There’s more to virtualization than just virtualization
As server virtualization becomes more popular, IT professionals are quickly realizing that migrating some of their company’s resources to a virtualized infrastructure is only part of the challenge. After virtualizing the resources, you have to manage them—and handling virtualized servers isn’t the same as administering physical servers. A physical host server and perhaps a host OS add an extra layer or two of software between virtual machines (VMs) and the real world. You can create, alter, and remove VMs with a speed and flexibility that’s unheard of compared with what you can do with physical servers, but traditional toolsets don’t have the facilities to handle this added coating of complexity.
Microsoft created System Center Virtual Machine Manager (SCVMM), which is a component of the company’s suite of System Center products, to manage a virtual infrastructure; SCVMM 2008 improves on the original version. SCVMM was designed to integrate into System Center Operations Manager (SCOM) 2007 SP1, and if you’re already using SCOM you can take advantage of a significant new feature in SCVMM 2008 to optimize your virtual resources.
If you’ve installed the Hyper-V role on Windows Server 2008 and are already using Hyper-V Manager, you might wonder whether SCVMM 2008 can benefit you. Hyper-V Manager provides a simple interface that lets you control the configuration of VMs, one machine at a time. You can create a VM, start it, change its settings, take snapshots of it, export it, import it, stop it, and delete it. SCVMM does all that and far more.
SCVMM 2008 Features
SCVMM is a solution for all aspects of managing a virtual infrastructure. New features in SCVMM 2008 include Hyper-V integration, Performance and Resource Optimization (PRO) and SCOM integration, VMware ESX Server support, a new delegated administrator role, and cluster support.
Hyper-V integration. One of the most significant new attributes of SCVMM 2008 is Hyper-V integration. Hyper-V is Microsoft’s virtualization technology that uses a hypervisor— a thin layer of software between the hardware and the OS that lets multiple OSs run on a host computer at the same time. Hyper-V features 64-bit architecture and therefore 64-bit VM support, multiprocessor VMs, and virtual switched networking— which is a big step beyond Microsoft Virtual Server 2005. SCVMM 2008 manages all aspects of Hyper-V hosts and VMs.
PRO and SCOM. SCVMM 2008 has a useful feature in its PRO package, which tackles the problem of balancing VM loads across multiple servers. PRO is tightly integrated with SCOM and requires SCOM to function. You must install SCOM agents on all hosts and VMs, and you must also install SCVMM 2008 and PRO management packs. With PRO in place and configured, SCOM will pass alerts on to SCVMM 2008. A PRO “tip” noting the problem and a recommended action appears on the SCVMM console. You can either manually approve the tip so that PRO executes it, or, if you set auto-approve, let PRO take action on its own.
A popular example of a common resource-management challenge is when a VM runs out of resources because a host becomes overloaded. SCOM detects the overload, passes it to SCVMM 2008, and generates a PRO tip indicating that you should move the VM to another host. (PRO functions on Server 2008 failover host clusters only.) You determine the recommended new host by using the Intelligent Placement feature first introduced in the previous version of SCVMM. If you turn on autoapprove, the automation level sets to Critical Only, which means that only PRO tips with a critical severity level are automatically implemented. This setting auto-manages your host cluster in such situations.
PRO’s capabilities also leverage SCVMM 2008’s management of VMware ESX Server. For example, you can define a policy in PRO that triggers a VMotion VM migration. Thanks to its integration with SCOM, however, PRO goes beyond just migrating a heavily used VM to another host. It understands what’s happening with the entire stack on Windows VMs— the host, the VM, and applications running on the VM.
IT pros sometimes lose sight of the fact that ultimately it’s the applications and their health that count rather than the infrastructure. With PRO’s holistic view of the virtual environment, you can define policies and rules that take action on a host (e.g., add more processor capacity to the VM) because the application requires it, not just because the VM shows high utilization.
PRO is also extensible, so Microsoft is working with its hardware and software partners to make PRO’s tips intelligent with regard to the application and hardware configuration. You can get practical information about configuring SCVMM to work with SCOM and then with PRO at blogs.technet .com/m2.
VMware ESX Server support. SCVMM 2008 can now manage VMware ESX servers through its integration with VirtualCenter. What this management means is that SCVMM 2008 can control VirtualCenter’s popular strengths, such as VMotion, as well as apply its own features, such as Intelligent Placement and PRO, to VMware VMs. (Intelligent Placement is a feature available in both SCVMM 2007 and SCVMM 2008 that selects the correct host based on the workload you define for a VM rather than selecting an available host, creating the VM, and hoping it fits.) For example, SCVMM 2008’s ESX management is accomplished through the management of VirtualCenter itself, not the direct administration of the ESX hosts. This is because ESX management APIs are available only through VirtualCenter. Therefore, VirtualCenter Server is a requirement for managing VMware hosts and VMs.
