The importance of virtual system management
When I refer to VSM, I am talking about the combination of disciplines required to
Some of the problems that occur when virtualization is deployed without adequate virtual system management include:
- Security and compliance can be compromised as VMs are deployed without controls, software licenses are used up without any contractual checks, systems are configured in ways that open up exposures like Web or FTP servers and dormant virtual system images are unpatched against viruses and exploits.
- Uncontrolled virtual machine deployment, or VM sprawl, can add to incremental costs for additional software licenses, human and IT costs for system administration, storage allocation for the virtual drives and data, management tools, performance measurement, security administration, etc.
- Performance may be affected, and end users may suffer from availability and downtime problems, as new VMs are over-allocated to a limited pool of physical resources (CPU, memory, bandwidth, etc.). Or, worse yet, configuration mistakes fail to connect VMs properly with storage, network, server or desktop resources.
- Effective consolidation ratios may not be achieved as physical servers are allocated to virtual workloads not on the basis of real capacity planning, but instead on an estimated worst case scenario basis. This reduces the cost benefits of virtualization and unnecessarily increases hardware and software costs.
- Productivity of administrators across multiple departments can decrease as the number of VMs they need to manage increases. This reduces their ability to handle day-to-day activities and makes it impossible for them to add value to strategic project work.
Using virtual systems management to improve your infrastructure
Even a single unmanaged VM deployment can have real consequences. For example, an IT Director I talked to earlier this year described a situation where a system administrator accidentally deployed a new VM – with an active Dynamic Host Configuration Protocol (DHCP) server – into their production network, instead of the test network where he intended it to be.
As a result, workstations in the call center started to have networking problems and call center operators were unable to access their networked customer service application. The problem was detected only after users had logged multiple problem reports; and only fixed after a laborious troubleshooting exercise involving multiple IT departments.
One or more virtual systems management controls could have prevented this. For example:
- Change and configuration management tools could have automatically detected the unapproved change to the production network. In response, it could have immediately remedied (or even prevented) the change by reconfiguring the VM, isolating it from the production network or shutting it down entirely (while automatically sending an e-mail to the network administrator and opening a trouble ticket for review).
- Automated provisioning could have ensured that the right network configuration was applied to the new VM even before it was deployed. Using a centralized tool for provisioning could have required a specific template or process with check boxes for test or production use that would have been much harder to ignore.
- Process automation tools could have ensured that only a pre-approved VM build was deployed – checked against standard configuration templates and a list of authorized changes, with any exception leading to a rejected change request and/or manual approval – either of which would have eliminated the human error and short-circuited the rogue VM deployment.
- Asset discovery and inventory management could have quickly detected a new server added into the production network, and even characterized the server as a secondary Windows DHCP server, thus speeding up the problem detection and problem resolution phase. This would not necessarily have prevented the problem, but it certainly would have shortened the problem resolution cycle and reduced its effect.
- Performance and application management tools could have detected the IP address collisions and the dropouts between clients and servers. With synthetic and real transaction monitoring, the problem would have driven flashing red alerts to the help desk even before call center operators started to notice the problems, allowing operations to fix the problem much faster.
This is just one real-world example of the problems that poor management can cause and some examples of how adequate virtual system management could have prevented it. Indeed, the number of problems poor VSM can create and the number of ways good VSM can help are far more than I could possibly list in a short article.
Make no mistake though. Without applying virtual system management protocols to your virtualization deployments, you are setting yourself up for higher costs, lower productivity, reduced performance, increased downtime, higher risk, and many other major problems.
ABOUT THE AUTHOR: Andi Mann is a Research Director with the IT analyst firm ENTERPRISE MANAGEMENT ASSOCIATES® (EMA™). Andi has over 20 years of IT experience in both technical and management roles, working with enterprise systems and software on mainframes, midrange, servers, and desktops. Andi leads the EMA Systems Management research practice, with a personal focus on data center automation and virtualization. For more information, visit the EMA website
This was first published in December 2008