Comments on: On the dangers of OVF

By: Sebastian Otaegui

Sebastian Otaegui — Fri, 24 Apr 2009 18:28:30 +0000

Shouldn’t be a way to securely sign the machine image as there is with other software packages?
The format and the host should support some sort of secure authentication.
Like with application installation packages.

By: Matt Rechenburg

Matt Rechenburg — Sat, 18 Apr 2009 21:14:55 +0000

I would like to suggest to try out openQRM. That way you can perfectly separate “hardware” (virtual or phyiscal) from “software” (your server-images). With openQRM you are completely independent from any virtual disk-image format. Server-images in openQRM are “just” root-filesystems and you can deploy them to virtual machines of any type and also transparently migrate them to other virtualization technologies and even to physical machines at any time without touching or changing your server-image in any way nor adapting any virtualization configuration files at all.
.. just my 2 cents, i can live without OVF.

By: nick

nick — Fri, 17 Apr 2009 18:28:02 +0000

This has got to be the most ridiculous argument.

By: Rational Survivability » OVF: The Root Of All Evil. We Must Exterminate It NOW!

Fri, 17 Apr 2009 16:36:42 +0000

[...] It seems the singularity is upon us as chronicled by Kris Buytaert in his post titled: On the Dangers of OVF. [...]

By: wishinet

wishinet — Fri, 17 Apr 2009 15:17:02 +0000

And Windows is dangerous because of the exact same reasons. I’m not the only one having this opinion: the windows binary format is useable to spread malware.

By: Christofer Hoff

Christofer Hoff — Fri, 17 Apr 2009 15:01:38 +0000

Kris:

I just checked the date and it’s not April 1st, but this must be a joke, right?

VM mobility is one of the key construct benefits of virtualization platforms in delivering automation and autonomics…the “VM sprawl will doom us all!” rant is a Chicken Little scenario.

Further the “perfect malware storm” is just as silly of a hyperbolic corner case as you can get.

If you look at the longer term policy enforcement capabilities of OVF (and VMAN) and the ability to finally homogenize the management and security across virtualization platforms, OVF is a win.

Come on, really?

/Hoff

By: Patrick

Patrick — Fri, 17 Apr 2009 12:09:15 +0000

So i think you have to see 2 POVs:

First it is a easy way to transfer Virtual Machines within a Infrastructure (no one can change the images before). Its an easy way to check ESX VMware to VirtualBox and other products.

The Second view is the exchange of completely strangers. So i wouldn’t never run an OVF provided on a website or somewhere else.

And so the result is, only the administrator can make an choice how to work. Because a IT environment is only as safe as the administrator take care of it.