Vinayakvmwares.weebly.com
VMware
VMWARE VSPHERE CONCEPT
[pic]
Author: Vinayak Patil
Email ID: write2mevinayak@
Blogger:
Document Ref: V 6.0
[pic]
What is dvUplink groups?
dvUplink groups connect your vDS to the hidden switches that are contained in your ESXi hosts and then from there to the physical world. This allows you to control networking at the control plane on the vDS while the actual input/out (I/O) is still passing from host to host at the I/O plane.
Each host keeps its own network configuration in its hidden switch that is created when you add a ESXi host to a vDS. This ensures that the network will continue to function even if your vCenter server fails or is not available.
What is Switch Discovery Protocols (CDP/LLDP)? How to Enable?
Previous versions of vSphere supported Cisco Discovery Protocol (CDP), a protocol for exchanging information between network devices. However, it required using the command line to enable and configure CDP.
In vSphere 5.0, VMware added support for Link Layer Discovery Protocol (LLDP), an industry standardized form of CDP, and provided a location within the vSphere Client where CDP/LLDP support can be configured.
Once the ESXi hosts participating in this dvSwitch start exchanging discovery information, you can view that information from the physical switch(es). For example, on most Cisco switches the show cdp neighbor command will display information about CDP-enabled network devices, including ESXi hosts. Entries for ESXi hosts will include information on the physical NIC use and the vSwitch involved.
Which products are licensed features within the VMware vSphere suite?
Licensed features in the VMware vSphere suite are Virtual SMP, vMotion, Storage vMotion, vSphere DRS, vSphere HA, and vSphere FT.
Which two features of VMware ESXi and VMware vCenter Server together aim to reduce or eliminate downtime due to unplanned hardware failures?
vSphere HA and vSphere FT are designed to reduce (vSphere HA) and eliminate (vSphere FT) the downtime resulting from unplanned hardware failures.
Name three features that are supported only when using vCenter Server along with ESXi?
All of the following features are available only with vCenter Server: vSphere vMotion, Storage vMotion, vSphere DRS, Storage DRS, vSphere HA, vSphere FT, SIOC, and NetIOC.
Name two features that are supported without vCenter Server but with a licensed installation of ESXi?
Features that are supported by VMware ESXi without vCenter Server include core virtualization features like virtualized networking, virtualized storage, vSphere vSMP, and resource allocation controls.
Name two features that are supported without vCenter Server but with a licensed installation of ESXi?
Features that are supported by VMware ESXi without vCenter Server include core virtualization features like virtualized networking, virtualized storage, vSphere vSMP, and resource allocation controls.
What are the core services of vCenter server?
vCenter Server offers core services in the following areas:
( ESXi host management
( VM deployment
( VM management
( Resource management for ESXi hosts and VMs
( Template management
( Scheduled tasks
( Statistics and logging
( Alarms and event management
What are the minimum requirements of installing a vCenter server?
(( Two 64-bit CPUs or a single dual-core 64-bit CPU.
( 2 GHz processor or faster.
( 3 GB of RAM or more.
( 3 GB of free disk space.
(A network adapter (Gigabit Ethernet strongly recommended).
( A supported version of Windows (Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, or Windows Server 2008 R2); vCenter Server 5 requires a 64-bit version of Windows.
Without considering the separate database server for vCenter Server, VMware suggests a system configured with two CPU cores and 4 GB of RAM to support up to 50 ESXi hosts and 500 powered-on VMs. For environments up to 300 ESXi hosts and up to 3,000 powered-on VMs, VMware recommends four CPU cores and 8 GB of RAM. Finally, for environments scaling all the way up to 1,000 ESXi hosts and up to 10,000 powered-on VMs, vCenter Server should have eight CPU cores and 16 GB of RAM.
What are the databases supported by vCenter server?
( IBM DB2- 9.5, 9.7
( Oracle 10g R2-- 11g R1-- 11g R2
( Microsoft SQL Server 2008 R2 Express (bundled with vCenter Server)
( Microsoft SQL Server 2005- 2008
( Microsoft SQL Server 2008 R2
How do you protect vCenter server and make it highly available?
For protecting vCenter Server
vCenter Server Heartbeat:-
Standby vCenter server on physical system:-
Keep the standby vCenter Server system as a VM:-
For protecting Backend Darabase
Use Database Cluster:-
SQL log shipping to create a database replica on a separate server:-
Daily backup strategy:-
First> vCenter Server Heartbeat:-
It is a product available from VMware. Using vCenter Server Heartbeat will automate both the process of keeping the active and passive vCenter Server instances synchronized and the process of failing over from one to another (and back again).
[pic]
Second> Standby vCenter server:-
If the vCenter Server computer is a physical server, one way to provide availability is to create a standby vCenter Server system that you can turn on in the event of a failure of the online vCenter Server computer. After failure, you bring the standby server online and attach it to the existing SQL Server database, and then the hosts can be added to the new vCenter Server computer. In this approach, you’ll need to find mechanisms to keep the primary and secondary/standby vCenter Server systems synchronized with regard to filesystem content, configuration settings, and the roles and permissions stored in an Active Directory Application Mode (ADAM) instance.
[pic]
Third> keep the standby vCenter Server system as a VM:-
A variation on that approach is to keep the standby vCenter Server system as a VM. You can use physical-to-virtual (P2V) conversion tools to regularly “back up” the physical vCenter Server instance to a standby VM. This method reduces the amount of physical hardware required and leverages the P2V process as a way of keeping the two vCenter Servers synchronized. Obviously, this sort of approach is viable for a Windows Server–based installation on a physical system but not applicable to the virtual appliance version of vCenter Server.
Protecting Backend database server-
1ST) Database Cluster:- The heart of the vCenter Server content is stored in a backend database. Any good disaster-recovery or business-continuity plan must also include instructions on how to handle data loss or corruption in the backend database, and the separate database server (if running on a separate physical computer or in a separate VM) should be designed and deployed in a resilient and highly available fashion. This is especially true in larger environments. You can configure the backend database on a cluster.
[pic]
2ND) SQL log shipping to create a database replica:-
Other options might include using SQL log shipping to create a database replica on a separate system.
3RD) Daily backup strategy:-
You should strengthen your database backup strategy to support easy recovery in the event of data loss or corruption. Using the native SQL Server tools, you can create a backup strategy that combines full, differential, and transaction log backups. This strategy allows you to restore data up to the minute when the loss or corruption occurred.
In what situation you need a separate database server for vCenter?
If your environment will be small (a single vCenter Server with fewer than five hosts (5) or fewer than 50 VMs), then using the bundled SQL Server 2008 Express is acceptable. Otherwise you should use a separate supported backend database server for vCenter server.
What is "Simple Recovery" model and what is "Full Recovery" model?
If your SQL Server database is configured for the Simple recovery model, the installer suggests reconfiguring the vCenter Server database into the Simple recovery model. What the warning does not tell you is that doing this means that you will lose the ability to back up transaction logs for the vCenter Server database. If you leave the database set to Full recovery, be sure to work with the database administrator to routinely back up and truncate the transaction logs. By having transaction log backups from a database in Full recovery, you have the option to restore to an exact point in time when any type of data corruption occurs. If you alter the recovery model to simple recovery model as suggested, be sure you are making consistent full backups of the database, but understand that you will be able to recover only to the point of the last full backup because transaction logs will not be available..
What is vCenter server Linked Mode Group?
Multiple instances of vCenter Server that share information among themselves are referred to as a "linked mode group".
If you need more ESXi hosts or more VMs than a single vCenter Server
instance can handle, or if for whatever other reason you need more than one instance of vCenter Server, you can install multiple instances of vCenter Server and have those instances share inventory and configuration information for a centralized view of all the virtualized resources across the enterprise.
In a linked mode environment, there are multiple vCenter Server instances, and each of the instances has its own set of hosts, clusters, and VMs. However, when a user logs into a vCenter Server instance using the vSphere Client, that user sees all the vCenter Server instances where he or she has permissions assigned. This allows a user to perform actions on any ESXi host managed by any vCenter Server within the linked mode group.
vCenter Server linked mode uses Microsoft ADAM to replicate information between the instances. The replicated information includes the following:
( Connection information (IP addresses and ports)
( Certificates and thumbprints
( Licensing information
( User roles and permissions
In a linked mode environment, the vSphere Client shows all the vCenter Server instances for which a user has permission
What are the prerequisites of installing vCenter server in a linked mode group?
Before you install additional vCenter Server instances, you must verify the following prerequisites:-
a) Member of same domain or a trusted domain:-
b) DNS name must match with the server name:-
c) Cannot be DC or Terminal server:-
d) Cannot combine with earlier vCenter versions:-
e) Must have its own backend database:-
( Member of same domain or a trusted domain:-All computers that will run vCenter Server in a linked mode group must be members of the same domain. The vCenter servers can exist in different domains only if a two-way trust relationship exists between the domains.
( DNS name must match with the server name:- DNS must be operational. Also, the DNS name of the servers must match the server name.
( Cannot be DC or Terminal server:-The servers that will run vCenter Server cannot be Domain Controllers or Terminal servers.
( Cannot combine with earlier vCenter versions:- You cannot combine vCenter Server 5 instances in a linked mode group with earlier versions of vCenter Server like vCenter 4X.
( Must have its own backend database:- Each vCenter Server instance must have its own backend database, and each database must be configured as outlined earlier with the correct permissions. The databases can all reside on the same database server, or each database can reside on its own database server.
What is host profile?
A host profile is essentially a collection of all the various configuration settings for an ESXi host. This includes settings such as NIC assignments, virtual switches, storage configuration, date and time, and more. By attaching a host profile to an ESXi host, you can then compare the compliance of that host with the settings outlined in the host profile. If the host is compliant, then you know its settings are the same as the settings in the host profile. If the host is not compliant, then you can enforce the settings in the host profile to make it compliant. This provides administrators with a way not only to verify consistent settings across ESXi hosts but also to quickly and easily apply settings to new ESXi hosts.
To create a new profile, you must either create one from an existing host or import a profile that was already created somewhere else. Creating a new profile from an existing host requires only that you select the reference host for the new profile. vCenter Server will then compile the host profile based on that host’s configuration.
Host profiles don’t do anything until they are attached to ESXi hosts. So attach the host profile to the new ESXi host. Then Check Compliance with the host. If an ESXi host is found noncompliant with the settings in a host profile, you can then place the host in maintenance mode and apply the host profile. When you apply the host profile, the settings found in the host profile are enforced on that ESXi host to bring it into compliance.
What are the ways a VM can handle optical media?
X. Client Devices CD/DVD
Y. Host Devices CD/DVD
Z. Datastore ISO File
Client Device:- This option allows an optical drive local to the computer running the vSphere Client to be mapped into the VM. For example, if you are using the vSphere Client on your corporate-issued HP laptop, you have the option of simply inserting a CD/DVD into your local optical drive and mapping that into the VM with this option.
Host Device:- This option maps the ESXi host’s optical drive into the VM. VMware administrators would have to insert the CD/DVD into the server’s optical drive in order for the VM to have access to the disk.
Datastore ISO File:- This last option maps an ISO image stored in to your connected datastore into the VM. Although using an ISO image typically requires an additional step—creating the ISO image from the physical disk—more and more software is being distributed as an ISO image that can be leveraged directly from within your vSphere environment.
What are the advantages of installing VMware tools?
( Optimized SCSI driver
( Enhanced video and mouse drivers
( VM heartbeat (HA)
( VM quiescing for snapshots and backups
( Enhanced memory management (Memory Ballooning etc.)
(VM focus- VMware Tools also helps streamline and automate the management of VM focus, so that you are able to move into and out of VM consoles easily and seamlessly without having to constantly use the Ctrl+Alt keyboard command
vSphere Standard Switch:- A software-based switch that resides in the VMkernel and provides traffic management for VMs. Users must manage vSwitches independently on each ESXi host.
vSphere Distributed Switch:- A software-based switch that resides in the VMkernel and provides traffic management for VMs and the VMkernel. Distributed vSwitches are shared by and managed across entire clusters of ESXi hosts. You might see vSphere Distributed Switch abbreviated as vDS or dvSwitch
Understanding Ports and Port Groups:-
A vSwitch allows several different types of communication, including communication to and from the VMkernel and between VMs. To help distinguish between these different types of communication, ESXi uses ports and port groups.
A vSwitch without any ports or port groups is like a physical switch that has no physical ports; there is no way to connect anything to the switch, and it is, therefore, useless.
Port groups differentiate between the types of traffic passing through a vSwitch, and they also operate as a boundary for communication and/or security policy configuration. Two Types or port group and ports are available:-
( VMkernel port
( VM port group
On a vSphere Distributed Switch, these are called dvPort groups.
[pic]
[pic]
VMkernel Port:- A specialized virtual switch port type that is configured with an IP address to allow vMotion, iSCSI storage access, network attached storage (NAS) or Network File System (NFS) access, or vSphere Fault Tolerance (FT) logging. Now that if vSphere 5 includes only VMware ESXi hosts, a VMkernel port also provides management connectivity for managing the host. A VMkernel port is also referred to as a vmknic.
VM Port Group:- A group of virtual switch ports that share a common configuration and allow VMs to access other VMs or the physical network.
Virtual LAN:- A logical LAN configured on a virtual or physical switch that provides efficient traffic segmentation, broadcast control, security, and efficient bandwidth utilization by providing traffic only to the switch ports those are configured for that particular virtual LAN (VLAN).
What can be connected by a virtual Vswitch?
( Between VMs within an ESXi host
( Between VMs on different ESXi hosts
( Between VMs and physical machines on the network
( For VMkernel, access to networks for vMotion, iSCSI, NFS, or Fault Tolerance Logging (and management on ESXi)
What are the no of default port on a virtual switch?
By default, every virtual switch is created with 128 ports. However, only 120 of the ports are available, and only 120 are displayed when looking at a vSwitch configuration through the vSphere Client. Reviewing a vSwitch configuration
via the vicfg-vswitch command shows the entire 128 ports. The 8-port difference is attributed to the fact that the VMkernel reserves 8 ports for its own use.
After a virtual switch is created, you can adjust the number of ports to 8, 24, 56, 120, 248, 504, 1016, 2040, or 4088. These are the values that are reflected in the vSphere Client. But, as noted, there are 8 ports reserved, and therefore the command line will show 16, 32, 64, 128, 256, 512, 1024, 2048, and 4096 ports for virtual switches. Changing the number of ports in a virtual switch requires a reboot of the ESXi host on which the vSwitch was altered.
Similarities and dissimilarities between a physical switch and virtual switch?
imilarities :- Similar to physical switches:
A vSwitch functions at Layer 2,
Maintains MAC address tables,
Forwards frames to other switch ports based on the MAC address,
Supports VLAN configurations,
Is capable of trunking by using IEEE 802.1q VLAN tags,
Capable of establishing port channels.
vSwitches are configured with a specific number of ports.
Dissimilarities:- Dissimilar to physical switches:
( vSwitches, are not managed switches and do not provide all the advanced features that many new physical switches provide.
( You cannot, for example, telnet into a vSwitch to modify settings.
There is no command-line interface (CLI) for a vSwitch, apart from the vSphere CLI commands such as vicfg-vswitch.
( A vSwitch authoritatively knows the MAC addresses of the VMs connected to that vSwitch, so there is no need to learn MAC addresses from the network.
( Traffic received by a vSwitch on one uplink is never forwarded out to another uplink. This is yet another reason why vSwitches do not run STP (Spanning Tree Protocol).
( A vSwitch does not need to perform Internet Group Management Protocol (IGMP) snooping because it knows the multicast interests of the VMs attached to that vSwitch.
What is Spanning Tree Protocol (STP)?
In physical switches, Spanning Tree Protocol (STP) offers redundancy for paths and prevents loops in the network topology by locking redundant paths in a standby state. Only when a path is no longer available will STP activate the standby path.
What is Uplinks? What are its limit?
Although a vSwitch provides for communication between VMs connected to the vSwitch, it cannot communicate with the physical network without uplinks. Just as a physical switch must be connected to other switches in order to provide communication across the network, vSwitches must be connected to the ESXi host’s physical NICs as uplinks in order to communicate with the rest of the network.
Although a single vSwitch can be associated with multiple physical adapters as in a NIC team, a single physical adapter cannot be associated with multiple vSwitches. ESXi hosts can have up to
32 e1000 network adapters,
32 Broadcom TG3 Gigabit Ethernet network ports,
or 16 Broadcom BNX2 Gigabit Ethernet network ports.
ESXi hosts support up to 4 Ten-Gigabit Ethernet adapters.
How many virtual network adapter types are available in VMware 5.X?
vmxnet Adapter A virtualized network adapter operating inside a guest operating system (guest OS). The vmxnet adapter is a high-performance, 1 Gbps virtual network adapter that operates only if the VMware Tools have been installed. The vmxnet adapter is sometimes referred to as a paravirtualized driver. The vmxnet adapter is identified as Flexible in the VM properties.
vlance Adapter A virtualized network adapter operating inside a guest OS. The vlance adapter is a 10/100 Mbps network adapter that is widely compatible with a range of operating systems and is the default adapter used until the VMware Tools installation is completed.
e1000 Adapter A virtualized network adapter that emulates the Intel e1000 network adapter. The Intel e1000 is a 1 Gbps network adapter. The e1000 network adapter is the most common in 64-bit VMs.
What is Trunk port?
