Although hyper-converged systems provide greater simplicity and cost savings, and make IT teams more business ready, a hesitation has been noted among CIOs to implement them. In this post, we discuss the key reasons behind the rejection of hyper-converged systems.

Hyper-converged systems are a natural progression from the existing traditional IT infrastructure, which consists mostly of silos of system and architecture. There might exist, in these legacy environments, separate administrative groups for storage, servers and network. The storage system architecture and relationship with storage hardware vendor is usually maintained by the storage group and a similar situation exists for servers and network groups. Hyper-converged systems combine two or more of these infrastructure elements as a pre-engineered solution.

Major reasons why CIOs do not prefer hyper-converged systems

There are some basic issues with hyper-converged systems that pose a challenge in large scale enterprise production environments.

1. Security

Hyper-converged infrastructure collapses the data and control plane, making it impossible to create partitions between areas of a system to deploy varieties of security systems. This basically means that defense-in-depth principles, which have been the best security practices since the past 20 years, cannot be used. A penetration anywhere in the system thus compromises the whole system. A network segmentation between the database and the rest of the system is difficult to reach in hyper-converged systems. Some virtual switches can be used, but it would not matter much since at the storage layer, the production database is stored on the same storage as the virtual machines. If there is a break in, the attacker will have access to everything, making the network segmentation irrelevant.

2. Cost

Another major issue is the cost of capacity planning and expansion. Addition of new resources to a hyper-converged system can be costly as they have to be tied to a specific architecture. External components can be bolted on, but then this practice reduces the benefits of an integrated system.

3. Risk of absolute power

An enterprise can find itself stuck with a specific technology with a hyper-converged system. This technology might lose its relevance in the future or be unable to adapt to new protocols. Your organization may become powerless to the whim of a single vendor.

4. Scaling the control plane means scaling up the data plane

In a hyper-converged system, the control plane (software APIs), and control systems that manage it, are distributed. This basically means that the control plane software and data is mixed with virtual machines and virtual machine data storage, usually using the same network. There is also another problem – there is no specific entry point. If you have 100 nodes, there is no way of knowing which ones are actually running the control plane at any given moment. This can be resolved by running the control software on a single node at a time, which is selected using a master election system. But here the problem is that there can only be one master at a time, which means that the same box hosting virtual machines is also storing the control plane system and running the APIs. This can result in a very tricky situation as the node will have to be upgraded, along with all the others. This would create major cost inefficiencies for the enterprise.

There are some other minor drawbacks, such as general lack of anything resembling a failure domain and control plane not designed for horizontal stability, but they can easily be overcome if the above mentioned drawbacks are addressed. In many enterprise IT scenarios, hyper-convergence may turn out to be the better bet.

For more CIO tips, visit the Allerin blog page.