Today’s virtualized data center environment is like an F15 airplane – wonderfully flexible but at the same time dangerously unstable if not managed properly. The F15 is widely recognized as one of the most maneuverable fighter jets ever built. But flexibility comes at a price and the only way you can control it is by having very good computer systems supporting the pilot flying the plane.

Similarly, the challenge of complexity is ever present in today’s IT environments and the drive toward virtualization is only increasing that challenge. But rather than being cowed by complexity, an enlightened IT organization takes control of it, using the latest tools and techniques – and that includes application dependency mapping.

Server virtualization is great for the data center in so many ways that it’s easy to see why it’s so popular. It reduces hardware costs, makes server provisioning far more flexible, and ensures IT can be more responsive to business needs. But without a proper understanding of the dependencies between business applications and the underlying infrastructure, virtualization can itself be hazardous.

For the data center manager, the virtualized environment throws up a number of interlinked challenges, which can roughly be grouped under the headings of visibility, management, and compliance.

Visibility
In a data center with 30,000-40,000 servers, and literally millions of dependencies between hardware, software and business applications, understanding where your virtual servers actually are (which is hosting what) and what services they are supporting (particularly in a loosely coupled set up) is no mean feat. Just think about the scale of the problem for a minute and it quickly becomes clear it’s something you can’t keep track of manually. Clearly, you need to automate the process.

The good news is that it can largely be automated. Typically, the way people try to understand dependencies is by building a large Visio chart of what a business application looks like based on conversations with engineers who manage the databases, application servers, bits of custom code, and everything else. The process of compiling that chart is automated by an application dependency mapping tool that replicates much of the manual process, logging onto servers and discovering information about what is where, how it’s configured, and so on. It then pulls all the information together using a reasoning engine – and critically it does it on a daily basis so any changes are automatically logged.

Indeed, dependency mapping is critical to the change management process, particularly when you consider that 80% of incidents are caused by errant change. These are changes that are either not authorized or where the change impact analysis isn’t good enough and some other system is impacted that wasn’t supposed to be. One of the key issues when you try to understand the impact of a change, such as an upgrade to a database, is knowing which business applications and services are dependent on that database. Again, the change approval process is typically a laborious, manual one where a working group is put together of all the people affected by the change. In this scenario, there’s a risk that people just sign off on a change because they are overwhelmed with too many requests, or go too far the other way, do their due diligence carefully, and hold the approval process up.

Using an application dependency mapping tool, you have clear visibility into the business applications that are affected by a change, wherever they reside. You can build the right change approval groups, make changes more accurately, and verify that changes have been made correctly. This reduces the overhead on the entire IT organization.

Management
The wildfire spread of virtualization through the data center has followed a classic adoption curve for IT. People have recognized the benefits and deployed virtualized servers, VMWare, for example, then afterward recognized the management issues it throws up. The business perceives virtual servers to be free – after all, you’re only really partitioning an existing server, not adding extra hardware, they say – and IT recognizes it allows them to be more flexible, agile and responsive to business requests and changes. But as the number of servers rockets, the thing that’s commonly missed is the management overhead.

Every one of these servers has the same administration costs attached to it as a physical server would have. So while virtualization can undoubtedly reduce costs, the flip side is that if the proliferation of servers is not carefully controlled and monitored, you could be driving up your management costs. And many enterprises haven’t worked out how to charge back those overheads – indeed virtual servers are often being introduced as a way of not charging back to the business.

Asset tracking and inventory management systems provide a snapshot of the information you need to manage this proliferation and complexity. But typically, the first are for managing the financial side, the second for understanding a particular technology environment such as Microsoft Virtual Server. What enterprises don’t have is an end-to-end holistic picture of all the technologies they are virtualizing and the different dependencies they are creating. Monitoring and tracking a virtualization program is a discipline you can’t afford to ignore.<

Compliance
The third area where virtualized data centers are struggling is in ensuring you remain compliant, both with their internal performance standards and external regulatory requirements. Complexity inevitably carries a performance hit, particularly with the increased management overheads you are putting in place. So it’s all the more important to manage that complexity so you remain compliant.

When you look at an investment bank, for example, one of its key requirements for its data center is high performance and minimum latency. That’s why so many data centers are situated right next to the dealing room floors, because proximity can bring millisecond improvements in performance. In this scenario, virtualization will slow things down a little, so it’s important to understand where you’re going to virtualize and ensure none of the dependencies impact the really performance-critical systems. You also need to be careful you’re not overprovisioning as that could slow everything down too.

Another potential compliance problem in the virtualized environment is concentration risk. The more you move server locations around in such a fluid manner, the greater the risk that the production and disaster recovery versions of an application end up in the same location. Clearly that’s counterproductive to your DR strategy, but in the event of a failure, it’s the kind of visibility that can help you stay in business.

A further compliance risk comes around change. Just as you need to be clear that any changes won’t impact adversely on other systems upstream, so downstream you have to be able to prove to the regulator that no one has been able to make unauthorized changes to your core applications. Again, you can’t go around manually documenting all those changes, so having a dependency mapping system in place to demonstrate to the regulator you are in control of those changes is the only solution.

Key Requirements
Some companies use dependency mapping to help them move from legacy environments to new loosely coupled, virtualized data centers, but it’s important to recognize that for the vast majority, you are going to be implementing it into legacy environments. You therefore need a toolbox that’s easy to apply retrospectively, an agentless, automated system that will go out and profile your environment seamlessly. Products that insist you install agents on all your systems are effectively providing answers for people who in many cases don’t know the question.

You also need a system that works across a host of different environments: Microsoft, Sun, VMWare and even complex process area networks. Most data center environments are already heterogeneous in this way, but even if they are not, you need to have the option to investigate different, more cost-effective technologies in the future.

Companies need to act on dependency mapping before it is too late. Virtualization is happening today and, yes, it is giving us tremendous flexibility and agility, but we absolutely have to manage this new complexity because the systems we are virtualizing are business critical.