Trunk Port (Trunking):- A port on a physical switch that listens for and knows how to pass traffic for multiple VLANs. It does this by maintaining the VLAN tags for traffic moving through the trunk port to the connected device(s). Trunk ports are typically used for switch-to-switch connections and to allow VLANs to pass freely between switches. One physical switch ports must be configured as trunk ports in order to pass the VLAN information to the ESXi hosts for the port groups to use. When the physical switch ports are correctly configured as trunk ports, the physical switch passes the VLAN tags up to the ESXi server, where the vSwitch tries to direct the traffic to a port group with that VLAN ID configured. If there is no port group configured with that VLAN ID, the traffic is discarded.
Is VLAN necessary for ESXI environment?
Virtual switches in the VMkernel do not need VLANs if an ESXi host has enough physical network adapters to connect to each of the different network segments available. However, VLANs provide added flexibility in adapting to future network changes, so where possible, using of VLANs is recommended.
What is Access port?
Access Port:- A port on a physical switch that passes traffic for only a single VLAN segment. Unlike a trunk port, which maintains the VLAN tagging or identification information for traffic moving through the port, an access port strips away the VLAN information for traffic moving through the port.
What Is Native VLAN?
You might notice the switchport trunk native vlan 999 command. The default native VLAN is VLAN ID 1. If you need to pass traffic on VLAN 1 to the ESXi hosts, you should designate another VLAN as the native VLAN using this command. I recommend creating a dummy VLAN, like 999, and setting that as the native VLAN. This ensures that all VLANs will be tagged with the VLAN ID as they pass into the ESXi hosts.
What Is NIC teaming?
Network Interface Card Team:- The aggregation of physical network interface cards (NICs) to form a single logical communication channel. Different types of NIC teams provide varying levels of traffic load balancing and fault tolerance.
Building a functional NIC team requires that all uplinks be connected to physical switches in the same broadcast domain. If VLANs are used, then all the switches should be configured for VLAN trunking, and the appropriate subset of VLANs must be allowed across the VLAN trunk
Why NIC teaming Necessary?
With the uplink connected to the physical network, there is connectivity for the VMkernel and the VMs connected to that vSwitch. But what happens when that physical network adapter fails, when the cable connecting that uplink to the physical network fails, or the upstream physical switch to which that uplink is connected fails? With a single uplink, network connectivity to the entire vSwitch and all of its ports or port groups is lost. This is where NIC teaming comes in. NIC teaming involves connecting multiple physical network adapters or uplinks to a single vSwitch. NIC teaming provides redundancy and load balancing of network communications to the VMkernel and VMs.
***Remember that without NIC teaming you can connect a physical NIC to only one vSwitch at a time
What are the policies and configurations of vSS and how policy inheritance works?
Policies are configuration settings that enable you to customize your switches and port groups with regard to traffic control, security, NIC teaming and so on. In general, you can set a policy that applies to a larger network object and then “tweak” the policy to establish new settings for a smaller network object within the larger network object. The biggest difference between how this applies to vSSs versus vDSs is the network objects that are used for the large and small configurations. With regard to vSSs, policies can be set at the switch level or they can be set at the port group level. Policies that are set at the switch level will apply to all of the ports on the switch, unless overridden by policies set at the port group level. In other words, policies that are set at the port group level override any policies that are set at the switch level. This allows you to get the “best of both worlds.” For example, you could set strong security policies for the switch, but then allow a “weakening” of the security policies on one port group to be used for testing and development.
There are three main polices for vSSs:
■ Security
■ Traffic shaping
■ NIC teaming
What are problems of each NIC Team Load Balancing?
vSwitch port-based load balancing problems:-
The vSwitch port-based policy is best used when the number of virtual network adapters is greater than the number of physical network adapters. In the case where there are fewer virtual network adapters than physical adapters, some physical adapters will not be used. For example, if five VMs are connected to a vSwitch with six uplinks, only five vSwitch ports will be assigned to exactly five uplinks, leaving one uplink with no traffic to process.
Source MAC-based load balancing Problems:-
Like the vSwitch port-based policy, the source MAC-based policy is
best used when the number of virtual network adapters exceeds the number of physical network adapters. In addition, VMs are still not capable of using multiple physical adapters unless configured with multiple virtual network adapters. Multiple virtual network adapters inside the guest OS of a VM will provide multiple source MAC addresses and therefore offer an opportunity to use multiple physical network adapters.
IP hash-based load-balancing problems:-
Although the IP hash-based load-balancing policy can more evenly spread the transfer traffic for a single VM, it does not provide a benefit for large data transfers occurring between the same source and destination systems. Because the source-destination hash will be the same for the duration of the data load, it will flow through only a single physical network adapter.
What is Failover Detection procedure of NIC teaming?
Failover detection with NIC teaming can be configured to use either a link status method or a beacon-probing method.
The link status failover detection method:-
The link status failover-detection method works just as the name suggests. Failure of an uplink is identified by the link status provided by the physical network adapter. In this case, failure is identified for events like removed cables or power failures on a physical switch. The downside to the link status failover-detection setting is its inability to identify miss configurations or pulled cables that connect the switch to other networking devices (for example, a cable connecting one switch to an upstream switch.)
Beacon-Probing Failover detection method:-
Consider a vSwitch with a NIC team consisting of three physical network adapters, where each adapter is connected to a different physical switch and each physical switch is connected to a single physical switch, which is then connected to an upstream switch. When the NIC team is set to the beacon-probing failover-detection method, a beacon will be sent out over all three uplinks.
ESXi/ESX periodically broadcasts beacon packets from all uplinks in a team. The physical switches expected to forward all packets to other ports on the same broadcast domain. Therefore, a team member is expected to see beacon packets from other team members. If an uplink fails to receive three consecutive beacon packets, it is marked as bad. The failure can be due to the immediate link or a downstream link.
Beaconing is most useful with three or more uplinks in a team because ESXi/ESX can detect failures of a single uplink. When there are only two NICs in service and one of them loses connectivity, it is unclear which NIC needs to be taken out of service because both do not receive beacons and as a result all packets sent to both uplinks
After a failure is detected, either via link status or beacon probing, a failover will occur. Traffic from any VMs or VMkernel ports is rerouted to another member of the NIC team. Exactly which member that might be, though, depends primarily on the configured failover order.
What is Failback procedure of NIC teaming?
Failback Procedure:-
The Failback option controls how ESXi will handle a failed network adapter when it recovers from failure. The default setting, indicates the adapter will be returned to active duty immediately upon recovery, and it will replace any standby adapter that may have taken its place during the failure. Setting Failback to No means that the recovered adapter remains inactive until another adapter fails, triggering the replacement of the newly failed.
What are Vswitch Configuration Item Maximum?
Configuration Item Maximum:
|Number of vSwitches |248 |
|Ports per vSwitch |4,088 |
|Maximum ports per host (vSS/vDS) |4,096 |
|Port groups per vSwitch |256 |
|Uplinks per vSwitch |32 |
|Number of VMkernel NICs |16 |
|Maximum active ports per host (vSS/vDS) |1,016 |
Why "Traffic Shaping" is required?
By default, all virtual network adapters connected to a vSwitch have access to the full amount of bandwidth on the physical network adapter with which the vSwitch is associated. In other words, if a vSwitch is assigned a 1 Gbps network adapter, then each VM configured to use the vSwitch has access to 1 Gbps of bandwidth. Naturally, if contention becomes a bottleneck hindering VM performance, it is possible to enable and to configure traffic shaping. Traffic shaping involves the establishment of hard-coded limits for peak bandwidth, average bandwidth, and burst size to reduce a VM’s outbound bandwidth capability.
Remember that Traffic shaping policy is applied to the traffic of each virtual network adapter attached to the vSphare standard switch.
VM Virtual Network Adapter vSwitch Traffic Shaping Physical Adapter
Use traffic shaping as a last resort:-
Traffic shaping should be reserved for situations where VMs are competing for bandwidth and the opportunity to add physical network adapters is removed by limitations in the expansion slots on the physical chassis. With the low cost of network adapters, it is more worthwhile to spend time building vSwitch devices with NIC teams as opposed to cutting the bandwidth available to a set of VMs.
What is peak bandwidth, average bandwidth, and burst size in Traffic shaping policy?
The Peak Bandwidth value and the Average Bandwidth value are
specified in kilobits per second, and the Burst Size value is configured in units of kilobytes.
The value entered for the Average Bandwidth dictates the data transfer per second across the virtual vSwitch. The Peak Bandwidth value identifies the maximum amount of bandwidth a vSwitch can pass without dropping packets. Finally, the Burst Size value defines the maximum amount of data included in a burst. The burst size is a calculation of bandwidth multiplied by time. During periods of high utilization, if a burst exceeds the configured value, packets are dropped in favor of other traffic; however, if the queue for network traffic processing is not full, the packets are retained for transmission at a later time.
What are the primary ways to deploy ESXI?
ESXi Host Deployment
What are the primary ways to deploy ESXI?
You can deploy ESXi through 1.>ESXi installable or 2.> ESXi embedded.
Esxi Installation
ESXi Installable ESXi Embedded
----------------------------------------------
Interactive Installation
Unattended (Scripted Installation of ESXi)
Stateless Provisioning or Autodeploy
ESXi Installable:-
There are three primary ways to deploy through ESXi installable:
( Interactive installation of ESXi
This is done by using optical drive. Installation destination can be on Local device, SAN LUN, or USB?
( Unattended (scripted) installation of ESXi
ESXi supports the use of an installation script (often referred to as a kickstart script) that automates the installation routine. By using an installation script, users can create unattended installation routines that make it easy to quickly deploy multiple instances of ESXi.
ESXi comes with a default installation script on the installation media. If you want to use this default install script to install ESXi, you can specify it when booting the VMware ESXi installer by adding the ks= boot option.
Specifying the location of the installation script as a boot option is not only how you would tell the installer to use the default script but also how you tell the installer to use a custom installation script that you’ve created. This installation script can be located on a USB flash drive or in a network location accessible via NFS, HTTP, HTTPS, or FTP. Some example are
ks=cdrom:/path =>Uses the installation script found at path on the CD-ROM. The installer will check all CD-ROM drives until the file matching the specified path is found.
ks=usb:/path => Uses the installation script at the specified path on an attached USB device. This allows you to use a different filename or location for the installation script.
ks=protocol:/serverpath=> Uses the installation script found at the specified network location. The protocol can be NFS,HTTP, HTTPS, or FTP.
( Stateless provisioning of ESXi (Auto Deploy)
When you deploy ESXi using vSphere Auto Deploy, you aren’t actually installing ESXi. Instead of actually installing ESXi onto a local disk or a SAN boot LUN, you are instead building an environment where ESXi is directly loaded into memory on a physical host as it boots. vSphere Auto Deploy uses a set of rules (called deployment rules) to control which hosts are assigned a particular ESXi image (called an image profile). Because ESXi isn’t actually installed on the local disks, this means that deploying a new ESXi image is as simple as modifying the deployment rule to point that physical host to a new image profile and then rebooting. When the host boots up, it will receive a new image profile.
There are several steps you have to accomplish before you’re ready to actually deploy ESXi in this fashion:
1. vSphere Auto Deploy server:- You must set up a vSphere Auto Deploy server. This is the server that stores the image profiles.
2. Trivial File Transfer Protocol (TFTP) server:- You must set up and configure a Trivial File Transfer Protocol (TFTP) server on your network.
3. DHCP server:- You must configure a DHCP server on your network to pass the correct information to hosts booting up.
4. Image profile:- You must create an image profile using PowerCLI.
5. Create a deployment rule:- Still using PowerCLI, you must create a deployment rule that assigns the image profile to a particular subset of hosts.
The Auto Deploy server also has the ability to automatically join the ESXi host to vCenter Server and assign a host profile.
ESXI Embedded:-
When you purchase a system with ESXi Embedded, you only need to rack the server, connect the networking cables, and power on. The ESXi Embedded on the persistent storage will obtain an IP address from a DHCP server to provide immediate access via the console, vSphere Client, or vCenter Server.
The server set to run ESXi Embedded must be configured to boot from the appropriate device. Although ESXi Embedded is intended for use by OEMs, it’s possible to create your own “ESXi Embedded” edition by putting ESXi (the Installable version) onto a USB drive and then booting from this USB drive. This is a great way to test ESXi, but keep in mind that VMware might not support this sort of configuration.
List two ways by which you can install the vSphere Client?
Two ways are by downloading it from the (i) ‘Welcome To vSphere’ web page on a vCenter Server instance or by installing it from the (ii) vCenter Server installation media. You can also download the vSphere Client from VMware’s website.
Name three areas of networking that must be considered in a vSphere design?
Among other things, networking areas that must be considered include VLAN support, Link aggregation, Network speed (1 Gbps or 10 Gbps), Load-balancing algorithms, and the number of NICs and network ports required.
Your manager asks you to provide him with a copy of the unattended installation script that you will be using when you roll out ESXi using vSphere Auto Deploy. Is this something you can give him?
No. When using vSphere Auto Deploy, there is no installation script. The vSphere Auto Deploy server streams an ESXi image to the physical host as it boots up. Redeployment of an ESXi host with vSphere Auto Deploy can be as simple as a reboot.
Name two advantages and two disadvantages of using vSphere Auto Deploy to provision ESXi hosts?
Some advantages include fast provisioning, fast re-provisioning, and the ability to quickly incorporate new ESXi images or updates into the provisioning process. Some disadvantages include additional complexity and the need for additional configurations to address the stateless nature of the deployment.
You’ve installed ESXi on your server, but the welcome web page is inaccessible, and the server doesn’t respond to a ping. What could be the problem?
More than likely, the wrong NIC was selected for use with the management network. You’ll need to use the Direct Console User Interface (DCUI) directly at the physical console of the ESXi host in order to reconfigure the management network and restore network connectivity.
What are post-installation configuration task of of ESXi?
Checking management network is working properly or not? if the wrong NIC is assigned to the management network, then the server won’t be accessible across the network. You’ll also need to configure time synchronization.
Why time synchronization is necessary after successful ESXi installation? How do you configure time synchronization?
Time synchronization in ESXi is an important configuration because the ramifications of incorrect time run deep. While ensuring that ESXi has the correct time seems trivial, time-synchronization issues can affect features such as (i) Performance Charting; (ii) SSH key expirations, (iii) NFS access, (iv) Backup jobs, (v) Authentication, and more.
After the installation of ESXi Installable or during an unattended installation of ESXi using an installation script, the host should be configured to perform time synchronization with a reliable time source. This source could be another server on your network or a time source located on the Internet.
For the sake of managing time synchronization, it is easiest to synchronize all your servers against one reliable internal time server and then synchronize the internal time server with a reliable Internet time server. ESXi provides a Network Time Protocol (NTP) implementation to provide this functionality.
How do you configure time synchronization?
A) Make a windows server a reliable internal time server and synchronize it with one internet time source
1. Use the Group Policy Object editor to navigate to Administrative Templates → System → Windows Time Service → Time Providers.
2. Enable the Enable Windows NTP Server Group Policy option.
3. Navigate to Administrative Templates → System → Windows Time Service.
4. Double-click the Global Configuration Settings option, and select the Enabled radio button.
5. Set the AnnounceFlags option to 4.
6. Click the OK button.
B)Software => Time configuration=>NTP client enable=> Put windows server IP C)Open port 123 for NTPD demon in Esxi firewall.
Describe Reservation Limit and share?
Reservations:- Reservations serve to act as guarantees of a particular resource. Reservations guarantee memory for a particular VM. Memory isn’t allocated until requested by the VM, but the host must have enough free memory to satisfy the entire reservation before the VM can be powered on. Therefore— you cannot reserve more memory than the host physically has installed. Once allocated to a VM, reserved memory is not shared, swapped, or reclaimed by the ESXi host. It is locked for that VM.
Limits:- Limits are, quite simply, a way to restrict the amount of a given resource that a VM can use. Limits enforce an upper ceiling on the usage of memory. Limits are enforced using the balloon driver (if VMware Tools are installed) and — depending on the VM’s working set size — could have a dramatic negative impact on performance. As the VM approaches the
limit (a limit of which the guest OS is not aware), the balloon driver will inflate to keep VM memory usage under the limit. This will cause the guest OS to swap out to disk, which will typically degrade performance noticeably.
Shares:- Shares serve to establish priority. Shares apply only during periods of host RAM contention and serve to establish prioritized access to host RAM. VMs have granted priority based on percentage of shares allocated versus total shares granted. During periods when the host is not experiencing memory contention, shares do not apply and will not affect memory allocation or usage.
Reservation-guaranted resource,
Limit-Upper lmit of given resource,
Share-Prioritize resource access
What is VMkarnel swap?
ESXi attempts to provide each VM with all the memory it requests, up to the maximum amount configured for that VM. Obviously, a VM configured with only 4,096 MB of RAM cannot request more than 4,096 MB of RAM. However, when an ESXi host doesn’t have enough RAM available to satisfy the memory needs of the VMs it is hosting and when other technologies such as transparent page sharing, the balloon driver, and memory compression aren’t enough, then VMkernel is forced to page some of each VM’s memory out to the individual VM’s VMkernel swap file.
VMkarnel swap:-
VMkernel swap is actually the hypervisor swapping mechanism. VMkernel swap is implemented as a file with a .vswp extension that is created when a VM is powered on. These per-VM swap files created by the VMkernel reside, by default, in the same datastore location as the VM’s configuration file (.VMX) and virtual disk files (.VMDK) (although you do have the option of relocating the VMkernel swap).
In the absence of a memory reservation — the default configuration — this file will be equal in size to the amount of RAM configured for the VM. Thus, a VM configured for 4 GB of RAM will have a VMkernel swap file that is also 4 GB in size and stored, by default, in the same location as the VM’s configuration and virtual disk files.
In theory, this means a VM could get its memory allocation entirely from Hypervisor's physical memory or VMkernel swap ie. from disk. If VMkarnel swap memory is assigned then some performance degradation for VM is obvious because disk access time is several orders of magnitude slower than RAM access time.
