The Virtualization Practice

Virtualization Management

Virtualization Management covers all aspects of managing a modern virtual or software defined data center. This includes managing across virtualization platforms and clouds, monitoring the performance and availability of the virtualization platforms (hypervisors) and the clouds, monitoring the capacity of the virtualization platforms and clouds, ...
monitoring the performance of the applications running on these platforms and clouds, automatically provisioning these environments, securing these environments, and ensuring that the data in these environments is always protected and available.

This day seem to start like any other but it seems like as soon as I was logged in to start my day issues arose. It seems like I lost one of my VMware 3.5 ESX servers and all the virtual machines on the host were knocked offline. This should not have been a big deal since HA was enabled but, Murphy has a way of making life really interesting. So as I logged into the vCenter client I noticed that the host in question was in a disconnected state and all the virtual machines showed up as disconnect. In past experiences I have seen HA, during a host failure, recover the virtual machines in under five minutes. So I waited and waited thinking HA should have kicked in by now. Time for a little further investigation!!

There is a cardinal rule that we should all know about, especially for those of us who have spent a lot of time developing kickstart scripts for automated builds of the VMware hosts in your environment, that you do not use windows word editors like Notepad or WordPad when working with Linux files. If you use notepad to edit Linux files it will add unwanted line feeds (LF) to the file which may cause the file to be misinterpreted. If you must use Microsoft Windows as your client OS use Microsoft WordPad which does not modify the file in this way.

There is a great deal of marketing hype about which hypervisor is better but I have spent some thinking about this and really have to wonder if the hypervisor is what we should really be focusing or concentrating on. A lot of third party vendors are starting to port their products to be able to work with both hypervisors but what about the management server itself? When third party application vendors design their applications to work with VMware or Microsoft hypervisors they have been writing plug-ins for their product to work inside the management server systems and or its client.

The security companies are looking into all aspects of virtual environment introspection to label, tag, or mark all objects for compliance reasons, inspect the contents of virtual machines for asset management (CMDB), and an early form of Root Kit detection.

Virtualization Security is not just about the firewall, it is about the entire ecosystem, auditing, compliance, and object management.

Is the CMDB Irrelevant in a Virtual and Cloud Based World?

The CMDB’s that were designed and architected for static physical systems appear to be unwieldy, too difficult to keep up to date, and not real-time enough to make the transition into the virtualized and cloud based world. Virtualized environment change too fast for existing CMDB’s to keep up, and the notion of keeping a CMDB up to date as assets are moved into and out of public clouds seems hopelessly beyond the intended original use case of a CMDB. A new category of datastore is needed that will address the needs of virtualized and cloud based environments, while incorporating performance information with configuration information.

When working with VMware ESX there are some tips that I can share that can help you manage your environment. This tips are not anything really new or exciting but rather a reinforcement of some best practices to live by in order to improve auditing for compliance and troubleshooting. Use of the following in conjunction with remote logging functionality will improve your compliance stance and improve your ability to troubleshoot over a period of time.

How you may ask? By using a tool that logs all local administrator actions to a remote logging host. There are two ways to do this today for ESX (SUDO and the HyTrust Appliance) and only one mechanism for ESXi and vCenter (the HyTrust Appliance).

PhD Virtual has gained its second round of funding with investment from Citrix amongst others as discussed within our post News: esXpress is no more but what does this mean for XenServer? Up until this point it looked like Citrix was out of the server hypervisor wars and backing Microsoft’s Hyper-V play. Yet this looks on the surface like a basic shift to that direction. Yes, XenServer was placed into the OpenSource community and the latest improvements, such as the Open VSwitch integration and a new releases emphatically say that XenServer is alive and well and that its ecosystem is growing for that matter so is Hyper-V’s.

Java based applications can now be moved between not only a SpringSource TC-Server Java platform on VMware vSphere, but also between the same platform on VMForce, and now Google AppEngine. This level of support from VMware, Salesforce.com, and now Google is starting to make SpringSource look like the early leading technology for PaaS Clouds. This is a significant advance in the state of PaaS clouds as there were previously no examples that offered such broad support for one platform by such a diverse set of industry leaders. However as is always the case, platform advances have outstripped security, management and performance assurance capabilities.