I recently sat down (at my keyboard) to talk (via email) with Edward Haletky about his new book, VMware ESX Server in the Enterprise: Planning and Securing Virtualization Servers. For more info about Edward, see his bio or his VMware Communities page, where he is a Virtuoso and a User Moderator.
Can you tell us a little about yourself and your background? How did you come to write this book?
When I started visiting customers to discuss, review, and install VMware
ESX Server with them, I would write them a document that covered the
discussions and configurations used at the customer site. It got to the
point that I would use the document as basis for a custom document for
each customer; I would drop a section, add a new one, increase another,
and remove from a different section. Eventually I had enough information
to generate a framework for a book and took that step. It has been a
crazy ride since then.
Who is the audience for your book — what role, what level of experience? Is the book useful if you’ve never touched ESX before? Is the book useful if you already have your VCP?
The book is designed for everyone. It can be used by the seasoned
Administrator as a reference, or by the beginner as a primer.
The book’s title is "VMware ESX Server in the Enterprise: Planning and Securing Virtualization Servers". Security seems highly emphasized. Can you discuss why you felt this was important enough to put in the title?
When I started discussing security and ESX it was with early versions of
ESX v2. I was speaking a VMTexas on the subject and had an audience that
was quite large for the small conference. The discussion was supposed to
be for 1 hour, it lasted close to 3. People were hungry for information
on how to secure their ESX Servers. I still find that is the case, and
while more and more people understand how to do this, the general ESX
Administrator is not a Security Administrator and can miss very simple
things that could cause havoc. With the advent of VI3, I found that it
was still very important regardless of the vast improvements to
security. Virtualization has moved from the dark recesses of the data
center to a critical central role within a data center, with that comes
an increase in the need for security awareness.
One of the more popular books in the ESX 2.5 timeframe was Oglesby & Herold’s "ESX Server: Advanced Technical Design Guide". How does the scope of your book compare, and will it be of interest to people who already have other ESX books?
I actually have that book and I consider my book complementary to their
books. It duplicates some coverage but I try to look at things from a
different perspective and really go into best practices for each aspect
of implementing VI3. The Virtualization Administrator needs to be a jack
of all trades covering hardware, networking, security, storage, etc.
This book gives them a primer on how these aspects of virtualization
touch on a VI3 server. The book can also be used by the Security
Administrator, Storage Administrator, Network Administrators, etc. to
get an understanding of Virtualization so that they can contribute to
the successful implementation of Virtualization within the data center.
All the teams need to work together and understand every aspect of
virtualization in order to have a successfull implementation.
What’s the biggest mistake that people encounter when planning or rolling out their virtual infrastructure?
The biggest mistake I find is that people do not plan enough. I give
examples through out the book that relate to this. I think people need
to plan, plan, and then plan some more. It is very easy to get started
with ESX, but to do it well takes good planning.
Where do people see the biggest advantage or ROI after rolling out their virtual infrastructure?
Outside of the Power consumption and space issues, I find that the
biggest ROI is in uptime and redundancy. With multiple VI3 servers it
is possible to handle most general failures with an ease that is
incredible. vMotion, Storage vMotion, HA, and DRS have changed the
world as we know it. It is possible to keep machines running for longer.
Last but definitely not least full VMDK backups have greatly reduced the
time necessary to restore VMs to new servers during Disasters.
Although your book is mostly about planning and implementing the technology, you have a chapter on one topic I’d almost define as a use case: Disaster Recovery. Why did you include this (as opposed to VDI or even Server Consolidation) and what’s been your experience with how virtualization
enables disaster recovery?
I covered Disaster Recovery and Backup because I think this needs to be
planned into VI3 before it is rolled out. The Virtualization Servers are
too important to just add this as an after thought. Good DR planning
requires integration at almost all levels of VI3 roll out. This could
affect the Storage devices used, the need for more software, networking,
and how VMs are laid out. The chapter goes through common disasters and
how virtualization can be used to mitigate the risk, as well as the
myriad of ways disaster recovery backups can be made using the
technology available. DR is too important to leave as an after thought.
While it is the last chapter of the book, it is an important
consideration when planning your Virtualization roll out.
Does the book include anything on ESX Server 3.5 or 3i? What do like or dislike about the newest versions of VI?
The book unfortunately does not cover VI3.5 but the website for the book
does cover the necessary changes to the book for VI3.5 and 3i. This is a
work in progress. I have no real issues with VI3.5 other than MSCS is
not yet supported and that hardware requirements have changed pretty
drastically requiring more firmware updates. But I do have issues with
3i, as there is no current way to implement security auditing, and
monitoring of the system.
You include some thoughts on the future of virtualization. Care to share some of your thoughts?
I think that the Quad Core CPU has changed virtualization, in the past
we often had CPU related issues, that are now no longer prevalent due to
the introduction of the quad core. A Quad Quad-Core box with 256GBs of
RAID Memory is a monster virtualization box. When that goes to Quad
8-core, it will be even better. The main concern now, is that people are
running out of memory long before they run out of processor. Before it
was CPU, now it is memory and disk IO. I see a time when it is possible
to do more than DRS, when it will be possible to change nearly every
aspect of a VM without the need to reboot the VM. I look forward to that
as it will aid in load balancing resources amongst all VMs on a single
host. An example is the ability to add memory to the VM without a reboot.
Thanks, Edward!
