is "https". These days none of the banks and commercial websites use "http".
6. Do not save passwords in the browser and do not be lazy to key in your password everytime.
7. Periodically, change your passwords and use strong passwords (with alphabets, numbers, special characters)
8. Since most of the phishing takes place through fraudulent emails, ensure that you different between the emails from your bank and the attacker. You can find some ways of identifying phishing email in one of my previous blogs.
9. Above all, if you happen to receive any phishing email, report to your bank as they can sensitize other account holders.
And now, if you have time and energy, just go and read about security and phishing especially. :-)
Saturday, July 12, 2008
JVM it too Hot with HotSwap
Right from my first encounter JVM, it amazed me. Before working on Java, I never got a chance to read the internals of any interpreter. I started to read the internals of JVM and roughly three years before I read about Java Platform Debug Architecture. I tried writing simple debugger agent using Java Virtual Machine Tool Interface, Java Virtual Machine Debug/Profile Interface (both deprecated) and Java Debug Interface.
Apart from being specifications and methodologies to write tools, these specification can help you a lot to understand JVM deeply. Recently, I was reading through HotSwap and suddenly wanted to write a simple tool using which I can reload classes in a live remote JVM. I was successful in loading the class. The only disadvantage is that you cannot reload the class if you have added any new members to it. However, this is the limitations of JVM which may be addressed in upcoming Java major release. The rest of this write up gives you, the specification and algorithm (simple steps) used.
Specification
Write a simple tool which let you to reload classes in a running JVM without restarting your application. Also provide a simple user interface (probably using SWING).
Steps
1. Use Java Debug Interface API to connect to remote JVM. In order to connect to remote JVM, you the hostname/ip address of the remote box and port number on which your JVM runs. In order to hotswap the classes, you need start JVM in debug mode and if you start JVM using "socket" debugger.
2. Also subscribe for few important events such as JVM Exit, Disconnect Event. (for more info refer Java Debug Interface API Spec).
3. If the connection is successful, you get an instance of the remote JVM and you can once again use JDI to replace classes.
4. You have to write the logic of reading the class file (flat file) from the file system and give to JDI. JDI pumps the class file to remote JVM which reloads the class after making lot of checks.
Apart from being specifications and methodologies to write tools, these specification can help you a lot to understand JVM deeply. Recently, I was reading through HotSwap and suddenly wanted to write a simple tool using which I can reload classes in a live remote JVM. I was successful in loading the class. The only disadvantage is that you cannot reload the class if you have added any new members to it. However, this is the limitations of JVM which may be addressed in upcoming Java major release. The rest of this write up gives you, the specification and algorithm (simple steps) used.
Specification
Write a simple tool which let you to reload classes in a running JVM without restarting your application. Also provide a simple user interface (probably using SWING).
Steps
1. Use Java Debug Interface API to connect to remote JVM. In order to connect to remote JVM, you the hostname/ip address of the remote box and port number on which your JVM runs. In order to hotswap the classes, you need start JVM in debug mode and if you start JVM using "socket" debugger.
2. Also subscribe for few important events such as JVM Exit, Disconnect Event. (for more info refer Java Debug Interface API Spec).
3. If the connection is successful, you get an instance of the remote JVM and you can once again use JDI to replace classes.
4. You have to write the logic of reading the class file (flat file) from the file system and give to JDI. JDI pumps the class file to remote JVM which reloads the class after making lot of checks.
Subscribe to:
Posts (Atom)
