With virtual infrastructures becoming prevalent in production environments and often supporting critical business services, the second phase of virtualization is here. In Virtualization 2.0, it's all about manageability.

The shifting emphasis to business service management rather than just virtual machine management means that it is no longer sufficient to simply monitor the uptime or resource usage of virtual machines and servers and believe that the entire IT infrastructure is working well.

This article highlights the key challenges that virtualization administrators and architects face in Virtualization 2.0, and defines the core functionality that any Virtualization 2.0 monitoring and management solution must possess.

The first phase of virtualization, Virtualization 1.0, involved the use of virtual infrastructures primarily in staging and development environments. The emphasis during this phase was on making sure that virtualization provided many of the promised benefits, including space consolidation, power savings, easy configuration and deployment.

From a performance standpoint, the emphasis was on ensuring that the virtualized infrastructure delivered performance in line with that obtainable from a purely physical infrastructure. Often, this was achieved by over-provisioning the virtualized servers. During this phase, the overall focus was on functionality more than performance, and in enabling newer service delivery opportunities such as the use of virtualization to support remote desktop applications.

With the arrival of Virtualization 2.0, administrators have a choice of virtualization technologies, and the much-researched hypervisor is now almost a commodity. Faced with shrinking budgets, administrators are looking for ways to achieve the maximum with limited hardware and software resources through optimal resource allocation techniques, and to plan proactively for future demands. Overprovisioning of virtual infrastructures is therefore a thing of the past.

The challenge in managing virtualized infrastructures is that there are various layers of software - the applications, the protocol layers, the operating systems in the virtual machines (VMs) and the virtualization platform - that have to work together to ensure the proper functioning of the business service. Many of these software layers are outside the scope of the virtual infrastructure, so pinpointing the true root cause of a problem - whether in the virtual infrastructure, the applications, or in the network - becomes crucial. The faster a problem can be diagnosed, the shorter the service downtime and the better the overall service performance.

This combination of factors means that proactive monitoring and effective root-cause diagnosis across the entire infrastructure will gain in prominence in Virtualization 2.0. The acute shortage of IT professionals skilled in working with virtualized environments means that a management solution must offer superior automation and root-cause diagnosis to enable administrators with limited expertise to be effective in spotting problems and taking the proper corrective action quickly. This article defines the key characteristics that a Virtualization 2.0 Ready monitoring solution should have.

Requirements for "Virtualization 2.0 Ready" Monitoring Solutions
The emphasis on monitoring and management in Virtualization 2.0 is shifting from virtual machine (VM) management to business service management; i.e., knowing how a business service is performing and which domains (network, server, VM, applications) are working properly and which are not. Hence, it's no longer sufficient to just monitor the uptime or resource usage levels of virtual machines and physical servers and believe that the entire IT infrastructure is working well.

The key requirements for a Virtualization 2.0 Ready monitoring and management solution are provided below:

1. Provide a single view of virtual and physical infrastructures - Even though virtual infrastructures are being used for many mission-critical applications, most enterprises are moving to virtualization only in a phased manner. For example, I/O-intensive applications are still being hosted on non-virtual servers. Therefore, a business service may involve some applications that reside on physical machines and others that run on virtual machines. To provide an integrated view of the target infrastructure, the monitoring and management system needs to be able to manage infrastructures with a set of virtual and physical machines equally well, providing a single integrated interface across these different technologies.
   
   
2. Support multiple virtualization technologies - Administrators now have a choice of virtualization technologies based on their business needs and preferences. VMware ESX / ESXi, Citrix XenServer, Microsoft Hyper-V, as well as different Unix options (Solaris Containers, AIX LPARs) all offer robust solutions for virtualization. Most large infrastructures will include a mix of these virtualization technologies, and it's important to have a single unified dashboard from where these different virtualization technologies can be monitored.
   
   
3. Track physical resource availability, configuration and usage by VMs - As deployment of virtual infrastructures proliferates, it is essential that administrators have a comprehensive view of the virtual infrastructure. While monitors designed for conventional physical machines can be installed and used on individual VMs, they have no specialized capabilities for virtualized environments. Knowing such things as how the hypervisor is performing, which VMs are powered on and what resources they are using, if the physical server has sufficient resources to handle its workload, whether the VMs are configured with sufficient resources, etc., are critical requirements that only a monitoring solution that is specialized for virtual infrastructures can deliver.
   
   Many virtualization platforms support high availability and live migration configurations to provide reliability and failover for mission-critical applications. Administrators need to know whether these capabilities are working properly or whether any configurations need to be tuned (e.g., are migrations happening too often? Why did a migration suddenly take place?).
   
   
4. Provide an "inside view" of virtual machines with clear problem identification - While most virtualization administrators understand the importance of tracking the resource usage levels (CPU, memory, disk, network) of each of the VMs on a physical server, very few can monitor what is going on within each virtual machine. This is because most Virtualization 1.0 monitoring solutions focused on capacity planning and provisioning. For capacity planning and provisioning, it is important to track the portion of a physical server's resources that each VM is taking up.
   
   This view, which provides insight into how a physical server's resources are used across all its VMs, is the "outside view" of a VM. While the outside view helps identify a resource-hungry VM, it falls short of providing additional information that is critical for problem diagnosis and further optimization. For instance, why is a specific VM taking up excessive resources? Is it because of a heavy workload? Or is it due to a malfunctioning application (e.g., a runaway job or a memory leak in one of the applications running in the VM)? To provide this information, an "inside" view of each VM is necessary. This view tracks such dynamics as end-user activity, resource allocation for each application, and the application mix running inside the VM guest operating system.
   
   As virtualization goes mainstream, it will no longer be sufficient to just plan and provision virtual infrastructures correctly. Production environments are dynamic, and when problems occur it's important to determine what is causing the problem. Is the physical server running out of capacity? Is it a VM not having sufficient resources because it was not correctly provisioned? Is it a malfunctioning application inside the VM? The answer to these questions will determine who is responsible for fixing a problem - is it the VM administrator, or is it the application administrator/expert? Only a monitoring solution capable of presenting both the "outside" and "inside" views can provide this richness of information.
   
   
5. Automatically establish performance baselines and norms - Often, the emphasis of monitoring is just problem diagnosis. When there is a problem, administrators want to know what is wrong. While problem detection is easy (if your monitoring system does not alert you, your users will), isolating the problem and determining what the true root-cause of a problem is can be a challenge. Establishing performance baselines and norms was important in the non-virtual world. This is even more important in a virtualized world, since the number of "moving parts" is much higher (hypervisor, VMs, applications, migration, etc.).
   
   Understanding what has changed and when is critical to quickly zooming in on the root cause of a problem. The ability to establish these norms automatically is important in many ways. Administrators do not always know what is "normal" in their environment. The norm also varies from one server to another based on its sizing. Experts who understand what norms need to be adopted are few and not readily available. Even for such experts, setting norms for each and every server can be an arduous task. Hence, it's important to have the right automation built into the monitoring system to automatically determine what the performance baselines are for the infrastructure.
   
   This capability is also key to being able to monitor your infrastructure proactively. The monitoring solution should be able to compare current performance with respect to the baseline and be able to generate alerts well before a failure happens. This provides administrators with precious advanced notice that can help them avert potentially serious failures in business service performance.
   
   
6. Perform automatic correlation for true root-cause diagnosis - While auto-baselining can provide proactive alerts, analyzing these alerts and determining the precise root cause of a problem is a huge challenge. Effective root-cause diagnosis is critical to reducing the downtime of business services and enhancing operational efficiency so expert staff spend less time fire fighting.
   
   Root-cause diagnosis in a physical infrastructure is a huge challenge. The addition of virtualization just makes the problem harder. To understand why, consider a business service supported by a typical configuration of multiple application tiers (see Figure 1). In this example, the user accesses the service through a firewall. User requests are forwarded by the web server to a middleware application server. The application server performs the business logic, accessing a back-end database to get the data for analysis. If the database server were to slow down suddenly by 50%, since the application server depends on the database for its functioning, the application server will become slower than normal. This in turn will result in the web server appearing to be slow and the end-user response will be poor.
   
   In this case, a problem in one application tier affected all the other tiers that depend on it. Diagnosing a problem in a multi-tier architecture requires an understanding of the inter-dependencies that exist among applications in the underlying infrastructure, and then using these inter-dependencies to determine where the root cause of a problem lies and what the effects are.
   
   
   Figure 1: When diagnosing problems in a multi-tier infrastructure, a single business service often involves multiple tiers of inter-dependent applications. Hence, a problem in one tier can affect all the other tiers. Root-cause diagnosis must account for these inter-dependencies.
   
   In this example, if the applications supporting the business service were running on physical machines, we would have concluded, based on the earlier scenario, that the database server was the root cause of the performance problem. However, the applications are in fact running in a virtual infrastructure, i.e., inside VMs. In this example, suppose the Oracle database server is running on the same physical server as a Citrix application and a media server (see Figure 2). A sudden increase in access to the media server can cause disk access on the physical server to increase to the point that disk access becomes a bottleneck.
   
   
   Figure 2: Root-cause diagnosis in a virtual infrastructure is even harder than in a physical infrastructure. Oracle, Citrix, and Media Server applications are hosted on VMs residing on the same physical server. A sudden surge in requests to the media server causes excessive disk reads on the physical server, thereby slowing down the performance of the Oracle database server.
   
   At this stage, queries handled by the database server start to take longer and longer. Thus the database slowdown in Figure 1 may actually be caused by a sudden increase in workload to the media server in Figure 2. In this case, the root cause of the problem is a disk bottleneck on the physical server caused by an increase in workload for the media server application.
   
   From this example, it should be clear that root-cause diagnosis technologies for virtual environments need to go beyond how they operate in a physical world. For true root-cause diagnosis, VMs running on each physical server must be auto-discovered. Applications running inside each of the VMs need to be detected and the monitoring system should automatically determine which applications coexist on the same physical server. This information is then used to determine where the root cause of a problem lies.
   
   The extent of the automation determines the cost savings that the monitoring solution offers. Reduced downtime directly contributes to a business's bottom line. Further, by pinpointing the root cause of a problem, a monitoring solution can save endless hours of the finger pointing that goes on in most IT organizations. This results in cost savings from enhanced operational efficiency and reduces the man hours spent in routine fire-fighting.
   
   
7. Scale as the infrastructure monitored grows - As virtualization penetrates the enterprise, a large deployment will have hundreds of physical servers and thousands of VMs that require monitoring. In fact, as virtualization for desktops becomes popular, the ratio of VMs to physical servers could be as high as 30:1. The monitoring solution must be able to scale to handle such large infrastructures.
   
   
8. Support for virtualized desktop environments - Virtual Desktop Infrastructure (VDI) is being viewed as a viable alternative to Citrix- and terminal server-based remote access technologies. For situations where each user requires his/her own desktop as opposed to shared access to an operating system (e.g., for software development or to run a legacy application), VDI is being viewed as the technology of choice for remote access.

   Virtual desktop environments have different characteristics than environments where VMs are used to host server applications such as databases and web servers (see Table 1). VDI environments also have an ecosystem of new application technologies, such as the connection brokers, terminal access controllers, etc. A Virtualization 2.0 Ready monitoring solution should be capable of handling the diverse monitoring requirements of virtual server and virtual desktop environments.

   Virtualized Application Server Environments	Virtual Desktop Environments
   Few VMs (<10) per physical server	30-40 VMs per physical server
   VMs are mostly powered on all the time	VMs are powered on/off dynamically
   Monitoring is mostly from the VM perspective - which VMs are on, what resources are they using	Monitoring is needed from the user perspective (who is logged in, what resources are they using)
   In-depth application monitoring is required (Citrix, Oracle, etc.)	In-depth monitoring of the applications on the desktop is not required

   Table1: Differences exist in monitoring requirements between virtualized application server environments and virtual desktop environments. A Virtualization 2.0 Ready monitoring solution should be able to handle both environments.
   
   
9. Offer personalized views for the various stakeholders in an organization to enable collaborative management - Different stakeholders responsible for supporting a business service may need different views of the monitored infrastructure. Virtualization administrators, application experts, database admins, infrastructure architects, help desk personnel, and capacity planners may require different views of the infrastructure in keeping with their roles and responsibilities. The monitoring system must be flexible, providing each stakeholder with views that are aligned with their roles in the organization.
   
   

Organizational Process Challenges in Virtualization 2.0
While the previous discussion focused on the monitoring requirements for Virtualization 2.0, it is equally important to understand that Virtualization 2.0 also affects the core of most organizations' operational processes.

Most organizations handle VM provisioning in much the same manner as they do for physical server procurement. Business units and application owners specify the sizing of the virtual machines they need, and the appropriate VMs are provisioned by the virtualization group that handles the physical servers on which the VMs are set up. However, the virtualization group usually does not have any information or visibility into what applications are being hosted inside the VMs. When the physical servers are overprovisioned and fewer VMs are executed in parallel, this siloed approach, wherein the virtualization group and the application teams do not interoperate, is sufficient.

But with Virtualization 2.0, organizations seek better return on investment for virtualization technologies and deploy more complex applications inside virtual environments. Now it is no longer sufficient for the virtualization group to remain oblivious to the resource requirements of the application groups and their VMs. For instance, two memory-intensive applications hosted on the same physical server may contend for the same resources, thereby affecting each other's performance.

Of course, by strictly partitioning the resource usage of each of the VMs, the virtualization group can offer performance guarantees. But this has two key disadvantages. First, strict partitioning reduces the possibility of resource sharing across VMs, thereby limiting the consolidation benefits that virtualization offers. Second, due to limitations in the virtualization technologies, not all resources can be completely isolated across virtual machines; e.g., disk I/O. Hence, Virtualization 2.0 requires that virtualization groups of organizations play a more active role in how VMs are provisioned, including understanding which applications are to be hosted in each VM, what assumptions have been made regarding their workloads and resource requirements, and how the workload of different applications varies over time and with load. All of these details are essential for effective load balancing and optimizing resource usage in a virtual infrastructure.

For example, by hosting a memory-intensive application and a CPU-intensive application on the same physical server, the virtualization group can make best use of the available resources rather than by hosting all CPU-intensive applications on the same physical server.

Yet another problem that virtualization administrators have to contend with under Virtualization 2.0 is finger-pointing and problem diagnosis (see Figure 3). A single business service often spans multiple application and network tiers, so when a problem occurs, it is unclear what caused the problem; i.e., is it the network? The application? The database? The server? In a virtualized infrastructure, there are additional possibilities for where the problem could lie: In a VM? In the physical server? In the hardware? In the virtual network interface? In the SAN?


Figure 3: Monitoring an IT infrastructure as silos does not suffice because finger-pointing across silo administrators takes endless hours, resulting in high downtime for the business service.

Since most administrators already have silo tools for monitoring and management, there is no common dashboard from where the entire infrastructure can be monitored and diagnosed. Virtualization administrators will need to get accustomed to working in a multi-silo organization where finger-pointing is common. Monitoring and management solutions that provide deep visibility into every layer of every tier of the infrastructure and serve as a common dashboard for all the different administrators in an organization can go a long way toward ensuring that Virtualization 2.0 environments operate properly.

Conclusion
Virtualization 2.0 identifies fundamental changes that are needed in terms of how virtualized environments can be monitored most effectively and efficiently. This article outlined the key management and organizational challenges that must be overcome as the use of virtualization continues to increase in production enterprise environments.

About Srinivas Ramanathan
Srinivas Ramanathan is the founder and CEO of eG Innovations (www.eginnovations.com), a global provider of performance monitoring and triage solutions for both virtual and physical IT infrastructures. The company’s eG VM Monitor software was chosen as the Gold level winner in the Application and Infrastructure Management category in the Best of VMworld 2008 Awards. He has a PhD in computer science and engineering from the University of California, San Diego.

Click here to view a short presentation on how eG Enterprise is tailored to address your Virtualization 2.0 monitoring requirements.