• SALES EXECUTIVE
• Solutions Architect
• IT Manager / Systems Administrator
• BUSINESS SUPPORT OFFICER
• Head of Business Intelligence -...

Server virtualisation: Doing more with less

Leon Erlanger, Information Age

15/02/2007 13:51:30

Virtualisation has gone mainstream. According to The Yankee Group's 2006 Global Server Virtualisation Survey of 750 businesses, 62 per cent of respondents said they already had a virtualisation solution in place or were in the process of migrating to one. Only 4 per cent did not have plans to tap server virtualisation.

Given the technology's upside, it's easy to see why. Server virtualisation divides a physical server into multiple virtual machines, each of which can run its own isolated operating environment and applications. That means less hardware, reduced power and cooling costs, and extended datacentre life. The ability to provision a new server simply by loading a virtualised image onto existing hardware not only saves IT management budget, it makes the business more agile.

Make no mistake; commodity server virtualisation is a relatively young technology. The market offers multiple solutions but few standards. Consensus among customers is that it works as advertised and is not difficult to implement, but efficient management and migration remain ongoing challenges. Nor is virtualisation appropriate for every application.

Applications that hog I/O and memory resources, such as large database deployments and Microsoft Exchange, often are not good candidates for sharing server hardware with other applications, even in a virtual environment.

Customers that have taken the plunge are typically in the early phases of virtualised infrastructure: After initial testing, applications are virtualised gradually as servers are retired, applications are upgraded, or IT moves toward a service-delivery model. Despite a cautious start, however, the common theme among these customers is great enthusiasm for the genuine benefits virtualisation can bring.

A lot less hardware One of the key incentives driving the market for virtualisation is a desire to reduce costs associated with server hardware, both for limiting new purchases and reducing the total portfolio of equipment in the datacentre. For Capital One, a diversified global financial services company, virtualisation provides a key component of a three-year IT consolidation strategy and transformation to an on-demand service delivery organisation. This transformation is well into its second year.

"In the past, our businesses owned their server hardware and applications and had them configured to their individual specific requirements," says Lee Congdon, managing vice president of corporate technology at Capital One. "The result was that we ended up with everything, including Unisys, Tandems, Suns and AS/400s, you name it. On the software side, we were running Novell NetWare, old versions of [Windows] NT, and Windows 2000."

To tame this unwieldy environment, Capital One began using VMware ESX Server to pack multiple server environments on fewer, more powerful physical servers. Rather than dedicating servers to individual business units, business users are increasingly assigned smaller shares of more powerful processors.

"We currently have about 150 server instances running on 17 physical servers," Congdon says. And rather than giving each business its own applications, Capital One has consolidated to five IT-approved platforms. The business units simply buy services, such as knowledge or content management, and often don't even know what platform they're using.

Similarly, Citrix is in the early stages of consolidating 15 racks of 200 out-of-warranty servers to just two racks, or a total of 10 HP ProLiant DL585 four-way, dual-core Opteron servers, using Microsoft Virtual Server 2005 R2. "We'll be saving $US9000 per month in power costs and huge amounts in network port and cabling costs," says Dimitri Mundarain, Citrix's manager of datacentre operations.

Why Microsoft? "VMware's ESX Server is more technically advanced and has a better management console but would be much more expensive in licensing and training costs. Our datacentre runs on Windows, and we like the fact that MS Virtual Server uses the same type of interface."

For other organisations, virtualisation is essential to extending the life of datacentres that are close to capacity. "We were running out of air- and power-conditioning capacity, which doesn't scale and is very expensive to replace," says Neal Tisdale, vice president of software development at NewEnergy Associates, a software and energy consulting company.

NewEnergy used a combination of VMware GSX Server and Solaris Containers to consolidate its server hardware. The datacentre now runs 19 degrees cooler with no cooling upgrade, Tisdale says; and if the power fails, its batteries can keep it up for days, rather than hours, thanks to the reduced server power load.

Tisdale agrees that VMware is feature-rich but says NewEnergy didn't need many of its features. "We didn't want to drive up cost and complexity by throwing in a lot of enhancements like load balancing and VMotion," he says. "We just wanted to get the heat savings quickly and easily."

