About Virtual Machine Hosts
A virtual machine host is a physical computer that hosts one or more virtual machines. You can add one or more hosts to System Center Virtual Machine Manager (VMM). Until you add a host, you cannot create virtual machines by using VMM and many of the actions in the VMM Administrator Console are not available.
If you already have virtual machines running on computers with Microsoft Virtual Server 2005 R2 SP1 installed, you can add those computers as hosts to VMM and start managing those virtual machines with VMM.
If you do not have any virtual machine hosts, you can add new hosts by using the Add Hosts Wizard in the VMM Administration Console. When you add a host, VMM automatically installs an agent and installs Virtual Server 2005 R2 with Service Pack 1.
You can organize hosts into host groups, which provide ease of monitoring and management of hosts and virtual machines. For more information about host groups, see About Host Groups.
You can add hosts that are in a trusted Active Directory Domain Services (AD DS) domain as well as hosts that are on a perimeter network. The process for adding hosts in the two topologies is different, as is security.
Hosts in Trusted Domains
In the most common topology, the VMM server and hosts are members of a domain in Active Directory Domain Services (AD DS). To have this trust relationship, hosts can be configured as follows:
- In the same domain as the VMM server.
- In a domain that has a two-way trust relationship with the domain the VMM server is in.
- In a forest that has a two-way forest trust relationship with the forest that contains the domain the VMM server is in.
In trusted domains, security is provided by the login authentication and account authorization of Active Directory.
In trusted domains, you can add one host at a time or add multiple hosts that all share a common set of configuration settings. You can also search Active Directory for existing hosts on a trusted domain and then choose which ones you want to add.
When you add a host in a trusted domain by using the Add Hosts Wizard in the VMM Administration Console, VMM installs an agent on the host and installs Virtual Server 2005 R2 SP1.
Hosts on a Perimeter Network
A perimeter network is a network that is separate from an organization's internal network and the Internet and has the following characteristics:
- Allows external users to access specific computers located on the perimeter network.
- Prevents access to computers on the organization's internal network.
- Can be set up to allow limited access from users on the internal network to computers located on the perimeter network.
For example, a perimeter network can include the company's Web server so that it can deliver Web content to the Internet. However, the perimeter network does not allow external users to access any private company data on computers on the internal network. Even if an external user penetrates the perimeter network security, only the perimeter network servers might be compromised.
Because a perimeter network is separate from the internal network, security for a host on a perimeter network must be provided by using a local service account.
You can deploy virtual machines on a host on a perimeter network from within the internal network. However, after you deploy virtual machines on a host on a perimeter network, you cannot migrate those virtual machines back to a host on the internal network or to another host on the perimeter network.