Isolated clusters for mission critical applications?

I’ve seen a theme at several customers who are virtualizing mission critical applications on vSphere: The isolated vSphere cluster used just for that application.  I’ve seen organizations do this many times when virtualizing Exchange 2010, often dedicating two or three vSphere hosts just for Exchange and related components (domain controller, virtual load balancer, etc).

There are several (understandable) reasons why organizations choose to go down this road.  The most common I’ve heard are:

1) “I don’t want my Exchange/SQL/SharePoint guys messing with the rest of the VMs on my production cluster(s).”

2) “I don’t want any other workload taking resources away from my Exchange/SQL/SharePoint VMs.”

I can see why folks make both of these arguments and can understand their logic.  Many vSphere admins live in the Hosts and Clusters view where they see all virtual machines rather than those organized into folders (where granular permissions can be set more easily).  And some are concerned that setting reservations on virtual machines to guarantee access to resources will have a negative impact on available slots in a cluster.

I don’t believe that either of these arguments are enough to require a dedicated vSphere cluster.  A few thoughts are below, starting with addressing the two most common reasons I listed above.

1) VMs can be grouped into application specific folders, and granular permissions can be set to only grant access to those folders or VMs.

2) Reservations aren’t a bad thing or something to be scared of, they just need to be factored into any design.  And using the “Percentage of Cluster Resources’” policy gets around worrying about individual slot sizes (though total resource assignments still need to be considered and calculated).

3) Fewer hosts in a cluster gives VMware features like DRS or HA fewer options when trying to initiate a failover or migrate virtual machines based on resource consumption.  If an application is truly mission critical, I’d rather have more options to optimize availability and performance rather than fewer.

4) Let’s be honest – vSphere isn’t free or cheap, so dedicating hosts to a specific application is likely to result in heavily underutilized hosts and higher costs.  Aren’t underutilized servers and cost reduction some of the reasons why we got into this virtualization business in the first place?  If you made dedicated clusters for all of your mission critical applications you would end up with application silos that greatly reduce the efficiency of virtualization.

At the end of the day a design decision like this should always come down to the requirements.  There may be very valid requirements, like compliance, security, or extremely large applications that make an isolated vSphere cluster a necessity.  Assuming those requirements are not necessary in your environment I would strongly consider whether there is really a reason to use a dedicated cluster for your mission critical applications.

If you agree/disagree/think I’m crazy –  feel free to let me know in the comments..

Share This:

One thought on “Isolated clusters for mission critical applications?

  1. I agree with you on this point, Matt. In most cases, creating a virtualization silo seems to go against the grain of virtualization and may simply be a way to “feel safe” at the end of the day. A combination of reservations, affinity rules, and admission control can be used to accomplish the goals of shared mission critical workloads on a cluster (which I use in production even now). One counterpoint would be a management cluster, which seems to be gaining ground in multi-tenant situations where the controlling nerve center of the environment is sectioned off to prevent wide spread impact on the datacenter (especially when vCenter / SQL are VMs).

Leave a Reply to Chris Wahl Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.