Packing them in Hand in hand with hardware consolidation comes increased utilisation of current server resources. Before virtualisation, IT departments tended to limit each physical server to a single application and operating environment, as multiple applications tended to conflict with one another. The result was often server sprawl and inefficient use of server resources. Congdon says running multiple virtual operating environments on each server has increased server utilisation at Capital One from an average of 30 per cent to as much as 80 per cent.

After monitoring his VMware environment for two weeks, NewEnergy's Tisdale actually found that he could pack many more virtual servers onto a physical server than he originally thought -- in the high teens and low twenties, rather than seven or nine. "Users generally overestimate how much they're using a server, and the software vendors are conservative in estimating the memory needs of their applications," he says.

Virtualisation consumes its own server resources, of course, which can take its toll on application performance, but users point out that the overhead is offset by running applications on more powerful servers and taking advantage of VM portability. Congdon says general response times have improved now that his applications are sharing much more powerful server hardware.

When application performance declines due to an overburdened server, Next Financial, a securities broker/dealer, simply moves the virtual application environment to a less busy server. "You just shut down the virtual machine, move its disk on the SAN from one LUN to another on the SAN, reattach it on the new host, configure the VM, and launch," says CTO Ismael Carlo. (The company isn't using VMware's VMotion management product, which can actually move VMs around on the fly without any downtime.)

Another side benefit of virtualisation is reduced network utilisation. "If two of those servers on the same box talk to each other a lot, you're actually offloading network traffic," says NewEnergy's Tisdale, who claims that the performance gains from more powerful servers and virtual network connections overshadow VMware GSX Server's overhead of 7 percent to 10 percent.

Provisioning a mixed bag Managing a virtual environment is a two-sided picture. On the plus side, the ability to quickly provision new servers simply by loading virtual images onto existing hardware produces tremendous savings in IT staff time and resources, not to mention improved business agility.

For example, Mornay Van Der Walt, vice president and systems architect at Ixis Capital Markets, a global financial services company, estimates that virtualisation has reduced the time it takes to provision a new server to as little as five hours in the virtual world, from as long as 17 days for procuring and building a new server in the physical world. Labour costs associated with provisioning have therefore dropped 80 per cent.

Management savings can also come from upgrading to more capable servers. For example, NewEnergy's Tisdale claims there were significant administrative cost savings from upgrading to higher-end servers with advanced lights-out management tools. And, of course, virtualisation reduces the number of physical servers to monitor. Migrating existing applications and data from the physical to the virtual world is more of a mixed story, however.

Capital One's Congdon used VMware's P2VAssistant tools and found them to be sufficient. "There were very few technical migration issues," he says, "though there were a few cases, particularly when we wanted a really clean installation, in which we ended up building the server instance and reinstalling the applications manually."

Lukas Loesche, director of IT operations at German mobile content provider Arvato Mobile, had an even better experience with SWsoft's Virtuozzo. "Virtuozzo 3.0 has a [physical-to-virtual] migration wizard that is absolutely flawless," he says.

Other users, particularly those performing large-scale migrations, may find the initial provisioning phase challenging. One option is to turn to third-party migration tools, such as those from PlateSpin and LeoStream, which can automate large numbers of physical-to-virtual migrations over the network from a single console.

Tisdale found PlateSpin's automation tools to be a real time-saver, but Citrix's Mundarain found that they did not work well for every application, and that even with these advanced tools there were situations in which he had to resort to rebuilding the operating system and applications from scratch.

"Migration is definitely not a science by any means," Mundarain says.

Management hurdles Other issues arise when managing the virtual infrastructure itself. The management tools offered by the vendors tend to be works in progress. For example, Ixis' Van Der Walt has found managing remote servers with VMware's Virtual Center management platform to be problematic. "VMware is good at managing local infrastructure, but you usually have to have a VirtualCenter Server at each datacentre. I'd like to be able to manage the whole infrastructure with one server," he says.

Computer Sciences Corp. (CSC) also found that backing up virtualised physical servers to tape had its challenges. "It came down to whether we should use traditional backup for each virtual server or use VMware's tools to do the backup and back up virtual machines as files," says John Macioci, partner and deputy CIO of CSC.

The company found VMware's tools to be overly complex and decided to settle on traditional backup solutions from Veritas, treating each virtual machine as an individual server. (Arvato's Loesche, on the other hand, has high praise for Virtuozzo's backup tools.)

