Standardize new virtual machine provisioning with templates
Bothered by SLOW Web UI to manage vSphere? Want to manage ALL your VMware vCenters, AWS, Azure, Openstack, container behind a SINGLE pane of glass? Want to search, analyze, report, visualize VMs, hosts, networks, datastores, events as easily as Google the Web? Find out more about vSearch 3.0: the search engine for all your private and public clouds.
It’s been a pain to create new virtual machines with the right software installed and configured properly. You can always use tools like KickStart to automatically install the operating system and then install other software as needed. But configuring such an environment is not trivial, and it takes a long time from start to finish.
With the rise of virtualization, more virtual machines are provisioned (and decommissioned) than ever before. Installing each new virtual machine from scratch is not the ideal solution.
While virtualization highlights the provisioning problem, it also offers an easy solution. It’s called a virtual machine template. You can pick and configure every piece of software you will need into a template, and clone it to new instances whenever needed. It’s not only easier but also much faster.
With this approach, the challenge now becomes how you can customize the cloned virtual machine – you don’t want to have a new template for every possible minor virtual machine variation. These variations could be settings like IP address, virtual devices, memory, disk spaces, and so on. These are common changes you would like to see, but it all depends on the capabilities of the underlying hypervisors. Different hypervisors’ features may vary, but not by much on basics.
Things get complicated when:
1. You have a dramatically different set of software that cannot easily be captured with a single template. You can always have a “one-for-all” template that includes the superset of software. It definitely eases the management. The downside is that it requires extra disk spaces, and more importantly, the extra software may expose vulnerabilities you otherwise don’t have to worry about.
2. You have to upgrade and patch software. For each patch/upgrade you will have a new template, which is good for operations if you always clone from the latest templates. It may mean you have to test and certify all of your applications with the new patch/upgrade. If you decide to support older versions of the software mixture, you will have many more templates to manage as well as more disk spaces.
In general, disk space is not a big concern given the advances of storage technologies like de-duplication that can save a lot when the templates are mostly the same. Still, that drains more money from your budget.
While designing the templates that change frequently, you want to consider hierarchical structure. At the root, you can have a template with the common set of software. Under the root template, you can have a delta template with extra software. When extracted from the template repository, the delta template is combined with the root as the final template. It’s very much like in OO hierarchy where a child type inherits the parent type.
The hierarchy is not limited to two layers and you can extend it to multiple layers in accordance with your software hierarchy. You’ll need a detailed analysis of your software to do this of course.
Although you can install everything manually, it’s highly recommended that you automate the process with shell scripts or other configuration tools like Puppet or Chef. These tools help repeat the process easily whenever needed, but also help you avoid mistakes even when you use the template only once. Configuration tools are complimentary with the template with extra features like continuous configuration compliance checking and enforcement.
The script can also serve as metadata for the template that explains what gets in and what does not. You don’t want to examine the disk image to find out what’s included in the template.
Creating templates has many benefits as discussed above. It also creates management burden – You now have one more thing to manage! It’s not only about storing the templates, but also designing for efficiency, and managing their lifecycles.
VMware vSphere has virtual machine templates that can be provisioned to new VM instances with a fair amount of customization not only for Linux but also for Windows. Amazon EC2, which is based on XEN, has a similar template called AMI (Amazon Machine Image) from which new virtual machines can be deployed. To standardize the VM template, DMTF has released OVF standard which has been widely adopted.
VM Factory: create new instances based on VM templates.