Delegated administration. The delegated administrator is a new role available to manage hosts and VMs in SCVMM 2008. A delegated administrator can perform all the functions of a full administrator but only on a subset of objects. This kind of job is useful for people who need to perform administrative functions on some but not all hosts managed by SCVMM. This role has broader administrative rights than the selfservice user role. You can control the selfservice user role according to what types of functions are allowed on a per-VM basis, whereas the delegated administrator has full rights on a predefined scope of host servers and libraries. For example, you could delegate administration rights to manage hosts and libraries for a particular region.
Continue on Page 2
Cluster support. SCVMM 2008 also adds management support for Server 2008 failover clusters for Hyper-V. As a result, SCVMM 2008 is cluster-aware when adding hosts, letting you discover which clusters are available through Active Directory (AD). With this support you can create highly available VMs that take advantage of PRO on a Server 2008 cluster.
Architecture and Implementations
Architecturally, SCVMM 2008 consists of five main components, plus PowerShell. The first component is the Virtual Machine Manager (VMM) service (vmmservice.exe) itself. Next is a Microsoft SQL Server database (either SQL Server 2005 or the free SQL Server 2005 Express Edition for smaller implementations) that stores configuration information. SQL Server Express comes as part of the SCVMM 2008 installation package. The third component is a library, shared on the network, that contains virtual hard drives, ISO disk images, and stored VMs to be used by SCVMM. An administrator console and a self-service portal round out the picture. In addition to the major pieces, PowerShell is an essential part of the SCVMM server. Furthermore, every host that’s managed by SCVMM must also have a VMM agent installed.
You can assemble all of SCVMM 2008’s components in a variety of ways, but most installations fall into one of three major types: workgroup, corporate, or enterprise. In the workgroup configuration, all components reside on one server. This setup is typical in small-to-midsized businesses (SMBs) and in test labs. The corporate setup, which Figure 1 shows, separates the components on their own servers to increase scalability and fault tolerance. The enterprise configuration that Figure 2 illustrates expands on the corporate configuration by leaving the SCVMM and SQL Server systems centrally located but scattering library and host pairs to different geographical locations.
Like Exchange Server 2007, SCVMM depends on PowerShell to perform its actions. SCVMM is essentially a sophisticated PowerShell script generator. This architecture has its detractors—for example, it’s probably not as fast as making API calls in a lower-level language—but it adds a tremendous amount of flexibility. Every SCVMM action generates and executes a PowerShell script. Every wizard has a PowerShell button on the summary dialog that lets you see (and copy) the script that will be executed. You can modify the script for your own purposes, thus never having to step through the wizard again. A side benefit is that each wizard also teaches you PowerShell through the programmer’s time-honored learning method: modifying someone else’s code.
Yet another benefit to the PowerShellcentered design is SCVMM’s job-oriented approach. Because every action you perform executes a script, the script’s execution is tracked and logged as a job in the VMM console’s Jobs view, as Figure 3 shows. If a job fails, you can re-execute it.
If you’re just starting to work with SCVMM, one of your first tasks is to build up its library, which is a catalog of the resources you use to create your VMs. These resources fall into three categories: file-based resources, templates, and stored VMs. File-based resources are the library’s main resource type, and they include CDROM or DVD images in ISO format that you can attach to build a VM instead of a physical disk, existing Virtual Hard Disks (VHDs) that have been sysprepped to create new instances of themselves, PowerShell scripts, and virtual floppy disks for some OS boot requirements. SCVMM can automatically create a sysprepped library VHD from an existing VM. The second resource type in the library is templates that contain hardware profiles and guest OS profiles. These resources let you develop a standardized set of hardware (memory size, processor type, virtual CDROM or DVD with appropriate ISO disk image attached) and OS configurations (OS version, license key) to quickly create a new VM. The third resource type in the library is complete VMs that you can quickly deploy onto a host server.
Installing SCVMM 2008 is a straightforward process, especially compared with the installation procedure for the 2007 version. In the earlier version, checks for prerequisites occurred throughout the installation. If you were missing a component, you had to back out of the installation process, add the component, and start over. In contrast, the SCVMM 2008 installer makes hardware and software prerequisite checks at the beginning of the installation process. In addition, the new Wizard format lets you see where you are in the process.
