IT departments are often forced to simultaneously support additional capacity and services while decreasing overall operational costs. Although these requirements are often at odds, server virtualisation technology can help meet these goals.
With primary advantages including cost savings and increased hardware resource utilisation, the decision to deploy virtual machines is usually an easy one.
As with most solutions, however, there are potential drawbacks and management issues. In some cases, organizations can simply apply the same best practices that they have defined for physical machines. In other cases, virtual machines raise new issues that must be addressed.
Contents Benefits of Virtualization...... 1 A Technical Overview of VMware.................................. 3 Virtualization Management Challenges .............................. 5 Migrating to a Virtual Environment .......................... 6 Monitoring Mixed Virtual and Physical Environments.......... 7 Optimizing Virtualization Management with NetIQ AppManager for VMware.. 10 Summary.............................. 13 Resources for More Information.......................... 13 Managing Virtualization with NetIQ AppManager for VMware White Paper September 2007 IT departments are often forced to simultaneously support additional capacity and services while decreasing overall operational costs. Although these requirements are often at odds, server virtualization technology can help meet these goals. With primary advantages including cost savings and increased hardware resource utilization, the decision to deploy virtual machines is usually an easy one. As with most solutions, however, there are potential drawbacks and management issues. In some cases, organizations can simply apply the same best practices that they have defined for physical machines. In other cases, virtual machines raise new issues that must be addressed. This paper will describe the challenges that organizations face when deciding to deploy virtualization technology into production environments. The content includes best practices and recommendations for addressing these issues. Based on these suggestions, you ll learn how NetIQ AppManager for VMware can help organizations gain the benefits of virtualization while maintaining manageability throughout their entire environment. Untitled Document THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU. This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. 1995-2006 NetIQ Corporation, all rights reserved. U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government s rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement. Check Point, FireWall-1, Provider-1, SiteManager-1, and VPN-1 are trademarks or registered trademarks of Check Point Software Technologies Ltd. ActiveAgent, ActiveAnalytics, ActiveAudit, ActiveReporting, ADcheck, AppAnalyzer, AppManager, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, IntelliPolicy, Knowing is Everything, Knowledge Scripts, Mission Critical Software for E-Business, MP3check, NetConnect, NetIQ, the NetIQ logo, NetIQ Change Administrator, NetIQ Change Guardian, NetIQ Compliance Suite, NetIQ Group Policy Administrator, NetIQ Group Policy Guardian, NetIQ Group Policy Suite, the NetIQ Partner Network design, NetIQ Patch Manager, NetIQ Risk and Compliance Center, NetIQ Secure Configuration Manager, NetIQ Security Administration Suite, NetIQ Security Analyzer, NetIQ Security Manager, NetIQ Vulnerability Manager, PSAudit, PSDetect, PSPasswordManager, PSSecure, Server Consolidator, VigilEnt, Vivinet, Work Smarter, and XMP are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other jurisdictions. All other company and product names mentioned are used only for identification purposes and may be trademarks or registered trademarks of their respective companies. Untitled Document Benefits of Virtualization IT organizations face two main issues related to increasing efficiencies. The first is the lack of overall resource utilization in data center environments. Most servers in a typical production data center use only a fraction of their overall capacity. One of the primary reasons for this is the tight coupling between applications and services and the operating systems (OSs) on which they depend. Figure 1 shows an example of the relationships between the software that users rely upon and the underlying OS and hardware. The OS itself is tightly coupled to the hardware on which it is running and is usually not designed to share hardware resources with other OSs. The dependencies between these layers lead to problems such as complex configurations and the inability to easily move and consolidate workloads. For many environments, the end result has been a situation in which each workload is deployed on its own server. Figure 1: The relationship between applications, OSs, and the underlying hardware platform. Managing Virtualization with NetIQ AppManager for VMware 1 Untitled Document Server virtualization technology addresses these challenges by enabling IT departments to combine different workloads on the same physical systems. The end result is increased overall hardware utilization and a more agile applications infrastructure. Some of the specific scenarios and benefits include: " Server consolidation Virtualization enables the ability to combine multiple applications and services on a single physical machine to reduce data center costs (including power, cooling, and physical space). This allows organizations to maximize the return on their hardware and data center investments. " Portability and hardware abstraction Workloads can be moved between physical systems without regard to the underlying OS and device configuration settings. " Flexibility and agility The ability to rapidly adapt to changing business requirements by increasing capacity in a uniform resource pool is a key advantage provided by virtualization. Rather than treat each physical machine as an isolated system, IT departments can start to view their entire infrastructures as a large bank of system capacity. " Increased hardware utilization Increased efficiency and utilization of existing hardware investments leads to additional capacity with minimal cost increases. Virtual machine configurations can be quickly adapted to meet changing business requirements. " Backups and disaster recovery Virtualization provides the option to create and maintain copies of mission-critical systems in a format that can easily be restored on different