50,39 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Lay the foundations for data center virtualization using VMware vSphere 6 and strengthen your understanding of its power
About This Book
- Learn how server virtualization is achieved and how a virtual infrastructure is built using VMware's products and solutions.
- Design to create a scalable and responsive virtualization platform for hosting the virtual machine workloads of a business. Manage compute, network and storage resources of a virtual infrastructure.
- Relevant conceptual diagrams, flowcharts and screen-captures enable in-depth comprehension of the concepts. Also, the concise writing style makes this book a very easy read.
Who This Book Is For
This is a book for any experienced technologist who is new to the realm of Data Center virtualization wanting to find a way to get a head start in learning how to design, implement and manage a modern day datacenter virtualized using VMware's core infrastructure solutions. It could also act a comprehensive reference guide for Infrastructure Architects and System Administrators to aid them in their day to day activities. This book could easily find its place in reference materials used by professionals for VCP and VCAP certification exams. Keep in mind however that the book is not written to follow as a blueprint for either of the exams.
What You Will Learn
- Understand the architecture of the hypervisor and learn how to install deploy and configure ESXi hosts
- Find out what forms a VMware Virtual Machine can take and also learn how to create and manage them
- Familiarize yourself with the concepts of vSphere Storage and learn how to present and manage storage in a vSphere environment
- Create and manage software switching constructs such as the vNetwork Standard Switch and vNetwork Distributed Switches
- Monitor the performance of a vSphere environment using tools such as the vCenter Performance Graphs and 'esxtop'
- Manage SSL certificates in a vSphere environment
- Upgrade and patch a vSphere environment using vSphere Update Manager
In Detail
Computer virtualization is a method to enable the running of multiple application workloads on a machine to achieve efficient utilization and reduce the number of physical machines in a data center. This has now become the foundation of many modern day data centers. What began as a technology to virtualize x86 architecture has now grown beyond the limits of a server's hardware and into the realm of storage and network virtualization. VMware is currently the market leader in developing data center virtualization solutions.
This book goes into the details of designing and implementing VMware solutions that form the foundation of a VMware infrastructure.
The book begins by introducing you to the concepts of server virtualization followed by the architecture of VMware's hypervisor – ESXi and then by its installation and configuration. You then learn what is required to manage a vSphere environment and configure advanced management capabilities of vCenter. Next you are taken through topics on vSphere Networking, Storage, ESXi Clustering, Resource Management and Virtual Machine Management. You will then be introduced to SSL Certificate Management and its use in a vSphere environment. Finally, you will learn about the lifecycle management of a vSphere environment by effectively monitoring, patching and upgrading vSphere components using Update Manager.
By the end of the book, you will know how to use VMware's vSphere suite of components to lay the foundation of a modern day virtual infrastructure.
Style and approach
This is an easy-to-follow guide that will give you everything you need to fully understand the concepts involved in data center virtualization. The screenshots, concept diagrams, and flowcharts included will help you understand the subjects discussed better.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 453
Veröffentlichungsjahr: 2016
Ähnliche
Table of Contents
Learning VMware vSphere
Learning VMware vSphere
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: September 2016
Production reference: 1270916
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78217-415-8
www.packtpub.com
Credits
Authors
Abhilash G B
Rebecca Fitzhugh
Copy Editor
Safis Editing
Reviewers
Jason Dion
Kevin Elder
Project Coordinator
Ritika Manoj
Commissioning Editor
Priya Singh
Proofreader
Safis Editing
Acquisition Editor
Divya Poojari
Indexer
Pratik Shirodkar
Content Development Editor
Arun Nadar
Graphics
Abhinash Sahu
Technical Editor
Rupali R. Shrawane
Production Coordinator
Shantanu N. Zagade
About the Authors
Abhilash G B (@abhilashgb) is a virtualization specialist, author, designer, and a VMware vExpert (2014, 2015, and 2016) who specializes in the areas of data center virtualization and cloud computing.
He has been in the IT industry for more than a decade and has been working on VMware products and technologies since the start of 2007. He currently works as a senior VMware consultant for one of largest information technology and services company in the world.
He holds several VMware certifications, including VCP3, VCP4, VCP5-DCV, and VCP-Cloud. He also holds advanced certifications such as VCAP4-DCA and VCAP5-DCA.
