The Move to ESXi: What, Why, and When


Published on

Presentation given for ILTA in 10/2010 on the decision factors involved in moving from ESX (Service Console) to ESXi

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • The Move to ESXi: What, Why, When?

    How to Determine the Best Strategy for Your Infrastructure

  • Hello, and welcome to the ILTA Webinar on making the decision to Migrate to ESXi – What, When, Why and Why Not.

    This is the first in a series of three webinars presented for ILTA. The second, in early November will cover the HOW as we look at the actual process of migrating your infrastructure to ESXi. The third, in late November will be concerned with new management tools and techniques for managing your ESXi infrastructure without the use of the Linux-based Service Console.
  • Speaker Bio

    My name is Christopher Janoch. I’m the senior virtualization engineer at iVision – a Technology Solutions Company based in Atlanta, GA specializing in designing, building and managing next-generation IT infrastructure and applications.

    I’ve been working with VMware’s virtualization products for nearly 12 years and the legal industry in particular for the last 6.
  • So what is the reason for this Webinar?

    This summer, VMware made an announcement that many of us in the industry were expecting: That the Linux-based ESX Service Console would be going away, and that VMware will only move forward with the ESXi platform. Starting with the next release of vSphere the Service Console will no longer be available.
    Coupled with this general announcement was a specific one aimed toward their technical partners and implementers: To encourage the adoption of ESXi by recommending that new implementations and upgrades should be performed using ESXi 4.1 instead of vSphere 4.1.

    Unfortunately, these two announcements (and various interpretations of them) have caused a great deal of confusion and uncertainty in the User Community. Should we upgrade to ESXi 4.1? Should we upgrade to vSphere 4.1? Should we take a “wait and see” approach? How much time do I have to make the decision?
  • Agenda

    In this presentation, our first of three webinars, we will discuss the practical differences between ESX and ESXi, the reasons behind VMware’s decision to focus on the ESXi version, and the primary factors for you to consider when deciding whether to upgrade to the ESXi hypervisor at this time. We will cover WHAT exactly ESXi is and the WHY we have all been encouraged to move to it. We will also explore DETAILED “Real World” observations with ESXi, and the timing decisions around WHEN you should update your infrastructure.
    Hopefully this will help clear up some of the misunderstandings and give the straight facts that you need to make a well informed decision.
    If during the presentation you have any questions, there is a Q&A tab at the top of the Live Meeting window. At the end of the presentation, I’ll go through the questions and see how many I can answer for you.
  • So What exactly *is* ESXi?
  • VMware ESX Architecture (Version 3.x)

    If we go back to version 3.0 of ESX, we can see that the ESX Host is composed of two different systems: The VMkernal and the Service Console.

    The VMkernal was a full Operating System, with a User API developed using a subset of the Portable Operating System Interface for Unix (POSIX), and contained the Resource Scheduler,  Storage and Network Components and Device Drivers needed to control the hardware system.

    The Service Console contained the Management agents needed for VirtualCenter control, Infrastructure Agents (such as NTP and Syslog), and 3rd Party Agents (such as Hardware Monitoring, System Management, and the Linux-based CLI Interface)

    The VMkernal ran isolated Virtual Machine Monitors upon which were individually hosted Virtual Machines.
  • VMware ESX Architecture (Version 4.x)

    When version 4.0 was released, more capabilities were added to the User API, and many agents such as the infrastructure and management framework were moved down into the kernel.

    The Service Console became a separate virtual machine – really a legacy artifact to support the Classic CLI interface, 3rd-Party Agents, configuration and diagnostic scripts.

    APIs for Agentless management (such as remote CLI) were opened, as the CIM or Common Interface Model was integrated for Agentless Hardware Monitoring.
  • VMware ESXi Architecture (Version 4.x)

    In the ESXi architecture, now called the vSphere Hypervisor Architecture, the legacy Service Console has simply been removed.
  • vSphere Licensing Options

    Another confusing topic is the issue of licensing. After all, ESXi is “free” right? If it is the same hypervisor, then what am I paying for?

    With the new vSphere licensing model, the different types of licenses “unlock” specific features. The base, “free” ESXi system allows you run isolated VM’s with all of the performance, scalability, and resilience found in an Enterprise-level system.
    The Standard license adds centralized management features enabled with the vCenter Management Server: including clustering, High Availability, Template Provisioning and now with vSphere 4.1 -- vMotion.

    Advanced licensing unlocks features such as: Security Zoning, and Data Recovery, and Fault Tolerance

    Enterprise licensing gives you DRS to automatically load-balance the VMs across your cluster, Storage vMotion and Advanced Storage APIs for faster and more-efficient backups, and lastly,

    Enterprise Plus gives you the brand new vSphere technologies including: Host Profiles, Distributed Switching, and I/O controls, and the ability to add 3rd Party Modules like Cisco’s Nexus 1000v distributed virtual switch.
  • So why the change to ESXi?
  • ESXi Advantages and Improvements

    First and foremost is Better Reliability and Security. Over 90% of all of the security patches released for ESX 3.x were to close security holes in the 2GB Linux-based Service Console interface. Eliminating the Service Console drastically reduced the codebase size to approximately 100MB, removing security vulnerabilities and reducing the attackable footprint of the OS.

    Faster to Deploy. ESXi has fewer configuration items making it faster to install and easier to script. If you are considering deployment through an automatic PXE boot environment, ESXi would certainly be your best option.

    Tighter Control over the VMkernal. The ESXi kernel has been tightened down to prevent arbitrary code or 3rd-Party agents from potentially creating instability in the core OS. Remote APIs were designed and created to allow 3rd-Party agents to be designed to run on Virtual Appliances and to remotely pass instructions to the internal management framework.

    Lower Development Costs. By only designing updates, patches, and drivers for one version of the platform, VMware saves time and money when developing and testing their code.

    Marketing. I also personally believe that VMware was beginning to have problems with its messaging in comparison with its biggest competitors. Microsoft has consistently tried to claim a significantly lower price point by comparing their base Hyper-V services (which many users get as part of their 2008 OS) with VMware’s Enterprise-Plus version of vSphere instead of the “free” ESXi hypervisor. A consistent product provides for a simpler Marketing Message for VMware.
  • So what are the differences…. Really?

    Having worked with both systems in the “real-world”, I can verify that there are some practical differences between the two systems. Some of them require training and experience to work with; others are “features” that were eliminated because without a Service Console they were unnecessary.

    Here is a quick rundown on the differences that may cause you or your administrators some pain:

  • Real World Observations

    There is no Service Console. Seems obvious, right? Unfortunately, many of the emergency “administrator” tools (like esxcfg-* and esxtop) are not accessed the same way. Instead, you need to work through a separate application ands issue commands using the RemoteCLI interface. Be sure to take the opportunity in a development environment to get used to the new management tools before migrating your systems so you will be ready in the event of a crisis.
    The ESXi Firewall / Security Profile is configured differently. Without the Service Console, you no longer need or have the option to configure separate security services on the host.
    Customized Partitioning is no longer available (or necessary). Without the Service Console, or 3rd Party Agents running on the host, there is no longer a need to set up non-default partitioning. This speeds up the installation of ESXi and ensures a consistent configuration across your enterprise
  • Real World Observations - Continued

    The Service Console Networking has been eliminated. In ESX, the Service Console was actually a separate virtual machine with its own network layer. You would typically configure a Service Console vswif, with its own Management and Gateway IP address. (Following best practices we would configure two for redundancy). In ESXi, without the Service Console, there is no additional Management IP address. The vmk is used for management control instead (although you can still create multiples for redundancy and separation from the vMotion VMK and NFS Storage.)

    This means however, that you no longer have the option of a second Gateway Address – so you may need to re-think how you are setting up your management VLANS.

    VMware services don’t like “Hybrid” environments. Several VMware services such as Fault Tolerance can only be run on two hosts of the same type. They must either both be ESX or ESXi, not a mix. If you are running these features you may have to disable them during your system migration, and you will not want to remain in a hybrid cluster for long.
  • So… Should I upgrade to ESXi now, or Wait?
  • Key Decision Points

    The biggest consideration points for determining whether to move to ESXi now really depend on your infrastructure’s reliance on the Service Console.
    Do you currently use 3rd Party Tools that are installed into the Service Console? Many current backup agents (like eVault) currently require an agent to be loaded into the Service Console to support host-based backups of your Virtual Machines. Sever vendors, such as DELL and HP often have you load monitoring based software (like OpenManage) into the Service Console as well for monitoring and managing the physical hardware in the host server
    In these cases, you must either wait for the vendor support to be available or use an alternate solution:

    For Backup Agents you can use VMware’s Data Protection program, or 3rd-Party Backup Utilities that use a Virtual Appliance-based Agent.

