Transcript Slide 1
VMware Infrastructure 3 v3.5
Technical Overview
VMware Infrastructure 3 v3.5 – Core benefits
Simplify
Operations
Increase
Service Levels
Scale your
Virtual
Infrastructure
2
VMware Confidential
VMware Infrastructure 3 v3.5 – Core benefits
Benefits
Simplify
Operations
VC 2.5 Feature Overview
VMware Update Manager
ESX 3.5 Feature Overview
NPIV support
Distributed Power Management
(experimental)
Guided Consolidation Interface
VMware Converter integration
Increase
Service
Levels
HA Enhancements
Scale your
virtual
infrastructure
VC Scalability
Storage VMotion
VM Failure Monitoring
Large memory support
Low-cost storage support
SATA
VCB over iSCSI
Performance enhancements
3
VMware Confidential
TSO/Jumbo Frames for networking
Hardware Page Tables support
Update Manager
VMware Update Manager
Patch management solution from VMware
Compliance-driven execution
Scan datacenter for compliance to baseline
Scan and remediate guest (VM) AND host (ESX)
Support for both embedded and non-embedded ESX versions
Full support for Windows guests; limited support for Red Hat
Manual or scheduled remediation
Application patching (Adobe Acrobat, SQL Server, etc.)
Automates backup prior to patching and rollback if patching fails
Integrated with VirtualCenter
Same familiar user-interface for targeting hosts and guests
groups
5
VMware Confidential
Addressing Patch Pain Points
Current Pain
6
VMware Solution
Patching success and coverage is
uncertain or poor
Leverage VC awareness and ability
to deal with offline and suspended
guests
Systems need to be backed up before
patching
Automatic backup and rollback
capability
Patch deployment requires either target
OS agent or proper authentication
criteria
All VMs are known to VC and
VMware Tools provides a constant
agent on guest VM
Frequency of patch deployment
Reduced downtime can decrease the
impact of frequent patch deployment
Patch needs to be tested at OS and
application level
Automated testing for OS and
leverage customer’s current QA tools
for application testing
Differing approaches to VM and ESX
patching
Unified patching framework
VMware Confidential
VMware Update Manager (VUM) Architecture
ESX Server management
VMs with/without
Guest Agent
VirtualCenter
Server
ESX Server
VMs with/without
Guest Agent
VC Client with
VUM Plugin
ESX Server
VUM
Server
VM and ESX Host
patch management
Host patch metadata and updates
from www.vmware.com
VM patch metadata and updates
from www.shavlik.com
7
VMware Confidential
Compliance-driven Management
Baseline: Fundamental unit of compliance
Fine-grained control
Can be static or dynamic
Host or guest type
8
VMware Confidential
Patch Database Update details
Plugins->Update
Manager->Schedule
Update Download…
Select the type of updates
that should be downloaded
ESX Server
Windows
Linux
Updates are downloaded
as a VirtualCenter task
Frequency and date can be
specified
9
VMware Confidential
Compliance
What is compliance?
When a VM or host contains all updates in a baseline
How is compliance checked?
By evaluating results of security scan through the security tab for
VMs or hosts
Current compliance status is only as fresh as the most recent
security scan!
10
VMware Confidential
Understanding Security Scans
What is a security scan?
A process initiated from the VI client to check VM and host
compliance
Can scan a host, VM, resource pool, cluster, folder or data center
What does a security scan do?
Compare each object (VM or host) against a specified baseline
Reports back through a single event the objects that do not match the
baseline
When are scans performed?
When initiated by the user
At scheduled intervals through “Scheduled Tasks”
11
VMware Confidential
Compliance Status
Available through “Update Manager” tab for VMs and hosts
Three statuses for compliance
Compliant: VM contains all updates in baseline
Not compliant: VM lacks one or more updates
Unknown: VM not yet scanned
Note that only VMs that the user has permission to see are displayed!
12
VMware Confidential
Remediation
What is remediation?
The process of bringing a VM or host to compliance with a
baseline
How are VMs remediated?
