Virtualization question

1. Can't expand. I am using the SFF PC so it only accomodates 1 3.5" drive or 2x 2.5" drives.

2. Does that mean if I plan on running 4 VMs I need 4 physical adapters? Isn't that too much or am I reading this wrong. Why do you recommend 2 ports on NIC - is it not ok with 1 seperate NIC and 1 LOM NIC?

3. I know but getting 4x4GB sticks is not exactly cheap

My plan is to run 4 VMs on this PC.
1. Smoothwall or other firewall appliance
2. Windows Server 2008 R2 ADC/DNS/DHCP (probably low load)
3. Windows Server 2008 R2 IIS/Symantec Endpoint/maybe SCCM&WSUS (probably low load, unless it's handing out updates, also IIS is internal only so no outside access)
4. Windows XP VM for running Outlook 2007 (sounds silly but I want to)

I need more VMs but I'm going to beef up my file server and run in that.

The "recommended" ESX configuration is to have one dedicated NIC for management purposes, and a bunch of others for your virtual machines. It's not necessarily a requirement. I have a Dell Latitude D820 laptop running ESX4 on the single onboard Broadcom gigabit. Just make sure you're not using some no-name NIC.

You can install ESX on a USB key - I think your SFF has at least one USB port that's internal on the motherboard - might have to double-check that. All you need is a 1GB USB key - that's what I have my PowerEdge T710 booting off of.

Once you do that, you can upgrade to the internal HDD to the biggest & fastest you can afford. It's still a single hdd, so don't run anything that you can't afford to lose in case the hdd fails.

I wouldn't worry too much about the internal storage too much at the moment, there are always additional expansion options for you later - in particular adding an iSCSI storage device. If your iSCSI device is fast enough, you won't notice any drop in performance when booting up VMs.

The list of VMs you wanted to run is fine. You'll probably run out of RAM or hard-drive space before running out of processor power. I currently have 10 virtual machines running on my ESX box, each with a minimum of 1GB, and supposedly it's only using about 10.5GB of RAM; one of those virtual machines is a 2003 Server with Exchange installed and 4GB of RAM allocated.

You can probably allocate just 1GB of RAM to your 2008 R2 DC server - that's what I have running on my 2008 R2 VM.

WSUS uses SQL so it's heavy on the I/O - I would probably allocate 2+ GB of RAM to that server. It'll use more than 1GB for sure. I know mine does, and mine's a physical machine.

Quote:
No - you can run all your virtual machines off the one NIC you have, if you leave the other one for management purposes. It's a virtual NIC anyways, so in the VM, you can actually create more than 1 virtual NIC on the machine, but assign it to the same physical adapter on the host, and assign the IP addresses inside the virtual machine like you would normally.

Unless you're running network services that will be beating the crap out of your NIC, you should be fine. i.e. you won't run into the gigabit bandwidth limit.

Quote:
I'd be a bit cautious about investing anymore RAM into this particular system. Both the Dell and Kingston Memory websites say that the system only supports 8GB of RAM tops.

Although according to Intel's website, the Q45 chipset is supposed to support up to 16GB of RAM.

You can do quite a lot with 8GB - start using it first. Remember, if you allocate 2GB of RAM to a VM, it doesn't go and eat out 2GB of RAM. And even if Task Manager in the virtual machine says it's eating 1.5GB of RAM, chances are it's probably not using up that much from the host either.

Quote:
The Smoothwall appliance only needs to see two NICs in the virtual machine configuration, right? It's possible to map two virtual NICs in the virtual machine to the same physical adapter. The guest would still see two separate NICs for use.

I have it that way on one of my Windows VMs - it's got three virtual NICs assigned, but only assigned to two physical adapters, and even then only because one of the physical NICs is connected to a whole separate physical subnet.

Quote:
Your performance is probably gonna suck on the 2008 R2 servers, maybe, but it would still be faster than running 2008 R2 VMs in VMWare Server under Windows, or something like that.

I've got one single 2008 R2 VM running on my Latitude D820 laptop with ESX4 installed. The performance isn't as fast as my T710, but it's certainly usable, especially as a domain controller / DHCP / DNS server...

Quote:

Correct, but think of the external connections for a second. Smoothwall needs to be connected in between the internet and your local network. Connecting the servers on the same NIC as the internet is a HUGE security risk (it completely defeats the purpose of the firewall in the first place), and connecting them all through the same NIC as smoothwall's local network will cause huge performance problems. Lots of CPU cycles will be wasted redirecting the network traffic.

With the services he's installing there won't be a lot of concurrent use between the different server OSs so its not a big deal. But its very possible to be downloading something off the internet and doing something on the servers at the same time.

Quote:
I would still want to keep the WAN NIC physically separate from the internal LAN - so you would need a minimum of 3 adapters if you wanted a dedicated management NIC.

Quote:
Hey B, I was wondering when you'd show up =P.

Anyways, now I understand the OP's setup. Kind of. I wasn't sure if the Smoothwall appliance was capable of running with both NICs on the same subnet. i.e. the appliance is the default gateway and all internet traffic gets routed to it, and then the Smoothwall transmits everything out the router.

Quote:
But that completely defeats the purpose of the firewall to begin with.

Quote:
The 960 supports 16GB. It's an option available for ordering ($1200 for 16GB!) - their website probably doesn't reflect this update

Thanks for the help guys. I will read through this and ask more questions.

About the NICs ... I forgot to mention that I want this VM to do routing (Smoothwall supports this right?)

So is this right:
1. Use Realtek 8319 NIC for internet connection.
2. Use Intel 82567LM for connection to internal network. Additional physical machines will connect to this via Trendnet switch. Also use the 82567LM for management. (I assume I need to create unique NICs for each VM and not bridge to the physical interface?)

P.S. This model does not have internal regular USB port, it only has the port used for SD card readers

I attached a picture of the set up I was thinking. Please let me know if this is ******ed.

Quote:
That would be the right setup, but I would recommend atleast 3rd NIC.

ETH0 -> Modem
ETH1 -> Switch
ETH2 -> Switch

Use ETH1 for your VMs lan access, and ETH2 as your gateway for all of you systems with internet access.

Quote:
If I want to do management utilities from my personal PC, does that mean I need to have two switches and two NICs on my personal PC?

Quote:
That's fine. With a single ESX setup, you're not going to be loading all that much on the management interface anyways. From what I know, VMWare only really recommends having the dedicated management NIC if you're actually going to be heavily using the various management features included in vCenter, including things such as vMotion. Also, if you attach an iSCSI target directly to the ESX host (as opposed to a virtual machine), you're also going to be using the management interface.

After you get it all set up, any dedicated management NIC is going to be sitting there twiddling its thumbs waiting for stuff to do. That's what mine was doing, so I added a virtual switch to the interface and assigned a bunch of low-network access VMs to it (domain controllers, instant messaging workstations, BitTorrent, Newsgroups, etc).