Archive for March, 2009

VMware releases Cost Per Application Calculator

March 23rd, 2009

On Monday morning 8am EDT, VMware will have released their Cost Per Application Calculator.  The tool was designed to accurately estimate and compare acquisition cost of a virtualization solution.  VMware has labeled this metric Cost Per Application.  Many market analysts, competitors, and potential customers have been focusing on the sheer cost of purchasing VMware licensing and support without performing the time consuming analysis that would reflect VMware’s complete cost effectiveness.  This calculator was designed to address that.  Goals outlined for the calculator included:

  • Simlified yet accurate metric to evaluate upfront costs only
  • Focus on easily quantifiable cost items that can be entered into the calculator, not indirect savings coming from things like improved productivity or operational efficiency
  • Present a cost comparison between VMware and competitor products using cost per application

VMware’s calculation for Cost Per Application is:

  • Virtualization software
    • Licenses for virtualization software

+

  • Hardware
    • Servers
    • Networking
    • Storage
    • Electricity
    • Datacenter space

+

  • VM Guest OS
    • Licenses for virtual machine operating systems

+

  • Management
    • Management software
    • Management servers and other infrastructure cost
    • Database software and servers

÷

  • Number of Apps Virtualized

=

  • $$ Cost Per Application $$

Note, the Cost Per Application Calculator is not meant to be a replacement of VMware’s TCO and ROI Calculator which is always the optimal methodology to evaluate a software invstment with a complete cost/savings analysis.  VMware’s TCO and ROI Calculator accounts for more items such as multi year views, depreciation, and amortization which the Cost Per Application Calculator does not .

Active Directory authentication with VMware ESX

March 21st, 2009

Integrating Microsoft Active Directory authentication in the ESX Service Console used to be somehwhat of a daunting task.  Today, however, the steps have been greatly condensed and I find it a cinch.  It basically boils down to two steps for each ESX host you wish to integrate AD with (which can be scripted I might add):

  1. Create a local user account on the ESX host for each AD user account you would like to authenticate
    • /usr/sbin/useradd yourusername
  2. Execute an authentication configuration command on the ESX host to be integrated with AD
    • /usr/sbin/esxcfg-auth –enablead –addomain yourdomain.com –addc yourdc.yourdomain.com –krb5realm=yourdomain.com –krb5kdc yourdc.yourdomain.com –krb5adminserver yourdc.yourdomain.com –enablekrb5
      • Assuming your AD environment has multiple domain controllers, consider adding redundant –addc yourdc.yourdomain.com parameters to the command line above in case one of your DCs become unavailable on the network

Be sure to repeat the steps above for each ESX host you wish to integrate AD with.  As new VI administrators come and go in your environment you’ll need to repeat step 1 above to add new administrator accounts on each ESX host.  For administrators that have terminated, you’ll need to remove their account (and home directory if it exists) from each ESX host using the console command /usr/sbin/userdel -r username.  -r specifies the removal of the respective home directory if it exists.

For a thorough explanation of the esxcfg-auth command, execute the command man esxcfg-auth in the Service Console.

Warning:  One thing to watch out for would the existance of a root account in AD in which you are not the owner of.  By implementing AD authentication, a root account in AD is going to be granted root level Service Console access on the ESX host!  Take the necessary precautions here.

Storage block size and alignment

March 20th, 2009

Steve Chambers posted version 2 of the Storage block size and alignment document over at the VIOPS (VMware Virtual Infrastructure Operations) site. At seven pages, it is both a short and a GREAT read.

For those not familiar with VMFS and VM guest alignment, I’ll summarize:

VMFS Alignment

  1. Unaligned volumes result in track crossing and additional I/O penalties in the form of latency and throughput which may or may not be noticeable in your environment (it depends)
  2. To verify whether or not your VMFS volumes are aligned, run the fdisk -lu command at the console
  3. VMFS volumes created with the Virtual Infrastructure Client (vSphere Client) are automatically aligned since it automatically align the volume along the 64KB boundary so no need to worry about the sub bullets in #2 above.
  4. NFS datastores are not concerned with VMFS alignment as they are not block VMFS datastores
  5. Alternatively, VMFS volumes can be aligned by following a series of fdisk commands manually which will destroy data on the volume (definitely not preferred)
  6. VMFS block size only determines maximum file size on the VMFS volume. VMFS block size does not play even a remotely significant performance role.  There are a number of expert blog articles which debate this.

VM Guest Alignment

  1. To verify whether or not your VM guest virtual disks are aligned, check the partition offset value
    • Aligned virtual disks will have a partition offset value evenly divisible by 4,096 (ie. 65,536 or 1,048,576 which is a default for Windows Server 2008)
    • Non-aligned virtual disks will have a partition offset value not evenly divisible by 4,096 (ie. 32,256 which is a default for Windows XP and Server 2003)
  2. Due to the destructive nature of the alignment procedures, alignment is always performed before data is placed on the volume
  3. Alignment in Linux guests is performed using an almost identical series of fdisk commands listed in a previous bullet
  4. Alignment in Windows guests is performed using diskpart.exe
  5. Although guest alignment is data destructive, guest alignment can be performed after the guest OS is installed because the document recommends that alignment of the OS partition is unnecessary; only align the data partitions before data is placed on them.  **see update below**

Alignment is most often going to be labor intensive and thus will have diminishing returns. This will especially be true if your environment has already been built and you need to align after the fact. Environments in the planning stages and not yet built will be among the best candidates for alignment right out of the gate. Whatever stage you are at, updating guest VM templates with alignment wouldn’t be a bad idea. Alignment of one image will pay dividends, whether noticeable or not, over and over as that template is deployed throughout the infrastructure.

Update: NetApp released a few scripts that will not only automate the verification and alignment processes at the guest VM OS level, the script will align the guest OS without destroying data. The one exception I ran into was with a Citrix VM that had remapped drives. CTXGINA.DLL got real cranky. The scripts are:

  • mbrscan – Scans the -flat.vmdk file for alignment
  • mbralign – Makes a backup of the .vmdk and creates a newly aligned .vmdk

See also:  NetApp – Storage Nuts & Bolts: mbrscan/mbralign

3-20-2009 1-24-50 PM

Other recommended reading:

Recommendations for Aligning VMFS Partitions

Performance Best Practices for VMware vSphere 4.1

MobilePress caused 55,000+ files in c:\windows\temp

March 19th, 2009

A while after installing the MobilePress 1.0.3 plugin for WordPress, my IIS server locked up.  I rebooted it and all was well.  A while later, it locked up again.  Upon further investigation, I found 55,000+ files in the c:\windows\temp\ folder and new files were popping in there at a rate of a few per minute.

Each of the 55,000 files looked like:

sess_1dq5436rb4m9b399cojhnmitd1

sess_3meinb58v9oqra5ia0869pqig6

sess_5hbicsnrt0hn1qj9lc5q9n7g30

where the prefix of sess_ is common but the rest is random.

Using Sysinternals procmon.exe, I was able to identify right away that the process responsible for creating the files was w3wp.exe which pointed me to IIS.  However, I wasn’t sure why IIS would begin doing this after being stable for a long time.

Searches on the internet said the files were being generated by PHP and indicated new user sessions as visitors hit my blog.  That helped confirm the fact that these were coming from IIS and the blog but still no tell tale reason as to why all of the sudden.

Then I opened up one of the files and it showed:
SESS_MOBILE_BROWSER|s:6:”mobile”;SESS_MOBILE_ACTIVE|b:0;SESS_MOBILE_THEME|s:7:”default”;

That was enough to jog my memory that I had recently installed the MobilePress plugin.

Removing the plugin immediately resolved the issues and the temp files are no longer created.

