Home > Blogs > Virtualize Business Critical Applications

Windows Server 2012 VM-Generation ID Support in vSphere

Posted on January 4, 2013 by Alex Fontana

Update 1/25/2013: The vSphere versions required for VM-Generation ID support have been updated below.

Active Directory Domain Services has been one of those applications that, to the naked eye, seemed like it was a no brainer to virtualize. Why not? In most environments it’s a fairly low utilization workload, rarely capable of efficiently using the resources found in many of the enterprise-class servers that have been available for the past few years. Many organizations have adopted this way of thinking and have successfully virtualized all of their domain controllers. What about the hold-outs? What is it about Active Directory that has left so many AD administrators and architects keeping their infrastructure, or at least a portion of it on physical servers?

Until recently, a couple of limitations, some argued, diminished the advantages of virtualization. These limitations included support for cloning domain controllers and the inability to use features such as snapshots due to the risk of roll-back.

With the release of Windows Server 2012, Microsoft has validated the role virtualization plays in the data center by adding functionality that effectively lifts these limitations. The feature known as VM-Generation ID allows hypervisor vendors to expose a virtual machine identifier that Windows Server 2012 domain controllers can use to detect the state of a virtual machine and trigger new Active Directory safeguards. These safeguards protect the Active Directory from the dreaded USN roll-back if a virtual machine is reverted to a snapshot or rolled back by other mechanisms.

Besides protecting Active Directory from unintentional roll-back, these new safeguards and VM-Generation ID allow administrators to safely clone Windows Server 2012 domain controllers. When properly prepared, a Windows Server 2012 domain controller may be used as a source for new domain controllers. Not only does this eliminate the additional tasks of preparing a base virtual machine for becoming a domain controller, it reduces the time required for replication of a new copy of the Active Directory database.

VM-Generation ID functionality requires the hypervisor vendor to create the virtual machine identifier and expose it to the guest. VMware has provided this functionality in the following releases of vSphere:

VMware vSphere 5.0 Update 2 (vCenter Server and ESXi must both be at 5.0 Update 2)
VMware vSphere 5.1 (ESXi must be at least 5.0 Update 2)

More information on VM-Generation ID, supported methods for cloning domain controllers, and domain controller safeguards can be found at the following TechNet links:

Introduction to Active Directory Domain Services Virtualization (Level 100): http://technet.microsoft.com/en-us/library/hh831734.aspx

Virtualized Domain Controller Technical Reference (Level 300): http://technet.microsoft.com/en-us/library/jj574214.aspx

-alex

Formula to Determine Availability of SAP running on an ESXi Cluster

Posted on January 3, 2013 by Vas Mitra

“Arithmetic is where the answer is right and everything is nice and you can look out of the window and see the blue sky – or the answer is wrong and you have to start over and try again and see how it comes out this time.” ~Carl Sandburg

When we architect SAP on VMware deployments an important topic is how we design for high availability. We have options in the VMware environment from VMware HA, VMware FT and use of in-guest clustering software like Microsoft Cluster Services or Linux-HA. So can we determine a numerical availability for our design expressed as a fraction/percentage (same metric used to define uptime Service Level Agreements like 99.9% )? Yes, there are ways to estimate this value and one method is explained in the following paper http://www.availabilitydigest.com/public_articles/0712/sap_vmware.pdf . This paper develops an equation to estimate the availability of SAP running on an ESXi cluster expressed as a fraction/percentage. The concepts are taken from other papers at http://www.availabilitydigest.com (a digest of topics on high availability) and are based on mathematical algebra and probability theory that have been previously used in the IT industry for availability calculations. The availability metric (e.g. 99.9% or 0.999) is essentially a probability hence we use mathematical probability techniques to calculate the overall availability of a system.

The final general equation calculates the availability of an “n” node ESXi cluster sized with “s” number of spares i.e. an “n+s” cluster. It also factors in the software failover times of the single-points-of-failure (SPOF) in the SAP application architecture (database and Central Services). The failover time refers to the time taken for the SPOF to failover and restart on another ESXi host or other virtual machine in the event of an ESXi host failure – this period is important as it corresponds to downtime for the SAP system. The final equation gets a bit heavy on the algebra, but that’s because it models a generic use case. Once you replace the variables with practical “real-world” values, the equation gets easier and that’s when the algebra stops and spread sheeting takes over.

Let’s look at the following example with the following assumptions:

A five node ESXi cluster running SAP virtual machines, sized with one spare ESXi host i.e. it’s an “n+1” cluster – in the event of one ESXi host failure all impacted virtual machines failover to the remaining four ESXi hosts and all virtual machines continue to run with no loss of performance (the whitepaper covers this example in more detail).
A loss of two simultaneous ESXi hosts may result in serious performance degradation which we will classify conservatively as downtime for the whole cluster (not really true, but we have to start somewhere, see the whitepaper for caveats).
The probability of a failover fault is zero i.e. if a VMware HA or in-guest cluster switch over event occurs, the impacted SAP SPOF fails over to remaining ESXi hosts or another virtual machine with no chance of error.
The availability of a single ESXi host is in the ball park of 0.999 (i.e. “three nines”) – this simplifies the algebra in the general equation (see whitepaper section 4.3.1).

If we apply the above into the general equation from the whitepaper we get the following “simpler equation” specific to this use case.

We can use this equation along with practical values to replace the variables in order to observe how availability is impacted in different scenarios. The variables can be substituted with values obtained from: field experience; data/statistics gathered from actual implementations; reliability specifications from x-86 server vendors; proof-of-concepts / lab work evaluating failover times. The following example scenarios can then be analyzed:

How does failover time impact the final availability?
VMware HA adds some extra time for the OS to reboot compared to an active-passive clustering solution, how does this impact availability? VMware HA and clustering solution will have different values for mean time to failover.

At this point we can build a spreadsheet to analyze different scenarios.

It should be noted that this analysis is only considering unplanned downtime due to ESXi host/hardware failure. Other parts of the infrastructure would impact the final availability as experienced by the end-user such as network and storage (see section 3 of the whitepaper). It also does not consider downtime due to software corruptions or bugs or operational mistakes due to human error. Finally, while the formula discussed here is SAP specific the mathematical model can be applied to and adjusted for any ESXi cluster running business applications.

50 Partners To Help You Virtualize Business Critical Applications

Posted on December 28, 2012 by Neal Mueller

VMware Partners have the option to complete extra coursework to become VBCA Competent. There are many partners with this designation globally to help you virtualize your business-critical applications. The following is a partial list of the VBCA Competent partners. Please go to http://partnerlocator.vmware.com for a complete list of partners in your area.

Partners in the above table are certified to meet learning and experience requirements virtualizing business critical apps. Working with these partners enables customers to get the best service possible from an expert in virtualization. Click here to more about VMware Consulting Services.

Learn more: Virtualizing Business Critical Applications Whitepaper [39-page PDF]

Organizational Best Practices for Virtualizing Business Critical Applications

Posted on December 25, 2012 by Neal Mueller

When embarking on your virtualization journey, keep these key organizational best practices in mind.

Where to Start with BCA Design? Base the sizing of your virtual environment on physical servers. It’s critical to understand your application requirements and have a good sense of the capacity and storage you’ll need.

VMware Capacity Planner – Helps you to gain insight into IT resource utilization and develop a virtualization roadmap for server containment and consolidation.
VMware vCenter Application Discovery Manager – Allows you to quickly and accurately map your application dependencies so you can accelerate datacenter moves.
Microsoft has Exchange and SQL tools for performing the migration. When you begin the migration, use VMware’s vStorage APIs for Array Integration to save time while moving, starting or creating VMs by eliminating redundant data flow. With Storage APIs, vSphere can perform faster while consuming less CPU, memory, and storage bandwidth.

For reference architectures, please see:

vBlock
Flexpod

Learn more: Virtualizing Business Critical Applications Whitepaper [39-page PDF]

When to use Lock Pages in Memory with SQL Server

Posted on December 21, 2012 by Wanda He

Granting the Lock Pages in Memory user right to the SQL Server service account prevents SQL Server buffer pool pages from paging out by Windows. This setting is useful and has a positive performance impact because it prevents Windows from paging a significant amount of buffer pool memory out of the process, which enables SQL Server to manage the reduction of its own working set.

Setting the Lock Pages in Memory user right is a good performance optimization practice when Tier 1 mission-critical SQL Server. When setting the SQL Server Lock Pages in Memory user right, the virtual machine’s memory reservation should also be set to match the amount of the provision memory. Setting virtual machine memory reservations prevent the balloon driver from inflating into the SQL Server virtual machine’s memory space. Lock Pages in Memory should also be used in conjunction with the Max Server Memory setting to avoid SQL Server taking over all memory on the virtual machine.

For instructions on enabling Lock Pages in Memory, refer to Enable the Lock Pages in Memory Option (Windows) (http://msdn.microsoft.com/en-us/library/ms190730.aspx).

While Lock Pages in Memory can optimize performance, it may not be optimal for all kinds of SQL Server deployments on vSphere. When Lock Pages in Memory is used, because SQL Server memory is locked and cannot be paged out by Windows, you might experience negative impacts if the vSphere balloon driver is trying to reclaim memory from the virtual machine. For lower-tiered SQL Server workloads where performance is less critical, the ability to overcommit to maximize usage of the available host memory might be more important. When deploying lower-tiered SQL Server workloads, VMware recommends that you do not enable the Lock Pages in Memory user right for lower-tiered SQL Server workloads. For lower tier SQL workloads, it is better to have balloon driver manage the memory dynamically. Having balloon driver dynamically manage vSphere memory can help maximize memory usage and increase consolidation ratio.

Demo: SQL Server Rolling Patch Upgrade using Standby VM

Posted on December 21, 2012 by Wanda He

For those who read my earlier post on SQL Server Rolling Patch Upgrade using Standby VM, and are interested in trying it out, below is a step-by-step demo video for your reference.

Events That Trigger Virtualization of Business Critical Applications

Posted on December 20, 2012 by Neal Mueller

You cannot afford for business critical applications in your datacenter to go down just to upgrade them. With that in mind, let’s look at which events might provide a good opportunity to virtualize applications in your datacenter. Below are some questions to ask when considering virtualization. If you answer “yes” to any of the questions, it might be time to virtualize that app.