And even when the physical server load is reduced, you still have all those virtual servers to monitor and patch. This is where host-based virtualisation platforms, such as Solaris Containers or Virtuozzo, have advantages. "Since all the VM file systems are accessible from the hardware node, you can update them all with one small script," Loesche says. The drawbacks, compared with hardware emulation systems such as VMware's ESX Server and Microsoft's Virtual Server 2005, are that you can't mix different operating systems on one hardware node, and if a bug crashes the kernel, the entire server crashes.

In fact, hardware failure is a big issue with virtualisation, as a single failed physical server can bring down all the resident virtual servers. The threat can be offset, however, by the ability to move a virtual machine to new server hardware quickly if you can detect imminent failures before they happen.

"You may see some performance degradation, but at least you can keep the processes running," Congdon says. "Then you can add hardware back to the pool seamlessly without having to take all those applications down while you configure the new systems."

Less obvious benefits Aside from simple datacentre consolidation, virtualisation can have a multitude of other benefits. For example, CSC uses VMware ESX Server and Solaris Containers to store and run multiple customer demonstration environments on a single physical server. "We store several versions of our ERP suites and have five or six instances of each for different client situations," CSC's Macioci says. "We simply turn them on and off when we need them and can run 15 to 20 different demo environments concurrently."

Next Financial has made advanced business continuity affordable by replicating 11 physical servers at its primary site to three physical servers with 11 virtual machines at a collocation facility. Leftover processing power is used as a primary Web server and application server farm for sales force field applications. "It would have been very expensive to have a bunch of duplicate servers sitting there doing nothing most of the time," Carlo says.

Arvato Mobile uses Virtuozzo to isolate multiple development environments on its servers, to prevent any one project from accidentally overwriting the files of the others. "We can also create a quick virtual backup so that if something goes wrong, it's easy to roll back," Arvato's Loesche says.

And NewEnergy uses Solaris Containers to isolate and run hundreds of simultaneous Monte Carlo simulations across its Sun N1 Grid of Sun Fire X4100s with minimal need for software changes.

There's little doubt that server virtualisation is poised for a promising future in the datacentre. The technology works, the benefits are real, and the savings in server hardware and provisioning costs can be dramatic. For server virtualisation to really take off, however, migration and management tools will have to mature. In particular, remote management needs to be improved, and virtualisation standards need to be developed that will allow different virtual platforms to be managed together across the network.

VMware has been working with AMD, Intel and other hardware and software vendors to eventually deliver open standards, but the effort will no doubt take time. Nonetheless, for targeted implementations aimed at solving specific business or IT issues, server virtualisation makes a lot of sense today.

[sidebar] Desktop virtualisation: making PCs manageable

Managing PCs has always been painful, but the job has become considerably nastier thanks to an endless parade of application upgrades, operating system patches and anti-threat updates. Even with network-based installation and patch management tools to ease the burden, IT spends far too much time at the desktop itself, dealing with shenanigans involving personal software, multiple versions of Java or ActiveX controls, driver or DLL conflicts, malware infections, misconfigured hardware, and more.

The promise of desktop virtualisation technology is to centralise applications at the datacentre to make them easier to manage and provision -- stretching hardware resources and keeping nagging software conflicts to a minimum in the bargain. In some cases, the same technology helps accomplish all three, bringing greater control and flexibility to IT without users mourning the loss of "their" beloved desktops.

At first blush, desktop virtualisation sounds a lot like terminal services such as those provided by Citrix Systems, where servers run the applications and give users remote access. All the user's terminal or PC does is present the updated screen display and permit input via keyboard and mouse.

Desktop virtualisation, on the other hand, is a new way of delivering the individual PC environment that white-collar workers demand and love. In essence, servers host an entire desktop environment specific to each user.

The early versions of desktop virtualisation were blade servers such as those offered by ClearCube Technology and IBM that simply moved the processing guts of a PC to the datacentre and left the input and display at the user's desk. But the latest versions use the PC at the user's desk for much of the processing. Dubbed "desktop streaming", this approach retains the benefits of central management without throwing away the desktop's power. The needed code is streamed to disk and memory cache for just that session, ensuring that there's nothing for the user to mess up or alter.

A few providers go beyond desktop streaming to application streaming, where IT can send out the runtime cache for individual apps as needed. This reduces the number of unique user images to maintain and provides better insight into which application licences are really needed.

Building a better thin client The greatest benefit of desktop virtualisation is the ability to provision PCs and other client devices with software from a central location. IT can manage a large number of enterprise clients from the datacentre, rather than at each user's desk, reducing on-site support and increasing control of application and patch management.

At its simplest, virtualisation on the application server side reduces hardware costs by letting one server provision multiple desktop clients, rather than having one server per desktop client, says John Humphreys, an IDC analyst. And virtualisation also adds the ability to move desktop environments and hosted applications as needed for load-balancing or fail-over. To make existing terminal services and blade systems work with virtual machines, established providers such as Citrix and ClearCube have developed broker technology to let IT manage the mapping to virtual resources.

Citrix, ClearCube, and Wyse Technology now support the use of VMware and Microsoft virtual machines on blades and other application servers. VMware also offers VDI (Virtual Desktop Infrastructure software), which makes server-hosted virtual machines accessible to users through the RDP (Remote Desktop Protocol).

Bell Canada uses VDI to provision desktops to call-centre users, letting them work in other locations or even at home without burdening IT support, notes Martin Quigley, senior solutions adviser for adaptive infrastructure at Bell Systems & Technology, which manages Bell Canada's call centres. "RDP is quite thin," he notes, so it does not burden the network. But Quigley looks forward to the next release of VMware's underlying ESX technology, which will support load balancing across servers, making it easier to maintain performance levels as user demands change. (Currently, this is a manual process.)

At Duncan Regional Hospital, the number of desktops more than doubled to about 500 in the past two years. Rather than lobby for money to hire more desktop support techs, CIO Roger Neal decided to deploy ClearCube thin clients and keep the physical management in a central location -- and get more from his existing staff.

When ClearCube began supporting VMware virtual machines in 2006, Neal began reconfiguring his blade servers to run three virtual machines per blade, so he wouldn't need more blades as the demand for desktops increased. He also saw desktop support calls drop by 40 percent, which he attributes to centralised PC management.

Streaming to the desktop Virtualisation at the application host server can make thin clients more efficient to deploy, but many organisations are wedded to having real PCs at users' disposal despite the support costs. Desktop streaming is emerging as one of the most efficient ways to support this model without incurring the usual bloated desktop support costs.

A growing number of vendors -- including Ardence, Propero, Stream Theory and Wyse -- offer desktop streaming software that provisions the entire desktop environment from a server to a desktop PC (or thin client).

Altiris, AppStream, and Microsoft (through its recent acquisition of Softricity) have pushed the concept to the next level, streaming applications rather then a complete desktop environment. This allows greater flexibility in what is provisioned, because IT can create a basic operating system image and then individual images for each application, and combine them as needed on the fly. You don't need a separate desktop image for each combination of applications.

With both desktop and application streaming, the provisioned operating system and applications use the client's local resources, without the overhead of permanent installation on the client. For example, financial services firm Russell Investments Group saw application deployment shrink from four weeks to 1.5 weeks after it began using Microsoft's SoftGrid, says Greg Nelson, an IT analyst at the company.

Typically, a set of stub services is transferred to the local cache at connection time, and other resources are streamed as needed. "When you run an application, you need only 15 to 20 percent to start using it, so it can be network-delivered," says David Grescher, director of marketing for SoftGrid at Microsoft.

Streaming does delay initial application access, acknowledges Bill Washburn, operations analyst at California State University at San Marcos, which uses Altiris' technology. "But once the application is installed, people say it's the best they've ever seen it run," he says.

Russell Investments' Nelson says that although desktop and application streaming should theoretically use more network resources than terminal services do, that's not always the case. For example, printing and working with large files can swamp the network in a traditional terminal services architecture. Desktop and application streaming can avoid that by using local printers and local storage.

Simplifying management One big advantage of streaming is that IT has fewer images to maintain. That benefit applies in spades to application streaming products from Altiris and Microsoft.

For example, CSU's Washburn says that Altiris' Software Virtualisation Solution solves a long-standing annoyance with SPSS's statistical software. Each year, a new license key is issued and must be updated at every user's desktop. But with Altiris' software, Washburn simply updates the server copy, which is provisioned to users automatically when they call the application.