Hyper9 to release two announcements today

March 18th, 2009

Hyper9 Unveils Eagerly Awaited Flagship Product that Supports the Management of Virtual Infrastructures

While Affordably Priced, Unique Approach Offers Immediate Benefits and Is As Easy To Use as a Consumer Application

Austin, TX (March 18, 2009) – Hyper9, Inc. (www.hyper9.com), the leading provider of solutions that help virtual infrastructure administrators manage their virtualized environments, announced today the general availability of Hyper9, a product that leverages Internet and virtualization management technologies to manage change, configuration and performance issues in a modern, efficient way.

“Today’s VI administrators must navigate a very challenging virtual environment,” said Chris Ostertag, CEO and founder of Hyper9. “Until now, they lacked an efficient way to collect, negotiate and analyze information regarding their virtual server infrastructures. Hyper9 also allows them to customize how they see and manage that information, and as a result work smarter.”

Built for VI administrators by VI administrators, Hyper9 is a simple, yet powerful enterprise-class product that is ideally suited for managing virtual server infrastructures. It enables monitoring, troubleshooting and reporting on virtual infrastructures like nothing else in the marketplace. It accomplishes this without agents, tree views, spreadsheets, or multiple tools.

Among the key product features are:

  • Search: Search across your entire virtual universe, from the hypervisor to inside the guest.
  • Alert & Monitor: Build queries to monitor your environment from inside the guest and across your virtual infrastructure. Set up alerts to track changes and keep on top of problem solving.
  • Compare: Analyze historical data about your virtual machines, such as how they’ve changed over time, with Hyper9 VMDNATM.
  • Report: Slice and dice data, generate performance charts and reports for management and colleagues.
  • Collaborate: Store and manage your searches, lists and reports and invite colleagues into your workspace.

Not surprisingly, the product has earned praise from analysts and beta customers alike.

Gartner Inc. recently included Hyper9 in a report that highlights a handful of innovative technology companies in the “IT operations and virtualization” space. Gartner Analyst Cameron Haight wrote that “Hyper9’s product uses an agentless management approach to gather key data from multiple sources. Current and historical performance information is made available and you can track how virtual machines have changed over time and have alerts issued when configurations have drifted from a standard template.”

Rich Brambley, a leading virtualization expert, blogger (http://vmetc.com/) and an early beta tester of Hyper9, recently described the product on his blog:

“Hyper9 provides some powerful reporting, monitoring, and analysis capabilities. You also have the option to save your searches for reuse again and again. Not only can you use keyword based queries, but there are pre-built criteria for all VI object fields. For example, you can find all VMs based on a version of the VM Tools, whether the CDrom is connected, or the existence of a snapshot.”

“As if that wasn’t enough, Hyper9 also has the ability to compare objects – both for current state analysis and for understanding changes over time. The comparison can take place using the same VM or 2 different VMs. Hyper9 calls this feature VMDNATM, and it’s a great feature for examining configuration history.”

In addition to the Hyper9 product being made available at the web site, the H9Labs Search Plug-in for VI Client is also ready for download. This software was developed by a well known developer in the VMware community, Hyper9’s own Andrew Kutz, who was recently named a vExpert by VMware. H9Labs’ Search Plug-in gives the VMware VI Client 2.5 auto-complete search capability from inside the guest across your virtual infrastructure.

Hyper9 is now ready for administrators to download at www.hyper9.com for a free trial or purchase. Pricing for Hyper9 starts as low as $25 a month. The H9Labs Search Plug-in is now available at http://store.hyper9.com/ as a free download.

About Hyper9

Hyper9 is a privately held company backed by Venrock, Matrix Partners, Silverton Partners and Maples Investments. Based in Austin, Texas, the company was founded in 2007 by enterprise systems management experts and virtualization visionaries. Since then, Hyper9 has collaborated with VI Administrators as well as systems and virtualization management experts to develop a new breed of virtualization management products that leverages Internet technologies like search, collaboration and social networking. The end result is a product that helps administrators discover, organize and make use of information in their virtual environment, yet is as easy to use as a consumer application. For more information about Hyper9, visit www.hyper9.com.

