VMware vSphere Design

Book description

The only book focused on designing VMware vSphere implementations.

VMware vSphere is the most widely deployed virtualization platform today. Considered the most robust and sophisticated hypervisor product, vSphere is the de facto standard for businesses, both large and small. This book is the only one of its kind to concisely explain how to execute a successful vSphere architecture, tailored to meet your company's needs. Expert authors share with you the factors that shape the design of a vSphere implementation. Learn how to make the right design decisions for your environment.

  • Explores the latest release of VMware vSphere

  • Details the overall design process, server hardware selection, network layout, security considerations, storage infrastructure, virtual machine design, and more

  • Debates the merits of Scaling Up servers versus Scaling Out, ESX versus ESXi hypervisor, vSwitches versus dvSwitches, and what the different storage protocols have to offer

  • Illustrates the tools to monitor, to plan, to manage, to deploy and to secure your vSphere landscape

  • Steps through the design decisions that a typical company may encounter, and questions the choices made

  • Packed with real-world proven strategies, VMware vSphere Design examines how the virtualization architecture for your company should ideally look—and how best to achieve it.

  • Table of contents

    1. Copyright
    2. Dear Reader,
    3. Acknowledgments
    4. About the Authors
    5. Introduction
      1. Who Should Read This Book
        1. Ways to Read the Book
        2. Other Resources Available
      2. What You Need
      3. What's Inside
      4. How to Get in Touch with the Authors
    6. 1. An Introduction to Designing VMware Environments
      1. 1.1. What Is Design?
      2. 1.2. The Facets of vSphere Design
        1. 1.2.1. The Technical Facet
        2. 1.2.2. The Organizational Facet
        3. 1.2.3. The Operational Facet
      3. 1.3. The Process of Design
        1. 1.3.1. Gathering and Defining Functional Requirements
          1. 1.3.1.1. Reviewing Documentation
          2. 1.3.1.2. Performing Interviews
        2. 1.3.2. Assessing the Environment
        3. 1.3.3. Assembling the Design
        4. 1.3.4. Documenting the Design
        5. 1.3.5. Performing the Implementation
      4. 1.4. Summary
    7. 2. ESX vs. ESXi
      1. 2.1. Two vSphere Hypervisors
      2. 2.2. ESX Design
        1. 2.2.1. Installation Design Options
          1. 2.2.1.1. Interactive Install
          2. 2.2.1.2. Scripted Install
          3. 2.2.1.3. Installation Choices
            1. 2.2.1.3.1. IP Address
            2. 2.2.1.3.2. Installation Location
            3. 2.2.1.3.3. Partitioning
        2. 2.2.2. Post-Installation Design Options
      3. 2.3. ESXi Design
        1. 2.3.1. ESXi Components
        2. 2.3.2. ESXi Agents
        3. 2.3.3. ESXi System Image
        4. 2.3.4. ESXi Flavors: Installable and Embedded
          1. 2.3.4.1. ESXi Installable
            1. 2.3.4.1.1. Hardware Requirements
            2. 2.3.4.1.2. Installation
            3. 2.3.4.1.3. Stateless Installation
            4. 2.3.4.1.4. ESXi Persistence
            5. 2.3.4.1.5. Vendor-Specific Images
            6. 2.3.4.1.6. Scaling Deployments
          2. 2.3.4.2. ESXi Embedded
          3. 2.3.4.3. Comparing Installable and Embedded
        5. 2.3.5. ESXi Management
          1. 2.3.5.1. Common Management Tools
          2. 2.3.5.2. DCUI
          3. 2.3.5.3. TSM
          4. 2.3.5.4. Browser-Based Tools
          5. 2.3.5.5. Host Profiles
          6. 2.3.5.6. Security
            1. 2.3.5.6.1. Remote Services
            2. 2.3.5.6.2. External Firewalls
            3. 2.3.5.6.3. Local Authentication
            4. 2.3.5.6.4. Lockdown Mode
          7. 2.3.5.7. Hardware Monitoring
          8. 2.3.5.8. Logging
      4. 2.4. ESX vs. ESXi
        1. 2.4.1. Similarities
        2. 2.4.2. When to Use ESX
        3. 2.4.3. When to Use ESXi
      5. 2.5. Migrating to ESXi
        1. 2.5.1. Testing
        2. 2.5.2. Deployment
        3. 2.5.3. Management
      6. 2.6. Summary
    8. 3. Designing the Management Layer
      1. 3.1. Components of the Management Layer
        1. 3.1.1. VMware vCenter Server
        2. 3.1.2. Choosing the Operating System for your vCenter
          1. 3.1.2.1. vCenter Components
          2. 3.1.2.2. Database
          3. 3.1.2.3. Hardware Resources
          4. 3.1.2.4. vSphere Client
        3. 3.1.3. VMware Update Manager
          1. 3.1.3.1. Update Manager Components
          2. 3.1.3.2. Database
        4. 3.1.4. Management Applications
          1. 3.1.4.1. vCLI
          2. 3.1.4.2. PowerCLI
          3. 3.1.4.3. vMA
      2. 3.2. Sizing Your vCenter Server
        1. 3.2.1. Operating System
        2. 3.2.2. Using a Remote or Local Server
          1. 3.2.2.1. Local
          2. 3.2.2.2. Remote
          3. 3.2.2.3. Resources
          4. 3.2.2.4. Redundancy
        3. 3.2.3. Number of Objects Managed
        4. 3.2.4. Update Manager
          1. 3.2.4.1. Database Sizing for vCenter and Update Manager
      3. 3.3. Plug-ins
        1. 3.3.1. Guided Consolidation
        2. 3.3.2. Storage Vendor Plug-in
      4. 3.4. Linked Mode
        1. 3.4.1. Prerequisites
        2. 3.4.2. Considerations
        3. 3.4.3. Under the Covers
        4. 3.4.4. Roles
      5. 3.5. vCenter: Virtual or Physical
        1. 3.5.1. Physical Server
          1. 3.5.1.1. The Chicken and the Egg
          2. 3.5.1.2. Separation of Duties
          3. 3.5.1.3. Amount of Resources
        2. 3.5.2. Virtual
          1. 3.5.2.1. The Chicken and the Egg
          2. 3.5.2.2. Server Consolidation
          3. 3.5.2.3. Snapshots
          4. 3.5.2.4. Portability
          5. 3.5.2.5. Redundancy
          6. 3.5.2.6. Eating Your Own Dog Food
      6. 3.6. Redundancy
        1. 3.6.1. vCenter
          1. 3.6.1.1. VMware HA
          2. 3.6.1.2. vCenter Server Heartbeat
        2. 3.6.2. SQL/Oracle Database
          1. 3.6.2.1. VMware HA
          2. 3.6.2.2. Microsoft Cluster/Oracle Cluster
          3. 3.6.2.3. vCenter Server Heartbeat
      7. 3.7. Security
        1. 3.7.1. Isolation
        2. 3.7.2. Permissions
          1. 3.7.2.1. Virtual Machine Access
        3. 3.7.3. SSL Certificates
      8. 3.8. Summary
    9. 4. Server Hardware
      1. 4.1. Hardware Considerations
        1. 4.1.1. Factors in Selecting Hardware
          1. 4.1.1.1. Features
          2. 4.1.1.2. Performance
          3. 4.1.1.3. Reliability
          4. 4.1.1.4. Redundancy
          5. 4.1.1.5. Upgradability and Expandability
        2. 4.1.2. Computing Needs
          1. 4.1.2.1. Hardware Compatibility List
          2. 4.1.2.2. Which Hypervisor?
            1. 4.1.2.2.1. Minimum Hardware
            2. 4.1.2.2.2. Purpose
          3. 4.1.2.3. Scaling
          4. 4.1.2.4. Hardware Consistency
        3. 4.1.3. Server Constraints
          1. 4.1.3.1. Rack Space
          2. 4.1.3.2. Power
          3. 4.1.3.3. UPS
          4. 4.1.3.4. Cooling
          5. 4.1.3.5. I/O Ports
          6. 4.1.3.6. vSphere Licensing
        4. 4.1.4. Differentiating Among Vendors
      2. 4.2. Server Components
        1. 4.2.1. CPU
          1. 4.2.1.1. Multicore CPUs and Scheduling
          2. 4.2.1.2. CPU Virtualization
          3. 4.2.1.3. Virtualization Enhancements
          4. 4.2.1.4. CPU Capacity
        2. 4.2.2. RAM
          1. 4.2.2.1. Memory Usage
          2. 4.2.2.2. Memory Mapping
          3. 4.2.2.3. Hardware-Assisted Mapping
          4. 4.2.2.4. Memory Overcommitment
            1. 4.2.2.4.1. Techniques to Reclaim Memory
            2. 4.2.2.4.2. When Memory Is Reclaimed
          5. 4.2.2.5. Memory Capacity
        3. 4.2.3. NUMA
        4. 4.2.4. Motherboard
        5. 4.2.5. Storage
        6. 4.2.6. Network
        7. 4.2.7. PCI
      3. 4.3. Preparing the Server
        1. 4.3.1. Configuring the BIOS
        2. 4.3.2. Other Hardware Settings
        3. 4.3.3. Burn-in
        4. 4.3.4. Preproduction Checks
      4. 4.4. Scale Up vs. Scale Out
        1. 4.4.1. Advantages of Scaling Up
        2. 4.4.2. Advantages of Scaling Out
        3. 4.4.3. Scaling Is a Matter of Perspective
        4. 4.4.4. Risk Assessment
        5. 4.4.5. Choosing the Right Size
      5. 4.5. Blade Servers vs. Rack Servers
        1. 4.5.1. Blade Servers
          1. 4.5.1.1. The Case for Blade Servers
          2. 4.5.1.2. The Case Against Blade Servers
        2. 4.5.2. Rack Servers
        3. 4.5.3. Form-Factor Conclusions
      6. 4.6. Alternative Hardware Approaches
        1. 4.6.1. Cloud Computing
        2. 4.6.2. Converged Hardware
      7. 4.7. Summary
    10. 5. Designing your Network
      1. 5.1. Designing with Redundancy
        1. 5.1.1. Hosts
          1. 5.1.1.1. Service Console
          2. 5.1.1.2. Virtual Machine Traffic
          3. 5.1.1.3. IP Storage (NFS/iSCSI)
          4. 5.1.1.4. vMotion
          5. 5.1.1.5. FT
        2. 5.1.2. Network Switches (pSwitches)
      2. 5.2. Security
        1. 5.2.1. Management Network
        2. 5.2.2. Virtual Machine Traffic
        3. 5.2.3. IP Storage Network Traffic
          1. 5.2.3.1. VLAN Separation
          2. 5.2.3.2. NFS Exports
          3. 5.2.3.3. CHAP Authentication
        4. 5.2.4. vMotion and FT Traffic
      3. 5.3. Performance
        1. 5.3.1. Service Console
        2. 5.3.2. vMotion
        3. 5.3.3. IP Storage
        4. 5.3.4. Virtual Machine Network
      4. 5.4. Teaming Options
        1. 5.4.1. Guest OS Network Teaming and Virtual Machine Port Groups
        2. 5.4.2. IP Storage
          1. 5.4.2.1. iSCSI
          2. 5.4.2.2. NFS
            1. 5.4.2.2.1. pSwitches Support EtherChannel
            2. 5.4.2.2.2. pSwitches Don't Support EtherChannel
      5. 5.5. Jumbo Frames
      6. 5.6. Fault Tolerance
      7. 5.7. 10GbE
        1. 5.7.1. Physical Network Cable
        2. 5.7.2. Switches
        3. 5.7.3. Network Modules
      8. 5.8. vSwitches and vDSs
        1. 5.8.1. Central Management
        2. 5.8.2. Private VLANs
        3. 5.8.3. Port Groups, Management, and VMkernel
      9. 5.9. Naming and IP Conventions
      10. 5.10. Design Scenarios
        1. 5.10.1. Two NICs
        2. 5.10.2. Four NICs
        3. 5.10.3. Six NICs
        4. 5.10.4. Eight NICs
        5. 5.10.5. Two 10GbE NICS
        6. 5.10.6. Four 10GbE NICS
      11. 5.11. Summary
    11. 6. Storage
      1. 6.1. Dimensions of Storage Design
        1. 6.1.1. Storage Design Factors
          1. 6.1.1.1. Availability
          2. 6.1.1.2. Performance
          3. 6.1.1.3. Capacity
          4. 6.1.1.4. Cost
        2. 6.1.2. Storage Efficiency
          1. 6.1.2.1. Availability Efficiency
          2. 6.1.2.2. Performance Efficiency
          3. 6.1.2.3. Capacity Efficiency
          4. 6.1.2.4. Other Efficiencies
      2. 6.2. Designing for Capacity
        1. 6.2.1. RAID Options
          1. 6.2.1.1. RAID 0
          2. 6.2.1.2. RAID 10
          3. 6.2.1.3. RAID 5
          4. 6.2.1.4. RAID 6
          5. 6.2.1.5. Other Vendor-Specific RAID Options
          6. 6.2.1.6. Basic RAID Storage Rules
        2. 6.2.2. Estimating Capacity Requirements
        3. 6.2.3. VMFS Capacity Limits
        4. 6.2.4. Large or Small Datastores?
        5. 6.2.5. VMFS Block Sizes
        6. 6.2.6. Thin Provisioning
          1. 6.2.6.1. Should You Thin-Provision Your VMs?
          2. 6.2.6.2. Does Thin Provisioning Affect the VM's Performance?
          3. 6.2.6.3. If Your Storage Array Can Thin-Provision, Should You Do It on the Array, in vSphere, or Both?
        7. 6.2.7. Data Deduplication
        8. 6.2.8. Array Compression
        9. 6.2.9. Downside of Saving Space
      3. 6.3. Designing for Performance
        1. 6.3.1. Measuring Storage Performance
        2. 6.3.2. How to Calculate a Disk's IOPS
        3. 6.3.3. What Can Affect a Storage Array's IOPS?
          1. 6.3.3.1. Disks
          2. 6.3.3.2. RAID Configuration
          3. 6.3.3.3. Interfaces
          4. 6.3.3.4. Controllers
          5. 6.3.3.5. Transport
          6. 6.3.3.6. Other Performance Factors to Consider
            1. 6.3.3.6.1. Queuing
            2. 6.3.3.6.2. Partition Alignment
            3. 6.3.3.6.3. Storage I/O Control
            4. 6.3.3.6.4. Workload
            5. 6.3.3.6.5. VMs
          7. 6.3.3.7. Newer Technologies to Increase Effective IOPS
            1. 6.3.3.7.1. Write Coalescing
            2. 6.3.3.7.2. Large Cache
            3. 6.3.3.7.3. Cache Pre-Fetch
            4. 6.3.3.7.4. Cache Deduplication
            5. 6.3.3.7.5. Tiering
            6. 6.3.3.7.6. Storage Hardware Acceleration
        4. 6.3.4. Measuring Your Existing IOPS Usage
      4. 6.4. Local Storage vs. Shared Storage
        1. 6.4.1. Local Storage
        2. 6.4.2. What About Local Shared Storage?
        3. 6.4.3. Shared Storage
      5. 6.5. Choosing a Network Protocol
        1. 6.5.1. Fiber Channel
          1. 6.5.1.1. Fibre Channel over Ethernet
        2. 6.5.2. iSCSI
        3. 6.5.3. NFS
        4. 6.5.4. Protocol Choice at the End of the Day
      6. 6.6. Multipathing
        1. 6.6.1. SAN Multipathing
          1. 6.6.1.1. Native Multipathing Plugin
            1. 6.6.1.1.1. SATP
            2. 6.6.1.1.2. PSP
          2. 6.6.1.2. Multipathing Plugin
          3. 6.6.1.3. ALUA
          4. 6.6.1.4. Additional iSCSI Considerations
            1. 6.6.1.4.1. Hardware iSCSI Initiators
            2. 6.6.1.4.2. Software iSCSI Initiators
        2. 6.6.2. NAS Multipathing
      7. 6.7. Summary
    12. 7. Virtual Machines
      1. 7.1. Components of a Virtual Machine
        1. 7.1.1. Base Virtual Machine Hardware
        2. 7.1.2. Hardware Versions
        3. 7.1.3. Virtual Machine Maximums
        4. 7.1.4. Hardware Choices
          1. 7.1.4.1. CPU
          2. 7.1.4.2. Memory
          3. 7.1.4.3. Disks
          4. 7.1.4.4. SCSI Controllers
          5. 7.1.4.5. Network Adapter
          6. 7.1.4.6. Video Card
          7. 7.1.4.7. CD/DVD Drive
          8. 7.1.4.8. Floppy Drive
          9. 7.1.4.9. USB Controllers
          10. 7.1.4.10. Serial Port and Parallel Port
          11. 7.1.4.11. PCI Device
          12. 7.1.4.12. VMCI
        5. 7.1.5. Removing or Disabling Unused Hardware
        6. 7.1.6. Virtual Machine Options
          1. 7.1.6.1. General Options
          2. 7.1.6.2. vApp Options
          3. 7.1.6.3. VMware Tools
          4. 7.1.6.4. Power Management
          5. 7.1.6.5. Advanced
            1. 7.1.6.5.1. General
            2. 7.1.6.5.2. CPUID Mask
            3. 7.1.6.5.3. Memory/CPU Hotplug
            4. 7.1.6.5.4. Boot Options
            5. 7.1.6.5.5. Paravirtualization
            6. 7.1.6.5.6. Fibre Channel NPIV
            7. 7.1.6.5.7. CPU/MMU Virtualization
            8. 7.1.6.5.8. Swapfile Location
        7. 7.1.7. Resources
          1. 7.1.7.1. CPU
            1. 7.1.7.1.1. CPU Shares
            2. 7.1.7.1.2. CPU Reservation
            3. 7.1.7.1.3. CPU Limit
          2. 7.1.7.2. Memory
            1. 7.1.7.2.1. Memory Shares
            2. 7.1.7.2.2. Memory Reservations
            3. 7.1.7.2.3. Memory Limits
          3. 7.1.7.3. Disk
          4. 7.1.7.4. Advanced CPU
          5. 7.1.7.5. Advanced Memory
        8. 7.1.8. Naming Virtual Machines
        9. 7.1.9. VMware Tools
      2. 7.2. Sizing Virtual Machines
      3. 7.3. Virtual Machine Network Design
        1. 7.3.1. vNIC Drivers
          1. 7.3.1.1. Flexible
          2. 7.3.1.2. E1000
          3. 7.3.1.3. VMXNET 2 (Enhanced)
          4. 7.3.1.4. VMXNET 3
          5. 7.3.1.5. vNIC Driver Performance
        2. 7.3.2. MAC Addresses
        3. 7.3.3. VLAN Tagging
      4. 7.4. Virtual Machine Storage Design
        1. 7.4.1. Disks
        2. 7.4.2. Disk Modes
          1. 7.4.2.1. Snapshot
          2. 7.4.2.2. Independent Persistent
          3. 7.4.2.3. Independent Nonpersistent
        3. 7.4.3. SCSI Controllers
        4. 7.4.4. Disk Types
        5. 7.4.5. RDMs
          1. 7.4.5.1. Virtual Compatibility Mode RDM
          2. 7.4.5.2. Physical Compatibility Mode RDM
          3. 7.4.5.3. RDM Usage
        6. 7.4.6. Storage vMotion
      5. 7.5. Guest Software
        1. 7.5.1. Selecting an OS
        2. 7.5.2. Software Licensing
        3. 7.5.3. Disk Alignment
        4. 7.5.4. Defragmentation
        5. 7.5.5. Optimizing the Guest for the Hypervisor
          1. 7.5.5.1. Cutting the Fat
            1. 7.5.5.1.1. CPU and Memory
            2. 7.5.5.1.2. Disk
            3. 7.5.5.1.3. Network
          2. 7.5.5.2. Time Settings
      6. 7.6. Clones, Templates, and vApps
        1. 7.6.1. Clones
        2. 7.6.2. Templates
          1. 7.6.2.1. Guest Customization
          2. 7.6.2.2. Sysprep
        3. 7.6.3. Preparing a Template
        4. 7.6.4. OVF Standard
        5. 7.6.5. vApps
      7. 7.7. Virtual Machine Availability
        1. 7.7.1. vSphere VM Availability
        2. 7.7.2. Third-Party VM Clustering
          1. 7.7.2.1. Microsoft Clustering
            1. 7.7.2.1.1. MSCS Limitations
            2. 7.7.2.1.2. Disk Types
          2. 7.7.2.2. SCSI Controller Settings
            1. 7.7.2.2.1. Design for an HA/DRS Cluster
          3. 7.7.2.3. Microsoft NLB
      8. 7.8. Summary
    13. 8. Datacenter Design
      1. 8.1. vSphere Inventory Structure
        1. 8.1.1. Inventory Root
        2. 8.1.2. Folders
        3. 8.1.3. Datacenters
        4. 8.1.4. Clusters
        5. 8.1.5. Resource Pools
        6. 8.1.6. Hosts
        7. 8.1.7. Virtual Machines
        8. 8.1.8. Templates
        9. 8.1.9. Datastores
        10. 8.1.10. Networks
        11. 8.1.11. Why and How to Structure
      2. 8.2. Clusters
        1. 8.2.1. EVC
        2. 8.2.2. Swapfile Policy
        3. 8.2.3. Cluster Sizing
      3. 8.3. Resource Pools
        1. 8.3.1. Resource Pool Settings
          1. 8.3.1.1. Shares
          2. 8.3.1.2. Reservations
          3. 8.3.1.3. Expandable Reservations
          4. 8.3.1.4. Limits
        2. 8.3.2. Admission Control
      4. 8.4. Distributed Resource Scheduling
        1. 8.4.1. Load Balancing
          1. 8.4.1.1. DRS Requirements
          2. 8.4.1.2. DRS Automation Levels
          3. 8.4.1.3. VM Options (DRS)
          4. 8.4.1.4. Balancing Decisions
          5. 8.4.1.5. DRS Efficiency
        2. 8.4.2. Affinity Rules
          1. 8.4.2.1. VM-VM Affinity Rules
            1. 8.4.2.1.1. Keep VMs Together
            2. 8.4.2.1.2. Separate VMs
          2. 8.4.2.2. VM-Host Affinity Rules
            1. 8.4.2.2.1. "Should" Rule
            2. 8.4.2.2.2. "Must" Rule
            3. 8.4.2.2.3. Using VM-Host Rules
        3. 8.4.3. Distributed Power Management
          1. 8.4.3.1. DPM Requirements
          2. 8.4.3.2. DPM Automation Levels
          3. 8.4.3.3. DPM Host Options
          4. 8.4.3.4. DPM Impacts
          5. 8.4.3.5. When to Use DPM
      5. 8.5. High Availability and Clustering
        1. 8.5.1. High Availability
          1. 8.5.1.1. HA Requirements
          2. 8.5.1.2. Cluster Size
          3. 8.5.1.3. Primary and Secondary Hosts
          4. 8.5.1.4. Failure Detection
          5. 8.5.1.5. Host Monitoring
          6. 8.5.1.6. Admission Control
            1. 8.5.1.6.1. Host Failures Cluster Tolerates
            2. 8.5.1.6.2. Percentage of Cluster Resources Reserved
            3. 8.5.1.6.3. Specify a Failover Host
          7. 8.5.1.7. VM Options (HA)
            1. 8.5.1.7.1. Restart Priority
            2. 8.5.1.7.2. Host Isolation
          8. 8.5.1.8. HA Impacts
          9. 8.5.1.9. HA Recommendations
        2. 8.5.2. VM and Application Monitoring
        3. 8.5.3. Fault Tolerance
          1. 8.5.3.1. FT Versions
          2. 8.5.3.2. vLockstep Interval
          3. 8.5.3.3. Requirements and Restrictions
          4. 8.5.3.4. Enabling FT
          5. 8.5.3.5. When to Use FT
          6. 8.5.3.6. FT Impacts
          7. 8.5.3.7. FT Recommendations
      6. 8.6. Summary
    14. 9. Designing with Security in Mind
      1. 9.1. Why Is Security Important?
      2. 9.2. Separation of Duties
        1. 9.2.1. Risk Scenario
        2. 9.2.2. Risk Mitigation
      3. 9.3. Shell Access to the ESX Host
        1. 9.3.1. Risk Scenario
        2. 9.3.2. Risk Mitigation
          1. 9.3.2.1. Local Users on the Host
          2. 9.3.2.2. Local Users with Active Directory Integration
          3. 9.3.2.3. ESX and Active Directory Integration
          4. 9.3.2.4. ESXi vs. ESX
          5. 9.3.2.5. vMA Remote Administration
      4. 9.4. vCenter Permissions
        1. 9.4.1. Risk Scenario
        2. 9.4.2. Risk Mitigation
      5. 9.5. Managing Network Access
        1. 9.5.1. Risk Scenario
        2. 9.5.2. Risk Mitigation
          1. 9.5.2.1. Management Network
          2. 9.5.2.2. Management Stations
          3. 9.5.2.3. Network Port-Based Access
          4. 9.5.2.4. vMotion Traffic
      6. 9.6. The DMZ
        1. 9.6.1. Risk Scenario
        2. 9.6.2. Risk Mitigation
          1. 9.6.2.1. Partially Collapsed DMZ with Separate Physical Zones
          2. 9.6.2.2. Partially Collapsed DMZ with Separate Virtual Zones
          3. 9.6.2.3. Fully Collapsed DMZ
          4. 9.6.2.4. Separation of Storage
      7. 9.7. Protecting the VMs
        1. 9.7.1. Risk Scenario
        2. 9.7.2. Risk Mitigation
          1. 9.7.2.1. Antivirus Storms
          2. 9.7.2.2. Ensuring That Machines Are Up to Date
      8. 9.8. Change Management
        1. 9.8.1. Risk Scenario
        2. 9.8.2. Risk Mitigation
          1. 9.8.2.1. Test Environment
          2. 9.8.2.2. Change Process
      9. 9.9. Protecting Your Data
        1. 9.9.1. Risk Scenario
        2. 9.9.2. Risk Mitigation
          1. 9.9.2.1. A Complete VM
          2. 9.9.2.2. Backup Sets
          3. 9.9.2.3. Virtual Machine Data
      10. 9.10. Cloud
        1. 9.10.1. Risk Scenario
        2. 9.10.2. Risk Mitigation
          1. 9.10.2.1. Control
          2. 9.10.2.2. Data Transfer
      11. 9.11. Security in vCenter Linked Mode
        1. 9.11.1. Risk Scenario
        2. 9.11.2. Risk Mitigation
          1. 9.11.2.1. Per-Site Permissions
          2. 9.11.2.2. Global Permissions
      12. 9.12. Firewalls in Your Virtual Infrastructure
        1. 9.12.1. The Problem
        2. 9.12.2. The Solution
          1. 9.12.2.1. Physical Firewall
          2. 9.12.2.2. Virtual Firewall
      13. 9.13. Auditing and Compliance
        1. 9.13.1. The Problem
        2. 9.13.2. The Solution
          1. 9.13.2.1. Host Profiles
          2. 9.13.2.2. Centralized Log Collection
          3. 9.13.2.3. Security Audits
      14. 9.14. Summary
    15. 10. Monitoring and Capacity Planning
      1. 10.1. Nothing Is Static
      2. 10.2. Building Monitoring into the Design
        1. 10.2.1. Determining the Tools to Use
          1. 10.2.1.1. Using Built-in Tools
          2. 10.2.1.2. Using Additional VMware Tools
          3. 10.2.1.3. Using Third-Party Tools
        2. 10.2.2. Selecting the Items to Monitor
        3. 10.2.3. Selecting Thresholds
        4. 10.2.4. Taking Action on Thresholds
        5. 10.2.5. Alerting the Operators
      3. 10.3. Incorporating Capacity Planning in the Design
        1. 10.3.1. Planning Before Virtualization
          1. 10.3.1.1. Using Tools for Previrtualization Capacity Planning
          2. 10.3.1.2. Manually Performing Previrtualization Capacity Planning
        2. 10.3.2. Planning During Virtualization
          1. 10.3.2.1. Using Tools for Capacity Planning During Virtualization
          2. 10.3.2.2. Manually Performing Capacity Planning During Virtualization
      4. 10.4. Summary
    16. 11. Bringing It All Together
      1. 11.1. Sample Design
        1. 11.1.1. Business Overview for XYZ Widgets
        2. 11.1.2. Hypervisor Selection (VMware ESX vs. VMware ESXi)
        3. 11.1.3. vSphere Management Layer
        4. 11.1.4. Server Hardware
        5. 11.1.5. Networking Configuration
        6. 11.1.6. Shared Storage Configuration
        7. 11.1.7. VM Design
        8. 11.1.8. VMware Datacenter Design
        9. 11.1.9. Security Architecture
        10. 11.1.10. Monitoring and Capacity Planning
      2. 11.2. Examining the Design
        1. 11.2.1. Hypervisor Selection (VMware ESX vs. VMware ESXi)
        2. 11.2.2. vSphere Management Layer
        3. 11.2.3. Server Hardware
        4. 11.2.4. Networking Configuration
        5. 11.2.5. Shared Storage Configuration
        6. 11.2.6. VM Design
        7. 11.2.7. VMware Datacenter Design
        8. 11.2.8. Security Architecture
        9. 11.2.9. Monitoring and Capacity Planning
      3. 11.3. Summary

    Product information

    • Title: VMware vSphere Design
    • Author(s):
    • Release date: March 2011
    • Publisher(s): Sybex
    • ISBN: 9780470922026