When to Use SCVMM (And When Not To)

Microsoft introduced Hyper-V as a challenge to the traditional hypervisor market. Rather than a specialty hallmark technology, they made it into a standardized commodity. Instead of something to purchase and then plug into, Microsoft made it ubiquitously available as something to build upon. As a side effect, administrators manage Hyper-V using markedly different approaches than other systems. In this unfamiliar territory, we have a secondary curse of little clear guidance. So, let’s take a look at the merits and drawbacks of Microsoft’s paid Hyper-V management tool, System Center Virtual Machine Manager.

What is System Center Virtual Machine Manager?

“System Center” is an umbrella name for Microsoft’s datacenter management products, much like “Office” describes Microsoft’s suite of desktop productivity applications. System Center has two editions: Standard and Datacenter. Unlike Office, the System Center editions do not vary by the number of member products that you can use. Both editions allow you to use all System Center tools. Instead, the different editions differ by the number of systems that you can manage. We will not cover licensing in this article; please consult your reseller.

System Center Virtual Machine Manager, or SCVMM, or just VMM, presents a centralized tool to manage multiple Hyper-V hosts and clusters. It provides the following features:

• Bare-metal deployment of Hyper-V hosts
• Pre-defined host and virtual switch configuration combinations
• Control over clusters, individual hosts, and virtual machines
• Virtual machine templating
• Simultaneous deployment of multiple templates for automated setup of tiered services
• Granular access controls (control over specific hosts, VMs, deployments, etc.)
• Role-based access
• Self-service tools
• Control over Microsoft load balancers
• Organization of offline resources (ISOs, VHDXs, etc.)
• Automatic balancing of clustered virtual machines
• Control over network virtualization
• Partial control over ESXi hosts

In essence, VMM allows you to manage your datacenter as a cloud.

Can I Try VMM Before Buying?

You can read the list above to get an idea of the product’s capabilities. But, you can’t distinguish much about a product from a simple bulleted list. You learn the most about a tool by using it. To that end, you can download an evaluation copy of the System Center products. I created a link to the current long-term version (2019). If you scroll below that, you will find an evaluation for the semi-annual channel releases. Because of the invasive nature of VMM, I highly recommend that you restrict it to a testbed of systems. If you don’t have a test environment, then it presents you with a fantastic opportunity to try out nested virtualization.

Why Should I Use VMM to Manage my Hyper-V Environment?

Rather than trying to take you through a world tour of features that you could more easily explore on your own, I want to take this up to a higher-level view. Let’s settle one fact upfront: not everyone needs VMM. To make a somewhat bolder judgment, very few Hyper-V deployments need it. So, let’s cover the ones that do.

VMM for Management at Scale

The primary driver of VMM use has less to do with features than with scale. Understand that VMM does almost nothing that you cannot do yourself with freely-available tools. It mostly just makes tasks easier. The more hosts you have, the more work to do. So, if you’ve got many hosts, it doesn’t hurt to have some help. Of course, the word “many” does not have a universal meaning. Where do we draw the line?

For starters, we would not draw any line at all. If you’ve gone through the evaluation, you like what VMM has to offer, and the licensing cost does not drive you away, then use VMM. If you go through the effort to configure it properly, then VMM can work for even a very small environment. We’ll dive deeper into that angle in the section that discusses the disincentives to use VMM.

Server hosting providers with dozens or hundreds of clients make an obvious case for VMM. VMM does one thing easy that nothing else can: role-based access. The traditional tools allow you to establish host administrators, but nothing more granular. If you want a simple tool to establish control for tenants, VMM can do that.

VMM solves another problem that makes the most sense in the context of hosting providers: network virtualization. The term “network virtualization” could have several meanings, so let’s disambiguate it. With network virtualization, we can use the same IP addresses in multiple locations without collision. In many contexts, we can provide that with network address translation (NAT) routers. But, for tenants, we need to separate their traffic from other networks while still using common hardware. We could do that with VLANs, but that gives us two other problems. First, we have a hard limit on the number of VLANs that can co-exist. Second, customers may want to stretch their networks, including their VLANs, into the hosted environment. With current versions of Hyper-V, we have the ability to manage network virtualization with PowerShell, but VMM still makes it easier.

So, if you manage very large environments that can make use of VMM’s tenant management, or if you have a complicated networking environment that can benefit from network virtualization, then VMM makes sense for you.

VMM for Cloud Management

VMM for cloud management really means much the same thing as the previous section. It simply changes the approach to thinking about it. The common joke goes, “the cloud is just someone else’s computer”. But, how does that change when it’s your cloud? Of course, that joke has always represented a misunderstanding of cloud computing.

A cloud makes computing resources available in a controlled fashion. Prior to the powers of virtualization, you would either assign physical servers or you’d slice out access to specific resources (like virtual servers in Apache). With virtualization, you can create virtual machines of particular sizes, which supplants the physical server model. With a cloud, at least the way that VMM treats it, you can quickly stand up all-new systems for clients. You can even give them the power to do deploy their own.

Nothing requires the term “client” to apply only to external, paying customers. “Client” could easily mean internal teams. You can have an “accounting cloud” and a “sales cloud” or a “print cloud” and a “SQL cloud” or whatever else you need. Hosting providers aren’t the only entities that need to easily provide computing resources.

Granular Management Capabilities

I frequently see requests for granular control over Hyper-V resources. Administrators want to grant access to specific users to manage or connect to particular virtual machines. They want helpdesk staff to be able to reboot VMs, but not change settings. They want to allow different administrators to perform different functions based on their roles within the organization. I also think that some people just want to achieve a virtual remote desktop environment without paying the accompanying license fees.

VMM enables all of those things (except the VDI licensing sidestep, of course). Some of these things are impossible with native tools. With difficulty, you can achieve some in other ways, such as with Constrained PowerShell Endpoints. VMM does it all, and with much greater ease.

The Quick Answer to Choosing VMM

I hope that all of this information provides a clearer image. When you have a large or complex Hyper-V environment, especially with multiple stakeholders that need to manage their own systems, VMM can help you. If you read through all of the above and did not see how any of that could meaningfully apply to your organization, then the next section may fit you better.

Reasons NOT to Use SCVMM?

We’ve seen the upsides of VMM. Now it’s time for a look at the downsides.

VMM Does Not Come Cheap – or Alone

You can’t get VMM by itself. You must buy into the entire suite or get nothing at all. I won’t debate the merits of the other members of this suite in this article. Whether you want them or not, they all come as a set. That means that you pay for the set. If you get the quote and feel any hesitation at paying it, then that’s a sign that it might not be worth it to you.

VMM is Heavy

Hyper-V’s built-in management tools require almost nothing. The PowerShell module and MMC consoles are lightweight. They require a bit of disk space to store and a spot of memory to operate. They communicate with the WMI/CIM interfaces to do their work.

VMM shows up at the opposite end. It needs a server application install, preferably on a dedicated system. It stores all of its information in a Microsoft SQL database. It requires an agent on every managed host.

VMM Presents its Own Challenges

VMM is not easy to install, configure, or use. You will have questions during your first install that the documentation does not cover. It does not get easier. I have talked with others that have different experiences from mine; some with problems that I did not encounter, and others that have never dealt with things that routinely irritate me. I will limit this section to the things that I believe every potential VMM customer will need to prepare for.

Networking Complexity

We talked about the powers of network virtualization earlier. That technology necessitates complexity. However, VMM makes things difficult even when you have a simple Hyper-V networking design. In my opinion, VMM needlessly over-complicates everything network-related. You have several configuration points. If you miss one, something will not work. To tell the full story, a successful network configuration can be easily duplicated to other systems, even overwriting existing configurations. However, in smaller deployments, the negatives can greatly outweigh the positives.

General Complexity

I singled out networking in its own section because I feel that VMM’s designers could have created an equally capable networking system with a substantially simpler configuration. But, I think they can justify most of the rest of the complexity. VMM was built to enable you to run your own cloud – multiple clouds, even. That requires a bit more than the handful of interfaces necessary to wrangle a couple of hosts and a handful of VMs. But, if you don’t have a complicated environment, VMM will make it complicated.

Over-Eager Problem Solving

When VMM detects problems, it tries to apply fixes. That sounds good, except that the “fixes” are often worse than the disease – and sometimes there aren’t even any problems to fix. I’ve had hosts drained of their VMs, sitting idle, all because VMM suddenly decided that there was a configuration problem with the virtual switch. Worse, it wouldn’t specify what it didn’t like about that virtual switch or propose how to remedy the problem. You’ll see unspecified problems with hosts and virtual machines that VMM won’t ignore. Addressing them requires you to burn time in tedious housekeeping.

Convoluted Error Messaging

A point of common frustration that you’ll eventually run into: the error messages. VMM often leaves cryptic error messages in its logs. I’ve encountered numerous messages that I could not understand or find any further information about. These cost time and energy to research. Inability to uncover what triggered something or even find an actual problem – these things eventually lead to “alarm fatigue”. You simply ignore the messages that don’t seem important, thereby taking a risk that you’ll miss something that does matter.

Mixed Version Limitations

With the introduction of changes in Hyper-V in the 2012 series, Microsoft directly addressed an earlier problem: simultaneous management of different versions of Hyper-V. You can currently use Hyper-V Manager and Failover Cluster Manager in the Windows 8+ and Windows Server 2012+ versions to control any version of Hyper-V that employs the v2 namespace. Officially, Microsoft says that any given built-in management tool will work with the version they were released with, any lower version that supports v2, and one version higher. They can only manage the features that they know about, of course, but they’ll work.

Conversely, I have not seen any version of VMM that can control a higher-level Hyper-V version. VMM 2016 controls 2016 and lower, but not 2019. Furthermore, System Center rarely releases on the same schedule as Windows Server. VMM-reliant shops that wanted to migrate to Hyper-V in Windows Server 2019 had to wait several months for the release of VMM 2019.

Reduced Compatibility with Other Systems

VMM does not always play nicely with other systems. For one glaring problem, it severely restricts the way that you set up its data sharing center, called the “Library”. The VMM library is a simple repository of files in cold storage. You can store anything there that you like, although you’ll probably gravitate toward items that suit your Hyper-V needs. I rely on the library to store virtual machine templates and ISO files. While the library sounds nice, VMM makes it tough. It requires that you install an agent on every single file server that hosts a library. That means that you can’t use non-Microsoft file servers to host libraries at all. The VMM team also engineered the agent so that it can’t interoperate with a Microsoft scale-out file server.

So, your only choice for VMM library servers are a simple single-host Microsoft file server or a Microsoft failover cluster configured in active/passive cluster disk mode. If another team controls the organization’s file servers and doesn’t want your agent on them, too bad. If you have to deploy your own file servers to accommodate VMM’s particular needs, then you risk data duplication. To compound the issue, the VMM documentation does not clarify why this agent needs to exist or what it does. At its core, a VMM library server is just an SMB share. The agent and its requirements  add complexity without any obvious value.

Depending on your system, you may also encounter similar incompatibilities and frustrations with VMM’s patch management system.

The Quick Answer to Choosing Against VMM

As mentioned a few earlier times in this article, the decision against VMM will largely rest on the scale of your deployment. Whether or not the problems that I mentioned above matter to you – or even apply to you – you will need to invest time and effort specifically for managing VMM. If you do not have that time, or if that effort is simply not worth it to you, then do not use VMM.

Remember that you have several free tools available: Hyper-V Manager, Failover Cluster Manager, their PowerShell modules, and Windows Admin Center. For those of you that do not run particularly large or complicated environments, Windows Admin Center continually improves its value. It does a lot more than the traditional MMC tools and Microsoft continually adds functionality and improves usability. I would start with Windows Admin Center before considering VMM in the majority of environments.

Addressing the Automatic Recommendation for VMM

Part of the impetus behind writing this article was the oft-repeated directive to always use VMM with Hyper-V. For some writers and forum responders, it’s simply automatic. Unfortunately, it’s simply bad advice. It’s true that VMM provides an integrated, all-in-one management experience. But, if you’ve only got a handful of hosts, you can get a lot of mileage out of the free management tools. Windows Admin Center can go a long way in an environment with only a few hosts. Where the graphical tools prove functionally inadequate, PowerShell can pick up the slack. I know that some administrators resist using PowerShell or any other command-line tools, but they simply have no valid reasons.

I will close this out by repeating what I said earlier in the article: get the evaluations and try out VMM. Set up networking, configure hosts, deploy virtual machines, and build-out services. You should know quickly if it’s all worth it to you. Decide for yourself. And remember to come back and tell us your experiences! Good luck!