Managing the Virtual Image Life Cycle

Tech analysis: With the increasing popularity of virtualization comes a new problem: virtual sprawl. Keep your virtual machines under control with patch management and inventory software.

More and more IT organizations are embracing virtual server and desktop infrastructure technologies. A December 2009 report from Forrester Research found that 71 percent of the companies it surveyed are using server virtualization and believe that 62 percent of their x86 server OS instances will be virtualized with the next two years. Virtual desktop implementations lag behind, but are gaining ground. A December 2009 study by Ziff Davis Enterprise's own Baseline found that 30 percent of participating executives expected deployment of VDI to increase at their companies.

For all the benefits that virtualization can deliver, the technology does not erase the need for physical-world management tasks such as prompt patching and, where appropriate, antivirus protection. In fact, some of virtualization's standout virtues-agility and flexibility, for instance-can double as management vices, particularly when it comes to managing these easily minted virtual machines as they move through their life cycles.

Rapid growth of virtual machines (both their images and their instances) can lead to a condition known as "virtual sprawl," in which lapses in basic care and feeding of multiplying, unaccounted-for virtual instances can present major IT and organizational challenges to enterprises.

Dealing effectively with VM lifecycle management boils down in large part to focusing on the management practices that worked in the physical world, beginning with well-planned golden images, adherence to timely patching regimes and careful system inventory. Certainly, these practices work a bit differently in the virtual world, so the key to success is watching out for virtual pitfalls and maximizing the advantages inherent in virtual platforms.

What's behind virtual sprawl?

Most virtualization implementations are focused on solving problems that were challenging when managing a one-to-one relationship between physical machines and software (OS and applications) such as underutilization and difficulties in providing management and security.

Previously, most enterprises suffered from what amounted to "physical server sprawl"-the result of years of building underutilized, heterogeneous, power-hungry and unmanageable server farms in fits and spurts as budget was available. This doesn't even take into account the difficulties involved in managing tens of thousands of physical desktops, pushing OS and application patches, enforcing security policy, and accepting that users typically need enough privileges to screw things up.

At first glance virtualization seems a natural solution to the problems of physical computing. Virtual machine images are more convenient to work with than physical machines because they can be treated, in essence, as data.

But now enterprises are starting to see a different kind of sprawl-virtual machine image sprawl. Virtual machine images are cloned, versioned, archived and, when in use, changed over time. The cost of physical server hardware controlled physical server sprawl somewhat, but virtual machines can be created, manipulated, duplicated and reconfigured without costing anything more than disk space. With the cost barrier removed, IT organizations are free to create countless virtual machine images with myriad configurations. Consider this the entry point for virtual sprawl, which, if not combated quickly and decisively, can ran rampant throughout an IT organization.

How does the sprawl grow? Each physical server is replaced by a virtual server image. Virtual server images are typically stored in a massive SAN (storage area network) environment, reaching hundreds of terabytes and even petabytes in some organizations, and deployed to a smaller number of well-utilized, homogeneous, commodity physical servers. Client machines (meaning an OS, apps, configuration and perhaps data) can be replaced by virtual desktops containing the same. But once deployed, no two virtual clients can truly remain the same for very long. Snapshots, clones, changes that are made and then rolled back, or not-all of this adds up to an explosion in the number of virtual machine images that must be catalogued, maintained, deployed and managed within an organization.