The problem with creating virtual machines (VMs) is that there's no problem. In some ways, it's too easy to create,...
move, copy and track VMs, which poses a problem: As a result, many organizations have discovered that managing VM deployments requires significant planning. One solution is to create a VM library, a collection of IT-approved, certified, ready-to-go templates for new VMs.
Of course, best practice recommendations from an ivory tower are often difficult to implement in the real world. In this tip, I'll focus on creating a VM library and how it can help alleviate some of the pains of virtualization management by using Microsoft's System Center Virtual Machine Manager (SCVMM).
Note: For more information on the Microsoft System Center suite, see my previous tip, Managing with System Center Virtual Machine Manager.
VM deployment: Defining the problem
Many administrators refer to the rapid proliferation of VMs as VM sprawl. The result is an environment that's difficult (if not impossible) to control with no shortage of problems arising from poorly managed VM deployment practices. A greatest hits list includes the following:
- Unauthorized or unnecessary deployments. Virtual machines that are deployed without going through a review process often do not meet production standards. In many cases, users and systems administrators might create a new VM just because it seems like an easy way to meet requirements. However, it's not always the best choice (and it carries a maintenance burden). If a user needs to host a new database or web site, the most efficient course of action is to place it on an existing server or VM.
- Poor consistency. Most virtualization platforms support many different guest operating systems. When you add in operating system and application configuration settings, the environment starts to resemble a flurry of snowflakes rather than the ordered and standardized configuration of most physical machines. Managing heterogeneous environments can be costly, risky and demanding of obscure expertise (who still remembers exactly how to configure the Windows NT 4.0 Option Pack?).
- No ownership or accountability. New VMs that are deployed into a production environment should have reasons for their existence. As with physical machines, administrators should know the purpose of each VM, including the list of users and if and when it should be removed from production.
- Violation of IT standards. Each new syste, whether physical or virtual, represents a calculated risk to the safety of the entire environment. Without adequate IT oversight, production VMs often fail to meet organizations' security and regulatory compliance requirements. The result is an environment with many potential vulnerabilities, most of which are unknown to administrators.
Creating a VM library
Assuming you're sold on the disadvantages of haphazard VM deployments, let's now look at a potential solution. A VM library is a repository of templates that can be used to generate new VMs. Whenever possible, organizations should create new VMs from these templates.
Figure 1 provides an example of some typical types of base VM images that an organization might have in its library.
Figure 1: Examples of VM library image configurations
When designing a VM library, administrators must recognize two competing goals. The first is to limit the number of different virtual machine images that are present in the library. A large number of images require significant administration effort, as guest OSs must be installed and configured. Additionally, the images must be maintained over time to ensure that the latest security updates and patches are applied.
The second goal is to attempt to meet the needs of the vast majority of VM deployments if possible. Ideally, at least 90% of new deployments would be based on images that are stored in the VM library. These images are usually created by knowledgeable systems administrators and receive the IT seal of approval to verify that they are properly configured. One piece of good news is that your users probably won't fight you on the idea of using a VM library: No one wants to spend the time and effort to create new VMs when there's a ready alternative.
Managing a VM library with SCVMM
Now that we have an idea of what we need to do to simplify the deployment process, it's time to look at an example of how it can be accomplished. Perhaps the simplest implementation of a VM library would be a file share that contains folders for each of the available VMs. It would contain their associated virtual hard disk files and configuration files. The problem, however, is that maintaining such a repository manually can be tedious and time-consuming.
Microsoft System Center Virtual Machine Manager allows systems administrators to create and manage templates of their virtual machines. The library can store virtual hard disk files, ISO images of OSs and applications, script files and other data that is commonly required for creating and managing VMs. Figure 2 provides an example of how you can define hardware settings for a new VM template.
You can greatly simplify the deployment process by specifying the guest OS configuration options, including (for Windows systems) an administrator password, product keys, domain membership details and any automated installation options you might want to add.
The product also includes a self-service portal which can allow authorized users to create and manage their own VMs. We're just scratching the surface of SCVMM's capabilities, but the process of getting started with a VM library is, as you can now tell, a fairly easy one.
By creating a VM library that contains the most commonly-used types of virtual images, organizations can increase consistency, reduce risks and improve deployment times. Automated virtualization management products are a great way to implement best practices without overburdening end users or IT staff. These features can help bring both order and convenience to the typical VM deployment-related challenges that many organizations face.
About the author: Anil Desai is a Microsoft MVP and a Microsoft Certified Professional with numerous credentials including MCITP, MCSE, MCSD, and MCDBA. He is the author or coauthor of nearly 20 technical books, including several study guides for Microsoft Certifications.