What you will learn in this tip: Making sure you have the right disaster recovery (DR) strategy can become a major...
undertaking for virtualized environments, especially for large enterprises with hundreds or thousands of servers. Learn about the technical aspects of virtualization disaster recovery planning in this tip.
There are several items virtualized environments -- but particularly those focused on servers -- that are looking to incorporate disaster recovery must address. They include: hardware; software; implementation costs; space requirements; power requirements; staffing requirements; type of virtualization server arrangement used; storage requirements; physical space available; and internal versus external (managed, outsourced) services.
The good news for virtualized server environments from a business continuity (BC)/DR perspective is that operating systems and applications can easily function in virtualized environments. They can be quickly redeployed to another physical device, or even different data center in the event of a hardware failure. But in order for this to work correctly, you need to define the systems that will use this approach, determine the minimally acceptable recovery environment for the systems in question, and then verify that the critical systems can be successfully failed over to the backup (virtualized) facility and then failed back to the primary (virtualized) infrastructure.
The server consolidation ratio defines the number of virtual machines (VMs) a physical server can host. While this ratio depends on the workloads of each virtual machine, in reality the actual consolidation ratios are half of vendor estimates. For example, if a vendor predicts a ratio of 12:1, or 12 virtual guest systems to a single server, the actual performance will be more like 6:1, or six virtual machines per server. This means that the expected performance of 12 VMs may not be achieved. Be sure to factor this into your BC/DR calculations.
Virtualization strategies that can impact disaster recovery
Additional virtualization strategies that can impact business continuity/disaster recovery considerations include the following:
- Less physical servers: While this can be good from physical space, power demands and maintenance perspectives, it's important to divide up the available resources among the required operating systems, applications and data.
- Minimize system cross-impacts: If you have applications within their own virtual servers, the possibility of systems impacting other systems (especially when making changes) can be minimized.
- BC/DR requirements of each system: Each operating system and application must be evaluated for its criticality and need for recovery at an alternate service location.
- Creation of virtual disaster recovery machines: Use virtualization technology to establish virtual machines than can be assigned to critical assets in an emergency. It may make sense to have some of these virtual disaster recovery machines in place to provide real-time data backup repositories (with suitable backup storage as part of the equation) for the most critical systems.
- Carefully select the right virtualized systems: These are typically the most critical to the business, such as email and legacy systems that are still important but are not being updated.
According to a 2007 Gartner report, the top three usage scenarios for virtual machines are Web servers, network infrastructure applications, and file and print servers. Among virtualization products, VMware's ESX server had the largest market share (about 58%); VMware Server (entry-level, free software) had 14%, and Microsoft's Virtual Server had 12% of the market.
Among disaster recovery service providers, two key players include Neverfail Group and SunGard Availability Services. Neverfail offers failover solutions (as well as failback services) as part of its Continuous Availability (CA) product line. Within a virtualized environment, a CA capability can optimize the benefits of virtualization by speeding up the failover process to virtualized assets dedicated for recovery.
Summary of disaster recovery strategies for virtual environments
When planning to incorporate business continuity and disaster recovery within a virtualized server environment, be sure to perform the following activities before proceeding to research BC/DR services and software.
1. Conduct risk assessments and business impact analyses. A risk assessment and business impact analysis will help identify the most critical virtualized systems to protect. Despite having maybe hundreds or even thousands of systems, there are probably a small percentage that are really critical to the business.
2. Assess your virtualization readiness. If you are already using virtualization technologies, the matter is simplified: You simply need to proceed to the business continuity/disaster recovery process and leverage virtualization into your BC/DR strategies. If you are not using virtualization be prepared to use traditional BC/DR approaches such as backup to tape, backup to disk and disk mirroring.
3. Determine the minimal recovery requirements. Based on knowledge of the critical systems required for the business to survive, figure out what the minimal technology platform is to support those systems and analyze what your virtualization environment can provide in terms of support for those requirements.
4. Ensure that data backup and recovery plans synch up with virtualized assets. Since virtualization often means relying on fewer physical systems to process more work, carefully evaluate whether these devices will be able to take on disaster recovery tasks. This will include analysis of data protection and recovery, security and performance issues.
About this author: Paul Kirvan, CISA, CSSP, FBCI, CBCP, has more than 20 years experience in business continuity management as a consultant, author and educator. He has been directly involved with dozens of IT/telecom consulting and audit engagements ranging from governance program development, program exercising, execution and maintenance, and RFP preparation and response. Kirvan currently works as an independent business continuity consultant/auditor and is the secretary of the Business Continuity Institute USA chapter and can be reached at firstname.lastname@example.org.