Virtualization management

Mobile virtualization management: Valuable but not sexy

There’s been a lot of talk about mobile phone virtualization lately, thanks to the VMware Mobile Virtualization Platform (MVP) and the Citrix Receiver.

These new products hold a lot of promise. But for now, the best application of mobile phone virtualization is to use mobile devices to manage existing virtual environments. The latest release in this area of the market comes from Hyper9, which yesterday unveiled its Virtualization Mobile Manager (VMM).

Continued »

Virtualization tool bundles assist older OSes

Virtualization administrators are in a unique situation where older operating systems (OSes) can potentially “live forever” in the virtual world. While we may not wish to enable older OSes to remain in our environments indefinitely as virtual machines (VMs), situations arise where we need to do just that.

Recently, I had a situation where an older OS had been removed from the installable toolkit platform — in this case it was VMware Tools. The older operating system, Windows ‘98, had been removed from the VMware Tools installation with the release of VMware Server 2.0. While the need for a Windows ‘98 virtual machine is rare, it does exist.

To solve the immediate problem, I was able to install a VMware Tools .ISO image from the 1.0.3 version of VMware Server that I’d been using on another host system. Once installed, the older tools are listed as ‘out of date’ as expected, but the basic features of driver optimization are present on the guest VM.

At first this dilemma did not appear to be much of an ordeal, but it started an important thought process. While Windows ‘98 was the first occurrence of platform removal from a guest toolkit installation that I have observed directly, I don’t expect Windows NT or 2000 guestOSes to be that far from the chopping block of supported platforms.

One way to prevent this issue is to hold onto the tools installations for each platform of the hypervisor. VMware Tools, XenTools and Hyper-V Integration Services all exist as virtual CD-ROM .ISO images that you can hold onto for re-installation on another guest VM. Also, keep in mind that there may not be support from the host side either, so check to see which supported guest operating systems are available.

As you might expect, configuring an environment in this fashion may be met with some skepticism, as it could possibly divert resources. As a result, it may be worth placing this type of guest workload on a free hypervisor like VMware Server or on a similar lower tier of virtualization and storage. Having a flat file backup (.VMDK or .VHD) of the VM is a good idea as well.

While this situation is less than ideal for truly obsolete guest operating systems, the rare instance may arise where archiving toolkits can prove very beneficial.

Getting Started with Hyper-V Manager

Every good virtualization administrator owes it to themselves to survey the field. In today’s virtualization climate, this includes looking at Microsoft’s Hyper-V. Various Hyper-V configurations, including those on Windows Core installations, will need to add Hyper-V Manager to manage, run and configure virtual machines (VMs). Administrators evaluating Hyper-V may have trouble getting started on this step, so let’s go through the required actions to get rolling with Hyper-V.

For Core installations, including the recent free version of the hypervisor, Hyper-V Manager is not able to be run locally. One easy way to manage the remote hypervisor is to add Hyper-V Manager from a separate Windows Server 2008 installation. The most difficult part of getting started with Hyper-V is this specific step. Knowing where to add Hyper-V Manager is not intuitive, especially on the Core installations.

Windows Server 2008 is still somewhat young for widespread adoption in the data center at this point, so the initial configuration may take a moment to figure out. Hyper-V Manager exists as a feature for Windows Server 2008, and adding it is done from running Server Manager, selecting Features, Add Features, expand Remote Server Administration Tools, expand Role Administration Tools, and selecting Hyper-V Tools. This option is shown in the figure below:

Hyper-V Manager is now installed and ready for use on the server. It is important to distinguish that the Hyper-V Manager feature is not included with the Hyper-V Manager role as they are separate items from the Server Manager perspective. Servers with the Hyper-V role can be added to the Hyper-V Manager on the local installation. This takes a little thought to add from a permissions standpoint, and is best done through an Active Directory domain installation for distributed permissions.

For more information on Hyper-V Manager, check out the Microsoft website.

Making a P2V conversion: Tricks for systems with large storage

Converting a system with a large amount of locally attached storage can be a challenging task given the time required to perform the conversion. Here area a few tricks I’ve found that can help ease the pain on these types of conversion tasks.

• Private network: Making a private network between the physical host and the virtual host can provide two benefits. The main benefit is that conversion traffic will be isolated from the rest of the network traffic; the other advantage is that there is no risk of a user or process connecting to any resources and making changes during the conversion. The downside is that there may be special host-side configuration for a temporary network presence to allow the special network.
• Direct LUN mappings: For virtualization platforms that allow guest VMs to access a LUN directly, it can be much easier than performing a lengthy conversion of large data volumes that are already on a storage area network (SAN) and mapped to a physical system. Here is a blog post with a little more detail on that topic.
• Housekeeping: If there is junk on the physical system, does it need to be converted to the virtual environment, which may have more expensive storage? Clean up the candidate’s file system, and perform obvious tasks like emptying the Windows Recycle Bin. This allows for a more accurate re-sizing of the drives during the conversion.
• Agent backup and restore: For standard file volumes, such as a file server, it may make more sense to only convert the system drive and perform an agent-based restore to the virtual machine for the additional volumes. This does not necessarily save time from the entire conversion, but saves time within a tool like VMware Converter.
• Get a good time estimate: If you have to go at the large storage system as-is, make sure you have a baseline of about how many GB can be converted per hour. A good way to test this is to convert a good candidate system of about 100 GB and use that as a multiplier for your environment. There are a lot of factors, such as network speed and traffic, virtualization platform, storage systems (on both ends), and the conversion mechanism used. This allows for a good estimate on any downtime that needs to be coordinated if this applies to the selected workload.

These tricks can make converting a large amount of storage a little less daunting. What tricks have you employed to tackle physical systems with large amounts of storage in the course of being converted to a virtual machine? Leave a comment below and let us know.

Free virtualization tools for tough economic times

Many IT departments feel the squeeze from the current economic crisis and have seen their budgets slashed. When times are tough you must get creative, and the best way to do that is to utilize products that won’t cost you a dime. Can’t afford new ESX licenses right now? Why not recycle some of that older hardware with one of the free hypervisors? Or better yet, take one of your big servers that only runs one application and install ESXi so you can run other applications concurrently. Let’s go over some free products that you can download and use in your VMware environment.

Free hypervisors:
VMware Server – Version 2.0 has lots of new features and can be installed on several versions of Windows, Linux and almost any hardware.

VMware ESXi – The entry-level edition of VMware’s enterprise-class hypervisor; the installable version installs bare metal on a variety of supported and unsupported hardware.

VMware Player – A great tool for starting up virtual machines without installing a full hypervisor on your system.

Free appliances:
The VMware appliance marketplace has hundreds of free appliances that span a variety of categories. Appliances range from simple firewalls to enterprise monitoring systems to full-blown Web and database packages (LAMP). You can run these appliances with VMware Player or import them into ESX/Server/Workstation and run them there.

Free management and reporting tools:
Embotics v-Scout – A free, agentless tool for tracking and reporting on virtual machines in VMware VirtualCenter-enabled environments.

Hyper-9 – This soon-to-be-released free search-based reporting tool is a great addition to every administrator’s toolbox. Watch for its release around the end of the year. If you are interested in participating in a beta version of this tool, drop me an email. Not all beta requests will be approved and the company is looking for feedback if you do participate.

RVTools – A handy little tool that displays a multitude of information about your virtual machines.

Solarwinds VM Monitor – A free management tool that monitors ESX hosts and virtual machines.

Snaphunter and Snapalert – Utilities that can report all running snapshots on ESX hosts, including name, size and date. They can also automatically email reports and optionally commit snapshots.

Visio Stencils – Some free Visio stencils from Veeam, VMGuru and the Visio Café to help you document your environment.

VMotion Info – A free utility that gathers system and CPU information from your hosts and puts it in a single overview to check for VMotion compatibility.

VM Explorer - A management tool that eases management, backup and disaster recovery tasks in your VMware ESX Server environment.

MCS StorageView - A utility that displays all of the logical partitions, operating systems, capacity, free space and percent free of all virtual machines on ESX 3.x or Virtual Center 2.x .

ESX HealthCheck - A script that collects configuration information and other data for ESX hosts and generates a report in HTML format.

Free administration tools:
Putty – A must-have utility for every administrator to remotely SSH into their ESX hosts.

Veeam FastSCP – A great SSH file transfer utility application.

WinSCP – Another speedy SSH file transfer utility application.

KS QuickConfig - Designed to reduce the time needed to deploy and configure VMware ESX servers as well as eliminate inconsistencies that can arise with manual operations.

VP Snapper – A free utility that lets you revert to multiple VM snapshots at once rather than one-by-one.

VMware Converter – VMware’s free application that lets you perform physical-to-virtual and virtual-to-virtual operations.

vmCDconnected – A handy utility that scans all virtual machines in your infrastructure and shows if they have a CD connected to any of them. After scanning you can disconnect all of the CDs with a click of a button.

CPU Identification Utility – VMware’s free utility that displays CPU features for VMotion compatibility, EVC and 64-bit VMware support.

VMTS Patch Manager – A great ESX host-patching application for those who don’t have Update Manager.

Free backup utilities:
VISBU - A free backup utility that runs from the Service Console and provides VMDK-level backups of any VM in storage that is accessible by the host.

VM Backup Script – A backup script to perform hot backups of your virtual machines.

Free storage utilities:
Openfiler – A free, open source, browser-based storage appliance that supports NFS and iSCSI. It can be downloaded as an ISO file to install on a server or as a VMware appliance to import to an ESX host. A great way to get more shared disk in your environment by turning physical servers into network-attached storage servers or turning the local disk on your ESX hosts into shared disk when using the appliance.

Xtravirt Virtual SAN – A free solution that turns local disk space on your ESX hosts into shared VMFS volumes to avoid purchasing costly storage area network disk space.

Free security tools:
Tripwire ConfigCheck – A free utility that rapidly assesses the security of VMware ESX 3.0 and 3.5 hypervisor configurations compared to the VMware Infrastructure 3 Security Hardening guidelines.

Configuresoft Compliance Checker - A free tool that provides a real-time compliance check that can analyze multiple VMware ESX host servers at a time. Also provides detailed compliance checks against both the VMware Hardening Guidelines and the CIS benchmarks for ESX.

If you know of any other free tools that you use in your VMware environment, feel free to list them in the comments section of this post.

The first 45 days of using the virtual machine expiration date

In prior posts, I mentioned that determining how the expiration of a virtual machine (VM) will be managed and implemented is just as important as deciding to have an expiration date. I have been using Emobtics V-Scout since its release in early September of this year, and it is one of the quickest and easiest ways to get started with a VM’s expiration date for free.

Depending on the technology climate, the concept of a VM’s expiration date may or may not be received well by internal IT teams such as developers. I have taken the stance that test-and-development systems should have an expiration date. The expiration date can be extended, of course, but it is more important that it is a defined process. Certain VMs will not have an expiration date, such as a QA environment for a live system. This can be managed in the same fashion as well.

In my experience thus far, I’ve found that the process makes the requesting development teams a little more aware of the system footprint. There has been little resistance to the concept of an expiration date, and it is well communicated from the virtualization team to the requesting groups. Using V-Scout, the procedural steps are to define the owner of the VM as well as the expiration date. When a VM is provided to the requesting group, I generate the V-Scout inventory report. The inventory report is then saved and sent to the requesting group as a way to clearly identify the definition of the VM in the virtual environment. The V-Scout inventory report comes with information about the operating system version, amount of memory, owner information and email address, expiration date as well as other information. With this information, the report adds an element of service credibility to the virtualization administrator. The figure below is a sample report from V-Scout:

Since I have been using the expiration date, the requesters of virtual machines have been proactive in letting me know that the VM needs to be extended in duration. I don’t mind accommodating that request, as I’m trying to avoid a long list of systems that in four years nobody remembers anything about. This proactive request for an extension is very welcome and stems from a few other small practice issues that accompany the VM expiration date. The most noticeable of this is an automatically scheduled email that reminds the requester that the VM is due to expire in one week. The other part of that is a scheduled task in VMware VirtualCenter to change the power state of the VM due to expire. Lastly, there is another scheduled email that reminds me to remove the VM from the virtual environment storage and Windows Active Directory.

These small practice points with the use of a tool that fits your needs allows for an expiration date to be implemented without using more expensive lifecycle or lab management products. V-Scout is a free download from the Embotics website.

Defining a nomenclature for storage allocations

The relationship between the virtualization administrator and storage administrator can sometimes be less than cordial. Yet it can become less contentious when approached in a certain manner. One way that administrators can work closer with storage teams is to identify a nomenclature for shared storage resources in the virtual environment. This is critical because as virtual environments grow, storage management becomes an extremely important part of a successful implementation.

In larger environments where the storage and virtualization server teams are separate groups, there are a number of ways to organize a standardized nomenclature of a logical unit number (LUN). For example, the virtualization admin may only care about the size of the LUN and possibly the tier of performance. The storage administrator is concerned about those factors and more. As I’ve mentioned in the past, the process of getting down to details in the storage environment is critically important as the infrastructure grows. As time goes on, we simply can’t refer to the “500 GB LUN” or “the last one you gave me” anymore.

Recently I had an opportunity to work with an entirely different storage environment than I’m used to. As can be expected, this situation arose, but I perceived it as a great time to hammer out a crude yet effective specification for a LUN nomenclature. The situation involved a VMware environment connected to a Fibre Channel storage area network (SAN) with a number of storage devices presenting disks to the VM environment. The basic objective of having a standardized nomenclature is so both parties can determine which LUNs are available and the basic information present on them. The figure below shows the end result of this ad-hoc policy:

Determining a nomenclature for storage allocations will vary widely for different environments. Designations such as which tier the storage lies upon, whether it is developmental or live system storage, or which virtualization cluster owns the storage can all be elements of the process. Furthermore, if you’re dealing with a storage management system, the requirements for the name of the storage system may be different than the directly attached storage system in the example above. The end result for all parties involved is a far more orderly process with a much better understanding of how the storage is allocated in the virtual environment. In addition, the virtualization team will be able to more clearly communicate with the storage team about specific resources in use.

EG’s software a hit

EG Innovations took a Best of VMworld award for the application and infrastructure management category, and as one of the judges, it’s my pleasure to tell you why … eG gets it, and it gets IT. The “it” the company gets is business. There were a lot of entries in the category, ranging from desktop virtualization management, cloud computing management and traditional system/network management. EG stood out because its product took a real user problem (in the demo, customers who had problems depositing money via a bank website) all the way through the final root cause analysis, and did so in a clear, consistent fashion that was very easy to trace back to the relative obscurity of a Samba process gone haywire on a file server. The company’s service-level agreement (SLA) awareness was elegant, particularly in that a failure to meet an SLA was a source of system alerts. Its mix of agentless and lightweight agents and its ability to manage system alerts in real time was great, akin to many of the others in the category. In the end, the business awareness put eG over the top.

It was deep level, allowing IT staff to react quickly with appropriate (and relevant) technical information at their disposal to solve problems or initiate handoffs between departments if needed. The business view allows IT to conceptualize the impact of a problem or SLA failure, and thus better align itself with the business. The wide array of hosts, services and vendors supported by the product grants a big boon — having one tool to rule them all (LotR jokes are prohibited, thank you). It’s a tool that a seasoned sysadmin and an entrenched CIO can both love, and better yet, both use.

So … on my trademarked poker scale: EG gets a solid nine pokers. It’s hot, like a fireplace poker, and if you get jabbed by it, you will certainly know it!