He is also the author of four other books by Packt Publishing: VMware vSphere 5.1 Cookbook (ISBN 9781849684026) in July 2013, Disaster Recovery using VMware vSphere Replication and vCenter Site Recovery Manager (ISBN 9781782176442) in May 2014, and VMware vSphere 5.5 Cookbook (ISBN 9781782172857) in February 2015, Disaster Recovery using VMware vSphere Replication and vCenter Site Recovery Manager – Second Edition (ISBN 9781785886096) in October 2016.
I dedicate this book to my family. Without their patience and support, this book would not have been possible. I would like to thank my co-author, Rebecca Fitzhugh (@RebeccaFitzhugh), who has done a wonderful job with all her chapters. Thanks to the technical reviewers Jason Dion (@virtualdion) and Kevin Elder for their valuable input. Special thanks to the entire Packt team for their support during the course of writing this book.
Rebecca Fitzhugh is an independent VMware consultant specializing in architecting vSphere, Horizon, and vCloud environments, along with delivering a variety of authorized VMware courses as VMware Certified Instructor (VCI). Prior to becoming a consultant and instructor, she served 5 years in the United States Marine Corps (2006-2011), where she assisted in the build out and administration of multiple enterprise networks residing on virtual infrastructure. Rebecca has written several white papers and articles for Global Knowledge and VMware Press, as along with previously authoring vSphere Virtual Machine Management (ISBN 9781782172185) for Packt Publishing.
Rebecca currently holds multiple IT industry certifications, including VMware Certified Advanced Professional (VCAP) in Data Center Design (DCD), Data Center Administration (DCA), and Cloud Infrastructure Administration (CIA). She has been selected as a vExpert three times (2014, 2015, and 2016). You can follow Rebecca on Twitter (@RebeccaFitzhugh) or contact her via LinkedIn (www.linkedin.com/in/rmfitzhugh/).
I would like to thank my amazing sister, Robyn, for her love and encouragement throughout all of my personal and professional endeavors. To my best friends, Lisa, Allie, and Josh, I appreciate you putting up with my crazy travel schedule and supporting me through all the ups and downs. Thanks to my VCDX wolf pack for keeping me inspired throughout this wild adventure. Lastly, thanks to Brett for getting me started on this path and Leann for your endless patience and humor.To the editors, technical editors, and reviewers who read through my writing, thank you for being stellar throughout the process.
About the Reviewers
Jason Dion is a systems engineering manager at VMware. He joined VMware in 2008 and was a staff systems engineer before being promoted to a manager in 2016. Jason has supported enterprise accounts in Florida for most of his career that has spanned over 20 years. He is a member of the CTO ambassador program at VMware, a vExpert, and is a certified VCP in vSphere versions 3, 4, 5, and 6.
In addition to reviewing Learning vSphere, Jason has also reviewed VMware vSphere Essentials for Packt Publishing.
You can read his blogs at http://www.flcloudlabs.com and http://www.friendsofwalt.com or follow him on Twitter at @virtualdion or on LinkedIn at https://www.linkedin.com/in/dionjason.
When not talking virtualization, he enjoys spending time with his wife, Amy, and two kids, Lauren and Nick.
Kevin Elder has worked in the IT space for the past 15 years. He currently works for a VAR based in Portland, Oregon and focuses on selling, installing, and supporting virtualization and storage technologies.
www.PacktPub.com
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www.packtpub.com/mapt
Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.
Why subscribe?
Preface
What began as an attempt to virtualize x86 architecture has now grown beyond the limits of a server’s hardware and has gone into the realm of storage and network virtualization. Today, most modern data centers aim to achieve a hundred percent virtualization. Although there are multiple players offering virtualization solutions, with its extensive portfolio of products and solutions, VMware is still the market leader in data center virtualization.
Learning VMware vSphere is written with an aim to help you understand the concepts behind server virtualization and act as a handy guide to creating a scalable and responsive virtualization platform for hosting the virtual machine workloads of any business. VMware vSphere is the platform with its core suite of products that helps you lay the foundation of a fully functional virtualized data center for your application workloads, cloud, and the business.