Although the technologies from Ardence, Propero, Stream Theory, and Wyse centralise applications and data, they also let users store data locally as well (a PC's C drive is remapped to become its D drive when their software runs). Moreover, because Altiris' and Microsoft's application streaming tools let you set up applications in their own virtual layer or session, IT can avoid the regression testing across the whole application set whenever a program is modified or added, says Russell Investments' Nelson.

With the solutions offered by Altiris, AppStream, and Microsoft, the client PC can have its own operating system and applications installed, while the server pushes centrally provisioned applications into local desktop caches. In this fashion, IT can distribute resources selectively. For example, Russell's Nelson installs Windows along with applications that act as extensions to the operating system (such as Adobe Acrobat Reader, Apple QuickTime, and Java) on local PCs -- plus Microsoft Office and a few other frequently used applications -- on local PCs. Then he uses SoftGrid to provision other applications as streams.

This selective approach can also help balance performance, notes CSU's Washburn. Were Washburn to deliver everything as streams, it would take client PCs five minutes or more to boot up -- a nonstarter. So he installs core applications on the PCs the old-fashioned way, using Altiris' remote deployment tools, and provisions less frequently used programs via application streaming.

Yet another variation is to combine application streaming with terminal services. At Alamance Regional Medical Center, senior network administrator Andy Gerringer uses both Citrix and SoftGrid to provision desktops. Citrix is used in the usual manner to deliver server-based applications as individual sessions. But Alamance also uses Citrix to provide access to a SoftGrid desktop environment for terminal users. Essentially, the Citrix session runs the SoftGrid virtual machine. "SoftGrid and Citrix complement each other very well," Gerringer says.

Conflict resolution for applications Application streaming comes with a significant side benefit: eliminating application conflicts. The application streaming tools from AppStream, Altiris, and Microsoft separate application-specific support files such as DLLs and libraries from the underlying operating system. Altiris separates just the support files, keeping the applications with the operating system, whereas AppStream and Microsoft keep each app and its support files together in one virtual layer or package.

These programs manage the communication among the layers and the underlying operating environment, so both Windows and its users think they are working on a single environment. By separating each application into its own virtual layer (or package, as some call it), these products prevent software conflicts common with homegrown software and some commercial applications. And user-installed applications can't conflict with IT-provisioned applications in the virtual layers, says Microsoft's Grescher.

For example, before adopting SoftGrid, recalls Alamance's Gerringer, the medical centre had to maintain separate servers for ill-behaved apps, forcing users to switch among multiple systems from their terminals. "By summer 2005, the problem got too big to manage any more the old way," Gerringer says.

The problem? Different versions of Java used by various specialty health care apps prevented simultaneous usage, as did the embedding of different versions of the Crystal Reports reporting tool in other applications. (If Crystal Reports 4 is running, Crystal 5 cannot run, for example.)

Now that Alamance uses SoftGrid, users get a unified desktop environment, with the ill-behaved apps corralled so they can no longer cause trouble.

The new reality of virtualisation Desktop and application streaming require IT to think differently about tasks that they've done for years, notes Neal of Duncan Regional Hospital. "It takes a little more thought in the rollout," he says. For example, his support staff now has to keep an eye on the blades that serve the desktop environments, because a broken fan can cause them to overheat, knocking out multiple users in one blow. His staff also must monitor disk usage for each blade, because 80GB is shared among three users.

Virtualised desktops can be provisioned to specific client hardware, so a particular call-centre terminal always uses the same virtual machine on a specific blade. But they can also be provisioned to specific users, based on user log-in, so the client device running them could be anywhere. That can pose a challenge for setting up access to printers and departmental file servers, depending on how mobile users are, observes Bell's Quigley.

Quigley notes another issue that can puzzle support staff: Users connecting from home may not get their DNS address resolved properly, so IT tends to assign a fixed IP address to get around that issue. But the Windows virtual machines are rebooted each night to deal with memory leaks, and the IP address for that virtual machine might no longer match what is set up in the remote user's home system.

Nonetheless, early adopters all agree that these relatively minor issues are far outweighed by the benefits of central administration of fewer desktop images. As IDC's Humphreys says, "There are some really pragmatic reasons that this is taking off."