Automatically
Through a VirtualCenter scheduled task
Manually
Using Inventory->Virtual Machine->Remediate…
By right-clicking host, or VM and selecting “Remediate…”
13
VMware Confidential
Remediate Against a Baseline
Baseline remediation
ensures that all VMs
in a group have had
all updates in a
baseline applied
Select between
applying baselines or
specific updates
14
VMware Confidential
Remediate Against Specific Updates
An update remediation allows for application of single updates.
15
VMware Confidential
Specify Remediation Rollbacks
Snapshot creation
and deletion can
be included as
part of the
remediation
operation
Saves VM state in
case a patch
causes problems
and requires a
rollback to the
unpatched state
16
VMware Confidential
Schedule the Remediation
Remediation can be
scheduled to minimize
impact to the user
Dates, times configurable
Specific actions can be
performed based on VM
state (on, off, suspended)
17
VMware Confidential
DRS-enabled Patching
Eliminate down-time for
guests when patching ESX
hosts
VUM
+
DRS
VUM puts host in maintenance
mode
DRS moves guest VMs to
available host
VUM patches host, returns host
to production mode
DRS moves guest VMs back as
per rule
Maintenance
mode
18
VMware Confidential
Distributed Power Management
(Experimental)
Distributed Power Management (DPM)
Reduce data center power consumption by having DRS consolidate
loads during non-peak hours and powering down the inactive hosts
The goal is to minimize total power consumption while still providing
enough resource capacity to satisfy total resource demand, plus
some user-specifiable amount of reserve capacity
Provides customers with significant cost savings from reduced power
consumption
Business Demand
Power Off
20
VMware Confidential
Resource Pool
Distributed Power Management
Experimental Support in VirtualCenter 2.5
Enhancement to DRS
Minimize power consumption
Standby Servers during off-peak hours
Migrate all VMs to fewer hosts
Standby unused servers to save power
VI capacity constraints are met
Automatic power on and migrate VMs back on demand
Wake-on LAN
Monitor VM activity
“Recommend Now” button
On-demand DRS scanning and recommendation
21
VMware Confidential
DPM: Requirements and Configuration
Servers managed by Virtual Center
VMotion compatible cluster
Shared storage
VMkernel network
DRS Configured environment
NIC with Advanced Power Management
Wake-on-LAN functionality enabled on VMKernel network
Used to bring up a server
22
VMware Confidential
Verify Wake on LAN support
How do I know my server has the capability?
Under VC GUI, Select the server name -> Configuration tab ->
network adapters, Check status of NIC’s “Wake-on LAN” column
23
VMware Confidential
Enabling DPM
24
VMware Confidential
Viewing DPM Recommendations
25
VMware Confidential
Applying DPM Recommendations
26
VMware Confidential
Guided Consolidation
From first time user to meaningful consolidation
Guided Consolidation Interface
Stage 1
From zero to first VM
Stage 2
To First Consolidation
Time to
Value
Simplified first
experience
New setup wizard
‘Getting started’ tabs
Integrated tutorial
Stage 3
Ongoing Management
Guided consolidation process
Discover physical servers for analysis
Collect data on selected physical
servers
Suggest appropriate sources and
targets
Trigger physical to virtual conversion
Customer Impact: Huge ease of use benefits, low startup and try out costs, realize
cost savings and greater power of virtualization management
28
VMware Confidential
Getting Started Tabs
29
VMware Confidential
Guided Consolidation : New User Experience
Automatically consolidate existing servers
Discover existing servers in the environment
Physical servers or virtual machines
Can discover and analyze Windows server-family OSes
Analyze for consolidation suitability
Agentless discovery and analysis of usage patterns
Placement recommendations based on utilization metrics
Recommend consolidation plan
Matching discovered systems to candidate ESX Server hosts
Perform P2V and import servers into VMs
30
Conversion done live, while servers are running
VMware Confidential
Guided Consolidation
Recommended for smaller environments
For environments containing approx. 100 servers or less
