Three ways to prevent virtual machine sprawl

The introduction of virtualization technology into data centers and server rooms leaves customers vulnerable to virtual machine sprawl. Learn what techniques should be used to avoid the problem.

Service provider takeaway: Service providers can use three techniques to help customers implement server virtualization technology without suffering from the nasty side effect of virtual machine sprawl.

Server virtualization technology is rapidly becoming a data center standard. It's even taking off in the small and medium-sized business (SMB) market. While this is good for the virtualization market, IT practitioners must avoid the headache of virtual machine sprawl, which is reminiscent of poorly implemented desktop infrastructures. Fortunately, service providers can help.

While virtual machines (VMs) and desktops represent opposite sides of the computing coin, they have one dangerous trait in common: easy implementation. When desktops took off in the business world, there was no stopping them. Mainframes were supplanted by the power of distributed computing. Companies bought desktops and deployed them with little thought about the impact they would have on network security and management. Today, many companies suffer from desktop sprawl. Resources, time and money are wasted on desktop security suites, desktop management suites, antivirus tools and so on. This is what happens when new technology is deployed without thought or planning.

History may repeat itself with server virtualization technology (and desktop virtualization, for that matter) if we are not careful. Service providers are in an excellent position to help customers correctly plan, deploy and manage virtual server technology to prevent virtual machine sprawl. Service providers can help customers prevent virtual machine sprawl via services surrounding policies, deployment best practices and reporting.


The first stop on the antisprawl campaign is policy. Value-added resellers (VARs) should work closely with business and IT managers to develop sound policies about how to create and deploy virtual machines. If policies are not instituted at the start of virtualization implementation, businesses could be faced with virtual machine sprawl quickly. Virtual machines only take a couple of minutes to deploy, and an unchecked IT department may start rapidly deploying virtual machines quicker than they can deploy desktops.

Your customers' policies will vary depending on the environment and how much control the IT staff has over servers and storage. That said, policies should be established governing how many virtual machines each server should run. Staff should be required to justify reasons for commissioning a new virtual machine. Also, VARs should help their customers set up procedures for periodically scanning the network for rogue virtual machines.

Policies on the use of virtual machine technology on users' desktops should also be addressed. There are many free virtualization software packages that users can download and run. When users start booting up virtual machines without the IT manager's knowledge or approval, there are potential security risks. To avoid that problem, users' desktops should be locked down to prevent them from installing such software.

Deployment best practices

After policies are developed, VARs should work with customers to create best practices for deploying virtual machines. Different application loads have different resource and security requirements; for example, the security requirements for an Active Directory domain controller are different from those for a file server.

One of the biggest advantages of a company's virtual machines is that they all have the same emulated hardware. Also, virtual machines are just a series of files. For these two reasons, creating template virtual machines is relatively easy. VARs should help customers produce template virtual machines for each of the common workloads at the customer's business. Then, these virtual machines can be cloned.

If your customer needs a new domain controller, it would clone the domain controller template. If your customer needs a new file server, it would clone the file server template. Just make sure that your customer puts someone in charge of keeping the template virtual machines updated with changing security requirements. With less guesswork in the deployment of virtual machines, there will be less testing required, so fewer test virtual machines. This will help to significantly control virtual machine sprawl.


Even if a customer has policies and deployment best practices in place, the effectiveness of those policies and best practices needs to be measured periodically. This is where third-party reporting tools can really help. Your customers cannot control virtual machine sprawl if they do not have a good picture of what the current virtual infrastructure looks like.

Both PlateSpin and VKernel offer software packages that report on virtual machine capacity, inventory and resource usage. PlateSpin's PowerRecon works with VMware Virtual Infrastructure 3, VMware ESX Server, VMware Server, Microsoft Virtual Server, Xen Enterprise and Virtual Iron virtual machines. VKernel's Virtual Appliance Management Suite is designed for VMware virtual machines. VARs should be well-versed in at least one third-party reporting product so they can recommend that their customers take advantage of this type of reporting. With the right reporting information, IT managers can make solid decisions on how to best control virtual machine sprawl.

By combining policies, deployment best practices and reporting, VARs can help their customers avoid virtual machine sprawl before it's too late. Policies should be developed before virtual infrastructure deployment and revisited periodically. Templates for virtual machines should be set up before the first deployment to ensure consistency across the environment. Finally, third-party reporting tools should be used periodically to check on the status of the virtual infrastructure and ensure that policies and best practices are being adhered to.

About the author

Harley Stagner has been an IT professional for about eight years. He has a wide range of knowledge in many areas of the IT field, including network design and administration, scripting and troubleshooting.

Dig Deeper on Server virtualization technology and services