BEST PRACTICES BES

TO PREVENT AND MANAGE VM SPRAWL

By A Anil Desai

Implementing virtualization has become a fairly simple process. The marketplace features numerous mature virtualization products, and administrators have several options to reduce costs and consolidate their infrastructures. As with all technology, however, virtualization must be managed. The primary challenge is in implementing a virtual infrastructure and managing it well.
In many ways, you can treat virtual machines

VM Sprawl: Causes and Impacts

A primary cause of VM sprawl is when an organization doesnt plan for virtualization deployment. Often, a virtualization rollout begins when administrators start creating VMs in an ad-hoc fashion to support new applications and services. They typically focus on the rapid deployment and benefit of server consolidation, but fail to perform capacity planning or to implement managementmethods. In other cases, IT departments fail to create or update standard operating policies and practices to account for virtualization. While VMs can be created, moved, copied, and reconfigured in a matter of minutes, the potential effects of these actions on the production data center can be quite serious.

About the Author

Anil Desai is an independent consultant based in Austin, Texas, who specializes in evaluating, implementing, and managing IT solutions. He has managed environments that support thousands of virtual machines and has written several books on virtualization and IT management. Desai also has presented at dozens of conferences and is a frequent contributor to online and print magazines. For more information, please see http://AnilDesai.net or email Anil@AnilDesai.net.

(VMs) just like physical machines. They typically run their own operating systems, require security updates and patching, and generally must follow standard IT best practices. However, VMs also pose some new challenges that system administrators must consider in order to effectively maintain their data centers. When left unmanaged, virtual environments can experience a problem similar to server sprawl. VM sprawl is the rapid proliferation of VMs without adequate IT oversight. This article provides recommendations for managing virtual environments and for preventing issues related to VM sprawl.

Best Practices to Prevent and Manage VM Sprawl

Consider, for example, the transition of a VM that was originally designed for test purposes into a live, production environment. Organizations generally wouldnt consider moving an unpatched, insecure desktop computer into the data center. Yet, the same risks appear when systems are deployed into production with little IT oversight or review. Worst of all, several IT administrators dont even know how many VMs are running in their data centers or how theyre being used. Regardless of the source of VM sprawl, an unplanned approach to virtualization can create a long list of problems. Overall, the risks of running an unmanaged virtual environment are significant concerns that must be addressed.

Planning and Deploying VMs

Although its often neglected, planning is an important portion of virtualization management. Organizations should start by understanding the strategic and tactical goals they hope to achieve with virtualization (see sidebar: Regaining Control of Your Virtual Environment). The goal is to figure out which applications and services should be moved to a virtual environment and to which hosts they will be deployed. Planning also applies for any existing VMs theres almost always room for improvement in VM placement and configuration.

The ability to quickly deploy a new OS, application, or service is a key benefit of virtualization. To simplify the process, companies often start with a base VM configuration (part of a VM library). These base VMs follow standard OS configuration, patch management, and security configuration best practices. In order to improve the end-user experience, organizations also can implement tools that allow users to deploy VMs automatically and on demand. Of course, administrators must be sure to define and enforce resource utilization rules and track ownership of VMs in nonproduction environments.

Monitoring the Entire Environment

There are two conflicting trends in IT management. On the one hand, the use of virtualization and other technology has

Potential Dangers of Unmanaged VM Deployments

the potential to simplify the environment and reduce costs. On the other hand, modern applications depend on dozens of data center components. Its not enough for a web application to run well if a dependency, such as a database server or part of the storage or network infrastructure,

Deployment Issues

Lack of IT oversight (deployment of unauthorized VMs) Inconsistent VM configurations Lack of administrative ownership of VMs Difficulty related to identifying and tracking VMs

Administration Issues

Lack of administrator expertise Managing heterogeneous host, guest, and hypervisor platforms Monitoring offline and disconnected VMs Tracking host, guest, and software licenses

isnt running as expected, users will feel theimpact. With virtualization, organizations should invest in tools that are virtualization aware. These systems should be able to monitor and

Resource Management Issues Security Management Issues

Reactive management can lead to downtime and data loss Less-than-optimal VM placement can result in wasted resources

relate performance statistics collected from VMs and from the physical host servers on which they reside. They should be able to proactively identify potential performance problems. Many systems can automatically take corrective actions, such as moving VMs between hosts or reconfiguring VMs with more memory or CPU resources based on changing usage patterns. The end result is a fluid, agile data center environment that partly manages itself.

