Virtualization Management Tools & Strategies -- Virtualization Review

Virtualization Management Tools & Strategies

Enterprise-wide management platforms meet best-of-breed tools.

By Alan Maddison
05/01/2010

Virtualization provides a fundamental shift in the way that Organizations manage their infrastructures. From processes such as provisioning, monitoring, patching and troubleshooting, virtualization offers unique challenges and benefits. There's a distinct difference in management approaches based on the maturity of a company's exposure to virtualization. For those organizations that are just beginning to use virtualization, this requires a significant shift in how technology is managed and how IT as a service is delivered. For those that have been using virtualization for a number of years, those two processes must mature to accommodate shifting expectations and a deeper understanding of the challenges of virtualization management. However, regardless of your organization's virtualization experience, without the right tools and processes in place, virtualization has the potential to become difficult to manage. Choosing the right tools for your virtual infrastructure is the first step in making sure you can meet your management objectives.

Difficult Decisions
Sometimes deciding which tool or tools to acquire is quite difficult. Few IT departments have the luxury of starting from scratch when they consider which tools offer the most functionality and highest value for managing their virtual infrastructures. This is especially true of big companies with enterprise-wide management systems, because many of the hefty management frameworks -- such as the IBM Tivoli product line or CA Unicenter -- now offer integrated virtualization management as part of their infrastructure management capabilities. In addition to integration, other compelling features include common interfaces, standard data formats and uniform reporting.

The downside of these comprehensive management packages is that they tend to lack the flexibility and depth available with some of the best-in-class virtualization management tools. For organizations lacking one of these monolithic frameworks, there are products from smaller vendors that can help them deal with critical deficiencies in their legacy tools. Regardless of your current management strategy and tool assortment, if you are just starting to virtualize your environment, or you have begun moving onto tier-1 (mission-critical) applications, it's important to constantly examine your options.

Many tools that have a strong virtualization heritage, that is, those tools developed specifically for virtual environments, often have the flexibility and power that's missing in some of the more traditional toolsets not designed with virtualization in mind. In fact, the benefits of selecting tools with a best-of-breed approach cannot be overstated. Moreover, most enterprise-ready virtual infrastructure management tools offer either built-in integration or some form of API that allows extensive customization and integration. This in turn enables an approach wherein organizations leverage their current investments in management technologies but continue actively reviewing other applications. This approach can lead to the best of all worlds by combining a high degree of integration between applications, along with power, flexibility and granularity that would otherwise be unavailable. Throughout the remainder of this article, I'll take a look at some leading apps that tackle key management challenges in virtualized environments, including automation, lifecycle management, reporting and analytics, monitoring, capacity planning, and security.

DynamicOps: Virtual Resource Manager
Virtual Resource Manager (VRM) from DynamicOps is a sophisticated, powerful, cross-platform management tool that supports VMware ESX, Microsoft Hyper-V and Citrix XenServer hypervisors in both server and desktop virtualization deployments. As a sophisticated management tool, VRM provides a flexible and highly granular policy-driven approach to virtualization management that can solve many of the operational challenges administrators currently face, including automation, lifecycle management, capacity planning, in-depth reporting and analytics, and chargeback reporting.

Clearly focused on the midsize to large enterprise, VRM's core capabilities include automated provisioning and lifecycle management for virtual machines (VMs) that are driven by sophisticated and granular workflow processes that enable a high degree of flexibility and control. In addition, the workflow processes are supported by VRM's self-service portal. This means that users and business units can request and initiate provisioning of VMs while still allowing VRM to maintain control of their virtual infrastructures both financially and from a management perspective. One of the main capabilities that makes this type of self-service provisioning feasible is lifecycle management. Without this capability, companies could control their virtual infrastructures and suffer from inefficient resource allocation. VRM also offers a powerful provisioning process that optimizes resource usage by providing a high degree of granularity when defining VM builds.

VRM with lifecycle management also allows administrators to provision VMs on a lease basis. Once the lease has expired, workflows can initiate a reclamation process that automates the VM's future. For example, it can be deleted or archived to less-expensive storage. In support of all this functionality VRM offers in-depth reporting and analytics with highly flexible filtering to accurately identify and track all of the data associated with virtualized infrastructures, including VMs, resources and associated costs. Capacity analysis and trending are also key components of the reporting capability. In addition, the ability to quickly and accurately understand current and future requirements is extremely useful in terms of day-to-day operations and strategic, long-term budgeting.

VMware: New Management Offerings
There aren't many virtual infrastructure management frameworks as comprehensive as VRM, but VMware Inc. recently introduced a host of new management products under the VMware vCenter brand (formerly VMware Virtual Center) that offer an excellent alternative. These products were created to fill some significant gaps in VMware's offerings that were previously supplied largely by third parties. While VMware does not offer a cross-platform solution, as the leading virtualization vendor its product offerings are critical to the management strategies of the many pure or heavy ESX shops. This new wave of VMware applications includes VMware vCenter Orchestrator, VMware vCenter Lifecycle Manager, VMware vCenter Chargeback, VMware vCenter ConfigControl (due to be released in the first half of 2010) and VMware vCenter CapacityIQ. While most of these products are new releases, they're based on products from companies VMware acquired, and are technically excellent, thanks to the work done by the VMware development team. Although lacking the cross-platform capabilities of VRM, the modular approach offered by VMware is more flexible from a licensing perspective, and customers who buy all the modules have a suite that is comparable to VRM.

VMware believes that vCenter remains the preeminent management tool for smaller organizations with fewer than 100 VMs. However, the full value of the new vCenter management products is only realized when organizations grow past the 100 VM mark and begin virtualizing mission-critical, tier-1 applications. This value can be measured not only from a purely financial perspective, but also in terms of the reduced time required by administrators to do their jobs.

The one exception to this low-end rule of growth is VMware vCenter Orchestrator, which has a place in almost any size company. Typically used to create and automate the sequences of tasks that would normally be scripted, Orchestrator is an intuitive creation and automation tool that simplifies these processes enormously, saves a lot of time and helps remove process errors associated with human intervention. VMware vCenter Orchestrator will also be leveraged by VMware vCenter ConfigControl when it's released later this year.

VMware vCenter ConfigControl promises to be a valuable tool that will not only provide visualization of the connections between VMs, but also between the components that make up the resources a VM consumes. Moreover, by using a policy-driven approach, VMware vCenter ConfigControl will allow users to create baselines across their entire virtual infrastructures, and track configuration drift. Its data can also produce insights into the impact of changes and provide the tools to manage these changes. Using the control and flexibility offered by VMware vCenter ConfigControl, administrators can take full advantage of VMware vCenter Lifecycle Manager.

As a tool designed to automate the management of VMs from cradle to grave, VMware vCenter Lifecycle Manager provides some impressive self-service capabilities that help make private clouds a reality for any organization willing to undertake the necessary work. Perhaps more importantly, it has a sophisticated approach to automating and segmenting VM-build configurations, as well as to provisioning processes. This capability alone will be of interest to many organizations.

As mentioned earlier, other new VMware management tools include:

VMware vCenter CapacityIQ -- plays a critical role in providing operational insight into current resource usage as well as supporting trending to accurately predict future requirements. Both of these tasks are vitally important for organizations with a heavy reliance on VMs.
VMware vCenter Chargeback -- provides all of the capabilities required to assign and track costs associated with virtual infrastructures.
VMware vCenter AppSpeed -- perhaps the tool that offers the most impact for organizations seeking to virtualize mission-critical applications. Designed to deliver performance insight for applications in physical and virtual environments, it provides important data for conversations with application owners. By identifying potential bottlenecks and measuring end-user impact, it provides a wealth of previously unavailable information and offers side-by-side comparisons of application performance in physical and virtual environments. It's also designed to help eliminate the gap between applications that can and cannot be virtualized.

Catbird: vSecurity
While DynamicOps and VMware offer a holistic approach to managing virtual infrastructures, there are a number of companies that excel in managing critical elements of the virtual infrastructure, including networks and security. One of the leading products for securing virtualized infrastructures comes from Catbird Networks Inc. Leveraging its strong roots in securing physical infrastructures, Catbird developed vSecurity to provide the same high levels of security and control found in virtualized environments. It currently supports ESX and Xen hypervisors, but the company has also done preliminary testing with Hyper-V; if demand is sufficient, it may also offer support for it.

Through the use of vSecurity agents -- virtualized appliances -- deployed within virtualized infrastructures, Catbird provides sophisticated discovery, monitoring and enforcement capabilities for virtual network segments. These capabilities enable control of auditing, inventory management, configuration management, change management, access control, vulnerability management and incident response. When deployed using a virtual appliance, this application scores high marks for ease of deployment, and also features an intuitive, wizard-driven discovery process. Further, vSecurity provides intrusion prevention system (IPS) and intrusion detection system (IDS) capabilities, as well as Network Access Control (NAC). NAC enforcement enables continuous monitoring across all VMs, and offers real-time inventory management.

Vulnerability management is also an important part of vSecurity. It includes a fully compliant scanner that's correlated with other VM attributes to assess issues across a customizable compliance framework. Also, vSecurity offers support for compliance regulations such as Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Control Objectives for Information and related Technology (COBIT), and Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Of particular note for companies subject to the credit-card industry's PCI standard are compliance measurements across 96 test requirements affected by virtualization.

Zyrion: Traverse
If you're in the market for network- and service-monitoring platforms, Traverse from Zyrion Inc. should be on your short list. Providing a wealth of monitoring capabilities across entire infrastructures, both physical and virtual, Traverse offers helpful insight into the health and performance of IT infrastructures. Focused on two areas, network performance and business service management, Zyrion takes a holistic approach to what constitutes a service or application. By allowing you to look at the entire picture, Zyrion has provided a tool that shines a light on the relationships between the different elements that make up any given service. Its sophisticated discovery capability can be helpful when building a baseline topology. By allowing you to gather data from both VMs and the underlying physical hosts, it becomes easier to correlate the gathered data.

