VM Sprawl

Virtualization is the modern way building a datacenter or just running business application. It is simple, it saves money for hardware and power. It’s easier to provision servers, it’s easier to move servers, and it’s easier to decommission servers. It’s easier to set up networks. It’s easier from a management perspective all around. But when provisioning of new virtual machines in enterprise environment is uncontrolled and without rules it could lead to huge issues.

Such uncontrolled deployment of virtual machines is known as a VM sprawl.

VM sprawl

VM sprawling is something that almost everybody met especially in enterprise. Because creating a VM is easy and a matter of a few clicks, the running machines increase over time. More and more valuable resource are occupied for applications which are not necessary or business critical. Another thing that almost everybody underestimate is security in mind. According to a survey by InformationWeek (leading news and information source for information technology) only 20 % of Enterprises surveyed had a formal review process in place with security of VMs mind.

Major reasons for sprawling VMs is uncontrolled access to virtual infrastructure management. Everybody know how to deploy a new virtual server for example for a testing purpose and after jobs is done the machine continue to work. This cost money in all kinds of aspects: power, hardware resources, storage etc. From security perspective an unattended VM could be exploited and thus the cost be even higher than expected.

Mitigation techniques

VM sprawl is easy to be put under control with just few steps:

  • Role based administration of virtual infrastructure
  • Implementing procedure for deploying a new virtual machine
  • Revision of deployed machines at a certain time
  • Power Off unused machines