Helps someone who is new to virtualization, who wants to get going
fast
Not optimized for large environments
User Interface not designed for hundreds of discovered servers
Architected for small environments
Assumes only one AD server
Assumes limited number of domains
31
VMware Confidential
Architecture
Guided Consolidation: depends on two other services
“hidden” DB
Not to be managed
by end user
VMware
Converter
Virtualization
Service
(can run on VC
Server or on
separate
machine)
vpxd
CPDB
VCDB
VirtualCenter Server
32
VMware Confidential
Data Collector
Service
(CapacityPlanner
is automatically
installed on VC
Server)
Physical System Discovery
The Data Collector Service is required when initiating
the consolidation analysis
If this service is not running, VirtualCenter will ask for
user credentials and try to start it
User must have Windows Administrator privilege and
read privileges on AD (if AD being used)
33
VMware Confidential
Add to Analysis
Select a Domain or Workgroup for discovery
The list of Domains and Workgroups is
concatenated from AD and Lanman results
34
VMware Confidential
Set Authentication
Enter Windows Administrator user and password
Enter here if same for all/most hosts
Next screen lets you specify per-host credentials
35
VMware Confidential
Analyze
Right-click host to set per-host credentials
Statistics collected on each host
Metrics collected once per hour
10-12 metrics total: CPU, Memory, Disk, Network
Columns populated as information obtained
Data put into table in VirtualCenter database
Confidence level
Based on the number of performance samples that VC has collected
As VC collects more performance samples the confidence goes up
36
VMware Confidential
Plan Consolidation
Choose “Plan Consolidation”
List of analyzed systems presented
For each system, drop-down menu of candidate destination ESX
Server Hosts
37
VMware Confidential
Destination Server Suitability
Star rating
Based on compatibility with ESX Server host
Each candidate destination host gets a separate star rating
Compatibility is considered for things such as sufficient
number of CPUs, ability to run the guest OS etc.
Rating based on the average CPU & Memory usage and
disk space of the destination host
The lower the resource usage, the higher the star rating.
The networking check only verifies the number of NICs, not
network usage
38
VMware Confidential
VMware Converter Enterprise
VMware Converter Enterprise for VC 2.5
Converter integration with VirtualCenter
Import physical machines, virtual machines and 3rd party
images into VirtualCenter
Restore path for VCB images
Export VMs managed by VC to hosted VMware platforms
Export other unmanaged/hosted VMs on network shares
Create, monitor, edit, restart P2V and V2V jobs via VC
Multiple concurrent migrations
Scheduled migrations
CLI for scripting conversions/migrations
40
VMware Confidential
VMware Converter Enterprise for VC 2.5
Client/Server architecture
One-to-one mapping between Converter server and VC (2.5 and
later) server.
Leverages extensibility interface for VC client's plug-in discovery and
initialization
CLI that connects to Converter server and submits P2V tasks
Installation independent from VirtualCenter
Updates will be released asynchronously from VC/ESX releases
41
VMware Confidential
Server Import
Right click on destination
Select “Import Machine”
42
VMware Confidential
Source Selection
43
VMware Confidential
Remainder of process … you know about it…
Source login
Specify hostname or IP, Administrator user/password/domain
Deploys agent which performs on-the-fly P2V
Destination
VM name & location
Host/cluster
Datastore
Network
Customization
Modify image to run in VM
Schedule: immediate or future
44
VMware Confidential
Storage VMotion
VMotion vs. Storage VMotion
VMotion - Moves a running VM
from one ESX server to another
ESX server leveraging shared
storage
The storage resource stays in the
same storage location
Storage VMotion - Moves the disk
resources for a VM from one
datastore to another datastore
The VM stays up and running on
the same ESX Server
46
VMware Confidential
Storage VMotion
Migrate running VM to new storage
VM stays on same host
