virtu l

DATA CENTER
v
Volume 23

03 Backup Strategies for Virtual Servers

Administrators can mix technologies and tactics for safer,
more efficient virtual server backups. BY STEPHEN J. BIGELOW

10 Building a Private Cloud

IT automation, security and standards are the places to start
when considering a private cloud. BY BILL CLAYBROOK

13 How to Gauge Server Resources

for Endpoint Virtualization
Learn some practical guidelines for determining server requirements
for endpoint virtualization and ideas for managing the load.
BY DANIELLE RUEST AND NELSON RUEST
 Mixing and Matching
Server Backup

T
EDITOR’S
LETTER
7

BACKUP
HE OVERALL NEED for backing workflows and remove human tasks
STRATEGIES up data is about the same like configuring routers or setting up
FOR VIRTUAL
SERVERS
for virtualized servers as it firewall rules. The downside is that
7 is with traditional nonvirtu- you may have to pull together your
alized servers. But there are own slate of management tools
BUILDING A
some big differences: One is that vir- because vendors still don’t have a lot
PRIVATE CLOUD tual infrastructures often have more of products available. Bill Claybrook
7 data to deal with. More applications helps you to weigh your options in
are producing larger data files today, “Building a Private Cloud.”
HOW TO and each virtual machine (VM) is also Now that many organizations
GAUGE SERVER
RESOURCES
a large file that needs to be protected. embrace some form of virtualization,
FOR ENDPOINT Another difference is that server a few are ready for endpoint virtual-
VIRTUALIZATION
virtualization places more demands ization, known as EPV. Although EPV
7 on storage and networks. A majority is not a new idea, the push to improve
of virtual data centers store data cen- endpoint management, enhance secu-
trally in a shared storage resource like rity and support the needs of mobile
a SAN, which has to transfer data to users has placed a renewed emphasis
and from a multitude of VMs. To keep on this technology.
up with all these storage demands, Get some insight on why moving
organizations need to adapt their away from a physical PC per employ-
existing backup strategies to meet ee is a solid value proposition in “How
the unique demands of virtualization. to Gauge Server Resources for End-
Smart backup planning should con- point Virtualization” by Danielle Ruest
sider a variety of storage needs over and Nelson Ruest.
time. Stephen J. Bigelow offers some How’s your move into cloud com-
tips on the best ways to mix and puting? Send an email to ccasatelli@
match backup technologies in “Back- techtarget.com and let me know. ■
up Strategies for Virtual Servers.”
Looking to move into cloud comput- CHRISTINE CASATELLI
ing? A private cloud can automate Editor, Virtual Data Center

2 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 Backup Strategies
for Virtual Servers
ADMINISTRATORS CAN MIX TECHNOLOGIES AND TACTICS FOR SAFER,
MORE EFFICIENT VIRTUAL SERVER BACKUPS. BY STEPHEN J. BIGELOW

EDITOR’S
LETTER
7

V
BACKUP
STRATEGIES
FOR VIRTUAL
SERVERS
7 IRTUALIZATION HAS brought hardware failures, application or oper-
a new focus on manage- ating system failures and human error.
BUILDING A
ment efficiency and the But there are some important differ-
PRIVATE CLOUD effective use of valuable ences in a virtual environment that
7 computing resources. But as will influence an organization’s back-
fewer physical servers host increasing up choices.
HOW TO numbers of virtual machines (VMs), First, virtual infrastructures often
GAUGE SERVER
RESOURCES
IT administrators face a new series of have to contend with more data. More
FOR ENDPOINT data protection and backup chal- applications are certainly producing
VIRTUALIZATION
lenges. Today it’s more than just mak- larger and more plentiful files, but each
7 ing a copy of important data files. VM is itself a large file—such as VM-
Each VM state must also be protected ware .VMDK files—that must also be
and kept readily accessible. protected. Because a VM file is essen-
Each organization must reevaluate tially an image of server memory that
its backup needs within the context of reflects the complete operating state
its virtual infrastructure and then select of a VM at some point in time, VM
the most appropriate technologies to backups usually occur frequently
provide the best data protection. That throughout the course of each day.
may mean adapting traditional back- Backup demands translate to server
up approaches to a virtual environ- computing performance. In traditional
ment, while other cases may warrant nonvirtualized servers, a backup
a shift to other backup paradigms. process normally consumes up to
The need for server backups is fun- 100% of the server’s processing and
damentally the same in a virtualized I/O resources—nothing else was run-
server as it is for traditional nonvirtu- ning on that server anyway. With vir-
alized servers. Backups guard against tual servers, there may be 10, 20 or
data loss caused by factors such as even more VMs all sharing a portion

3 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 of the server’s resources. A backup when backing up in a virtual setting.
process will need to operate effective- Server virtualization also places
ly within the resources allocated to more demands on storage and net-
that respective VM. works. Unlike traditional servers that
If the backup of any single VM use local storage for operating sys-
makes excessive demands on the tems, drivers and applications, most
physical server, the performance of virtual data centers store virtual serv-
other running VMs can be adversely er data centrally in a shared storage
affected. A similar consideration resource like a SAN. This includes
EDITOR’S
LETTER
occurs when VM backups are application data along with the latest
7 restored to a server. Each VM that image of each VM and certain types
comes back online will use a portion of backups. As a result, the SAN must
BACKUP
of the server’s computing resources, perform adequately enough to ex-
STRATEGIES leaving fewer free resources to restore change data among dozens—even
FOR VIRTUAL
SERVERS
subsequent VMs. Thus, restoration hundreds—of VMs.
7 can take longer as more VMs are The network that connects storage
restored. to the physical servers must also sup-
BUILDING A
This delicate balancing act of time port the simultaneous data traffic pro-
PRIVATE CLOUD and performance is often overlooked duced by myriad independent VMs.
7

HOW TO
GAUGE SERVER TAPE AND VIRTUAL SERVER BACKUPS
RESOURCES
FOR ENDPOINT
VIRTUALIZATION
THERE IS NO question that disk-based data protection schemes have largely dis-
7 placed tape-based systems for many backup tasks. But the move to server virtual-
ization raises the issue of its affect on the use of tape technology.
There is a general consensus that tape technology does not provide the speed
and reliability that disk-based storage can offer, but experts agree that tape has a
potential role in virtual data centers. Tape can still serve in long-term data protec-
tion tasks in areas like compliance and archival storage.
In actual practice, tape storage can provide a viable and economical alternative
to disk storage in both traditional and virtualized data centers. Consider an enter-
prise that must archive its long-term data but rarely needs to access that data.
Disk storage can certainly serve those needs, but the cost of disk space, along with
the cost of powering, cooling and maintaining those storage resources could be
prohibitive.
By comparison, disk-based backups—often used in concert with data reduction
technologies—can serve day-to-day backup needs and even short-term archival
storage, but data that “ages out” of disk storage can easily be passed to tape—
lowering costs and freeing that disk space for reuse. ■

4 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 This is one of the reasons that a sepa- example, each VM exists as an inde-
rate high-performance Fibre Channel pendent server, so it’s a simple matter
SAN is deployed for a virtual data to add a tape backup agent to each
center, though IP-based SANs like VM and back up to a tape target.
iSCSI, or even NAS, will work in many Tape is relatively inexpensive, well
situations. understood and supported by many
Increasing volumes of data, heavier different backup tools. In fact, organi-
demands on server computing zations that are new to server virtual-
resources and the changing implica- ization often leverage their existing
EDITOR’S
LETTER
tions of storage and network architec- tape backup approach while research-
7 tures all conspire to complicate long ing methods better suited for virtual
established backup processes. Organ- environments.
BACKUP
izations will now need to adapt their Tape works fine with small or non-
STRATEGIES established backups or shift to alter- critical virtualization deployments,
FOR VIRTUAL
SERVERS
native backup methods. but it’s easy to see that server com-
7 puting resources and network per-
formance can quickly become over-
BUILDING A
UPDATING ESTABLISHED BACKUP whelmed with backup traffic,
PRIVATE CLOUD TECHNIQUES FOR VIRTUAL SERVERS especially if multiple VMs attempt a
7 Virtualization certainly does not backup simultaneously. The main
exclude tape, and organizations that problem here is time.
HOW TO currently use tape-based backups can You must quiesce a VM before a
GAUGE SERVER
RESOURCES
continue to use those products. For backup starts, so it’s unavailable to
FOR ENDPOINT
VIRTUALIZATION
7
SERVER RESILIENCY AND BACKUPS

MISSION-CRITICAL SERVER deployments are implementing high-availability (HA) tech-

nologies to ensure continued server operation in the face of physical server prob-
lems. These technologies usually include clustering servers or operating redundant
virtual machines (VMs) across multiple servers. It may seem that an HA server
deployment may need fewer backups, but this is not the case.
It’s important to note that HA does not directly affect backup strategies or
processes. The principal purpose of HA is to protect the server hardware, but it
offers no benefit to the data those servers operate with. File corruption, virus infil-
tration, storage system issues and even user errors—such as deleting a file or even
an entire VM—can result in data loss that will require backup recovery. Adminis-
trators must implement backups that are appropriate to meet the recovery point
and recovery time objectives of that high-availability deployment. ■

5 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 users during a backup cycle. A backup at manageable levels. Virtualization
cycle can take a great deal longer for a technology can be combined with a
VM because of contention with com- SAN to provide a variety of powerful
puting and network resources. Conse- backup options.
quently, backing up a VM to tradition- The most versatile disk-based data
al tape may result in unacceptably protection technique to appear for vir-
long backup windows. tual servers is the snapshot. A snap-
“Those processes take a lot of net- shot is just what the name implies—a
work bandwidth and storage band- fast point-in-time (PIT) copy of a VM
EDITOR’S
LETTER
width and throughput,” said Ray Luc- file to high-performance storage such
7 chesi, president and founder of as a Fibre Channel SAN. Because a
Silverton Consulting Inc. in Broom- snapshot can be accomplished in
BACKUP
field, Colo. “So when you start loading minutes or less, there is very little
STRATEGIES virtual machines, all doing backups application disruption.
FOR VIRTUAL
SERVERS
within an 8 p.m. to 5 a.m. window, In many cases, users don’t even
7 there can potentially be a problem.” realize a snapshot has taken place.
Unfortunately, there is no practical Snapshots can be full and capture the
BUILDING A
way to alleviate these drawbacks with entire VM, or they can be incremental
PRIVATE CLOUD direct tape backup architectures. The where only changes are collected.
7 most common adaptations used to Once captured to storage, the snap-
improve performance all require the shot can be used in several important
HOW TO inclusion of disk storage. Virtual tape ways. It can be replicated—or mir-
GAUGE SERVER
RESOURCES
library (VTL) technology is one rored—to a remote facility for disaster
FOR ENDPOINT avenue. It passes backup data to disk recovery, it can be cloned to other
VIRTUALIZATION
storage that the backup software has servers, and it can even be copied
7 provisioned to emulate a tape system. to a dedicated backup server that can
The disk storage target can be a SAN move the snapshot to tape—such as
or a NAS storage subsystem, and a VMware Consolidated Backup.
tape drive will typically create a sec- Snapshots do require some man-
ondary copy of the VTL backup. agement. Each snapshot requires
Most organizations that adopt vir- storage space, so storage monitoring
tualization today are embracing a and capacity planning can play a
variety of newer disk-based data pro- greater role when using snapshots.
tection options, relegating tape to It’s likely that you will only choose to
long-term or archival storage roles. store a limited number of snapshots,
so be sure to configure the snapshot
tool to delete snapshots that “age
CONSIDERING NEW VIRTUAL out” and reuse that disk space.
SERVER BACKUP TECHNIQUES It’s also important to flush any data
The main challenge with virtual server buffers so that the exact machine
backups is to minimize the backup state is captured in its entirety. Other-
window while keeping network traffic wise, the machine state may be left

6 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 incoherent or corrupted, which makes though VMs can be migrated on
recovery impossible. demand, they must still be able to
A close cousin of the snapshot is access data, and applications must
continuous data protection (CDP), still know where to find VMs.
which closely tracks and journals any In many cases, data files must also
changes to a data set, such as a virtu- be relocated to accommodate VM
al machine state. Although you can migration. Administrators must con-
take snapshots frequently, CDP is sider how migration interacts with
regarded as up-to-the-moment data snapshot, replication, backup and
EDITOR’S
LETTER
protection best for VMs that are con- other data movement tools.
7 stantly changing. The continuous Here is another wrinkle to consider.
nature of CDP alleviates the need to VMs typically sit on top of a virtual-
BACKUP
flush buffers, but it’s still important ization platform—the hypervisor. This
STRATEGIES to manage storage consumption. means an additional backup is needed
FOR VIRTUAL
SERVERS
The live migration of VMs between to protect the underlying “system
7 physical servers is certainly not a platform,” which normally includes
backup option, but it can affect data an operating system and hypervisor
BUILDING A
protection behavior, and administra- such as VMware ESX, Citrix Xen or
PRIVATE CLOUD tors must account for that. Even Micro-soft Hyper-V.
7

HOW TO
GAUGE SERVER CAPACITY PLANNING AND BACKUPS
RESOURCES
FOR ENDPOINT
VIRTUALIZATION
CAPACITY PLANNING CAN become a factor in backups, though the actual importance
7 of backup capacity planning is a matter of debate. A virtual data center still has to
back up data generated by applications—that hasn’t changed. But what has
changed is the uncertainty caused by a convergence of virtualization and new
backup approaches.
For example, some experts say that each virtual machine and host platform
need backups as well, and it’s easy to see how storage needs can swell with snap-
shots, continuous data protection journals, virtual tape library records and other
backup data that is often copied multiple times across different physical locations.
But other experts note that technologies like data deduplication and incremental
snapshots mitigate storage demands. Most organizations keep only a limited num-
ber of snapshots, and older snapshots that “age out” of storage are typically delet-
ed, and the space is reused.
Ultimately, coherent backup planning should involve some consideration of stor-
age needs over time. Once an administrator knows what storage is available for
backups, how it’s used, how it’s performing and how storage demands are chang-
ing, it’s possible to make informed decisions moving forward. ■

7 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 “Testing for virtual server backups tion technologies for storage sub-
needs to take into consideration both systems. VM files contain a great
restoring the guest [and] restoring deal of empty space and redundant
the entire system,” said Greg Schulz, data. For example, if you run 50 VMs
founder and senior analyst at The across 10 servers, most of those host
Server and StorageIO Group in Still- and guest machines will probably
water, Minn. “That means an extra run the same operating system, which
layer of testing may be required to can be deduplicated, which signifi-
make sure that a guest can be restored cantly reduces the amount of storage
EDITOR’S
LETTER
into a VM, as well as the entire sys- needed for snapshots. And the small-
7 tem being able to be restored.” er data set means speedier backups
Any backup strategy—or change in to other media and faster replication
BACKUP
strategy—should include a considera- off-site.
STRATEGIES tion of backup testing. Testing disk- Data protection will always require
FOR VIRTUAL
SERVERS
based backups in a virtual environ- some amount of storage and network
7 ment is generally much easier than bandwidth, so try staggering the
testing traditional tape backups. scheduling of VM snapshots. For
BUILDING A
Snapshots and CDP files can be re- example, if a physical server hosts 10
PRIVATE CLOUD stored quickly to idle servers and test- VMs, it’s probably a bad idea to take
7 ed without any disruption to the pro- snapshots of all 10 VMs simultane-
duction environment. This makes it ously. Stagger the snapshots so that
HOW TO much easier to train and drill IT staff only one or two VMs are affected at a
GAUGE SERVER
RESOURCES
on effective restoration, which vastly time. This limits the spike in network
FOR ENDPOINT raises their confidence and provides a and storage I/O.
VIRTUALIZATION
more responsive vehicle for evaluat- Finally, it’s common for virtualiza-
7 ing, refining and improving backup tion users to adopt multiple data pro-
processes. tection schemes and apply them dif-
ferently to each VM depending on its
relative importance to the organiza-
TACTICS FOR MORE tion. For example, CDP may be used
EFFICIENT BACKUPS to protect a mission-critical VM, while
Today’s data protection technologies standard business applications may
offer far more flexibility than tradition- receive snapshots once an hour.
al tape systems. As you saw earlier, Noncritical VMs may receive snap-
snapshots of each VM can be taken in shots only a few times per day. And
a matter of minutes—even seconds— all of that PIT data can be periodically
and then backed up from the storage replicated to a DR site or offloaded to
system without impacting the produc- another backup medium such as VTL
tion environment. But other tactics or tape. Administrators should feel
can enhance the backup process even free to mix and match their data
further. protection in ways that best fit the
Consider the use of data deduplica- respective VM being protected. ■

