In this series, we've discussed numerous ways in which you can boost your ESX Server environment's performance, ranging from storage to remote access to VM-to-host ratios. In this part, we'll look at updating your VMware tools, optimizing your guest operating systems and evaluating your antivirus tools and backup strategy.
Tip 9: Update VMware Tools
As you upgrade your ESX Server versions and/or install update patches, be sure to keep VMware Tools installed in your guest operating systems up-to-date. Sometimes, update patches may include fixes for components of VMware Tools, and in these cases, it is very important to update VMware Tools in your virtual machines.
If you migrate virtual machines from other VMware platforms such as VMware Workstation or VMware Server, be sure to update VMware Tools after migrating the virtual machine. There are differences in the editions of VMware Tools between the different VMware products.
Be sure to enable the time synchronization between the ESX host and the virtual machine in VMware Tools. It is generally not a good idea to have multiple time synchronization schemes running concurrently; therefore you should not use other time synchronization tools such as NTP clients if you are using VMware Tools to perform the time sync.
If you must use an alternate time sync method, then disable the time sync in VMware Tools. This occurs commonly in Windows virtual machines that are members of an Active Directory because they must time sync with the domain controller.
For the best video display performance in Windows virtual machines, enable the hardware acceleration feature in Windows under the advanced graphics display settings on the Troubleshooting tab. This will smooth out the mouse when using Remote Console.
Tip 10: Optimize Windows guest operating systems
Defragmenting the contents of a virtual machine's virtual disk does have a positive effect on I/O performance. Using third-party server-based disk defragmentation tools such as Diskeeper or SpeedDisk will keep your disk structure organized.
Be careful not to schedule the defrag tasks during critical hours or have it run too frequently as this could unnecessarily consume too many resources at the wrong time. If your virtual machines are running with a REDO log, then ignore this tip. Never defrag a virtual hard disk with a REDO log file. Only defrag those disks which are in persistent mode.
You can free up some resources within a virtual machine by stopping and disabling unnecessary services and background tasks. When is the last time you needed Wireless Zero Configuration in your virtual machines?
Be careful not to disable a service that is needed by your applications that may not be obvious. If you are not sure if a particular service is needed, check with your system administrator or build a clone of the virtual machine that can be used to test the effects of disabling a particular service.
The following list contains a suggested subset of common Windows services that can usually be stopped and disabled in a virtual machine. Services should only be stopped and disabled when they are known to not be used or needed. This will vary between virtual machines, how they are being used and what applications are installed.
- Clip Book
- Computer Browser
- DHCP Client (Unless using DHCP IP addresses)
- Fast User Switching Compatibility (Windows XP)
- IMAPI CD-Burning COM Service (Windows XP)
- Indexing Service (Unless needed)
- Internet Connection Firewall (ICF) / Internet Connection Sharing
- IPSEC Services
- Network DDE
- Network DDE DSDM
- Network Location Awareness (NLA)
- Print Spooler (May be needed in some cases)
- Remote Desktop Help Session Manager
- Remote Registry (May be needed)
- Routing and Remote Access (May be needed)
- Smart Card
- SSDP Discovery Service
- System Restore Service (Windows XP)
- Telnet (May be needed)
- Uninterruptible Power Supply
- Windows Audio (Windows XP)
- Windows Image Acquisition (WIA)
- Windows Time (May be needed)
- Wireless Zero Configuration
Uninstall Windows components that are never used. By doing this, you reduce the amount of memory consumed within the operating system, giving back memory to your apps as well as increase the security of your virtual machine.
Many virtual machines may never need the NTFS Last Accessed timestamp. By disabling this feature, you reduce the amount of non-obvious work that is being done behind the scenes and stealing valuable CPU resources. Do not confuse this timestamp with the Last Modified timestamp. The Last Accessed timestamp is recorded whenever the file is accessed (reads or writes). The Last Modified timestamp only records the date and time of the last write and is usually needed for backup and archiving purposes.
Many or all of your Windows virtual machines running on VMware ESX Server are likely servers. These servers usually do not require fancy graphic effects on the desktop, which unnecessarily slow down the virtual machine. Be sure to disable visual effects on all Windows virtual machines that do not have explicit enhanced graphical display requirements. Be sure to turn off showing each window's contents while dragging too.