VM disks may be individually placed
Storage type independent
Migration does not disturb VM
No downtime
Transparent to guest OS and apps
Minimal performance impact
47
VMware Confidential
Storage VMotion – Use Cases
Storage maintenance and upgrades
ESX Server upgrades that change disk
format
More flexible Information Lifecycle
Management (ILM) solutions
Improved performance troubleshooting
Storage consolidation/reclamation
LUN reconfiguration
48
VMware Confidential
What Storage VMotion Moves
VM’s “home” directory
Config file (vmx)
Logs
Swap file (vswp)
Snapshots
Other misc files
config
swap
disks
logs
Virtual Machine
VMFS volume
VM disks (vmdk)
Treat disks separately to support
independent placement
49
VMware Confidential
Storage VMotion: VM Home Relocation
Copy non-virtual disk files to new VM home
Use NFC (NetWork File Copy)
Switchover VM to using new files
Use VMotion
Start up new VM on same host instead of different host
New VM uses config file in new VM home directory (similar to
VMotion in ESX 2.x)
Same host VMotion known as “self-VMotion”
50
VMware Confidential
Storage VMotion: Virtual Disk Relocation
Uses disk relocation feature from Upgrade VMotion
Uses snapshot technology to move virtual disks
Snapshot VM disks to create child disks
Copy read-only base disks to new location
Commit disk snapshot into copied base disks
Each virtual disk can be placed independently
Location can be different than VM home or other VM disks
Can also stay in current location
51
VMware Confidential
Storage VMotion In Action
2
“Self”-VMotion to
new VM home
3
1
Take disk-only snapshot
(creates child disk)
Copy VM home
to new location
4
6
Delete original VM
home and disks
52
5
Copy disk to
destination
Source
VMware Confidential
Destination
Consolidate child
disk into copied disk
Storage Type Agnostic
Developed to work on all storage types
High-level copier technologies used
VM home copied using NFC copier
VM disks moved with snapshot technology
Copiers not storage type specific
Located “above” filesystem layer
Source and destination can be different
storage types
53
VMware Confidential
Copiers
VMFS
NFS
SAN iSCSI Local
Storage VMotion Requirements
Use of Storage VMotion requires…
Temporary doubling of VM’s cpu/mem resources
Two copies of the VM exist simultaneously on single host
Each VM uses memory and has its own cpu/mem reservation
VMotion interface must be configured properly
Does not require a physical link
Intrahost “network” connection between the two VMs
Must not be using a device that prevents VMotion
54
VMware Confidential
Storage Vmotion in 3.5 limitations
No GUI Interface. CLI only
Can't simultaneously change execution host
No snapshots
Requires double resource reservation consumption
Two copies of the VM need to be run on the same ESX server at
one time while the storage migration process is taking place
Can't move disks without moving the VM home directory too
Limitations to be lifted in future releases
55
VMware Confidential
Platform Enhancements
Platform for Any OS, Hardware, Application
Management &
Automation
Virtual
Infrastructure
Virtualization
Platform
57
Performance Optimizations
Scalability Enhancements
Expanded compatibility
> ESX Server 3.5
> ESX Server 3i
VMware Confidential
17
Virtualization Platform Enhancements
Virtual Machines
Performance
Scale
Paravirtualization
(VMI)
64GB virtual RAM
Hardware page
table assist
128 GB of
physical RAM
Compatibility
Ubuntu
Windows Vista
ESX Server
CPU
Memory
Network
Large memory
pages
TCP Segment
Offload
10 GigE
Infiniband
Jumbo Frames
Storage
58
VMware Confidential
NPIV Support
SATA devices
Paravirtualization
Virtual Machines
ESX Server
VMware led industry collaboration
effort to create a standard interface that
allows standard Linux kernel (2.6.21) to
be virtualization aware
CPU
Standard Linux distributions to include
this kernel in subsequent releases
(Ubuntu already uses it)
Memory
Network
Storage
59
Paravirtualization makes the guest OS
virtualization-aware and more
performant running on a hypervisor
VMware Confidential
Enables Linux to run at higher
performance by making it virtualizationaware
Performance benefits seen for
demanding applications such as Oracle,
Apache
