Demarcation of Roles: Where to Split the Load?

February 8, 2012 Leave a comment

Virtualization created a lot of change in the technological landscape, and continues to do so. It’s also made large impacts in other areas; processes and roles. Back when everything was physical, people knew their roles and what they were responsible for. The server guys owned the server; the network guys owned the network and so on. But today, those clear lines are blurred; there is no clear demarcation anymore. Blade chassis can now house Cisco network and fiber switches, ESX handles virtual switching through vDS or the Cisco 1000V, and now there are virtual firewalls that run on the hypervisor as well, for managing traffic between VMs. This fundamental shift creates huge implications for ownership, especially in a word were Enterprise Security groups are pushing Role Based Access Control. It simply boils down to “Who Owns What?”

When ESX was first introduced and became an industry norm, ownership for everything beyond where the network cable plugged into the server was handled by the server administrator. This meant that configuration, management and ownership of the Virtual Switches were handled by the ESX Admin. However, as those technologies have grown, should that still be the case today? And with the introductions of blade chassis with L2 switches attached, the clear lines become even more blurred.

It’s becoming more and more apparent that there is a need to rethink the approach for delegating the management of entities. There seems to be two clear choices in the approach for this. The first choice is to migrate from silos of technologies and create all encompassing groups around services in the enterprise. The second is to shift the demarcation of roles to encompass end to end technologies.

The first approach requires the largest shift inside an organization. Typically, groups manage technologies, not the services that use those technologies. Virtualization, however, needs to be looked at as a service that uses multiple technologies. Instead of having a separate server, network and storage team that manages those technologies for virtualization, why not create a Virtualization Team that includes SMEs in the areas of server, network and storage management. This allows the SMEs in each group to not only bring expertise in that specific technology to the table, but also the knowledge of how to best use the technology to better the virtualization service. This approach becomes even more paramount when you start looking at advanced virtualization initiatives such as cloud or VDI.

The second approach is to no longer use the physical connection to the server as the demarcation zone. This approach falls more in line with the thought processes behind Role Based Access Control. By taking this approach, you extend ownership and management of a technology from end to end. In the case of an ESXi environment running on a blade chassis w/ Cisco B22HP FEX devices, and using the Cisco 1000v Virtual Switch, you grant access and ownership to the network team to be responsible for the networking from the core down to the 1000v. This allows not only insight to what is being done down to a port level in a virtual environment, but it allows for standardization of the network technologies and places the management of that technology in the SMEs in an organization. It also allows for end to end impact analysis of a change anywhere in the network environment.

While both approaches have their merits, choosing the one that works best will be dependent on your organization. The first method will require a shift in the general thinking, and any major organization change like that takes time to step through. However, I do feel it’s the better approach, especially for managing future technologies such as vBlock and Cloud. However, given the challenges around the changes required to get to this model, it may not be easily executable. The second model will be simpler to adapt to, and still accomplish a major goal. However it will still have all the flaws of a silo’ed approach and may prevent the collaborative thinking that designing and managing a service such as virtualization can benefit from. At the end of the day, communication is key when working with a technology like virtualization, and I feel that it isn’t up to the standard that it should be in most enterprises. Either by following the recommendations here, or creating your own that works best for your organization, as long as some change is occurring, then I believe the mission is accomplished, because continuing to have the mindset of the ‘IT Organization’ from 10 years ago is nothing but a recipe for disaster.

Back after a LONG Hiatus

January 23, 2012 Leave a comment

Over the past few months there has been a lot of changes around my job. I have shifted responsibilities and really ramped up my workload. I have been tasked with designing the next generation virtualization stack, as well as designing and implementing the initial phase of virtualization deployment in our new data center that is coming online this year. Needless to say between this work and the increased travel with my new role, the blog here has suffered neglect. That said, I have made it a New Years Resolution to get back on top of this thing and get the content rolling on a regular basis so be prepared to see some new things coming out shortly. I may even throw in a site redesign to freshen things up.

I again want to thank everyone who follows this blog. Last year was a good year and this year I plan on improving the content and frequency it is released. I look forward to another exciting year in the virtualization space!

Categories: General

Alive and Well, but Very Busy!

August 25, 2011 Leave a comment

I just wanted to drop a note to let everyone know that I am alive and still working on this blog. This year I’m lucky enough to attend VMworld in Las Vegas. Its been a busy few weeks planning my event schedule, and meetings with vendors and fellow Virtualization Enthusiast. I will do my best to post each night about my daily events. I know things have been quiet around here. I have also been settling into my new role and starting to get involved in some projects, including a complete migration to ESXi on vSphere 4.1U1.

Now that I’m getting settled in, I plan on putting more time back into this blog to continue to share knowledge and the experiences I deal with during my current and future projects. I’ll also be absorbing as much info as I can at VMworld so I can pass on some of the knowledge and all the experiences I have at this amazing event.

Thanks again for your continued support of this endeavor.

Categories: General Tags: , , , ,

VMware Listens! New Licensing Model Released

August 4, 2011 Leave a comment

VMware has made some much-needed modifications to the new licensing model. After reviewing the new licensing layout, I think I’m happy with it. This is what I thought VMware was originally moving to with the announcement of vRAM based licensing before the first set of numbers came out.

The changes VMware has made include the following:

  • Increased vRAM entitlement for all vSphere editions
  • Capped the amount of vRAM that is counted for one VM
  • Adjusted model to not penalize for short-term spikes and use averages to determine true-up vRAM entitlement.

Lets touch on each of these big points. The first about the increased vRAM entitlement. VMware has increased the entitlements for ALL versions of vSphere, including doubling the entitlement for Enterprise (64GB) and Enterprise Plus (96GB.) This is huge and was the big gripe for everyone, especially myself given our specific environment. Our new blades were going to require 4 Enterprise Plus licenses per blade with the old model, and now will only require 2, meaning we see no additional cost in licensing. And I think this will apply to most people, where licensing cost will be increased none, or just a little for monster servers. This should please most of the people who were up in arms.

Secondly is the vRAM entitlement cap per VM. This may throw some people off so let me break it down. Let’s say you have a large VM, running 1TB of vRAM on the VM. Well VMware will cap the amount of vRAM it penalizes you for at 96GB, meaning that no matter how much vRAM you use over that 96GB, that VM wont cost you more than 1 Enterprise Plus License. This is also big, because the second biggest concern was how the old vRAM model would impact the virtualization of large workloads.

Lastly, the fact that VMware has changed to an average model for vRAM entitlement in relation to licensing true up is great. VMware will now use an average over 12 months to determine what your vRAM entitlement is for your environment. While the impact on Production environments may be small, Test and Dev environments grow and shrink so dramatically that the old vRAM model would have killed companies over licensing due to spikes. Sure these spikes will still push the average up, but I do think it’s fair that it does impact your cost some. If you use the vRAM, you should have to pay a little more. But I think its much better than the high water mark to determine your entitlement. No need getting dinged on vRAM in a dev environment when you use it for a day or two.

All and all, I think VMware has listened to their customers and responded appropriately. This model still follows the heart of the original change, to move to vRAM entitlement, which I still feel is a great model. However, the original model was flawed and VMware has realized that, and adjusted that model to keep their customers happy, and treat them fairly. I am very happy that VMware has made these changes, and I think the community will respond positively to the new model. Kudos to VMware for listening.

Categories: VMware Tags: , , , ,

VMware’s To Address Licensing SNAFU?

VMware is set to announce their Q2 earnings on July 19, 2011 at 2pm. There are rumblings and rumors going around that VMware will address the licensing concerns of their customers potentially on this call. It’s hard to gauge whether this will happen. Part of me thinks VMware knew the risk and the small uproar their new licensing model would create, and accepted that risk and moved forward. Part of me also thinks EMC had a lot to do with the new licensing model in order to create more revenue and VMware is now second guessing that decision and may change the model. It’s certainly a good opportunity to address the problem on this call. The question is, does VMware see it as a problem?

Thoughts?

Categories: VMware Tags: , , , ,

VMware’s New Licensing Plan: Good to Go or FUBAR?

