Have you ever tried to explain or justify virtualization to someone, but walked away feeling they didn’t quite get it? e.g. your boss, or maybe someone else that needs to “get it” for you to get your job done.
Here’s a great video that is crisp, concise and hits all the main points in an easy to understand way.
(yes, I know it’s not strictly networking, but I thought this was really useful)
I thought things might be a little confusing after you upgrade to Update 1 of vSphere for the SRM 4.0 licensing so I thought I would do a quick post and help everyone avoid any confusion and maybe avoid an issue too.
However, after you upgrade to Update 1, the SRM license will be changed into a vSphere Solution Licensing License. Here is a screen shot from my lab of what it will look like: This license change will occur after the U1 update is finished AND after the SRM service is restarted. Here is where it may get a little complicated. There is a potential issue that will stop SRM from restarting after the Update 1 is applied. We have a KB article that should be live very soon at http://kb.vmware.com/kb/1016111 which explains more about this issue and the solution. The short version is to use the repair SRM option in the Add / Remove programs to 'repair' SRM and you will than have SRM running, and with the new license type. If you have this issue, you will need to do the repair on both the recovery and protected sites.
If the KB article is not live for you, remember the repair option, and check back frequently, it should be live very soon.
Today we released an updated version of VMware Data Recovery (VDR) – we have been working hard on this release for the past few months and we think it moves the needle significantly forward.Get more information about the updated VDR release here.
So, what are the highlights of this updated release of VDR?
Support for backing up Windows 2008 R2 and Windows 7 virtual machines (requires upgrading to vSphere 4.0 Update 1)
Customization of the VDR parameters such as how frequent integrity check and reclaim operations run, maximum concurrent backups allowed and disabling any file level restore operations.
The VDR virtual appliance is now a HW7 virtual machine and runs 64-bit CentOS 5.2 as the guest OS.
However, the most obvious change is the addition of a new File Level Restore (FLR) client for Windows virtual machines – this is the fully supported version of the FLR client to allow granular restore of individual files.This new functionality complements the full virtual machine restore capability that has been available since VDR 1.0.
Let's do a quick walk through of the new FLR client. I installed the FLR client directly on the desktop of one of my Windows virtual machines and have accessed it via a console connection. Double clicking on the FLR client icon will launch it.
The first thing you will need to do is to log in to the VDR appliance. By default, you log in via standard mode and the VDR appliance will display only the restore points that match the universally unique identifier (UUID) for the virtual machine that the FLR is being executed from. You can also login via advanced mode, whereby all restore points for all protected virtual machines will be presented by the VDR appliance.
Beyond the number of restore points presented, the operation of the FLR client is identical in either mode.The use case for the standard mode is for individual users to perform self serve restores while the advanced mode is typically used by vSphere administrators to restore batches of files to different virtual machines.
Once logged in to the VDR appliance, you are presented with the various restore points. Highlighting a restore point and selecting Mount will mount the point in time copy of the virtual machine’s disk(s).
VDR will mount the restore point as a read only directory – note the directory with the identical date and time stamp below.
Once the restore point is mounted, you can open up the directory, browse to the file that needs to be restored and drag/drop the file to another location.Note that multiple restore points can be concurrently mounted.
Once the restore operation is complete, close out the FLR client and the restore points will be automatically dismounted.
VMware vShield Zones, a new security service for vSphere, ensures strict compliance with security policies and industry regulations for user data as customers adopt cloud computing with virtual environments for increased efficiency and flexibility. Previously, compliance required diverting network traffic to external physical appliances resulting in disconnected ‘islands’ of infrastructure. With VMware vShield Zones, customers can now create logical zones in the virtual datacenter that span all of the shared physical resources, and each zone represents a distinct level of trust and confidentiality. This allows businesses to comply with corporate security policies and regulations on data privacy while still running applications efficiently on shared computing resource pools.
