vSAN in Healthcare
Modern healthcare environments are a great example of technology's profound impact on health. As the role of hospitals, clinics, and other medical specialization practices continues to expand as does the reliance on technological advancements in hardware and software. This technology helps clinicians retrieve and record information quickly and accurately, driving proper diagnosis and treatment. But these applications must provide this data in a robust, mobile, and secure manner, and the systems they run on must be able to scale to meet the demands of the organization. Complex requirements usually mean complex solutions.
Converging Use Cases and Requirements
Medical facilities employ a variety of solutions to meet specific needs. Some of these solutions overlap in their use while others are very specific. Three of the most common systems are:
- Record retrieval systems. Electronic Health Record (EHR) or Electronic Medical Record (EMR) systems are used to provide the intelligence needed for the very best patient care. These systems are often highly transactional. Records must be retrieved and updated constantly, and are often communicating with external provider networks.
- Medical imaging systems. These solutions are responsible for the processing of medical images such as MRIs, CT scans, Ultrasound, and X-Rays.
- Application delivery systems. To achieve enhanced levels of security, and mobility, hospitals, and clinics will deploy some type of application delivery solution such as Virtual Desktop Infrastructure (VDI) using VMware Horizon or App Volumes. They are responsible for delivering a variety of applications to units throughout a facility.
Beyond the demands of the applications, the infrastructure it runs on must meet many other critical requirements.
- Availability. The ability to access systems and data despite unplanned failures.
- Performance. Delivery of the applications and solutions running on the platform in a timely and consistent manner.
- Scalability. Can the platform the applications run on grow in an incremental, cost-efficient manner?
- Security. Adhering to all relevant regulatory compliance, such as HIPPAA, and may also include data isolation through micro-segmentation and other ways.
In traditional three-tier architectures, some of these specialized solutions were isolated to meet the stringent performance, security, and availability requirements. This approach solved some problems but created others. Manageability becomes more complex and more costly. Designs were often built around the constraints of the infrastructure instead of the requirements of the applications. A lack of flexibility in infrastructure tends to show up most when accommodating for change, such as the need to scale the environment powering the solutions.
Flexibility, Prescriptiveness, and Isolation with vSAN powered environments
This "change in scope" is precisely the predicament Nantes University Hospital Center found themselves in, and why they went with a vSAN powered infrastructure. vSAN frees the design and operation process from many of the constraints found in three-tier architectures.
Flexibility isn't the only reason for a different approach. Health New England (NHE) echoes a similar need for flexibility, in addition to a "security first" approach, which leads them to use VMware Cloud Foundation (VCF) powered by vSAN for their recent deployments. Sentara Healthcare has demonstrated significant improvements by moving its infrastructure to VCF powered by vSAN, and now is running as many as 16,000 EMR sessions across its facilities.
VMware also works closely with many of the Independent Software Vendors (ISVs) to provide a validated reference architecture that meets the performance and availability requirements of the application. Reference architectures help provide the bridge between the application deployment guidance, and the hypervisor. Be sure to take a look at the vSAN HealthCare Reference Architectures for more information.
Topology Options and Examples
Let's look at some simple fictitious examples of how the flexibility provided by a vSAN powered environment could power the needs of an environment providing healthcare. These are basic representations of vSAN's flexibility that can help accommodate the unique demands of healthcare environments. Production environments may be using specific elements from more than one example.
Example 1: Cluster isolation of critical systems for performance and security SLAs
Since a standard vSAN cluster treats storage as an exclusive resource of the cluster, cluster design can be used to help isolate sets of workloads that may have more strict performance or security requirements. In this example, a cluster is dedicated to the EHR system and a few other mission-critical solutions. Not only are these applications isolated from other solutions across the infrastructure, but cluster-level services such as vSAN Data-at-rest encryption and Data-in-transit encryption can be enabled to meet the security requirements of the data.
Figure 1. Applying tailored cluster sizes, hardware, and data services to meet the needs of an environment.
Additionally, workloads within a cluster can be controlled using storage policies using IOPS limits. This could help scenarios where a higher demanding, but less important workload is potentially impacting the performance of other systems.
Note that while a standard vSAN cluster may treat storage as an exclusive resource of a cluster, that doesn't mean that you can't serve that storage out to other vSAN or even vSphere clusters. See "Running Tier-1 Apps with HCI Mesh Solution Overview" and “vSAN Powering Biotech” for more information on how HCI Mesh can disaggregate storage from compute resources.
Example 2: Regional hospitals increasing availability through vSAN stretched clusters
Larger regional hospitals are often faced with a common challenge: What is the best way to provide improved levels of availability? With vSAN, full site-level resilience can be achieved on a per-cluster basis using vSAN stretched clusters. In this example, a vSAN cluster is used to house a variety of applications and data is stretched across regional hospitals. Storage policies assigned to the VMs will dictate if application data will provide site-level resilience, as well as any secondary level of resilience within each site. For those applications that do not need site-level resilience, storage policies and DRS rules work together to ensure the application and the data reside on the same site.