VDI planning primer on DHCP scope options

Fellow virtualization expert Andrew Kutz has argued that future virtual desktop infrastructure technologies (VDI) need to lose the desktop to truly advance VDI technology, and I agree. But until that time, we have to deal with VDI as it exists today. And that means accepting certain hurdles, which means accepting additional support requirements that today’s VDI poses. Let’s consider devices and their support requirements.The key to determining how virtual desktop infrastructure (VDI) devices interact with their connection broker is to identify the networking configuration. VDI devices use dynamic host control protocol (DHCP) scope options to get their configurations to the device that reflects where they go for the connection. Let’s dive into how the DHCP options are important to a VDI solution.

For starters, a DHCP scope option is a configuration that is defined on a networking server such as Windows Server’s DHCP server role. Traditional configurations for PCs and servers would have DHCP options such as subnet mask, default gateway and domain name server. VDI, however, allows the full range of DHCP scope options to be used. There are numerous scope options available for DHCP that are delivered to the requesting device in the acknowledgment message (DHCPACK), which is sent after the DHCP request message.

DHCP scope options vary by VDI device. Take for example the SunRay series of VDI devices. For VDI solutions in VMware implementations, the technology requires that at least DHCP options 49 and 66 are configured for connection to the Virtual Desktop Connector agent. Option 49 is for an X11 server window manager and 66 is a trivial file transfer protocol (TFTP) server for VDI device configuration files.

Beyond basic configuration, it may be worth tweaking some other network options based on the architecture of the VDI implementation. What has particularly caught my attention is a blog post by Sun’s Thin Client and Server Based Computing group, which points out that some environments may need to configure the maximum transmission unit (MTU) of network packets. This can also be assigned by DHCP and is of particular importance if the VDI implementation is to be a remote site with limited bandwidth. The default MTU of most configurations is around 1,500 bytes, yet performance may be better with a smaller number for maximum packet size from the endpoint VDI device. This and other factors make a fully representative pilot sound like a really good idea!

However, other platforms may use a new set of options to interact differently with the VDI device firmware. One example is the Pano Logic desktop device, which only requires the creation and configuration of option 001 as a vendor class. This is different than the example above in that there is no X11 window manager resident on the device.

While these DHCP configuration options are not overwhelming when viewed individually, it is worth considering the larger picture in the case of these options already in use. The most common example is an IP telephone at a remote site. While in central offices, IP telephony is usually split to a separate network, but this may not be the case for remote sites that have two or three VDI stations and the same number of phones. It may make sense to have only one IP network.

DHCP is critical to effective network management, including a VDI solution. Some planning on scope and configuration can go a long way to ensure that the technology will function as expected.

ThinLaunch not all that impressive

At the New Innovators both at VMworld 2008 was an interesting small booth from ThinLaunch, which was manned by three of the four people in the company. I had a short pow-wow with two of the folks there and came away with mixed feelings. The product, for which the company is named, appears to fulfill a couple of interesting needs, the first being IT shops that want to pilot virtual desktop infrastructure (VDI) but don’t want to invest beyond the server room, and the second being smaller businesses that have server virtualization capacity to devote to hosting clients but have been loathe to rip and replace their thick clients with new thin hardware. I’m not too wowed by the product but I can see where it may be useful. That said, I was royally unimpressed with the technology.

ThinLaunch can be cobbled together with a few Group Policy object edits in Active Directory without buying the product. Simply replace the shell with whatever VDI launcher (or other application) you want. Microsoft tells you how to do it here. True, ThinLaunch then monitors this process if it crashes and can automatically restart it, but this is also something that can be managed with an application or by copying the code from this site.

ThinLaunch is available as an MSI package, meaning it’s very easy to deploy via Group Policy. Then again, Group Policies are even easier to deploy via group policy. Duh. ThinLaunch requires .NET 2.0. and GPOs don’t. ThinLaunch supports Windows 2000 through Vista and 2K8. GPOs do too.

I can see the need for this package and I can even see some large enterprise customers who’d want a packaged application to handle the conversion of legacy desktops. I can even see using the product in small businesses with virtualization already in place but a lot of legacy desktops and a lack of cash. What I can’t see is how it’s innovative in its approach.

Sorry, ThinLaunch, but you get three out of ten pokers — there’s just nothing hot there.