Best practices for your AlgoSec VMware Deployment
The following topic explains best practices when using an AlgoSec VM.
We’ve developed the following best practice recommendations for your AlgoSec VMware Deployment. This list is evolving so be sure to check back often.
The following tips relate to each VM in your distributed environment:
General Tips
-
Use thick provisioning for the storage allocated.
-
Provide console access to the VMs for troubleshooting purposes.
-
Provide access to performance metrics related to CPU/Network/SWAP/Co-Stop/Memory.
-
Provide access to events and notifications in ESX.
-
Ideally, you should be able to tell the ESX version and know when it is updated.
Using snapshots
Snapshots can take up a lot of disk space and effect disk speed, so it's important to manage the snapshots on your system to avoid impact to performance.
-
Do not keep snapshots more than 7 days.
-
Do not use more than 3 snapshots at any given time.
-
Limit nested hierarchies of snapshots to one level only.
-
Take snapshots while machine is idle. Do not take snapshots during business hours or during nightly analysis.
-
Always take a snapshot before upgrading or applying hot fixes.
Maintenance
Network
-
Ensure network interfaces are configured as per VMware documentation, especially in relation to duplex settings.
-
Follow network bandwidth requirements. See Bandwidth requirements for distributed environments.
Disk performance
-
We recommend disk write speed of at least 300MB/s; system performance will improve as the speed increases.
Dedicated resources
Most ASMS workloads are event and schedule driven, which make intensive tasks hard to predict. Because of this:
-
Recommended: At least half the VM's memory resources should be dedicated.
-
Recommended: At least half the total VM CPU resources should be dedicated.
CPU
-
Recommended: Do not enable hyperthreading.
vMotion
Do not enable vMotion on ASMS appliances (due to third party component limitations. This includes Storage DRS automation Level and VMDK, etc.)