ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    virtualize all the things... ?

    Scheduled Pinned Locked Moved IT Discussion
    88 Posts 15 Posters 12.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @bj
      last edited by

      @bj said in virtualize all the things... ?:

      I understand the point, and on that point you are absolutely correct. My question is in practice, are you actually trying to hit that 100% mark?

      For maximum throughput, yes you are. You only ever go below that point for latency reasons.

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @bj
        last edited by

        @bj said in virtualize all the things... ?:

        It seems like the services would do well to have a little buffer room in there, considering spikes in load and all.

        That's why you virtualize and consolidate. It helps to even out the spikes.

        1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @wirestyle22
          last edited by

          @wirestyle22 said in virtualize all the things... ?:

          @bj said in virtualize all the things... ?:

          I understand the point, and on that point you are absolutely correct. My question is in practice, are you actually trying to hit that 100% mark? It seems like the services would do well to have a little buffer room in there, considering spikes in load and all. But maybe we're talking apples and oranges here. I'm thing production web / database servers, where speed is a priority. Maybe you are considering a less sensitive work load?

          There are reasons to not virtualize which @scottalanmiller has mentioned here, but they are very few and far between. Typically you are wasting more resources in a non-virtualized server than you are in a physical server. They can be telling the truth, but I seriously doubt they are.

          It's really not that you run servers at 100%. It's that you don't use excuses like being fully utilized until you are. Because it makes no sense. If your servers are sized to be maxed out, then consolidation would improve that.

          1 Reply Last reply Reply Quote 2
          • Emad RE
            Emad R @bj
            last edited by Emad R

            @bj

            The only thing I can think of you may not want to virtualize is VPN server.
            cause if you want to reboot the Host hypervisor for whatever reason (maybe shutdown by disaster and not choice), it is bit tricky to diagnose and running when you cant connect especially if your working from home.

            I reckon the AMD AM1 platform is an excellent platform for VPN server, especially if you get motherboard that gets charged using laptop charger (AM1H-ITX) you are free to experiment and deploy whatever VPN solution you want , or purchase a commercial VPN box.

            scottalanmillerS coliverC 3 Replies Last reply Reply Quote 1
            • scottalanmillerS
              scottalanmiller @Emad R
              last edited by

              @emad-r said in virtualize all the things... ?:

              The only thing I can think of you may not want to virtualize is VPN server.

              That would be a reason to consider doing a one to one deployment (e.g. not consolidating) but not a reason to not virtualize.

              1 Reply Last reply Reply Quote 1
              • scottalanmillerS
                scottalanmiller @Emad R
                last edited by

                @emad-r said in virtualize all the things... ?:

                ... it is bit tricky to diagnose and running when you cant connect especially if your working from home.

                That just exposes the fragility of LAN-based security.

                Emad RE 1 Reply Last reply Reply Quote 2
                • coliverC
                  coliver @Emad R
                  last edited by

                  @emad-r said in virtualize all the things... ?:

                  @bj

                  The only thing I can think of you may not want to virtualize is VPN server.
                  cause if you want to reboot the Host hypervisor for whatever reason (maybe shutdown by disaster and not choice), it is bit tricky to diagnose and running when you cant connect especially if your working from home.

                  I reckon the AMD AM1 platform is an excellent platform for VPN server, especially if you get motherboard that gets charged using laptop charger (AM1H-ITX) you are free to experiment and deploy whatever VPN solution you want , or purchase a commercial VPN box.

                  That doesn't really make much sense either. If you can move the VM to another machine... if not you'd want to have tested this prior to going remote. In reality it seems very rare for a simple system, like a VPN, to go not come back up when a hypervisor reboots.

                  Emad RE 1 Reply Last reply Reply Quote 0
                  • Emad RE
                    Emad R @coliver
                    last edited by Emad R

                    @coliver said in virtualize all the things... ?:

                    @emad-r said in virtualize all the things... ?:

                    @bj

                    The only thing I can think of you may not want to virtualize is VPN server.
                    cause if you want to reboot the Host hypervisor for whatever reason (maybe shutdown by disaster and not choice), it is bit tricky to diagnose and running when you cant connect especially if your working from home.

                    I reckon the AMD AM1 platform is an excellent platform for VPN server, especially if you get motherboard that gets charged using laptop charger (AM1H-ITX) you are free to experiment and deploy whatever VPN solution you want , or purchase a commercial VPN box.

                    That doesn't really make much sense either. If you can move the VM to another machine... if not you'd want to have tested this prior to going remote. In reality it seems very rare for a simple system, like a VPN, to go not come back up when a hypervisor reboots.

                    True it is very simple, but still there is risk like when power outages occurs and stuff like that. If you lost the VPN you no longer can access, thus in my mind separating it, seems like good idea. And will make my work on Hosts and updating the servers much easier, especially since its not VM and I dont have to worry about it (shutting down). But yes I understand what you mean with careful operation there shouldn't be any issues of it being an VM machine after all.

                    Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                    scottalanmillerS coliverC 3 Replies Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Emad R
                      last edited by

                      @emad-r said in virtualize all the things... ?:

                      @coliver said in virtualize all the things... ?:

                      @emad-r said in virtualize all the things... ?:

                      @bj

                      The only thing I can think of you may not want to virtualize is VPN server.
                      cause if you want to reboot the Host hypervisor for whatever reason (maybe shutdown by disaster and not choice), it is bit tricky to diagnose and running when you cant connect especially if your working from home.

                      I reckon the AMD AM1 platform is an excellent platform for VPN server, especially if you get motherboard that gets charged using laptop charger (AM1H-ITX) you are free to experiment and deploy whatever VPN solution you want , or purchase a commercial VPN box.

                      That doesn't really make much sense either. If you can move the VM to another machine... if not you'd want to have tested this prior to going remote. In reality it seems very rare for a simple system, like a VPN, to go not come back up when a hypervisor reboots.

                      True it is very simple, but still there is risk like when power outages occurs and stuff like that. If you lost the VPN you no longer can access, thus in my mind separating it, seems like good idea. And will make my work on Hosts and updating the servers much easier, especially since its not VM and I dont have to worry about it. But yes I understand what you mean with careful operation there shouldn't be any issues of it being an VM machine after all.

                      Virtualization should improve all of these things, not make them worse. That's part of the critical point as to why we always virtualize without exception - because it is free and improves our safety / reliability. It provides protection. Don't think of it as virtualiation, think of it as hardware abstraction and driver containment. It's a key provider of system stability - something that is exactly what you are trying to create here.

                      1 Reply Last reply Reply Quote 1
                      • scottalanmillerS
                        scottalanmiller @Emad R
                        last edited by

                        @emad-r said in virtualize all the things... ?:

                        Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                        No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                        J 1 Reply Last reply Reply Quote 0
                        • Emad RE
                          Emad R @scottalanmiller
                          last edited by

                          @scottalanmiller said in virtualize all the things... ?:

                          @emad-r said in virtualize all the things... ?:

                          ... it is bit tricky to diagnose and running when you cant connect especially if your working from home.

                          That just exposes the fragility of LAN-based security.

                          Hehe, true but what to say it is simple.

                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                          • J
                            Jimmy9008 @scottalanmiller
                            last edited by

                            @scottalanmiller said in virtualize all the things... ?:

                            @emad-r said in virtualize all the things... ?:

                            Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                            No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                            Agree. Makes no sense. Move the VPN VM to another host before updating the original.

                            Emad RE 1 Reply Last reply Reply Quote 0
                            • coliverC
                              coliver @Emad R
                              last edited by

                              @emad-r said in virtualize all the things... ?:

                              Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                              Um... this is where things like cluster aware updating come in handy.

                              1 Reply Last reply Reply Quote 2
                              • Emad RE
                                Emad R @Jimmy9008
                                last edited by

                                @jimmy9008 said in virtualize all the things... ?:

                                @scottalanmiller said in virtualize all the things... ?:

                                @emad-r said in virtualize all the things... ?:

                                Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                                No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                                Agree. Makes no sense. Move the VPN VM to another host before updating the original.

                                What if you only have 1 enterprise grade server in one site ? and you can just purchase another 3000$ server cause you ran out of budget, but you can get the AM1 AMD platform for 300$ and make it VPN server

                                coliverC scottalanmillerS J 3 Replies Last reply Reply Quote 0
                                • coliverC
                                  coliver @Emad R
                                  last edited by

                                  @emad-r said in virtualize all the things... ?:

                                  @jimmy9008 said in virtualize all the things... ?:

                                  @scottalanmiller said in virtualize all the things... ?:

                                  @emad-r said in virtualize all the things... ?:

                                  Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                                  No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                                  Agree. Makes no sense. Move the VPN VM to another host before updating the original.

                                  What if you only have 1 enterprise grade server in one site ? and you can just purchase another 3000$ server cause you ran out of budget, but you can get the AM1 AMD platform for 300$ and make it VPN server

                                  Why does having one server matter?

                                  1 Reply Last reply Reply Quote 2
                                  • scottalanmillerS
                                    scottalanmiller @Emad R
                                    last edited by

                                    @emad-r said in virtualize all the things... ?:

                                    @scottalanmiller said in virtualize all the things... ?:

                                    @emad-r said in virtualize all the things... ?:

                                    ... it is bit tricky to diagnose and running when you cant connect especially if your working from home.

                                    That just exposes the fragility of LAN-based security.

                                    Hehe, true but what to say it is simple.

                                    Is it? Seems complex to me 🙂

                                    1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @Emad R
                                      last edited by

                                      @emad-r said in virtualize all the things... ?:

                                      @jimmy9008 said in virtualize all the things... ?:

                                      @scottalanmiller said in virtualize all the things... ?:

                                      @emad-r said in virtualize all the things... ?:

                                      Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                                      No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                                      Agree. Makes no sense. Move the VPN VM to another host before updating the original.

                                      What if you only have 1 enterprise grade server in one site ? and you can just purchase another 3000$ server cause you ran out of budget, but you can get the AM1 AMD platform for 300$ and make it VPN server

                                      I still don't see the logic. What's the connection between virtualization and all that cost? Why are you not virtualizing on the $300 AM1 board?

                                      Emad RE 1 Reply Last reply Reply Quote 2
                                      • coliverC
                                        coliver
                                        last edited by

                                        Does your edge device not support IPSEC or other VPN technologies? Seems like you could save yourself some money by putting in Ubiquiti equipment to facilitate this type of maintenance.

                                        1 Reply Last reply Reply Quote 2
                                        • J
                                          Jimmy9008 @Emad R
                                          last edited by

                                          @emad-r said in virtualize all the things... ?:

                                          @jimmy9008 said in virtualize all the things... ?:

                                          @scottalanmiller said in virtualize all the things... ?:

                                          @emad-r said in virtualize all the things... ?:

                                          Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                                          No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                                          Agree. Makes no sense. Move the VPN VM to another host before updating the original.

                                          What if you only have 1 enterprise grade server in one site ? and you can just purchase another 3000$ server cause you ran out of budget, but you can get the AM1 AMD platform for 300$ and make it VPN server

                                          Many ways to crack it. For example, VPN in. Set your firewall to allow remote connections from your current external IP address (not great, but possible).

                                          Do the work. You have the VPN for when it's up, and rule through firewall if it doesn't come back up. After patch finished, remove the firewall rule... Of course, i'd not personally do that, I'd have a second host for multiple reasons anyway...

                                          But you don't need the physical VPN server. Why have another kit at all for a rare chance it won't come back up... If it doesn't, you probably have other issues.

                                          1 Reply Last reply Reply Quote 0
                                          • Emad RE
                                            Emad R @scottalanmiller
                                            last edited by

                                            @scottalanmiller said in virtualize all the things... ?:

                                            @emad-r said in virtualize all the things... ?:

                                            @jimmy9008 said in virtualize all the things... ?:

                                            @scottalanmiller said in virtualize all the things... ?:

                                            @emad-r said in virtualize all the things... ?:

                                            Imagine you want to patch ESXi, and you are connected via VPN VM running in that same ESXi host. And we dont have like 300 servers, more like 1-2 server per site. so you understand how difficult it can become.

                                            No, I still don't understand. You are talking about adding another server to accommodate the VPN. So you are talking purely about consolidation as a concern, which it is, and not at all about virtualization as a concern (which it is not.)

                                            Agree. Makes no sense. Move the VPN VM to another host before updating the original.

                                            What if you only have 1 enterprise grade server in one site ? and you can just purchase another 3000$ server cause you ran out of budget, but you can get the AM1 AMD platform for 300$ and make it VPN server

                                            I still don't see the logic. What's the connection between virtualization and all that cost? Why are you not virtualizing on the $300 AM1 board?

                                            Ahh, now I see what you mean. Btw the board costs 50$ and the CPU that goes on top costs like another 50$ the whole AM1 AMD solution box with RAM + PSU + Drive will cost you = 300$

                                            Umm, cause it will be only used for that role and that role only, no other thing. But I get your point now. If we want to think about virtualization as "hardware abstraction and driver containment" then it makes sense what you are saying.

                                            scottalanmillerS 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 4 / 5
                                            • First post
                                              Last post