All product and company names are trademarks of their respective companies.

Hyper9 Introduces Alert & Monitoring Applet

Applet Makes It Easier and More Affordable for Administrators to Monitor Virtual Environments from Inside the Guest and Across their Virtual Infrastructure

Austin, TX (March 19, 2009) – Hyper9, Inc. (www.hyper9.com), the leading provider of solutions that help virtualization infrastructure administrators manage their environment, introduced today the H9Labs Alert & Monitoring Applet, which makes it easier and more affordable for VI Administrators to solve problems and make better decisions.

The announcement comes on the heels of the company’s launch of its flagship product, which provides administrators with a more holistic view of the virtual infrastructure that they manage. Hyper9, affordably priced at $25 a month, is now available for download at www.hyper9.com, while the add-on applet is free to all Hyper9 trial download users and customers, and can be downloaded at: http://store.hyper9.com/product-add-ons.

The applet allows administrators to monitor and set up alerts against any facet/data point in their virtual environment. More specifically, it provides administrators with the ability to:

  • Proactively manage and solve infrastructure challenges;
  • Monitor configurations and issue alerts when configurations drift from a standard template; and
  • Track, monitor and set up alerts for: new virtual machines, VMs missing important Hotfixes, new applications installed, VMotion activity and more.

“This product reflects the wants and desires of VI Administrators, who have told us that they want an alert and monitoring applet that is both customizable and easy to install,” said Chris Ostertag, CEO and founder of Hyper9. “It also demonstrates our commitment to providing VI Administrators with the products and tools that will help them make smarter decisions when it comes to managing their virtual infrastructure.”

That “commitment” is obvious to at least one administrator.

“As an engineer that manages many different aspects of my environment, I spend only about 30 percent of my day in my VI3 environment, and often do not have my Virtual Infrastructure Client running,” said Jase McCarty, vExpert of McCarty Technical Consulting (http://www.jasemccarty.com/). “The H9Labs Monitoring and Alerting Applet fills an important gap for me, when my attention is focused elsewhere. The ability to create custom alerts for hosts and guests using extended attributes, not available from VMware, with a simple query, is simply awesome. I had several alerts configured in just a few minutes.”

About Hyper9

Hyper9 is a privately held company backed by Venrock, Matrix Partners, Silverton Partners and Maples Investments. Based in Austin, Texas, the company was founded in 2007 by enterprise systems management experts and virtualization visionaries. Since then, Hyper9 has collaborated with VI Administrators as well as systems and virtualization management experts to develop a new breed of virtualization management products that leverages Internet technologies like search, collaboration and social networking. The end result is a product that helps administrators discover, organize and make use of information in their virtual environment, yet is as easy to use as a consumer application. For more information about Hyper9, visit www.hyper9.com.

All product and company names are trademarks of their respective companies.

New blog sponsor – Hyper9!

March 18th, 2009

If you take a look across the starboard side of the blog, you’ll see a new banner for Hyper9. Hyper9 is a startup company in Austin, TX that works in the virtualization infrastructure management space, developing tools that automate the management of virtualization in the datacenter. The current version of their tool “plugs in” to the VMware Virtual Infrastructure Client providing a powerful virtual infrastructure search tool, plus a lot more.

Thank you for your support Hyper9 and welcome aboard!

3-18-2009 12-02-16 PM

DPM best practices. Look before you leap.

March 16th, 2009

It has previously been announced that VMware’s Distributed Power Management (DPM) technology will be fully supported in vSphere. Although today DPM is for experimental purposes only, virtual infrastructure users with VI Enterprise licensing can nonetheless leverage its usefulness of powering down ESX infrastructure during non-peak periods where they see fit.

