The Virtualization Room


May 14, 2008  9:20 AM

VMware pushes desktop virtualization on management and security benefits

Bridget Botelho Profile: Bridget Botelho

VMware Inc. Senior Director of Enterprise Desktops Gerald Chen visited our office on Tuesday morning to discuss the different types of desktop virtualization and answer common questions about Virtual Desktop Infrastructure (VDI), for example, how it differs from terminal services and cost issues.

Here’s how VDI works: each end user gets a virtual machine (VM) that is deployed from a server in the data center directly to a PC, laptop or thin client computer. Each VM is customizable, so all of the user’s settings are saved and re-booted each time the user signs in, Chen said.

When a user logs off for the day, their VM goes idle, and wakes back up when the user logs into their system again, according to Chen. Chen believes that the advantage of VDI is that sensitive data is not being stored on desktops, which can easily be lost or stolen, and these virtual desktops are easier to manage than physical ones.

“VDI is great for industries like health care that are really concerned about information security and compliance. The real value though, is in management. All of the information is safe in the data center, and centrally managed through Virtual Infrastructure,” Chen said. “For instance, if you have 100 new employees who need desktops, you can deploy a VM for each of them in just minutes, and manage all of them centrally.”

VDI is different from Sever Based Computing (SBC) systems like Citrix Systems Inc.’s XenApp in that VDI is connects a single user to a single operating system (OS), instead of having multiple users share one OS.

“Not every application likes to share an OS, and there is also bad isolation; if one application crashes, everyone sharing that OS crashes as well. Those desktops can’t be customized either. It is a locked environment.”

Chen went on to explain that with VDI, four to ten VMs per server core are supported, so a server with one quad-core processor can, theoretically, house 40 VMs. Of course, that varies depending on things like workload, applications and memory. If the VMs become too heavy for the server to handle, management features in VI3 intervene. VMotion can move live VMs from one server to another when capacity issues arise, as can Dynamic Resource Scheduler, which allocates and balances computing resources as needed using VMotion.

Desktop virtualization case study
As VMware announced customer case studies in February, including one at Huntsville Hospital in Huntsville, Alabama.

The hospital needed to implement a new medical information application throughout its network while protecting HIPAA-related data. Deploying hosted desktops on VMware, the hospital could lock down sensitive patient data and reduce the cost and complexity of desktop management.

They used combinations of thin clients and blade servers to access the centralized virtual desktops, and in turn, reduced power consumption across the hospital by 78%, improved longevity with lower hardware maintenance needs and made wireless thin clients on wheeled carts available to hospital staff. Also, doctors can remotely access their VMs through the Internet using a web browser when necessary.

The downside to desktop virtualization
While the benefits are clear, there are some downsides to desktop virtualization: extra storage and initial cost.

Chen told SearchServerVirtualization.com that VMware is working on reducing image sizes and has designed a way to keep only one copy of files that are identical among many users, like icons and other graphics, to reduce the amount of storage necessary.

The cost of implementing desktop virtualization turns users off. According to Ars Open Forum blogger ‘Bright Wire,’ the cost and the magnitude of system upgrades required is not worth the benefits.

“The cost of deploying virtual desktops is massive,” Bright Wire wrote. “You will need to re-gear your existing desktops to run the virtual or you will need vendor equipment that costs twice as much as a new desktop. Either way, the cost is big in manpower. On top of that, your infrastructure will need serious review.”

According to VMware’s product specifications, local desktop virtualization requires a 500 MHz or faster processor with recommended 256 MB of memory, though Forrester reports that PCs must be faster and have more RAM to work efficiently.

“In addition you need to look into the server infrastructure,” Bright Wire said. “You are talking about needing a lot of iron on the backside to handle the needs of the server to supply two to 16 desktops. All this adds up quickly and can easily swamp a datacenter.”

As for pricing complaints, VMware is used to hearing them and holds firm to the ‘you get what you pay for’ mantra, saying the management benefits are worth the price.

The company charges $150 per concurrent user plus additional costs for support, either Gold or Platinum levels. Both bundles include VMware Infrastructure Enterprise Edition for VDI (which consists of VMware ESX Server 3.5 and VirtualCenter 2.5) and the VMware Virtual Desktop Manager 2. The VMware VDI Starter Edition, which enables 10 virtual desktops, has a list price of $1,500. The VMware VDI Bundle 100 Pack, which enables 100 virtual desktops, has a list price of $15,000.

