|
Jul 23
|
“I’ve been working on the railroad…”
One of the most useful features of virtualization is the concept of workload balancing. Workload balancing can turn a server farm into a sweaty toothed engine of computation power. As a virtualization administrator, the constant challenge is squeezing as much performance out of your virtual infrastructure as possible. The more physical hosts you can have in a cluster, the better operational efficiency you will get across your virtual infrastructure. So how can VMsafe, a security thing, possibly help with this?
There’s no place like home
One of the key requirements for workload balancing is that all of the virtual machines that operate within a shared cluster must have network connectivity. Which makes sense; the virtual infrastructure has to know that if it moves a virtual machine to a new host that it will still have the same network connectivity that it had before and the applications on the virtual machine will continue to operate normally.
Off the grass!
Since the virtual infrastructure requires network connectivity for virtual machines in a cluster, application owners end up wanting some segmentation between their applications and other applications. Some administrators may use VLANs to solve that problem but this can be problematic and somewhat cumbersome. There are several ways to deal with this problem but what happens more often than not is that separate clusters are created for different departments or applications.
Slackin’
So let’s say you had 30 ESX hosts and you segment 10 different applications that are hosted by the virtual infrastructure into different clusters which means you would be running 10 clusters with an average of 3 hosts per cluster. vSphere 4.0 allows you to run up to 32 hosts in a single cluster so you would not be getting the greatest operational efficiency you could squeeze out of your environment.
A brave new world
Using the new Reflex vTrust technology, you can easily segment different applications without the use of VLANs so that they all exist on the same network meeting the requirements for large-scale workload balancing and still provide application owners isolation between their applications. You could merge those existing 10 clusters into a single super cluster achieving higher service levels and ultimately requiring less hardware to operate an efficient virtual environment.
