Compiled from community discussions by community experts
1. Which business systems in enterprises can be migrated to virtualization platforms?
Migration can start with non-core business systems to virtualization platforms, monitoring the operational status of these systems and accumulating operational experience.
Basically, most systems can be migrated to virtualization platforms, such as office applications and production operations. However, databases with heavy loads, graphic design, high-performance computing, and big data applications are not suitable.
Each enterprise’s situation is different, and the businesses vary. It cannot be generalized. However, the steps can start from non-production businesses and gradually move to production businesses.
For some scattered businesses that do not require high computation or high load, migration is more suitable. Database-related businesses are not recommended for virtualization platforms.
2. What preparations are needed before migrating existing business systems to virtualization platforms?
Old systems running on X86/Power each have their own solutions.
1. X86 systems can use P2V tools to migrate to virtualization platforms. The success rate of P2V for Windows is relatively high, while for Linux, it is lower. Most of the migration workload is actually related to data; the architecture of the old system determines the difficulty and complexity of migration.
2. Migrating from Power platforms to virtualization is relatively simple; the operating system can be backed up and restored in multiple ways. There are many tools for shared storage data, utilizing AIX or the storage technology itself to achieve data migration.
3. What are the differences between PowerVM backup methods and traditional backups? How are they implemented?
The VIO Server is essentially a packaged AIX, and its backup and recovery have two methods: one is NIM backup and recovery, but when restoring, be sure to mark “not as a NIM server client”; the other is using the viosbr command for backup and recovery.
The backup of VIO Clients is the same as traditional backups; the operating system can be backed up and restored via NIM, and others can also use backup software for LAN-free backup and recovery.
In cases where PowerVM is not heavily utilized, I think using a tape drive for operating system backups is sufficient. After all, operating system-level backups do not need to be done too frequently. Client partitions can use tape drives, but this will involve many device mapping operations, which can be cumbersome. A virtual image library can be created on VIOS.
4. How to achieve centralized management in PowerVM?
PowerVC, which is developed based on the OpenStack architecture, can manage PowerVM, enabling graphical rapid deployment and maintenance.
5. How to dynamically add a disk for mirroring in PowerVM without downtime in a production environment?
In fact, creating a mirror in PV is essentially mirroring at the LV level within PV. You can use lspv -l hdisk0,hdisk1 to query. For example, when mirroring rootvg, there is a dumplv mirror. When creating a new LV in the already established mirrored rootvg, it defaults to not selecting synchronization, meaning this newly created LV will only be established in one PV, while the other PV will not have this LV.
6. How to resolve issues with applications published on the Citrix platform that cannot be used?
When discovering that applications published on Citrix cannot be used, logging into the Citrix client reports a CGP error. Logging into the Xenapp server checks the log error source from the Reliability Server, described as “Unable to connect to the CGP tunnel destination (127.0.0.1:1494).” The server had an automatic restart record the previous night. Everything was normal the day before, and it was suspected to be related to system upgrade patches. The decision was made to uninstall all patches updated the previous day, restart the server, and test Citrix applications, which worked normally. Due to urgency, individual patches were not uninstalled for testing, but it was initially judged that the .NET patch was the most related. Subsequently, automatic updates for that server were disabled.
7. How to optimize VMware’s network design for high availability?
For high availability of compute nodes, in addition to ensuring redundancy in resource quantity, policy settings are also very important. The following points can be referenced:
1. Admission Control Policy: For production environments, it is generally considered appropriate to choose (Host Failure the cluster tolerates =1); of course, if your resources are very idle, you can adjust it upwards.
2. Set the startup priority (high, medium, low) for virtual machines on each physical machine based on their importance.
3. When the number of virtual machines on a physical machine far exceeds the number of physical machines in the cluster, consider setting virtual machine HA mutual exclusion rules.
4. In production environments, try not to set DRS policies too aggressively. Especially when there are load balancing devices in the front, it is recommended to set DRS to advisory mode.
For storage, it is essential to ensure that all nodes in the cluster see the same external storage view, which must be fully shared to ensure HA and DRS functionality. Additionally, regarding storage, consider the following points:
1. In the volume properties, disable the Storage IO Control option. It is not recommended for VMware to interfere with underlying IO, as it may introduce performance issues.
2. Set the multipathing policy for the volume to Round Robin.
VMware provides two high availability options: VMware HA and FT, but they can only monitor and recover at the ESXi host level. Generally, high availability is implemented at the application level, using appropriate clusters or load balancing based on different business roles. For backend database roles, they are generally deployed on physical machines. If they must be on virtual machines, consider using Veritas’ Infoscale series clustering software (formerly VCS), which can interact with VMware’s vMotion and other management methods without requiring bare device support to avoid split-brain scenarios, and supports applications with different priorities to start and stop in a specified order. Similar clusters can generally only achieve basic functionality.
8. What is the VMware escape issue?
VMware has an enhanced tool that allows copying and pasting files with the host machine. Does this make it easier for virtual machines to escape? Does this mean virtual machines are no longer secure?
Virtual machine escape refers to exploiting vulnerabilities in virtualization software or software running within a virtual machine to attack or control the host operating system.
“There is a boundary memory access vulnerability in the drag-and-drop (DnD) feature of VMware Workstation and Fusion. On an operating system running Workstation or Fusion, an attacker can exploit this vulnerability to achieve guest escape and execute code on the host. If the drag-and-drop and copy-and-paste (C&P) features are disabled on Workstation Pro and Fusion, this vulnerability cannot be exploited.”
9. What are the merge policy issues when deleting VMware snapshots?
For example, there is a snapshot A->B->C->current position.
When the virtual machine is off:
Question 1. If snapshot B is deleted, is the content of snapshot B merged into A or C?
Question 2. If snapshot C is deleted, is the content of snapshot C merged into B or the current position?
When the virtual machine is on:
Question 3. If snapshot B is deleted, is the content of snapshot B merged into A or C?
Question 4. If snapshot C is deleted, is the content of snapshot C merged into B or the current position?
If the rolled-back snapshot does not contain the memory state, the server will shut down and restart using the previous snapshot state. If the snapshot contains the memory state, the virtual machine will simply pause and then resume to the previous snapshot’s disk and memory state.
When users operate on VMware virtual machine snapshots, it is important to note that when deleting all snapshots of a virtual machine, all created delta files are first merged into the original VMDK file and then deleted. If you choose to delete only a specific snapshot, then only that snapshot is merged into the upper-level snapshot. If you choose to roll back a snapshot, the existing disk and memory state will be discarded, and the system will revert to the selected rollback time point state. Regardless of which snapshot level you choose to roll back, it becomes the new parent snapshot. The parent snapshot does not represent the latest snapshot; if you choose to roll back to a previous time point, the virtual machine will revert to the state of that earlier time point. In the Snapshot Manager, the parent snapshot is always labeled “You are here,” representing the current state of the virtual machine.
10. What are the differences between VMware and VirtualBox?
There are various opinions on which virtual machine product is superior, VMware or VirtualBox, among users.
However, personally, I prefer using VMware. Firstly, in terms of resource usage, whether during the installation of the operating system or while using it, VMware virtual machines generally maintain a CPU usage rate of around 100%; whereas VirtualBox virtual machines have a lower CPU usage rate, peaking at around 60% and averaging around 30%. Of course, this is based on my PC configuration: a Pentium D processor with a frequency of 2.81×2, 2GB of memory, and a 160GB hard drive at 7200 RPM. When using VirtualBox, I generally need to manually allocate a core for it to use; otherwise, I cannot perform my other tasks.
Secondly, in terms of network settings, the network type settings for VirtualBox virtual machines are noticeably less comprehensive than those of VMware. At least, I could not find the bridging option; if it exists, it indicates that VirtualBox does not perform as well as VMware in terms of simplicity and usability.
Although VirtualBox has many shortcomings compared to VMware, it still has many advantages. Firstly, it is free to use; even after being acquired by Sun, it remains free. Secondly, it supports cross-platform use; VirtualBox not only supports Windows but also other mainstream platforms like Linux and Unix, which is a significant reason many users choose VirtualBox. Thirdly, the latest version supports a wide range of operating systems. For personal users installing virtual machines for learning, work, or program development and debugging, VirtualBox can fully meet these needs. However, for enterprise-level applications, such as setting up multiple virtual servers on a single server, I believe VMware’s ease of use, management convenience, and resource utilization advantages make it more suitable for this type of work.
11. Comparison of PowerVM, VMware, and Citrix virtualization platforms?
PowerVM is suitable for virtualization on Power hosts, VMware is suitable for virtualization on x86 servers, and Citrix is suitable for desktop virtualization.
12. Comparison of advantages between commercial virtualization architecture and open-source virtualization architecture?
The physical drivers of ESX are built into the Hypervisor, and all device drivers are pre-installed by VMware. Therefore, ESX has a strict compatibility list for hardware; hardware not on the list will be rejected for installation.
The Hypervisor of Hyper-V is a very lightweight software layer that does not contain any physical drivers. The device drivers for physical servers reside in the parent partition of Windows Server 2008, and the installation and loading methods of drivers are no different from traditional Windows systems. Therefore, any hardware supported by Windows can also be compatible with Hyper-V.
The Hypervisor layer of XEN is very thin, with less than 150,000 lines of code, and does not contain any physical device drivers, similar to Hyper-V. The drivers for physical devices reside in Dom 0 and can reuse existing Linux device drivers. Therefore, XEN also has broad hardware compatibility; if it is supported by Linux, it is supported by XEN.
KVM uses modified QEMU to provide emulation for BIOS, graphics cards, network, disk controllers, etc., but for I/O devices (mainly network cards and disk controllers), it inevitably leads to performance issues. Therefore, KVM also introduces paravirtualized device drivers, which work with virtual drivers in the virtual machine’s operating system and physical drivers in the host Linux kernel to provide near-native device performance. Thus, the physical devices supported by KVM are the same as those supported by Linux.
13. What is the capacity of virtual machine backups and the principle of snapshots?
Recently, I discussed virtual machine snapshot technology with colleagues, focusing on the issue of capacity changes in snapshot backups.
My colleague believes that the backup capacity will increase with the growth of virtual machine disk data after the first snapshot backup, but there is a certain limit.
I believe that snapshot backups are similar to Windows restore points, with full snapshots and differential snapshots. The capacity of snapshot backups does not change; the first snapshot is a full snapshot, while subsequent snapshots are differential snapshots, but the backup volume will merge with the first snapshot, rather than changing automatically with the virtual machine’s capacity as my colleague suggested.
What exactly is a virtual machine snapshot?
When you create a virtual machine snapshot, it is a specific file. It is also a redo-log log. The delta file is a change bitmap on the base VMDK (virtual machine disk), so it cannot grow larger than the VMDK. Each time a snapshot is created for the virtual machine, a delta file is created. When a snapshot is deleted or restored in the snapshot manager, these files are automatically deleted.
These files are used to store metadata and information about the snapshot. This file is in text format and includes information such as the snapshot display name, UID (number), and disk file name. Before you create a virtual machine snapshot, the initial size of this file is 0 bytes. Thus, as soon as a snapshot is taken, this file will grow and continue to be updated.
After a snapshot is removed, this file cannot be completely cleared. Once you delete a snapshot, it will still leave a position in the file for each snapshot, but only increase the number and place the name in “Consolidate Helper,” which may be used to consolidate backup *.vmsn files.
This is the snapshot state file, which stores the precise running state of a virtual machine when using the snapshot. The size of this file depends on whether you choose to retain the storage of this virtual machine as part of the snapshot. If you choose to retain the virtual machine’s storage, this file will be larger, and then allocate the maximum RAM to the virtual machine.
This file is similar to the VMware suspended state file .vmss. Each snapshot of the virtual machine will create a .vmss file; when moving snapshots, these files are automatically deleted.
In most cases, you should avoid creating multiple snapshots for the same virtual machine; each time a new snapshot is created for the system, its running speed will slow down. Each snapshot will create a corresponding delta disk file, and if the virtual machine needs to read multiple delta files, it will inevitably increase the system’s I/O load. This process will undoubtedly extend the response time of the virtual machine and generate additional disk operations.
If you only want to keep the latest version among a series of snapshots, you can consolidate them into a single snapshot. This method can help improve system running speed and management efficiency. Select the target virtual machine, right-click, and then choose to consolidate. You can check in the virtual machine and template view whether the virtual machine needs consolidation and see all virtual machines that require consolidation in the list.
14. What is the most critical aspect of operations and maintenance in virtualization platforms?
The most critical aspects of operations and maintenance are:
1. Efficiency
This mainly depends on the scale of your virtualization platform. If the scale is large, using scripting methods like Python or PowerCLI (only for VMware) will be very convenient for operations and maintenance, allowing for the creation, modification, and deletion of related resources such as virtualization control centers, hosts, virtual machines, virtual networks, and storage, especially for batch operations like creating multiple virtual machines.
Those with capabilities can use automation configuration tools like Puppet or Ansible for daily operations and maintenance of virtual machines.
2. Global control anytime, anywhere
This mainly relies on monitoring and logs, such as Zabbix, ELK, or commercial versions, to understand the health status of the virtualization platform and respond accordingly.
3. Security
This mainly concerns virtual machines and data backups; even if virtual machines or data are damaged, backups can be restored.
This article was compiled by community expert Cui Zhe based on community Q&A summaries.
For more related articles, please click to read the original text.
Long press the QR code to follow the public account.