systems. By removing hardware-related dependencies and the complexity of reconfiguring applications, organizations can reduce many of the risks of data protection. " Dynamic resource reallocation Virtualization platforms provide a simplified method of changing hardware resource allocations for a workload without the need to perform hardware upgrades. " Test and development environments Virtualization provides the power to create and maintain environments that contain numerous heterogeneous configurations with a limited set of hardware. This is ideal for reducing support and maintenance costs in environments that must perform testing on a variety of different systems. " Legacy application support Virtual machines are isolated environments into which a wide array of OS platforms and versions can be deployed. This allows IT departments to support older applications and services on new hardware. Overall, these benefits can help IT departments achieve dramatic management benefits. 2 White Paper Untitled Document A Technical Overview of VMware VMware is a provider of server virtualization solutions that are designed to support mission-critical enterprise workloads. The primary component of VMware s enterprise solution is VMware ESX Server. Figure 2 provides an overview of VMware s virtualization architecture. Figure 2: An architectural overview of VMware ESX Server. At the bottom of the architecture is the underlying physical hardware of the host server system itself. Interacting with the hardware is a very minimal base OS and a Hypervisor the layer of software that is directly responsible for the coordination of hardware requests. The top of the architecture shows multiple isolated virtual machine environments, each of which can support a wide variety of different OSs and applications. Each virtual machine is designed to run on the VMware ESX Server platform, so each can be moved between different physical servers without modification. In addition, previously incompatible workloads can be easily combined and managed on the same server. Managing Virtualization with NetIQ AppManager for VMware 3 Untitled Document Features of VMware Infrastructure 3 (VI3) As organizations trust virtualization for running mission-critical workloads, they require availability, reliability, and performance features. VI3 provides numerous optional benefits to users of VMware ESX: " VMware Virtual Center provides a centralized virtualization management and automation interface that allows organizations to keep track of large numbers of virtual machines. " VMware VMotion provides the ability to move live virtual machines between ESX Servers with minimal interruption to production operations. This enables agility for IT workload placement and can be used for features such as maintenance and disaster recovery. " VMware DRS features allow organizations to dynamically manage virtual machine resource allocation without requiring administrative effort. " VMware Consolidated Backup simplifies backup administration while minimizing performance impacts to production virtual machines. This helps automate and simplify an otherwise difficult and time-consuming task that can also involve down-time. Overall, these features help organizations deploy and manage virtualization for mission-critical applications. 4 White Paper Untitled Document Virtualization Management Challenges The benefits of virtualization and the ways in which VMware ESX Server can help simplify IT operations come at the cost of various management-related challenges. This section focuses on issues that must be addressed when supporting a virtualized infrastructure. VM Sprawl Organizations that start to support virtualization technology quickly find themselves supporting large numbers of virtual machines throughout the environment. As end users and systems administrators can quickly and easily create new virtual machines, IT teams often find themselves supporting hundreds of new OS instances. Keeping track of these virtual machines and ensuring that they meet IT standards is a difficult task. Heterogeneous Environments A helpful benefit of using virtual machines is the ability to deploy many types of OS platforms and environments. Although this can help support legacy workloads, it forces IT departments to support a much broader variety of systems. IT teams need the tools and expertise to make sure that all their guest OSs are properly secured and configured. Lack of IT Management The process of deploying new physical machines often involves numerous steps, including purchasing hardware and physically deploying the systems into a production data center. These steps help ensure that IT experts are involved in production deployments. New virtual machines, however, can literally be created and deployed within a matter of minutes. Often, new virtual machines are deployed without IT oversight. The end result is a proliferation of systems that might not meet IT security policies and management best practices. Managing Virtualization with NetIQ AppManager for VMware 5 Untitled Document Migrating to a Virtual Environment The first step in managing virtualization is related to the deployment process. One approach is to move existing workloads into a virtual machine, a process that is commonly referred to as a Physical-to-Virtual (P2V) conversion. The other option is to create new virtual machines into which applications and services are installed. Regardless of the approach, organizations need to keep several management aspects in mind. Capacity Planning To meet business and technical requirements, IT departments must be able to determine their current and future infrastructure needs. Details include determining how many applications can be supported given the current hardware configuration, and planning for future purchases. As each service or application will have unique hardware resource requirements, performance characteristics must also be considered. Even in small environments, this information can be difficult to manage manually. Determining Optimal Virtual Machine Placement When deploying virtual machines, organizations must be able to identify which host systems are the most appropriate targets. When system resources are under-utilized, organizations will leave potential capacity untapped. However, systems that are over-utilized will likely result in performance or availability problems. The goal is to combine workloads based on compatible resource requirements. For example, a CPU-intensive workload should be combined with one that primarily requires disk or network resources. 