8 VIRTUAL DATA CENTER E-ZINE JUNE 2010

THINK AGAIN.
Enterprises around the world are relying on virtualisation to increase datacenter efficiency and, unknowingly,
leaving themselves more vulnerable. That’s because conventional security isn’t able to protect virtual machines
or see the traffic between them — leaving data and networks exposed. Which is why in 2009 sixty percent of
virtual machines were less secure than their physical counterparts. But with Trend Micro™ Enterprise Security,
powered by the Trend Micro™ Smart Protection Network™ infrastructure, you can mitigate the risk and
maximize the benefits of virtualisation. It’s a different kind of security that protects your physical and virtualised
environments and helps set the foundation for your company to move confidently into the cloud.

Learn how to protect your virtualised datacenter.

Download the Trend Micro eBook at www.trendmicro.com/thinkagain
 Building a Private Cloud
IT AUTOMATION, SECURITY AND STANDARDS ARE THE PLACES
TO START WHEN CONSIDERING A PRIVATE CLOUD. BY BILL CLAYBROOK

EDITOR’S
LETTER

C
7

BACKUP
STRATEGIES REATING AN internal ist, a load-balancing expert, a storage
FOR VIRTUAL
SERVERS
or private cloud that expert, someone who is responsible
7 gives IT managers the for the operating systems and more.
benefits of a cloud Cloud computing goes well beyond
BUILDING A
running inside the server virtualization because it gives
PRIVATE CLOUD data center isn't easy. IT pros will customers more options for increas-
7 have to glue it together themselves ing data center flexibility and reducing
because no single vendor currently costs. There is a big difference be-
HOW TO provides all of the pieces that are tween setting up VMware ESX clusters
GAUGE SERVER
RESOURCES
needed. Some packaged software is
FOR ENDPOINT beginning to appear to help create pri-
VIRTUALIZATION
7
vate clouds, such as Ubuntu Enter- A typical private cloud
prise Cloud, but the software is limit-
ed to Linux-based clouds. relies on the security
What is a private cloud anyway? It measures available
resides on the premises, inside your within the cloud and
data center giving IT managers com-
plete control over the available the data center.
resources. A typical private cloud
relies on the security measures avail-
able within the cloud and the data
center. It automates workflows and
removes human tasks like configuring in a data center for server virtualization
routers and load balancers or setting and implementing an internal cloud.
up firewall rules. For private clouds to be useful and
These are steps that many enter- continue in the direction set by public
prises with virtualized servers are clouds, IT pros need to automate as
doing by hand. Enterprises often have many manual tasks as possible to
a firewall specialist, a router special- bring up capacity on the fly and put it

10 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 back when it's not needed. create the automation layer for its
This requires an inventory manage- internal cloud because no current
ment system that does not exist com- vendor provides a complete software
mercially today—one that can keep layer. The staff will essentially have to
track of all IT space, the operating buy the pieces and put them together.
systems running on each machine, IT managers will have to meld
the number of physical devices you together tools to manage private
have, the amount of access capacity clouds and other resources in a data
that is available, the trigger points for center. The tools to manage both
EDITOR’S
LETTER
adding more disk space on storage physical and virtual resources have
7 area networks, the software stored been slow to emerge. Even though
on each machine and more. server virtualization is growing rapid-
BACKUP
It also requires orchestration to ly, the management tool industry is
STRATEGIES ensure that tasks are executed in the playing catch-up.
FOR VIRTUAL
SERVERS
right order. When a user asks for a There are no system management
7 server with one CPU, one GB of RAM, tools to manage a mixed environment
a 250 GB hard drive and Red Hat that incorporates existing data cen-
BUILDING A
Enterprise Linux (RHEL) 5.3, the cloud ters and cloud computing. System
PRIVATE CLOUD software layer has to go out and grab management tools were developed at
7 an IP address, set up a virtual local a time when hardware was expensive
area network (VLAN), put the server and difficult to replace. Clouds are
HOW TO in the load balancing queue, put the de-signed based on a different
GAUGE SERVER
RESOURCES
server in the firewall rule set for the IP assumption: Hardware is cheap,
FOR ENDPOINT address, load the correct version of and it will fail.
VIRTUALIZATION
RHEL, patch the server software when Cloud providers also build in redun-
7 needed and place the server into the dancy, which requires a different man-
nightly backup queue. agement philosophy, one that public
cloud providers such as Amazon and
Google have adopted. But not all IT
AUTOMATION BEYOND pros believe that applications should
CURRENT MEANS be virtualized in their own data cen-
This type of automation replaces hun- ters using server virtualization or run
dreds of discrete tasks normally per- on private clouds. IT managers should
formed manually by specialists. The considering using Software as a Serv-
investment that cloud vendors are ice (SaaS) as a delivery model for
making is in using the correct cloud their applications, said Hylton van
layer to automate in hours the tasks Zyl, R&D specialist at Credit Suisse,
that used to take many days. None of a financial services provider. SaaS
the current external cloud providers, providers, such as Salesforce.com,
however, are close to providing this will likely have good security because
level of automation. they own the entire software stack,
The data center staff will have to he said.