Traverse also supports multiple levels of nesting, which enables extensive drill-down capabilities. Add in the ability to define dependencies and you have an extremely powerful monitoring tool. These capabilities can also be quite useful in troubleshooting and root-cause analysis. Traverse also makes it easy to be much more proactive about application performance in virtualized environments and allows users to more closely align IT with business units.

Fortisphere: Virtual Service Manager
Reporting and analytics are also key management components, and there's a broad group of products providing these capabilities. Fortisphere Virtual Service Manager (VSM) is an excellent example of this product category. VSM is an enterprise-class reporting and analytical tool that endows administrators with a high degree of flexibility and granularity. The current version 3.5 only supports ESX environments, but Fortisphere Inc. anticipates providing support for both Microsoft Hyper-V and Citrix XenServer in the coming months. VSM utilizes the JasperReports open source reporting server at its core, providing a high degree of extensibility and customization, which is often critically important for larger environments. Because VSM is delivered as a virtual appliance, Fortisphere has worked hard to ensure a smooth deployment process.

Utilizing the concept of service tiers, VSM can offer in-depth insights into both guest OSes and the hypervisor running on the physical host. By defining service tiers based on such metrics as uptime and resource thresholds, users can effectively segment their virtual infrastructures. Featuring multiple thresholds within each services tier, this approach has a number of benefits, and is particularly noteworthy for its alerting functionality, problem identification capability, and support for remediation and service level agreements. The product also supports chargebacks by associating costs with service tiers. Via VSM's granular role-based delegation, administrators can also assign VMs to specific users or business units, while providing these two groups with role-specific reporting on their assigned VMs. Its intuitive dashboard is also an effective communication tool.

Another core capability is vRadar, which provides sophisticated visualization of the relationships and dependencies between VMs. Using this relationship-modeling tool, VSM provides the ability to identify problems that might otherwise be missed.

Finally, by offering built-in support for creating configuration baselines, and making it possible to monitor subsequent configuration drift down to the level of applications and patches, VSM shows itself to be an incredibly capable tool.

Citrix: Essentials, Workflow Studio, Stage Manager and StorageLink
Even though more and more third-party vendors are adding support for Citrix XenServer and Microsoft Hyper-V, these hypervisors still lack the depth of functionality and breadth of support available for VMware ESX Server. However, Citrix Essentials is an excellent management tool available for both XenServer and Hyper-V, and offers some sophisticated capabilities, including workflow orchestration, staging and dynamic provisioning.

Also in the Citrix fold, Citrix Workflow Studio is a powerful tool that allows administrators to create workflows using a GUI, which eliminates the need for scripts. Via Workflow Studio integrated scheduling, monitoring and reporting features, users also have the ability to closely track all workflows within their operating environments. This allows them to define and implement a standard set of processes.

Citrix Stage Manager provides a workflow-driven approach to managing the process of testing and implementing application updates and patches. Stage Manager has many benefits, including the ability to tightly control the software release and update process. For example, IT can more rigorously define and administer user acceptance testing as well as ensure that all updates continue to meet compliance requirements. Dynamic provisioning services allow users to pre-define workloads, and use streaming to optimize workload delivery. In addition, users can use the vdisks that form the basis of the workload on multiple physical hosts or virtual devices, thereby simplifying the server management and patching process. In addition to these technologies, there are some sophisticated storage and recovery capabilities included.

Citrix StorageLink offers an interesting approach to storage virtualization in the form of a valuable tool for administrators working in heterogeneous storage environments. By automating discovery of iSCSI or Fibre Channel storage environments, StorageLink integrates deeply with storage environments so it can actually provision storage. Used in Hyper-V environments, StorageLink integrates tightly with Microsoft System Center Virtual Machine Manager, which helps automate the recovery process.

Final Words
Virtualization has forever changed the way IT departments manage

their infrastructures. As it becomes ubiquitous, the need to make sure that management strategies are adapted to enhance the power and flexibility of virtualization is critical. When administrators think about developing these management strategies they often focus on the core competencies that span the entire IT infrastructure and develop processes that assist in achieving these long-standing goals. Making the right decision about which tools to acquire can make the difference between meeting long-term management objectives and surrendering to failure. Unfortunately, the selection process runs a bewildering gamut from monolithic management frameworks that aim to provide all of the tools that you need, to point products that provide specific capabilities to solve specific problems.

All of this is complicated by the fact that IT departments rarely have the ability to start with a clean slate because their constrained budgets do not allow them to replace legacy infrastructure investments. The challenge, then, is to continue leveraging existing management tools while keeping an eye out for new, cost-effective alternatives.

The products described here represent some of the best-of-breed virtualization management tools available. If you need to integrate these tools with existing products, you can use their open APIs to ease the process. Always remember that your particular environment is unique and you should always thoroughly test tools before deploying them in your production network.