|Gabrie van Zanten|
With the release of vSphere, VMware continues to demonstrate that its enterprise-level hypervisor is mature. This is most strongly evidenced by where VMware has decided to focus: building out its product. VSphere's major changes over VMware ESX 3.5 involve stability, availability and security, which are services, not hypervisor features.
VMware has just officially announced the latest product suite built around its flagship product, VMware ESX, named VMware vSphere. With vSphere, VMware positions its hypervisor as the Virtual Datacenter Operating System, or VDC-OS. Whereas in previous versions, many new features were mostly single-system related, the new vSphere is mostly service oriented, as evidenced by VMware's name choices for its product groupings: Application vServices and Infrastructure vServices. Application vServices are products that offer increased availability, scalability and security. As a whole, Application vServices exist on top of Infrastructure vServices such as vCompute, vStorage and vNetwork.
This article walks through these services and uncovers new features of VMware vSphere 4.
When it comes to business applications, an end-user isn't concerned with the hardware an application runs on or which OS is running the application. The customer wants an application to run like a service, so the primary questions concern whether the service is available whenever needed, how secure it is and, when more power or resources are needed, how well it scales. With Application vServices, VMware has several new features in each of these areas.
- VMware Fault Tolerance (VMware FT). When an increase in availability is needed, most companies consider clustering technologies, most of which are complex. So too, applications have to run in the cluster and be cluster-aware, which they seldom are. With VMware FT, a virtual machine (VM) can run in lockstep with a "ghost" copy on a separate host. If something happens that warrants a failover of a VM, failover occurs immediately.
VMware FT is enabled per VM, and in the current release, it costs 10% in overall performance. VMware FT works only on single-vCPU VMs. The most useful part of this technology is that a VM does not have to be VMware FT-aware, and you don't need to make any changes to the OS or application.
- VMware Data Recovery (VMware DR). VMware DR makes it easier to back up and restore VM data at the file level and the VM level. VMware Disaster Recovery offers much more granular functionality than VMware Consolidated Backup (VCB). In addition to having a graphical user interface (GUI), it is now easier to schedule backups, define retention policies and perform restores with just a few mouse clicks. VMware DR is agentless and can store incremental backups using deduplication techniques. Using VMware DR contributes to cost-effective storage management.
- VMware VMsafe. Wouldn't it be great if not every VM in your environment needed its own antivirus or malware scanner? VMware VMsafe is an application programming interface that enables security vendors to scan all memory and network traffic before affecting a VM. With this technique, viruses can be caught before they interact with a VM, preventing ramifications. Having only one scanner for an entire host is more resource friendly than having to run a scanner in each guest OS running on a host.
- VMware vShield Zones. As an administrator, you can create vShield trust zones that are VMotion-, network- and configuration-aware. In other words, a VM that is migrated from one host to another is protected from interacting with a network outside the zone and so on. A VM that has been assigned to a zone may be moved only to another host with the same zone configurations and the same firewall policies.
- Hot-add devices. In previous versions, only virtual disks could be added to a VM while it ran. With VMware vSphere it is possible to add more CPU (memory) to the VM while the VM runs. Network and storage devices can also be "hot added" and "hot removed." By making VMs scalable in this manner, the application availability increases since there is no downtime needed to add memory power to a VM.
- New VM limits. The maximum power that can be granted to a VM has also increased. In VMware vSphere a VM can have a maximum of eight virtual CPUs and 255 GB RAM. More applications are now suitable candidates for running in a virtual environment. For example, users may have refrained from running large Microsoft SQL databases or SAP in a VMware ESX 3.5 VM, because ESX 3.5 allowed a maximum of foru CPUs. Now that a VM can have eight CPUs, virtualizing should be reconsidered.
There are several improvements at the infrastructure layer, which VMware refers to as Infrastructure vServices. VMware created three focus areas: vComputer, vStorage and vNetwork, all of which have new features that make a VMware administrator's job easier, including implantation of the Application vServices.
- VMware vComputer
- Host Limits. With vSphere, the limits for hosts have been raised to a maximum of 512 GB addressable RAM and 64 CPU cores, which translates to an ability to run an impressive number of VMs per host. It is normal to have three or four VMs running per core, so you can now potentially run 192 VMs per host.
- Network and storage stack improvements. Together with Intel's "Nehalem" processor, VMDirectPath technology allows vSphere to skip the emulation of network interface cards (NICs) and map physical NICs directly to a virtual machine, reaching wire speed network access. With an improved storage stack, vSphere should be able to reach more then 400,000 IOPS and provide lower then 2 milliseconds of latency.
- Distributed Power Manager (DPM). With DPM it will be possible to place vSphere hosts in standby mode when the load on the cluster is very low. DPM will consolidate VMs to free up one or more hosts and shut down these hosts to reduce power consumption. If a load on the cluster grows, DPM automatically wakes the hosts again.
- VMware vStorage
- Linked clones and thin provisioning. Previously, the way VMware ESX used storage resulted in a frequent occurrence of more storage being "claimed" than what was actually used, which results in wasted storage space. Thin provisioning eradicates the administrator guesswork that resulted in overprovisioning of storage. Together with the Linked Clones technique -- where a number of VMs can be based on the same basic disk -- VMware claims that storage reductions of 50% can be achieved with its updated approach to VM storage.
- Storage alerting and monitoring. In VMware Infrastructure 3, vCenter had little insight on exact storage usage. This has been improved. Now there are much better reports and alerts on storage allocation and consumption in vCenter.
- Distributed vSwitch. Since VMware ESX 2, distributed vSwitch is what administrators have been asking for. It was tedious to create a virtual switch on one host and keep that in sync with the vSwitches on all other hosts. Distributed vSwitches addresses that issue, as a configuration change on a distributed switch is automatically synced on all hosts. This considerably eases the burden of managing a virtual infrastructure. Fewer management tasks means fewer errors and more uptime.
- Third-party virtual switches. In addition to VMware's new built-in distributed vSwitch, vSphere also supports third-party virtual switches. Cisco is the first to be included in vSphere, with the Cisco Nexus 1000V. After buying a separate license from Cisco, the Nexus 1000V can be activated with a network key, and a network administrator can fully manage the networking aspects of a virtual environment without involving the VMware administrator for previously-necessitated configurations. This also eases management and reduces the risk of configuration errors.
Additional product updates
This was just a selection of the new features at host level, but these are the updates that will have the most impact on business operations. The new version of vCenter, however, features a number of improvements, and at VMworld Europe 2009, VMware announced other new services such as AppSeed and Chargeback that will be released later this year. These services largely upgrade vCenter from a virtual infrastructure management tool to a tool with added value.
Gabrie van Zanten (VCP) has been in the IT industry for 12 years. Currently he is a virtualization architect for a worldwide consultancy company and has designed and maintained virtual infrastructures for a number of customers. He has written articles for magazines and frequently publishes in-depth articles at his weblog, GabesVirtualWorld.