This document provides information on managing and operating a Microsoft Virtual Server infrastructure with HP ProLiant servers. It discusses using HP Systems Insight Manager (HP SIM) for virtualization management including the HP Virtual Machine Management Pack. It also covers backup and recovery, security, performance management, and more. Templates, migrations between virtual and physical environments, and clustering are described.
Installation of MySQL 5.1 Cluster Software on the Solaris 10 ...
Managing a Microsoft Virtual Server infrastructure with HP ProLiant servers
1. Managing and operating a Microsoft Virtual Server
infrastructure with HP ProLiant servers
Executive summary............................................................................................................................... 3
Virtualization management ................................................................................................................... 3
HP Systems Insight Manager ............................................................................................................. 3
HP Virtual Machine Management Pack ............................................................................................... 4
Templates .................................................................................................................................... 5
Virtualization management in HP SIM ............................................................................................. 6
IM Agents on the Microsoft Virtual Server host server........................................................................ 6
Virtual Machine Management Pack and the VMM Agent .................................................................. 6
ProLiant Essentials Server Migration Pack ...................................................................................... 16
Virtual-to-Virtual (V2V) ................................................................................................................. 16
Virtual-to-Physical (V2P) Migration ................................................................................................ 16
Physical-to-Virtual (P2V) Migration ................................................................................................ 16
P2V migration pre-requisite – Install SMP Agent ............................................................................. 16
Network load from conversions.................................................................................................... 37
Troubleshooting SMP and P2V ..................................................................................................... 37
OpenView .................................................................................................................................... 38
Integration with HP SIM............................................................................................................... 38
Smart Plug-in (SPI) for Microsoft Virtual Server................................................................................ 39
Backup and recovery ......................................................................................................................... 39
Microsoft Cluster Services ............................................................................................................... 39
Host clustering ........................................................................................................................... 40
Maximizing availability of a consolidated server............................................................................ 40
Flexible storage solutions............................................................................................................. 40
Ease of management .................................................................................................................. 40
High availability......................................................................................................................... 40
HP OpenView Storage Mirroring ..................................................................................................... 41
Mirroring................................................................................................................................... 41
Replication ................................................................................................................................ 42
Monitor/Failover ........................................................................................................................ 42
Restoration ................................................................................................................................ 42
User scenario............................................................................................................................. 43
2. Backup methodologies.................................................................................................................... 44
Golden Masters VMs .................................................................................................................. 44
Backups in a VM ........................................................................................................................ 45
Backup Microsoft Virtual Server host server.................................................................................... 45
VMM Backup............................................................................................................................. 45
Intelligent Fault Resilience................................................................................................................ 56
Intelligent Fault Resilience levels ................................................................................................... 56
Foundation Level ........................................................................................................................ 57
Single Systems Level ................................................................................................................... 58
Systems Management Level ......................................................................................................... 58
Multiple Systems Level................................................................................................................. 59
Maximizing availability of a consolidated server............................................................................ 60
Flexible storage solutions............................................................................................................. 61
Ease of management .................................................................................................................. 61
High availability......................................................................................................................... 61
Fault resilient failover methods ..................................................................................................... 61
SAN failover.............................................................................................................................. 62
Choosing path management tools ................................................................................................ 63
In case of failover....................................................................................................................... 63
Security ............................................................................................................................................ 63
HP Vulnerability and Patch Management Pack................................................................................... 63
Patching Microsoft Virtual Server VMs .............................................................................................. 63
HP SIM security .......................................................................................................................... 64
OpenSSH .................................................................................................................................. 64
Virus throttling ............................................................................................................................... 65
Performance management .................................................................................................................. 65
Server load balancing .................................................................................................................... 65
Multiple NICs............................................................................................................................. 65
Microsoft NLB ............................................................................................................................ 65
ProLiant server tuning...................................................................................................................... 66
Performance baseline.................................................................................................................. 66
NUMA...................................................................................................................................... 67
Hyper-Threading ........................................................................................................................ 67
Storage tuning ............................................................................................................................... 67
Disk subsystem ........................................................................................................................... 67
Separate virtual hard disks and host operating system disks ............................................................ 67
Virtual SCSI hard disks................................................................................................................ 68
Fixed-sized virtual hard disks ....................................................................................................... 68
For more information.......................................................................................................................... 69
3. Executive summary
This document contains management and operation information for Microsoft® Virtual Server
software running on HP ProLiant servers. Specifically, it provides instructions and best-practice
methods for the daily operations of a virtual infrastructure designed around Microsoft Windows®
Server 2003, Microsoft Virtual Server 2005 R2, HP ProLiant servers, and ProLiant Essentials.
This guide is intended for solutions architects or engineers involved in the operation and management
of virtualization solutions. The reader should be familiar with networking in a heterogeneous
environment, understand and interact with virtualized infrastructures on an on-going basis, and have
a working knowledge of Microsoft Windows Server 2003, Microsoft Virtual Server 2005 R2, and
ProLiant Essentials.
This guide does not provide step-by-step instructions to install Microsoft Virtual Server or ProLiant
Essentials software. For instructions on installation and administration, visit
http://www.microsoft.com/windowsserversystem/virtualserver/default.mspx, and
http://www.hp.com/servers/manage
Virtualization management
The following sections discuss the management and monitoring functionality of HP Systems Insight
Manager (HP SIM).
HP Systems Insight Manager provides management capabilities for ProLiant servers, including HP
BladeSystem Integrated Management and support. Modular plug-ins to HP SIM improve rapid
deployment, vulnerability and patch management, as well as virtual machine management and
controls.
HP Systems Insight Manager
HP SIM is designed to manage, support and facilitate the Adaptive Enterprise. Adaptive Enterprise is
an idea; it cannot be purchased like a product. It has to be built into the customer’s environment,
business practices, and ideologies.
HP SIM is designed to simplify server management, increase productivity and reduce the cost of
deploying, monitoring and otherwise managing multi-server environments. HP Systems Insight
Manager and HP’s systems management software options provide support for four main IT tenants:
• Reliable fault monitoring and asset management
• Rapid provisioning and patching
• Secure remote administration
• Flexible analysis and optimization
3
4. Figure 1. HP SIM
HP Virtual Machine Management Pack
The HP ProLiant Essentials Virtual Machine Management Pack (VMM) allows the management,
monitoring and control of a virtual infrastructure from inside HP SIM. Virtualized Hosts and Virtual
Machines (VMs) can be controlled from VMM.
The VMM is an add-on to HP SIM (HP Systems Insight Manager)
http://www.hp.com/servers/manage. Basic installation of VMM and HP SIM are not covered in this
guide. Resources are available at the following location:
http://h18013.www1.hp.com/products/servers/management/hpsim/infolibrary.html#techinfo
and
http://h18013.www1.hp.com/products/servers/proliantessentials/valuepack/vmm/index.html?jump
id=servers/proliantessentials/vmm
4
5. Figure 2. VMM
The ProLiant Essentials Virtual Machine Management Pack (VMM) provides central management and
control of Microsoft Virtual Server VMs. Integrated with HP Systems Insight Manager, VMM provides
unified management of HP ProLiant host servers and virtual machines.
The combined view of host and virtual machine resources eliminates the need for separate VM
management consoles. When coupled with HP's heterogeneous management approach, customers
have the flexibility to support different VM environments.
With the VMM software, you can utilize one central console for all your virtual machines to monitor
their status and easily adapt to changing business needs. The VMM Pack also provides the tools
needed to manage workloads across host server systems.
The following sections are intended to give a technical understanding of VMM. This includes
procedures to template-ize or backup VMs, as well as conversions such as Virtual-to-Virtual (V2V)
and Physical-to-Virtual (P2V). This section also includes functional requirements such as HP Insight
Management (IM) Agents.
Templates
Templates allow VMs to be deployed quickly. When a template of a VM is created, the .vhd file and
config file are copied and stored in an offline state. When a VM is deployed using this template, a
duplicate of the original VM is created. Because this new VM is an exact duplicate, all system
identification information inside the VM is duplicated, so the SID (in Windows VMs) must be changed.
However, the MAC addresses for each NIC contained in the original VM are not duplicated. When
the user deploys a VM from a template, new MAC addresses are auto-generated for each virtual NIC.
A new BIOS ID, and a new UUID for the VM is also auto-generated.
5
6. Currently, cross-OS deployments of VMs are not supported in VMM. In other words, a Microsoft
Virtual Server VM can not be template-ized and redeployed on a VMware server host. However, the
release of the V2V (Virtual to Virtual) tool in the HP ProLiant Essentials Server Migration Pack does
allow the conversion of a VM from one virtualization platform to another.
When a VM is deployed from a template, the UI indicates that no suitable VM is available. The user
must then select a target for the new VM. Once a suitable target is selected, the deployment process
begins. The VM Backup Repository Folder must be selected, or a new folder may be created during
the process.
Storage and updates are important consideration when dealing with templates. Because templates
could become very large, provision must be made to store and backup the files that make up the
template VMs. Also, these template VMs may require patching and/or updates periodically to
remain current. The template itself cannot be started, so once an updated template is created, it
must be made into a template again, in order to contain the updates.
Virtualization management in HP SIM
There are a series of procedures that must be accomplished before a Microsoft Virtual Server host and
its VMs can be managed by VMM (through HP SIM).
• IM Agents must be loaded and configured on the Microsoft Virtual Server hosts.
• The Microsoft Virtual Server host must be discovered in the CMS (Central Management Server
for HP SIM).
• A connection to the Microsoft Virtual Server host must be established.
• The Microsoft Virtual Server host server must be registered.
• The VMM Agent must be deployed (i.e. Windows).
• The License key must be deployed to the Microsoft Virtual Server host.
IM Agents on the Microsoft Virtual Server host server
Microsoft Virtual Server requires IM Agents in order to manage the Microsoft Virtual Server host in HP
SIM.
The IM Agents must be loaded on the Windows Server 2003 Enterprise Edition (EE) or Windows
Server 2003 EE x64 host server for Microsoft Virtual Server 2005 R2 before deploying the VMM
agent. The IM Agents can be deployed using a preloaded server deployment job in HP ProLiant
Essentials Rapid Deployment Pack (RDP). For example, the standard “Deploy ProLiant MLDLBL +
Windows 2003 Enterprise + PSP” server deployment job included with the ProLiant Integration
Module (PIM) can be used. This job will configure the ProLiant server hardware and install Microsoft
Windows Server 2003 as well as the Altiris agent and the ProLiant Support Pack (PSP) for server
management.
Once the IM Agents are loaded on the Windows Server 2003 EE or Windows Server 2003 EE
x64 host server for Microsoft Virtual Server 2005 R2, a descriptive name of the server should be
displayed in the HP SIM console. Verify that the IM Agents are loaded and running on the
Windows Server 2003 EE or Windows Server 2003 EE x64 host server for Microsoft Virtual
Server 2005 R2.
Virtual Machine Management Pack and the VMM Agent
HP ProLiant Essentials Virtual Machine Management (VMM) Pack adds virtual machine
management capability within HP Systems Insight Manager. VMM requires an agent to run on the
host system—Windows Server 2003 EE or Windows Server 2003 EE x64 with Microsoft Virtual
Server—which is installed directly from the HP SIM CMS. Before the VMM agent can be installed,
the host server running Microsoft Virtual Server must be installed and identified correctly in HP
SIM. A server that has been correctly identified will have Virtual Machine listed in the Product
6
7. Name field. If this is not the case, make sure the Insight Management agents have been installed
and configured correctly, then run Identify Systems on the CMS.
Figure 3. Verify host server running Microsoft Virtual Server is installed and identified correctly in HP SIM
Secure Shell (SSH) must also be installed and configured before the VMM agent can be installed.
To install SSH, click Deploy -> Deploy Drivers, Firmware and Agents -> Install OpenSSH.
7
8. Figure 4. Install SSH
To configure the OpenSSH agent on the host server, click Configure -> Configure or Repair Agents.
After verifying the target host server and entering the appropriate credentials, the “Configure or
Repair Settings” pane will be displayed. De-select all except for the Configure secure shell (SSH)
access: administrator. Select Each user has to be authenticated on the managed system radio button.
8
9. Figure 5. Configure the OpenSSH agent on the host server
For more information about OpenSSH, see Secure Shell (SSH) in HP Systems Insight Manager, in the
HP SIM documentation.
Once SSH has been configured and the host has been correctly identified in HP SIM, you can deploy
the VMM agent to the target host server, register the target host server, and license the target host
server for VMM.
Select the desired Microsoft Virtual Server host server from the Central Management Server
console by clicking on the checkbox on the left side. Click Deploy -> Deploy Driver, Firmware and
Agents -> Install VMM Agent -> Windows.
9
10. Figure 6. Deploy the VMM agent to the host server
Verify the target server, complete the confirmation process, and click Run Now. Verify the status of the
deployment. The agents have been deployed. If the installation or the registration of the agent fails,
see the Virtual Machine Management Pack User Guide for troubleshooting tips.
Once the agent has been installed, the host VM must be registered. The registration process allows
the IP address of a Microsoft Virtual Server host server to be stored in HP SIM for further
communications; this process must be done for each Microsoft Virtual Server host. To register the
Microsoft Virtual Server host server for VMM, click Configure -> Virtual Machine Host Registration ->
Register VM Host.
10
11. Figure 7. Register host VM
Verify the target server, complete the confirmation process, and click Run Now. Verify the status of the
VMM agent registration process. The agents have been registered. If the installation or the registration
of the agent fails, see the Virtual Machine Management Pack User Guide for troubleshooting tips.
Once the agent has been registered, the host must be licensed. To license the Microsoft Virtual
Server host server for VMM, click Deploy -> License Manager -> Deploy Keys.
11
12. Figure 8. License the host
Verify the target server, complete the confirmation process, and click Run Now. Follow the on-screen
instructions to license the host server for Virtual Machine Management.
Note: When deploying license keys, you can deploy
multiple keys at one time to your target server. For instance,
license keys for Server Migration Pack and VPM
(Vulnerability and Patch Management) can be deployed to
your Microsoft Virtual Server host server. Follow the
onscreen instructions and verify the status of the VMM
licensing process.
12
13. Figure 9. Verify status
For more information on licensing virtual machine hosts, see the Virtual Machine Management Pack
User Guide.
From the HP SIM console, go to the System Page for the Microsoft Virtual Server host server. Expand
the Virtual Machines tree to see each of the VMs you created and their current status.
13
14. Figure 10. View status of VMs
The virtual machines for the target Microsoft Virtual Server host server are depicted in a tabular format
on the console. Use the elevator bar to scroll the right-hand side pane to view your Virtual Machine
Information. Check-out the virtual machines listed and the functions you have available to start, stop,
suspend, reset, etc. them from within the System Page for your Microsoft Virtual Server host server.
Virtual Machine Management Pack (VMM) adds performance information automatically to both the
physical host it is licensed for and its virtual machines. Take a look at the VM Performance information
displayed under the VM Performance tab.
14
15. Figure 11. VM performance information
Also, take a look at the Virtual Machine Performance information displayed under the Virtual Machine
Performance tree.
Figure 12. Virtual Machine Performance Tree
Note:
If a Microsoft Virtual Server host server is rebuilt or
reconfigured, the VMM agent may need to be unregistered
and then re-registered; this can be done from the Configure
-> Virtual Machine Host Registration menu.
For more information on HP SIM virtual machine hosts, see the Virtual Machine Management Pack
User Guide.
15
16. ProLiant Essentials Server Migration Pack
The HP ProLiant Essentials Server Migration Pack (SMP) extends the functionality of the HP ProLiant
Essentials Virtual Machine Management Pack to provide integrated physical-to-virtual machine (P2V),
virtual-to-physical (V2P), and virtual-to-virtual machine (V2V) migrations. P2V machine migration
enables migration of a physical machine to a virtual machine guest within a Microsoft Virtual Server
virtual machine host. For details on how to perform a P2V, V2P and V2V migration, refer to the SMP
User Guide.
Virtual-to-Virtual (V2V)
V2V migration will enable the user to migrate a virtual machine guest between different virtualization
layers (e.g., Microsoft Virtual Server, VMware ESX Server, VMware GSX Server (Windows)).
The migration process requires the source virtual machine guest to be “stopped.” As part of V2V
migration, the source virtual machine guest will be available only if the VM is stopped. HP VMM
agent software must be installed and running on the virtual machine hosts, both the source and the
target. Both the involved virtual machine hosts must be licensed and managed by VMM. No specific
software is required in the source VM guest.
Valid SMP migration license keys on the HP SIM console server are also required.
V2V migrations will not un-register/remove the virtual machine from the source virtual machine host
server.
For more details on how to perform a V2V migration, refer to the SMP User Guide.
Virtual-to-Physical (V2P) Migration
V2P migration will enable the user to migrate a virtual machine guest to a physical server (e.g., for
problem determination debugging/support services, deployment out to a remote location, etc.). V2P
migrations will not un-register/remove the virtual machine from the source virtual machine host server.
For details on how to perform a V2P migration, refer to the SMP User Guide.
Physical-to-Virtual (P2V) Migration
P2V migration will enable the user to migrate a physical server to a virtual machine on a Microsoft
Virtual Server host server. This is typically the first foray many companies take into the virtualization
realm with their IT infrastructure.
The Server Migration Pack allows you to simplify the server consolidation process and provides for
integrated physical-to-virtual (P2V) migrations. The P2V Migration wizard will help you turn a
source physical server into a virtual machine.
Note:
To ensure compatibility between your source physical server
and the target virtual machine host server, you will need to
upload the required drivers and OS binaries.
P2V migration pre-requisite – Install SMP Agent
1. Select the physical server that you will be migrating from the “All Systems” view in HP SIM.
For purposes of the example below, you will be migrating a physical server running
Windows Server 2003 EE.
16
17. 2. Install the SMP agent to your target physical server that you will be migrating. Click Deploy ->
Deploy Drivers, Firmware and Agents -> Install SMP Agent.
Figure 13. Click Deploy -> Deploy Drivers, Firmware and Agents -> Install SMP Agent.
3. The Step 1: Verify Target Systems pane will be displayed.
4. Select your host server from the list by clicking the check box at the beginning of the line item
for your server
17
18. Figure 14. Verify target systems pane
5. Click Next.
6. The Step 2: Install SMP Agent pane will be displayed. Enter the Administrator logon
credentials.
18
19. Figure 15. Enter Administrator logon credentials
7. Click Run Now and the Task Results window will open.
8. Check the Task Results status to see that it changes to Running and then Completed. The
%Complete will be updated with the progress.
19
20. Figure 16. Task Results status
9. Close the Task Results window.
Performing P2V Migration
Migrate a physical server to a virtual machine using the P2V Migration wizard in SMP.
10. To invoke SMP, click Deploy -> Virtual Machine -> P2V in the HP SIM console.
20
21. Figure 17. Invoke SMP
11. The Step 1: Verify Source Physical Machine pane will be displayed.
12. Select the physical server to migrate ‘from’ on the list by clicking the check box at the
beginning of the line item for your physical server.
21
22. Figure 18. Select physical server
13. Click Next.
14. The Step 2: Select Target Virtual Machine Host pane will be displayed.
22
23. Figure 19. Select Target Virtual Machine Host
15. Click Next.
16. The Step 3: Specify Virtual Machine File System Details pane will be displayed.
23
24. Figure 20. Specify Virtual Machine File System Details
17. Click Next.
18. The Step 4: Specify Target Virtual Machine Details pane will be displayed
24
25. Figure 21. Specify Target Virtual Machine Details
19. Modify the VM Name as desired in the VM Name text box.
20. Change the memory to the desired memory size (up to 3.6GB) for the VM in the Memory
(MB) text box.
21. Click on the “Browse” icon.
22. The “Select VM Target Folder” window will be displayed.
Figure 22. Select VM Target Folder
23. To specify a new target location, click on the New Folder icon
24. Type in the name of the new Folder and click OK. The target folder information is
updated.
25
26. Figure 23. Target folder information
25. Click OK
Figure 24. OK
26. Click OK
26
27. Figure 25. Step 4: Specify Target Virtual Machine Details pane
27. Click Next.
28. The Step 5: Confirm Migration Details pane will be displayed.
27
28. Figure 26. Step 5: Confirm migration details pane
29. Click Run Now and check the Running Tasks display to see that the percent complete is
updated and completes the P2V migration of the physical server to a virtual machine on
your host server (i.e., 100% complete).
28
29. Figure 27. Task results
Performing Post-migration configurations to Migrated Virtual Machine
30. Launch the Virtual Server Administration website
29
30. Figure 28. Virtual Server Administration website
31. Logon with administrator credentials.
32. If the Virtual Server Administration website was still open, click the refresh icon to see
the new virtual machine
33. Edit the configuration for the virtual machine. Go back to the “Master Status” page and
select the new virtual machine just created and select Edit Configuration.
30
31. Figure 29. Master status
34. Select Network Adapters.
35. Assign the “Virtual network adapter 1” to a physical host server network adapter for the
VM.
31
32. Figure 30. Assign virtual network adapter
36. Click OK.
37. Click on the VM system name and select Turn On. This will boot the Windows Server
2003 EE operating system on the migrated virtual machine.
38. Click on the new VM thumbnail.
39. The HP SMP Conversion: Windows Server 2003, Enterprise selection is now the default
OS on the boot loader. It will start automatically and the Windows logon prompt will
display.
40. Logon to the server with administrative rights credentials.
Note:
The VM SID cannot be authenticated against the domain at
this point for the migrated virtual machine.
32
33. Performing Post-migration configurations for Windows 2003
41. After the logon, a series of Windows messages “Found new hardware” will be
displayed. Windows Server 2003 operating system (being a plug-n-play operating
system) automatically detects new devices and installs appropriate drivers and
remunerates all the PCI devices. Drivers for devices that are no longer present in the
virtual environment, namely NIC devices, are automatically disabled. Please wait for the
hardware detection process to complete.
Figure 31. Hardware detection process
42. Reboot the virtual machine.
Note:
If the keyboard does not function properly, wait until all the
required drivers are installed; this may take a few minutes. If
you still do not have a keyboard response, power off and
power on your virtual machine. Remember to click the
mouse in the active window to activate the window and the
attention keys.
Once the keyboard is functioning properly, you can install the Virtual Machine Additions to get the
mouse working properly.
43. Install the Virtual Machine Additions by selecting Click Here to Start the Virtual Machine
Additions Setup in the new VM status pane at the bottom of the page.
33
34. Figure 32. Set up Virtual Machine additions
44. Logon to the server with administrative rights credentials.
45. The Virtual Machine Additions Windows Installer will start automatically. This may take a
few minutes to initiate after you logon.
Figure 33. Virtual Machine Additions Windows Installer
46. Once the Installer begins, when the Next button is highlighted, press Enter. This install
may take a few minutes to complete.
34
35. Figure 34. Installing
47. Once the installation is complete, when the Finish button is highlighted, press Enter.
Figure 35. Setup Completed
48. Press Enter when the message is displayed to restart your system. (i.e., When prompted
to restart, please restart the virtual machine.)
49. Logon to the server with administrative rights credentials.
50. The Display Settings balloon will be displayed.
35
36. Figure 36. Display Settings
51. Click the balloon.
52. Click Yes after the display settings box appears.
Figure 37. Click Yes
53. Click Yes when the Monitor Settings box appears.
Figure 38. Monitor Settings box
36
37. 54. Click Master Status in the Navigation Pane and check the completed P2V display with
the new VM.
Figure 39. Master Status
Network load from conversions
The network load could be significant once a migration process begins. To lessen the impact on
network bandwidth, schedule the migrations for times of low network utilization, or provide a
separate subnet to keep this traffic off the production networks. Running faster network components
between the CMS and the host physical server would also increase the network bandwidth.
Troubleshooting SMP and P2V
The following section discusses the functional operations and possible failure scenarios of the SMP
and P2V Wizards.
• Once the user selects “Run Now” on the SMP Confirm Migration Details pane, the P2V migration
process begins. The source physical server is rebooted several times during the process. The SMP
agent starts in exclusive mode when Windows (on the source machine) boots into Safe Mode for
the first time during the migration. The agent evaluates the partitioning scheme to layout the
partitions on the target VM. If the partitioning scheme is overly complicated or contains non-
standard partitions, the SMP tool may fail. This may occur with some third-party backup systems,
which place partitions on the physical machine that only they can interpret.
• If the source physical machine does not contain one of the following files systems (Fat16/32, NTFS,
RiserFS, SwapFS, Ext-2/3), the SMP tool may still work; however, the tools will copy the image to
the target in a raw format. This has a direct impact on the time it takes to complete the P2V process.
If the file system is supported, only the data is copied during the process. If the files system is not
supported, the entire expanse of the partition(s) is copied.
37
38. • Once the SMP agent is loaded, the majority of issues are with permissions and complex, or
unknown partition schemes.
• If the built-in Windows Administrator account is removed or renamed, the SMP, P2V, V2P or V2V
tools may not work. These tools typically require this account to be valid in order to perform
standard functions.
• The finished VM will have no networking components; these must be installed and configured as
described above after the migration process completes. This will vary based upon the network
topology and Virtual Networks that have been established.
• VMM and SMP use the following TCP ports: 1124, 1125, and 1126. If any of these ports are
blocked, these tools may not work correctly.
OpenView
HP OpenView Operations (OVO) provides a service- and business-driven approach to achieve rapid
control and availability of IT operations across the heterogeneous enterprise. Used to correlate the
impact of IT infrastructure on business-critical services, such as e-mail, ERP, and e-commerce,
OpenView Operations builds on an extensive policy base to monitor operating system and
application attributes and provide automated responses to common events.
OpenView Operations can be hosted on either Windows (OVOW) or UNIX® (OVOU) platforms,
OpenView Operations delivers distributed large-scale management from a unique service
management perspective to monitor, control, and report the health of the IT enterprise.
Integration with HP SIM
Whereas HP SIM provides a system-level approach to management and monitoring, allowing the
collection of server hardware health, HP OpenView provides enterprise-level controls over
manageable components and applications. HP SIM integrates into OpenView to provide both
levels of management for the virtualized infrastructure.
Note:
For more information on integration with HP SIM, see the
website at
http://h18013.www1.hp.com/products/servers/managem
ent/hpsim/hpsim-openview.html
HP OpenView Network Node Manager
The primary integration component between OVO and HP SIM is NNM (Network Node Manager).
Following are the key features to NNM:
• Automatically identifies and displays HP server and client status on the HP OpenView Network
Node Manager map with unique color-coded icons
• Detailed HP SNMP events for servers, clients and storage configurations translated and displayed in
the NNM event console using plain English
• Embedded menu items to launch the browser-based HP Systems Insight Manager, HP System
Management Homepage, HP Remote Insight administration interface, and the HP OpenView
Storage Management Appliance from the NNM event console
• Integrates into all major NNM host platforms, including HP-UX, Sun Solaris, and Windows
38
39. Note:
The HP Insight Integration for NNM is free and can be
downloaded from the URL below. For more information, see
http://www.hp.com/servers/integration
Smart Plug-in (SPI) for Microsoft Virtual Server
The SPI for Microsoft Virtual Server integrates into Microsoft Windows Server 2003 EE and provides
performance, configuration, event monitoring, and data collection services that allow statistical
information from Microsoft Virtual Server hosts to be monitored from OVO. The SPI works readily with
Microsoft Virtual Server tools.
The SPI also monitors the condition of VMs: On, Off, Suspended, etc. It also gathers configuration
information, host and guest performance information, and event information used for monitoring
and reporting. It gathers information concerning individual VMs and their use of the physical
hardware resources including CPU, memory, and I/O. It does not provide system and application
monitoring functionality for the VMs. However, a more in-depth management scheme can be
accomplished by deploying the HP OpenView Agent (OV agent), in combination with the
Windows OS SPI.
Note:
For more information regarding the HP OpenView SPI for Microsoft Virtual Server, see
http://www.managementsoftware.hp.com/products/spi/spi_msvs/index.html
Backup and recovery
The following sections discuss backup, recovery, and failover methodologies and implementations.
The primary concept that must be understood in relation to virtualization and “backup and
recovery,” is what makes up a VM (Virtual Machine). A VM is typically made of the disk
subsystem housing the virtual disk files typically used to store the VM configuration files (.vmc),
saved-state files (.vsv), undo disks (.vud), and differencing parent/child disks (.vhd). Virtualization
encapsulates an entire operating environment (a VM) using files. As such, the management and
disaster recovery of these environments is greatly simplified.
Microsoft Cluster Services
Clustering is the process of grouping devices and services to obtain high-availability or redundancy.
Microsoft Cluster Services (MSCS) uses the term “high availability” rather than “fault tolerant”
because fault-tolerance implies a high degree of hardware redundancy plus specialized software
resulting in near-instantaneous recovery from any single hardware or software fault. These solutions
cost significantly more than a MSCS solution because redundant hardware must be maintained in an
idle state in anticipation of a fault.
39
40. Server clusters do not guarantee non-stop operation, but they typically provide sufficient availability
for most mission-critical applications, provided that the application is “cluster-aware.”
There are additional benefits when using virtual machines for clustering. Virtual machines allow
multiple operating systems to run on a single server, enabling disparate clustered solutions to share
physical hardware, thereby decreasing the total hardware requirement.
Host clustering
When clustering VMs between physical servers, shared disk resources must reside on a SAN or NAS
storage subsystem. Each node of the cluster must be configured with identical hardware and the
hardware must be on the Windows Server Catalog.
The Windows Server 2003, Enterprise or Datacenter Edition is the currently supported host operating
systems for Microsoft Virtual Server 2005 R2.
Any shared storage (SAN, Direct Attached Storage or iSCSI) from the Windows Server Catalog can
be used. For SAN and iSCSI, eight (8) nodes are supported. For Direct Attached Storage, two nodes
are supported.
For applications that aren’t cluster aware, host clustering adds the ability to failover a clustered VM in
the event of a scheduled downtime or hardware failure.
Maximizing availability of a consolidated server
With Microsoft Cluster Services in Windows Server 2003, the administrator can maximize the
availability of virtual machines (“Guests”) consolidated on a Virtual Server host. When a failure or
scheduled downtime occurs, another clustered host will immediately begin providing support. The
availability of the operating systems and applications that are running will be interrupted for only a
short time regardless of how long the first server is down. Virtual Server host clustering leverages the
clustering services in Windows Server 2003 Enterprise R2 and Datacenter R2 and can be configured
with up to eight nodes.
If a host operating system patch is required or there is a need to service the underlying server
hardware (e.g., scheduled downtime), the administrator can use the Cluster Administrator tool to
move the virtual machines. Alternatively, the administrator can simply run Windows Update or the
ProLiant Essentials Vulnerability and Patch Management Pack (VPM) software to apply the necessary
patches and restart the host server when prompted. All of the virtual machines will automatically move
to another available cluster node regardless of the guest operating system.
Flexible storage solutions
With iSCSI deployed as the storage subsystem in the server cluster, all of the specialized
hardware once required for a server cluster is not needed. All that is required is additional
network adapters to connect the storage to the cluster nodes.
Ease of management
When Virtual Server 2005 R2 is configured in a host cluster environment, only each host server
node of the cluster running Virtual Server needs to be configured, not each VM. It doesn’t matter
how many VMs are running, only how many nodes are in the cluster. For example, if you have an
eight (8) node cluster with twelve (12) VMs each, clustering needs to be configured on only the
eight (8) nodes. The administrator doesn’t need to configure ninety-six (96) clusters to manage.
High availability
Configuring your SAN for redundancy through use of multiple storage controllers, dual-loop fabric,
and multiple HBAs is recommended for high availability. Microsoft Virtual Server has native support
through the host server OS for multipath I/O (MPIO).
40
41. Note:
For more information on the Windows Server Catalog, see
the Microsoft information website at
http://www.microsoft.com/whdc/hcl/default.mspx
HP OpenView Storage Mirroring
The purpose of this section is to provide functional and operational data on HP OpenView Storage
Mirroring (OVSM) and how it can be used to perform backup, recovery, and failover of Virtual
Machines.
Storage Mirroring is an ideal low-cost, entry-level, host-based software product for IP networks. OVSM
does not require high bandwidth Fibre Channel networks, high capacity replication and zero down
time service levels. Storage Mirroring provides near real-time full application or file recovery up to the
last-byte replication. OVSM is an excellent choice for low bandwidth, low storage volume changes
and meets business recovery goals within minutes or hours.
HP OVSM does not provide any specific functionality to virtualized machines. It responds to VMs the
same way in which it responds to physical machines. Because OVSM does not distinguish between a
disk partition in a VM or the disk partition in a physical machine, failover can be accomplished
between two VMs on two disparate host (physical) machines. Because of OVSM synchronization
processes, this can be done from room to room on a local site, or across the country.
HP OVSM performs four basic types of operations:
• Mirroring—The initial copy or subsequent resynchronization of selected data
• Replication—The on-going capture of byte-level file changes
• Monitoring/Failover—The ability to monitor and stand-in for a machine, in the event of a failure
• Restoration—A mirror of selected data from the target back to the source
Each of the above operations is described in the following sections. For complete details, see the
corresponding chapter in the HP OpenView Storage Mirroring User's Guide.
Mirroring
Mirroring specific data on VMs can be used to create copies of application data-stores or entire VM
partitions to maintain a copy of critical data in a VM. Mirrored data or partitions can be put back
into VMs if lost, or return the state of data to the time that the mirror process was performed.
Mirroring alone does not constitute a preferred method of recovery.
