VMware Cloud Community
cb122
Contributor
Contributor
‎06-03-2014 04:02 AM
Jump to solution

segregating VM's onto different hosts


I am releatively new to vmware but I am interested in fault tolerance design and what specific virtual servers you ensure are on different hosts. For example in small setups if you had 2 domain controllers on a single host then does that not constitute a single point of failure for AD services? Aside from DC's, what other specific types of servers/server roles do you ensure are on different hosts? Or with VMWARE HA do you not need to worry as much as if its joined to a cluster the VM's should be picked up by another host in the case of host failure, thus segregation isnt as much of a concern?

0 Kudos
1 Solution

Accepted Solutions
JPM300
Commander
Commander
‎06-03-2014 11:03 AM
Jump to solution

Hey cb122,


Welcome to the community and to Vmware,

Well first off HA is very different then FT.  HA looks at the hosts and makes sure that all your hosts in your clusters are running and your VM's are up and running.  If a host fails HA notices this and starts up all the VM's that was running on the failed host on another host in the cluster.  Your VM's will see this as an unexpected shutdown.  Although breif it can take a few mintues for all your VM's to boot again depending what was running on that failed host.

Fault Tolerance is essentially HA on stariods and what it does is eliminate that short outage or unexecpted shutdown on a host failure.  However this comes at a high cost, reduces abilties, has high number of requirements to work ect ect, look at FT documentaiton for more information.  FT's biggest draw back currently is your only allowed to have 1vCPU on a FT protected VM, which kind of shoots it in the foot as most systems that required such high availability require more vCPU's.   However how FT works in short is this:  You enable FT on a VM, it then creates a shadow copy of the VM and runs it on another host.  All changes to the VM are always synced lived with its shadow copy.  If a host fails that is running your VM, the shadow copy of the VM is then prompted to production and immedietly takes over all its functions, it then spawns off another shadow copy onto another host in the cluster to remain its protection.

To awenser your question every enviroment is different but for the most part a 3+ host Vmware cluster will protect you for most things, however in your case I would put a DRS rule in to split your 2 virtual DC's as if both are on one host and that host fails you will loose all AD and probably DNS as most people run these 2 services together.  This could be problmatic to your enviroment.

Aside from that I would just split any VM's that couldn't handle having them all go down at once if a host failure occurs.  A good example of this would be a web farm.  Say you have 4 IIS servers in a web farm, you wouldn't want to run all 4 on one host as if that host fails your website goes down for 2-4 minutes until those web servers could start up on a new host.  In which case you could create a DRS ruleset to keep 2 web servers on one host and 2 on another.

I hope this helps,

View solution in original post

0 Kudos
4 Replies
JPM300
Commander
Commander
‎06-03-2014 11:03 AM
Jump to solution

Hey cb122,


Welcome to the community and to Vmware,

Well first off HA is very different then FT.  HA looks at the hosts and makes sure that all your hosts in your clusters are running and your VM's are up and running.  If a host fails HA notices this and starts up all the VM's that was running on the failed host on another host in the cluster.  Your VM's will see this as an unexpected shutdown.  Although breif it can take a few mintues for all your VM's to boot again depending what was running on that failed host.

Fault Tolerance is essentially HA on stariods and what it does is eliminate that short outage or unexecpted shutdown on a host failure.  However this comes at a high cost, reduces abilties, has high number of requirements to work ect ect, look at FT documentaiton for more information.  FT's biggest draw back currently is your only allowed to have 1vCPU on a FT protected VM, which kind of shoots it in the foot as most systems that required such high availability require more vCPU's.   However how FT works in short is this:  You enable FT on a VM, it then creates a shadow copy of the VM and runs it on another host.  All changes to the VM are always synced lived with its shadow copy.  If a host fails that is running your VM, the shadow copy of the VM is then prompted to production and immedietly takes over all its functions, it then spawns off another shadow copy onto another host in the cluster to remain its protection.

To awenser your question every enviroment is different but for the most part a 3+ host Vmware cluster will protect you for most things, however in your case I would put a DRS rule in to split your 2 virtual DC's as if both are on one host and that host fails you will loose all AD and probably DNS as most people run these 2 services together.  This could be problmatic to your enviroment.

Aside from that I would just split any VM's that couldn't handle having them all go down at once if a host failure occurs.  A good example of this would be a web farm.  Say you have 4 IIS servers in a web farm, you wouldn't want to run all 4 on one host as if that host fails your website goes down for 2-4 minutes until those web servers could start up on a new host.  In which case you could create a DRS ruleset to keep 2 web servers on one host and 2 on another.

I hope this helps,

0 Kudos
vThinkBeyondVM
VMware Employee
VMware Employee
‎06-03-2014 11:35 AM
Jump to solution

These resources will clear your understanding on FT , HA and DRS from VMware perspective

VMware KB: VMware Fault Tolerance FAQ

VMware High Availability and Fault Tolerance FAQ

http://www.yellow-bricks.com/vmware-high-availability-deepdiv/

http://www.vmware.com/files/pdf/VMware-Distributed-Resource-Scheduler-DRS-DS-EN.pdf


----------------------------------------------------------------
Thanks & Regards
Vikas, VCP70, MCTS on AD, SCJP6.0, VCF, vSphere with Tanzu specialist.
https://vThinkBeyondVM.com/about
-----------------------------------------------------------------
Disclaimer: Any views or opinions expressed here are strictly my own. I am solely responsible for all content published here. Content published here is not read, reviewed or approved in advance by VMware and does not necessarily represent or reflect the views or opinions of VMware.

bayupw
Leadership
Leadership
‎06-03-2014 07:07 PM
Jump to solution

Hi

If you have 2 AD VMs, you can use VM-VM Affinity Rules - anti-affinity between those 2 VMs to keep them apart so that when a problem occurs with one host, you do not lose both virtual machines.

AntiAffinityADVM.png

The steps on how to create a VM-VM Affinity rule is described in the vSphere Documentation here:

- vSphere 5.5 Documentation Center - Create a VM-VM Affinity Rule in the vSphere Web Client

- VMware vSphere 5.1 - Create a VM-VM Affinity Rule

More about DRS Affinity Rules: vSphere 5.5 Documentation Center - Using DRS Affinity Rules

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
cb122
Contributor
Contributor
‎06-04-2014 01:46 AM
Jump to solution

Thanks all

0 Kudos