The market indicates a demand for desktop virtualization, as a number of other vendors also entered the desktop virtualization space including Sun Microsystems Inc., Citrix., Pano Logic Inc. and Symantec. Chen would argue that many customers come for reduction in hardware but stay for the management applications.

“Reducing hardware costs is not a reason to use VDI, it is management. We have customers who have seen 40% to 50% ROI in terms of management costs and the amount of time it frees up.”

May 13, 2008  9:36 AM

Burning in virtual server RAM prevents headaches

Eric Siebert Eric Siebert Profile: Eric Siebert

When system administrators receive new servers, they are often anxious to get them unpacked, in the rack and loaded up with ESX so they can start creating virtual machines. But an important first step should be done before proceeding with virtualization software installation on the server: always burn-in the memory to test for defective memory modules.

Defective memory will usually be unnoticed in a newly-deployed server and it may be months before signs of defective memory start to show. In one group of five HP servers, I had to replace seven memory DIMMs over an 18 month time period. Most of these were eventually detected by HP’s Insight Manager agents that reside on the server, but two of them caused hard server crashes of VMware ESX servers commonly known as a PSOD (Purple Screen of Death). A PSOD on one of your production servers, loaded up with important virtual machines, is never a good thing. You can reduce your chances of this happening by burning in your memory.

Most servers do a brief memory test on startup as part of their POST procedure. This is not a very good test and will only detect the most obvious of memory problems. A more thorough test checks the interaction of adjacent memory cells to ensure that writing to one cell does not overwrite an adjacent cell.

A good, free memory test utility is available, called Memtest86+, that performs many different tests to thoroughly test your servers memory. You can download it as a small 2MB ISO file that can be burned to a CD and booted on your new server. Let the memory burn-in for at least 24 hours (the longer the better though). Memtest86+ will run indefinitely and the pass counter will increment as all of the tests are run. The more RAM you have in your system, the longer it will take to complete one pass. A system with 32GB will generally take about one day to complete. Memtest86+ not only tests your system’s RAM but also the CPU L1 and L2 caches. Should it detect an error, the easiest way to identify the memory module that caused it is to simply remove a DIMM and run the test again and repeat until it passes. Documentation on Memtest86+ includes troubleshooting methods, detailed test descriptions and the causes of errors.

If you already have ESX servers running and want to test their memory, you can use the little known Ramcheck service to do this while ESX is running. This service is non-disruptive and runs in the background consuming minimal CPU cycles.

The extra time you spending testing memory before deploying servers helps eliminate potential problems down the road.


May 12, 2008  7:51 PM

Savings from a green data center takes time to grow

Keith Harrell Profile: SAS70ExPERT

Last month, SearchServerVirtualization.com blogger Eric Siebert discussed the cost benefits of virtualization, which stirred some discussion about the role these savings play in the larger scheme of server virtualization strategies.

It seems that the virtualization gospel of cost reduction has drawn criticism from some who see these claims as pie-in-the-sky deals, or at least not as awe-inspiring when compared with less apparent expenses. While Siebert focused on the savings created by decreased data center power consumption, his blog received this response on the Virtual Data Center blog:

I think that the core message behind Eric’s post is a good thing, but it’s missing the big picture. Thinking that saving on raw power is going to translate dollar-for-dollar into OpEx savings is short-sighted. Please do begin looking into power consumption as one of your data center cost metrics and as part of your overall virtualization strategy, but also factor in everything else that’s going to be required to complete this task. You may find that you save a ton of money within 12 months of converting, or you may find that savings is much less than you originally anticipated; just make sure you know that before hand and know what you’re getting into so you don’t promise your CIO $1M in savings only to spend $950k getting there.

While Siebert’s original comments were limited to the savings associated with a 10-to-15-cent reduction per kilowatt-hour (resulting in estimated savings of between $219,000 and $328,500 for this particular project), Siebert agrees that any enterprise virtualization project requires a financial investment up front. “ROI will occur over time,” according to Siebert, “and will be a big factor in offsetting the costs of the project.” But the Virtual Data Center blogger Alan Murphy insists that savings can be misleading, a virtual “red herring” that drives customers to adopt virtualization under the mistaken impression that the technology amounts to free money.