Mirroring copies (user defined) data from the source partition(s) on a VM to the target partition(s)
on another VM. This process initially consumes an amount of time specific to the amount of data
that must be copied to the target VM. If large partitions are mirrored between two VMs, the initial
process is lengthy, and will consume large amounts of network bandwidth. Once this initial
process is complete, however, all the (specified) data that existed on the source, now exists on the
target. This initial process also contains file attributes and permissions. Future replication of data
only involves data that has changes, so the required time and network bandwidth is lessened. If
further, more complete mirroring is required, OVSM can mirror specific files or blocks of changed
data inside files.
41
42. Replication
Replication is the real-time transmission of file changes. Unlike other related technologies, which are
based on a disk driver or a specific application, OVSMs’ replication process operates at the file
system level and is able to track file changes independently from the file’s related application. In terms
of network resources and time, replicating changes is a more efficient method of maintaining a real-
time copy of data than copying an entire file that has changed. After a source and target have been
connected through OVSM, file system changes from the user-defined mission-critical data are tracked.
OVSM immediately transmits these file changes to the target machine. This real-time replication keeps
the data on the target machine up-to-date with the source machine and provides high availability and
disaster recovery with minimal data loss.
Unlike mirroring, which is complete when all specified files are copied to the target, replication
captures the changes as they are written to the source and sends them to the target continuously.
Replication keeps the target up-to-date and synchronized with the source.
Monitor/Failover
Failover is a process in which a target machine stands in for a failed source machine. As a result,
user and application requests that are directed to the failed source machine are routed to the target
machine.
HP OpenView Storage Mirroring monitors the status of machines by tracking network requests and
responses exchanged between source and target machines. When a monitored machine misses a
user-defined number of requests, HP OpenView Storage Mirroring assumes that the machine has
failed. HP OpenView Storage Mirroring then prompts the network administrator to initiate failover, or,
if configured, it occurs automatically.
The failover target assumes the network identity of the failed source. When the target assumes the
identity of the source, user and application requests destined for the source machine or its IP
address(es) are routed to the target. After failover, user and application requests directed to the
source machine are routed to the target machine.
When partnered with HP OpenView Storage Mirroring’s data replication capabilities, failover routes
user and application requests with minimal disruption and little or no data loss. In some cases,
failover may be used without data replication to ensure high availability on a machine that only
provides processing services, such as a web server.
Restoration
Restoration provides an easy method for copying replicated data from the target back to its original
location on the source. The process requires only the user to select the source, target, and the
appropriate replication set. There is no need to select files or remember the source data location; that
information is maintained by HP OVSM.
Restoration can be used if the source data is lost due to a disk crash or when the most up-to-date
data exists on the target due to failover. At the time of a source machine failure, the HP OVSM
target contains the same data as the source. If you are using HP OVSM failover capabilities, users
can continue updating data on the target machine while the problems on the source are resolved.
Because of the continued updates on the target, when the source machine is ready to come back
online, the two machines will no longer contain the same data. Restoration is the process of
copying the up-to-date data from the target back to the original source or new source location
when bringing the source back online.
42
43. User scenario
The user scenario provided in the following section is simply a plausible configuration. This
configuration has not been certified within HP's labs; it is based on field implementations and
known best practices. For solutions customized to fit your implementation, please see your HP
Representative.
Figure 40. User Scenario
43
44. The user has deployed and configured three Microsoft Virtual Server host servers with three (3) VMs
each. This configuration provides reference information to both users and company field personal.
Two of the primary Microsoft Virtual Server host servers service requests from the load balancer; the
third Microsoft Virtual Server server host is a backup (the Maintenance Microsoft Virtual Server Host
Server) and contains the same configuration; its VMs remains offline during normal operations. The
configuration and data are synchronized between each VM’s local disk using HP OVSM.
The Primary Microsoft Virtual Server host servers contain the web and application servers. The
database is located on a secure network behind a firewall on a separate instance of Microsoft
SQL Server. An appliance load balancer sits behind a firewall and edge-facing router, and
controls traffic to the web server VMs. Each Microsoft Virtual Server host server contains a single
Java™-based application server and two Microsoft IIS servers. In this scenario, HP OVSM is used
to replicate data between all VM partitions, keeping the VMs in sync. If a Microsoft Virtual Server
host server fails or is taken offline, the Maintenance Microsoft Virtual Server host server can stand-
in for the failed host. A script on the load balancer adds the VMs from the Maintenance Microsoft
Virtual Server host server into the pool.
Backup methodologies
The following section of this guide discusses possible backup methodologies in a virtualized
environment. It is highly likely that no one method will fit all backup requirements. In some instances,
multiple methods must be employed to accomplish the desired goals. Each method listed here must be
evaluated to determine its applicability and desired configuration.
Golden Masters VMs
The purpose of a Golden Master is to have one single encapsulation of an operating environment and
all its associated parts. An example of this would be a SysPrep-ed VM with Microsoft Windows
Server 2003, SP1, Microsoft SQL Server 2005, and all the associated applications, utilities, and
configuration parameters to produce a completely functional Microsoft SQL Server database server.
(Much the same as if Windows Server 2003 running Microsoft SQL Server 2005 were installed and
operational on a physical server.)
The purpose of keeping only one Golden Master VM for each operating environment is to ease the
burden of maintaining patch levels inside the VM. One Golden Master also guarantees that the
desired environment can be quickly reproduced with predictable, repeatable results. This also
maintains business continuity.
A critical step in maintaining only one Golden Master VM per operating environment is to keep a
backup copy of that VM and recreate the backup each time changes are made. Standard backup
and recovery strategies should be followed to protect the Golden Master VM. Storing the Golden
Master VM copy off-site and applying revision control are two such strategies.
Golden Master Limitations
There are moderate drawbacks to Golden Master VMs. Maintaining a Golden Master VM for
each environment (to be reproduced), requires storage space and administrative resources to
provide revision control. The creation of a Golden Master VM is typically a manual process.
Patching and updating each programmatic function in a Golden Master VM could prove time
consuming. If updated manually, the Golden Master must be brought online, the patch process
could then be completed and the VM SysPrep-ed, copied, and placed back in storage.
Example
Create a Windows Golden Master VM by copying the .vhd file of an existing Microsoft Virtual Server
VM or creating the VM using the SMP tool. Make sure the VM is patched and updated. Using
Windows Explorer, copy the .vhd file of the source VM to a separate location (this allows the name to
44
45. remain the same if needed). Once the .vhd file has been copied, select Virtual Machines -> Create
from the Master Status pane in the Microsoft Virtual Server Administration website and create a VM
using this .vhd file. Launch the VM and run SysPrep, and power off the VM. The .vhd file can now be
considered a Golden Master.
To create a new VM from the Golden Master, copy the .vhd file to the desired location and rename it
as needed. Select Virtual Machines -> Create from the Master Status pane in the Microsoft Virtual
Server Administration website and create a new VM using this .vhd as the “use an existing virtual
hard disk” disk file.
Power on the VM. Because the SID information has been removed, the front-end to the Windows
install appears at power on. Provide the necessary ID and network information to complete the
Windows installation. Once complete, the VM should be an exact duplicate of the original.
Backups in a VM
The following section discusses using backup components inside a VM. Backups inside a VM function
very much the way they would in a physical server. Typical backup software products will work inside
a VM. However, backing up from inside the VM does not typically constitute a best practice method.
A typical backup and recovery scenario (in relation to physical servers) involves an operating
environment where the backup software or agents are installed. To recover the data of a VM, the VM
environment would have to be operating and the backup software installed in order to begin a restore
process. In other words, to recover, the VM must typically be up and running. Imaging software such
as Symantec Ghost could be used to image the partitions of the VM, but a VM would have to be
created and a recovery disk booted to recover the image of the VM.
Because a VM only consists of several files, it is much more efficient to simply copy the files that
make up the VM; the restore process then becomes much faster and simpler.
Backup Microsoft Virtual Server host server
When backing up the Microsoft Virtual Server host server, there are two file systems to consider.
Typically, the Microsoft Virtual Server binaries and configuration files are contained on local
server storage and the virtual machines’ virtual disk files (VM configuration files (.vmc), saved-state
files (.vsv), undo disks (.vud), differencing parent/child disks (.vhd), etc.) are contained on a SAN
storage subsystem. SAN snapshot software is often used to image LUNs and thereby protect the
virtual machine’s virtual disk files, while arrays are configured on local storage to protect the
Microsoft Virtual Server binaries and configuration files. HP offers StorageWorks Continuous
Access for the EVA, and HP OpenView Storage Virtual Replicator for management and snapshot
capabilities.
VMM Backup
The following section discusses the VM backup process available in the VMM pack. This backup
creates an append file to support the VM; with the append file being written to by the VM, the
original .vhd is backed up.
1. To invoke SMP, click Deploy -> Virtual Machine -> Backups -> Create Virtual Machine Backup
in the HP SIM console.
45
46. Figure 41. Invoke SMP
2. The Step 1: Verify the Virtual Machine to Backup pane will be displayed.
46
47. Figure 42. Verify the Virtual Machine to Backup pane
3. Select the VM to backup on the list by clicking the check box at the beginning of the line item
for your VM.
4. Click Next.
5. The Step 2: Select VM Backup Repository Host pane will be displayed.
47
48. Figure 43. Select VM Backup Repository Host pane
6. Select the target repository host Microsoft Virtual Server host server from the list.
7. Click Next.
8. The Step 3: Select VM Backup Repository Location pane will be displayed.
48
49. Figure 44. Select VM Backup Repository Location pane
9. Click on the Browse icon.
10. The “Select VM Backup Repository Folder” window will be displayed.
49
50. Figure 45. Select VM Backup Repository Folder
11. To specify a new target location, click on the New Folder icon.
12. Type in the name of the new Folder and click OK. The target folder information is
updated.
Figure 46. Folder
13. Click OK.
50
52. Figure 48. Select VM Backup Repository Location
15. Click Next.
16. The Step 4: Select VM Backup Options pane will be displayed.
52
53. Figure 49. Select VM Backup Options pane
17. Click Next.
18. The Step 5: Confirm Details pane will be displayed.
53
54. Figure 50. Confirm Details pane
19. Click Schedule.
20. The Step 6: Schedule Task pane will be displayed.
54
55. Figure 51. Schedule Task pane
21. Enter the desired schedule information that you want the automated backup for this VM to
take place.
22. Click Done.
23. The All Scheduled Tasks pane will be displayed with the Create Virtual Machine Backup
Task as per the scheduled information provided.
55
56. Figure 52. All Scheduled Tasks pane
Intelligent Fault Resilience
Intelligent Fault Resilience technologies reduce customers’ exposure to unplanned events through
automated, intelligent software and hardware that allow the subsystems to predict, diagnose, and
respond to potential and actual fault conditions through automated software and hardware tools. It
reduces downtime by predicting fault conditions and automating response procedures, thus saving
time and money. These tools can provide the immediate increased benefits for the following areas:
• High Availability
• Failover
• Stability
• Clustering
Intelligent Fault Resilience levels
The Intelligent Fault Resilience technologies of HP can best be represented as a pyramid constructed
with multiple levels. Each level of the pyramid builds upon the Intelligent Fault Resilience of the levels
below. Moving up through the levels of the pyramid increases the availability, stability, reliability and
serviceability of the systems.
56
57. Figure 53. Intelligent Fault Resilience
Multiple Systems
L evel
Systems Management
L evel
Single Systems
L evel
Foundation
L evel
Foundation Level
The Foundation Level introduces the concept of establishing and/or improving the data center
environment for running and supporting high-availability business-critical systems. To determine the
overall ‘health’ of the physical data center environment, availability assessment and environment
analysis review should be performed across each of the key environment domains: hardware,
software, applications, the network, physical environment, and management processes. This review
will provide an in-depth list of recommendations for risk reduction, including identification of key
areas for improvement and specific actions and services to consider that can minimize risk and
maximize availability.
At the network and physical environment domains, some features and/or recommendations that
should be considered include:
• Precision Air Conditioning – redundant high capacity chillers and air handling units for the data
center. The second unit is relied upon for full capacity in the event of a single unit failure.
• UPS and Power Conditioning – to protect equipment in high-density networks providing continuous
operation and facility-wide surge suppression.
• Facility Power – dual power drops from separate sub-stations. In the event of a loss of power due to
a failure at one of the power substations.
• Internet Connectivity – should be obtained from multiple (at least two) Internet service providers. In
the event of a failure of one of the providers, users would still be able to access the system via the
second provider. The key feature to look for is diversity in connectivity between the two providers;
for example, consider installing a leased line for primary provider, and satellite or cable modem for
the backup.
• Network Infrastructure – for eliminating single-points-of-failure within the network topology, the
network architecture should be dual redundant.
57
58. Single Systems Level
Single systems features
The Single Systems Level introduces the concept of component-based Fault Tolerance, which is
designed to reduce downtime. Existing servers have hot-plug redundant cooling fans and power
supplies as well as PCI Hot Plug slots. The Error Checking and Correction (ECC) memory, a standard
feature of ProLiant servers, prevents single-bit, “soft” memory errors from propagating into double-bit,
“hard” memory failures that would cause a complete server shutdown. The servers and storage
systems also have hot plug drives. Each of these technologies reduces the unplanned downtime at the
component layer by allowing the customer to keep the server up and running, in a degraded state,
while replacing the failed component.
On a broader scale, the use of server hardware modular designs in the HP ProLiant DL585 and HP
ProLiant DL580 servers permits customers to upgrade their systems gradually and easily over time.
This “extended life architecture” design not only protects customer investment over the long term,
but also permits the expansion of compute power or other capacities without having to shut down
compute services to do a server swap.
Increased data and advanced memory protection features
The Increased Data Protection is another feature of the Single Systems Level focused towards
alleviating customer concerns about increased data availability and protection. When using HP Smart
Array controllers and drive arrays, the customer can sustain a single drive failure without any
downtime or data loss. Using the latest RAID Advanced Data Guarding (ADG), the customer can
sustain two simultaneous drive failures without any downtime or data loss. This advanced RAID level
offers dramatically higher fault tolerance than RAID 5, with a lower implementation cost than RAID
0+1.
The HP Advanced Memory Protection features of the Single Systems Level are also focused towards
providing increased fault tolerance for applications. Using HP Advanced Memory Protection provides
increased fault tolerance for applications that require high levels of availability.
In HP ProLiant DL380 servers, Online Spare Memory benefits customers who cannot afford
unscheduled downtime from memory errors, yet can wait until scheduled downtime to replace failed
DIMMs.
In HP ProLiant DL580 servers, Hot Plug Mirrored Memory is a more fault-tolerant option for customers
who cannot afford downtime from memory errors and do not want to wait until scheduled downtime
to replace failed DIMMs.
In HP ProLiant DL760 G2 and ProLiant DL740 servers, the introduction of Hot Plug RAID Memory
provides the highest level of availability by allowing customers to hot-replace, hot-add and hot-
upgrade DIMMs without shutting down the server. Hot-Plug RAID Memory provides key functionality
that has previously been unavailable within industry-standard servers. As redundant array of
independent disk technology used in storage subsystems, Hot-Plug RAID memory uses a redundant
array of industry-standard DIMMs to provide fault tolerance and the ability to hot replace and hot add
memory while the server is operating. With Hot-Plug RAID Memory, the RAID engine provides
redundancy to ensure data protection, and the hot-plug abilities allow replacing a DIMM without any
downtime.
Systems Management Level
The Systems Management Level introduces the concept of Fault Prediction and Fault Diagnoses. These
features further enhance the Fault Tolerance of the Single System level. A notification that a
58
59. component is out of specifications and that a failure is possible is sent and appropriate action of
replacing the component before it actually fails can be taken.
HP Systems Insight Manager (HP SIM)
HP Systems Insight Manager helps maximize system uptime and performance. It is part of the
foundation level and ships free with all ProLiant servers. HP SIM reduces the cost of maintaining the IT
infrastructure by providing proactive notification of problems before those problems result in costly
downtime and reduced productivity. Management Agents monitor parameters on system and
subsystem elements such as disks, processors, memory, fans, and temperatures. In the event of a
subsystem failure, these agents initiate alerts to the management console. Parameter monitoring and
alerting by Management Agents allows HP SIM to predict impending component failures. If the
Management Agents detect problems that require replacing a disk, processor, or memory within the
server’s warranty period, HP will replace these components free of charge in its Pre-Failure Warranty
Program. The combination of the Management Agents and the HP Pre-Failure Warranty program
helps system administrators prevent unnecessary downtime by providing advance notice of potential
server component failures and by facilitating rapid and proactive replacement of failing parts.
Performance Management Pack (PMP)
The ProLiant Essentials Performance Management Pack (PMP) featuring the ProLiant Performance
Analyzer is a software solution that detects and analyzes hardware bottlenecks on HP ProLiant
servers. PMP provides the tools to receive proactive notification of building bottleneck conditions, and
debug existing performance issues. With the PMP software, performance can be monitored on one or
more servers. The performance information is analyzed to determine if there is a building or existing
performance bottleneck issue. You can interactively display this information, log the information in a
database for later analysis or reporting, and set up proactive notification using the HP SIM
notification mechanism.
Integrated Lights-Out (iLO)
HP integrates iLO capabilities directly into the architecture of ProLiant servers. An intelligent
microprocessor is included in iLO and can be accessed via a dedicated Lights-Out port on the rear
bezel of the server. This port can be connected to a corporate intranet, the Internet (via VPN
technology) or a separate management network. Accessed via a standard browser from any
network connection, the iLO capabilities will not require any unique software applications to use.
Multiple Systems Level
Cluster fault resilient features – host clustering
The previous two layers discussed were primarily concerned with single systems and component-
based redundancy. The top layer is concerned with multiple systems and server-based
redundancy. The Cluster Fault Resilient feature builds upon the previous two layers that include
server component-based redundancy along with software-based fault prediction and diagnosis.
The Cluster Fault Resilient feature increases the level of fault protection and high availability by
focusing on overall server and application availability. This feature begins with the use of multiple
servers or cluster configurations to increase the fault protection level.
Note:
Clustering multiple VMs on a single host server provides
simple clustering to handle software crashes or
administrative errors. The cluster consists of multiple virtual
machines on a single physical machine. It supports shared
59
60. disks without any shared SCSI hardware. This configuration
supports heartbeat monitoring without the need for
additional network adapters. Because this configuration
consists of a single physical server, the cluster is subject to
failure if the physical server fails.
In a simple MSCS host cluster configuration designed for high availability, up to eight (8) host servers
or “nodes” are active and serving the requests of their own clients. Each node communicates with
every other. The Microsoft Cluster Service constantly monitors the health of each node. If any node
experiences a component or complete server failure, the Microsoft Cluster Service automatically
detects the error or failure. The ownership of the application, disk or network resources is failed over
immediately and automatically to another node. The failover quickly returns complete service to the
end users. This failure detection and failover is fully automatic; no operator intervention is required.
Basically, failover is the process of reverting operations to a secondary system (or systems) in the case
of a failure. There are many methods of failover and many levels at which failover can occur. In a
multi-tiered architecture, failover at the data store level is the most common. This is typically
accomplished by SAN replication and occurs primarily to protect the data, maintain uptime, or limit
the amount of time (non-production time) needed to recover from a failure. This guide concentrates on
system-level failover, that is, the recovery of a single virtual host in a virtualized environment.
The high availability capabilities of a cluster configuration are a significant improvement over the
availability capabilities of a standalone server. The increase in capabilities is more expensive than a
standalone server; however, in implementation areas such as Microsoft Virtual Server 2005 R2
virtualized architectures, where a host server is housing many mission-critical applications where the
cost of downtime is measured in thousands, tens of thousands or hundreds of thousands of dollars per
hour, the additional cost is easily justified.
When clustering VMs between physical servers, shared disk resources must reside on a SAN or
NAS storage subsystem. Each node of the cluster must be configured with identical hardware, and
the hardware must be on the Windows Server Catalog.
Note:
For more information on the Windows Server Catalog, see
the Microsoft information website at
http://www.microsoft.com/whdc/hcl/default.mspx
The Windows Server 2003, Enterprise or Datacenter Edition is the currently supported host operating
systems for Microsoft Virtual Server 2005 R2.
Any shared storage (SAN, Direct Attached Storage or iSCSI) from the Windows Server Catalog can
be used. For SAN and iSCSI, eight nodes are supported. For Direct Attached Storage, two nodes are
supported.
For applications that aren’t cluster aware, host clustering adds the ability to failover a clustered VM in
the event of a scheduled downtime or hardware failure.
Maximizing availability of a consolidated server
With Microsoft Cluster Services in Windows Server 2003, the administrator can maximize the
availability of virtual machines (“Guests”) consolidated on a Virtual Server host. When a failure or
scheduled downtime occurs, another clustered host will immediately begin providing support. The
availability of the operating systems and applications that are running will be interrupted for only a
60
61. short time regardless of how long the first server is down. Virtual Server host clustering leverages the
clustering services in Windows Server 2003 Enterprise R2 and Datacenter R2 and can be configured
with up to eight nodes.
If a host operating system patch is required or there is a need to service the underlying server
hardware (e.g., scheduled downtime), the administrator can use the Cluster Administrator tool to
move the virtual machines. Alternatively, the administrator can simply run Windows Update or the
ProLiant Essentials Vulnerability and Patch Management Pack (VPM) software to apply the
necessary patches and restart the host server when prompted. All of the virtual machines will
automatically move to another available cluster node regardless of the guest operating system.
Flexible storage solutions
With iSCSI deployed as the storage subsystem in the server cluster, all of the specialized
hardware once required for a server cluster is not needed. All that is required is additional
network adapters to connect the storage to the cluster nodes.
Ease of management
When Virtual Server 2005 R2 is configured in a host cluster environment, only each host server
node of the cluster running Virtual Server needs to be configured, not each VM. It doesn’t matter
how many VMs are running, only how many nodes are in the cluster. For example, if you have an
eight (8) node cluster with twelve (12) VMs each, clustering needs to be configured on only the
eight (8) nodes. The administrator doesn’t need to configure ninety-six (96) clusters to manage.
High availability
For the purpose of clarification, High Availability references an architecture that is resilient to failure
and is capable of recovering quickly when failure occurs. This should not be confused with Fault
Tolerant, which typically indicates a solution designed to eliminate failures or down time.
Configuring your SAN for redundancy through use of multiple storage controllers, dual-loop fabric,
and multiple HBAs is recommended for high availability. Microsoft Virtual Server has native
support through the host server OS for multipath I/O (MPIO).
Fault resilient failover methods
The following section discusses active/active and active/passive failover methods.
Active/Passive
In an active/passive configuration, an application runs on a primary server. A dedicated secondary,
or “backup,” server is present to take over when the primary fails. The backup server is passive,
meaning it is not configured to perform any other functions. Consider the condition of a database
after a failover has occurred in an active/passive configuration. The IP address used by the clients
moves as well. This is extremely important: If IP addresses were not moved, all clients would have to
be updated on each server failover.
Active/Active
In an active/active configuration, each server is configured to run a specific application or services,
as well as provide backup for its peer. Consider a situation in which the file server fails and its peer
takes on both roles. Notice the surviving peer server now has two IP addresses assigned.
The active/active configuration seems more efficient in terms of hardware utilization. Many customers
object to the concept of a valuable system sitting idle. However, this line of reasoning can be flawed.
In the previous active/passive (sometimes referred to as asymmetric) example, the backup server
requires only as much processor power as its peer. On failover, performance remains the same.
61
62. In the active/active example, the backup server requires not only enough processor power to run the
existing application, but also enough to run the new application it takes over. In other words, if a
single application requires one processor to run properly, an active/active configuration requires two,
single-processor systems. However, to run identical applications on each server, an active/active
configuration would require two, dual-processor systems.
Further issues can arise in active/active configurations when multiple applications running on the
same system do not co-exist properly. Some applications work well with multiple copies started on the
same system, but others fail. Another possible problem arises when two applications with different
I/O and memory requirements are running on the same system. Thorough testing in an active/active
configuration can uncover most issues. Today, many clusters employ active/active configurations.
When a server fails in this configuration, performance level remains acceptable for the short time it
takes to restore the server.
SAN failover
The following section discusses failure and recovery for a SAN in a virtual environment. The SAN
data should typically be protected by a snapshot utility or software capable fbackup and recovery,
but another possible failure of SAN is cable or HBA failure, or path failure.
Figure 54. Microsoft Windows Server 2003 and Virtual Server 2005 R2 multipathing architecture
In the preceding diagram, there are multiple, redundant paths from each server to the storage device.
For example, if HBA1, or the link between HBA1 and the Fibre Channel (FC) switch breaks, HBA2
takes over and provides the connection between the server and the switch. This process is called HBA
failover.
Similarly, if Storage Partition (SP)1, or the link between SP1 and the switch breaks, SP2 takes over
and provides the connection between the switch and the storage device. This process is called SP
failover. Microsoft and HP provide this multi-pathing I/O (e.g. MPIO) support described above for
numerous supported fibre-attached storage subsystems.
Microsoft provides the MPIO framework for the Windows Server 2003 OS (or it can be downloaded
with the various support packs from HP for each of the storage-specific devices).
62
63. Choosing path management tools
HP MPIO DSM Manager is a Microsoft Management Console (MMC) snap-in application that
monitors and manages HP Full Featured (FF) DSMs in a Windows Multipath input/output (MPIO)
environment. You can use HP MPIO DSM Manager to view and manage the disk devices
supported by all the HP FF DSMs in your Windows MPIO environment. It is based on the Microsoft
MPIO framework and provides features such as I/O load balancing, path failover and path
recovery/failback to help maintain a constant connection between the host server and the storage
device in case of the failure of a Host Bus Adapter (HBA), switch, storage controller, or Fibre
Channel cable.
In case of failover
When a cable is pulled, I/O freezes momentarily, until the SAN driver determines that the link is
down, and failover occurs. During that time, the virtual machines (with their virtual disks installed on a
SAN) may appear unresponsive, and any operations on the virtual hard disk files may appear to
hang. After the failover occurs, I/O should resume normally.
Even though Microsoft Windows Server 2003 running Microsoft Virtual Server's failover feature
ensures high availability and prevents connection loss to SAN devices, all connections to SAN
devices may be lost due to disastrous events that include multiple breakages.
If all connections to the storage device fail, then the VMs will encounter I/O errors on their virtual
hard disks.
Security
The following sections contain information on security in a virtual environment.
HP Vulnerability and Patch Management Pack
The Vulnerability and Patch Management Pack identifies and provides recommendations to resolve
security vulnerabilities, and delivers advanced patch management through automated acquisition,
optimized deployment, and continuous enforcement of security patches.
Although VPM is not directly related to virtualization, patching VMs is very similar to patching
physical servers. The VPM scanning process runs to determine patch levels and vulnerabilities; once
this scan is complete, the user can apply the desired patches and correct the vulnerabilities as
needed.
Because the VMs have a tendency to outnumber the physical machines, patching a large number of
VMs could overload network segments. Patch VMs during non-peak times whenever possible, and
limit the number of VMs to be patched in any given session.
Patching Microsoft Virtual Server VMs
The patching process is typically straight-forward for patching Microsoft Virtual Server VMs.
However, some precautions about patching VMs should be observed.
• Shutdown any suspended VMs.
• Commit or discard any changes to the .vhd files for Undo Disks.
• Make backup copies of the VM virtual disk files as a precaution.
• Verify that no file locks are in place on the .vhd files due to VM migrations, backups, etc.
63
64. HP SIM security
The following section discusses the HP SIM/VMM security model. Security in HP SIM encompasses
a wide array of processes and protocols. The following diagram shows the heavy reliance on SSH
and SSL to secure traffic between HP SIM and VMM.
Note:
For more information on HP SIM security, see the white
paper: http://www.hp.com/wwsolutions/misc/hpsim-
helpfiles/hpsim-ssh-wp.pdf
Figure 55. Heavy reliance on SSH and SSL to secure traffic between HP SIM and VMM
SIM Management Server (CMS)
SIM HP Virtual Machine
HP Virtual Machine
Management Pack
Management Pack
VMM Menu Items
VMM Menu Items
SSL RMI SSO
SSL RMI SSO VMM Web Service
VMM Web Service
Event Manager
Event Manager HTTP
HTTP
VM Host Server
Status SQL
SQL VMM Service
VMM Service SSL
SSL VMM Agent
Monitoring Control
Monitoring Control CLI Start, Stop, Shutdown,
Pause
Create, Add, Remove,
Create, Add, Remove,
Discovery Detect Changes
Delete Changes
VM Host
VM Guest Identification & SSL RMI
SSL RMI Virtualization Layer
Identification Association
VM Guest Server
WBEM // WMI
WBEM WMI
WBEM / WMI
OpenSSH
OpenSSH (Secure Shell) provides a standard way to remotely and securely run commands and obtain
information. SSH is standard with Linux and HP-UX, and there are both free and commercial versions
available for Windows. HP SIM includes a version of OpenSSH for Windows, with a modified
Cygwin to resolve certain security limitations.
SSH must be loaded on the CMS (Central Management Server) machine, also referred to as the HP
SIM Console. Microsoft Windows Server 2003 does not load SSH by default; however, SSH can be
installed from CMS to the target Microsoft Virtual Server host server. SSH is required to execute many
VMM tasks and is also used to deploy the VMM agent onto the target Microsoft Virtual Server host
server.
64
65. Virus throttling
This technology targets virus behavior instead of virus signatures and slows the spread of new,
unknown viruses until their behavioral patterns can be detected and eliminated by standard virus
scanning software.
The typical worm virus attempts to connect to as many machines as it can, as quickly as it can.
Therefore, a highly networked system with connections to many other machines allows a worm to
propagate faster. Virtualized systems can make good use of virus throttling, because they are typically
interconnected with other VMs through virtual networks.
The Virus Throttle technology actively monitors machine communications, and when it detects a system
attempting to make numerous rapid connections, it automatically limits the number of connections the
potentially infected system can make and notifies an administrator of a possible problem. The
administrator can investigate the system and even bring it offline until the virus can be identified and
a remedy for it put in place.
Virus Throttle technology hampers, contains, and mitigates attacks to buy time for the user to respond.
It works in conjunction with current antivirus solutions to protect against both known and unknown
worm viruses.
Performance management
Server load balancing
The following section discusses load balancing strategies in a virtualized infrastructure.
Multiple NICs
Nearly all virtualization layer software is challenged in the area of network and disk I/O. One of the
least expensive ways to make virtual machines perform better is to install multiple network adapters in
the host computer. Instead of configuring all the virtual machines to use a single physical network
adapter, configure groups of virtual machines to use virtual networks, and configure each virtual
network to use a different physical network adapter. This configuration helps spread the network
traffic across multiple network adapters, which can increase performance.
Microsoft NLB
All current Windows operating systems support NLB (Network Load Balancing). In this configuration,
NICs are clustered together to service a single VIP (Virtual IP). Although the VIP has nothing directly to
do with Microsoft Virtual Server virtualization, it does allow multiple NICs to respond to requests and
share the network traffic load.
The NICs are referred to as hosts, and grouped into a cluster. NLB is a software-based load balancer
often used to support traffic to and from a web server or farm.
NLB does work with multiple virtual NICs (the NICs inside a VM), therefore multiple virtual NICs could
be tied to an NLB cluster and service network traffic.
As in the physical world, if multicasting is enabled, make sure all routers on the subnet can support
that feature.
65
66. Note:
For more information on Microsoft NLB, see the website:
http://www.microsoft.com/windows2000/en/advanced/h
elp/default.asp?url=/windows2000/en/advanced/help/p
arameter_definitions.htm
ProLiant server tuning
The following sections discuss performance tuning of ProLiant servers in a virtualized environment.
For starters, it is advised to not run other programs on the host server that runs Microsoft Virtual Server
2005 R2. Another program may compete with Microsoft Virtual Server 2005 R2 for resources.
Therefore, Microsoft Virtual Server 2005 R2 might not have sufficient resources. This problem could
affect all the running virtual machines. Although sometimes you must run other programs or services
on the Microsoft Virtual Server 2005 host computer, such as when you must run a program that
cannot run in a virtual environment, HP recommends that you avoid this practice.
Virtual Machines respond much the same way physical machines respond to performance tuning.
When dealing with VMs, it is usually advisable to disable any unused I/O devices. This may free up
IRQs or otherwise trapped I/O resources. Devices such as floppy drives, CD-ROMs, USB, COM or
Parallel port devices may all consume moderate I/O resources even with no devices actively using
them.
Warning: If applications, startup jobs, script, etc. expect to
see these devices, and the devices are disabled,
unpredictable results may occur.
Turning off unused services such as Print Spooler, Messenger, Alerter, screen savers, etc. can also free
up resources. While it should be obvious that services such as RPC could not be disabled in a
Windows VM, often it is not clear what other services can be disabled without negative impact.
Microsoft lists performance tuning techniques for all their operating systems at
http://www.microsoft.com/
AGAIN: Caution should be taken when disabling services, unpredictable results may occur.
Consider also turning off unused network protocols and logging functions that are not needed.
Performance baseline
The initial process of establishing a performance baseline is probably the most critical step in
performance tuning, it is also the step that most people overlook. The baseline determines how the
environment is currently operating. Chart and collect the subsystem performance of both the target
Microsoft Virtual Server host server and VMs for a timeframe that produces usage data that is
typical of the operating environment being tuned. In other words, the sample periods and testing
durations must produce performance data that represents an accurate picture of how the
environment is operating.
66