Before enabling DPM, there are a few precautionary steps I would go through first to test each ESX host in the cluster for DPM compatibility which will help mitigate risk and ensure success. Assuming most, if not all, hosts in the cluster will be identical in hardware make and model, you may choose to perform these tests on only one of the hosts in the cluster. More on testing scope a little further down.

This first step is optional but personally I’d go through the motions anyway. Remove the hosts to be tested individually from the cluster. If the hosts have running VMs, place the host in maintenance mode first to displace the running VMs onto other hosts in the cluster:

3-16-2009 10-31-19 PM

If the step above was skipped or if the host wasn’t in a cluster to begin with, then the first step is to place the clustered host into maintenance mode. The following step would be to manually place the host in Standby Mode. This is going to validate whether or not vCenter can successfully place a host into Standby Mode automatically when DPM is enabled. One problem I’ve run into is the inability to place a host into Standby Mode because the NIC doesn’t support Wake On LAN (WOL) or WOL isn’t enabled on the NIC:

3-16-2009 10-25-53 PM

Assuming the host has successfully been place into Standby Mode, use the host command menu (similar in look to the menu above) to take the host out of Standby Mode. I don’t have the screen shot for that because the particular hosts I’m working with right now aren’t supporting the WOL type that VMware needs.

Once the host has successfully entered and left Standby Mode, the it can be removed from maintenance mode and added back into the cluster. Now would not be a bad time to take a look around some of the key areas such as networking and storage to make sure those subsystems are functioning properly and they are able to “see” their respective switches, VLANs, LUNs, etc. Add some VMs to the host and power them on. Again, perform some cursory validation to ensure the VMs have network connectivity, storage, and the correct consumption of CPU and memory.

My point in all of this is that ESX has been brought back from a deep slumber. A twelve point health inspection is the least amount of effort we can put forth on the front side to assure ourselves that, once automated, DPM will not bite us down the road. The steps I’m recommending have more to do with DPM compatibility with the different types of server and NIC hardware, than they have to do with VMware’s DPM technology in and of itself. That said, at a minimum I’d recommend these preliminary checks on each of the different hardware types in the datacenter. On the other end of the spectrum if you are very cautious, you may choose to run through these steps for each and every host that will participate in a DPM enabled cluster.

After all the ESX hosts have been “Standby Mode verified”, the cluster settings can be configured to enable DPM. Similar to DRS, DPM can be enabled in a manual mode where it will make suggestions but it won’t act on them without your approval, or it can be set for fully automatic, dynamically making and acting on its own decisions:

3-16-2009 10-24-33 PM

DPM is an interesting technology but I’ve always felt in the back of my mind it conflicts with capacity planning (including the accounting for N+1 or N+2, etc.) and the ubiquitous virtualization goal of maximizing the use of server infrastructure. In a perfect world, we’ll always be teetering on our own perfect threshold of “just enough infrastructure” and “not too much infrastructure”. Having infrastructure in excess of what what would violate availability constraints and admission control is where DPM fits in. That said, if you have a use for DPM, in theory, you have excess infrastructure. Why? I can think of several compelling reasons why this might happen, but again in that perfect world, none could excuse the capital virtualization sin of excess hardware not being utilized to its fullest potential (let alone, powered off and doing nothing). In a perfect world, we always have just enough hardware to meet cyclical workload peaks but not too much during the valleys. In a perfect world, virtual server requests come planned so well in advance that any new infrastructure needed is added the day the VM is spun up to maintain that perfect balance. In a perfect world, we don’t purchase larger blocks or cells of infrastructure than what we actually need because there are no such things as lead times for channel delivery, change management, and installation that we need to account for.

If you don’t live in a perfect world (like me), DPM offers those of us with an excess of infrastructure and excuses an environment friendly and responsible alternative to at least cut the consumption of electricity and cooling while maintaining capacity on demand if and when needed. Options and flexibility through innovation is good. That is why I choose VMware.