What is LIMIT? What are its impact on guest OS?
It sets the actual limit on how much physical RAM may be utilized by that VM.
The key problem with the use of memory limits is that they are enforced without any guest OS awareness. If you have a VM configured for 4 GB of RAM, the guest OS inside that VM is going to think it has 4 GB of RAM with which to work, and it will behave accordingly. If you then place a 2 GB limit on that VM, the VMkernel will enforce that the VM only use 2 GB of RAM. Fine —but it will do so without the knowledge or cooperation of the guest OS inside that VM. The guest OS will continue to behave as if it has 4 GB of RAM, completely unaware of the limit that has been placed on it by the hypervisor. If the working set size of the guest OS and the applications running in it exceeds the memory limit, setting a memory limit will have a significant impact on the performance of the VM because the result is that the guest OS will constantly be forced to swap pages to disk (guest OS swapping, not hypervisor swapping).
[pic]
Why use memory limit?
However, there are times when you might need to use memory limits as a temporary measure to reduce physical memory usage in your ESXi hosts. Perhaps you need to perform maintenance on an ESXi host that is part of a cluster. You plan to use vMotion to migrate VMs to other hosts during the maintenance window, and you want to temporarily push down memory usage on less-important VMs so that you don’t overcommit memory too heavily and negatively impact lots of VMs. Limits would help in this situation.
In general, then, you should consider memory limits a temporary stop-gap measure when you need to reduce physical memory usage on an ESXi host and a negative impact to performance is acceptable. You wouldn’t, generally speaking, want to overprovision a VM with RAM and constrain memory usage with a limit on a long-term basis. In that scenario, the VM will typically perform very poorly and would actually perform better with less RAM configured and no limit.
CPU Utilization
Like shares, reservations, and limits, what is the fourth option available for managing CPU utilization?
CPU affinity. CPU affinity allows an administrator to statically associate a VM to a specific physical CPU core. CPU affinity is generally not recommended; it has a list of rather significant drawbacks:
( CPU affinity breaks vMotion.
( Because vMotion is broken, you cannot use CPU affinities in a cluster where vSphere DRS isn’t set to Manual operation.
( The hypervisor is unable to load-balance the VM across all the processing cores in the server. This prevents the hypervisor’s scheduling engine from making the most efficient use of the host’s resources.
Remember:- We use CPU Reservation, Limit and Share to control CPU clock cycle allocation (Core speed).
What is the difference between Memory Reservation and CPU Reservation?
CPU Reservation behaves like a Memory Reservation except in one situation. A CPU Reservation is very different than a Memory Reservation when it comes to “sharing” reserved CPU cycles. Reserved Memory, once allocated to the VM, is never reclaimed, paged out to disk, or shared in any way. The same is not true of CPU Reservations.
Suppose you have a VM, creatively named VM1 that has a CPU Reservation of 1,024 MHz’s. If VM1 is idle and not using its reserved CPU cycles, those cycles can be given to VM2. If VM1 suddenly needs cycles, VM2 doesn’t get them anymore, and they are assigned to VM1.
The ESXI host has two idle VMs running. The shares are set at the defaults for the running VMs. Will the Shares values have any effect in this scenario?
No. There’s no competition between VMs for CPU time because both are idle. Share comes in to play in time of resource contention.
The ESX host with dual, single-core, 3 GHz CPUs has two equally busy VMs running (both requesting maximum CPU capacity). The shares are set at the defaults for the running VMs. Will the Shares values have any effect in this scenario?
No. Again, there’s no competition between VMs for CPU time, this time because each VM is serviced by a different core in the host.
Remembar:-CPU Affinity Not Available with Fully Automatic DRS enabled Clusters.
If you are using a VSphere Distributed Resource Scheduler–enabled cluster configured in fully automated mode, CPU affinity cannot be set for VMs in that cluster. You must configure the cluster for manual or partially automated mode
in order to use CPU affinity.
Describe CPU Reservation, Limit and Share?
( Reservations set on CPU cycles provide guaranteed processing power for VMs. Unlike memory, reserved CPU cycles can and will be used by ESXi to service other requests when needed. As with memory, the ESXi host must have enough real, physical CPU capacity to satisfy a reservation in order to power on a VM. Therefore, you cannot reserve more CPU cycles than the host is actually capable of delivering.
( Limits on CPU usage simply prevent a VM from gaining access to additional CPU cycles even if CPU cycles are available to use. Even if the host has plenty of CPU processing power available to use, a VM with a CPU limit will not be permitted to use more CPU cycles than specified in the limit. Depending on the guest OS and the applications, this might or might not have an adverse effect on performance.
( Shares are used to determine CPU allocation when the ESXi host is experiencing CPU contention. Like memory, shares grant CPU access on a percentage basis calculated on the number of shares granted out of the total number of shares assigned. This means that the percentage of CPU cycles granted to a VM based on its Shares value is always relative to the number of other VMs and the total number of shares granted, and it is not an absolute value.
[pic]
What is Resource Pool? Why it is required?
Managing resource allocation and usage for large numbers of VMs creates too much administrative overhead. Resource Pools provide a mechanism for administrators to apply resource allocation policies to groups of VMs all at the same time.
Resource pool basically is a special type of container object, much like a folder, mainly used to group VM's with similar resource allocation needs. It use reservations, limits, and shares to control and modify resource allocation behavior, but only for memory and CPU.
[pic]
What is Expandable Reservation in resource Pool?
A Resource Pool provides resources to its child objects. A child object can either be a virtual machine or a resource pool. This is what called the parent-child relationship. If a resource pool (A), contains a resource pool (B), which contains a resource pool (C), then C is the child of B. B is the parent of C, but is the child of A, A is the parent of B. There is no terminology for the relation A-C as A only provides resource to B, it does not care if B provide any resource to C. [see pic1]
But what happens if the resource pool runs out of protected resources? Or is not configured with a reservation at all? In other words, If the child objects in the resource pool are configured with reservations that exceeds the reservation set on the resource pool, the resource pool needs to request protected resources from its parent. This can only be done if expandable reservation is enabled.
Please note that the resource pool request protected resources from its parent resource pool, it will not accept resources that are not protected by a reservation.
[pic]
In the picture2 example, If resource pool B does not have any protected resources available to fulfill resource pool C's request then, it can request these protected resources from its parent. This can only occur when the resource pool is configured with expandable reservation enabled. The last stop in the cluster is the cluster itself. What can stop this river of requests? Two things, the request for protected resources is stopped by a resource limit or by a disabled expandable reservation. If a resource pool has expandable reservation disabled, it will try to satisfy the reservation itself, if it’s unable to do so, it will deny the reservation request. If a resource pool is set with a limit, the resource pool is limited to that amount of physical resources.
What are the storage option available for a ESXi host?
An ESXi host can have one or more storage options actively configured, including the following:
✓ Local SAS/SATA/SCSI storage
✓ Fibre Channel
✓ Fibre Channel over Ethernet (FCoE)
✓ iSCSI using software and hardware initiators
✓ ( NAS [Network Access Storage] (specifically, NFS [Network File System] )
✓ ( InfiniBand
Do we need Local Storage in vSphare ESXi host? How we will manage diskless configurations?
✓ Boot from SAN
✓ Boot from USB
✓ Auto deploy
What are the components of a Storage Array?
The elements that make up a shared storage array consist of external connectivity, storage processors, array software, cache memory, disks, and bandwidth:
External Connectivity:- The external (physical) connectivity between the storage array and the hosts (in this case, the ESXi hosts) is generally Fibre Channel or Ethernet, though InfiniBand and other rare protocols exist. The characteristics of this connectivity define the maximum bandwidth (given no other constraints, and there usually are other
constraints) of the communication between the ESXi host and the shared storage array.
Storage Processors:- Different vendors have different names for storage processors, which are considered the brains of the array. They handle the I/O and run the array software.
Array Software:- Although hardware specifications are important and can define the scaling limits of the array, just as important are the functional capabilities that the array software provides. The array software is at least as important as the array hardware. The capabilities of modern storage arrays are vast—
Cache Memory:- Every array differs as to how cache memory is implemented, but all have some degree of nonvolatile memory used for various caching functions—delivering lower latency and higher IOps throughput by buffering I/O using write caches and storing commonly read data to deliver a faster response time using read caches.
Disks: Arrays differ as to which type of disks (often called 'spindles') they support and how many they can scale to support. Drives are described according to two different attributes. First, drives are often separated by the drive interface they use: Fibre Channel, serial-attached SCSI (SAS), and serial ATA (SATA). In addition, drives—with the exception of enterprise flash drives (EFDs)—are also described by their rotational speed, noted in revolutions per minute (RPM). EFDs, which are becoming mainstream, are solid state and have no moving parts; therefore rotational speed does not apply.
Describe VMware Storage array design types?
✓ Active-Active Storage System:
✓ Active-Passive Storage System:
✓ Asymmetrical Storage System:
✓ Virtual Port Storage System:
Active-Active Storage System: An active-active storage system provides access to LUNs simultaneously through all available storage ports without significant performance degradation. Barring a path failure, all paths are active at all times.
Active-Passive Storage System: In an active-passive storage system, one storage processor is actively providing access to a given LUN. Other processors act as backup for the LUN and can be actively servicing I/O to other LUNs. In the event of the failure of an active storage port, one of the passive storage processors can be activated to handle I/O.
Asymmetrical Storage System: An asymmetrical storage system supports Asymmetric (significantly slower) Logical Unit Access (ALUA), which permits the hosts to determine the states of target ports and establish priority for paths.
Virtual Port Storage System: Access to all LUNs is provided through a single virtual port. These are active-active devices where the multiple connections are disguised behind the single virtual port. Virtual port storage systems handle failover and connection balancing transparently, which is often referred to as “transparent failover.”
What is SAN?
A Storage Area Network (SAN) is a dedicated network that provides access to consolidated, block level data storage. SAN refers to a network topology, not a connection Protocol. SANs were initially deployed to mimic the characteristics of local or direct attached SCSI devices.
A SAN is a network where storage devices (logical units—or LUNs) are presented from a storage target (one or more ports on an array) to one or more initiators (just like on a SCSI or SAS controller). An initiator is usually a Host Bus Adapter (HBA) or Converged Network Adapter (CNA), though software-based initiators are available for iSCSI and FCoE.
What is fiber channel or FC?
Fibre Channel, or FC, is a high-speed network technology primarily used to connect computer and data storage devices or for interconnecting storage controllers and drives. Fibre Channel is three times as fast as Small Computer System Interface (SCSI) as the transmission interface between servers and clustered storage devices. Fibre channel is more flexible; devices can be as far as ten kilometers (about six miles) apart if optical fiber is used as the physical medium. Optical fiber is not required for shorter distances, however, because Fibre Channel also works using coaxial cable and ordinary telephone twisted pair.
The Fibre Channel protocol can operate in three modes: point-to-point (FC-P2P), arbitrated loop (FC-AL), and switched (FC-SW). Point-to-point and arbitrated loop are rarely used today for host connectivity, and they generally predate the existence of Fibre Channel switches.
The following figure shows, each ESXi host has a minimum of two HBA ports, and each is physically connected to two Fibre Channel switches. Each switch has a minimum of two connections to two redundant front-end array ports (across storage processors).
What is world wide port no or world wide node no?
All the objects (initiators, targets, and LUNs) on a Fibre Channel SAN are identified by a unique 64-bit identifier called a worldwide name (WWN). WWNs can be worldwide port names (a port on a switch) or node names (a port on an endpoint). For anyone unfamiliar with Fibre Channel, this concept is simple. It’s the same technique as Media Access Control (MAC) addresses on Ethernet.
50:00:00:25:b5:01:00:00 20:00:00:25:b5:01:00:0f
Like Ethernet MAC addresses, WWNs have a structure. The most significant two bytes are used by the vendor (the four hexadecimal characters starting on the left) and are unique to the vendor, so there is a pattern for QLogic or Emulex HBAs or array vendors. In the previous example, these are Cisco CNAs connected to an EMC Symmetrix VMAX storage array.
The following figure shows an ESXi host with FCoE CNAs, where the highlighted CNA has the following worldwide node name: worldwide port name (WWpN):
WWNN –World Wide Node Number:-
A global identifier for a switch, hba, storage port
WWPN-World Wide Port Number:- A local identifier
A single port HBA will have WWNN & WWPN as same
A dual port HBA will have 1 WWNN & 2 WWPNs
A FC switch will have 1 WWNN and each port will have individual WWPN
both are unique everywhere
How different is FCoE from FC?
Aside from discussions of the physical media and topologies, the concepts for FCoE are almost identical to those of FC (Fibre Channel). This is because FCoE was designed to be seamlessly interoperable with existing Fibre Channel–based SANs.
What is VSAN?
Virtual Storage Area Networks (VSANs) were adopted as a standard in 2004. Like VLANs, VSANs provide isolation between multiple logical SANs that exist on a common physical platform. This enables SAN administrators greater flexibility and another layer of separation in addition to zoning.
What is Zoning? Why it is required?
( It ensures that a LUN that is required to be visible to multiple hosts with common visibility needs in a cluster is visible, while the rest of the host in the cluster that should not have visibility to that LUN do not.
( To create fault and error domains on the SAN fabric, where noise, chatter, and errors are not transmitted to all the initiators/targets attached to the switch. Again, it’s somewhat analogous to one of the uses of VLANs to partition very dense Ethernet switches into broadcast domains.
How do you configure ‘Zoing’ in ‘FC’? What are the types of ‘Zoning’ you can configure in FC?
Zoning is configured on the Fibre Channel switches via simple GUIs or CLI tools and can be configured by port or by WWN:
( Using port-based zoning, you would zone by configuring your Fibre Channel switch to “put port 5 and port 10 into a zone that we’ll call zone_5_10.” Any device (and therefore any WWN) you physically plug into port 5 could communicate only to a device (or WWN) physically plugged into port 10.
( Using WWN-based zoning, you would zone by configuring your Fibre Channel switch to “put WWN from this HBA and WWN of these array ports into a zone we’ll call ESXi_4_host1_CX_SPA_0.” In this case, if you moved the cables, the zones would move to the ports with the matching WWNs.
You can see in the ESXi configuration shown in the following figure that the LUN itself is given an unbelievably long name that combines the initiator WWN (the one starting with 50/20), the Fibre Channel switch ports (the one starting with 50), and the Network Address Authority (NAA) identifier. This provides an explicit name that uniquely identifies not only the storage device but also the full end-to-end path.
[pic]
Initiator No +Fc Switch Port No + Network Address Authority Identifier=LUN No
What Is LUN Masking?
Zoning should not be confused with LUN masking. Masking is the ability of a host or an array to intentionally ignore WWNs that it can actively see (in other words, that are zoned to it).
Masking is used to further limit what LUNs are presented to a host (commonly used with test and development replicas of LUNs).
What is FCoE?
FCoE was designed to be interoperable and compatible with Fiber Channel. In fact, the FCoE standard is maintained by the same T11 body as Fiber Channel. At the upper layers of the protocol stacks, Fiber Channel and FCoE look identical. It’s at the lower levels of the stack that the protocols diverge.
Fiber Channel as a protocol doesn’t specify the physical transport it runs over. However, unlike TCP, which has retransmission mechanics to deal with a lossy transport, Fiber Channel has far fewer mechanisms for dealing with loss and retransmission, which is why it requires a lossless, low-jitter, high-bandwidth physical layer connection. It’s for this reason that Fiber Channel traditionally is run over relatively short optical cables rather than the unshielded twisted-pair (UTP) cables that Ethernet uses. To address the need for lossless Ethernet, the IEEE created a series of standards—all of which had been approved and finalized at the time of this writing—that make 10 Gb Ethernet lossless for FCoE traffic. Three key standards, all part of the Data Center Bridging (DCB) effort, make this possible:
( Priority Flow Control (PFC, also called Per-Priority Pause)
( Enhanced Transmission Selection (ETS)
(Datacenter Bridging Exchange (DCBX)
Used together, these three protocols allow Fiber Channel frames to be encapsulated into Ethernet frames, as illustrated in the following figure, and transmitted in a lossless manner. Thus, FCoE uses whatever physical cable plant that 10 Gb Ethernet uses. Today, 10 GbE connectivity is generally optical (same cables as Fiber Channel) and Twinax (which is a pair of coaxial copper cables), InfiniBand-like CX cables, and some emerging 10 Gb unshielded twisted pair (UTP) use cases via the new 10GBase-T standard. Each has its specific distance-based use cases and varying interface cost, size, and power consumption.
[pic]
What is iSCSI?
iSCSI brings the idea of a block storage SAN to customers with no Fiber Channel infrastructure. iSCSI is an IETF standard for encapsulating SCSI control and data in TCP/IP packets, which in turn are encapsulated in Ethernet frames. The following shows how iSCSI is encapsulated in TCP/IP and Ethernet frames. TCP retransmission is used to handle dropped Ethernet frames or significant transmission errors. Storage traffic can be intense relative to most LAN traffic. This makes it important that you minimize retransmits, minimize dropped frames, and ensure that you have “betthe- business” Ethernet infrastructure when using iSCSI.
[pic]
You want to a understand Resource Pool's resource allocation, from where you can see allocation of resources to objects within the vCenter Server hierarchy.
Clusters "Resource Allocation" tab can verify the allocation of resources to objects within the vCenter Server hierarchy.
[pic]
Understand Resource Pools resource allocation using a senario.
[pic]
[pic]
Remember:-Shares Apply Only During Actual Resource Contention
Remember that share allocations come into play only when VMs are fighting one another for a resource — in other words, when an ESXi host is actually unable to satisfy all the requests for a particular resource. If an ESXi host is running only eight VMs on top of two quad-core processors, there won’t be contention to manage (assuming these VMs have only a single vCPU and Shares values won’t apply.
What is Processor core? Thread? what is Hyperthreading? what is Logical CPU and Virtual CPU?
Processor : It’s the physical components that comes with server, responsible of all processing operations, a server can have more than one processor (1, 2…), we talk so about a multiprocessor server (bi-processor in case of 2). We define multiple processor in a server by Socket.
[pic]
Core : Inside your physical processor, you can have more than one operations unit or processing unit, called Core. We can say that a core is like a processor, so 1 Processor with two Cores is like 2 processors with 1 Core (remember like not equal). Today all processors are multi-core, and for servers, we usually find 4 or more cores per processors (like Quad Core or more)
Logical Processor : As explained before, we have processors and cores. Normally a Core can handle one thread (aka operation) at the same time (processor time slot). But when the Hyper-Threading technology is activated and supported, the Core can handle two threads in the same time than one (it’s more complicated but I’m touching the point). The number of thread in a machine is the number of logical processor. So if you want to know how much logical processor do you have, just count the total number of threads.
So how to count that:
Cores Count = Processor Count X CoresCountPerProcessor
Logical Processor Count = CoresCount X ThreadCount
so
No-of-Processor-(Socket) X Cores-Per-Processor X ThreadCount = Logical Processor Count
Examples :
• I have a 2 socket Quad Core processors server with Hyper-Threading : LogicalProcessorCount = 2 X 4 X 2 = 16
• I have a server with a 12 Cores processor and no Hyper-Threading: LogicalProcessor Count = 1 * 12 = 12
•
Virtual Processor: In virtualization, when you create a virtual machine you do assign to it a processor. Like vRAM, VHD, Virtual network interface, we can assign a Virtual Processor (VP) to a virtual machine. In an easy way, it’s a physical processor TimeSlot that will be given to the virtual machine. So when I assign a Virtual Processor to a virtual Machine, is like I rent a computing time from the processor, a piece of the processor
How much VP can I assign to a virtual machine: Good question and we need to know that : The number of virtual processor we can assign to a virtual machine depends on two factors:
• Logical processor count in the physical machine : The number of VP cannot exceed the number of present logical processor. So if we have 16 logical processors in our physical machine, we can assign at max 16 VP. The rule is 1: 1 ie. 1 virtual processor from each logical processor for a single virtual machine
• The hypervisor and Guest support:
What is SMP? What are the Virtual CPU Limitations of VMware?
Symmetric Multiprocessing: SMP is the processing of a program by multiple processors that share a common operating system and memory.
The maximum number of virtual CPUs that you can assign to a virtual machine depends on the number of logical CPUs on the host, the host license, and the type of guest operating system that is installed on the virtual machine. Be aware of the following limitations:
| |■Logical Processor:-A virtual machine cannot have more virtual CPUs than the number of logical cores or logical processors on the|
| |host. The number of logical cores is equal to the number of physical cores if hyperthreading is disabled or two times that number|
| |if hyperthreading is enabled. |
| |■ SMP Support of Guest OS’s:- Not every guest operating system supports Virtual SMP, and some that do require reinstallation if |
| |the number of vCPUs changes. |
| |■ SMP Support capacity of Guest OS’s:- Guest operating systems that support Virtual SMP might support fewer processors than are |
| |available on the host. |
VM performance:-Running Virtual SMP enabled virtual machines on hyperthreaded hosts with Virtual SMP can affect virtual machine performance. Running uniprocessor virtual machines on hyperthreaded hosts can also affect virtual machine performance.
What is Network Resource Pool?
A 'network resource pool' allow you to control network utilization. A network resource pool — to which you assigned shares and limits — can control outgoing network traffic. This feature is referred to as vSphere Network I/O Control (NetIOC).
Outgoing Traffic Only, and Only on a Distributed Switch
vSphere Network I/O Control applies only to outgoing network traffic and is available only on a vSphere Distributed Switch (vDS) version 4.1.0 or later.
What is System Network Resource Pool? What is Custom Resource Pool ?
When you enable vSphere NetIOC, vSphere activates six predefined network resource pools:
( Fault Tolerance (FT) Traffic
( Virtual Machine Traffic
( vMotion Traffic
( Management Traffic
( iSCSI Traffic
( NFS Traffic
Custom Resource Pool is used to fulfill customer resource needs?
Remember:- You Can’t Map Port Groups to System defined resource Pools
Port groups can only be mapped to user-defined network resource pools, not system network resource pools.
[pic]
How do you enable NetIOC?
Two steps are involved in setting up and using NetIOC. First, you must enable NetIOC on that particular vDS. Second, you must create and configure custom network resource pools as necessary.
1. Navigate to the Networking Inventory view using the View menu, the navigation bar, or the home screen.
2. Select the vDS for which you want to enable NetIOC.
3. Click the 'Resource Allocation' tab for that vDS.
4. Click Properties.
5. In the Resource Allocation Properties dialog box, check 'Enable Network I/O Control On This vSphere Distributed Switch', and then click OK.
What are three basic settings a network resource pool consist of?
( The first value is 'Physical Adapter Shares'. Like the shares you used to prioritize access to CPU or RAM when there was contention, physical adapter shares in a network resource pool establish priority for access to the physical network adapters when there is network contention. As with other types of shares, this value does not apply when there is no contention.
You can set this value to one of three predefined values, or you can set a Custom value of up to 100. For the predefined values, Low translates to 25 shares, Normal equates to 50 shares, and High equals 100 shares.
( The second value is the 'Host Limit'. This value specifies an upper limit on the amount of network traffic, in Mbps, that this network resource pool is allowed to consume. Leaving Unlimited selected means that only the physical adapters themselves limit the network resource pool.
( The third value is the QoS Priority Tag. The QoS (Quality of Service) priority tag is an 802.1p tag that is applied to all outgoing packets. Upstream network switches that are configured to recognize the 802.1p tags can further enhance and enforce the QoS beyond just the ESXi host.
[pic]
What are the pre-requisites of storage I/O control (SIOC)?
SIOC has a few requirements you must meet:
( Datastores under a single vCenter Server- All datastores that are SIOC-enabled have to be under the management of a single vCenter Server instance. vCenter Server is the “central clearinghouse” for all the shares assignments, so it makes sense that all the datastores and hosts have to be managed by a single vCenter Server instance.
( No RDM Support, NO NFS Support-SIOC is supported on VMFS datastores connected via Fibre Channel (including FCoE) and iSCSI. NFS datastores are also supported. Raw Device Mappings (RDMs) are not supported.
( No Multiple Datastore Extents Support- Datastores must have only a single extent. Datastores with multiple extents are not supported.
Remember:- Storage I/O Control and Array Auto-Tiering
If your storage array supports auto-tiering — the ability for the array to seamlessly and transparently migrate data between different tiers (SSD, FC, SAS, SATA) of storage, be sure to double-check the VMware Hardware Compatibility List (HCL) to verify that your array’s auto-tiering functionality has been certified to be compatible with SIOC.
How do you Enabling Storage I/O Control?
Configuring SIOC is a two-step process. First, enable SIOC on one or more datastores. Second, assign shares or limits to storage I/O resources on individual VMs.
1. SIOC is available only when connected to vCenter Server, not when you are connected to an individual ESXi host.
2. Navigate to the Datastores And Datastore Clusters inventory view.
3. Select the datastore for which you want to enable SIOC.
4. Click the 'Configuration' tab.
5. Select the Properties hyperlink. The above picture shows the location of this hyperlink just below the list of hosts connected to the selected datastore.
6. In the Datastore Name Properties dialog box, select Enabled under Storage I/O Control.
7. Click Close.
SIOC is enabled on a per-datastore basis. By default, SIOC is disabled for a datastore, meaning that you have to explicitly enabled SIOC if you want to take advantage of its functionality. While SIOC is disabled by default for individual datastores, it is enabled by default for Storage DRS–enabled datastore clusters that have I/O metrics enabled for Storage DRS.
How Storage I/O control SIOC works?
SIOC uses disk latency as the threshold to enforce Shares values-
SIOC uses latency as the threshold to determine when it should activate and enforce Shares values for access to storage I/O resources. Specifically, when vSphere detects latency in excess of a specific threshold value (measured in milliseconds), SIOC is activated.
vSphere administrators should fine-tune the behavior of SIOC as per array vendor-Because of the vast differences in array architectures and array performance, VMware recognized that users might need to adjust this default congestion threshold values for SIOC. After all, a certain latency measurement might indicate congestion (or contention) on some arrays and configurations, but not on others. Making the congestion threshold adjustable allows vSphere administrators to fine-tune the behavior of SIOC to best match their particular array and configuration.
For controlling the use of storage I/O by VMs SIOC uses shares and limits-
SIOC provides two mechanisms for controlling the use of storage I/O by VMs: shares and limits. the Shares value establishes a relative priority as a ratio of the total number of shares assigned, while the Limit value defines the upper ceiling on the number of I/O operations per second (IOPS) that a given VM may generate. As with memory, CPU, and network I/O, vSphere provides default settings for disk shares and limits. By default, every VM you create is assigned 1,000 disk shares per virtual disk and no IOPS limits. If you need different settings than the default values, you can easily modify either the assigned storage I/O shares or the assigned storage I/O limit
SIOC enforces Shares values only when contention for storage I/O resources is detected-
Storage I/O resources are enforced based on the Shares value whenever SIOC detects contention (or congestion) on the datastore. (Keep in mind that vSphere uses latency, as specified in the congestion threshold I described previously, as the trigger for activating SIOC.) Like all other Shares values, SIOC enforces Shares values only when contention for storage I/O resources is detected. If there is no contention — as indicated by low latency values for that datastore or datastore cluster — then SIOC will not activate.
Like the limits you apply to memory, CPU, or network I/O, the storage I/O limits are absolute values. The hypervisor will enforce the assigned storage I/O limit, even when there is plenty of storage I/O available.
What is Share value means in CPU, Memory, Network and Storage control?
Shares are applicable only when there is resource contention. This is true for all the different Shares values. Regardless of whether you are setting Shares values for memory, CPU, network, or storage, vSphere will not step in and enforce those shares until the hypervisor detects contention for that particular resource. Shares aren’t guarantees or absolute values; they establish relative priority when the hypervisor isn’t able to meet all the demands of the VMs.
To guarantee certain levels of performance, your IT director believes that all VMs must be configured with at least 8 GB of RAM. However, you know that many of your applications rarely use this much memory. What might be an acceptable compromise to help ensure performance?
One way would be to configure the VMs with 8 GB of RAM and specify a reservation of only 2 GB. VMware ESXi will guarantee that every VM will get 2 GB of RAM, including preventing additional VMs from being powered on if there isn’t enough RAM to guarantee 2 GB of RAM to that new VM. However, the RAM greater than 2 GB is not guaranteed and, if it is not being used, will be reclaimed by the host for use elsewhere. If plenty of memory is available to the host, the ESXi host will grant what is requested; otherwise, it will arbitrate the allocation of that memory according to the shares values of the VMs.
A fellow VMware administrator is a bit concerned about the use of CPU reservations. She is worried that using CPU reservations will “strand” CPU resources, preventing those reserved but unused resources from being used by other VMs. Are this administrator’s concerns well founded?
For CPU reservations, no. While it is true that VMware must have enough unreserved CPU capacity to satisfy a CPU reservation when a VM is powered on, reserved CPU capacity is not “locked” to a VM like memory. If a VM has reserved but unused capacity, that capacity can and will be used by other VMs on the same host. The other administrator’s concerns could be valid, however, for memory reservations.
Your company runs both test/development workloads and production workloads on the same hardware. How can you help ensure that test/development workloads do not consume too many resources and impact the performance of production workloads?
Create a resource pool and place all the test/development VMs in that resource pool. Configure the resource pool to have a CPU limit and a lower CPU shares value. This ensures that the test/development will never consume more CPU time than specified in the limit and that, in times of CPU contention, the test/development environment will have a lower priority on the CPU than production workloads.
Name two limitations of Network I/O Control?
Potential limitations of Network I/O Control include the fact that it works only with (i) vSphere Distributed Switches, the ability to only control (ii)outbound network traffic, the fact that it requires (iii) vCenter Server in order to operate, or the fact that (iv) system network resource pools cannot be assigned to user-created port groups?
What are the requirements for using Storage I/O Control?
All datastores and ESXi hosts that will participate in Storage I/O Control must be managed by the same vCenter Server instance. In addition, Raw Device Mappings (RDMs) and NFS datastores are not supported for SIOC. Datastores must have only a single extent; datastores with multiple extents are not supported?
What is Vmotion?
vMotion is a feature that allows running VMs to be migrated from one physical ESXi host to another physical ESXi host with no downtime to end users. To execute vMotion, both the ESXi hosts and the VMs must meet specific configuration requirements. In addition, vCenter Server performs validation checks to ensure that vMotion compatibility rules are observed.
How VMware vSphere helps balance the utilization of resources?
vMotion:- vMotion, which is generically known as live migration, is used to manually balance resource utilization between two or more ESXi hosts.
Storage vMotion:- Storage vMotion is the storage equivalent of vMotion, and it is used to manually balance storage utilization between two or more datastores.
vSphere Distributed Resource Scheduler (DRS):- vSphere Distributed Resource Scheduler (DRS) is used to automatically balance resource utilization among two or more ESXi hosts.
Storage DRS:- Storage DRS is the storage equivalent of DRS, and it is used to automatically balance storage utilization among two or more datastores.
What are the configuration requirements of a successful vMotion?
Each of the ESXi hosts that are involved in vMotion must meet the following requirements:
Shared storage:-
( Shared storage for the VM files (a VMFS or NFS datastore) that is accessible by both the source and target ESXi host.
Dedicated VMkernel port for vMotion:-
( A Gigabit Ethernet or faster network interface card (NIC) with a VMkernel port defined and enabled for vMotion on each ESXi host.
Describe briefly how vMotion works?
1. Migration initiated:- An administrator initiates a migration of a running VM (VM1) from one ESXi host (HOST-1) to another ESXi host (HOST-2).
2. Active memory pages and memory bitmap of VM precopied:- The source host (HOST-1) begins copying the active memory pages VM1 has in host memory to the destination host (HOST-2) across a VMkernel interface that has been enabled for vMotion. This is called preCopy. During this time, the VM still services clients on the source (HOST-1). As the memory is copied from the source host to the target, pages in memory could be changed. ESXi handles this by keeping a log of changes that occur in the memory of the VM on the source host after that memory address has been copied to the target host. This log is called a memory bitmap. Note that this process occurs iteratively, repeatedly copying over memory contents that have changed.
3. Source ESXi host is 'quiesced':- After the entire contents of RAM for the VM being migrated have been transferred to the target host (HOST-2), then VM1 on the source ESXi host (HOST-1) is quiesced. This means that it is still in memory but is no longer servicing client requests for data. The memory bitmap file is then transferred to the target (HOST-2).
The Memory Bitmap
The memory bitmap does not include the contents of the memory address that has changed; it simply includes the addresses of the memory that has changed — often referred to as the dirty memory.
4. Memory bitmap address contains copied:-The target host (HOST-2) reads the addresses in the memory bitmap file and requests the contents of those addresses from the source (HOST-1).
5. VM starts on target host:- After the contents of the memory address referred to in the memory bitmap file have been transferred to the target host, the VM starts on that host. Note that this is not a reboot — the VM’s state is in RAM, so the host simply enables it.
6. RARP message is sent:- At this point a Reverse Address Resolution Protocol (RARP) message is sent by the host to register its MAC address against the physical switch port to which the target ESXi host is connected. This process enables the physical switch infrastructure to send network packets to the appropriate ESXi host from the clients that are attached to the VM that just moved.
7. Source host memory is deleted:- After the VM is successfully operating on the target host, the memory that the VM was using on the source host is deleted. This memory becomes available to the VMkernel to use as appropriate
What are the points that you should keep in mind for a successful vMotion?
Networking
( Identical virtual switches, VMkernel ports, same Distributed Switch :-
Both the source and destination hosts must be configured with identical virtual switches that are correctly configured, vMotion-enabled VMkernel ports. If you are using vSphere Distributed Switches, both hosts must be participating in the same vSphere Distributed Switch.
( Identical port group and same subnet:-
All port groups to which the VM being migrated is attached must exist on both of the source and destination ESXi hosts. Port group naming is case sensitive, so create identical port groups on each host, and make sure they plug into the same physical subnets or VLANs. A virtual switch named Production is not the same as a virtual switch named PRODUCTION. Remember that to prevent downtime the VM is not going to change its network address as it is moved. The VM will retain its MAC address and IP address so clients connected to it don’t have to resolve any new information to reconnect.
CPU
( Processors compatibility:-
Processors in both hosts must be compatible. When a VM is transferred between hosts, remember that the VM has already detected the type of processor it is running on when it booted. Because the VM is not rebooted during a vMotion, the guest assumes the CPU instruction set on the target host is the same as on the source host. You can get away with slightly dissimilar processors, but in general the processors in two hosts that perform vMotion must meet the following requirements:
( Same vendor :-CPUs must be from the same vendor (Intel or AMD).
( Same CPU family:- CPUs must be from the same CPU family (Xeon 55xx, Xeon 56xx, or Opteron).
( Same CPU features:- CPUs must support the same features, such as the presence of SSE2, SSE3, and SSE4, and NX or XD.
( Virtualization enabled:- For 64-bit VMs, CPUs must have virtualization technology enabled (Intel VT or AMD-v).
