I've talked about what VM sprawl is, but what about all the terms that were mentioned in the previous post, like zombies, orphans, rogues, and spawning?

Quick recap: VM sprawl - the proliferation of VMs in the virtual infrastructure that are unnecessary and are frequently unauthorized or unusedthus consuming resources that are better used elsewhere.


Zombie VMs


The term "zombie VM" is inherently amusing and calls to mind images of a zombie VM chowing down on a healthy VM and infecting it with the zombie virus.




This is not far from what actually happens.


A zombie VM is basically a VM that has been left to rot. It is a VM that has been created but not deleted or removed when its purpose has ended. Zombie VMs take up resources that would otherwise go to VMs in use - such as CPU, memory, or storage - and can eventually slow other VMs on the same host. Since it is so easy to create a VM, people forget about the VMs they have made and - suddenly - zombies.




If you search for "orphan VMs" online, you can find several definitions that can be boiled down to VMs whose data exists, but which are not found in the inventory. Orphaned VMs consume resources, usually just storage resources, and are not accounted for in the VM management system. This may occur if you have a linkage problem between the VM and host, or if you try to delete the VM manually instead of through your management console. If you delete the configuration file, for example, the management console may not know that the VM still exists.




Rogue VMs are unmanaged VMs on your network. They introduce a number of security concerns - they can be unpatched, run unauthorized software, or be riddled with malware. These VMs are generally deployed from the desktop instead of being a remnant of the VM creation/deletion process. Because they are often deployed from desktops, they either bypass VM policies or no VM creation policy exists (or is enforced) on the network.


For example, in an entirely hypothetical situation, if you needed to spin up a gentoo VM, you may decide to use a downloaded image instead of wasting time deploying and configuring the VM. Because the images are unauthorized, they are more likely to be a security risk, either through passive vectors, like viruses, or through deliberate malice.



Spawning is a term used when creating VMs, though in this context usually refers to the unregulated creation of VMs. This is similar to other uses of the term "spawn," such as "spawn points," in gaming. It may not be considered a problem in and of itself, but it is a problem when combined with zombies, orphans, and rouges. You will always create new VMs, but you should remember to remove them when unnecessary and to use authorized images.


So there you have a brief explanation of terms used in VM sprawl.