Post on 17-Dec-2015
transcript
800.800.4239 | CDW.com/peoplewhogetit
VMWARE BEST PRACTICES
Evansville VMUG
Daniel Griggs, Field Solutions Architect Virtualization
Servers, Storage & Virtualization Solutions Practice
Fairborn, OH
danigri@cdw.com
22CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
• Capacity Management• Alerts• AV Security• Wrap-Up
AGENDA
33CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
CAPACITY MANAGEMENT & ALERTS
44CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Capacity Management – CPU & RAM
• Best practice is to configure your VM with a single vCPU, install the application and test
• Ensure you aren’t running over 70% CPU and 90% RAM without having N+1 capacity and vMotion available and configured
• If you use Fault Tolerance (FT) you need a minimum of 3 hosts to keep automation flowing
VMWARE BEST PRACTICES
55CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Capacity Management – CPU & RAM
• Don’t try and squeeze as many VMs as possible onto as few physical hosts as possible without a strong capacity management process
• Don’t overuse RAM & CPU Limits (Over-committal)» First, assigning too many resources to an application that
doesn't need them will waste resources and reduce the total number of workloads the system can handle
» Second, over-committing resources may create a situation where the server's performance and stability are compromised, and this threatens all of the workloads on that particular physical host
» Lastly, use performance metrics to determine what resources are needed before setting RAM & CPU Limits- Typically 30 days of modeling is needed
VMWARE BEST PRACTICES
66CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Capacity Management – CPU & RAM
• Scale up or scale out?» eg: MS Exchange 2010 Mailbox role, it may deliver better results
scaling out across a number of 1 or 2 vCPU VM’s, instead of a single large VM with many vCPU’s
» Scaling out not only leverages multiple I/O stacks and kernels to yield improved performance, it can also distribute risk, allow for load balancing and provide fine grained scalability
» When a workload is scaled up, it is important to monitor for the introduction or shifting of bottlenecks eg: increasing CPU and memory may shift the scaling bottleneck to the network or disk I/O
VMWARE BEST PRACTICES
77CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Capacity Management - Storage
• Don’t put your Exchange VM’s in the same LUN as your SQL or Oracle VM’s» This goes for any high transactional VM’s/Applications» Random reads and writes can cause significant performance issues
on your other VM’s
• 20 – 20 – 20» Best Practice says not to put more than 20 VM’s in any one LUN
VMWARE BEST PRACTICES
88CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Capacity Management - Storage
• Even though VMware supports LUN’s up to 2TB’s, does it make sense to always create one? At the same time, don’t make them too small» This can cause just as many problems as creating too large of a
LUN
• Don’t always take the Software Vendors or Application Developers word on storage requirements needed» Over-provisioning can complicate capacity planning because more
resources are assigned than are physically available. This requires an administrator to allocate more physical resources long before the logical resource is filled
VMWARE BEST PRACTICES
99CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Other Things to Consider
• Resource Pools» The big thing with resource pools is if they are used, then every
VM should be in one» Means if you create a single resource pool for a set of VM’s but
then expect to leave the rest in the default RP at the cluster level you should create a 2nd resource pool and place those VM’s in that one instead
» This has to do with how VMware splits the resources and therefore can create a situation where a set of VM’s you think have priority are actually sharing less resources than expected
» Resource pools should NEVER be used to organize virtual machines in the hosts and cluster view. If you want to "categorize" VM’s but not reserve resources for them, do that in the VM/Templates view and use virtual machine folders instead
VMWARE BEST PRACTICES
1010CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Other Things to Consider
• VDI & Core» Capacity» Networking – QoS & VLAN’s
• Reporting» Recommend reviewing the default graphs to establish a
baseline of performance once the environment is stabilized » 2-3 months of Memory and CPU data on the hosts» Trending and prediction analysis of future performance
VMWARE BEST PRACTICES
1111CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Alerts
• #1 – Default Alerts are usually good for 90%
• #2 – Don’t overuse Alerts, it can kill your vCenter and Exchange Servers
• #3 – Create alerts on your most critical systems first» CPU, Memory, Storage Monitoring are critical to alerting you and ensuring
these systems stay healthy
• #4 – Determine how you want Alerts to be handled» We’ve seen Alerts passed to a General email account that was never or
rarely monitored- Which systems require email vs. an SNMP trap vs. just an alarm within vCenter
• #5 – Add alerts for CPU and Memory usage based on the cluster size
VMWARE BEST PRACTICES
1212CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
VIRTUALIZATION SECURITY
1313CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
• Why virtually-aware security for Server and VDI? Increased Server and VDI ROI—Staggering updates and scans, and
eliminating the agents off guest virtual machines reduces resource burden on the host—maximizing performance and increasing VDI consolidation ratios 3x.
Always-on, tamper-proof security—A dedicated security virtual appliance provides up-to-date protection for VMs throughout their lifecycle, including virtual patching.
Compliance and Data Privacy—Enhanced visibility and control with simplified compliance of virtualized environments.
VIRTUALIZATION SECURITY
1414CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
TRADITIONAL AV TO VIRTUALLY-AWARE AGENTLESS AV
Trend Micro integrates with VMware vShield Endpoint and VMware APIs to deliver agentless security for virtual servers and desktops. An agent-based option is also available for virtual desktops running in Hyper-V or Xen-based.
1616CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
VMWARE BEST PRACTICES
Test, Test and Test
Remember, Metrics are important
K.I.S.S. (Yes, Keep It Simple Silly)
1717CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
• Performance Best Practices for VMware vSphere® 4.0 http://www.vmware.com/pdf/Perf_Best_Practices_vSphere4.0.pdf
• VMware ESX Server 2 Best Practices Using VMware Virtual SMP http://www.vmware.com/pdf/vsmp_best_practices.pdf
• vCenter ChargeBack http://www.vmware.com/products/vcenter-chargeback/overview.html
• vCenter CapacityIQ http://www.vmware.com/products/vcenter-capacityiq/
• Operational Readiness http://viops.vmware.com/home/docs/DOC-1447
• Proven Practice: Building your own Virtualization Standard Operating Procedures http://viops.vmware.com/home/docs/DOC-1024
ADDITIONAL ARTICLES
1818CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Unparalleled Server, Storage & Virtualization Expertise• Services
» Over 1,600 virtualization assessments» Over 300 virtualization engagements» Over 1,500 virtualization certifications
• Partnerships and Alliances» VMware National Partner (#2 US)» Citrix National Partner (#1 US)» HP (#1 worldwide)» NetApp (#1 in Commercial Business)» As one of the top 25 partners, CDW serves on the
VMware Technical Advisory Board
WHY CDW FOR VIRTUALIZATION
1919CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Q&A
• For more information, go to www.cdw.com
Visit our Solutions Center for More Information