Decreased power consumption is not the only way to save on utilities. As Bridget Botelho reported a few weeks ago, utility companies now offer rebate incentives to data centers that adopt power-saving virtualization technologies. Apparently, though, few adopters have cashed in on these rebates because of some loopholes.

Other data center changes that accompany virtualization projects can also contribute to power-related savings. Jacinda Duffy, a network administrator at Ecom Atlantic Inc., tells us that when her organization virtualized its data center six months ago, it brought in a heating, ventilation and air conditioning (HVAC) company to diagnose the airflow in its server room. After determining that hot air from the ceiling actually flowed back into the server room on weekends, HVAC technicians redirected the ceiling airflow to alleviate the room’s cooling demands. As a result, the settings on the company’s cooling units’ thermostats were adjusted to a higher temperature. Finally, after having consolidated its servers, Ecom Atlantic decided to space them out to allow for a more efficient airflow between servers. While it has only been a few months with the room’s new layout, Duffy anticipates some “significant savings in the near future.”

If you are cultivating your own green data center savings, we’d like to hear about your experience. Feel free to drop us a line and let us know how you are doing it.


May 9, 2008  11:18 AM

VMTN and ITKE communities offer free support

Eric Siebert Eric Siebert Profile: Eric Siebert

VMTN, VMware’s support forums are an excellent resource: You will find a very high level of participation in the forums from users all over the world with many experienced and talented users who volunteer their time to help others, not unlike our own IT Knowledge Exchange.

The forums are a free resource for anyone to use with many users using the forums as an alternative to contacting VMware’s technical support. It’s not unusual to get an answer to your question or a solution to your problem within minutes of posting to the forums. Most new users are surprised by the speed, quality and number of answers that they receive to their posts. The forums are also a great place for users to share experiences, build relationships and strategize with other members. Many VMware employees also regularly participate in the forums by lending their expertise.

Like the IT Knowledge Exchange, the VMware forums tend to be a little competitive with users competing to collect points for posting responses to questions. Six points can be awarded by the person who asked the question for up to two helpful responses and ten points can be awarded to one response that is deemed correct. The point system allows people to gain status levels as their points increase. There are nine status levels ranging from Lurker (0-5 points) all the way up to the elite Guru level (20000+ points). As of today, there are currently 442,452 forum members with an average of about 20,000 new members being added each month. The chart below shows the breakdown of users by status level.

Total # of Users

Status Level

Point Range

5

Guru

20001 – 50000 points

12

Champion

10001 – 20000 points

20

Virtuoso

5001 – 10000 points

52

Master

2001 – 5000 points

150

Expert

751 – 2000 points

358

Hot Shot

251 – 750 points

2,005

Enthusiast

51 – 250 points

439,850

Novice/Lurker

0 – 50 points

I would like to recognize a few of the talented VMTN members that consistently take time out of their day to help others with their only reward being recognition points and the satisfaction of knowing they helped out a fellow VMware user. Much thanks and appreciation to: Oliver Reeh (Oreeh), Dave Mishchenko (Dave.Mishchenko), Tom Howarth (Tom Howarth), Steve Beaver (Sbeaver), Edward Haletky (Texiwill) and Ken Cline (Ken.Cline).

Of course, these are just a few of the many forum members who help the VMware community. Judging from the numbers in the chart above, there are over 500 people at the Hot Shot level or above who answer the most posts from other forum users.

If you use any VMware product, I highly recommend that you check out the VMTN forums and check out the IT Knowledge Exchange. You’ll undoubtedly find that reading posts on the forums is a great way to expand your own knowledge.


May 9, 2008  10:52 AM

Staying vigilant about virtual security

Eric Siebert Eric Siebert Profile: Eric Siebert

With all the talk about virtual security these days , you would think that people actually are addressing the concerns over security in virtual environments. However, many administrators resist implementing strict and proper security measures in their environments because of administration inconveniences that tighter security usually causes.

For example, the default settings of VMware ESX prevent users from using secure shell (SSH) to log into the server as the root user. Yet, the first thing many users do is to modify the SSH configuration to allow root access via SSH because this is a more convenient way to log into Service Console. The correct and more secure way to do it would be to setup a separate SSH user account and then use the SU – command to gain root privileges. Xtravirt has published a good step by step guide on how to do this here.

When you virtualize servers, additional security measures should be followed in addition to standard ones that you would use for physical servers. Most importantly, the host system must be protected at all costs: If someone gains control of the host server then all of the VMs that run on the host can be compromised. The Center for Internet Security (CIS) has published some security guidelines for ESX and virtual machines that I would recommend you read through and follow to ensure your environment is secure. Xtravirt has a great security assessment template that they’ve put together that you should look at also.

Virtual networking is another critical area for securing virtual hosts. Virtual switches differ from physical ones and must be properly configured to ensure secure host and virtual machine network traffic. Often, simple recommendations like isolating Service Console and vMotion traffic are not followed, which creates unnecessary risk and exposure of your hosts.

Are you willing to risk losing your data? Data breaches can result in negative press exposure, lawsuits and fines. I would encourage everyone to please take security seriously. Security may cause some administration inconveniences and headaches, but they are a small price to pay to ensure that your servers, and more importantly your company’s sensitive data, is well protected and safe.

To help you with this I’ve included a list of some good virtualization security blogs and websites that you should check out:


May 8, 2008  9:10 AM

Citrix XenServer now shipping in Dell PowerEdge servers

Bridget Botelho Profile: Bridget Botelho

Citrix Systems, Inc.’s XenServer hypervisor is now shipping in Dell PowerEdge servers, following the partnership accouncement in October 2007.

With Dell, initial products available worldwide include the Citrix XenServer Dell Express Edition and Citrix XenServer Dell Enterprise, both of which include Dell’s management software, Dell OpenManage System Management. Express Edition is a free download that can be upgraded to Enterprise edition. 

By factory-integrating the Citrix XenServer hypervisor into Dell PowerEdge platforms, users can deploy virtual machines (VMs) when they start up their systems for the first time. Also, the XenServer Dell Enterprise Edition does not require additional management licenses or hardware. Also, upgrades for features like live migration on Dell’s MD3000 direct attached storage arrays can be made easily, by imputing a license key.

In March, Hewlett-Packard began shipping XenServer embedded in ProLiant servers. HP’s servers also have specific versions of XenServer called HP Select Edition, which differs from traditional XenServer in that it is tied into HP management tools, like HP Insight Control and HP Integrated Lights-Out for remote server management, according to a Citrix spokesperson.

In light of its partnerships with HP and Dell, Citrix simplified its licensing model recently to per-server, instead of per core, as reported on SearchServerVirtualization.com. This way, users can deploy an unlimited number of virtual machines or guest operating systems on each physical server for a single price, regardless of whether it has one, two or four CPU sockets.


May 6, 2008  8:11 AM

ClearCube spin-off focusing on desktop virtualization

Bridget Botelho Profile: Bridget Botelho

Austin, Texas-based ClearCube announced today that its desktop virtualization software business is being spun-off into its own company, VDIworks.

VDIworks will provide the VDIworks Sentral Virtual Desktop Platform for desktop computing and virtual desktop management, which includes connection brokering, virtual machine, host and thin client management, load balancing, health and asset monitoring, inventory management, disaster recovery and support for back-end hardware and user access devices.

ClearCube will continue providing desktop computing products, including desktop virtualization software, PC Blades and thin client terminal servers.

VDIworks and ClearCube will operate seperately but under an OEM agreement whereby ClearCube will continue to market and promote the VDIworks software under the Sentral VDI Management Software brand, and the Sentral management software will still be part of ClearCube’s centralized desktop computing offerings. ClearCube customers will still get support in their current license agreements with ClearCube, and VDIworks will add OEM relationships with third-party vendors, said Rick Hoffman, former president of ClearCube and now president of VDIworks.

“Users should not notice any changes, because the support, features, benefits, etc. will all be the same,” said Hoffman.

VDIworks will receive seed funding from current ClearCube investors and will seek additional funding to support growth. About 35 research and development employees in the U.S. and Pakistan will also move to VDIworks.

