Server virtualization has resulted in cost savings and efficiencies through server consolidation, so what's next in a virtualization strategy?
Storage, networking components and security are a few areas that midmarket companies are going to want to tackle next if they are on the path to developing a virtual environment, while also morphing IT into a service organization.
But there are a few housekeeping items that should be checked off before an organization sets out to mature its server virtualization strategy.
Invest in virtual machine management. If you haven't already invested in a tool to manage virtual machines and your virtualization environment overall, it's time to get one. Such tools allow you to set polices for virtual machine deployment, security, configuration and resource optimization. Polices should also already be set for identifying and decommissioning virtual machines that may no longer be needed and to make sure VMs are still running at optimal levels from a resource standpoint.
Each virtual machine should also have its resource requirements attached to it based on peaks and its utilization pattern so such requirements are taken into consideration when the VM is moved around the data center, said Nelson Ruest, principal at Resolutions Enterprises Ltd. in Victoria, B.C., and author of the book Virtualization: A Beginner's Guide. Tools for handling VM management include Microsoft's System Center Virtual Machine Manager and VMware Inc.'s vCenter.
Establish service-level agreements (SLAs) for the virtual environment. Many midmarket companies do not have SLAs in place for their virtualization environments. "The thinking right now [in IT departments] is that if the user isn't happy they will complain," said Anil Desai, an independent consultant based in Austin, Texas, who specializes in server and virtualization technologies. "Right now, it's a very reactive approach."
Instead, IT should interview business departments to determine how important the availability and performance of particular applications are and what those departments are willing to pay to guarantee high uptimes and performance if needed, he said.
Allow self-service provisioning. One of the simplest next steps to advancing virtualization across your company is taking advantage of technology that comes with many of the mainstream server virtualization vendors' products, such as end-user self-service provisioning interfaces.
Self-service provisioning is included with Citrix Systems Inc.'s XenServer; VMware has vCenter Lab Manager and Microsoft's System Center Virtual Machine Manager has a self-service portal by default.
"By leveraging more self-service provisioning, you can yield immediate TCO with little capital investments," said Chris Wolf, an analyst at Burton Group Inc. in Midvale, Utah. "The interfaces allow users to spin up their own test or training environments automatically, for example, without getting IT involved." And users become aware of just what those environments are costing them in the process.
IT can also use self-service provisioning to streamline virtual machine deployments. Many of these provisioning products include integration between hypervisor management and storage management, which lets the server admin avoid the sometimes lengthy step of involving the storage admin when bringing a new VM online, Wolf said.
Of course, governance is key when you add self-service provisioning to your virtualization strategy, since with automation you might be mixing traditionally siloed groups within the IT organization, he said.
Start consolidating your storage resources. VMware's virtualization technology now provides dynamic storage so you can decrease the size of your virtual machines. Using such technology to create a dynamically expanding disk for VMs can lead to significant savings, Ruest said. Add to that the ability to provision multiple virtual machines from a single image. "So one central image, using differentials for creating other images -- that saves at least 50% of storage costs," Ruest said.
Midmarket companies may also want to consider network-based storage, or, if the budget allows, a fiber-based storage area network as a way to centralize storage. It's much easier to manage a centralized storage pool than disks attached to many different servers.
"You also gain efficiency this way when thin provisioning only uses storage when it's necessary and you just invest in fewer large hard drives," Desai said. "This can save costs and provide better performance for the entire [virtual] environment."
Leverage hardware-assisted virtualization. This involves more of a capital investment, but experts recommend buying servers with hardware-assisted virtualization technologies such as American Micro Devices Inc.'s quad-core Opteron and Intel Corp.'s (code-named) Nehalem chips to eliminate bottlenecks that exist with virtual machine performance.
"This technology allows companies to virtualize many Tier 1 and Tier 2 x86 applications," Wolf said. "You start getting the same mobility and consolidation benefits for more mission-critical applications that you previously had only with Tier 3 applications like dev and test and training workloads."
One of the features of hardware-assisted virtualization is memory virtualization. Intel has extended page tables, or EPT, and AMD has rapid virtualization indexing, or RVI. Such technologies partition and allocate memory among VMs.
Upgrade your network and enable virtualization monitoring. Desai recommends investing in virtualization-aware network devices, appliances or software. This is of the ilk of Cisco Systems Inc.'s partnership with VMware to create the Unified Computing System, or UCS, or technologies developed by other companies, such as Reflex Systems Inc.
"These technologies let you monitor communications between VMs and also make sure that security polices are honored as VMs move between host systems," Desai said.
One of the concerns with VMs is that the traffic they generate is not recognized as network traffic since it may not be hitting a switch , router or gateway device that can monitor and make sure the traffic is legitimate.
So one central image, using differentials for creating other images -- that saves at least 50% of storage costs.
Nelson Ruest, principal, Resolutions Enterprises Ltd.
"Third-party [network appliance and monitoring] tools can plug in and monitor VMs to see what they're saying to each other, whereas a standard network monitoring device doesn't have that ability," Desai said.
At the same time, IT should upgrade network capacity since virtualization translates into many different operating systems trying to access the network at the same time from the same server. That easily saturates network links, so you will need more network switches, connections and ports on the server side, but it can be done cost effectively.
"Sometimes that means adding more network ports to the existing infrastructure, but you might not even need to do that because if you retire servers through server consolidation you probably already have more network capacity; it just needs to be reconfigured," Desai said.
Tighten up security through policy and technology before heading into shared infrastructure. Security surrounding virtualization is still a work in progress. There is pressure to do more with shared infrastructure, but most auditors are more comfortable separating security zones by physical hardware.
"The obvious result is increased capital and wasted resources [under this model]," Wolf said. "In order to get to a shared model that can be moved around, there needs to be a policy that defines security isolation and partitioning." Still, regulatory compliance restricts some companies' options in the matter of shared infrastructure, he said.
"Such shared environments should include technology that recognizes inspection boundaries for compliance, isolation boundaries for a virtual infrastructure or VMs, whether that be physical or virtual boundaries such as a firewall," Wolf said.
Ruest recommends creating custom network zones using virtual switching capabilities.
"VMware calls this vShield Zones, and with it you can really tighten up security by using the different zones to make sure all the VMs are isolated and the points in which [VMs] interact are protected," he said.
Let us know what you think about the story; email: Christina Torode, Senior News Writer.