Host and VM
In addition to the vMotion requirements for the hosts involved, the VM must meet the following requirements to be migrated:
( No Device physically available to only one host:- The VM must not be connected to any device physically available to only one ESXi host. This includes disk storage, CD/DVD drives, floppy drives, serial ports, or parallel ports. If the VM to be migrated has one of these mappings, simply deselect the Connected check box beside the offending device. For example, you won’t be able to migrate a VM with a CD/DVD drive connected; to disconnect the drive and allow vMotion, deselect the “Connected” box.
( No internal-only vSwitch:- The VM must not be connected to an internal-only virtual switch.
( No CPU affinity Rule:-The VM must not have its CPU affinity set to a specific CPU.
( Shared Sorage for hosts:- The VM must have all disk, configuration, log, and nonvolatile random access memory (NVRAM) files stored on a VMFS or NFS datastore accessible from both the source and the destination ESXi hosts.
How vMotion provide High Availability fetures?
vMotion is a great feature, but it is not a high-availability feature. Yes, it can be used to improve uptime by preventing planned downtime, but vMotion will not provide any protection in the event of an unplanned host failure. For that functionality, you’ll need vSphere High Availability (HA) and vSphere Fault Tolerance (FT).
What is virtual machine CPU masking?
vCenter Server offers the ability to create custom CPU masks on a per-VM basis. Although this can offer a tremendous amount of flexibility in enabling vMotion compatibility, it’s also important to note that, with one exception, this is completely unsupported by VMware.
What is the one exception? On a per-VM basis, you’ll find a setting that tells the VM to show or mask the No Execute/Execute Disable (NX/XD) bit in the host CPU, and this specific instance of CPU masking is fully supported by VMware.
[pic]
AMD’s Execute Disable (XD) and Intel’s NoExecute (NX) are features of processors that mark memory pages as data only, which prevents a virus from running executable code at that memory address. The operating system needs to be written to take advantage of this feature, and in general, versions of Windows starting with Windows 2003 SP1 and Windows XP SP2 support this CPU feature.
Masking the NX/XD bit from the VM tells the VM that there’s no NX/XD bit present. This is useful if you have two otherwise compatible hosts with an NX/XD bit mismatch. If the VM doesn’t know there’s an NX or XD bit on one of the hosts, it won’t care if the target host has or doesn’t have that bit if you migrate that VM using vMotion.
The greatest vMotion compatibility is achieved by masking the NX/XD bit. If the NX/XD bit is exposed to the VM, as shown in the BIOS, setting for NX/XD must match on both the source and destination ESXi hosts.
For features other than the NX/XD bit, you would have to delve into custom CPU masks. This is where you will step outside the bounds of VMware support. Looking at the dialog box in VM properties, you’ll note the ‘Advanced’ button. Clicking the Advanced button opens the ‘CPU Identification Mask’ dialog box, In this dialog box, you can create custom CPU masks to mark off specific bits within the CPU ID value.
[pic]
[pic]
A certain vendor has just released a series of patches for some of the guest OS’s in your virtualized infrastructure. You request an outage window from your supervisor, but your supervisor says “just use vMotion to prevent downtime”. Is your supervisor correct? Why or why not?
Your supervisor is incorrect. vMotion can be used to move running VMs from one physical host to another, but it does not address outages within a guest OS because of reboots or other malfunctions. If you had been requesting an outage window to apply updates to the host, the supervisor would have been correct — you could use vMotion to move all the VMs to other hosts within the environment and then patch the first host. There would be no end-user downtime in that situation. In this case, before patching, you can take Snapshot of those guest OS’s to be on the safe side.
Is vMotion a solution to prevent unplanned downtime?
No. vMotion is a solution to address planned downtime of the ESXi hosts on which VMs are running, as well as to manually load balance CPU and memory utilization across multiple ESXi hosts. Both the source and destination ESXi hosts must be up and running and accessible across the network in order for vMotion to succeed.
What is EVC?
EVC:- vMotion requires compatible CPU families on the source and destination ESXi hosts in order to be successful in vMotion. To help alleviate any potential problems resulting from changes in processor families over time, vSphere offers “Enhanced vMotion Compatibility (EVC)”, this can mask differences between CPU families in order to maintain vMotion compatibility.
Can you change the EVC level for a cluster while there are VMs running on hosts in the cluster?
No, you cannot. Changing the EVC level means that new CPU masks must be calculated and applied. CPU masks can be applied only when VMs are powered off, so you can’t change the EVC level on a cluster when there are powered-on VMs in that cluster.
Describe in details what is VMware Enhanced vMotion Compatibility (EVC)?
Recognizing that potential processor compatibility issues with vMotion could be a significant problem, VMware worked closely with both Intel and AMD to craft functionality that would address this issue. On the hardware side, Intel and AMD put functions in their CPUs that would allow them to modify the CPU ID value returned by the CPUs. Intel calls this functionality FlexMigration; AMD simply embedded this functionality into their existing AMD-V virtualization extensions. On the software side, VMware created software features that would take advantage of this hardware functionality to create a common CPU ID baseline for all the servers within a cluster. This functionality, originally introduced in VMware ESX/ESXi 3.5 Update 2, is called VMware Enhanced vMotion Compatibility.
vCenter Server performs some validation checks to ensure that the physical hardware included in the cluster is capable of supporting the selected EVC mode and processor baseline. If you select a setting that the hardware cannot support, the Change EVC Mode dialog box will reflect the incompatibility.
When you enable EVC and set the processor baseline, vCenter Server then calculates the correct CPU masks that are required and communicates that information to the ESXi hosts. The ESXi hypervisor then works with the underlying Intel or AMD processors to create the correct CPU ID values that would match the correct CPU mask. When vCenter Server validates vMotion compatibility by checking CPU compatibility, the underlying CPUs will return compatible CPU masks and CPU ID values. However, vCenter Server and ESXi cannot set CPU masks for VMs that are currently powered on.
When setting the EVC mode for a cluster, keep in mind that some CPU-specific features — such as newer multimedia extensions or encryption instructions, for example — could be disabled when vCenter Server and ESXi disable them via EVC. VMs that rely on these advanced extensions might be affected by EVC, so be sure that your workloads won’t be adversely affected before setting the cluster’s EVC mode.
Let’s take a graphical look at what EVC can accomplish for you. In Figure 1 below, here’s what you’re seeing:
• In the top picture is a three server cluster with two Intel Core2-based servers and one Core i7-based server. Because the lowest common denominators are the Xeon Core2 systems, this cluster operates in Xeon Core2 mode so that vMotion will work between all three hosts. For virtual machines running in the cluster, EVC basically blocks the Core i7-only features from being exposed to virtual machines.
1. What is vSphare DRS?
2.
3. vSphere Distributed Resource Scheduler (DRS) builds on the idea of manually balancing loads across ESXi hosts and then turns it into a way of automatically balancing load across groups of ESXi hosts.
4.
5. The ESXi hosts groups are called clusters. vSphere Distributed Resource Scheduler enables vCenter Server to automate the process of conducting vMotion migrations to help balance the load across ESXi hosts within a cluster. DRS can be as automated as desired, and vCenter Server has flexible controls for affecting the behavior of DRS as well as the behavior of specific VMs within a DRS-enabled cluster. It has the following two main functions:
6.
7. Intelligent placement:-
8. ( To decide which node of a cluster should run a VM when it’s powered on, a function often referred to as intelligent placement.
9.
10. Recommendation or Automation:-
11.
12. ( To evaluate the load on the cluster over time and either make recommendations for migrations or use vMotion to automatically move VMs to create a more balanced cluster
How DRS works?
vSphere DRS runs as a process within vCenter Server, which means that you must have vCenter Server in order to use vSphere DRS.
By default, DRS checks every five minutes (or 300 seconds) to see if the cluster’s workload is balanced. DRS is also invoked by certain actions within the cluster, such as adding or removing an ESXi host or changing the resource settings of a VM.
When DRS is invoked, it will calculate the imbalance of the cluster, apply any resource controls (such as reservations, shares, and limits), and, if necessary, generate recommendations for migrations of VMs within the cluster. Depending on the configuration of vSphere DRS, these recommendations could be applied automatically, meaning that VMs will automatically be migrated between hosts by DRS in order to maintain cluster balance (or, put another way, to minimize cluster imbalance). Fortunately, if you like to retain control, you can set how aggressively DRS will automatically move VMs around the cluster.
What are DRS automation level?
Manual
When a DRS cluster is set to Manual, every time you power on a VM, the cluster prompts you to select the ESXi host on which that VM should be hosted. The dialog box rates the available hosts. According to suitability at that moment, the lower the priority, the better the choice. The Manual setting also suggests vMotion migrations when DRS detect an imbalance between ESXi hosts in the cluster.
Partially Automated:-
If you select the Partially Automated setting on the DRS properties, DRS will make an automatic decision about which host a VM should run on when it is initially powered on (without prompting the user who is performing the power-on task) but will still prompt for all migrations on the DRS tab. Thus, initial placement is automated, but migrations are still manual.
Fully Automated:-
The third setting for DRS is Fully Automated. This setting makes decisions for initial placement without prompting and also makes automatic vMotion decisions based on the selected automation level (the slider bar).
There are five positions for the slider bar on the Fully Automated setting of the DRS cluster. The values of the slider bar range from Conservative to Aggressive. Conservative automatically applies recommendations ranked as priority 1 recommendations. Any other migrations are listed on the DRS tab and require administrator approval.
If you move the slider bar from the most conservative setting to the next stop to the right, then all priority 1 and priority 2 recommendations are automatically applied; recommendations higher than priority 2 will wait for administrator approval.
With the slider all the way over to the Aggressive setting, any imbalance in the cluster that causes a recommendation is automatically approved (apply even priority 5 recommendations). Be aware that this can cause additional stress in your ESXi host environment, because even a slight imbalance will trigger a migration.
You want to take advantage of vSphere DRS to provide some load balancing of virtual workloads within your environment. However, because of business constraints, you have a few workloads that should not be automatically moved to other hosts using vMotion. Can you use DRS? If so, how can you prevent these specific workloads from being affected by DRS?
Yes, you can use DRS. Enable DRS on the cluster, and set the DRS automation level appropriately. For those VMs that should not be automatically migrated by DRS, configure the DRS automation level on a per-VM basis to Manual. This will allow DRS to make recommendations on migrations for these workloads but will not actually perform the migrations.
What is maintenance mode?
Maintenance mode is a setting on a ESXi host that prevents the ESXi host from performing any VM related functions. VMs currently running on a ESXi host being put into maintenance mode must be shut down or moved to another host before the ESXi host will actually enter maintenance mode. This means that an ESXi host in a DRS-enabled cluster will automatically generate priority 1 recommendations to migrate all VMs to other hosts within the cluster.
What is Distributed Resource Scheduler (DRS) Rules or affinity rules?
vSphere DRS supports three types of DRS rules:-
( VM affinity rules, referred to as “Keep Virtual Machines Together” in the vSphere Client.
Affinity rules keep VMs together on the same host. Consider a multitier application where you have a web application server and a backend database server that frequently communicate with each other, and you’d like that communication to take advantage of the high-speed bus within a single server rather than going across the network. In that case, you could define an affinity rule (Keep Virtual Machines Together) that would ensure these two VMs stay together in the cluster.
( VM anti-affinity rules, referred to as “Separate Virtual Machines” in the vSphere Client.
Consider an environment with two mail server VMs. In all likelihood, administrators would not want both mail servers to reside on the same ESXi host. Instead, the administrators would want the mail servers split onto two different ESXi hosts in the cluster, so that the failure of one host would affect only one of the two mail servers. In this sort of situation, a VM anti-affinity rule is the right tool to use.
( Host affinity rules, referred to as “Virtual Machines To Hosts” in the vSphere Client.
In addition to VM affinity and VM anti-affinity rules, vSphere DRS supports a third type of DRS rule: the host affinity rule. Host affinity rules are used to govern the relationships between VMs and the ESXi hosts in a cluster, giving administrators control over which hosts in a cluster are allowed to run which VMs. Before you can start creating a host affinity rule, you have to create at least one VM DRS group and at least one host DRS group.
The host affinity rule brings together a VM DRS group and a host DRS group along with the preferred rule behavior. There are four host affinity rule behaviors:
( Must Run On Hosts In Group
( Should Run On Hosts In Group
( Must Not Run On Hosts In Group
( Should Not Run On Hosts In Group
What is per-VM Distributed Resource Scheduler Settings?
It’s possible there will be enterprise-critical VMs that administrators are adamant about not being vMotion candidates. However, the VMs should remain in the cluster to take advantage of high-availability features provided by vSphere HA. In other words, VMs will take part in HA but not DRS despite both features being enabled on the cluster.
The administrator can then selectively choose VMs that are not going to be acted on by DRS in the same way as the rest in the cluster. The per-VM automation levels available include the following:
( Fully Automated (automatic intelligent placement and vMotion)
( Partially Automated (automatic intelligent placement, manual vMotion)
( Manual (Manual intelligent placement and vMotion)
( Default (inherited from the cluster setting)
( Disabled
What is Storage vMotion?
vMotion and Storage vMotion are like two sides of the same coin. vMotion migrates a running VM from one physical host to another, moving CPU and memory usage between hosts but leaving the VM’s storage unchanged. This allows you to manually balance the CPU and memory load by shifting VMs from host to host.
Storage vMotion, on the other hand, migrates a running VM’s virtual disks from one datastore to another datastore but leaves the VM executing — and therefore using CPU and memory resources — on the same ESXi host. This allows you to manually balance the “load” or utilization of a datastore by shifting a VM’s storage from one datastore to another. Like vMotion, Storage vMotion is a live migration; the VM does not incur any outage during the migration of its virtual disks from one datastore to another.
How Storage vMotion works?
1. Nonvolatile files copy:- First, vSphere copies over the nonvolatile files that makes up a VM: Ex- the configuration file (VMX), VMkernel swap file, log files, and snapshots.
2. Ghost or shadow VM created on destination datastore:- Next, vSphere starts a ghost or shadow VM on the destination datastore using the nonvolatile files copied. Because this ghost VM does not yet have a virtual disk (that hasn’t been copied over yet), it sits idle waiting for its virtual disk.
s3. Destination disk and mirror driver created:- Storage vMotion first creates the destination disk. Then a mirror device — a new driver that mirrors I/Os between the source and destination disk — is inserted into the data path between the VM and the underlying storage.
SVM (Shadow VM) Mirror Device Information in the Logs
If you review the vmkernel log files on an ESXi host during and after a Storage vMotion operation, you will see log entries prefixed with “SVM” that show the creation of the mirror device and that provide information about the operation of the mirror device.
4. Single-pass copy of the virtual disk(s):- With the I/O mirroring driver in place, vSphere makes a single-pass copy of the virtual disk(s) from the source to the destination. As changes are made to the source, the I/O mirror driver ensures those changes are also reflected at the destination.
5. vSphere quickly suspends and resumes in order to transfer control over to the ghost VM:- When the virtual disk copy is complete, vSphere quickly suspends and resumes in order to transfer control over to the ghost VM created on the destination datastore earlier. This generally happens so quickly that there is no disruption of service, like with vMotion.
6. Source datastore files are deleted:- The files on the source datastore are deleted. It’s important to note that the original files aren’t deleted until it’s confirmed that the migration was successful; this allows vSphere to simply fall back to its original location if an error occurs. This helps prevent data loss situations or VM outages because of an error during the Storage vMotion process.
What we should remember when using Storage vMotion with Raw Device Mappings (RDM)?
There are two type of Raw Device Mappings (RDM’s) - physical mode RDM and virtual mode RDM. Virtual mode RDM use one VMDK mapping file to give raw LUN access. Be careful when using Storage vMotion with virtual mode (RDMs).
If you want to migrate only the VMDK mapping file, be sure to select “Same Format As Source” for the virtual disk format. If you select a different format, virtual mode RDMs will be converted into VMDKs as part of the Storage vMotion operation (physical mode RDMs are not affected). Once an RDM has been converted into a VMDK, it cannot be converted back into an RDM again.
What is Storage DRS?
Storage DRS is a feature that is new to vSphere 5. Storage DRS brings
automation to the process of balancing storage capacity and I/O utilization. Storage DRS uses datastore clusters and can operate in manual or Fully Automated mode. Numerous customizations exist — such as custom schedules, VM and VMDK anti-affinity rules, and threshold settings etc. This customizations allow administrators to fine-tune the behavior of Storage DRS for their specific environments. SDRS can perform this automated balancing not only on the basis of space utilization but also on the basis of I/O load balancing.
Like vSphere DRS, SDRS is built on some closely related concepts and terms:
( Just as vSphere DRS uses clusters as a collection of hosts on which to act, SDRS uses data store clusters as collections of datastores on which it acts.
( Just as vSphere DRS can perform both initial placement and manual and ongoing balancing, SDRS also performs initial placement of VMDKs and ongoing balancing of VMDKs. The initial placement functionality of SDRS is especially appealing because it helps simplify the VM provisioning process for vSphere administrators.
( Just as vSphere DRS offers affinity and anti-affinity rules to influence recommendations, SDRS offers VMDK affinity and anti-affinity functionality.
As I just mentioned, SDRS uses the idea of a datastore cluster — a group of datastores treated as shared storage resources — in order to operate. Before you can enable or configure SDRS, you must create a datastore cluster.
[pic]
What is datastores cluster?
Before you can enable or configure SDRS, you must create a datastore cluster. However, you can’t just arbitrarily combine datastores into a datastore cluster; there are some guidelines you need to follow. Specifically, VMware provides the following guidelines for datastores that are combined into datastore clusters:
( No NFS and VMFS combination:- Datastores of different sizes and I/O capacities can be combined in a datastore cluster. Additionally, datastores from different arrays and vendors can be combined into a datastore cluster. However, you cannot combine NFS and VMFS datastores in a datastore cluster.
( No replicated and nonreplicated datastore combination:- You cannot combine replicated and nonreplicated datastores into an SDRS-enabled datastore cluster.
( No ESX/ESXi 4.x and earlier host connection:- All hosts attached to a datastore in a datastore cluster must be running ESXi 5 or later. ESX/ESXi 4.x and earlier cannot be connected to a datastore that you want to add to a datastore cluster.
( No Datastores shared across multiple datacenters:- Datastores shared across multiple datacenters are not supported for SDRS.
What are the relations between Storage I/O Control and Storage DRS Latency Thresholds?
Adjusting storage latency as the threshold for Storage I/O Control (SIOC). You’ll note that the default I/O latency threshold for SDRS (15 ms) is well below the default for SIOC (30 ms). The idea behind these default settings is that SDRS can make a migration to balance the load (if fully automated) before throttling becomes necessary.
Just as I recommended you check with your storage vendor for specific recommendations on SIOC latency values, you should also check with your array vendor to see if that vendor offers recommendations for SDRS latency values.
[pic]
[pic]
What will happen if you put SDRS datastore in to maintenance mode?
When you enable SDRS datastores in to maintenance mode, migration recommendations are generated for registered VMs. However, SDRS datastore maintenance mode will not affect templates, unregistered VMs, or ISOs stored on that datastore.
[pic]
What are Storage DRS Automation levels?
SDRS offers two predefined automation levels, No Automation (Manual Mode) and Fully Automated.
No Automation (Manual Mode):-
When the SDRS automation level is set to No Automation (Manual Mode), SDRS will generate recommendations for initial placement as well as recommendations for storage migrations based on the configured space and I/O thresholds.
Initial placement recommendations are generated when you create a new VM (and thus a new virtual disk), add a virtual disk to a VM, or clone a
VM or template. Initial placement recommendations take the form of a pop-up window, Recommendations for storage migrations are noted in two different ways. First, an alarm is generated to note that an SDRS recommendation is present. You can view this alarm on the "Alarms" tab of the datastore cluster in "Datastores And Datastore Clusters" inventory view. In addition, the "Storage DRS" tab of the datastore cluster (visible in "Datastores And Datastore Clusters" inventory view) will list the current SDRS recommendations and give you the option to apply those recommendations — that is, initiate the suggested Storage vMotion migrations.
Fully Automated Mode:-
When SDRS is configured for Fully Automated mode, SDRS will automatically initiate Storage vMotion migrations instead of generating recommendations for the administrator to approve. In this instance, you can use the "Storage DRS" tab of the datastore cluster to view the history of SDRS actions by selecting the "History" button at the top of the Storage DRS tab.
What is Storage DRS Schedule?
The SDRS Scheduling area of the Edit Cluster dialog box allows you to create custom schedules. These custom schedules enable vSphere administrators to specify times when the SDRS behavior should be different. For example, are there times when SDRS should be running in No Automation (Manual Mode)? Are there times when the space utilization or I/O latency thresholds should be
different? If so, and you need SDRS to adjust to these recurring differences, you can accommodate that through custom SDRS schedules.
Let’s look at an example. Let’s say that you normally have SDRS running in Fully Automated mode, and it works fine. However, at night, when backups are running, you want SDRS not to automatically perform storage migrations. Using a custom SDRS schedule, you can tell SDRS to switch into manual mode during certain times of the day and days of the week and then return into Fully Automated mode when that day/time period is over.
What is Storage DRS Rules?
Just as vSphere DRS has affinity and anti-affinity rules, SDRS offers vSphere administrators the ability to create VMDK anti-affinity and VM anti-affinity rules. These rules modify the behavior of SDRS to ensure that specific VMDKs are always kept separate (VMDK anti-affinity rule) or that all the virtual disks from certain VMs are kept separate (VM anti-affinity rule).
Administrators can use anti-affinity rules to keep VMs or VMDKs on separate datastores, but as you’ve already seen, there is no way to create affinity rules. Instead of requiring you to create affinity rules to keep the virtual disks for a VM together, vSphere offers a simple check box in the Virtual Machine Settings area of the datastore cluster properties.
To configure Storage DRS to keep all disks for a VM together, check the boxes in the Keep VMDKs Together column.
[pic]
Name the two ways in which an administrator is notified that a Storage DRS recommendation has been generated?
Recommendations for storage migrations are noted in two different ways. First, an alarm is generated to note that an SDRS recommendation is present. You can view this alarm on the "Alarms" tab of the datastore cluster in "Datastores And Datastore Clusters" inventory view. In addition, the "Storage DRS" tab of the datastore cluster (visible in "Datastores And Datastore Clusters" inventory view) will list the current SDRS recommendations and give you the option to apply those recommendations — that is, initiate the suggested Storage vMotion migrations.
What is a potential disadvantage of using drag and drop to add a datastore to a datastore cluster?
You can use drag and drop to add a datastore to an existing datastore cluster as well. Please note, that drag and drop won’t warn you that you’re adding a datastore that doesn’t have connections to all the hosts that are currently connected to the datastore cluster. So when using SDRS some host may find that a particular datastore is unreachable. To avoid this situation you should always use the "Add Storage" dialog box.
[When using drag and drop to add a datastore to a datastore cluster, the user is not notified if the datastore isn’t accessible to all the hosts that are currently connected to the datastore cluster. This introduces the possibility that one or more ESXi hosts could be “stranded” from a VM’s virtual disks if Storage DRS migrates them onto a datastore that is not accessible from that host.]
A fellow administrator is trying to migrate a VM to a different datastore and a different host, but the option is disabled (grayed out). Why?
Storage vMotion, like vMotion, can operate while a VM is running. However, in order to migrate a VM to both a new datastore and a new host, the VM must be powered off. VMs that are powered on can only be migrated using Storage vMotion or vMotion, but not both.
Name two features of Storage vMotion that would help administrators cope with storage related changes in their vSphere environment?
Migration between different type of storage format (FC,NFS,FCOE,ISCSI):-
Storage vMotion can be used to facilitate no-downtime storage migrations from one type of storage array to a new or new type of storage array, greatly simplifying the migration process. Storage vMotion can also migrate between different types of storage (FC to NFS, iSCSI to FC or FCoE), which helps vSphere administrators cope with changes in how the ESXi hosts access the storage.
Migration between different type of VMDK format (Thick , Thin):-
Finally, Storage vMotion allows administrators to convert VMDKs between thick and thin, to give them the flexibility to use whichever VMDK format is most effective for them.
Selective and Objectives:-[Right/Wrong]
Which of the following are Esxi host requirements for VMware FT? (Choose all that apply.)
A. "Enterprise" or "Enterprise Plus" licensing must be in place.
B. ESXi hosts must be certified for FT in the VMware HCL.
C. ESXi hosts must have hardware Virtualization (HV) enabled in the BIOS.
D. ESXi hosts must have EVC mode enabled.
Which of the following are true statements about Storage DRS? (Choose two.)
A. ESXi 4.1 and newer hosts are required.
B. ESXi 5 and newer hosts are required.
C. Mixing NFS and VMFS datastores is not allowed.
D. Mixing NFS and VMFS datastores is allowed.
What condition must be first met to remove an ESXi host from a cluster?
A. The host must have host monitoring disabled.
B. The host must be in maintenance mode.
C. The host must be disconnected from vCenter Server.
D. None of these.
Which of the following are considered best practices for setting up the fault tolerance logging network? (Choose two.)
A. Single shared 1GbE NIC for vMotion and fault tolerance logging traffic
B. Single dedicated 1GbE NIC for fault tolerance logging traffic only
C. Isolating the fault tolerance logging traffic
D. Routing the fault tolerance logging traffic
A virtual machine has its host isolation response set to Shut Down, but this virtual machine does not have the VMware Tools installed. What will happen to this virtual machine, if the ESXi host it is running on becomes isolated?
A. It will shut down.
B. Nothing.
C. It will be powered off.
D. It will be suspended.
You need to create an affinity rule to require a set of virtual machines to run on a specific ESXi host. Which of the following do you need to create?
A. VM-Host affinity rule
B. VM-Host anti-affinity rule
C. VM-VM affinity rule
D. VM-VM anti-affinity rule
When implementing VMware FT, what is the overhead percentage that is required?
A. 5 to 10 percent
B. 10 percent
C. 5 to 20 percent
D. 20 percent
Which of the following schedulers exist in a DRS-enabled cluster? (Choose two.)
A. Priority scheduler
B. Global scheduler
C. Entitlement scheduler
D. Local scheduler
Enabling DRS on a cluster will create a second layer of scheduling architecture to go along with the local scheduler on each ESXi host. This second scheduler is called the global scheduler.
Which of the following statements best describes the Expandable Reservation parameter?
A. The Expandable Reservation parameter can be used to allow a child resource pool to request resources from its parent.
B. The Expandable Reservation parameter can be used to allow a child resource pool to request resources from its parent or ancestors.
C. The Expandable Reservation parameter can be used to allow a parent resource pool to request resources from its child.
D. The Expandable Reservation parameter can be used to allow a parent resource pool to request resources from a sibling.
[ Selecting the expandable reservation allows a child resource pool to request resources from its parent or ancestors. If there is only a single resource pool or resource pools that are siblings, then the request would go to the root resource pool].
When raising the EVC mode for the cluster, which of the following statements is true? (Choose two.)
A. Raising the EVC mode for cluster involves moving from a greater feature set to a lower feature set.
B. Raising the EVC mode for cluster involves moving from a lower feature set to a greater feature set.
C. Running virtual machines will need to be powered off during this operation.
D. Running virtual machines may continue to run during this operation.
When using vMotion to migrate a virtual machine, the option to select a resource pool was not available for the destination. What could be a reason for this?
A. The VM has an individual memory reservation set.
B. vMotion does not allow this operation.
C. Changing resource pools is not allowed.
D. No resource pools exist in the destination.
[If resource pools do not exist in the destination, the Migrate Virtual Machine Wizard will not offer you the option to select a resource pool.]
In which of the following automation levels will vCenter Server inform of suggested virtual machine migrations and place the virtual machines on ESXi hosts at VM startup?
A. Manual
B. Partially automated
C. Fully automated
D. None of these
Which of the following admission control policies will result in an ESXi host in the cluster that is unable to run virtual machines until a failover situation occurs?
A. Host failures the cluster tolerates
B. Percentage of cluster resources reserved as failover spare capacity
C. Specify failover hosts
D. None of these
When choosing the specify failover hosts admission control policy, no virtual machines can be powered on when they are on the specified failover hosts, unless an HA event has occurred.
.
Which of the following is configurable resource pool attributes? (Choose all that apply.)
A. Shares
B. Reservation
C. Priority
D. Name
A master host has stopped receiving heartbeats from a slave host. What are the possible conditions that the slave host could be in? (Choose all that apply.)
A. Failed
B. Unprotected
C. Isolated
D. Partitioned
Which of the following can be used to enable and disable VMware FT for a virtual machine that contains a single eager zeroed thick provisioned disk? (Choose all that apply.)
A. The vSphere Client for the powered-on virtual machine
B. The vSphere Client for the powered-off virtual machine
C. The vSphere Web Client for the powered-on virtual machine
D. The vSphere Web Client for the powered-off virtual machine
[The vSphere Client is required to enable FT. The power state of the VM is irrelevant, since the VM’s virtual disk files are eager zeroed thick provisioned]
You need to test the FT configuration in your environment. Which of the following approaches is both supported and noninvasive?
A. Pull the power cables from an ESXi host that is running VMs with FT enabled.
B. Use the vSphere Client and right-click the secondary virtual machine. Choose the Delete From Disk option.
C. Put an ESXi host with FT VMs running on it in maintenance mode.
D. Use the vSphere Client and right-click a virtual machine that has FT enabled on it. Choose the "Fault Tolerance Test Failover" option from the context menu that appears.
You want DRS to use the most aggressive setting possible for the migration threshold. How do you accomplish this?
A. Move the slider for the automation level to the far left in the DRS settings.
B. Move the slider for the migration threshold to the far left in the DRS settings.
C. Move the slider for the automation level to the far right in the DRS settings.
D. Move the slider for the migration threshold to the far right in the DRS settings.
Which of the following is a use case for VMware FT? (Choose all that apply.)
A. Application that requires high availability
B. Application that has no native capability for clustering
C. Application that requires protection for critical processes to complete
D. Application that has persistent and long-standing connections
[VMware FT can be used in all of these cases, as long as the virtual machine
meets the FT requirements.]
Which of the following options can be used to restart individual virtual machines when they have failed or become unresponsive?
A. VMware FT
B. VM monitoring
C. Application monitoring
D. None of these
[VM monitoring works by monitoring VMware Tools heartbeats from the VMware Tools process and disk, network I/O activity running in the guest OS and can reset failed and/or unresponsive virtual machines.]
What does it mean to “graft in” a host’s resource settings when you create a
cluster?
a. You are adding a host that is not ESXi 5.0.
b. You are using DRS but not HA.
c. You are maintaining the hierarchy that was set by the host’s Resource
Pools.
d. You will only add the host for a temporary project.
Which of the following is an optional parameter for Storage DRS configuration?
a. Capacity
b. I/O performance metric
c. CPU
d. Memory
Which of the following is not decided by DRS in Partially Automated mode,
but is decided by DRS in Fully Automated mode?
a. Initial placement
b. Storage
c. Network fault tolerance
d. Load balancing
What is the maximum number of vCPUs that can be on a fault-tolerant (FT) virtual machine?
a. 32
b. 4
c. 1
d. 2
Which of the following cannot be placed into a Resource Pool? (Choose two.)
a. Cluster
b. VM
c. Resource Pool
d. Host
6. Which of the following is true about vMotion?
a. You can vMotion VMs whether they are powered on or off.
b. You cannot vMotion and Storage vMotion the same VM at the same
time.
c. vMotion involves moving a VM’s files to a different datastore.
d. Storage vMotion involves moving the state of VM from one host to another.
Which of the following is not a component of the state of a VM?
a. Settings
b. Disk
c. Power
d. Memory
8. Which of the following would prevent a VM from using vMotion?
a. An internal switch on its host, to which the VM is not connected
b. CPU affinity not configured
c. A swap file that is local to a host
d. An ISO mounted on the local host, to which the VM is connected
9. What is the maximum number of VMs that can be included in a single VDR
backup job?
a. 10
b. 100
c. 32
d. 1000
10. Which of the following types of updates is no longer supported with VUM?
a. Host
b. Guest OS
c. VM hardware
d. Virtual appliance
The answers to these review questions are in Appendix A .
Which of the following should you use on a cluster to address differences in
CPUIDs on the hosts?
a. DRS
b. HA
c. FT
d. EVC
Which of the following can only be used on a host that is part of a cluster?
(Choose two.)
a. vMotion
b. DRS
c. Resource Pools
d. HA
Which Admission Control method would be best for an organization that has many VMs with highly variable reservations?
a. Specify failover hosts
b. Percentage of cluster resources reserved as failover space capacity
c. Host failures that the cluster tolerates
d. Any of these methods would work fine
What is the maximum number of FT VMs on any single host?
a. 32
b. 10
c. 4
d. 256
Which of the following is not a benefit of using Resource Pools?
a. Fault-tolerant design for VMs
b. Isolation of resources between pools
c. Management of multitier services
d. Access control and delegation
What is the minimum network bandwidth required for vMotion of one VM?
a. 100Mbps
b. 1Gbps
c. 10Gbps
d. There is no minimum.
7. Which of the following is not examined by EVC?
a. Settings in the BIOS that might differ from host to host
b. Connected local CDs and ISOs
c. The ESX/ESXi version running on the host
d. The guest OS of the VM
If you want to allow for more flexibility in adding hosts to your clusters, you
should use an EVC mode that is which of the following?
a. An EVC mode that works with both Intel and AMD hosts
b. An EVC mode that is the highest and best that all of your hosts share
c. An EVC mode that is the lowest common denominator to all the hosts
in your cluster
d. A different EVC mode for each host in your cluster
Which of the following snapshot files will continue to grow and consume the
remainder of your disk if you do not delete/consolidate snapshots properly?
a. delta.vmdk
b. -flat.vmdk
c. .vmx
d. .vmsd
If you delete a snapshot that is before the “You Are Here” indicator,
then which of the following will be true?
a. The snapshot will be deleted and will not be merged with the current
configuration of the VM.
b. The snapshot will not actually be deleted.
c. The You Are Here indicator will be deleted as well.
d. The snapshot will be deleted, but its attributes will be merged with the
current configuration of the VM.
[pic]
The VMware ESXi architecture comprises the underlying operating system, called VMkernel, and processes that run on top of it.
VMkernel:- VMkernel provides means for running all processes on the system, including management applications and agents as well as virtual machines. It has control of all hardware devices on the server, and manages resources for the applications. The main processes that run on top of VMkernel are:
• Direct Console User Interface (DCUI) — the low-level configuration and management interface which is accessible through the console of the server. It is primarily used for initial and basic configuration.
• The virtual machine monitor (VMM)- It is the process that provides the execution environment for a virtual machine, as well as a helper process known as VMX. Each running virtual machine has its own VMM and VMX process.
• Different Agents-Various agents used to enable high-level VMware Infrastructure management from remote applications.
• The Common Information Model (CIM) system:- CIM is the interface that enables hardware-level management from remote applications via a set of standard APIs.
What is VMkarnel?
VMkernel is a POSIX-like operating system developed by VMware and provides certain functionality similar to that found in other operating systems. VMkarnel provide functionalities like "process creation and control", "signals", "file system", and "process threads". It is designed specifically to support running multiple virtual machines and provides such core functionality as:
• Resource scheduling
• I/O stacks
• Device drivers
• Process handling
How is VMkarnel file system?