    3rd Party Hardware Monitoring Agents – DELL, HP may be able to be replaced with VMware’s native CIM Monitoring tied into the vCenter Server

    Other 3rd-Party Monitoring and Reporting tools may be replaced by using native vSphere Alarms and vCenter-Based monitoring and alerting.
  • Key Decision Points - Continued

    Do you run custom scripts or programs in the Service Console, for Inventory or Health Check purposes?

    These will need to be re-worded to use a remote command language like: Remote CLI, PowerShell, or Perl scripts that are remotely executed on a separate virtual server (like VMware’s VIMA appliance).
  • Key Decision Points - Continued

    Do you use non-standard drivers? If so, be sure to verify support and check the Hardware Compatibility Matrix for ESXi support.
    Do you configure an unusual security configuration? Begin looking and asking for future solutions for your vendor partners. And be sure to test any non-standard configurations in a development environment before migrating your production environment to ESXi.
  • ESXi isn’t right for me yet.

    Should I upgrade to vSphere 4.1 or adopt a “wait and see” attitude?
  • By all means, Upgrade!!

    The ESXi requirement without the Service Console will not be until the next version of vSphere (5.0?) which could be more than a year away.
    I believe that the benefits of vSphere 4.1 greatly outweigh the “wait and see” approach

    Performance and Stability have been improved in the 4.1 version of vSphere

    vStorage APIs for better/faster backups

    vShield APIs for better Antivirus and Security solutions

    New Features such as Host Profiles, Distributed virtual Switches, and Fault Tolerance certainly make this a worthwhile upgrade whether you choose to deploy the ESXi or ESX version. It can greatly improve the efficiency of your production environment today.
  • Making the Decision
  • Conclusions

    There are slight Differences and Advantages in the ESXi system, including: better Security, Stability, consistent Marketing. It truly is an “enterprise level” system – reliability, performance and licensing are the same as you are used to now with ESX.
    The Major Decision Factors to help you decide when to move to ESXi are 3rd-Party Vendor integration challenges, and possible changes to the way you currently manage, configure and automate your infrastructure.
    If you are considering a migration to ESXi, begin testing any non-standard compatibility in a development environment today. Really, you need to begin spending time with a development copy of ESXi to get used to the new changes in management.
    Not migrating to ESXi should not delay you from upgrading to vSphere 4.1
  • Any Questions?
  • Look Ahead

    Two more webcasts to follow:

    Implementation steps and procedures for Upgrading your ESX infrastructure to ESXi in early November

    New Management Tools and Techniques for ESXi in late November
    Thank you everyone for you time today. I hope this was an informative presentation, and has helped you in your decision of whether or not to migrate your systems to ESXi.
    If you are interested, please join us in November for the next two ILTA webcasts.
  • The Move to ESXi: What, Why, and When

    1. 1. Server Operations and Security Technology Speaker: Christopher Janoch October 12, 2010 ILTA Webinar Session Migrating to ESXi: What, When, Why and Why Not? How to Determine the Best Strategy for your Infrastructure
    2. 2. Migrating to ESXi: What, When, Why and Why Not? How to Determine the Best Strategy for your Infrastructure Christopher Janoch
    3. 3. Speaker Bio Christopher Janoch Sr. Virtualization Engineer at iVision Contact Info: #cjanoch iVision, Inc. Page 3 For more information about iVision, please see our website at:
    4. 4. VMware’s Big Announcement VMware vSphere 4.1 and its subsequent update and patch releases are the last releases to include both ESX and ESXi hypervisor architectures. Future major releases of VMware vSphere will include only the VMware ESXi architecture.  VMware recommends that customers start transitioning to the ESXi architecture when deploying VMware vSphere 4.1  VMware will continue to provide technical support for VMware ESX according to the VMware vSphere support policy iVision, Inc. Page 4 VMware vSphere 4.1 Release Notes – ESX Edition, July 13th, 2010
    5. 5. Agenda
    6. 6. So What is it? The Evolution of the vSphere Hypervisor iVision, Inc. Page 6
    7. 7. VMware ESX Architecture (Version 3.x) iVision, Inc. Page 7
    8. 8. iVision, Inc. Page 8 VMware ESX Architecture (Version 4.x)
    9. 9. iVision, Inc. Page 9 VMware ESXi Architecture (Version 4.x)
    10. 10. vSphere ESXi Licensing Options iVision, Inc. Page 10
    11. 11. So Why the Change to ESXi? iVision, Inc. Page 11
    12. 12. ESXi Advantages and Improvements  Better Reliability and Security - ESXi has fewer security vulnerabilities  Faster to Deploy - The installation is easier to script and automate  Tighter Control over the VMkernal - No arbitrary code or 3rd party agents in core operating system  Lower Development Costs - Only one version of the platform simplifies development and testing  Marketing - Reduces confusion over product features iVision, Inc. Page 12
    13. 13. So What are the Real “Practical” Differences? iVision, Inc. Page 13
    14. 14. Real-World Observations  There is no Service Console - Management tools and processes have changed  RemoteCLI, PowerShell, VMA - Learn new systems and procedures *before* migrating systems.  The ESXi Firewall/Security Profile is configured differently - Only minimal allowances remain  vCenter Management, VUM, NTP Services - No need to add custom security settings  Customized Partitioning is no longer Available (or Necessary) - No Service Console or 3rd Party Agents simplifies the partitioning design iVision, Inc. Page 14
    15. 15. Real-World Observations  ESX Service Console Networking has been Eliminated - The vmk is used for management connectivity - No secondary Gateway IP Address option is available  Avoid “Hybrid” Clusters - Many VMware services can only be run on two hosts of the same type either both ESX or ESXi, not a mix  Fault Tolerance iVision, Inc. Page 15
    16. 16. So… Should I Migrate to ESXi Now? iVision, Inc. Page 16
    17. 17. Key Decision Points  Do you currently use 3rd Party Tools that require the Service Console?  Backup Agents  Hardware Monitoring Agents (DELL, HP)  Monitoring and Reporting Tools  Wait for ESXi Vendor Support or use Alternate Solution  VMware Data Recovery or Virtual Appliance –based Backup Agents  CIM Monitoring or Vendor Customized ESXi installations  vSphere Alarms or vCenter-based Monitoring iVision, Inc. Page 17
    18. 18. Key Decision Points  Do you currently run custom scripts or programs in the Service Console?  Health Checks  Scripted Configurations  Inventory Programs  Virtual Machine Automation  Re-work the Script to use a Remote Command Language  rCLI / VMA  PowerShell  Remotely executed Perl iVision, Inc. Page 18
    19. 19. Key Decision Points  Do you use non-standard drivers?  Be sure to verify support and ESXi compatibility   Do you generally configure an unusual security configuration?  Begin looking and asking about new ESXi-approved vendor solutions  Be sure to test ESXi functionality in a development environment iVision, Inc. Page 19
    20. 20. iVision, Inc. Page 20 Should I upgrade to vSphere 4.1 or wait until I am ready for ESXi? I don’t think I’m ready for ESXi yet…
    21. 21. vSphere 4.1  Reasons to Upgrade to vSphere 4.1 - The next version of vSphere (without the Service Console option) could be over a year away - Upgrades from 3.5 or 4.0 to vSphere 4.1 are not difficult, and new technologies can make migrations painless - The Benefits of vSphere outweigh the “Wait and See” Approach  Performance  Stability  vStorage APIs for better/faster backups  vShield APIs for better Antivirus and Security solutions  New Features: (Host Profiles, dvSwitches, Fault Tolerance iVision, Inc. Page 21
    22. 22. The Decision iVision, Inc. Page 22
    23. 23. Conclusions  Slight Differences and Advantages with ESXi - Security, Stability, Streamlined Installation - Reliability, Performance and Licensing are the same  Major Decision Factors - 3rd Party Vendor Support - Changes to System Management  Test Non-Standard Compatibility in a Development Environment iVision, Inc. Page 23 Not migrating to ESXi Should not delay you from upgrading to vSphere 4.1
    24. 24. Questions? iVision, Inc. Page 24
    25. 25. Upcoming ILTA Webinar Sessions Look Ahead for More Information: Migrating to ESXi – How To Strategies, Procedures, and Precautions Managing ESXi – The Missing Console Tools and Techniques for Managing and Trouble-shooting ESXi Early November Mid-November Contact Info: #cjanoch