6 White Paper Untitled Document Monitoring Mixed Virtual and Physical Environments Although virtualization technology can provide many IT-related benefits, it is not the ideal solution for all types of workloads. Resource-intensive applications and services that can take full advantage of a physical machine are best left on their own systems. The result is that IT departments must support a mixed environment that contains both physical systems and virtual machines. All of these systems will be running their own OSs, so standard enterprise management tools can be used to support most operations. However, there are several additional concerns for managing virtual machines. Unified Management of Physical and Virtual Resources Regardless of the target onto which an application or service is deployed, IT departments must make sure that their systems are available for use. To simplify management, enterprise monitoring tools should provide a unified view of both physical and virtual systems. Administrators should be able to clearly identify the relationships between host servers and the virtual machines that they contain. Continuous Monitoring of Dynamic Environments Unlike physical machines, the configuration of virtual machines can be quickly and easily changed. Common operations include: " Renaming a virtual machine " Moving a virtual machine to a new host system " Creating a copy of a virtual machine " Changing virtual hardware configuration settings (memory, disk, network, and so on) In a typical data center, physical machines are always available for management. Virtual machines, however, can be powered off or can be placed on isolated networks. In these cases, a virtual machine may be undetectable on the network. Automated network scanning tools would be unable to find the virtual machine and notify administrators of its presence. The danger is that when the virtual machine is powered on, it could lead to security vulnerabilities or other related issues. Managing Virtualization with NetIQ AppManager for VMware 7 Untitled Document Monitoring Virtual Machines: Which Features to Look For To address monitoring issues, an enterprise management system must be virtualization-aware. This capability can address common problems by connecting to host systems (such as a VMware ESX Server installation) and enumerating the virtual machines that are defined on that system. Additionally, virtual machines can be uniquely identified so that organizations can keep track of workloads that are moved between systems. Finally, it s important to group virtual machines based on the type of applications and services that they support. This provides for simplified management of even large numbers of virtual machines. Automated virtualization management solutions should also provide support for a broad range of guest OSs, including Linux, UNIX, and Windows. Each of these systems has its own methods of monitoring and management and a unified system can help decrease the overall effort required to maintain them. Managing and Reporting on Performance Virtual machines are an ideal solution for dealing with dynamic capacity and system resource requirements. New virtual machines can be quickly and easily deployed, so IT departments can take on the role of a service provider for the organizations they support. To ensure that system requirements are being met, reporting metrics are necessary. Details might include uptime and performance statistics and application-specific metrics. 8 White Paper Untitled Document Implementing Service Level Agreements Often, organizations will find their business and technical priorities to be out-of-sync. A common challenge for IT departments is staying aligned with business goals with relation to levels of service. Service level agreements (SLAs) are a method by which organizations can define the most important requirements and measure their delivery against those requirements. Figure 3 provides some examples of SLA metrics and goals related to virtualization. Figure 3: Sample SLA terms and metrics for virtualization. Managing Charge-Backs Despite the strategic advantages of IT initiatives, many organizations see their technology departments as cost centers. The problem is that IT often has to resist or delay new deployments based on cost and resource limitations. Charge-backs are a method by which IT organizations can spread data center costs throughout the environment. For internal IT customers, managers can generate reports to specify virtual machine resource usage (including CPU, memory, disk, and network resources). Additionally, service providers can provide virtual machine access to customers outside of their organizations. Both approaches require careful monitoring of guest and host OSs. Benefits of Scripting and Automation Systems administrators often spend a large portion of their time on tasks that can be automated. For example, the steps required to create, configure, and deploy new virtual machines are often consistent. When managing virtual machines, the same change might need to be applied to hundreds of different virtual machines. Scripting and automating features offer a great way to meet these needs. Enterprise management solutions should provide a flexible and extensible framework that allows IT staff to reliably manage all their physical and virtual systems. Managing Virtualization with NetIQ AppManager for VMware 9 Untitled Document Optimizing Virtualization Management with NetIQ AppManager for VMware Thus far, the focus of this paper has been on identifying virtualization management challenges and providing some best practices recommendations for addressing those issues. Unfortunately, it is very difficult for IT staff to implement these practices manually. The numbers and types of systems that are supported can be large. And the issue of virtual machine sprawl can make monitoring and configuring these systems all but impossible. Furthermore, IT staff must have in-depth knowledge and expertise of all the systems they manage in order to meet the organization s requirements. All these challenges lead to the necessity of an enterprise-aware virtualization management platform. NetIQ AppManager for VMware has been designed to meet the needs of organizations that support both virtual and physical machines. An Overview of NetIQ AppManager Suite The NetIQ AppManager Suite is designed to provide a complete performance and