11 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 PRIVATE CLOUDS ARE NOT PERFECT availability—for unlucky users. Cloud
Public clouds and external private providers occasionally move work-
clouds have a number of barriers and loads around because there are too
risks that cause many IT shops to many users sharing the same
balk. Some of the risks that surround resources at one time and perform-
public clouds are also risks for private ance suffers. That’s less likely to hap-
clouds, but the degree of risk is gener- pen with private clouds, but it can
ally less. In some cases, such as con- without proper management tools.
trol of resources and security, the
EDITOR’S
LETTER
risks are much less.
7 Cloud security is always a top risk ADHERING TO CLOUD STANDARDS
when using external clouds, and it’s Private cloud users must work with
BACKUP
one of the major reasons that IT standards organizations to ensure
STRATEGIES managers favor private clouds over that their clouds are tracking the
FOR VIRTUAL
SERVERS
public clouds for many of their appli- important standards when they ap-
7 cations. pear. The reason standards are so
Chris Hoff, a security guru at important is that users will eventually
BUILDING A
Cisco Systems Inc., said that security want to move applications from cloud
PRIVATE CLOUD is just one of several issues with pub- to cloud, and this is very difficult with-
7 lic clouds. On Amazon EC2, you have out standard interfaces.
virtual machines, virtual appliances, Amazon's EC2 interface is currently
HOW TO and Amazon Machine Images running as close to a standard as we have,
GAUGE SERVER
RESOURCES
on hundreds or even thousands of and it’s the reason that Canonical
FOR ENDPOINT servers, he said. You have no idea adopted it for UEC. Red Hat's Delta-
VIRTUALIZATION
what’s in these images, who built cloud open source project is an effort
7 them and where they came from. to try to make it easier for a data cen-
With private clouds, though, IT man- ter, through a single interface portal,
agers have the control that public to work with differing cloud providers'
clouds are missing. using drivers to communicate with
The degree of a risk can be much each cloud application programming
less with private clouds, but compli- interface.
ance and regulatory issues, soft- Given the almost nonexistent cloud
ware licensing, availability, scalability, interface standards, companies like
service-level agreements and the Johnson & Johnson are working with
effects of new technology like server RightScale to develop an abstraction
virtualization on IT workers and their layer for Amazon that will make it
jobs are still issues with private easier to deploy and move applica-
clouds. tions onto clouds. Management soft-
One of the issues with public clouds ware that creates an abstraction layer,
is that cloud providers oversubscribe, such as RightScale, will serve as fill-ins
and oversubscribing can lead to the until real cloud standards are created
equivalent of downtime—the loss of and adopted. ■

12 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 How to Gauge Server Resources
for Endpoint Virtualization
LEARN SOME PRACTICAL GUIDELINES FOR DETERMINING SERVER
REQUIREMENTS FOR ENDPOINT VIRTUALIZATION AND IDEAS FOR
MANAGING THE LOAD. BY DANIELLE RUEST AND NELSON RUEST

EDITOR’S
LETTER
7

BACKUP

N
STRATEGIES
FOR VIRTUAL
SERVERS
7
most organi-
OW THAT cially when organizations realize that
BUILDING A
zations are using their move to Windows 7 may well be
PRIVATE CLOUD some form of server their last. With the increased reliance
7 virtualization, many on new platforms—slate PCs such as
are moving to the the iPad, netbooks, even iPhones—
HOW TO next level in virtualization: endpoint and the increased mobility of task
GAUGE SERVER
RESOURCES
virtualization (EPV)—or more pre-
FOR ENDPOINT cisely, the virtualization of end user
VIRTUALIZATION
7
desktops in central repositories. EPV EPV is making more
is similar to server virtualization in
that it relies on central hardware that
sense, especially when
runs virtualized instances of each end organizations realize
user desktop. In this regard, EPV that their move to
reuses several components that were
implemented during an organization’s Windows 7 may
move to server virtualization. well be their last.
EPV also relies on physical host
servers, usually running in some form
of cluster to provide highly available
virtual machines (VMs), storage fab-
rics to host VM disk files and virtual- forces and employees as well as the
ization management software to increase in home-based employment,
orchestrate the launching and closing moving away from a physical PC per
of the VMs that make up each user’s employee is a solid value proposition.
productivity environment. If you can get rid of a complex phys-
EPV is making more sense, espe- ical endpoint device such as a full-

13 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 blown Windows PC and move it to a environment, it is essential in an EPV
virtual instance of a PC—especially environment because it is the element
one that is required only when the end that ties an end user’s account with
user is working with it—then you can his or her own particular desktop VM.
control initial costs, reduce deploy-
ment expenses and lower administra- ■ A desktop VM coordination serv-
tive overhead. And, if you already ice. This service links a user’s desktop
have a server virtualization infrastruc- VM to the user account once the user
ture in place, then moving to EPV is has been validated by the directory
EDITOR’S
LETTER
nothing but a step further into the service. It is also responsible for gen-
7 virtualization arena. erating the VMs as required.

