Archive for the ‘Diagrams’ Category

VMworld Follow Up

Monday, September 14th, 2009

After the VMworld presentation a few people asked me some questions and I wanted to address one of those now. The question was by an admin that doesn’t have the funding or extra hardware to setup a separate test network, but because he’s a good admin he still wants to do testing. So how does he accomplish this?

I came up with five potential solutions varying in cost and complexity to implement.

Option 1 –

The first option is one he said he didn’t have, but I wanted to mention anyway, and that is to dig up a piece of hardware and build a separate test environment. 🙂 A possible environment could be a server you recently did a P2V conversion on and you could combine this with the free version of ESXi for an inexpensive solution.

Pros of this solution are having a separate environment so that a single small mistake of misconfiguring the network on the VM or physical switch will not cause conflicts. This is especially important when you are testing something as critical as an Active Directory upgrade which this admin wanted to do. Another pro is that you can keep the same VM name as production during testing to limit other errors.

Cons of this solution are the cost and complexity of setting up and maintaining this separate environment. The cons can be limited and I encourage you to try and create a separate test environment.

For those that still feel they cannot have this separate environment I created a visio diagram to give a visual aid for the next four options.

Private VM Setup

Option 2 –

The next best thing to the fully isolated test network is to use a dedicated vswitch with dedicated vmnics connected to a separate isolated physical switch (recommend non routed switch). This will definitely keep your test traffic isolated from your production traffic and somewhat limits you exposure to human errors (on the physical switch side).

Pros – can VMotion between hosts, communicate VM to VM, no advanced trunking or vlan tagging
Cons – A misconfiguration could put the test VM on the production network

Option 3 –

Use a dedicated vswitch with dedicated vmnics to a separate vlan on the same physical switch as production (recommend use a non routed vlan)

Pros – Can VMotion between hosts, communicate VM to VM, doesn’t require dedicated physical switches

Cons – shared production and test equipment, requires dedicated physical NICs, and a misconfiguration could put the test VM on the production network

Option 4 –

use a trunk on the same vmnics as production, but use a separate vlan for test (recommend non routed vlan)

Pros – Can VMotion between hosts, communicate VM to VM, requires least amount of equipment
Cons – Most complex design, have to use VLAN tagging, trunk to vSwitch, a misconfiguration a multiple locations could put the test VM on the production network

Option 5 –

use an isolated vSwitch on one host (vswitch with no attached VMnics)
Pros – VMs isolated from everything
Cons – VMs have to be on same host, no vmotion, drs, or communication between test VMs on different ESX hosts, a misconfiguration could put the test VM on the production network

Hopefully this helps. Any comments are welcome.

Private VM Setup