1) In-memory file system 2) VMFS file system on local or remote storage:-
In-memory file system :- VMkernel uses a simple in-memory file system to hold the ESXi configuration files, log files, and staged patches. This in-memory file system is independent of the VMware VMFS file system. For familiarity, the structure of the file system is designed to be the same as that used in the service console of ESX. For example, ESXi configuration files are found in /etc/vmware and log files are found in /var/log/vmware. Staged patches are uploaded to /tmp.
Because the in-memory file system does not persist when the power is shut down, log files do not survive a reboot. ESXi has the ability to configure a remote syslog server, enabling you to save all log information on an external system.
VMFS file system :-Just as with ESX, for Storing virtual machine, a VMware VMFS datastore may be created on a local disk in the host system or on shared storage. If the only VMFS datastores used by the host are on external shared storage, the ESXi system does not actually require a local hard drive. By running diskless setups, you can increase reliability by avoiding hard drive failures and reduce power and cooling consumption.
file management:- Remote command line interfaces provide file management capabilities for both the in-memory file system and the VMware VMFS datastores. Access to the file system is implemented via HTTPS ‘get’ and ‘put’.
Authentication:- Access is authenticated via users and groups configured locally on the server and is controlled by local privileges.
What is Direct Console User Interface (DCUI)?
A BIOS-like, menu-driven interface for initial configuration and troubleshooting.
The Direct Console User Interface (DCUI) is the local user interface that is displayed only on the console of an ESXi system. It provides a BIOS-like, menu-driven interface for interacting with the system. Its main purpose is initial configuration and troubleshooting.
DCUI user :- One of the system users defined in VMkernel is DCUI, which is used by the DCUI process to identify itself when communicating with other components in the system.
The DCUI configuration tasks include:
• Set administrative password
• Configure networking, if not done automatically with DHCP
Troubleshooting tasks include:-
• Perform simple network tests
• View logs
• Restart agents
• Restore defaults
Minimum configuration:- The intention is that the user carries out minimum configuration with the DCUI, then uses a remote management tool, such as the VI Client, VirtualCenter, or the remote command line interfaces, to perform all other configuration and ongoing management tasks.
Access: Anyone using the DCUI must enter an administrative-level password, such as the root password.
Authentication: You can give additional local users the ability to access the DCUI by making them a part of the “localadmin group”. This approach provides a way to grant access to the DCUI without handing out the root password, but obviously you would grant this right only to trusted accounts.
.What is SWAP Partition?
To replace pages or segments of data in memory. Swapping is a useful technique that enables a computer toexecute programs and manipulate data files larger than main memory. The operating system copies as much data as possible into main memory, and leaves the rest on the disk. When the operating system needs data from the disk, it exchanges a portion of data (called a page or segment ) in main memory with a portion ofdata on the disk.DOS does not perform swapping, but most other operating systems, including OS/2, Windows, and UNIX, do. Swapping is often called paging or Virtual memory.
What is Direct Console User Interface (DCUI)?
A BIOS-like, menu-driven interface for initial configuration and troubleshooting.
The Direct Console User Interface (DCUI) is the local user interface that is displayed only on the console of an ESXi system. It provides a BIOS-like, menu-driven interface for interacting with the system. Its main purpose is initial configuration and troubleshooting.
DCUI user :- One of the system users defined in VMkernel is DCUI, which is used by the DCUI process to identify itself when communicating with other components in the system.
The DCUI configuration tasks include:
• Set administrative password
• Configure networking, if not done automatically with DHCP
How is VMkarnel file system?
1) In-memory file system 2) VMFS file system on local or remote storage:-In-memory file system :- VMkernel uses a simple in-memory file system to hold the ESXi configuration files, log files, and staged patches. This in-memory file system is independent of the VMware VMFS file system. For familiarity, the structure of the file system is designed to be the same as that used in the service console of ESX. For example, ESXi configuration files are found in /etc/vmware and log files are found in /var/log/vmware. Staged patches are uploaded to /tmp.
Because the in-memory file system does not persist when the power is shut down, log files do not survive a reboot. ESXi has the ability to configure a remote syslog server, enabling you to save all log information on an external system.
VMFS file system :-Just as with ESX, for Storing virtual machine, a VMware VMFS datastore may be created on a local disk in the host system or on shared storage. If the only VMFS datastores used by the host are on external shared storage, the ESXi system does not actually require a local hard drive. By running diskless setups, you can increase reliability by avoiding hard drive failures and reduce power and cooling consumption.
[pic]
The VMware ESXi architecture comprises the underlying operating system, called VMkernel, and processes that run on top of it.
VMkernel:- VMkernel provides means for running all processes on the system, including management applications and agents as well as virtual machines. It has control of all hardware devices on the server, and manages resources for the applications. The main processes that run on top of VMkernel are:
• Direct Console User Interface (DCUI) — the low-level configuration and management interface which is accessible through the console of the server. It is primarily used for initial and basic configuration.
• The virtual machine monitor (VMM)- It is the process that provides the execution environment for a virtual machine, as well as a helper process known as VMX. Each running virtual machine has its own VMM and VMX process.
• Different Agents-Various agents used to enable high-level VMware Infrastructure management from remote applications.
• The Common Information Model (CIM) system:- CIM is the interface that enables hardware-level management from remote applications via a set of standard APIs.
What is Storage DRS Rules?
Just as vSphere DRS has affinity and anti-affinity rules, SDRS offers vSphere administrators the ability to create VMDK anti-affinity and VM anti-affinity rules. These rules modify the behavior of SDRS to ensure that specific VMDKs are always kept separate (VMDK anti-affinity rule) or that all the virtual disks from certain VMs are kept separate (VM anti-affinity rule).
Administrators can use anti-affinity rules to keep VMs or VMDKs on separate datastores, but as you’ve already seen, there is no way to create affinity rules. Instead of requiring you to create affinity rules to keep the virtual disks for a VM together, vSphere offers a simple check box in the Virtual Machine Settings area of the datastore cluster properties.
To configure Storage DRS to keep all disks for a VM together, check the boxes in the Keep VMDKs Together column.
What are Storage DRS Automation levels?
SDRS offers two predefined automation levels, No Automation (Manual Mode) and Fully Automated.
No Automation (Manual Mode):-
When the SDRS automation level is set to No Automation (Manual Mode), SDRS will generate recommendations for initial placement as well as recommendations for storage migrations based on the configured space and I/O thresholds.
Initial placement recommendations are generated when you create a new VM (and thus a new virtual disk), add a virtual disk to a VM, or clone a
VM or template. Initial placement recommendations take the form of a pop-up window, Recommendations for storage migrations are noted in two different ways. First, an alarm is generated to note that an SDRS recommendation is present. You can view this alarm on the "Alarms" tab of the datastore cluster in "Datastores And Datastore Clusters" inventory view. In addition, the "Storage DRS" tab of the datastore cluster (visible in "Datastores And Datastore Clusters" inventory view) will list the current SDRS recommendations and give you the option to apply those recommendations — that is, initiate the suggested Storage vMotion migrations.
Fully Automated Mode:-
When SDRS is configured for Fully Automated mode, SDRS will automatically initiate Storage vMotion migrations instead of generating recommendations for the administrator to approve. In this instance, you can use the "Storage DRS" tab of the datastore cluster to view the history of SDRS actions by selecting the "History" button at the top of the Storage DRS tab.
Differences files types created in P2V and V2V conversion
VMware ESXi VM files
|File |Description |
|VM1.vmx |This is a text file that contains the virtual hardware configuration, guest operating system information, and |
| |other pertinent details of the virtual machine |
|VM1.vmdk |This file contains information that describes the virtual hard disk characteristics |
|VM1-flat.vmdk |This file contains the guest operating system, application, and data files |
|VM1.nvram |This file contains the virtual machine BIOS state |
|VM1.vswp |This file contains the virtual machine swap file |
|VM1.vmsd |This file contains metadata and information for the virtual machine snapshots (if any have been created) |
|vmware.log |This file contains virtual machine log information (if there is more than a single log file named with a |
| |sequential numbering scheme, such as vmware-1.log, vmware-2.log, and so on) |
|VMDK Format |Description |
|MonolithicFlat |This represents a single VMDK file that is preallocated in size. |
|MonolithicSparse |This represents a single VMDK file that is dynamically growing in size, and that also contains an |
| |embedded file descriptor instead of an external one |
|Vmfs |This represents a variation of a MonolithicFlat format |
|twoGbMaxExtentSparse |This represents a collection of VMDK files that are preallocated in 2GB chunks |
|twoGBMaxExtentFlat |This represents a collection of VMDK files that dynamically grow in size, each up to 2GB chunks |
1 Hyper-V Virtual Machine Files
Table 4 contains a list of the virtual machine files that are created in Hyper-V for a virtual machine named VM1.
|File |Description |
|.xml |This file contains the virtual machine configuration details and is named with a GUID that is used to internally|
| |identify the virtual machine |
|VM1.vhd |This file contains the guest operating system, application, and data files |
|.avhd |This file contains the guest operating system, application, and data files for a snapshot and it is implemented |
| |as a differencing disk |
|.vsv |This file contains the saved state from the devices associated with the virtual machine |
|.bin |This file contains the memory of a virtual machine or snapshot that is in a saved state |
Differences between VMFS 3 and VMFS 5
|Capability |VMFS 3 |VMFS 5 |
|Maximum single Extend size |2 TB less 512 bytes |64 TB |
|Partition Style |MBR (Master Boot Record) style |GPT (GUID Partition Table) |
|Available Block Size |1 MB/2MB/4MB/8MB | only 1 MB |
|Maximum size of RDM in |2 TB less 512 bytes |2 TB less 512 bytes |
|Virtual Compatibility | | |
|Maximum size of RDM in |2 TB less 512 bytes |64 TB |
|Physical Compatibility | | |
|Supported Hosts versions |ESX/ESX 3.X, 4.X & 5.x |Only ESXi 5 is supported |
|Spanned Volume size |64 TB (32 extends with max |64 TB (32 extends with |
| |size of extent is 2 TB) |any size combination) |
|Upgrade path |VMFS 3 to VMFS 5 |Latest Version. NO upgarde |
| | | available yet. |
|File Limit |30,000 |100,000 |
|Sub-Block size |64 KB |8 KB |
| | | |
Vcenter Ports
|Port |Protocol |Description |
|80 |TCP |vCenter Server requires port 80 for direct HTTP connections. |
|389 |TCP/UDP |LDAP port |
|443 |TCP | vCenter Server system uses to listen for connections from the vSphere Client. |
|902 |TCP/UDP |vCenter Server system to send data to managed hosts. |
|903 |TCP |Access a virtual machine console from the vSphere Client when the vSphere Client is connected directly to the |
| | |ESXi host (no vCenter Server). |
|1234, 1235 |TCP |vSphere Replication |
|88 |TCP |vCenter Single Sign-On - VMware Kdc Service |
|2012 |TCP |vCenter Single Sign-On - VMware Directory Service |
|2013 |TCP |vCenter Single Sign-On - VMware Kdc Service |
|2014 |TCP |vCenter Single Sign-On - VMware Certificate Service |
|7005 |TCP |vCenter Single Sign-On |
|7009 |TCP |vCenter Single Sign-On |
|7080 |TCP |vCenter Single Sign-On HTTP Port |
|7443 |TCP |vCenter Single Sign-On HTTPS Port |
|7444 |TCP |vCenter Single Sign-On - VMware Secure Token Service |
|11711 |TCP |vCenter Single Sign-On - VMware Directory Service (LDAP) |
|11712 |TCP |vCenter Single Sign-On - VMware Directory Service (LDAPS) |
|12721 |TCP |vCenter Single Sign-On - VMware Identity Management Service |
|49000 - 65000 |TCP |vCenter Single Sign-On - VMware Identity Management Service. |
|8080 |TCP |Web Services HTTP. |
|8443 |TCP |Web Services HTTPS. |
|60099 |TCP |Web Service change service notification port |
|6501 |TCP |Auto Deploy service |
|6502 |TCP |Auto Deploy management |
|8000 |TCP |Requests from vMotion |
|8100 |TCP |Traffic between ESXi hosts for vSphere Fault Tolerance (FT) |
|8182 |TCP |Traffic between ESXi hosts for vSphere High Availability (HA) |
|8200 |TCP |Traffic between ESXi hosts for vSphere Fault Tolerance (FT) |
|9443 |TCP |vSphere Web Client HTTPS |
|10080 |TCP |vCenter Inventory Service HTTP |
|10111 |TCP |vCenter Inventory Service Linked Mode Communication |
|10443 |TCP |vCenter Inventory Service HTTPS |
|8190 |TCP |Storage Policy Server HTTP |
|8191 |TCP |Storage Policy Server HTTPS |
|22000 |TCP |vCenter Server Storage Monitoring Service HTTP |
|22100 |TCP |vCenter Server Storage Monitoring Service HTTPS |
|31010 |TCP |VMware vSphere Profile-Driven Storage Service HTTP |
|31100 |TCP |VMware vSphere Profile-Driven Storage Service HTTPS |
|32010 |TCP |VMware Storage Management Service HTTP |
|32100 |TCP |VMware Storage Management Service HTTPS |
What is the command used to restart SSH, NTP & Vmware Web access?
Service sshd restart
Service ntpd restrat
Service vmware–webaccess restart
What is vCenter Agent?
VC agent is an agent installed on ESX server which enables communication between VC and ESX server.
What are the types of Ports groups in ESX/ESXi?
There are 3 types of port groups in ESX
1.Service console port group
2.VMkernel Port group
3. Virtual machine port group
There are only 2 types of port group in ESXi
1. Vmkernel Port group
2.Virtual Machine Port group
What is VMKernel ?
VMware Kernel is a Proprietary kernel of VMware and is not based on any of the flavors of Linux operating systems, .VMkernel requires an operating system to boot and manage the kernel. A service console is being provided when VMware kernel is booted.
What is VMKernel port?
VMkernel port is used by ESX/ESXi for vMotion, ISCSI & NFS communications. ESXi uses VMkernel as the management network since it don’t have service console built with it.
What is the use of Service Console port ?
Service console port group required to manage the ESXi server and it acts as the management network for the ESXi. vCenter/vSphere Client uses the service console IP’s to communicate with the ESXi server.
What is the use of Virtual Machine Port Group?
Virtual Machine port group is used by Virtual machine communication.
How Virtual Machine communicates to another servers in Network ?
All the Virtual Machines which are configured in VM Port Group are able to connect to the other machines on the network. So this port group enables communication between vSwitch and Physical Switch by the use of uplink (Physical NIC) associated with the port group.
What are the different types of Partitions in ESXi server?
/ -root
Swap
/var
/Var/core
/opt
/home
/tmp
What are the security options available for ESX vswitch?
Promiscuous Mode – Reject
MAC Address changes – Accept
Forged Transmits – Accept
[pic]
What is Promiscuous Mode ?
If the promiscuous mode set to Accept, all the communication is visible to all the virtual machines, in other words all the packets are sent to all the ports on vSwitch.
If the promiscuous mode set to Reject, all the communications are visible to intended virtual machines,
in other words all the packets are sent to intended ports on vSwitch.
What is MAC Address changes?
When we create a virtual machine configuration wizard generate MAC address for the virtual machines which is usually stored in .vmx file.
If the settings doesn’t match with the MAC address as same as in the .VMX file , it does not allow incoming traffic to the VM by setting this option as reject.
If it is set as Accept, ESXi, it allow the incoming traffic to the virtual machine.
What is Forged Transmits ?
When we create a virtual machine configuration wizard generate MAC address for the virtual machines which is usually stored in .vmx file.
If the settings doesn’t match with the MAC address as same as in the .VMX file , it does not allow outgoing traffic from VM by setting this option as reject.
If it is set as Accept, ESXi, it allow the outgoing traffic from virtual machine.
VSwitch represents networking entities connecting Virtual Machines in a virtual network at layer 2. The Virtual Switch is fully virtual and can be connected to a NIC The VMware Virtual Switch is a switching fabric built into the VMware infrastructure (ESX) that allows you to network your Virtual Machines (VMs).
What is VLAN?
A VLAN is the Virtual LAN which is used to broke down the Broadcast traffic into many logical groups. Basically, one physical switch comprise of one broadcast domain. VLAN used to separate the one broadcast domain into many small pieces to separate the networks within the broadcast domain.
What are the types of VLAN tagging in Vsphere?
1.Virtual Switch Tagging (VST)
2.External Switch Tagging (EST)
3.Virtual Guest Tagging (VGT)
What are the Traffic Shaping policies available in the vSwitch?
Traffic shaping policies are disabled by default. There are 3 different traffic shaping policy setting
Average Bandwidth
Peak Bandwidth
Burst Size
[pic]
What are the Load balancing policies available in vSwitch?
Route based on the originating virtual switch port ID
Route based on source MAC hash
Route based on IP hash
[pic]
What are the types for Network Failover Detection settings?
Link Status only
Beacon Probing
Link Status only –This detects failures, such as cable pulls and physical switch power failures, but it cannot detect configuration errors, such as a physical switch port being blocked by spanning tree or misconfigured to the wrong VLAN or cable pulls on the other side of a physical switch.
Beacon Probing –In addition to link status, to determine link failure. This detects many of the failures which are not detected by Link Status.