Traditional security products, such as firewall appliances, require that all network activity pass through a handful of fixed physical locations in order to be monitored. Virtualized applications, in contrast can be migrated between physical hosts for higher resource efficiency and improved uptime. Therefore, companies virtualizing security sensitive applications faced the choice of either leveraging virtualization capabilities such as live migration for optimal load balancing and availability, or enforcing strict security compliance. To solve that dilemma, most customers ended up dividing their virtual environments into smaller, less efficient clusters for areas such as their Internet-facing demilitarized zones (DMZ’s) or consumer credit data processing systems subject to Payment Card Industry regulations. VMware vShield Zones enables customers to create security zones within enterprises or in multi-tenant cloud infrastructures, where security policies are enforced even as virtual machines dynamically migrate between hardware devices. Deployed as a virtual appliance and integrated into vCenter Server, vShield Zones makes it easy to centrally manage and enforce compliance with security policies across large pools of servers and virtual machines. Built-in auditing capabilities make compliance straightforward and verifiable.
As an example, today you send network traffic to an external Network IDS/IPS box which becomes a chokepoint. With this feature all that traffic can be handled internal to the virtual infrastructure. Similarly, there is also the capability for packet/protocol monitoring to be on the alert for SQL insertion or other data oriented attacks. By combining multiple layers of the security “onion” within the virtual infrastructure you can more easily pass security and compliance audits will eliminating much of the costs associated with these activities.
Yes, I am slowly losing my hair like many other aging men out there, but it wouldn’t be virtual insanity if I were blogging about my personal male pattern baldness issues. With the latest release of VMware vSphere comes a lot of new features and functionality that can be leveraged to make our lives easier. One of these features, that I personally have been looking forward to for a while, is Thin Provisioning. If you aren’t familiar with this technology, jump over to
One of the exciting promises of thin provisioning, is getting more “bang for your buck” out of the expensive enterprise storage you have been investing in for your ESX environment. But, as Bret Michael’s once said, “Every rose has its thorn” and there are some things to look out for and considerations to make, before implementing thin disk technologies.
Efficiencies are great if they work right and don’t over
complicate the environment.
Do your homework and make sure you understand the characteristics of the virtual machine that you are considering migrating into a thin disk configuration. The last thing you want to do is convert every VM to thin disk, and four months down the road all of your data stores are filling up and you’re scrambling for a storage CAPEX. Some people are of the opinion to do thin provisioning either on the host side (VMware) or on the storage array side, but not both. Take a gander at Chad Sakac’s blog that discusses thin on thin and some thoughts around each of these approaches. I’m not going to go into all of the pluses and minuses of thin provisioning but rather focus on how to make it work for you.
So now that we have some of the basics out of the way, I wanted to share my thoughts on thin provisioning. Like many organizations, we get requests from our customers that err on the side of caution. They want to plan for the worse case and ensure that their project and/or application isn’t setup for failure. I don’t blame them really, I do it myself all the time when I make coffee at home. I always end up making more coffee than I typically drink, just in case I might need that extra charge. The best way to do that is pad it, request more than what you might really need, just in case something comes up down the road. Virtual machine disk storage in some cases fits this same profile. If my coffee maker granted me access to hot coffee on demand, I would stop making extra coffee. Thin disks can give your end users that capacity on demand so you can gain control of the padding effect that typically takes place in most corporate organizations.
Take it back…
So now you have done your research, you’re starting to get a feel for what this thin stuff is and how it might play out in your shop. It’s go time. If you’re a smaller VMware customer, you probably already have an idea of what are good target disks to convert. If you’re a larger environment, it might be a little more difficult to gauge where the bloated pigs are hiding.
I worked at GE for a couple of years and was exposed to some of the Six Sigma methodologies they preach as well as practice. Sounds boring, right? Not really. You can really leverage DMAIC for a lot of IT related problems/issues/projects. You don’t have to take it to the extreme, use the framework to help guide you on your quest:
The DMAIC project methodology has five phases:
Define high-level project goals and the current process.
Measure key aspects of the current process and collect relevant data.
Analyze the data to verify cause-and-effect relationships. Determine what the relationships are and attempt to ensure that all factors have been considered.
Improve or optimize the process based upon data analysis using techniques like Design of experiments.
Control to ensure that any deviations from target are corrected before they result in defects. Set up pilot runs to establish process capability, move on to production, set up control mechanisms and continuously monitor the process.