SCVMM requires SQL Server, but if you don’t have a large number of machines to manage you can use SQL Server Express, which is included. You also need the Microsoft .NET Framework 3.0 and Windows Automated Installation Kit (WAIK) 1.1, as well as PowerShell, if you’re going to install the Administrator Console on a system other than the VMM system. The VMM server connection uses port 8100, agent connections for hosts and library servers use port 80, and file transfers (e.g., for the creation of VMs from library VHDs) use port 443.
SCVMM 2008 can’t be installed on Server Core. This limitation is understandable because several of SCVMM’s features (e.g., PowerShell, the rich user interface) don’t run on Server Core. However, Server Core includes the most secure implementation of Hyper-V, which means that you can’t run SCVMM on a highly secure Hyper-V host server or cluster. (Note that you can still manage Server Core hosts or clusters.) This short-coming probably isn’t a big deal for large companies that can run all the SCVMM components on separate systems, but it’s an important consideration for SMB implementations.
SCVMM’s Administrator Console uses the System Center Framework user interface, which resembles Microsoft Outlook’s layout, with a scope of what you’re looking at on the left, specifics in the middle, and actions for those specifics on the right, as you can see in Figure 3. The left-hand pane is divided into a treeview on the top and large buttons for the major SCVMM views on the bottom. Those primary SCVMM views are Hosts, Virtual Machines, Library, Jobs, and Administration. The middle pane focuses on the objects that match the view you select in the scope pane. The upper window can contain a list of hosts, VMs, library files, jobs, or administrative options. The lower window contains the properties of the object that’s selected in the upper window. In Figure 3, for example, the lower window displays the progress of the individual steps in the Create virtual machine job selected in the upper window. The right pane—the action pane—shows a list of actions you can perform on the object you’ve selected. It contains all the actions in the right-click context menu for an object, plus general actions you can take at any time.
Whether you’re creating a new VM from Hyper-V or from SCVMM 2008, the first thing you notice is that the mouse doesn’t work in the VM’s console session. For the mouse to work and the console to have full functionality, you need to install Server 2008 Hyper-V’s Integration Services on the VM. (Server 2008’s initial Hyper-V comes with a version of Integration Services already installed, but later versions of Hyper-V have made it incompatible.) You need to control the VM without a mouse to install Integration Services.
If you use Remote Desktop to log on to the VMM console (instead of having the console installed locally on your system), the process is even more cryptic and subtly different from what you’ve done in the past. You might think that removing management on the VM and connecting to the VM via Remote Desktop is a workaround for this problem, but it isn’t. Without the installation of Integration Services, the VM doesn’t have a working network adapter and therefore lacks remote management. However, you can build a sysprepped image with Integration Services preinstalled and then store it in the library as a VHD from which to base new VMs. This way, the mouse functions on the VMs from the start. John Howard, senior program manager on the Hyper-V team, comes to the rescue with his blog post “Controlling Hyper-V VMs in Virtual Machine Connection over TTS/Remote Desktop without a mouse” at blogs.technet.com/jhoward/archive/2008/03/23.aspx, which helps you through mouse-less operation.
Continue on Page 3
Microsoft designed SCVMM and its administrative console to manage hosts and VMs in the same domain, the same forest, or a different forest joined through a forest trust. It’s possible but extremely difficult to use a non–domain-joined console to manage domain-joined resources. John Howard also has blog posts on this topic, but you don’t want to attempt the procedure unless absolutely necessary. If you have VMs to manage in multiple forests, I strongly recommend that you establish forest trusts (rather than external trusts) between the forests.
Modern Virtual Infrastructures
VMs are much easier to provision than real machines, but once they’re in production, they have many of the same lifecycle issues that physical servers have. For instance, you must patch them and back them up. (For information about patching VMs, see the sidebar “Microsoft’s Offline Virtual Machine Servicing Tool.”) SCVMM isn’t a silver bullet for practicing lifecycle management on your production systems. It doesn’t address whether a system should still be up and running, shut down and stored in the SCVMM library, or simply deleted. Your operational practices must cover the server lifecycle issues, regardless of whether the servers are virtual or physical.
SCVMM is currently in public beta; you can register for it at connect.microsoft.com. It is scheduled to be released by the end of 2008.
For all the talk about virtualization, the adoption of it is still low. One of the biggest barriers to a wider acceptance of virtualization is the cost of building a productioncapable virtual infrastructure. IT budgets are so tight that bottom-line costs for a solution are extremely important. With Server 2008, Hyper-V, and SCVMM 2008 and its integration with SCOM, Microsoft has built a compelling case for constructing a modern virtual infrastructure at a reasonable price.