Verifying adherence to OS and application security standards Demonstrate regulatory compliance

Best Practices to Prevent and Manage VM Sprawl

Regaining Control of Your Virtual Environment

While theres no simple one-size-fits-all solution for managing virtualization, these seven steps provide a good starting point if you find your virtual machines getting out of control. Take Inventory of the Entire Environment Organizations can rely on standard network monitoring tools for basic production systems, but virtualization-aware tools are required to find disconnected or offline VMs. Include all of the assets that matter network devices, physical servers, VMs (if any), and storage devices. Most companies can use a network-based scanning tool that automatically finds existing physical or virtual machines. Those that have a centralized database of asset details can leverage the data as a basis to identify current and potential virtualization host systems. Its important to keep in mind that enterprise management tools must be virtualization-aware to receive a complete inventory of all VMs in the environment and to correlate information between host and guest operating systems. Understand Your Applications Next, look at the services and applications you might want to virtualize. Determine which ones are the best candidates (generally, software that doesnt fully use the capabilities of the hardware it runs on). Organizations have a range of approaches for this step, including using automated software management tools or arranging interviews with specific end-users and business units. Determine Infrastructure Requirements Translate application requirements into measurements for RAM allocation, storage requirements, network requirements, etc. Include both configuration requirements (Internet access via the network and shared storage for automatic failover). Map VMs to Hosts If you havent yet deployed VMs, determine which workloads will play nicely together and then deploy them to host servers that have sufficient capacity. If you have already deployed VMs, find potential performance issues, such as low CPU or memory resources, and rebalance the environment. Sit back and relax Deploying, monitoring, and managing virtualization takes ongoing effort. But, with the right tools and administration approach, organizations can gain maximal benefit of virtualization while remaining in control of the entire data center. Lest you forget the entire point of this process, you can finally rest easy knowing your VMs and the entire data center are well managed. Retire Unnecessary VMs Managing a virtualized infrastructure is much like gardening its often necessary to identify and pull the weeds in order to avoid wasting resources. Many virtualization management tools provide administrators with the ability to define ownership of VMs and to tightly control deployment policies. Often, however, VMs outlive their usefulness. Administrators should scan their host servers for VMs that are disconnected from production networks, that are offline, or that receive very little usage. These VMs can usually be retired. For an added measure of safety, administrators should consider moving all virtualization hard disks and VM configuration files to a near-online or offline storage system for archival purposes. Monitor the Environment Ensure that your environment remains well managed by continually monitoring resource utilization, host and guest OS configuration, and other details. Proactively make changes as needed. Your users might not thank you, but thats the point dont wait for urgent situations to arise. Virtualization-aware automated tools can greatly simplify this process and can automatically make recommendations and configuration changes.

Best Practices to Prevent and Manage VM Sprawl

Security, Compliance, and Auditing

In the world of physical computers, its fairly easy to see what is present in that environment. Typically, system administrators are able to verify the configuration of systems that are deployed to the data center, and they can closely monitor them. With virtualization, however, new systems can be deployed, moved, copied, and reconfigured with no obvious alerts to the administrators. The end result is potential security and compliance issues, which can lead to security breaches, data loss, and downtime. A good approach to addressing these issues is to continually monitor the environment. Administrators should create standard desired configuration templates and compare them to the actual configurations. Any discrepancies should be remediated automatically (wherever possible) or brought to an administrators attention. This approach helps to quickly highlight potential problems so administrators can resolve them before bigger issues occur.

Benefits of Automation
Of course, understanding how to better manage VMs is only part of the overall challenge. Once you know what to do, the challenge is in finding the time, resources, and expertise to actually do it. Small deployments can often be managed using built-in virtualization tools and simple automation scripts. But this approach can quickly become unmanageable as the number and types of VMs increases and virtualization becomes a mission-critical part of the data center. Thats where automation can significantly reduce costs and improve the quality of administration. The following illustration provides an overview of many standard virtualization management best practices that can be automated.

Tasks That Can Be Simplified by Automating Virtualization Management

Assess the Environment
Determine workload resource requirements Measure overall data center capacity Select virtualization candidates

Managing the VM Life Cycle

Like physical servers, VMs typically have a life cycle. Starting from the planning and configuration stages through to deployment, organizations can often leverage existing best practices. Likewise, monitoring is important for all systems in the environment physical and virtual. But VMs present some additional challenges (or, if youre an optimist, opportunities to improve management). They must be uniquely identified and tracked since details, such as MAC addresses, computer names, and host placement, can change quickly. Additionally, when VMs are copied, administrators must be aware of the new system and its maintenance requirements. Because they dont take up physical space, administrators often overlook the importance of retiring VMs that are no longer needed. This is, indeed, a major cause of VM sprawl old VMs never really die; rather, they just hang out on production machines and consume valuable resources.

Manage Virtualization
Enforce policies and processes Select the most appropriate deployment target for a workload Allow end-user self-service deployments according to resource quotas

Administration
Use a single console to manage all guests, hosts, and hypervisors Monitor and reallocate VMs based on host resource utilization Develop and measure against service level agreements (SLAs)

Reporting
Compare desired vs. actual configuration of virtual and physical systems Optimize host hardware resource utilization Proactively detect and resolve performance issues Verify security policy and regulatory compliance

Conclusion
This article outlines some of the ways in which VMs are like miniature physical machines, and, more importantly, how they are different. In order to maintain control of a virtualized data center, administrators must take into account the tasks of capacity planning, monitoring the environment, managing the entire VM life cycle, and verifying security and compliance of all systems. It may seem like a significant challenge, but with adequate planning and the proper tools, administrators can gain the advantages of virtualization while minimizing costs related to management overhead.
The

Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, CA 95054 USA Phone 1-650-960-1300 or 1-800-555-9SUN Web sun.com
SunWin#565985 Lit#SYWP14980-0