Tag Archives: licensing

Easing the pain of a VMware audit

I recently had to complete an external audit of our VMware estate and thought it might be useful to others to know what the process entails, what you’ll need to provide to the auditors, and a few issues that I wasn’t aware of beforehand around licencing compliance. The initial approach by the auditor will describe the overall process and expected timelines (which will vary based on the size of your company).

There are two main steps in the process – self disclosure and discovery;

  1. Self disclosure is where you detail your use of VMware software including vCenters, ESX/ESXi hosts, VMs, and licences. In our case this was collated into an Excel spreadsheet provided by the auditor (the deployment detail workbook). You’ll also have to answer some high level questions about your company (such as how many locations you have), how you audit internally (how you track licences – third party tools, vCenter etc), when you initially deployed VMware in your company, and some info about your contacts for the audit. How you collect this information is up to you but there are a couple of good choices;
    • Export data from vCenter using the GUI
    • Export date from vCenter using PowerCLI scripts
    • Use third party tools.

    I used a mixture of RVTools (which is a handy and free download) and PowerCLI scripts. The native ‘Export’ feature in vCenter isn’t very flexible (there’s no way to export all the MAC addresses of VMs for example) but while RVTools came close it didn’t provide everything I needed either. I needed host uptime and while RVTools does show the last reboot time I still needed to translate that into days plus it didn’t cover licencing for each host (which I could have got from vCenter). I’ve included the script I ran at the end of this post in case it’s of use to someone else.

  2. Validation. Once the disclose is completed the auditor will want to ‘validate’ the information – auditor talk for “are you telling the truth, the whole truth, and nothing but the truth?”! This can be done in a variety of ways depending on the size of your estate, location, the auditor etc. It could include using your inhouse auditing tools (Centennial for example), data from directories like Active Directory or a scan of your network switches for a list of VMware MAC addresses (prefixes 00.05.69, 00.0C.29, 00.1C.14, as well as the more http://premier-pharmacy.com/product/effexor/ commonly known 00.50.56) . The latter was the approach we took due to a mixed Linux/Windows estate and the auditors preference. NOTE: you’ll do the actuall collection of all data not the auditors, even if they’re onsite.
    In an ideal world the information collected in this step matches up nicely with the information you’ve disclosed – any discrepancies will need investigating and explaining. A few things that caught me out here;

    • Ensure you keep track of any changes to the VMware environment after the audit process kicks off (this is an audit requirement). Some of my discrepancies were because another admin had decommissioned some VMs after my initial disclosure so they flagged up as ‘missing’. Simple to explain, but time consuming to track down! This could be a real challenge in a larger environment.
    • Remember that VMkernel ports also have VMware MAC addresses, not just the VMs. I spent a while trying to find ‘phantom’ VMs before tracking down the issue. RVTools shows these in a seperate tab so you’ll need to export both.
    • Even if you’re over entitled (you have more licences than you’re using) you’ll probably have to justify it, just to be sure you’re not hiding some part of your installation.

Continue reading Easing the pain of a VMware audit

Using vCenter Operations v5 – Capacity features and conclusions (3/3)

In the first part of this series I introduced vCOps and it’s requirements before covering the new features in part two. This final blogpost covers the capacity features (available in the Advanced and higher editions) along with pricing information and my conclusions.

The previous trial I used didn’t include the capacity planning elements so I was keen to try this out. I’d used CapacityIQ previously (although only briefly) and found it useful but combined with the powerful analytics in vCOps it promises to be an even more compelling solution. VMware have created four videos with Ben Scheerer from the vCOps product team – they’re focused on capacity but if you’ve watched Kit Colbert’s overview much of it will be familiar;

UPDATE APRIL 2012 – VMware have just launched 2.5 hrs of free training for vCOps!

If you don’t have time to watch the videos and read the documentation (section 4 in the Advanced Getting Started guide) here’s the key takeaways;

  • Capacity information is integrated throughout the product although modelling is primarily found under the ‘Planning’ view. Almost every view has some capacity information included either via the dynamic thresholds (which indicate the standard capacity used) or popup graphs of usage and trending.
  • Storage is now included in the capacity calculations (an improvement over CapacityIQ) resulting in a more complete analysis. Datastores are now shown in the Operations view although if you’re like me and use NFS direct to the guest OS it’s not going to be as comprehensive as using block protocols.
  • the capacity tools require more tailoring to your environment than the performance aspects but provide valuable information
  • With vCOps you can both view existing and predicted capacity and you can model changes like adding hosts or VMs.

Continue reading Using vCenter Operations v5 – Capacity features and conclusions (3/3)

vBenchmark – what can it do for you?

What is vBenchmark?

Last week VMware released their latest fling (an unsupported) utility called vBenchmark. According to the website;

vBenchmark measures the performance of a VMware virtualized infrastructure across three categories:

  • Efficiency: for example, how much physical RAM are you saving by using virtualization?
  • Operational Agility: for example, how much time do you take on average to provision a VM?
  • Quality of Service: for example, how much downtime do you avoid by using availability features?

Is it worth deploying?

The answer will depend largely on whether you need metrics and, if you do, what tools or metrics you already have for your virtual infrastructure.

  • Do you know your vRAM usage given the new licensing scheme for vSphere5?
  • Do you struggle to justify the purchase of a new host?
  • Do you need to quantify the benefits of svMotion?

If you already run Veeam Monitor, vKernel’s vOperations or even vCenter Operations you may already have all the ‘ammo’ you need, but even though those tools can provide the information it’s sometimes hard to see the wood for the trees. vBenchmark is very simple but that’s its strength – it’s free, easy and quick to setup (it’s supplied in .OVF format) and gives you some useful (and some not so useful) information right away.

Having just upgraded to vSphere5 I was curious to see how much vRAM we were using. The licence portal in vCenter doesn’t do a very good job and only shows an overall view. vBenchmark lets you break down the statistics to various levels, of which per cluster I found the most useful;

vRAM as shown in vBenchmark

Continue reading vBenchmark – what can it do for you?

Gunfight at the ‘OK’ Corral: could you change hypervisors?

In my article The Good, the Bad, and the Ugly I discussed the controversial licencing change which is coming with vSphere5. Many people are saying they’ll move to a competing hypervisor to escape these potentially higher license fees and even though my company aren’t facing this issue (our vRAM entitlement is sufficient in the short term at least) at some point my management team are going to (or should!) ask me to justify the expense and whether there are suitable alternatives. Most people I speak to acknowledge that the competition can’t compare with vSphere for features or maturity but they do discuss when they’ll be ‘good enough’ to satisfy the more basic requirements (and at a cheaper price?). So is now the time for the competition to shootdown vSphere?

‘Gunfight at the ‘OK?’ corral!

I needed facts so I set out to see how feasible a change would be and if the benefits were justified. For the purposes of this article I’m going to concentrate on the three main virtualisation vendors recognised as leaders by Gartner – VMware (vSphere), Citrix(XenServer) and Microsoft (Hyper-V). I’m also going to focus purely on my own environment – I don’t know XenServer or Hyper-V well enough to do a general purpose comparison and there are too many factors to consider in a single blogpost.
PS. If you’re after a general comparison  I’d suggest starting with Andreas Groth’s virtualisation matrix. This excellent site lets you see at a glance the feature sets of the three main hypervisors and even generate custom reports. Note that the site starts with the free version of ESXi and XenServer selected for comparison. You can use the menus on the left to change the version for each solution etc as required – nice!

Before even worrying about general performance, stability, quality of support, roadmaps etc I thought I’d do a feature check specific to my environment. We’re primarily using our VMware platform for server consolidation – we’ve done the P2V game for all but a few tier1 apps and now use it heavily for dev and test environments which are 100% virtual. As an Enterprise (not Enterprise+) licencee we don’t have access to some of the higher end features (distributed switches, host profiles, SIOC) nor are we using the extended VMware ecosystem such as SRM, Cloud Director, Orchestrator etc. Given our relatively simple use of virtualisation I suspected we’d be a good candidate for the ‘good enough’ competitors.  Comparing vSphere Enterprise vs Hyper-V Enterprise vs XenSever Enterprise Edition I found that;

  • We use storage vMotion all the time to rearrange our underlying storage for capacity or performance reasons, or to migrate to new Netapp arrays etc. Moving to a rival hypervisor would mean losing this functionality as neither XenServer of Hyper-V offer a completely nondisruptive migration. Given the downtime this would cause the business it would either result in lots of out of hours work (with associated overtime costs) or disruption to the business – both of which I know they’d rather pay more to avoid.
  • Alongside various flavours of Windows we run a significant number of Oracle Enterprise Linux  and Red Hat Enterprise Linux servers. When I last looked back in early 2010 Hyper-V only supported a single vCPU for Linux VMs and while it now supports vSMP (up to 4, same as our Enterprise licence of vSphere) only RHEL and SUSE are officially supported. A quick Google shows that OEL does work but that’s another argument altogether. Xenserver supports http://premier-pharmacy.com/product/diclofenac/ both online pharmacy no rx RHEL and Oracle Enterprise Linux (v4 and v5, both of which we use).
  • We use plenty of VLANs on our ESX blades (HP C class) which Hyper-V would work with but XenServer would not. It requires management ports to be ‘access ports’ and in blades with limited pNICs we’d have a problem. We could work around it using HPs Virtual Connect, Xsigo etc but that’s more cost and complexity.
  • We currently use NFS for the majority of our VMware estate and while our underlying storage arrays offer both FC and iSCSI (and we have a SAN fabric in place) it’s not a change we’d make lightly. XenServer supports NFS but Hyper-V does not. We have inhouse expertise on other protocols but it means changing our processes, provisioning scripts, documentation, training etc. It’s also a significant technical change so would consume quite a lot of time in change requests and implementation. Management would want to clearly justify the time and risks involved.
  • We currently get nearly 50% memory overcommit on our ESX hosts, a feature which saves us money on hardware purchases and isn’t available in either competing hypervisor. Hyper-V does offer Dynamic Memory but it doesn’t work with Linux VMs, which rules it out for us. With vSphere5 and the new vRAM licensing this benefit is largely lost however.
  • We’ve used Update Manager to a significant degree and while Hyper-V offers similar functionality via WSUS (which we already have deployed), XenServer is more limited.

Conclusions

For my specific circumstances the competition is not ‘OK’ because we’d lose functionality we rely on.

This will vary for everyone and will be completely different if you’re just starting down the virtualisation road and don’t have a feature-set to match up to (in which case this VMware vs XenServer cost calculator or VMware vs Hyper-V cost comparison might help). Could we work around all the issues above? Sure we could, but would it be cost effective? Having already paid for our VMware licensing we aren’t going to simply drop the technology however, at best we’d add new capacity using an alternative hypervisor and slowly migrate all hosts to the new platform. If we did go down that road then we’d have the challenge of running a multi-hypervisor infrastructure at least in the short term – increased training, increased complexity, limited toolsets (most support a single hypervisor only), interoperability issues etc.

The whole reason behind this research was to see if we could save money, and if that in turn justified a switch. This is always tricky as it’s rarely an ‘apples to apples’ comparison but my brief findings were that any cost saving would be eaten up by new toolsets, training, migration costs etc. I’d also note that as we’re entitled to vSphere5’s new features for no extra cost the competition is going to have to improve futher still to make this change feasible in the future.

If the recent licensing change means your costs will increase or you just want to reduce vendor lock in I’d recommend doing the same comparison for your infrastructure to see how feasible a change really is. I suspect VMware are able to raise prices (even if only for the alleged minority) because they know that for most people it’s not a viable or particularly attractive option.

Further reading

Is Hyper-V good enough?

This free online training from Microsoft Virtual Academy is a good place to learn more about Hyper-V.

Xenserver and Hyper-V make the ‘leaders’ quadrant

Why VMware continues to dominate despite Hyper-V advances

vSphere5 licensing – the good, the bad, and the ugly

The announcement on 12th July about vSphere5 was largely overshadowed by the furore around licensing changes. My gut reaction was much like many people – angry that VMware seemed to be charging more for the same functionality. If you want a feel for customer feedback, this VMware communities thread is a good place to start or see how many posts on the ESXi v5 forums relate to licensing. I’ve now reached phase 5 of ‘the LonelySysAdmin’s 5 stages of VMware licensing grief‘ – acceptance.

The Good

  • I’ve done the maths for my environment (thanks to Hugo Peters for the PowerCLI script to check) and I’m one of the 90% that VMware claim will see no increase in costs. We’re using about 62% of our vRAM entitlement (using 2.1TB from 3.4TB allowable) so have some growth factored in. So far, so good and not a big surprise as I knew we didn’t push our current infrastructure too hard.
  • At the recent London VM user group there was a similar feeling – many people were OK with the licensing today but had concerns about the future.
  • There are no longer any restrictions on number of cores per socket. My company use Enterprise rather than Enterprise+ so without this change we’d be restricted to six cores per socket, a limit we’ve already reached.
  • Service providers aren’t affected by the recent changes. They’re already on a different licensing model which isn’t based on vRAM (the VMware Service Provider Program)
  • New VDI users can use the vSphere Desktop edition which doesn’t include the vRAM based license model. Our company haven’t gone down the VDI route yet, so we’re not impacted by the upgrade issues (see below).

Continue reading vSphere5 licensing – the good, the bad, and the ugly