Figure 2. Site-level resilience across regional hospitals using vSAN stretched clusters.
This type of topology is appealing because it does not require any additional hardware or software to achieve, and can also be augmented with a tertiary site to meet disaster recovery and failover requirements using on premises offerings such as VMware Site Recovery Manager, or SaaS offerings such as VMware Cloud Disaster Recovery.
Regional hospitals can also be ideal for this use case because they both typically have some IT infrastructure already, and are geographically close enough to meet latency requirements of applications writing data across an inter-site link.
Example 3: Mobility of medical applications through VDI powered by vSAN
Consider a scenario in which the facilities have limited ability to provide infrastructure on-premises. An example of this might be temporary environments such as "pop up" or field hospitals. Physicians and other staff expect the tools they use to perform their jobs will be available, and this includes the electronic applications that support those efforts. Application delivery through VMware Horizon and VMware App Volumes running on vSAN powered environments is an ideal way to achieve this.
Figure 3. Remote delivery of applications to field hospitals through VMware Horizon on vSAN.
Scalability is one of the strengths of vSAN and in this example, could be easily achieved in one of two ways. Scaling up performance or capacity could mean simply adding faster or more storage devices to each host in the vSAN cluster. Scaling outperformance or capacity could be achieved by adding more hosts to a cluster. The incremental and predictable manner in which scaling can occur removes a common obstacle for growth.
Practical guidance for vSAN in Healthcare environments
A proper sizing and design exercise should always be applied to the design of any environment. This effort can be especially important to ensure proper SLAs for some of the specialized applications running in healthcare facilities. The recommendations below serve as a starting point for a successful design.
- Follow the application installation and configuration guidance provided by the EHR vendor. These vendors know their application best, and will often provide detailed guidance for deployment. Supportability may be dependent on the proper configuration.
- Follow the vSAN guidance found in VMware's Reference Architectures for your specific EHR solution. Reference architectures are the easiest way to know that your organization is following the recommended guidance on infrastructure design to meet the requirements of the applications.
- Use recommended practices when assigning virtual hardware to resource-intensive VMs. Whether the resource-intensive VMs are running in traditional three-tier architecture, or on vSAN, there are optimizations to the assignment and configuration of virtual hardware that may offer improved levels of performance for your VMs.
- High-performing hardware on the host improves the potential performance of vSAN. Whether it be the devices used for the caching and capacity tiers, Network interface cards, or CPUs, all of these discrete components matter in the effective performance of vSAN. The better the hardware, the increased level of potential performance
- Use high-performing, 25/100Gb switchgear. vSAN relies on reliable, high-performing switchgear that has the processing, backplane, and buffering capabilities necessary for transacting high levels of packets per second. Unfortunately, many of the value-based switches lack all of those traits. For resource-intensive workloads, use 25/100Gb switchgear for your environment. vSAN using RDMA requires extra levels of attention to ensure there is compliance with hardware certification.
- For existing vSAN environments, review your plans in a cluster design. vSAN treats storage as a resource of the cluster and gives you the power to isolate a boundary of resources for these specialized, mission-critical systems. Depending on the conditions, it may be best for these mission-critical workloads to live on their vSAN cluster versus simply expanding an existing vSAN cluster. This would allow for say, Performance-Focused VDI on vSAN to remain isolated in an independent cluster to minimize interference with other critical applications. See vSAN Cluster Design - Large Clusters Versus Small Clusters for more information.
- Stick with server form factors that offer the most flexibility for the future. Many customers find that Rack mounted 2U servers to be the most flexible and accommodating for future changes or requirements. While other form factors can be used, they often introduce additional design and operational challenges.
- Install vSphere/vSAN on persistent flash devices such as an SSD, M.2, U.2, or BOSS module. Using SD cards or USB sticks for the hypervisor was popular at one time, but that trend is fading away fast due to the questionable quality of those devices, and the lack of ability to assign persistent host logging to devices. For the best levels of reliability, stay away from SD cards and USB devices as the hypervisor installation target.
- Understand your disaster recovery (DR) requirements. Protecting important workflows and the big data they generate can be challenging. Planning for DR is about maintaining uptime and continuity in the event of a larger scale outage. Depending on the needs and size of an environment, one could use VMware Site Recovery Manager as a DR solution across company-owned sites, or in single site environments, using VMware Cloud Disaster Recovery to provide all business continuity requirements courtesy of the cloud, all using an easy SaaS-based, pay-as-you-go model.
The flexibility of vSAN means that you can use the same tool for several different purposes. For specialized, mission-critical solutions found in healthcare environments, eliminating a siloed set of hardware and software allows you to manage an environment using tools you already know. These solutions running on vSAN get to exploit this level of simplified operation and flexible management.
About the Author
Pete Koehler is a Staff Technical Marketing Architect focusing on vSAN at VMware, Inc. He specializes in enterprise architectures, performance, data center analytics, software-defined storage, and hyperconverged infrastructures. Pete provides more insight into the challenges of the data center at https://core.vmware.com/users/pete-koehler, vmpete.com, and can also be found on Twitter at @vmpete.