BACKUP
■ A remote access protocol. This
STRATEGIES ESTABLISHING EPV protocol, often Microsoft’s Remote
FOR VIRTUAL
SERVERS
SERVER REQUIREMENTS Desktop Protocol (RDP), is responsi-
7 There are, however, some key differ- ble for linking the user’s physical end-
ences in the way you implement EPV point device to the endpoint VM.
BUILDING A
compared to server virtualization. Note that both Citrix and VMware
PRIVATE CLOUD After all, the VMs required for EPV have their own remote access proto-
7 will be productivity machines running cols and do not necessarily rely on
end-user applications, not VMs run- Microsoft’s RDP.
HOW TO ning server-based workloads.
GAUGE SERVER
RESOURCES
No one interacts directly with a ■ Other server components, such
FOR ENDPOINT server VM. Instead, they interact with as file servers and application reposi-
VIRTUALIZATION
the remote service the server VM tories. The inclusion of these compo-
7 runs—directory services, file shares, nents in your EPV architecture will
printer shares, email systems and so depend on your EPV model of choice.
on. With an EPV VM, the end users
are working directly with the machine, Another major difference between
interacting with various applications EPV and server virtualization is the
and controlling the machine’s environ- nature of the VM. Server VMs are
ment to suit their tastes. Because of composed of a server operating sys-
this, EPV requires additional compo- tem and then, usually, one single serv-
nents to run. er application. Desktop VMs, on the
These components include: other hand, are composed of a desk-
top OS, end-user applications that
■A directory server such as can vary from desktop to desktop and
Microsoft Active Directory. Although the user’s machine state or data and
a directory service is useful for a serv- machine configuration.
er virtualization environment because In fact, end-user VM construction
it helps centralize all administrative can be viewed as a bull’s eye with the
access to the server virtualization (Continued on page 16)

14 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 USING MICROSOFT HYPER-V HOSTS

MICROSOFT HAS RELEASED its own virtual desktop infrastructure (VDI) or endpoint
virtualization (EVP) product. This offering runs desktop virtual machines (VMs)
on top of Microsoft Hyper-V and relies on Remote Desktop Services, or RDS, to
connect end users with their centralized VM. It requires System Center Virtual
Machine Manager as the VM management tool, and EPV implementation
requires a full deployment of all Remote Desktop Services (see Figure A-1).
EDITOR’S
In Windows Server
LETTER
7 2008 R2, Hyper-V runs
in clusters of 16-nodes
BACKUP
with each cluster mem-
STRATEGIES ber able to support up
FOR VIRTUAL
to 64 VMs for a total of
SERVERS
7 1,000 VMs per cluster.
But there are a few
BUILDING A
caveats for this con-
PRIVATE CLOUD figuration to work:
7 Each VM must
■

be a low requirement
HOW TO Figure A-1: Required server roles for a
GAUGE SERVER
machine and must have
Microsoft Hyper-V EPV deployment
RESOURCES a small amount of RAM
FOR ENDPOINT
VIRTUALIZATION
assigned to it. For ex-
7 ample, if your server includes 64 GB of RAM, you will not be able to run 64
VMs with 1 GB of RAM each because of required Hyper-V overhead. You must
assign more RAM to the server to run the 64 VMs.
■ Hyper-V supports volatile EPV machines through the use of the Hyper-V
Snapshot feature. Snapshots divide virtual disk files into a set of parent and
child files. The parent file includes the source VM and the child files include
any changes. Child files are discarded once the VM is closed. Parent files, how-
ever, usually require at least 10 GB of storage for each running desktop VM.
The Remote Desktop Virtualization host servers will, therefore, require ade-
quate storage to run your required number of VMs.
■ Running EPV on Hyper-V requires the use of the Virtual Enterprise Central-
ized Desktop license, which lets each end user run up to four desktops per OS
license.
■ Remote Desktop Services also now include Microsoft’s Application Virtu-
alization tools in support of the volatile EPV model. ■

15 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 (Continued from page 14) This means the VM’s disk files will
three required components. Each require long-term management to
layer of the bull’s eye requires the help control its consistency and size
appropriate support services to make through the use of defragmentation,
it run properly (see Figure 1). compression and virtual disk file
maintenance utilities. Persistent VM
disk files usually start at 10 GB each
DETERMINING THE EPV MODEL and can grow significantly as users
You also need need to consider if you add data within the VM.
EDITOR’S
LETTER
are creating persistent or volatile end- But persistent VMs do not resolve
7 user VMs. Persistent user machines many of the issues organizations face
consist of one dedicated VM per user. when running physical desktops.
BACKUP
This VM will include the user’s Because end-user data is contained
STRATEGIES required applications, data and user within the VM—as it is within a physi-
FOR VIRTUAL
SERVERS
state within itself and requires little in cal desktop—the organization must
7 terms of external services to support apply various means to protect that
it. But it will need a significant amount data, usually through endpoint backup
BUILDING A
of storage space within the central tools.
PRIVATE CLOUD storage fabric because the VM’s disk Volatile end-user VMs do not have
7 files will grow with use. this requirement. That’s because a

HOW TO
GAUGE SERVER Figure 1
RESOURCES
FOR ENDPOINT
VIRTUALIZATION
The bull’s eye desktop construction model is ideal
7
for endpoint virtualization.