We begin by introducing you to the concepts of CPU, memory, and IO virtualization and delve deeper into the architecture of a hypervisor—more specifically, VMware’s ESXi. You will be introduced to the concepts of a virtual machine and learn how to create and manage them. You will learn how to create a management layer for your vSphere environment by deploying VMware vCenter Server. The book further covers vSphere Storage and Networking concepts and configuration, monitoring the performance of a vSphere environment, securing a vSphere environment, and the life cycle management of a vSphere environment.
You will walk away with enough knowledge to plan, implement, manage, and monitor a VMware vSphere environment.
What this book covers
Chapter 1, An Introduction to Server Virtualization Using VMware, introduces you to the concepts of server virtualization. You will learn how the processor, memory, and storage resources are virtualized with the help of the Virtual Machine Monitor (VMM). You will also be introduced to the components of VMware vSphere. This sets the foundation for what you are about to learn in the subsequent chapters.
Chapter 2, The Hypervisor - ESXi, discusses the architecture of ESXi hypervisor. You will learn to install or deploy ESXi hosts and perform the initial configuration. You will also learn different methods of deploying ESXi onto bare metal servers.
Chapter 3, The Management Layer – vCenter, teaches you how to install and configure VMware vCenter Server. You will learn how to deploy both Windows and Linux versions of vCenter Server and also how to perform the post-installation configuration on them. You will learn how to configure identity sources on the SSO server and configure licenses for vSphere environment. Then, you will learn how to configure Enhanced Linked Mode for vCenters.
Chapter 4, vSphere Networking Concepts and Management, explores the networking concepts associated with a VMware infrastructure. You will learn how to create and manage virtual switches (standard or distributed). From there, you will learn more about virtual switch security settings, traffic shaping, load balancing, and failover. You will explore the network monitoring methods and bandwidth management using Network I/O Control.
Chapter 5, vSphere Storage Concepts and Management, explains how to plan, implement, and manage storage access to a vSphere infrastructure. You will explore the Pluggable Storage Architecture (PSA), a modular API framework that lets storage vendors build their own SATP or PSP plugins. You will learn how to configure access to Fiber Channel, iSCSI, and NFS storage. You will learn how to create and manage VMFS Datastores.
Chapter 6, Advanced Infrastructure Management, explores vSphere vMotion in detail. You will learn how to enable DRS on a cluster. Then, you will learn how to enable and configure vSphere HA. You will also learn about the VM Component Protection feature of vSphere HA, which enables recovery of virtual machines affected by storage connectivity issues.
Chapter 7, Understanding Host Profiles, Image Profile and Auto Deploy, discusses how to use and manage Host Profiles. You will learn how to customize and manage image profiles using Image Builder. You will also explore how Auto Deploy allows you to provision hundreds of ESXi hosts at a time.
Chapter 8, Virtual Machine Concepts and Management, explains the Virtual Machine components and introduces the new vSphere 6 Virtual Machine Features. You will learn to modify Virtual Machine settings. You will explore all about Fault Tolerance and configure it on a Virtual Machine.
Chapter 9, Monitoring Performance of a vSphere Environment, shows how to monitor the performance of a vSphere environment. You will explore the tools that are available within vSphere that assist VMware administrators to monitor resources and detect any potential bottlenecks. You will learn how to configure and use Alarms to alert administrators when specific events occur or when thresholds are exceeded.
Chapter 10, Certificate Management for a vSphere Environment, introduces vSphere 6’s new VMware Certificate Authority (VMCA) and discusses how it could be used to alleviate some of the headaches surrounding certificate management. You will then explore certificate management in detail. You will look at multiple configurations, including using VMCA signed certificates, using VMCA as an intermediate certificate authority, using external certificate authority signed certificates, or a hybrid configuration.
Chapter 11, Securing a vSphere Environment, guides you through the importance of securing a vSphere environment. You will learn how to secure ESXi, vCenter Server, and virtual machines. You will also learn how to configure Single Sign-On and grant privileges to users in vSphere.
Chapter 12, Life Cycle Management of a vSphere Environment, discusses vSphere life cycle management. You will learn how to upgrade vSphere components from vSphere 5.x to vSphere 6.
What you need for this book
You will learn about the software requirements for every vSphere component covered in this book in their respective chapters, but to start with a basic lab setup, you will need at least two ESXi hosts, a vCenter Server instance, a Domain Controller, a DHCP server, a DNS server, and a TFTP Server. For learning purposes, you don't really need to run ESXi on physical machines.
You can use VMware Workstation or VMware Fusion to set up a hosted lab on your PC or Mac, provided the machine has adequate compute and storage capacity.
For shared storage, you can use any of the following free virtual storage applications:
Who this book is for
This book is intended for experienced technologists who want to design and implement VMware solutions. This book will help the reader get a head start in learning how to design, implement, and manage a modern day Data Center. Infrastructure architects and system administrators will also find this book useful to aid them in their day-to-day activities. You can use this book as reference material for VCP and VCAP certification exams. Keep in mind, however, that the book is not written to follow the blueprint for either of the exams.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the color images of this book
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from http://www.packtpub.com/sites/default/files/downloads/LearningVMwarevSphere_ColorImages.pdf.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at [email protected] with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.
Chapter 1. An Introduction to Server Virtualization Using VMware
Let's go back to a time when there wasn't a concept of server virtualization. We had data centers running a large number of machines; most of them were bought to run an application or a set of services. All those servers had enough CPU, memory, and storage capacity to host the application or the services that were running on it. The amount of compute and storage resources depended on what the application or the service would need during its peak load. However, the catch here is that not all servers execute peak load all the time. Research shows that more than 90% of hardware resources remain under-utilized. That is a huge number in terms of resource wastage. Running more than one application or service for the business always meant that there was a demand for additional hardware resources. Such a demand contributed to other factors such as power consumption, investment in cooling solutions, hardware maintenance, and the real estate space required to host all the hardware.
Now, a possible solution an administrator could have fantasized about would be to find a way to somehow magically connect all these servers together and present it as a large pool of resources to the applications or services. If that were possible, then you would probably be renting out 90% of your resources, that you have already invested in, to someone else to run their applications and you are paid for that service. Or, if you were in the planning phase of a new infrastructure, you could reduce the amount of server hardware needed for hosting the services. Unfortunately, such a conglomeration was far from reality due to two main reasons, the first one being the physical boundaries that separate these hardware resources and the second one being that not all services could run alongside each other without running into a conflict, affecting both the services. This is where the concept of server virtualization did its magic, on its introduction, like never perceived before.
In this chapter, we will learn the following:
The magic of server virtualization
Server virtualization lets you run multiple conventional operating systems such as Windows and Linux, isolated from each other but sharing the same physical server hardware. This is achieved by creating an abstraction layer between the server hardware and the operating systems that run on them. The abstraction layer acts as the interface and the resource management layer, which enables the sharing of the resources between the operating systems:
The operating systems remain completely unaware of the fact that they are running inside a virtual machine and that there are other operating systems running on the same hardware. This is because each of these operating systems live in their own containers, which isolates them from other operating systems. This should not be confused with application containers such as Docker or Rocket.
Although the server's hardware resources are shared, server virtualization requires you to assign resources to the operating system containers. The resources are assigned in terms of the number of virtual CPUs, amount of memory, amount of storage, and virtual network cards.
Server virtualization is enabled by a piece of code called the hypervisor, and the resource-assigned container for running the operating systems is called a virtual machine. We will discuss more on the concepts of hypervisors and virtual machines later in this chapter.
The benefits of server virtualization
Before we delve into the further details of virtualization, it is important to understand the benefits of virtualization:
Although there are several benefits, we have covered the most salient ones in this section. The Economics of Virtualization, Moving toward an application-based Cost Mode, WHITE PAPER is a great read to understand the benefits that virtualization offers.
Note
For more information, visit https://www.vmware.com/files/pdf/Virtualization-application-based-cost-model-WP-EN.pdf.
What is a hypervisor?
A hypervisor is a piece of software usually not very big in terms of compute or storage footprint, which makes server virtualization possible. It forms an abstraction layer between the server's hardware resources and the operating system containers. There are two types of hypervisors defining two different types of approaches:
A type 1 hypervisor is installed directly on the server hardware as you would install an operating system on any hardware. Hence it is referred to as a bare-metal hypervisor. It interfaces directly with the hardware. This empowers it to effectively manage sharing of the server hardware resources, among the virtual machines:
Examples of a type 1 hypervisor are VMware ESXi, Microsoft Hyper-V, and Citrix XenServer.
