vSphere Storage Software-Defined Storage Virtual Volumes (vVols) vSAN

Using Tag-Based SPBM Policies to Manage Your Storage

In this SPBM series (Storage Policy Based Management), we will review and explore the many options in using SPBM to manage your virtual storage environment. SPBM policies are categorized into three main areas; Storage Capabilities and Services, Data Services and Tags.

Tag-Based SPBM

Storage Capabilities and Services SPBM policies are used when datastores, such as vSAN and vVols, are represented by the storage provider or VASA. The VASA reports the capabilities and services that a vendor’s datastore is capable of providing.

Data Services SPBM policies use host-based services and are also represented by the storage providers. You use the information from the storage provider when defining host-based data services. Data Services Policies do not affect the placement of objects or VMs but rather the services they may use such as encryption or SIOC v2.

Tag-based SPBM policies may be used for numerous functions and are often used when a datastore is not represented by a storage provider. VMFS and NFS typically fall into this category although it is not limited to these.

Tag-Based SPBM Policies

Many are familiar with SPBM policies when used with vSAN or vVols as they have some incredible features and functionalities. But another valuable SPBM use is with Tags and Categories. By using tags, we can create high-level generic policies or very custom and detailed policies. With tag-based SPBM, you can create your own specific categories and tags based on almost anything you can envision. Performance levels or tiers, disk configurations, locations, OS type, departments, and disk types such as SAS, SATA or SSD are just a few examples. The categories and tags you can create are almost limitless!

Let us say you want to make sure VI admins place Linux VMs on a specific datastore. You can create a Category for OS and a Tag for Linux. Then you can associate those tags with any number of datastores you want to house only Linux VMs. This enables VI admins to simply choose the Linux SPBM policy and only the compatible datastores, or datastore clusters will be displayed and available.


Setting up Categories and Tag-Based SPBM Policies

With tag-based SPBM, you have the ability to utilize multiple tags in a single policy. In fact, if you’re crazy enough, you can use up to 128 tags in a virtual machine storage policy! Subsequently, you have the ability to be exceedingly specific. You may have different departments that have different storage requirements or require separations for security. You could then create a Category for Department and create tags with Financial, HR, and Engineering. Also, if you wanted to put them on different types of storage like VMFS or NFS, or maybe SATA, SAS, or SSD you can add these tags to a single SPBM policy.

Example; Category: Department, Tag: Financial, Category: Disk Type, Tag: SAS. Now you add these tags to your corresponding datastore and create a “Financial” SPBM policy that uses those tags. This helps to ensure correct placement of VMs during creation, cloning or migration.

If the VM is moved to a non-compliant datastore, it will show Noncompliant in the VM Storage Policies compliance section of the VM. If you wanted, you could create an alarm and action to be alerted if this situation occurred.

Here is a short video demonstrating setting up categories, tags and creating Tag based SPBM policies:


Another benefit, you can change or add to the underlying storage related to a policy without having to modify the policy itself. You add the related tags to a datastore, and now that datastore is associated with that policy. You may also associate these policies with datastore clusters further simplifying the management of underlying storage.

Tag-based SPBM policies are not limited to tags alone. They may also be used in conjunction with vSAN, vVols, and host-based services allowing additional customized policies.  You could create an SPBM policy that applies to vVols located in different physical locations. This allows you to use the VASA provider for the storage capability and tags for a specific physical location. Permitting you to limit certain VMs to use vVols, but only at a specific site. See the quick demo below of using vVols and Tags together.

Tag-Based SPBM


Tracking and Reporting

With the categories and tags you have created, there are other benefits you may be able to utilize. Tags may be used for tracking and reporting. For instants, if you tagged all your HR VMs, you could run a query to see all the HR VMs, and the resources they are using.  If the appropriate categories and tags are utilized, you could query to see what VMs are using VM encryption. Below are a few examples of PowerCLI using tags to query the environment.


There are advanced options which allow you to enforce the placement of objects when using SPBM. In this KB (2142765), it shows how to set the enforcement level of your policies. The options are 0,1, and 2. Where 0 is NO enforcement, 1 is SOFT enforcement, and 2 is HARD enforcement meaning you cannot violate the SPBM policy placement.

The use of Tag-based SPBM is something I’ve used extensively, and it enabled me to allow other, less technical, admins to provision VMs and easily determine datastore placement based on VM functionality, OS, and or performance requirements. If you have not explored tag based SPBM policies you are missing out. Especially with the added benefit of querying the tags in your environment.


SPBM Resources


Stay Tuned for the SPBM Blog Series

  1. Using Tag-based SPBM Policies to Manage Your Storage
  2. Storage Capabilities and Services
  3. Data Services SPBM Policies

 Related SPBM Posts


One comment has been added so far

Leave a Reply

Your email address will not be published.