In the previous Allocating resources in vSphere for Virtual Machines tip we discussed what resource control options are available in vSphere at the VM level. Here we will discuss the new controls in vSphere 4.1 for storage and networking I/O consumption. Storage I/O Control is a new feature that takes the current storage resource controls to a broader level. Prior to vSphere 4.1, storage resource controls could be set on each host at the VM level using shares.
It is common for hosts to share datastores. Each host works individually to control VM access to disk resources, so it is possible for the VMs on one host to limit the amount of disk resources on other hosts because they share the same back-end storage devices.
Storage I/O Control
Storage I/O Control solves the problem by enforcing storage resource controls at the datastore level so all hosts accessing the datastore are considered when prioritizing the storage resources for a VM. Therefore, a VM that may have low or normal shares on one host that does not have storage constraints will be throttled if higher priority VMs on other hosts need more storage resources. When Storage I/O Control is enabled on each datastore, it uses a congestion threshold that measures latency in the storage subsystem.
Once the threshold is reached, Storage I/O Control enforces storage priorities on each host accessing the datastore to ensure VMs with higher priority have the resources they need. The congestion threshold is configurable and set in milliseconds on each datastore. Storage I/O Control is not enabled by default and works only on block-based VMFS datastore (no NFS) and requires the Enterprise Plus license.
Network I/O Control
Network I/O Control is another new resource control for network traffic but is not specifically aimed at controlling individual VM network traffic. Instead, Network I/O Control is designed to prioritize the different network traffic types that flow over vSwitches.
The traffic types are put into categories that include storage (iSCSI and NFS), management console, vMotion, fault tolerance and VM traffic. Priorities can then be assigned on the traffic types using shares that have numeric values to establish a guaranteed minimum service level on each. This allows more important traffic a higher priority than other traffic types.
Limits can also be set in Mb/s on the traffic types to define the maximum bandwidth that can be used by type of traffic. Shares apply to individual physical network-interface cards (NICs) in a vSwitch, limits apply to all the NICs on a vSwitch (NIC teaming).
This type of network traffic control is meant for hosts that have fewer physical NICs with greater speeds such as 10 GbE NICs instead of hosts that have more physical NICs with slower speeds such as 1 GbE NICs. When more NICs are available, you typically segregate traffic onto separate vSwitches with their own physical NICs so you don't have to worry about mixing traffic types on a vSwitch.
But if you have a host with fewer NICs -- regardless of their speed -- you can still use Network I/O Control to implement a quality of service on the more important traffic types on the vSwitch. To use Network I/O Control, you must be licensed for Enterprise Plus because the feature is configurable only on the Distributed vSwitch type.
Virtualization is all about sharing the resources of a single physical host with many VMs, but by default a host allows VMs to fight it out for access to the available resources that a host has without giving any VMs priorities. Therefore, you should always put controls in place to ensure that the resource distribution occurs in a manner that meets your customer's workload priorities.
VSphere has many excellent methods for controlling the amount of resources that VMs can access. Properly implementing them can ensure that your customer's critical VMs do not become resource-starved and sluggish. Helping your customers understand that these controls are necessary will reduce the likelihood of performance problems in their virtual environments.
About the expert
Eric Siebert is a 25-year IT veteran whose primary focus is VMware virtualization and Windows Server administration. He is one of the 300 vExperts named by VMware Inc. for 2009. He is the author of the book VI3 Implementation and Administration and a frequent TechTarget contributor. In addition, he maintains vSphere-land.com, a VMware information site.