Virtualize Every Server
-
@scottalanmiller said:
But why would you separate (potentially) if virtualized but did not when physical?
Without virtualisation, separation requires two machines.
-
There's that, and then if the Host where your Veeam instance live burns out the RAID array, you have lost all of your backups, lol.
-
@Carnival-Boy said:
@scottalanmiller said:
But why would you separate (potentially) if virtualized but did not when physical?
Without virtualisation, separation requires two machines.
Okay, gotcha. So that's a major vote pro-virtualization then
-
@dafyre said:
There's that, and then if the Host where your Veeam instance live burns out the RAID array, you have lost all of your backups, lol.
That's the case if your array burns out virtualized or not.
-
@scottalanmiller said:
Okay, gotcha. So that's a major vote pro-virtualization then
Maybe. I'd have to consider any licencing implications of separation.
-
@scottalanmiller said:
@dafyre said:
There's that, and then if the Host where your Veeam instance live burns out the RAID array, you have lost all of your backups, lol.
That's the case if your array burns out virtualized or not.
That's why you need replication and/or archival. SPOF for backups is never an "ok" thing.
-
@Carnival-Boy said:
@scottalanmiller said:
Okay, gotcha. So that's a major vote pro-virtualization then
Maybe. I'd have to consider any licencing implications of separation.
Even if you don't decide to do it, having additional options is a positive on its own. If needed, it is there in case.
-
The only other server I still have physical is Hamachi. I virtualised it originally but it was very flaky so went physical, which is a pain.
-
Oh, and our PBX is physical.
-
@Carnival-Boy said:
The only other server I still have physical is Hamachi. I virtualised it originally but it was very flaky so went physical, which is a pain.
Is that a Hamachi Gateway? Like a hub and spoke VPN design?
-
Yes
-
Cool, haven't used Hamachi in many years. They kept dropping support for things and we gave up on it.
-
-
I'm starting to wonder if virtualising my firewall was such a good idea.
-
@Carnival-Boy said:
I'm starting to wonder if virtualising my firewall was such a good idea.
What makes you say that?
-
@Carnival-Boy said:
I'm starting to wonder if virtualising my firewall was such a good idea.
Only reason to be concerned with a virtual firewall is if you have are putting, normal internal VMs, your Firewall and your DMZ External VMs all on one host, even then the risk is small.
-
@Carnival-Boy said:
I'm starting to wonder if virtualising my firewall was such a good idea.
Why? Every cloud provider does a VFW. Cisco's vASA is very kewl, especially in high density environments that I work in. Thousands of firewalls, all humming along.
Your little one off isn't that big of a deal. Just isolate and go for it.
-
@dafyre said:
@Carnival-Boy said:
I'm starting to wonder if virtualising my firewall was such a good idea.
What makes you say that?
Because I need to power off my ESXi hosts this weekend remotely and I have no way of doing it as the firewall is running on one of the hosts. So I need to move the firewall onto a separate box, and if I'm going to do that, I'm not sure it's worth virtualising. I'd have to use a free ESXi licence, so I don't think Veeam would back it up, and it's fairly trivial to a fresh, bare metal install if disaster struck anyway.
-
@Carnival-Boy said:
Because I need to power off my ESXi hosts this weekend remotely and I have no way of doing it as the firewall is running on one of the hosts. So I need to move the firewall onto a separate box, and if I'm going to do that, I'm not sure it's worth virtualising. I'd have to use a free ESXi licence, so I don't think Veeam would back it up, and it's fairly trivial to a fresh, bare metal install if disaster struck anyway.
How can you not power them off remotely just because it's running as a VM, shutdown your other VMs, power off the Host the Firewall is on and let the VM gracefully shutdown during the host shutdown. Easy.
-
Oh ok, cool. For some reason I thought you had to put the host into maintenance mode before you can shut it down. I'm not quite sure what you mean by gracefully, though?