16 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 volatile VM is created on the fly as a It also requires significantly less
user logs in. A volatile VM requires storage space because you are no
three core components to work prop- longer storing individual VMs.
erly: Instead, you store the source copy of
the VM and generate new machines
1. A source desktop VM that con- as needed when needed. It’s impor-
tains only the updated operating sys- tant to note that both AppV and USV
tem and required utilities such as have their own benefits independent
management and anti-malware tools. of the advantages of EPV.
EDITOR’S
LETTER
Finally, EPV VMs vary in size and
7 2. Virtual applications or applica- complexity based on the type of work
tions that have been processed the user performs. VMware catego-
BACKUP
through application virtualization rizes end users into three different
STRATEGIES (AppV) tools to capture their running types, each with its own require-
FOR VIRTUAL
SERVERS
state instead of their installation ments:
7 process. Virtual applications are,
therefore, not installed on the end- ■ Task workers focus on a small set
BUILDING A
point but rather streamed to the end- of repetitive activities based on a
PRIVATE CLOUD point—a process that is initiated by small number of applications. Ma-
7 end users when they actually work chine requirements are relatively low.
with an application—and because of
HOW TO this, can be applied to any VM at user ■ Knowledge workers rely on pro-
GAUGE SERVER
RESOURCES
logon. ductivity tools to manage information.
FOR ENDPOINT They usually require a full productivity
VIRTUALIZATION
3. User state virtualization (USV), suite such as Microsoft Office, and
7 through either custom tools contained they often require access to the Inter-
within the EPV suite or through stan- net. Machine requirements are mod-
dard Microsoft tools such as folder erate.
redirection and roaming profiles. USV
constantly protects user data because ■ Power users work with more com-
it stores it outside of the VM. It is also plex applications such as develop-
applied when users log on to the VM. ment tools or graphical imaging tools.
Machine requirements are more
In fact, because the VM includes strenuous.
nothing but the OS and because appli-
cations and user data are applied at Understanding your user require-
logon only, each of the VMs becomes ments is essential when planning for
volatile because the VM can be dis- the server resources required to sup-
carded as soon as the user logs off. port EPV because each VM will
Therefore, the volatile VM model is require appropriate amounts of RAM,
much more versatile than the persist- properly sized paging files to reduce
ent model. (Continued on page 19)

17 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 USING VMWARE ESX HOSTS

WITH THE RELEASE of View, VMware is now offering its most mature iteration of a
virtual desktop infrastructure. It relies on VMware’s Virtual Infrastructure 3 (VI3),
running the VMs on top of ESX Server hosts. It also relies on VMware ThinApp
for application virtualization (see Figure B-1). However, VMware EPV has several
advantages over other endpoint virtualization solutions now on the market:

EDITOR’S
■ VI3 offers special memory management features that can vastly reduce the
LETTER required amount of physical RAM to support multiple VMs running the same OS.
7 Transparent Memory Sharing will automatically deduplicate similar in-memory
contents from multiple VMs. Memory Ballooning will also automatically recover
BACKUP memory that was
STRATEGIES
FOR VIRTUAL
allocated to other
SERVERS VMs once they
7 no longer need it.
These two features
BUILDING A help reduce phy-
PRIVATE CLOUD
sical host server
7 requirements for
multiple VM
HOW TO
GAUGE SERVER
operation.
RESOURCES
FOR ENDPOINT VMware View
■

VIRTUALIZATION supports linked

7 Figure B-1: Required components to run a clones, which
VMware View EPV infrastructure greatly reduce the
operational stor-
age space required
for desktop VMs because differential files are considerably smaller than the par-
ent virtual disk image.
■ VMware View also includes its own remote access protocol, PC over IP, which
VMware designed to improve performance and graphics quality over remote con-
nections.
Reduced host server requirements, reduced storage requirements and improved
remote access protocols make VMware View an attractive offering for EPV. In
addition, the architecture required to run an EPV infrastructure with VMware View
is considerably simpler and includes fewer components than other virtual desktop
infrastructures. If your organization is already running VI3, then VMware View
might be the best solution for you. ■