Memory Management
Virtual Machines
Process
1
Process
2
Process
1
Process
2
Virtual Memory
Guest Physical memory
ESX Server
Host Memory
ESX Server translates guest VM memory to physical memory
CPU
Memory
Uses CPU hardware page tables to
reduce memory translation overhead
(e.g. in AMD “Barcelona”)
Large memory pages for more
efficient memory access
Network
Storage
60
VMware Confidential
Benefits memory intensive
workloads such as databases, Citrix,
Terminal Services
Networking
Virtual Machines
ESX Server
CPU
Memory
Network
Storage
TCP Segment Offload* reduces CPU
overhead by offloading TCP
processing to NIC
Jumbo frames* allow reduced TCP/IP
processing by enabling larger frame
sizes
Supported for ESX Server hosts and
select guests
Support for 10 GigE for network
intensive workloads**
Benefits network intensive workloads
(e.g. backups over LAN, webservers,
Citrix, Win Terminal Services, iSCSI) in
virtual machines
* Supported for ESX Server hosts and select guests
**10 GigE not supported for the ESX iSCSI software initiator
61
VMware Confidential
Storage
Virtual Machines
NPIV allows assignment of virtual
HBAs to individual virtual machines
Enables QoS through SAN tools
ESX Server
CPU
Memory
Network
Storage
62
VMware Confidential
Enables performance optimization
through more granular traffic
monitoring
Other VC2.5 Enhancements
VMware HA: What's New
More nodes in a cluster
32-node cluster - Double the earlier limit
Intelligent placement
Recover to host with most available capacity
Local swapfile allowed for VMs
Virtual Machine Failover protection
Experimental support
Monitor software failures
Better error handling during configuration
Easy to understand messages
Up to 10 Isolation Addresses allowed
64
VMware Confidential
What else is new in VC 2.5?
Scalability improvements in VC
Supports management of 200 running hosts and 2000 powered-on VMs
Provisioning across datacenters
Batch installations/upgrades of VMTools
ESX NTP & Firewall configuration through VI client
Image customization for 64-bit Guest OS
Windows Server 2003 EnterpriseSP1, Windows Server 2003 EnterpriseR2
RHEL 4.5, RHEL 5.0
SLES 10 SP1/SP2
Solaris 10 Update 2 or Update 3
CDP (Cisco Discovery Protocol) support
65
VMware Confidential
Other ESX3.5 Enhancements
New Guest OS support
Windows Server 2008 (formerly Windows Server codename
“Longhorn”)
Windows Vista
Red Hat Linux 5
Ubuntu Linux 7.04 (paravirtualized and fully virtualized)
In addition, support for updates to already-supported guests
will be provided.
67
VMware Confidential
VMware Consolidated Backup Enhancements
Enhancements
Support of VMs running on
iSCSI, NAS or local storage
2
1
Snap
Snap
Mount
3
Run Backup Server within a
VM
Use VMware Converter to
restore VCB images
New 3rd party software version
support
What are the benefits?
Greater flexibility for storage
layout and backup architecture
Simplified restore
68
VMware Confidential
Copyright © 2005 VMware, Inc. All rights reserved.
Restore Options
VCB Integration with 3rd party backup products
Some allow single step restore of VMs
VMware Converter to deploy VMs directly from VCB image
VCB image must be on the disk
Use “mountvm” to mount image as disk
With backup of full-VM type
Copy entire disk or individual files
Restore individual files
Restore files on a single VM using redirected restore
Transfer using CIFS
69
VMware Confidential
VCB: Converter as restore tool
Converter called from VC
Install the plug-in first
Converter will restore entire Virtual Machine
No single-file restore
Uses network based mechanism
Network File copy to restore data – No SAN needed
Restore entire VMDK on VMFS of ESX
Concurrency = 15 max sessions
70
VMware Confidential
Other Enhancements with VI 3.5
Virtual
Infrastructure
Management
•VirtualCenter scales to 200 hosts and 2000 VMs
•Multimedia application support for VDI deployments
•Automation for VMware Tools batch and scheduled install
•Network CDP Support
VirtualCenter
Resource
Management
Virtual
Infrastructure
Virtualization
Platform
71
VMware Confidential
Availability
•Increased HA
isolation
addresses
•32-node HA
Mobility
•VMotion with
local swap files
•Experimental IOAT v1 support
•IPv6 support for guests
Security
Thank You