In most cases, you won't need autumn leaves on your Windows servers' desktops either. Generally it is a good idea to disable desktop wallpaper. The only exception made in this case might be to use something like the BgInfo tool from Sysinternals, which is very useful for dynamically creating handy informational desktop wallpaper including system metrics such as the computer and domain names, disk free space and IP addresses. Microsoft recently acquired Sysinternals.
If you are running Windows XP in your virtual machines, you may want to disable the System Restore feature. Doing so will unlock disk space, CPU and I/O resources. You will not have the benefit of the restore feature in Windows XP, but you can just use VMware's Append Mode or Snapshot feature to compensate, which are generally more powerful anyway.
Some of the system power features, such as hibernation and hardware power management (turning off hard drives, monitor, etc.), do not have any real meaning in a virtual machine. It makes sense to disable these features in most cases. That goes for the screen saver, too. Don't worry; you won't cause any screen burn-in to your Remote Console!
You may argue that it can be useful to use screen savers on virtual machines to automatically lock the console after a specified period of time, but if you are having that problem, please re-read tip number 6. It is generally not a good idea to have console sessions open for extended periods of time. If you have interactive programs running, just close the remote console session without logging off. If you feel that you still have a security issue, then you may need to revisit your security design on your ESX servers.
Tip 11: Optimize Linux guest operating systems
When using Linux guest operating systems, choose a distribution with either a 2.4 kernel or a 2.6 kernel that can be recompiled with the number of ticks per second reduced to 100 from 1000. The default system clock of the Linux 2.6 kernel is 1000/second, which unnecessarily stresses the virtual hardware. The only way to change the behavior is to recompile the 2.6 kernel with this change. If you cannot recompile the kernel, use a Linux distribution with a 2.4 kernel instead. The 2.4 kernel uses 100 ticks per second by default.
It is very likely that your Linux virtual machines running on VMware ESX Server are servers themselves. Most Linux servers do not require X-Windows. When possible, do not install a graphical desktop -- just use the character-based console. Your Linux virtual machine will require much less resources.
If you do need a graphical desktop, then use a light-weight window manager such as WindowMaker. KDE and Gnome are both resource hogs and they will chew up more resources, impacting the potential performance of the virtual machine or using additional ESX host resources that could be used by other virtual machines.
When optimizing your Linux virtual machines, make sure that you disable or remove unnecessary daemons, services and background tasks. Remove any unneeded packages, too. This will free up processor and memory resources that can be redirected to your applications.
Tip 12: Use smart antivirus and backup configurations
If your virtual machines are not being used for production services, such as virtual machines used for testing and development purposes, you may not need to have an anti-virus solution installed (unless of course you are testing the anti-virus solution). Most production virtual machines will require an anti-virus solution.
You should configure your anti-virus solution optimally to maximize performance of your virtual machine. One of the first things you can do is set up scheduled virus scans to take place at off-peak hours so that the applications are not competing for resources with the anti-virus solution. In most cases, a single daily virus scan is adequate.
Servers usually do not need real-time virus scans, which can impact server performance. Disable the real-time virus scanning features when possible for production virtual machines, especially those used as database, file or Web servers. Most anti-virus solutions have the ability to exclude certain files, file types and directories.
Some application files do not need to be scanned and doing so will destroy performance, such as scanning a database's data files. Configure the anti-virus solution to exclude mission critical application files that are not a high risk of virus infection. Swap files may also be excluded in some cases.
If you are running a backup agent in your virtual machines, you should schedule the backups to take place during off-peak hours and not during a virus scan. Again, doing so will alleviate performance degradation from applications competing for resources with the backup solution.
And don't forget, as mentioned earlier, when you upgrade to VI3, take advantage of VMware Consolidated Backup feature when possible because it eliminates performance overhead within your virtual machines and on your network by offloading the backups onto your SAN. When combining VMware Consolidated Backup with one of many backup solutions on the market that take advantage of this new feature, a complete backup solution with zero network load and no overhead on the host server is possible, and it allows the virtual machines to then use all of the host server's resources to increase their own performance.
This was first published in December 2006