Because ClearCube’s Chief Executive Officer is taking over VDIworks, ClearCube’s Chief Operating Officer Randy Printz has been promoted to president and CEO. Rick Hoffman will be joined on the VDIworks side by Chief Technology Officer Amir Husain.

Desktop virtualization is a popular vendor offering right now, with companies such as Sun Microsystems Inc., Citrix., Pano Logic Inc. and VMware Inc all offering a flavor of desktop virtualization, but users report hesitation in using it due to cost.


May 5, 2008  8:15 AM

Ericom desktop virtualization now available on Oracle VM

Rick Vanover Rick Vanover Profile: Rick Vanover

Today, Ericom software announced the availability of Ericom PowerTerm WebConnect for Oracle VM desktop virtualization (VDI) software as a free download. This announcement of an Oracle VM for the PowerTerm VDI product extends Oracle VM’s footprint to the VDI space with an Ericom product that has excelled over the years in products based on terminal services.

Ericom currently offers support for the 14 largest hypervisors including Oracle VM through products such as WebConnect. In this configuration, the Oracle VM virtual host is managed by Ericom’s WebConnect instead of Oracle VM Manager. This configuration of Oracle VM is the base product without modification. WebConnect provides the address and credentials to the Oracle VM virtual host to start the configuration and management process.

I had an opportunity to hear from Oracle and Ericom about this release. Eran Heyman, CEO of Ericom said that his company “wants to remove the barrier of entry for a VDI solution,” as many organizations are considering implementing VDI, but do not know where to start in the selection process. “The cost is minimal, licenses will be zero and the equipment can be reused if another solution is chosen” when choosing a Oracle VM, according to Heyman.

The Oracle VM hypervisor and the Oracle VM Manager suite deliver template virtual machines, which model a virtual appliance for database products such as Oracle Database 11g.


May 5, 2008  7:54 AM

Microsoft extends virtualization management footprint with enhancements

Rick Vanover Rick Vanover Profile: Rick Vanover

Microsoft announced that the beta release of Virtual Machine Manager 2008 (VMM 2008 ) will now provide the ability to manage Microsoft Virtual Server, Windows Server 2008 Hyper-V and VMware ESX platforms as part of the expanding Microsoft System Center family of products.

In this beta release, VMM 2008 can interface into VMware Virtual Infrastructure to perform migrations and use a new feature called Intelligent Placement. This feature will identify the best host for a virtual machine using the key components of network, memory, processor and network usage information. Intelligent Placement will interact with a pre-defined set of business rules configured in with VMM 2008.

This beta is available for download now from Microsoft. The release is a welcome addition to the growing management space for virtualization platforms, including cross-platform solutions.  A summary of the new features available with VMM 2008 are available in a downloadable PDF document and from the System Center VMM website.


May 5, 2008  7:51 AM

VMware now officially supports single CPU licensing

Eric Siebert Eric Siebert Profile: Eric Siebert

VMware announced that they will begin support for running ESX on a single physical, multi-core (up to 4) processor.

Previously, the VMware end user license agreement was unclear about whether this was supported, creating much debate over this subject in the VMware forums (see ESX Pricing and VMware Planning). Customers were getting different responses from VMware with some representatives saying it was OK to do this and others saying it was not. One response from VMware on this issue was that it technically would work but that it was not officially supported.

Despite recent support, ESX is only being sold in two CPU increments while only being supported if a physical server is in on the VMware approved Hardware Compatibility List (HCL). This can be advantageous to customers who want to buy lower cost servers with a single processor and use them for less intensive applications. It also allows for smaller customers to buy two single processor, multi-core servers and split a ESX license between them, taking advantage of redundant hardware and features like High Availability and vMotion.

It’s good to see VMware changing their licensing policies to better adapt to customers needs. Multi-core processors have caused many other vendors to change their licensing policies to be more restrictive but VMware has stuck with their per socket licensing model. VMware currently only allows up to four cores per processor but with eight-core processors on the horizion, it’s probably inevitable that VMware will eventually change their licensing.

You can click on these links to read through VMware’s Multi-core and Single Processor licensing policies.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: