JP Vossen on 21 Jun 2008 19:55:10 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Why Virtualize?

> Date: Sat, 21 Jun 2008 15:42:57 -0400
> From: Casey Bralla <>
> I've been thinking about virtualizing on servers.  Although I know that 
> virtualized servers are the "next big thing", I can't for the life of me 
> figure out the advantage for virtualizing servers, except for a few very 
> narrowly specific situations.  

More on that below.  I think this group has a less-than-mainstream 
perspective on the issue.  :-)

But here's a funny thing I just realized on re-reading this post.  Most 
of the points I call out below are a Big Deal on Windows, and a "yeah, 
so" on Linux.  Food for thought.

> But why not simply run dozens (hundreds?) of server **instances** on the same 
> server?   Why add the extra overhead of the virtualization process to the 
> hardware?   That has to cut efficiency by at least a few percent.

Define "server instances."  To me, the way to do that *is* 
virtualization, but by "server instance" I mean a physical box 
containing OS and all the apps plopped into a VM.  I think you might 
mean multiple daemon instances?  Did I guess right?  If not please clarify.

If I guessed right, even on Linux you'd have port and probably 
config/file resource conflicts and don't even *think* about that on Windows.

> So what is the advantage of running a complete virtualized server instead of 
> multiple server processes?  I can think on only 1:  Clearly assignable 
> responsibility for operation.    (If I am responsible for apache on a server, 
> and you are responsible for sendmail, I'll try to blame you when I screw up 
> and apache stops working.)  Virtualization also is good where someone is 
> selling customer-maintained server time in a server farm.  (Again, to isolate 
> human responsibility, not to isolate program execution, per se.)

As others have answered in more detail:
	+1 (actually +10) for backup solutions (LVM+rsync rules!)
	+1 (+10) for rapid deployment (cp -r template new_server)
	+1 (etc.) for hardware Independence *
	+1 for the ability to trivially duplicate prod. for test/dev
	+1 Migrations (see VMware Converter for Windows, very cool)
	+1 for every other point made, they were all good

	-1 potentially, for licensing costs if using EvilEmpire(tm)
	-1 potentially, for EvilEmpire Overhead (see my sig)

But here's the real biggie, that IMO this group has thus far missed. 
Lots/many/most Windows applications [very] strongly recommend/require a 
dedicated server.  IME that's very rare on Unix/Linux, but it's nearly 
universal on Windows (again IME).  Sure the really basic stuff will 
coexist, like F&P, DNS, DHCP.  Then again, with AD, how many people put 
services on whatever they call the domain controller now?  So you've got 
a big hairy box dedicated to--authentication...  Plus the backup DCs...

Anyone who works in a big Windows shop chime in (we promise not to bite. 
  Too much. :).  But that's what I've seen, you've got a ton of Windows 
boxes each only doing one thing, because otherwise Windows is even less 
stable or reliable, and the services (daemons) can step on each other 
because Windows architecture (really development policy and practice, 
but...) sucks.

* And related, ever try to move a Windows hard drive from one physical 
machine to another after an MB or PSU failure?  Don't.  It really, 
really sucks, unless the machines are near identical (I can provide 
painful details if needed).  Virtualization removes that limit, which to 
me is worth it all by itself, esp. if the host is stable OS and free. 
Add the points above and it's a no brainer.

Except...  If you app is very CPU or disk intensive, think again.  For 
example, I personally wouldn't run an heavy-duty Oracle server in a VM. 
  (Then again, I'd never run it on Windows, and I can't stand Oracle so 
given a choice I'd use PostgreSQL or MySQL.  But it still wouldn't be in 
a VM. :)  This is the case where dedicated iron makes sense.  It's just 
that in practice, most esp. in a Windows shop, almost no servers fit 
that criteria.

Having said all of this, my admin and design experience in the Windows 
world is thankfully getting very dated.  I was a consultant and MCSE in 
the 90's but have been only an end-user on Windows at work for the last 
6+ years.  So if I'm wrong and you dare to admit you work on Windows 
<g>, please correct me.

A final funny, anyone using VMware GSX server is effectively running 
Linux in production, even if they are otherwise Windows only.  And it's 
probably mission critical, since one-by-one all the VMs probably aren't 
critical, but taken (down) as a group, they would be.

JP Vossen, CISSP            |:::======|        jp{at}jpsdomain{dot}org
My Account, My Opinions     |=========|
"Microsoft Tax" = the additional hardware & yearly fees for the add-on
software required to protect Windows from its own poorly designed and
implemented self, while the overhead incidentally flattens Moore's Law.
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --