Fortisphere CTO John Suit meets with a lot of companies who are trying to get a better grip on managing virtualization. In the field lately, he sees the results of the virtualization downside that IT leaders have been telling us about for months: VMs roll out awfully quickly. This speed is a blessing and a curse, since each VM you create is another one you must track, manage and secure. Unfortunately, it becomes even more complicated to keep track of VM sprawl and related worries when you start playing with more than one vendor’s virtualization technology.
And with Microsoft having released Hyper-V to manufacturing last week and shipping it soon, if at least one person in your IT department isn’t playing with Hyper-V yet, just wait. Someone will be soon.
IT departments need to do more advance planning for managing virtualization technologies from several vendors, Suit says. “I thought it would be a bit more thought out,” Suit says. “There’s been a lot of let’s just try Xen, let’s just try Hyper-V, and then people just jump into using it.”
It’s worth noting, of course, that Fortisphere sells virtualization management tools including Virtual Essentials. This is a look at management and security risks that may arise in a multiple-vendor virtualization environment, not management product advice.
Here are seven steps to consider as you prepare to add virtualization vendors to your mix:
1. Define what cross-platform and cross-OS solutions you need.
For instance, Suit says, are you considering keeping VMware for servers but using some Citrix technology for virtual desktops? Does your shop require Microsoft in certain spots, but perhaps not in as many as was the case in the past? Think about what technology fits where naturally in your virtualized environment, he says.
2. Require your technology management vendors to support at least VMware, Microsoft and Citrix now.
Waiting around for your management tools to support multiple infrastructure vendors can stall internal adoption and increase political controversy among your IT staff, Suit says.
Based on their experiences with VMware, “Customers may expect management features for mobility, portability and lineage to be there today,” for all the platforms, Suit says. But some management tool functionality may not be available for Citix and Microsoft platforms yet. Lean on your vendors to ramp up quickly to work with the big three, he says.
3. Prepare for the virtualization politics.
We’re talking about IT staff politics, here, the problem that IT leaders cited as one of their top three challenges in CIO’s enterprise survey on virtualization. “This always happens; different people are responsible for different pieces,” Suit says. When you start comparing vendors’ technologies, politics are bound to pop up; people may even feel their expertise or jobs are on the line.
“Understand what people are religious about,” Suit says, whether it’s VMware, Microsoft or even storage.
Storage is becoming more of a hot-button issue for IT departments as vendors encourage customers to let storage products carry more of the responsibility for VM cloning and VM migration tasks.
4. Plan for peer-to-peer workload migrations across multiple infrastructure vendors.
You will need to “promote” and “demote” virtual machines created using different vendors’ technologies, Suit points out. In other words, you will need to move VMs around based on whether they need to make use of more expensive, high-availability physical server resources, for example.
Another example: Microsoft’s virtualization-related disaster recovery capabilities (at least for now) are not as strong as VMware’s, so you may be creating some VMs in Microsoft Hyper-V then moving them to VMware.
5. Prepare to keep close tabs on configuration drift between dependent peers.
If you are distributing VMs across VMware, Microsoft and Citrix platforms, you need to understand how VMs that are dependent on each other are affected in a heterogeneous environment, Suit says. “You want to keep close tabs on the VMs so they stay in sync,” he says. One VM can affect another’s performance and security.
When configurations between VMs vary, you can get into situations where developers have access to too much data, breaking security best practices. “This is happening a lot,” Suit says.
6. Manage your VM lineage.
Where did a particular VM come from? That question can get even trickier to answer in a mixed vendor environment. Consider a master template on VMware that has clones of itself on Xen and Hyper-V, Suit advises. As you patch software and make other changes to the master VM, keep your templates updated.
Why is VM lineage important? In a regulated industry such as financial services, a clone of a VM may have a compliance profile to which it needs to adhere. In a mixed vendor environment, the differing hypervisors can affect that compliance profile, Suit says. For instance, ports and API settings can change a compliance profile. “VMware is trying to address this with Tripwire,” Suit adds. (VMware recently acquired Tripwire; the two have already teamed up on a free configuration checker tool.)
7. Take advantage of the OVF specification to standardize VMs.
“It will be very convenient with Open Virtualization Format (OVF) to move the VMs,” Suit says. Open virtualization format, an open industry specification in development now, is designed to support movement of a VM between platforms.
This will allow easier VM migration as well as performance comparison testing in your mixed hypervisor environment, Suit says. The OVF spec will help you try out all three platforms at once in a testing environment if you like.