VI3 Review Extra: VMware administrator's features

Improved VM snapshotting, useful cloning, and rich performance reports round out the VI3 management tools

On top of the live virtual machine migration, automated load balancing, and high-availability capabilities explored in our main article, VMware Infrastructure 3 has a number of other features that will be important to IT. Here's a rundown:

VM snapshotting  This key feature enables admins to take live snapshots of the current disk and RAM contents of a server and store them. You can use a snapshot to back up the server without running into file locking problems, or to run before major system updates are applied, ensuring that the server can be brought back to a known good state in seconds. VI3 adds the ability to manage multiple snapshots of a single server, where ESX 2.5 could handle only one at a time. Snapshotting is an invaluable tool that makes major changes to running servers much less threatening. The only downside we discovered is that no confirmation dialogue appears when reverting to a snapshot. If you happen to click the button, you’ve just sent your server back in time. Also, when running iSCSI LUNs in Virtual Compatibility mode, taking a snapshot of a server with an iSCSI LUN attached will result in a VI3 snapshot encompassing the LUN. This action is configurable, but the default is to handle the snapshot in this manner.

VM cloning and templating  With these new tools, a single VM can be built and configured, then converted to a template for use in manual or automatic VM creation. For Windows Server 2003 and 32-bit operating systems, VMware offers customization tools that will handle Sysprep on the Windows servers and IP/hostname changes on the Linux VMs that are built from a template. Thus, with a single “gold” template of a production server, multiple clones can be built with a few mouse clicks, with each cloned VM receiving a unique identity, name, IP address, and so forth. When coupled with customized actions in response to alarms and the VirtualCenter scripting API, it’s possible to completely automate the addition of new servers into a Web farm when load increases, for instance. In one customer case that VMware highlighted, when the load on existing Web server VMs passes a certain point a set of custom scripts and alarm configurations will build new Web servers from a gold template, add an entry into the load balancer, and inform admins that the action occurred. All the BlackBerry-carrying server admins sitting around the console in the Fergenschmeir datacenter looked at one another and instantly flashed on the server failures caused by a recent weekend Slashdotting and the subsequent reduction in their opportunity to spend that weekend drinking beer on a floaty in the pool.

Cloning is subject to the same LUN mapping surprise as snapshotting. On a file server with a 4GB local disk and a 400GB iSCSI volume, this results in a 404GB snapshot, which can be inconvenient to say the least. Again, this is customizable, but the default is to clone every disk. Also, the lack of customization support for 64-bit Linux servers and some more recent OS releases is perplexing and should be remedied, especially given the relative ease of the operation.

Reporting  VirtualCenter 2 and VI3 provide some seriously thorough performance data, which is gathered at the host and VM level. Useful graphs are available at the click of the mouse, and data exports in CSV format are also readily available. All of this data is gathered by the VMware agent running on all VMs and reported back to the VI3 host. The only problem we encountered here was a Red Hat Enterprise Linux 4 VM that had a fully functional VMware tools installation, and then suddenly didn’t. Performance data on that host was no longer available, although host-initiated actions such as guest shutdown worked. The end result was that this VM was orphaned, because Distributed Resource Scheduler had no data with which to make resource management decisions. The problem wasn’t resolved by reinstalling the tools, and it remains a mystery. No other VM exhibited this behavior, but this small perplexing problem had some Fergenschmeir admins grumbling.

Delegated administration  But the Fergenschmeir techs were all happy to see the straightforward user and group management within VI3. By attaching to an Active Directory domain, VirtualCenter can take full advantage of the user and group layout of the directory in determining who gets access to what. Based on a cluster, host group, or individual server level, administration of virtual machines can be delegated granularly. For Fergenschmeir, this meant defining one host group for the Web servers and another for internal file/print and Exchange servers. Members of the Active Directory Webmasters group had full access to the Web and MySQL VMs, but couldn't even see the others, while the converse was true for the internal Windows admins.

Network-based licensing  New to VI3 is FLEXlm licensing, whereby a license server running on the VirtualCenter server distributes licenses to participating VI3 servers over the network. Unlike many FLEXlm installations, however, VI3 servers do not continuously communicate with the license server, but check out a license during boot, and then refresh that license every week or so during normal operation. The license keys are installed on the VirtualCenter server as a single file.

When a new VI3 host is built, it is unlicensed. Installing these licenses per VI3 host requires configuring the license server IP address on the VI3 host through the configuration pane of VirtualCenter and selecting the options desired on that host.

Extensibility  Finally, VMware VI3 and VirtualCenter both come with a thorough API, and every function present in VirtualCenter is available via a SOAP interface. This makes customization not just possible, but simple. The network stack, for instance, is fully modular, allowing custom code to be inserted along the way to permit vendors or more advanced IT shops to introduce their own code into the mix to provide functions not already present in the solution. Also, as mentioned before, it’s relatively simple to script VirtualCenter actions to be triggered on alarms or manually.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies