While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Metrics can make or break virtualization projects; estimates can doom them to failure.
That was the message from federal, research and industry experts on a panel at the recent Symantec Government Symposium in Washington.
When it comes to metrics, the most important best practice “is to use real numbers — actual numbers drawn from real applications running on real servers,” says Stan Bigsby, a Hewlett-Packard solutions architect who has worked on several federal virtualization migrations.
“There have been real failures when estimates are used,” he says. Data centers must take accurate readings of power and cooling demands generated during peak processing loads, for instance. And they need to know the exact latency of services, and the ebb and flow of utilization on their servers, before they consider migrating to a virtualized environment, Bigsby adds.
These numbers are critical when planning which systems to collocate on a virtual machine and for planning service level agreements for the users of that data center, points out Daniel Menasce, senior associate dean at The Volgenau School of IT and Engineering at George Mason University, in Fairfax, Va. “It’s very important to have a quantitative approach to how the systems perform,” says Menasce, who leads research at the school on automatic load-balancing in VM environments. “If you don’t know what you’re looking for, you won’t be able to optimize your systems across the environment.”
Menasce identifies four measurements as most crucial to virtualization planning and monitoring:
An organization needs to know the metrics (and any variations) for these categories for all systems it wants to consider virtualizing, Menasce advises. Then it can make reasoned migration strategies and rationally measure and assure performance once it virtualizes, he says.
Looking at the hard numbers is key, says Jack Nichols, director of enterprise operations for the Office of the Chief Administrative Officer at the House of Representatives, which has virtualized 200 servers supporting congressional offices. But in the government, there are nonquantitative factors that must be considered, he says: “It’s not just a math problem. There are administrative and business process issues, too.”
Plus, depending on the security requirements, some apps should not be virtualized together, Nichols adds. “Sometimes, even if the numbers make sense, virtualizing the particular data may not. The business processes are as important as the utilization numbers.” (Read more about the House’s virtualization project here.)
Knowing those factors can help with managing the virtual environment, says Menasce. His research focuses on autonomic tools for VM environments, essentially the development of computers that can self-manage and self-adjust.
Such tools, which are increasingly common in virtualization suites, can be used to automatically manage even those applications that — because of security or other agency-specific reasons — must be excluded from VMs. This can be done by setting a resource constraint rule, which can limit on-the-fly allocation changes in the data center, Menasce says.
Tools that allow for automated utilization and hot-swapping are value adds that increase utilization rates and provide a level of high availability and security that many apps have not had previously, adds Nichols.
“Many tools already exist to dynamically manage utility” and allocation across machines, says Menasce.