18 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 (Continued from page 17) of constant operating system roll-
disk access and proper virtual disk file overs, distributed desktop manage-
sizes. ment and end users with administra-
tive access rights is drawing to an end.
Organizations will no longer need to
UNDERSTANDING manage complex hardware and soft-
EPV VM REQUIREMENTS ware configurations to give end users
Ideally, you will be able to pool EPV
VMs according to user types, running
EDITOR’S
LETTER
low requirement machines—1 GB to 2 Because all VMs are
GB of RAM per VM, a single virtual
7
processor—on one pool of host
generated from one
BACKUP
servers. Moderate requirement or two source images
STRATEGIES
FOR VIRTUAL
VMs—2 GB to 4 GB of RAM, possibly and then discarded
two virtual processors—would run on
SERVERS
another pool of host servers and once the user logs off,
7
strenuous requirement machines—4+ you only need to main-
BUILDING A
GB of RAM, more than two proces- tain and update the
PRIVATE CLOUD sors—on yet another set of host
7 servers. source images each
Grouping desktop VMs in this man- month, which vastly
HOW TO ner allows you to simplify the EPV
GAUGE SERVER
management model because you will
reduces your machine
RESOURCES
FOR ENDPOINT be able to host multiple low and mod- update overhead.
VIRTUALIZATION
erate requirement VMs on a pool of
7 hosts while running fewer strenuous
requirement VMs in a separate pool.
Another major advantage of EPV,
especially when you run volatile VMs, access to their desktop environments.
is that it greatly simplifies the Win- New devices with simpler operating
dows software update process. systems such as Apple’s iPad and
Because all VMs are generated from iPhone or Google’s Android are com-
one or two source images and then ing to the forefront and transforming
discarded once the user logs off, you the endpoint hardware model.
only need to maintain and update the Centralized EPV will maintain pro-
source images each month, which ductivity workloads within Windows
vastly reduces your machine update environments. But it will also continue
overhead. to simplify the way we manage these
EPV is here to stay, and once organ- machines. This transformation is on-
izations fully adopt it, it will provide going and threatens to affect Micro-
completely new models for desktop soft’s desktop dominance once and
management and utilization. The era for all. ■

19 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 AB OUT THE AUTHORS

Stephen J. Bigelow, a senior

technology writer in the Data
Center and Virtualization
Media Group at TechTarget
Inc., has more than 15 years
of technical writing experi-
ence in the PC/technology industry. He
holds a bachelor of science in electrical
engineering, along with CompTIA A+, Net- Cathleen Gagne
EDITOR’S
LETTER work+, Security+ and Server+ certifica- Editorial Director
7 tions, and has written hundreds of articles cgagne@techtarget.com
and more than 15 feature books on com-
Matt Stansberry
puter troubleshooting, including Bigelow’s
BACKUP Executive Editor
STRATEGIES
PC Hardware Desk Reference and Bigelow’s mstansberry@techtarget.com
FOR VIRTUAL PC Hardware Annoyances. Contact him at
SERVERS sbigelow@techtarget.com. Christine Casatelli
7 Editor
ccasatelli@techtarget.com
Bill Claybrook is a marketing
BUILDING A Marty Moore
PRIVATE CLOUD
research analyst with more
Copy Editor
7 than 30 years of experience mmoore@techtarget.com
in the computer industry,
with the last 10 years in Linux Linda Koury
HOW TO
and open source. From 1999 Art Director of Digital Content
GAUGE SERVER
to 2004, Claybrook was research director lkoury@techtarget.com
RESOURCES
FOR ENDPOINT of Linux and Open Source at Aberdeen
VIRTUALIZATION Jonathan Brown
Group in Boston. He is now president of Publisher
7 New River Marketing Research in Concord, jebrown@techtarget.com
Mass. He holds a Ph.D. in computer sci-
ence. Peter Larkin
Senior Director of Sales
plarkin@techtarget.com
Danielle Ruest
and Nelson
TechTarget
Ruest are IT 275 Grove Street
experts focused Newton, MA 02466
on continuous www.techtarget.com
service availabil-
ity and infrastructure optimization. They
are authors of multiple books, including © 2010 TechTarget Inc. No part of this pub-
Virtualization: A Beginner’s Guide for lication may be transmitted or reproduced
in any form or by any means without writ-
McGraw-Hill Osborne, as well as the ten permission from the publisher. For per-
MCITP Self-Paced Training Kit (Exam 70- missions or reprint information, please
652): Configuring Windows Server Virtual- contact Renee Cormier, Director of Product
Management, Data Center Media,
ization with Hyper-V for Microsoft Press. TechTarget (rcormier@techtarget.com).
Contact them at infos@reso-net.com.

20 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 LINKS FROM OUR SPONSOR

q Cloud Computing Security: Making Virtual Machines Cloud-Ready

q Meeting the Challenges of Virtualization Security: Server Defense

for Virtual Machines

q Protecting the Dynamic Datacenter

About Trend Micro: Trend Micro is both a market leader in Internet content security
and a security innovator. Always proactive, Trend Micro is leading the security
industry by recognising the unique challenges of virtualisation and developing dedi-
cated security solutions for virtual environments. While virtualisation offers many
benefits to our customers, it also poses several unique security challenges. Trend
Micro addresses these challenges with dedicated security for virtual infrastructure
and is working with virtualisation innovators like VMware to protect virtual machine
environments. Trend Micro helps organisations benefit from virtual computing by
deploying security that’s designed to meet these specific challenges, allowing our
customers to fully realise the cost and productivity advantages of virtualisation
without compromising the security of their data centre.

21 VIRTUAL DATA CENTER E-ZINE JUNE 2010

 REGIONA L SOLUTION PROVIDER

22 VIRTUAL DATA CENTER E-ZINE JUNE 2010