I was recently at a Symantec presentation, where they demoed Application HA.
After a brief introduction about VMware HA (and the unfailing question “better to have physical or virtual vCenter?”), they explained the new HA in vSphere 5, particularly how VMware opened this system to third parties via API to monitor applications hosted in a virtual machine.
Symantec has released Application HA right to use this features. Their solution allows to monitor applications and identifiy and react to failuers, managing recovery, restarting application inside the VM, or working together with VMware HA for further activities.
For example, during VMware HA a virtual machine can restart on another ESXi host, but the application inside that VM can have problems; think about a database on a VM moved away from a failed ESXi, it can have an inconsistent state.
An interesting scenario involves the upcoming BackupExec 2012, where during the excalation the Application HA, if it cannot solve a problem by rebooting the application nor the entire VM, can ask to BackupExec to restore a previous version of the failing VM.
A further step involves SRM, so one can add Application disaster recovery to his VM recovery plans. I was able however to go deep into this topic.
From a technical side, on VMware we first need to enable in the HA cluster, under VM Monitoring, the mode “VM and Application Monitoring”, where by default is set on “Disabled”:
We manage then monitoring sensitivity. Even with Application HA, this value affects VM monitoring of the Guest OS.
Once VMware is configured, we go to Application HA, where we need to install its software on a Windows virtual machine (it’s too manageable thanks to its agent!) and configure it to talk with vCenter; than we push guest installation on the VMs from the ApplicationHA console.
A nice fact is the application runs in Adobe Flash, but it has no plugin for vCenter. This means we can use the vCenter Appliance.
The hands-on lab Symantec offered us gave me a general rellay good opinion about this product; the software is solid (as Symantec representatives told, it’s based on the monitoring part of Veritas Cluster…) and it has interesting use cases. Possibility to monitor in a really fine way several application (we can also create our own modules) is a plus. I tested the MSSQL agent, and I was able to check a database not by simple services checks, but by running SQL queries to the database and checking the replays. The fine-grain check we can use will be surely of interest for environments with really high SLA requests. Think about an e-commerce website, where the database che be checked running a SQL query that checks for some tables consistency.
We can also write our own custom modules; symantec has also opened the SORT website (https://sort.symantec.com/agents) where you can download and upload his works.
The license is by VM, with a price of 500 euros per VM. It’s not cheap, but usually it’s used only on a subset of the entire cluster VMs, those where we have critical applications; in this use case the priority is about running services, so price is subsequentially justifiable.
The actual limit is about having only one application per VM we can monitor: in my opinion, looking the trend of the last years to atomize workloads (1 service on 1 VM), this does not sound like a limit, but for sure thare will be some use cases where this is needed; anyway it will be removed from the next release.
Another limit I saw is the need, like in Veritas Cluster, to establish a channel between the Console and the Guest Agents, specifically on TCP ports 5634 (monitoring) 14152-14153 (heartbeat). In multi-tenancy environments or those with several networks, allowing this traffic on all VMs in not a short task