We have already defined our project goals and what we are trying to accomplish. We need a good “Measure” tool to really find where we might benefit from thin provisioning. Powershell is a great tool that most VMware administrators use, or have at least heard of. So this was the first place I turned to for assistance.
Alan Renouf of “Virtu-AL” http://www.virtu-al.net/ gave me a hand in writing the powershell script needed. (Thanks again, Alan!). Alan already had a one liner script to produce a list of vm’s, their disks assigned, and how much data each disk was consuming. I needed the ability to see this data outside a powershell window and be able to analyze it in a better format. We have a decent-sized VMware environment and exporting this out to a .csv for analysis is extremely helpful. Here is the script!
So now that you have this great spreadsheet, you can do all sorts of crazy sorting and reporting, within Excel. Take some time on phase 3, “Analyze” what you’re seeing. Talk to your VM stakeholders to see how things might be changing from their perspective. Try to plan for the surprises and position yourself accordingly.
Next is the “Improve” phase of DMAIC (see it’s easy!). This is the part where you actually do the work. It’s time to start leveraging the storage VMotion API’s, and reclaim some of that unused disk.
Select the target VM in the VC client.
Right click on the VM and select the option “Migrate”.
Select the option “Change Datastore”.
Select the destination, or click advanced if you are targeting one particular disk.
Select “Thin provisioned format”.
Rinse and Repeat for the rest of that spreadsheet you have worked so hard on.
The last phase of DMAIC is “Control”. This is one of the most important pieces to thin provisioning in my opinion. At the minimum you need to setup Virtual Center alerts to monitor when your datastores are approaching critical levels. You can’t implement thin disks in your vSphere environment and walk away. The smart people over at VMware have given us the ability to monitor datastore disk space usage and over-allocation with the latest release of Virtual Center. Setup your monitors so you are e-mailed when some of these thin disks begin to grow and you need to take some action.
Eric Gray of VMware takes this to the next level, check out his blog post on utilizing powershell to prevent datastore emergencies. My personal approach to this concept is to setup a “hotspare” datastore for your environment. A good practice to implement here would be to try reclaiming enough storage from your migrations to thin disks to free-up a “hot spare datastore”. Implementing an automated recovery solution like Eric’s will help you sleep easier at night. Worried about what might happen if your script doesn’t work or you do hit the perfect storm and end up with a full VMFS volume? Intelligence has been built into vSphere to automatically pause the virtual machines, impressive. Check out Eric’s video:
Wrapping it all up
Thin disk provisioning is a great feature that you should consider leveraging in your environment. With some forward thinking and best practices you can achieve higher ROI for your ESX storage. VMware vSphere offers the ability for you to migrate from thick to think with no downtime, so you can begin reclaiming storage on the fly. Keep it simple, start out with a high level analysis of your infrastructure. Identify the candidates that are a good fit and worth focusing on. Setup your alerts on the datastores as soon as you migrate your first virtual machine so you are protecting yourself from problems down the road. Consider taking automated actions if your datastores are reaching critical thresholds.
This week starts the 5th cycle of our vSphere Blog Contest. Over the next two weeks we will be highlighting VMware vShield Zones (http://www.vmware.com/products/vshield-zones/). vShield Zones simplifies application security by enforcing corporate security policies at the application level in a shared environment, while still maintaining trust and network segmentation of users and sensitive data.
Get those blog entries going and enter by next Friday (11/20) for your chance to win!
Thanks for your blog entries so far on vStorage Thin Provisioning. For those of you yet to post, you have until 11:59 this Friday to get your entry in for this cycle. Below are our entries to date (nice work folks!):
The Virtual Computing Environment (VCE) coalition was announced this morning. This is a coalition between Cisco and EMC, together with VMware to accelerate customers’ ability to increase business agility.
Apart from bringing a single point of contact for design, service, and support, the coalition introduces the notion of the “Vblock Infrastructure Packages.” These are ready-to-go infrastructure packages that are fully tested, integrated and validated.
You can find more information (presentations, papers, videos, etc) at: