The market has been hammering out a bottom here. The slope of the 50 day moving average and the 30 day regression line have turned positive. Volatility has been dramatically reduced. The large candle days in the last 30 have been up, not down; the 20 and 50 day moving averages are coming together. The next “easy” upside target for SPY is 100, an 8-10% move from here; there are few serious resistance levels on the upside here, meaning that there would be no compelling reason to sell now on the way up. This market is has made all sorts of preparations for an irrational move to the upside.

You can be philosophically opposed to the auto bailout and its long term implications, but the mkt has seemed to shrug off the Madoff and auto bailoff news, like a punch drunk fighter can ignore more headshots. Where else is money going to go after all? Do you think emerging markets are “safer” without a US consumer to buy their product? Only commodities, after massive selloffs are as attractive on a value basis, and yet they cant really go up on fundamentals without a US economy to energize the business cycle home depot health check. I expect we will go into deeper debt with Obama’s jobs program, but it will get the economy sluggishly going again. If we turn in to Japan: 30 years of no growth, but regain our savings rate and retain employment and the learn to revalue honest work, is that so bad of a prescription?

For the tactical trader we have an opportunity here to take advantage of the emotions of hope and illusion in the days and weeks ahead before the accounting comes to call.

leading to performance concerns. At the operations level the ease and speed with which new applications can be deployed has resulted in many organisations resolving the issues of ‘server sprawl’, only to be faced with the new problem of ‘Virtual Machine sprawl’.
Listed below are 10 considerations for Virtualisation Best Practice:

1. Standardise
The main benefits of standardising across all aspects of the Virtual Infrastructure are ease of management and troubleshooting. This includes: software revisions; hardware configurations; server builds standards; naming conventions; storage and network configuration. Management is easier because all components are interchangeable and of a known configuration; in addition root-cause analysis is easier when the number of variables is kept to a minimum. Be aware; hosts with incompatible CPU types or stepping families’ can prevent VMware VMotion working correctly.
Standards should be defined and documented during the planning process and subsequently adhered to during deployment. Proposed changes to the environment should be reviewed, agreed and documented in an enforced ‘Change Control Procedure’.

2. Optimise the Network
The network is crucial to the performance and resilience of the Virtual Infrastructure – i.e. in addition to end-user traffic, the network is the primary means by which the Virtual Infrastructure is managed (through Virtual Center) and means of fault tolerance – using VMotion. For many organisations the network is also the method by which they connect to their storage. VMware recommends that there are a minimum of four Gigabit network adapters per ESX 3.x host-two attached to a vSwitch for the management network (service console, VMkernel, and VMotion), and two attached to a vSwitch for the VM network to support the virtual machines. In practice further segmentation is recommended. Whilst placing multiple NICs in a single vSwitch provides NIC redundancy and failover, placing all NICs on the same vSwitch restricts network segmentation, potentially leading to performance bottlenecks. An optimal balance therefore needs to be struck between network redundancy and traffic segmentation.

3. Optimise the Storage Configuration
Optimisation of the storage environment will depend upon the storage platform / protocols being used. All Virtual Hosts should be configured with multiple paths to the storage – to allow for failover in the event that an active path fails. ESX includes native multi-pathing support at the virtualisation layer. Multi-pathing allows an ESX host to maintain a constant connection between the host and a storage device in case of failure of a host bus adapter (HBA), switch, storage controller, storage processor, or a Fibre Channel/iSCSI network connection. All ESX hosts belonging to the same VMware DRS or VMware HA cluster for VI3, or two end points of a VMotion migration need to have access to the same shared storage.

SAN LUNs should be properly zoned so that each host can see the shared storage. If zoning is done improperly such that a host cannot see certain shared LUNs, this can cause problems with VMotion, VMware DRS and VMware HA (VI3). In order to improve performance and avoid the potential for storage access contention issues, LUNs should be zoned only to the hosts that need them.

In cases where multiple Guest OSes need to be configured to an iSCSI SAN it may be preferable to use the software initiator built into ESX. Using a single iSCSI initiator at the host level may improve performance over multiple aggregated initiators at the Guest level.

4. Allocate Sufficient Storage Capacity for Snapshots
Snapshots allow point-in-time copies of Virtual Machines to be taken, which can subsequently be used for testing and/or recovery purposes. A snapshot consists of block-level deltas from the previous disk state – comprised of a base disk and copy on write (COW) files that reflect changes – as a bitmap of all changed blocks on the base disk. Whilst can be very useful, care should be taken in using too many VMware based snapshots, which consume a considerable amount of additional disk space. VMware recommends planning on providing at least 15-20% of free space for snapshots. Alternatively it may be preferable to use storage-based snapshots, which only consume capacity on incremental writes.

5. Security
The security of the Virtual Infrastructure can be increased by restricting access to the ‘root’ user. The ‘root’ account can change any configuration setting within an ESX host, making it difficult to manage and audit the changes made. Remote access using the ‘root’ account should be disabled; instead users should log in remotely as a regular user in order to maintain an audit trail of user access, raising their access level to ‘root’ privileges if required.

VirtualCenter also has a number of ‘roles’ that can be assigned to users to refine the granularity of the security privileges assigned to individual users. In order to tighten security on the management network, close down TCP ports on the service console other than those used by ESX and VirtualCenter. Use secure shell (ssh) and secure copy (scp) for access and to transfer files to and from the service console rather than through lower security methods (telnet and ftp).

Increase the security of packets travelling over the network by segmenting network traffic travelling over the same physical NIC using ‘VLAN tagging’. VMware ESX supports IEEE 802.1Q VLAN tagging to take advantage of virtual LAN networks. VLAN tagging has little impact on performance and enables VMs to be more secure since network packets are limited to those on the segmented VLAN. Using VLAN tagging can minimize the number of physical NICs needed to support more network segments. VLANs provide logical groupings of network ports as if they were all on the same physical port to separate networks.

By awais

Leave a Reply

Your email address will not be published.