Hyper-V Cluster HA VM Memory Allocation and SCVMM or: How Not to be Overcommitted

By Richard Raseley on February 22, 2011

Overview

A few weeks ago I wrote an article detailing the logic that should be applied when assigning processors to virtual machines in a Hyper-V environment, Today I would like to talk about the other side of the resource allocation “coin” – virtual memory allocation.

This article will focus on how System Center Virtual Machine Manager determines if your cluster is overcommitted and what guidelines to follow to ensure that you remain in a non-overcommitted state.

Determining Your State

System Center Virtual Machine Manager will automatically determine whether or not you are in an overcommitted or non-overcommitted state based on several pieces of information. Firstly, in the properties of your cluster in SCVMM you will set the “cluster reserve” which is the number of nodes that you want to be able to survive the loss of. Secondly, SCVMM will look at each VM that is configured to be highly available in the cluster and find the HA VM that has the highest allocation of RAM – this amount of RAM will now be considered the cluster’s standard “slot”.

Once this information is gathered, SCVMM figures out how many “slots” of the specified size exist in the cluster. It then groups all running HA VMs together to fill these slots (e.g. if the slot size is 8GB then two HA VMs with 4GB of allocated RAM will constitute one slot) to come up with a “used slot” value. Next it looks at the host (or hosts depending on your cluster reserve number) in the cluster that have the most physical memory and determines how many slots it contains. Finally, if the number of free slots in the remaining cluster nodes are calculated – if they are equal to or greater than the number of slots required to meet your cluster reserve number then the cluster is not in an overcommitted state and you are protected against hardware failure (up to the number of nodes set in your cluster reserve value).

Conclusions

The memory commitment state of your cluster is something that should be monitored constantly in order to make sure that you have the appropriate resources in place to sustain unforeseen hardware failures. With the proper planning and use of tools like SCVMM you can rest assured that your organizations services (and your sanity) are well protected.

Additional Information

The SCVMM blog has an excellent article talking about this exact subject that goes into slightly more detail as to the exact formulas being used and provides some excellent examples to help wrap our heads around the concept.

http://blogs.technet.com/b/scvmm/archive/2010/11/17/how-to-determine-if-a-cluster-is-over-committed-in-system-center-virtual-machine-manager-2008.aspx

Tags:
Comments (0) Kick it! DZone it! del.icio.us Permalink Post RSS

Hyper-V Virtual Processor Allocation or: How I Learned to Stop Worrying and Love the Host

By Richard Raseley on January 21, 2011

Overview

Proper guidelines for allocating processor cores to virtual machines in Hyper-V have been something that there seems to be a lot of questions out there on. There is conflicting information and seemingly little documentation to point us in the right direction. For example purposes I will write this article from the perspective of having a 3 node Hyper-V cluster with System Center Virtual Machine Manager in place to manage it all.

Host Cores

Each host has a finite and predetermined number of CPU cores available to it. This number depends on what type of processor is installed in the host, how many processors are installed on the host, and if those processors support hyper threading. Each of the Hyper-V servers that I will use as an example throughout will have 64 cores – 4 Intel Xeon X7550 2GHz processors each with 8 cores that support hyper threading (4*8*2 = 64).

Guest Cores

Each guest virtual machine can be assigned up to 4 virtual processors. This number determines the number of processors presented to the guest operating system. The speed of the virtual processors presented to the guest is always going to be the same as the speed of the processors in the host machine. In our environment this would mean that each virtual processor presented to a guest would have a speed of 2 GHz.

Overprovisioning Paranoia

One of the most common concerns with assigning the maximum number of cores to each guest (one that I have shared up until now) was overprovisioning of virtual processors vs. physical cores. The reasoning was that if you had X physical cores, but assigned X+1 (2, 3, etc.) virtual processors to guest machines that you could end up with a situation whereby there were more requests for processing power than could be handled by the physical host – potentially starving other VMs and / or the host machine itself of processing power.

This reasoning has proven to be incorrect for the reasons I will outline below.

There is not (nor has there ever been) a 1:1 relationship between virtual processors and cores on the host operating system. Each virtual processor simply represents a *potential* thread to be processed by the host machine’s cores. When a request for a thread is presented by an application, service, etc. to a guest machine, that is passed via the hypervisor to the parent partition for processing. The parent partition views this thread no differently than any other thread that would be sent by an application and it fulfills it as appropriate resources are available.

Based upon what I have laid out so far, you could still potentially run into a situation where heavy guest loads jeopardize the processing capability of other guest machines located on the same host and possibly the host itself – but this is not so! The guest processing requests will get queued as they come in and executed in order, so one machine cannot saturate a single (or multiple) cores with a constant stream of requests. In addition to this each cluster node has a setting that is controlled via System Center Virtual Machine Manager that reserves a set amount of processor time for the host machine itself which gives it priority when it otherwise might have to queue up its requests to the cores. The default is set at 20% of processor time, which is perhaps even a little too high depending on who you talk to.

System Center Virtual Machine Manager Processor Type Settings

To throw another variable in the mix, System Center Virtual Machine Manager has a setting under each virtual machine for selecting the “type” of virtual processor you want to give the machine (1.2GHz Athlon, 2.4GHz Xeon, etc.) – this setting (for all intents and purposes) is absolutely meaningless. All it does is allows you to set what your expected “performance level” is for the VM. It uses that along with the information about the performance of the host and other information to determine placement ratings (those little stars you see when selecting which host to place the VM on).

Conclusions and Recommendations

Based upon this information, and taking into account recommendations from a highly experienced technical professional that I have the pleasure of working with on how they configure their virtual machines & Hyper-V hosts, my recommendations are as follows:

1. Assign each VM 4 virtual processors of the default type (Athlon 1.2GHz MP in the current version of SCVMM), allowing it to execute the maximum number of simultaneous threads.
2. Reduce the reserved percentage of CPU time for the host from 20% to 10%.
3. Relax.

I hope this information proves valuable to all those out there that were struggling with the same concepts as me!

 

Tags: , , , , , ,
Comments (0) Kick it! DZone it! del.icio.us Permalink Post RSS

Publishing SharePoint 2010 through Forefront Unified Access Gateway 2010

By Richard Raseley on August 03, 2010

Introduction

Forefront Unified Access Gateway 2010, formerly known as Intelligent Application Gateway, is Microsoft’s current generation solution for providing remote access to internal resources.

One of the exciting features in UAG is the ability to publish internal web applications through a secure portal. This allows you to control who has access to what applications and enforce certain security requirements on computer / device that the user is accessing the site from.

Pre-Configuration Tasks

Before you begin the publishing tasks you will have to decide on the namespace you want to use and procure the certificates to match the space. In our example we will be using the address portal.domain.com to publish the UAG portal site.

Keep in mind that when publishing applications via this portal site, all applications will require an address that exists under the top level portal address. For example, when publishing a SharePoint site, you will have to assign it an address like sharepoint.portal.domain.com.

In addition to the DNS entries that must be created to facilitate the solution (portal.domain.com and sharepoint.portal.domain.com in our example), a certificate must be created that will cover the portal and all the sites underneath it. The best option in this situation would be to obtain a wildcard certificate that covered the portal.domain.com site and all sites underneath it. You could also obtain (or create) a certificate that covered the portal.domain.com site and also contained all the application sites you wish to create as Subject Alternate Names.

Creating SSL Trunk

To create the portal trunk that we will use to publish applications, first open up the Forefront Unified Access Gateway Management Console. In the left pane, right click on HTTPS Connections and choose New Trunk. Please note that we will be accepting defaults for most of the configurable options in this section.

In the Welcome to the Create Trunk Wizard screen, click next. In the Select Trunk Type screen, ensure Portal Trunk is selected and click next. In the Setting the Trunk screen enter the Trunk Name (just a friendly name which the trunk will go by), the Public Host Name (which is the external URL that the trunk will be accessed from – portal.domain.com in our example), ensure the proper IP address and ports are selected, and click next. In the Authentication screen, click the Add button and select one of your Domain Controllers to use for authentication of users, and click next. In the Certificate screen, select the certificate that you have procured in the previous step and click next. In the Endpoint Security screen, click next. In the Endpoint Policies screen, click next. In the Completing the Create Trunk Screen, click finish.

Your portal has now been created with default options! At this point, please use an external connection to navigate to https://portal.domain.com and view the result.

Publishing SharePoint Application

To publish the SharePoint web application, first open up the Forefront Unified Access Gateway Management Console. In the left pane, expand HTTPS Connections, right click on the Trunk you created in the previous section, and click Add Application. Please note that we will be accepting defaults for most of the configurable options in this section.

In the Welcome screen, click next. In the Select Application screen, fill the radio button next to Web and choose Microsoft SharePoint Server 2010 from the Web drop down list. In the Configure Application screen, enter the Application Name (just a friendly name which the application will go by) and click next. In the Select Endpoint Policies screen, click next. In the Deploying an Application screen, ensure the Configure an Application Server radio button is filled and click next.

In the Web Servers screen, double click in the blank space to the right of Addresses and enter the URL (excluding the HTTP/S://) that you use to access your SharePoint 2010 site internally, in the Public Host Name field enter the DNS name you have given the site (in our example you would enter “sharepoint.portal”), fill the checkbox next to Replace the Host Header with the Following and in the associated box type the URL that you use to access your SharePoint 2010 site internally, and click next.

In the Authentication screen, click Add and add at least one Domain Controller that users will authenticate against, then click next. In the Portal Link screen, click next. In the Authorization screen, click next. In the Completing the Add Application Wizard, click next.

Conclusion

When properly configured, Forefront Unified Access Gateway 2010 is a powerful tool for providing remote access to your internal web applications (and many more internal resources). In my example I accepted mostly default settings, however there are many powerful options available to help you control access, security, and endpoint compliance.

Tags:
Comments (0) Kick it! DZone it! del.icio.us Permalink Post RSS

System Center Operations Manager: Service Level Dashboard

By Richard Raseley on May 24, 2010
Last week Windows IT Pro published an article, authored by myself, which walks you through the process of installing and configuring the Service Level Dashboard for System Center Operations Manager (SCOM).

The Service Level Dashboard is a SharePoint based add-in for SCOM which allows decision makers and technical personnel the ability to get an “at a glance” overview of the health of an organization by providing visual representations of Service Level Objectives (SLOs) that have been configured on the SCOM server (server uptime, free disk space, processor utilization, etc.).

I would encourage anyone with an interest in having better visibility of their systems’ performance head on over and take a look.

Link: http://www.windowsitpro.com/article/system-center/The-SCOM-Service-Level-Dashboard.aspx
Tags: , ,
Comments (0) Kick it! DZone it! del.icio.us Permalink Post RSS

Programmatically Creating List Items In SharePoint With C#

By Richard Raseley on April 19, 2010

Microsoft’s SharePoint product is an incredible tool for collaboration between not only individuals and groups within the enterprise, but for sharing information between organizations. SharePoint’s interface for data entry is mature and robust enough to support most situations, but what happens when we want to interact with data programmatically from a custom application or add-in?

We are going to explore that situation in this article by describing the methods by which SharePoint 2003 and 2007 list items can be created programmatically.

All SharePoint interaction that doesn’t take place via the native GUI is done through something called SharePoint Web Services. SharePoint Web Services is a collection of ASMX files that allows us to create and manipulate SharePoint data by posting specifically formed XML data to them. In order to create and manipulate the list data for our example we will be posting data to the lists.asmx file which can be found in the “_vti_bin” folder under the root of the site which contains the list (i.e. http://intranet/_vti_bin/lists.asmx).

In addition to the address of the lists.asmx file, we will need to find the Global Unique Identifier (GUID) associated with both the specific list and view that we want to query and post to. Luckily we can take the guess work out of this by using a tool that was created by an MSDN blogger named “Ronaldus” (http://blogs.msdn.com/ronalus/archive/2007/09/08/a-little-guid-picker.aspx). Please note that I have used this program successfully in the past, but your mileage may vary.

Once we have determined the list GUID, view GUID, and lists.asmx location that we are going to be working with we are going to store those items into strings to be called later.

Set Variables For Code

string paramListGUID = "{A1A1A1A1-B2B2-C3C3-D4D4-E5E5E5E5E5E5}";

string pramListServicesLocation = "http://intranet/_vti_bin/lists.asmx";

string paramListViewGUID = "{ A1A1A1A1-B2B2-C3C3-D4D4-E5E5E5E5E5E5}";

 

We are then going to create a new list object, set the credentials to be used to access the web services (we will be passing through the user’s Windows credentials to the SharePoint site in our example), and set the URL of the service to be accessed.

// Create New List Object

List1.SharePointLists.Lists List1 = new List1.SharePointLists.Lists();

 

// Set Credentials for New List Object

List1.Credentials = System.Net.CredentialCache.DefaultCredentials;

 

// Set Site Lists.asmx URL

List1ServicesUrl.Url = paramListServicesLocation;

 

We are then going to create the XML structure that will be posted to the web services to create our lists item. In this example I have defined at the code level what values will be entered into each field, but in most situations these values would generated in some other part of the code. For example, if you were taking data from an InfoPath form, you would use the “XPathNavigator” to pull data from the xpath of the specific values you want, then store that data into strings, and call those strings in the appropriate place. The value for the “ID” field will always be blank, because SharePoint will automatically generate a GUID that will be assigned to each list item.

// Create XML Structure for New List Object

XmlDocument List1XmlObject = new XmlDocument();

 

XmlElement List1XmlObjectBatch = List1XmlObject.CreateElement("Batch");

List1XmlObject.SetAttribute("OnError", "Continue");

List1XmlObject.SetAttribute("ListVersion", "1");

List1XmlObject.SetAttribute("ViewName", varParamListViewGUID);

List1XmlObject.InnerXml = "<Method ID='1' Cmd='New'>" + "<Field Name='ID'></Field>" + "<Field Name='Title'>" + “Text For Title” + "</Field>" + "<Field Name='Field1'>" + “Text For Field 1” + "</Field> + "<Field Name='Field 2'>" + “Text For Field 2” + "</Field></Method>";

 

Then finally we “pull the trigger” on the entire operation by calling the “UpdateListItems” command.

// Update SharePoint List with Newly Created Item

List1.UpdateListItems(paramListGUID, List1XmlObject);

 

You should now have a brand new list item in the list that you specified (via the GUID).

Tags: , , , , ,
Comments (0) Kick it! DZone it! del.icio.us Permalink Post RSS