Since VMware announced their new licensing plans and have thrown some numbers on up their website, the community has gone off the deep end with hatred towards VMware. For those not in the loop, VMware is moving towards licensing based upon CPUs and an allotment of vRAM. Here’s the breakdown:

  • vSphere Standard License: 1CPU and 24GB of vRAM
  • vSphere Enterpise License: 1CPU and 32GB of vRAM
  • vSphere Enterprise Plus License: 1CPU and 48GB of vRAM
So as an example, our current BL460 G7 Blades with 2 Six Core CPUs and 192GB of RAM will now need 4 Enterprise Plus licenses instead of 2 with vSphere 4. Needless to say it’s creating quite a stir and not in a good way. The news sounded pretty good until the numbers came out and that sucked the wind out of my sails. And I’m not the only one. HERE is a link to a VMware Communities Forum post where the users express their concerns in a nice and not so nice way. There are plenty of guys threatening to jump ship and even boycott VMworld.

Let me know how you feel about this (though I’m sure I have a good idea.) Needless to say the prominent bloggers with ties to VMware are keeping mum, not that I blame them. This is a nasty time for VMware right now so hopefully they’ll come through for their existing customers or risk loosing a lot of them over randomly increasing cost, in our case, double per blade.

VMware vSphere 5 + Cloud Infrastructure Suite Announced

July 12, 2011 2 comments

As expected, VMware is announcing vSphere 5 as I type this. But to throw a curve ball, VMware is also announcing a Cloud Infrastructure Suite to help move to the next level of cloud computing. This suite includes vSphere 5, vCenter SRM, vCenter Operations, vShield Security, and finally vCould Director. This touches on all the major aspects of an all-inclusive, self servicing and managing cloud infrastructure. The goal is for a highly automated, low involvement infrastructure environment. Paul used the term “Make Infrastructure Go Away” quite frequently in this keynote. The big goal here is to really help the enterprise reach that ITaaS goal.

The announcement today includes new releases for multiple products. vSphere 5 is a leaps and bounds above vSphere 4 in terms of VM performance. 32 vCPUs, 1TB of memory, <36GBps network throughout and 1,000,000 IOPS. There are also substantial updates to HA and DRS, as well as SRM. One new technology is vSphere Replication to move away from Array based replication, and more towards software based replication over the network. This is a huge thing that allows of different levels of storage and use of vendors. Automated Failback is also being introduced so your load can return to the primary site once the troubles are over. SRM is also being pitched so that you can proactively migrate in the event of planned outages, as well as use for mergers and acquisitions to migrate an existing data center to your new data center.

vCloud Director is getting updated to 1.5. First item is an iPad app for the consumer portal. The portal acts like an App Store for VMs. Linked Clones is now available in vCloud Director. This allows for similar VMs to run off the same disk until they differ enough, creating a separate disk for the machines.

vSphere 5 has Profile Driven Storage and Storage DRS. This allows you to map your multiple storage systems into logical units. Storage DRS now allows you to set reservations and DRS will automatically move it between arrays and datastores to ensure its reservations are being met.

vSphere Storage Appliance 1.0 allows you to present an illusion of shared storage between local disk storage on multiple servers. This is being aimed at SMBs that cannot afford enterprise storage solutions. vSphere w/ Autodeploy is also being announced. Up until now, you had to manual build ESXi host. Autodeploy uses PXE to not only grab the image, but the system configuration as well. vSphere 5 also has Network and Storage I/O Controls. This creates a chance to ensure network and storage I/O requirements for VMs are met and aren’t affected by ‘Noisy Neighbor Syndrom.”

vSphere Edge allows you to create virtual data centers to ensure isolation, but also allows you to create trust between these virtual data centers. VMware is now announcing Sensitive Data Discovery that lets you take Regulations (PCI, etc) and run them against your virtual data centers to ensure you group specific security and compliance requirements together to create less work.

Obviously, VMware has released multiple new features that couldn’t be covered in this event, but will definitely be touched on in other presentations as well as VMworld sessions and announcements. The new products released today include vCloud Director 1.5, vShield 5.0, vCenter SRM 5.0, and vSphere 5.0 in this new Cloud Infrastructure Suite.

The biggest new announcement of the day I think now is licensing. vSphere 5 will now ditch the physical constraints of licensing. There is no Core per Proc or RAM per Host. They are now introducing amount of vRAM pooled across the entire environment as a licensing model. They are getting rid of the levels of licensing they had with vSphere 4. They are going from 6 packages down to five. vSphere Advanced is now collapsed into vSphere Enterprise, meaning existing advanced customers, automatically fall into enterprise now.

Sorry for the dishoveledness of this post, but I wanted to get this news out there. I’ll update it and try to get things in a little better format as the day goes on.