A type 2 hypervisor cannot be installed directly on server hardware. It is installed as a piece of software on any of the supported conventional operating systems such as Apple OS X, Microsoft Windows, or Linux. It leverages the underlying operating systems ability for resource management. The performance of a type 2 hypervisor is considered to be lower than that of a type 1 hypervisor. This is due to the fact that it cannot directly interface or manage the server's hardware resources:
Examples of a type 2 hypervisor include VMware Workstation, VMware Fusion, Parallels Desktop, and Virtual Box.
VMware ESX hypervisor
ESX is VMware's proprietary hypervisor. It is the foundation that enables virtualization of your data center.
VMware released their first hypervisor in the year 2001 and it was simply called ESX. They did release a second version, ESX 1.1, the same year and ESX 1.5 in 2002. After that there were several major version releases, ESX 2.0 in 2003 and ESX 2.5 in 2004. In 2006 they released VMware Infrastructure 3, which was their first product suite that included ESX 3.0, followed by several product suite releases - VMware Infrastructure 3.5, VMware vSphere 4.0 in 2009, vSphere 4.1 in 2010, vSphere 5.0 in 2011, vSphere 5.1 in 2012, vSphere 5.5 in 2013, and vSphere 6 in 2015. All of the releases have seen new features and improvements that continue to revolutionize our modern day data centers.
Before the release of VMware ESX 3.5, VMware had a Linux-based Service Console packaged along with the hypervisor. The Service Console was VMware's Linux-based console operating system, which provided a management interface to the ESX server. Meaning that if you were to assign an IP address to the ESX server, then it was the Service Console that had the IP address configured on it. It was the sole management interface. It was also used as a command-line workspace and a platform to load third-party management agents. Since it was based on a Linux operating system, the Service Console brought with it all the bugs, security issues which that particular Linux release had. This is not to say that Linux is buggy, but it did bring in the most common bugs that you see in a conventional operating system into the ESXi package. VMware had to periodically release security fixes for the Service Console component.
With the release of version 3.5, VMware also released a hypervisor-only model. The hypervisor-only model no longer had the Linux-based Service Console packaged with it, making it considerably small in terms of both compute and storage footprint. It was small enough to be embedded into the server motherboards, by storing the ESXi in flash storage chips. It also allowed ESXi to be loaded onto a USB bootable device. One of the prime advantages of ESXi was that it exposed very little surface area for security attacks. VMware called the ESX with Service Console ESX and the hypervisor-only model, ESXi. The ESX version with the Service Console was commonly referred to as ESX Classic and the hypervisor-only model was embedded.
VMware hypervisor models
VMware's type-1 hypervisor or VMKernel had two different models. One of them is the older ESX classic model and the other is a subsequent hypervisor-only model (ESXi).
Although the ESX Classic model had the same VMKernel component, it also used an RHEL-based console operating system that ran in a privileged mode enabling the management of ESX. It was primarily used to provide a command-line interface for ESX, but was also used to run host management agents, third-party agents like that of a hardware monitoring or a system management agent, backup agents. VMware no longer makes the classic model of ESX, because it posed a larger surface area for security attacks. VMware had to frequently release patches to secure the console operating system, whilst only a few number of patches were required for the actual hypervisor component-VMKernel. The presence of the console operating system also meant a larger compute and storage footprint for ESX:
The ESX Hypervisor-only model (ESXi) does not have the console operating system, making it small enough to be embedded on motherboards or held in a USB thumb drive. And more importantly, it is more secure as it only exposed a very small surface area for security attacks. ESXi was first introduced with the release of ESX 3.5. It then had both the ESX classic and ESXi versions available. Starting with vSphere 5, VMware no longer makes the ESX classic version:
With ESXi, most of the functionalities that were available via agents running at the Console OS, have now been replaced with supporting frameworks built into VMKernel, making those functionalities agentless.
What is a virtual machine?
A virtual machine is a software construct that acts as a container for installing and running conventional operating systems on a server hardware managed by a hypervisor. It is an isolation boundary between the operating systems running on the shared hardware.
An operating system running on a virtual machine is completely unaware of the fact that it is indeed running on a virtual machine and resources assigned to it are also shared among other virtual machines. It assumes ownership of every resource that is assigned to it. Managing the sharing of resources among virtual machines is the duty of the hypervisor. The performance of the virtual machine is dependent on the hypervisor's ability to manage the shared resources.
When a virtual machine is created, it is assigned resources such as the CPU, memory, network interface, and storage. These resources are slices from a larger pool of resources that the server hardware can provide.
What makes up a virtual machine?
Now that we know the purpose of virtual machines, it is important to understand what components make up a virtual machine. Much like a physical machine, a virtual machine also has different components required for it to host a conventional operating system. The only difference being that the components and devices that become part of a virtual machine are behind an abstraction layer and hence don't have direct access to the hardware. Instead, every component such as the CPU, memory, and hard disks are slices from the physical server resources available. The operating system running on the virtual machine has an impression that it is running on physical hardware; indeed it is, but only the portion of the resources assigned to the virtual machine are exposed to the operating system:
Virtual Machine Monitor
From the previous sections, we have a brief idea as to what components make up a virtual machine. We know that it is an isolation container to run an operating system and its code without intervening with any of the other operating systems running on the same server hardware.
However, what enables this isolation? Who manages the resources for each of the virtual machines? You might already have an answer in mind, the VMKernel. Of course, it is the VMKernel, but VMKernel has several subfunctions. The kernel component that enables the concept of a virtual machine is called the Virtual Machine Monitor (VMM). Every virtual machine has an associated VMM providing virtual BIOS, virtual memory management, and other virtual devices.
The VMM has the following functions:
Processor virtualization
Every x86 operating system is coded to run directly on hardware (bare metal), which means that the operating system will run in the ring with the highest privilege, Ring 0:
Anything that runs at Ring 0 will have direct access to the x86 processor hardware. Now, the challenge is the placement of the VMM. Much like an x86 operating system kernel, the VMM also needs to run at a privilege level that has direct access to the processor hardware. VMware achieved full virtualization by using BT and DE techniques or Hardware-assisted Virtualization.
Binary Translation (BT) and Direct Execution (DE)
Binary Translation (BT) translates the privileged instructions from the guest operating system and then executes it on the processor.
Every operating system has two types of instructions-normal instructions such as arithmetic instructions and privileged instructions such as initiating an I/O or system calls. System calls are nothing but a method to call a privileged instruction, which is hidden from the user mode.
When executing a user's program or application code, the processor goes about doing its job by executing the normal instructions in the user mode (Ring 1, Ring 2, and Ring 3).
During the execution, if the processor encounters a privileged instruction such as initiating an I/O or a system call, it generates a trap indicating an exception and would need to switch to the kernel mode. Switching to kernel mode is nothing but handing over the execution to the operating system's kernel running at Ring 0. A kernel that runs at Ring 0 can execute every machine instruction and reference every memory location.
Note
What is a trap?
A trap is generated by the CPU indicating that it has encountered a condition which it cannot handle and requires assistance from the operating system. Traps are used to invoke a system call.
Since x86 wasn't designed with virtualization in mind, not every instruction will have a corresponding trap facility. A trap is an operating system functionality that captures an exception and passes the control over to the operating system kernel, to be executed at Ring 0.
Full virtualization using BT and DE requires the VMM to run at Ring 0 and the guest operating system at Ring 1:
Since the x86 operating systems are not written to run at Ring 1, every privileged instruction that is handed over to it will now have to be translated and executed by the VMM, running at Ring 0.
The dilemma here is that not every x86 OS instruction will have a trap facility. This is where binary translation does its job. It doesn't wait for the processor to encounter an exception and generate a trap. Instead, it captures and reviews the instructions. On encountering an exception, it emulates a trap and takes control over the execution of that instruction.
Direct Execution (DE) is used to send the user mode instructions directly to the processor. Although the guest OS is now placed at Ring 1, it is still at that level with a much higher privilege than the user mode instructions. Hence there is no need to translate the user mode instructions, rather they can be sent directly to the processor.
Hardware-assisted Virtualization
Both Intel and AMD have added enhancements to their processor families to assist virtualization:
These enhancements allow VMM to run in a new higher-privileged mode than Ring 0.
With Hardware-assisted Virtualization, privileged and sensitive instructions encountered can now be directly send to the VMM. Intel VT-x or AMD-V features should be enabled in BIOS of an ESXi host, to be able to run 64-bit virtual machines on it.
Memory virtualization
Like with the processor resources, the server's memory resource should also be shared among the virtual machines.
The processor has a mechanism to access every memory bit on a memory module by addressing those memory locations using physical addresses. The operating system maintains another contiguous address space called the virtual addresses for the processes that run on them. Every time a process tries to access memory, it uses the virtual address for that memory location. The operating system will then have to translate the virtual address to a physical address:
Now, when we throw a virtual machine into the mix, things take a different turn. All conventional operating systems that will be installed on a virtual machine have a memory management technique similar to what was alluded to in the previous paragraph. But since the whole idea behind virtualization is to let multiple such virtual machines, there has to be a mechanism to manage physical memory access or allocation to these virtual machines. On an ESXi host, the VMKernel does all the resource management. In this case, it has to find a way to manage the physical memory. It does so by adding another memory management layer called the machine address space:
Now, when a process running inside of a guest operating system tries to access a memory location, it uses the virtual address space to do so. The virtual address requested will then have to translate to a physical address as seen by the operating system. The operating system will then have to translate the physical address to a machine address. The machine address eventually hits the physical memory. If this procedure were to be followed for every memory access, it would add a considerable overhead. Memory virtualization addresses this problem, by providing a mechanism to directly map the guest operating system's virtual address space to the machine address space by maintaining Shadow page tables.
Hardware-assisted memory virtualization eliminates the need for Shadow page tables by providing a mechanism to map the guest operating system's physical address space to the VMKernel machine address space.
Hardware-assisted memory virtualization technologies
The following are the examples of Hardware-assisted memory virtualization technologies:
Note
For more information on how hardware-assisted memory virtualization works refer to the Performance Best Practices for vSphere 5.5: http://www.vmware.com/pdf/Perf_Best_Practices_vSphere5.5.pdf
I/O virtualization
I/O devices such as physical network interface cards and SCSI controllers will have to be made available to the virtual machines. But it wouldn't make sense if we allowed a virtual machine to own or control a device. If done so, it wouldn't allow other virtual machines to use the same resource. So, there is a compelling reason to virtualize I/O resources as well.
I/O virtualization is achieved by presenting emulated virtual devices or paravirtualized devices to the virtual machines. For emulated devices like that of an e1000 virtual network interface card, the guest operating system needs to have the required driver. For paravirtualized devices such as the VMXNET series of network interface cards you will need drivers supplied with VMware Tools. The driver corresponding to a device will interact with the I/O virtualization stack of VMkernel.
An introduction to VMware vSphere
VMware vSphere is a suite of core infrastructure solutions that help manage and monitor a virtual data center. The term vSphere was coined by VMware as a new name for their flagship virtual infrastructure in the year 2009 with the release of VMware Virtual Infrastructure 4. All the previous releases were called Virtual Infrastructure 3.x or 3.5 or 2.5, and backwards. The most recent version being vSphere 6 is the sixth generation of VMware's vSphere product line. They are the most feature rich and probably the only virtualization suite on the market covering every aspect of the virtual infrastructure with their own products or solutions.
So what really makes up vSphere? vSphere is basically a set of software solutions which include the hypervisor (ESXi), the vCenter server, and its plugins, supporting databases and host management agents. The hypervisors create a platform to run virtual machines and the vCenter forms the management layer. vCenter enables the creation of virtual data centers. Every other solution will interface and interact with the vCenter to manage or utilize the virtual data center. Having said that, VMware does offer APIs which allow third-party software developers to build tools that help manage platforms or leverage the management layer formed by the vCenter servers in an environment.
However, there are several components, tools, and features that fall under the umbrella of the vSphere suite. Not all components are within the scope of this book, but we will make an effort to include their relevance wherever possible. Most of the components are covered in depth in different chapters, but it is critical to have a brief understanding of these components before we learn about them in detail.
We will go through a very basic introduction of the following components and features.
vSphere ESXi
If you have read through the chapter up to this point then you will already have an understanding of what ESXi is. With the latest version, ESXi 6.0, there are a few scalability and a number of security enhancements.
Each ESXi 6.0 host can now support up to 480 logical CPUs, 12 terabytes of memory, and 1024 virtual machines. Let's compare this with some of the earlier versions of the ESXi hypervisor:
Limits
ESXi 6.0
ESXi 5.5
ESXi 5.1
ESXi 5.0
ESXi 4.1
ESXi 4.0
Number of logical CPUs per ESXi host
480
320
160
160
160
64
Amount of memory per ESXi host
12 TB
4TB
2TB
2TB
ITB
ITB
Number of virtual machines per ESXi host
1024
512
512
512
320
320
There are a number of security enhancements with the new version, and these include:
VMware vCenter Server
In the previous sections of this chapter, we learnt about ESXi and virtual machines. In a large infrastructure, these entities need to be centrally managed. The central management is achieved using VMware vCenter Server. It comes in the form of a Windows installable program and also as a Linux-based virtual appliance. Without the vCenter server, you cannot cluster the ESXi hosts, which is essential for the enablement of the VMware features such as vSphere HA, vSphere DRS, and vSphere DPM. Also, every other management solution that is out there will need to interface with the vCenter Server by means of a plugin.
vSphere desktop and web clients
Currently, there are two types of client available from VMware that can be used to connect and manage your vSphere infrastructure. One of them is a desktop client which can only be installed on a Windows machine. It can be used to connect directly to an ESXi host or a vCenter Server. This form of the client will reach its end of life very soon as VMware will transition every GUI action to be performed through their web client. The desktop client is C# based and it is currently available only for backward compatibility and to support a few plugins which haven't been completely transitioned to the vSphere Web Client. Unlike the desktop client, the vSphere Web Client is a server component installed and configured on a machine and the users willing to connect will rely on their web browsers to connect the web client server to access the vCenter GUI. The most critical difference is that the vSphere Web Client cannot be used to connect to an ESXi host directly. You need to rely on the vSphere C# based desktop client for that, and it is one of many reasons why the desktop client is still around.
vRealize Orchestrator
VMware vRealize Orchestrator, also known as the vCenter Orchestrator, is a GUI-based process automation tool that is installed along with your vCenter Server. It is primarily used to create workflows to automate repeatable IT processes. It has a plug-in framework which can be used by other solutions to perform actions. The vCenter Server, vRealize Automation, VROPS, VCM, and tools that can leverage the Orchestrator to perform actions.
vSphere Update Manager
It becomes necessary to upgrade or patch your vSphere environment to maintain a reliable platform for your virtual machines. Although the ESXi hosts can be patched or upgraded manually it becomes a very tedious process and would require many man-hours to perform the activity in a large environment. This is where VMware vSphere Update Manager (VUM) comes in handy. It provides a mechanism to patch and upgrade the ESXi hosts with reduced manual intervention. It can also be used to upgrade or patch third-party products such as the Cisco Nexus 1,000V.
VMware Power CLI
VMware Power CLI is a set of modules or snap-ins which include cmdlets based on Microsoft Power Shell. It is used as a scripting tool for managing or automating most of the vSphere actions. The latest version, 6.0, has more than 400 cmdlets for both vSphere and vCloud environments.
VMware VROPS
VMware vRealize Operations Manager (VROPS) is an infrastructure monitoring solution. It does provide greater insights into the performance, capacity, and health characteristics of your vSphere environment. It can present information in the form of dashboards, it can generate smart alerts, and can perform predictive analysis. It comes packaged with a vCenter plugin, but you can install several other third-party plugins to let VROPS gather information from other components as well. For instance, there are adapters for EMC Symmetrix, VNX storage systems, and many more.
vSphere Data Protection
vSphere Data Protection (VDP) is an EMC Avamar-based backup and recovery solution from VMware Inc. It is available in the form, a Linux virtual appliance and can support up to 8 terabytes of de-duplicated backup data per appliance and up to 20 such virtual appliances can be associated with a single vCenter Server.
vShield Endpoint
VMware vShield Endpoint is a security framework from VMware which enables hosting the load of performing antivirus or antimalware analysis on virtual machines onto a dedicated appliance. The framework utilizes a thin-agent included with VMware Tools and a heuristics engine running on a separate appliance provided by the security vendor. Every ESXi host will run such an appliance for the virtual machines running on it.
VMware vMotion and Storage vMotion
VMware vMotion will let you migrate the live state of a powered-on virtual machine from one ESXi host to another without affecting any of the applications or its services running on it. Whilst Storage vMotion can relocate all the files backing the virtual machine from one data store to another and also migrate its live state from one host to another, or it can migrate only the files backing the virtual machine and leave the live state on the same host.
vSphere High Availability
VMware vSphere High Availability (HA
