800.800.4239 | CDW.com/peoplewhogetit

VMWARE BEST PRACTICES

Evansville VMUG

Daniel Griggs, Field Solutions Architect Virtualization

Servers, Storage & Virtualization Solutions Practice

Fairborn, OH

danigri@cdw.com

22CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

• Capacity Management• Alerts• AV Security• Wrap-Up

AGENDA

33CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

CAPACITY MANAGEMENT & ALERTS

44CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Capacity Management – CPU & RAM

• Best practice is to configure your VM with a single vCPU, install the application and test

• Ensure you aren’t running over 70% CPU and 90% RAM without having N+1 capacity and vMotion available and configured

• If you use Fault Tolerance (FT) you need a minimum of 3 hosts to keep automation flowing

VMWARE BEST PRACTICES

55CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Capacity Management – CPU & RAM

• Don’t try and squeeze as many VMs as possible onto as few physical hosts as possible without a strong capacity management process

• Don’t overuse RAM & CPU Limits (Over-committal)» First, assigning too many resources to an application that

doesn't need them will waste resources and reduce the total number of workloads the system can handle

» Second, over-committing resources may create a situation where the server's performance and stability are compromised, and this threatens all of the workloads on that particular physical host

» Lastly, use performance metrics to determine what resources are needed before setting RAM & CPU Limits- Typically 30 days of modeling is needed

VMWARE BEST PRACTICES

66CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Capacity Management – CPU & RAM

• Scale up or scale out?» eg: MS Exchange 2010 Mailbox role, it may deliver better results

scaling out across a number of 1 or 2 vCPU VM’s, instead of a single large VM with many vCPU’s

» Scaling out not only leverages multiple I/O stacks and kernels to yield improved performance, it can also distribute risk, allow for load balancing and provide fine grained scalability

» When a workload is scaled up, it is important to monitor for the introduction or shifting of bottlenecks eg: increasing CPU and memory may shift the scaling bottleneck to the network or disk I/O

VMWARE BEST PRACTICES

77CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Capacity Management - Storage

• Don’t put your Exchange VM’s in the same LUN as your SQL or Oracle VM’s» This goes for any high transactional VM’s/Applications» Random reads and writes can cause significant performance issues

on your other VM’s

• 20 – 20 – 20» Best Practice says not to put more than 20 VM’s in any one LUN

VMWARE BEST PRACTICES

88CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Capacity Management - Storage

• Even though VMware supports LUN’s up to 2TB’s, does it make sense to always create one? At the same time, don’t make them too small» This can cause just as many problems as creating too large of a

LUN

• Don’t always take the Software Vendors or Application Developers word on storage requirements needed» Over-provisioning can complicate capacity planning because more

resources are assigned than are physically available. This requires an administrator to allocate more physical resources long before the logical resource is filled

VMWARE BEST PRACTICES

99CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Other Things to Consider

• Resource Pools» The big thing with resource pools is if they are used, then every

VM should be in one» Means if you create a single resource pool for a set of VM’s but

then expect to leave the rest in the default RP at the cluster level you should create a 2nd resource pool and place those VM’s in that one instead

» This has to do with how VMware splits the resources and therefore can create a situation where a set of VM’s you think have priority are actually sharing less resources than expected

» Resource pools should NEVER be used to organize virtual machines in the hosts and cluster view. If you want to "categorize" VM’s but not reserve resources for them, do that in the VM/Templates view and use virtual machine folders instead

VMWARE BEST PRACTICES

1010CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Other Things to Consider

• VDI & Core» Capacity» Networking – QoS & VLAN’s

• Reporting» Recommend reviewing the default graphs to establish a

baseline of performance once the environment is stabilized » 2-3 months of Memory and CPU data on the hosts» Trending and prediction analysis of future performance

VMWARE BEST PRACTICES

1111CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Alerts

• #1 – Default Alerts are usually good for 90%

• #2 – Don’t overuse Alerts, it can kill your vCenter and Exchange Servers

• #3 – Create alerts on your most critical systems first» CPU, Memory, Storage Monitoring are critical to alerting you and ensuring

these systems stay healthy

• #4 – Determine how you want Alerts to be handled» We’ve seen Alerts passed to a General email account that was never or

rarely monitored- Which systems require email vs. an SNMP trap vs. just an alarm within vCenter

• #5 – Add alerts for CPU and Memory usage based on the cluster size

VMWARE BEST PRACTICES

1212CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

VIRTUALIZATION SECURITY

1313CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

• Why virtually-aware security for Server and VDI? Increased Server and VDI ROI—Staggering updates and scans, and

eliminating the agents off guest virtual machines reduces resource burden on the host—maximizing performance and increasing VDI consolidation ratios 3x.

Always-on, tamper-proof security—A dedicated security virtual appliance provides up-to-date protection for VMs throughout their lifecycle, including virtual patching.

Compliance and Data Privacy—Enhanced visibility and control with simplified compliance of virtualized environments.

VIRTUALIZATION SECURITY

1414CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

TRADITIONAL AV TO VIRTUALLY-AWARE AGENTLESS AV

Trend Micro integrates with VMware vShield Endpoint and VMware APIs to deliver agentless security for virtual servers and desktops. An agent-based option is also available for virtual desktops running in Hyper-V or Xen-based.

1515CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

WRAP-UP

1616CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

VMWARE BEST PRACTICES

Test, Test and Test

Remember, Metrics are important

K.I.S.S. (Yes, Keep It Simple Silly)

1717CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

• Performance Best Practices for VMware vSphere® 4.0 http://www.vmware.com/pdf/Perf_Best_Practices_vSphere4.0.pdf

• VMware ESX Server 2 Best Practices Using VMware Virtual SMP http://www.vmware.com/pdf/vsmp_best_practices.pdf

• vCenter ChargeBack http://www.vmware.com/products/vcenter-chargeback/overview.html

• vCenter CapacityIQ http://www.vmware.com/products/vcenter-capacityiq/

• Operational Readiness http://viops.vmware.com/home/docs/DOC-1447

• Proven Practice: Building your own Virtualization Standard Operating Procedures http://viops.vmware.com/home/docs/DOC-1024

ADDITIONAL ARTICLES

1818CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Unparalleled Server, Storage & Virtualization Expertise• Services

» Over 1,600 virtualization assessments» Over 300 virtualization engagements» Over 1,500 virtualization certifications

• Partnerships and Alliances» VMware National Partner (#2 US)» Citrix National Partner (#1 US)» HP (#1 worldwide)» NetApp (#1 in Commercial Business)» As one of the top 25 partners, CDW serves on the

VMware Technical Advisory Board

WHY CDW FOR VIRTUALIZATION

1919CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.

Q&A

• For more information, go to www.cdw.com

Visit our Solutions Center for More Information