A SearchMidmarketSecurity.com reader asks our resident security expert Tom Chmielarski, "When disk sizes were much smaller, dynamic paging files made sense. But now that the drives are larger, a fixed size swap file makes more sense to avoid disk fragmentation. Are there similar considerations for virtual hard drives (VHD)? Are virtual hard disk defragment tools needed?
Although your question relates to performance more than security, let's start with a quick explanation of fragmentation for anyone who doesn't know what is really meant by this common IT term.
A file system, generically speaking, works by having an index of files --the Master File Table in NTFS , a Windows file system, for example -- that lists all the files it contains. Each of those files is stored in one or more disk clusters, which are each a collection of segments, or sectors, of the physical medium.
The index includes basic attributes of a file, such as the name and time stamps, and a listing of all clusters allocated to the file. Ideally the clusters for a file will be allocated sequentially to minimize the amount of repositioning of the drive heads(s) as the platters, the physical components that store data, are read. As a drive is filled, or a file is appended and modified, the clusters assigned will be increasingly non-contiguous, which will degrade performance . Fragmentation, operationally, can cause slow disk access times.
Although the analogy is not perfect, it is reasonable to compare this process to the spiraled line of a record: You want the data to be all together, not scattered across the record. The process of defragmentation rearranges file contents to make the files as contiguous as possible.
With a virtual hard drive (VHD), you have the opportunity for fragmentation at the host level (the file system storing the virtualized disk file(s)) and also at the guest level, within the virtualized disk itself. A very similar situation occurs with databases; the physical file(s) can be fragmented across the disk(s) and the database structure can be fragmented within those file(s). In SQL server terms, this is referred to as internal and external fragmentation.
Thus the short answer to your question is "yes," fragmentation can be a problem for virtual disks. It's best to allocate the full virtual disk size in advance, rather than grow it. Doing so will minimize the fragmentation of the physical file. The file system within the virtual disk can still get overly fragmented even if the physical file (VHD) is not. Realistically, though, fragmentation will have minimal operational impact unless the virtual systems have modified many of the files on disk.
Let's, for example, consider a virtualized Web server that generates and serves dynamic pages that use data stored in a database on another server. The primary function of this Web server does not involve making many changes to the local disk (virtual or otherwise) and mostly needs to retrieve, process and render data for Web users. The speed of the server's disk is a minimal consideration (but not irrelevant) since that function is not dependant on large, sequential file reads or writes.
Because there are essentially two layers of fragmentation, you'll need to use disk defragment tools at both the physical and virtualized layers. The physical VHD file will be locked while the guest is active, so you probably cannot defragment the physical file while the guest is running. With the guest suspended or stopped, you can run your normal defragmentation product of choice. Depending on your virtualization implementation, you may be able to effectively defragment by simply moving the virtualized host to an alternative server, creating a new VHD file (which should not be very fragmented) on the alternative server in the process.
Within the guest, you can run any standard of the standard disk defragment tools, such as the one built in to Windows, and the guest will defragment the virtual disk. Lastly, some virtualization products, such as VMWare Workstation, have a built-in defragmentation tools for the virtual disks: You can select a VHD and then use the Defragment option from within the virtual settings editor.
Tom Chmielarski is a senior consultant with GlassHouse Technologies, Inc.
Send Tom your security questions.
Join us on LinkedIn.