availability systems management solution. It supports the management of a wide variety of critical enterprise applications and technologies, including VMware ESX Server. Advantages of AppManager include ease of installation, support for heterogeneous infrastructures, and scripting and customization capabilities. As the goal is to maximize Return on Investment (ROI) and to provide greater visibility and control into an entire IT environment, the AppManager Suite is an ideal solution for managing hybrid physical and virtual environments. Managing and Monitoring Features As mentioned earlier, a primary challenge of dealing with virtualized infrastructures is the ability to identify the relationships between virtual and physical systems. NetIQ AppManager for VMware provides systems administrators with the ability to gain a unified view of their virtual machines and physical servers using a single, centralized console. Figure 4 provides an example of the primary user interface. The console visually identifies the relationships between groups of physical servers and the virtual machines they are hosting. 10 White Paper Untitled Document Figure 4: The NetIQ AppManager for VMware user interface. Supporting Large Virtual Environments As organizations grow, they tend to additional VMware host servers, often expanding to multiple installations of Virtual Center. NetIQ AppManager for VMware has the ability to connect to multiple Virtual Center configurations through a single user interface. To help manage large numbers of virtual machines, the system can automatically discover virtual machines by connecting to Virtual Center. The terminology and details are consistent with VMware standards, making the system accessible to both VMware experts and less-experienced systems administrators. To further simplify management, administrators can also place virtual machines into named groups. Continuous Monitoring Due to the portability benefits of virtual machines, IT organizations often find that their virtual environments are rapidly changing. NetIQ AppManager for VMware can uniquely identify virtual machines and monitor them as they are moved between host servers. This helps administrators manage issues in which virtual machines are frequently moved, copied, or off-loaded to other systems for maintenance and load-balancing purposes. Managing Virtualization with NetIQ AppManager for VMware 11 Untitled Document Reporting Features As organizations depend on virtual machines to enable critical business operations, keeping track of performance metrics are important concerns. NetIQ AppManager for VMware provides strong reporting functionality that provides insight into overall operations of the entire environment. Details can be used to track actual performance against SLAs and to facilitate a charge-back model based on actual systems usage. Organizations can also take advantage of escalation policies to ensure that important events and information are not overlooked. Automating Corrective Actions Many common problems that arise in production environments can be resolved fairly quickly and easily using standard troubleshooting methods. When systems administrators perform the operations manually, it can take significant time and effort to address these issues. In environments that support hundreds or thousands of VMs, manual management can quickly become impossible. NetIQ AppManager for VMware provides IT environments with the ability to automatically take corrective actions whenever problems occur. The result is quicker time to resolution without requiring manual effort. Extensibility and Automation A common challenge in virtual environments is keeping up with the administrative tasks required to deploy and manage large numbers of virtual machines. NetIQ AppManager for VMware is designed with flexibility and extensibility in mind to support automation of common tasks. Integration with VMware Web Services NetIQ AppManager for VMware works using several management methods, including VMware s Web services-based management features. This allows the product to use a standard and extensible approach to access all the functionality that is available within VMware Virtual Infrastructure and its accompanying technologies. For example, administrators can take advantage of VMotion to move virtual machines with minimal disruptions to the production environment. NetIQ AppManager for VMware can provide notifications of these actions to systems administrators to ensure that VM-related changes are not overlooked. Scripting Features In addition to using the built-in management features in NetIQ AppManager for VMware, IT staff can take advantage of scripting capabilities to automate common tasks. The process of deploying, moving, or copying virtual machines can be simplified by creating new scripts or modifying existing templates. Scripts can be written using standard scripting languages with which systems administrators and developers are already familiar. This helps leverage their knowledge and expertise to reduce manual administration effort. 12 White Paper Untitled Document Managing Virtualization with NetIQ AppManager for VMware 13 Summary Server virtualization technology can provide many significant advantages to IT departments. Although benefits such as increased hardware utilization and the ability to create a dynamic environment are useful, IT departments must also consider important issues related to managing virtualization. Considerations include deploying new virtual machines, monitoring a mixed physical/virtual infrastructure, and optimizing overall management. NetIQ AppManager for VMware is designed to provide a best practices approach to managing virtualization while simplifying many of the most difficult tasks. Overall, organizations can use NetIQ AppManager for VMware to realize the benefits of virtual machine technology while minimizing administrative costs and overhead. Resources for More Information The following table provides links to resources for more information about the NetIQ AppManager platform. Site URL NetIQ Home Page http://www.netiq.com NetIQ AppManager Suite Production Information http://www.netiq.com/products/am/default.asp NetIQ AppManager for VMware Product Information http://www.netiq.com/products/am/modules/vmware.asp VMware Home Page http://www.vmware.com/ VMware ESX Server Product Information http://www.vmware.com/products/vi/esx/ VMware Virtual Infrastructure 3 (VI3) Product Information http://www.vmware.com/products/vi/