Monday, June 29, 2009

Virtualizing Exchange

I am on vacation these two weeks so here is a guest Blog Post:

Tom Raisbeck
VP Professional Service
Nortec

I often get asked about virtualizing Exchange on Hyper-V or VMware? Some people think it is a bad idea to virtualize Exchange under all circumstances - this is not true! You get many advantages from virtualizing Exchange if you spec it out right. However, no matter if you spec it out perfectly or not, there is the question of whether Microsofft will support your build. Here are some tips to keep Microsoft support:

1. Exchange 2007 is supported on 64-bit hypervisors or kernels only. 32-bit is not supported. VMware 3.x is 32-bit and although Microsoft has not said they will not support this it does seem they moved the goal posts.
2. Dynamic disks are not supported.
3. Differencing disks are not supported.
4. Snapshots are not supported.
5. Exchange 2007 SP1 or better is supported on Hyper-V.
6. Exchange 2003 SP2 or better is only supported on Windows Virtual Server 2005 R2.
7. More than two virtual processors per physical core is not supported
8. Unified Messaging role is not supported
9. Storage must be fixed, pass-through SCSI, or iSCSI. Set up all advanced packet management at the host level.
10. Hardware-based VSS or VDS not supported
11. 2040GB limit for the VHD file.

Wednesday, June 17, 2009

Quote from IT Savvy by R. Weil and J. W. Ross

I am reading IT Savvy and so far it is pretty good! I came across a quote I liked regarding typical solutions when management is not pleased with their technology:

Fire the the CIO. If the firm just needs someone to blame, management may be inclined to bring in a new face. As with any senior management position, it's possible that a firm has an ineffective CIO, but it's often the case that the rest of the management team hasn't embraced its responsibilities to define and implement effective business processes. Blaming the CIO may simply be one way for business leaders to abdicate accountability for IT.
- Peter Weill and Jeanne W. Ross

The entire management team needs to share in the responsibility of having technology integrated with business processes. This concept reinforces the need for communication, alignment and having an IT Plan!

Tuesday, June 16, 2009

What is a business looking for from information Technology?

I read many articles on alignment of information technology (IT) and priorities so it made me think about what a business is looking for from IT. The answer of course is that it depends on the kind of business so I will focus here on the professional information worker business with half mobile professionals and half in office staff roles.

Here is my List of 6 High Priority Business IT Needs:

1. Most important the technology systems must be stable and up 99.999% or something close to that – Really 101 stuff here!

2. Today more than ever the systems must accommodate mobility of the work force on the road and the transition in and out of the office.

3. Employees need to have freedom to use technology – Old school restrictive strategies are just that. The lines blurred between work time and personal time so the employee needs access to business and personal technical resources.

3. Resourcefulness – IT Budgets are being cut so must do more with less!

4. Security of information

5. Information library and collaboration tools

6. Everything paperless – No paper forums to fill out.

Of course businesses also need the key aplications like office suite, email and ERP/accounting system.

Monday, June 15, 2009

Virtualization Mistakes to Avoid

1. Do not cowboy virtualization – Capacity planning and architecture is extremely important when implementing a virtual infrastructure

2. Do not put VM or Virtualization anywhere in the name of your virtual machines.

3. Keep people from launching too many virtual servers – When you can deploy a virtual server in 10 minutes it is easy to get out of control – Chasing a monster!

4. Do not try to use old methods of disaster recovery in virtualized infrastructure - create a fresh architecture for your virtualized infrastructure.

5. When planning disaster recovery solution think broad overall solution and not point solutions – DR solutions are almost always too narrow!

6. Think about fail over and also fail back – Plan how you will restore to your original system and make it a manual process.

Also see previous virtualization mistakes to avoid in post on May 27:
http://andrewgrose.blogspot.com/2009_05_01_archive.html

Friday, June 12, 2009

“Do You Think Strategically about Technology?” - Jim Balsillie

I have been working with our Senior Consultants to work on providing Information Technology (IT) Strategic Plans for our clients. This is a challenge for two reasons:

1. Strategic plan sounds really grandiose, complex, time consuming and expensive.

2. IT is very broad so individuals gravitate to their area of expertise and the plan becomes narrow and tactical.

I was on a Global Conference call yesterday with guest speaker Jim Balsillie, Co-CEO of Research in Motion (RIM) the developer of the Blackberry and he reinforced this need and asked “Do you think strategically about technology?” Jim believes that it is rare that a CEO thinks strategically about technology and that absent a strategic mandate from senior leadership nothing really happens – the result is we go in and cut IT spending 5% or something like that!

So make the decision that you need an IT Strategic Plan, keep it broad without getting to deep into the weeds of what exact technology you will use and keep it short. The IT Plan may just be two or three pages. What do you want technology to do for your business and what will it look like when you are done in two or three years. Finally if the word strategic gives you too much hartburn just call it your IT Plan!

Here is the article I wrote on April 29 on writing an IT Strategic Plan:

http://andrewgrose.blogspot.com/2009_04_01_archive.html

Wednesday, June 10, 2009

SCVMM 2008 R2 RC Public Release Available Now

Microsoft released System Center Virtual Machine Manager (SCVMM) R2 and is now available for public testing:

http://blogs.technet.com/scvmm/archive/2009/06/06/scvmm-2008-r2-rc-public-release-available-now.aspx

System Center Virtual Machine Manager 2008 (VMM) is a comprehensive management solution for the virtualized data center, enabling increased physical server utilization, centralized management of virtual machine infrastructure, and rapid provisioning of new virtual machines by the administrator, delegated administrator, and authorized end users. VMM 2008 can manage hosts that are running Windows Server 2008 with Hyper-V, Virtual Server 2005 R2, and VMware ESX through VirtualCenter Server.

Recently, Windows Server 2008 released an R2 version that included significant feature improvements to Hyper-V. VMM 2008 R2 leverages these new platform enhancements and extends the feature set of VMM 2008. This topic provides an overview of the new features that are included in VMM 2008 R2.

Windows Server 2008 R2 Hyper-V Host Management

With VMM 2008 R2, you can create and manage virtual machines running on Windows Server 2008 R2 Hyper-V hosts. When you add a host that is running Windows Server 2008 R2 and that does not have Hyper-V enabled, VMM 2008 R2 automatically enables the Hyper-V role on the host.

VMM 2008 R2 supports the following new features of Windows Server 2008 R2:
Live migration between Windows Server 2008 R2 clustered hosts. With live migration, you can migrate a virtual machine from one node of a Windows Server 2008 R2 failover cluster to another node in the same cluster without any downtime. Because the virtual machine does not experience any downtime, the move is completely transparent to the users that are connected to the virtual machine.

Network optimization detection during virtual machine placement. VMM 2008 R2 supports both Virtual Machine Queue (VMQ) and TCP Chimney, which are Windows Server 2008 R2 features that improve network performance for virtual machines.

Network adapters that support the VMQ feature are able to create a unique network queue for each virtual network adapter and then connect that queue directly to the virtual machine’s memory. This connection routes packets directly from the hypervisor to the virtual machine, bypassing much of the processing in the virtualization stack.

Network adapters that support the TCP Chimney feature are able to offload the processing of network traffic from the networking stack. Both of these features increase network performance and reduce CPU utilization.

Hot addition and removal of virtual hard disks (VHDs). In Windows Server 2008 R2, Hyper-V allows users to add and remove VHDs from a virtual machine while it is running.
Enhanced Support for Shared Storage and SAN Transfers
VMM 2008 R2 provides the following enhancements:

Clustered Shared Volume (CSV) Support

VMM 2008 R2 supports the Windows Server 2008 R2 clustered shared volume (CSV) feature. CSV enables all hosts on a Windows Server 2008 R2 failover cluster to concurrently access virtual machine files on a single shared logical unit number (LUN). Because all nodes on the cluster can access a single shared LUN, virtual machines have complete transparency with respect to which nodes actually own a LUN. This enables live migration of virtual machines within the cluster because all nodes in the cluster can access any LUN.
Support for Sanbolic Clustered File System

VMM 2008 R2 supports the Sanbolic Clustered File System (CFS), a third-party shared volume solution for quick migration on hosts running Windows Server 2008 with Hyper-V, and live migration on hosts running Windows Server 2008 R2 with Hyper-V.
Support for Veritas Storage Foundation for Windows

VMM 2008 R2 supports Veritas Storage Foundation 5.1 for Windows (SFW), an online storage management solution for creating virtual storage devices from physical disks and arrays. Volumes created as part of a cluster resource group by using SFW are detected by VMM 2008 R2 and can be selected during virtual machine placement or migration. An SFW volume is limited to one virtual machine.

SAN Migration into and out of Clustered Hosts

VMM 2008 R2 supports the use of SAN transfers to migrate virtual machines and highly available virtual machines into and out of a cluster. When you migrate a virtual machine into a cluster by using a SAN transfer, VMM checks all nodes in the cluster to ensure that each node can see the LUN and automatically creates a cluster disk resource for the LUN. Even though VMM automatically configures the cluster disk resource, it does not validate it. You must use the Validate a Configuration Wizard in Failover Cluster Management to validate the newly created cluster disk resource. To migrate a virtual machine out of a cluster, the virtual machine must be on a dedicated LUN that is not using CSV.
Expanded Support for iSCSI SANs

VMM 2008 supports SAN transfers of virtual machines that use initiator-based iSCSI target connections, which requires one iSCSI target for every LUN. VMM 2008 R2 adds support for LUN masking, which allows multiple LUNs per iSCSI target and expands VMM support for iSCSI SAN vendors.

Quick Storage Migration

For a Windows Server 2008 R2 host or a Storage VMotion-capable host, you can migrate a running virtual machine’s files to a different storage location on the same host with minimal or no service outage. If you use a wizard to migrate a virtual machine to a host that is running Windows Server 2008 R2 and you use a network transfer, VMM 2008 R2 now gives you the option to specify separate storage locations for each virtual hard disk (.vhd) file for the virtual machine.

Maintenance Mode for Hosts

In VMM 2008 R2, you can start maintenance mode for a Windows-based host anytime you need to perform maintenance tasks on the host, such as applying updates or replacing a physical component.

When you start maintenance mode on a host in a Windows Server 2008 R2 cluster with highly available virtual machines, you can do one of the following:
If the option is available, use live migration to evacuate all virtual machines to other hosts on the same cluster. If the migration fails for any virtual machine on the host, maintenance mode is not started on that host and VMM does not migrate back the virtual machines that have already migrated.

Place all virtual machines on the host into a saved state.
When you start maintenance mode on a stand-alone Windows-based host, on a host in a Windows Server 2008 cluster, or on a Windows Server 2008 R2 host that has any non-highly available virtual machines, VMM automatically places all virtual machines into a saved state.

Important

When VMM places virtual machines into a saved state, any users of the virtual machines will experience a loss of service.

When you start maintenance mode on any host, VMM automatically does the following:
Blocks virtual machine creation operations on the host.
Excludes the host from the host ratings during placement.

Displays a host status of In Maintenance Mode in Host view of the VMM Administrator Console.
When you stop maintenance mode on a host, VMM allows virtual machine creation operations on the host, includes the host in the host ratings during placement, and displays a host status of OK in Host view of the VMM Administrator Console. However, VMM does not automatically do a live migration to move highly available virtual machines back onto the host in a Windows Server 2008 R2 cluster, and it does not restart any of the virtual machines on the host.
To start or stop maintenance mode, in Host view of the VMM Administrator Console, right-click a host, and then click the appropriate command.

Support for VMware Port Groups for Virtual Switches

VMM uses the network location and tag specified for the virtual network adapter in the hardware configuration to determine the network availability of a virtual machine on a host. In VMM 2008 R2, if you are deploying the virtual machine to a VMware ESX Server host, you can select from the VMware port groups that are available for virtual switches.
Support for Virtual Machine Permissions Assigned in Hyper-V

In VMM 2008 R2, VMM preserves changes made to role definitions or role memberships in the root scope of the Hyper-V authorization store. All changes to any other scope are overwritten every half hour by the VMM user role refresher. This differs from user role processing in VMM 2008. In VMM 2008, VMM determines access to virtual machines, hosts, and resources based solely on the rights and permissions associated with VMM user roles. VMM 2008 does not make any changes to Hyper-V role definitions and role memberships; it simply ignores the Hyper-V authorization store while the hosts and virtual machines are under its management.
For more information about user roles and scopes, see
Role-Based Security in VMM (http://go.microsoft.com/fwlink/?LinkId=119337).

Source: Microsoft



Wednesday, June 03, 2009

Microsoft Sets Date for Windows 7: October 22

Microsoft set the date for general public release of Windows 7 today - October 22, 2009. Microsoft will offer an upgrade plan for individuals purchasing computers before the release – details will be coming soon.

“Our milestone-to-milestone approach for Windows 7 is built on a great deal of feedback from customers and testers. This has been pivotal to the development of Windows 7. Since then, we’ve made enough progress to feel really good about announcing today that Windows 7 will be in stores beginning 22 October.”
- Brandon LeBlanc, Microsoft Windows 7 Team

Windows 7 looks good from the reviews I have read – here are key features:

Faster, more responsive performance
Improved taskbar and full-screen previews
Jump Lists
New ways to work with Windows

For more details on Windows 7 see my earlier Blog Post on May 1st:
http://andrewgrose.blogspot.com/2009_05_01_archive.html

Tuesday, June 02, 2009

Microsoft Windows New Threat

Time to update your Windows XP, Windows 2003 Server and older Windows versions - Here is the Security bullitin from Microsoft:

Microsoft Security Advisory (971778)
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
Published: May 28, 2009


Version: 1.0

Microsoft is investigating new public reports of a new vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted QuickTime media file. Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable. Microsoft has activated its Software Security Incident Response Process (SSIRP) and is continuing to investigate this issue.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

We are actively working with partners in our
Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.
Mitigating Factors:

In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to convince them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. After they click the link, they would be prompted to perform several actions. An attack could only occur after they performed these actions.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

All versions of Windows Vista and Windows Server 2008 are not affected by this issue.


Link to fix issue:
http://support.microsoft.com/kb/971778

Monday, June 01, 2009

Billion Dollar Lesson by Paul Carroll and Chunka Mui

I have been reading Billion Dollar Lessons and it is a great book! It is interesting to read the details of so many companies that make what appear in many cases very obvious blunders. It is also surprising just how many companies with deep resources have failed. So what key concepts can be gained by reading about these failures? Here are the four concepts that resonated with me:

1. Wayne Gretsky Rule: Go where the puck is going not where it is. Invest today for where the business and technology will be next year or three years from now. This is extremely important in technology because by the time a solution or practice is developed the market place will have changed so much. Examples of this are video, cameras and cellular business.

2. Constantly be revisiting your strategic business plan. In just about every case of business failure it is the plan! No matter how well the management executes on the plan the business will fail if the plan is severely flawed.

3. When your business is declining because of a shift in the marketplace, it is very difficult to change your entire business. When deciding what new business to invest in be clear on what the true experience and skills of your organization are and how you can leverage those in the new market that you plan to pursue.

4. Acquisition and consolidation strategies are very difficult to execute on for five main reasons:

a. The acquired business culture is usually very different and therefore the employees do not assimilate and actually, in some cases, employees have gone as far as doing harm to the new organization.

b. Economies of scale rarely materialize

c. When companies suddenly increase by 50% - 100% their systems and process usually are not able to scale fast enough and often lead to massive losses

d. Usually an acquisition leads businesses into new markets that the current management team does not have the necessary experience

e. Acquiring businesses usually requires more leverage and this puts the business at a greater risk

These are the key concepts I gained and at the end of the day the book reminded me how fragile businesses big and small are and how important it is to have a solid business plan.