Ip address and details of network card
Ifconfig -a
Command for Vswitch, port groups and IP address details
Esxcfg-vswitch -l
What is command to get the information about Service console ports and its IP address assigned?
esxcfg-vswif -l
Command for VMKernel port and its IP address
esxcfg-vmknic -l
Command for Physical nics installed in ESXi
esxcfg-vmknic -l
Command to add new switch named(Vswitch3) to ESXi server.
esxcfg-vswitch -a vswitch3
Command to add new port group named(mgmt) to Vswitch3
esxcfg-vswitch -A mgmt vswitch3
How to add the service console port (vswif2) to our newly created port group “mgmt” with the ip addr 192.168.0.79 ?
esxcfg-vswif -a vswif2 -i 192.168.0.79 -n 255.255.255.0 -p “mgmt”
How to add the vmkernal port (vmk2) to our newly created port group “mgmt” with the ip addr 192.168.0.83?
esxcfg-vmknic -a -i 192.168.0.83 -n 255.255.255.0 -p “mgmt”
How to change the ESX host name and default gateway?
nano /etc/sysconfig/network
How to edit the ESX host file ?
nano /etc/hosts
How to edit the DNS entry of your ESX server?
nano /etc/resolv.conf
Command to display the firewall port
esxcfg-firewall – q
How to open the port in firewall (port no 8877, tcp, incoming , name: test3 ?
esxcfg-firewall -o 8877,tcp,in,test3
What is VMware Fault Tolerance?
VMware Fault Tolerance is a component of VMware vSphere and it provides continuous availability to applications by preventing downtime and data loss of Virtual machines in the event of ESX server failures.
VMware FT using a technology called vLockstep technology.
How do i check my host for FT compatibility from vSphere client?
[pic]
What is FT Logging Traffic?
FT logging is the one of option in VMkernel port setting which is similar to enable vMotion option in the VMkernel port.
When FT is enabled for the virtual machine, all the inputs (disk read.. wirte,etc..) of the primary virtual machine are recorded and sent to the secondary VM over via FT logging enabled VMkernel port.
How to Enable FT Logging in VMkernel Port?
GO the ESX host -> Configuration-> Networking -> Properties of Virtual switch with the VMkernel portgroup configured
Click on VMkernel Port -> click on Edit -> General tab -> select the Fault Tolerance Logging -> click on OK.
[pic]
How Does VMware Fault Tolerance Work?
➢ When you enable Fault Tolerance for the virtual machine, a secondary virtual machine will be created to work with the primary virtual machine.
➢ The primary and secondary virtual machine resides on a different ESXi hosts in the cluster.
➢ Whatever the events or actions performed by the primary VM will be transmitted via gigabit Ethernet network to be replayed by the secondary virtual machine using VLockstep technology.
➢ Even though both the primary and secondary virtual machines appear as a single entity and access a common disk, both running with the single IP address, MAc address but writes are only performed by the primary virtual machine.
➢ The primary and secondary virtual machines sends heartbeat between each other frequently with millisecond intervals to the check for the availability. If either of the virtual machine loses the heartbeat, other virtual machine will take over the primary virtual machine role immediately.
What happens when you enabled Fault Tolerance for your virtual machine?
When you enable Fault Tolerance for the virtual machine, a secondary virtual machine will be created to work with the primary virtual machine in which you have enabled FT. The primary and secondary virtual machine resides on a different ESXi hosts in the cluster.
What will happen when the ESX host of primary VM failed?
When a failure is detected on the primary VM's ESX host, the secondary virtual machine which is running on the another ESXi server in the same cluster will takes the place of the first one with the least possible interruption of service.
If vCenter is down, will the FT work?
vCenter server is only required to enable FT on the virtual machine. once it is configured, vCenter is not required to be in online for FT to work. FT failover between primary and secondary will occurs even if the vCenter is down.
FT in Vsphere 6.0
VMware Fault Tolerance (FT) is being one of my favorite feature but because of its vCPU limitation, It was not helping to protect the Mission Critical applications. With vSphere 6.0, VMware broken the limitation lock of Fault Tolerance. FT VM now Supports upto 4 vCPUs and 64 GB of RAM (Which was 1 vCPu and 64 GB RAM in vSphere 5.5). With this vSMP support, Now FT can be used to protect your Mission Critical applications. Along with the vSMP FT support, There are lot more features has been added in FT with vSphere 6.0, Let’s take a look at what’s new in vSphere 6.0 Fault Tolerance(FT).
Benefits of Fault Tolerance
• Continuous Availablity with Zero downtime and Zero data loss
• NO TCP connections loss during failover
• Fault Tolerance is completely transparent to Guest OS.
• FT doesn’t depend on Guest OS and application
• Instantaneous Failover from Primary VM to Secondary VM in case of ESXi host failure
What new in vSphere 6.0 Fault Tolerance
➢ FT support upto 4 vCPUs and 64 GB RAM
➢ Fast Check-Pointing, use to keep primary and secondary in Sync by replacing “Record-Replay”
➢ vSphere 6.0, Supports vMotion of both Primary and Secondary Virtual Machine
➢ With vSphere 6.0, You will be able to backup your virtual machines. FT supports for vStorage APIs for Data Protection (VADP) and it also supports all leading VADP solutions in Market like symantec, EMC, HP ,etc.
➢ With vSphere 6.0, FT Supports all Virtual Disk Type like EZT, Thick or Thin Provisioned disks. It supports only Eager Zeroed Thick with vSphere 5.5 and earlier versions
➢ Snapshot of FT configured Virtual Machines are supported with vSphere 6.0
➢ New version of FT keeps the Separate copies of VM files like .VMX, .VMDk files to protect primary VM from both Host and Storage failures. You are allowed to keep both Primary and Secondary VM files on different datastore.
Differences between Vsphere 5.5 FT and Vsphere 6.0 FT.
[pic]
I hope we all are ready to build and protect your Mission Critical VM’s with Fault Tolerance. Thanks for Reading!!! Be Social and share it in social media, if you feel worth sharing it.
Vcenter logs
vpxd.log : The main vCenter Server logs, consisting of all vSphere Client and Web Services connections, internal tasks and events, and communication with the vCenter Server Agent (vpxa) on managed ESX/ESXi hosts.
vpxd-profiler.log, profiler.log and scoreboard.log: Profiled metrics for operations performed in vCenter Server
cim-diag.log and vws.log: Common Information Model monitoring information, including communication between vCenter Server and managed hosts’ CIM interface.
drmdump: Actions proposed and taken by VMware Distributed Resource Scheduler (DRS), grouped by the DRS-enabled cluster managed by vCenter Server
ESXi servers logs
Vmkernel – /var/log/vmkernel – records activities related to the virtual machines and ESX server.
Vmkernel Warnings – /var/log/vmkwarning – This log is a copy of everything marked as a warning or higher severity from vmkernel log.
Vmkernel Summary – /var/log/vmksummary – Used to determine uptime and availability statistics for ESX Server.
var/log/vmware/hostd.log – Contains information on the agent that manages and configures the ESX Server host and its virtual machines.
Service Console – /var/log/messages – This log is the log from the Linux kernel (service console), which is generally only potentially useful in the case of a host hang, crash, authentication issue, or 3rd party app acting up.
Web Access – /var/log/vmware/webAccess – Records information on Web-based access to ESX Server.
Authentication log – /var/log/secure – Contains records of connections that require authentication, such as VMware daemons and actions initiated by the xinetd daemon.
VirtualCenter agent – /var/log/vmware/vpx – Contains information on the agent that communicates with VirtualCenter.
[pic]
What are the core services of VC ?
VM provisioning , Task Scheduling and Event Logging
What are the files that make a Virtual Machine?
.vmx - Virtual Machine Configuration File
.nvram - Virtual Machine BIOS
.vmdk - Virtual Machine Disk file
.vswp - Virtual Machine Swap File
.vmsd - Virtual Machine Snapshot Database
.vmsn - Virtual Machine Snapshot file
.vmss - Virtual Machine Suspended State file
.vmware.log - Current Log File
.vmware-#.log - Old Log file
.vmtx- Vitual machine Template file.
Commands for VM
• List all VMs registered to this host.
vim-cmd /vmsvc/getallvms
• Unregister a VM
vim-cmd /vmsvc/unregister
• Register a VM
vim-cmd /solo/register /path/to/file.vmx
• Get power state of a VM
vim-cmd /vmsvc/power.getstate
• Power off a VM
vim-cmd /vmsvc/power.off
• Power on a VM
vim-cmd /vmsvc/power.on
Unable to power on the Virtual Machine, How to fix it?
If the virtual machine is running in a cluster of esx hosts, sometimes it won’t power on. Why because, the files that are associated with that VM are locked by the host at the time of running. So when you try to vMotion the VM from one host to another host, the first host releases those files and again locked by the second host.
So what is meant by locking here, and why it is happening?
Locking is nothing but, the registration of a vm with a host. this happens every time when the vm is hosted on a host. this is helpful to prevent the access to the same vm for remaining hosts in the cluster.
Why the vm fails when trying to power it on?
When the files associated with that VM are locked by a host it won’t powered on. At that time, you must unregister the vm from the host using vmware-cmd utility
RDM (Raw Device Mappings)
Generally when we create a Virtual Machine we will create/allocate some space to the .vmdk file which is used as the internal hard disk for the Virtual Machine.
We can create/allocate space for .vmdk file from the above 3 storage types. But those cannot be directly accessed by the Virtual Machine.
First ESX server accesses it and it passes that access to the Virtual Machine. But using RDM we can give direct access to the Virtual Machine to the above said storages. But one disadvantage of RDM is we cannot take snapshots if we configure it as Physical.
Open virtualization Format (OVF) and Open Virtualization appliances(OVA)
OVF:- used to pack and distribute virtual appliances or virtual machines
OVF file contain multiple files into one directory
one is the description file(.ovf)
VM state file such as vmdk or vhd.
manifest file
OVA:- It is only single file which contain all the files of ovf into single file called ova.
OVA is better to transfer and send only one file.
Differences between Vsphere 5.0,5.1,5.5 and 6.0
[pic]
Differences between Standard Switch and Distributed Switch
|Features |Standard Switch |Distributed Switch |
|Management |used to manage at individual ESXi hosts level. |used to manage centralized ESXi hosts. |
|Licensing |Available for all licensing edition |Support enterprise edition licensing |
|Creation and Configuration |Standard switch is created and configured at |Standard switch is created and configured at |
| |each ESXi host level. |vCenter server level. |
|NIC Teaming |Can utilize multiple uplink to form NIC |Can utilize multiple uplink to form NIC |
| |teaming. |teaming. |
|Network vMotion |Not available |Can be achieved using distributed switch. |
|Netflow |NO |YES |
|VLAN Segmentation |YES |YES |
|Outbound traffic shaping |Can be achieved using standard switch |Can be achieved using distributed switch. |
|Inbound traffic shaping |Not available |Available |
|Port VM blocking |Not possible |Possible in Distributed Switch |
|Private VLAN |Not available |Available |
|Port Mirroring |Not available |Available |
|Port Policy settings |Policy can be applied at Switch and port group |Policy can be applied at Switch and port group |
| | |and even per port level. |
|Layer 2 Switch |Yes, can forward layer 2 frames |Yes, can forward layer 2 frames |
|802.1Q Tagging |Can use and understand 802.1Q VLAN Tagging. |Can use and understand 802.1Q VLAN Tagging. |
|Load Balance teaming |Not available |Available. |
Enabling SSH in ESXi hosts.
Click on host> configuration>Security Profile>Click on property>Select SSH service> in the below click on option button>click on start or stop the service.
Adding ESXi host to Active Directory
1. Click on hosts
2. G to configuration tab
3. Authentication service> properties
[pic]
his will launch the “Directory Services Configuration” wizard where you will:
1. Set “Select Directory Service Type” to “Active Directory”.
2. Enter the name of the AD domain.
3. Click “Join Domain”.
[pic]
What is the difference between clone and template in VMware?
Clone
❖ A clone is a copy of virtual machine.
❖ You cannot convert back the cloned Virtual Machine.
❖ A Clone of a Virtual Machine can be created when the Virtual Machine is powered on
❖ Cloning can be done in two ways namely Full Clone and Linked Clone.
❖ A full clone is an independent copy of a virtual machine that shares nothing with the parent virtual machine after the cloning operation. Ongoing operation of a full clone is entirely separate from the parent virtual machine.
❖ A linked clone is a copy of a virtual machine that shares virtual disks with the parent virtual machine in an ongoing manner. This conserves disk space, and allows multiple virtual machines to use the same software installation.
❖ Cloning a virtual machine can save time if you are deploying many similar virtual machines. You can create, configure, and install software on a single virtual machine, and then clone it multiple times, rather than creating and configuring each virtual machine individually.
Template
❖ A template is a master copy or a baseline image of a virtual machine that can be used to create many clones.
❖ Templates cannot be powered on or edited, and are more difficult to alter than ordinary virtual machine.
❖ You can convert the template back to Virtual Machine to update the base template with the latest released patches and updates and to install or upgrade any software and again convert back to template to be used for future deployment of Virtual Machines with the latest patches.
❖ Convert virtual Machine to template cannot be performed, when Virtual machine is powered on. Only Clone to Template can be performed when the Virtual Machine is powered on.
❖ A template offers a more secure way of preserving a virtual machine configuration that you want to deploy many times.
❖ When you clone a virtual machine or deploy a virtual machine from a template, the resulting cloned virtual machine is independent of the original virtual machine or template.
Differences between Type1 and Type 2 hypervisor
|Type 1 Hypervisor |Type-2 Hypervisor |
|This is also known as bare metal, embedded or Native Hypervisor |This is also known as Hosted Hypervisor |
|It is completely independent from the operating system |It is completely dependent from the operating system |
|It work directly on the hardware host |It is installed on operating system then it support other operating |
| |systems. |
|A major advantage is that any problem in one VM that do not affect |If any problem in base operating system that affect all other |
|other VM |operating system. |
|VMware ESXi, Microsoft Hyper V and Citrix Xen servers. |VMware workstation ,Microsoft virtual pc and oracle virtual box |
What are the monitoring methods used for vSphere HA?
The Master and Slave hosts uses two types of monitoring the status of the hosts
• Datastore Heartbeat
• Network Heartbeat
What are the roles of master host in vSphere HA?
✓ Monitoring the state of slave hosts. If a slave host fails or becomes unreachable, the master host identifies which virtual machines need to be restarted.
✓ Monitoring the power state of all protected virtual machines. If one virtual machine fails, the master host ensures that it is restarted. Using a local placement engine, the master host also determines where the restart should be done.
✓ Managing the lists of cluster hosts and protected virtual machines.
✓ Acting as vCenter Server management interface to the cluster and reporting the cluster health state
How is a Master host elected in vSphere HA environment?
When vSphere HA is enabled for a cluster, all active hosts (those not in standby or maintenance mode, or not disconnected) participate in an election to choose the cluster's master host.
The host that mounts the greatest number of datastores has an advantage in the election. Only one master host typically exists per cluster and all other hosts are slave hosts
If the master host fails, is shut down or put in standby mode, or is removed from the cluster a new election is held.
What is the difference between Thick provision Lazy Zeroed, Thick provision Eager Zeroed and Thin provision?
Thick Provision Lazy Zeroed
➢ Creates a virtual disk in a default thick format.
➢ Space required for the virtual disk is allocated when the virtual disk is created.
➢ Data remaining on the physical device is not erased during creation, but is zeroed out on demand at a later time on first write from the virtual machine.
➢ Using the default flat virtual disk format does not zero out or eliminate the possibility of recovering deleted files or restoring old data that might be present on this allocated space.
➢ You cannot convert a flat disk to a thin disk.
Thick Provision Eager Zeroed
➢ A type of thick virtual disk that supports clustering features such as Fault Tolerance.
➢ Space required for the virtual disk is allocated at creation time.
➢ In contrast to the flat format, the data remaining on the physical device is zeroed out when the virtual disk is created.
➢ It might take much longer to create disks in this format than to create other types of disks.
Thin Provision
➢ It provides on on-demand allocation of blocks of data.
➢ All the space allocated at the time of creation of virtual disk is not utilized on the hard disk, rather only the size with utilized data is locked and the size increases as the amount of data is increased on the disk.
➢ With thin provisioning, storage capacity utilization efficiency can be automatically driven up towards 100% with very little administrative overhead.
Snapshot
Snapshot is used to capture entire state of the Virtual machine at the time you take the snapshot.
This includes:-
✓ The state of all the virtual machine's disks.
✓ The contents of the virtual machine's memory.
✓ The virtual machine settings.
.
When you revert to a snapshot, you return all these items to the state they were in at the time you took that snapshot.
✓ When taking a snapshot, the state of the virtual disk at the time the snapshot is taken will be preserved. When this occurs, the guest cannot write to the vmdk file.
✓ The delta disk is an additional vmdk file to which the guest is allowed to write.
✓ The delta disk represents the difference between the current state of the virtual disk and the state that existed at the time the previous snapshot was taken.
✓ If more than one snapshot exists, delta disks can represent the difference (or delta) between each snapshot.
✓ For example, a snapshot can be taken, and then the guest could write to every single block of the virtual disk, causing the delta disk to grow as large as the entire virtual disk
When a snapshot is deleted, the changes between snapshots and previous disk states are merged, and all the data from the delta disk that contains the information about the deleted snapshot is written to the parent disk and merges with the base disk only when you choose to do so.
This can involve a large amount of disk input and output.
This may reduce the virtual machine performance until consolidation is complete.
The amount of time it takes to commit or delete snapshots depends on how much data the guest operating system has written to the virtual disks since the last snapshot was taken. The required time is directly proportional to the amount of data (committed or deleted) and the amount of RAM allocated to the virtual machine.
Different types of snapshot files
delta.vmdk file: This is the differential file created when you take a snapshot of a VM. It is also known as the redo-log file. The delta file is a bitmap of the changes to the base VMDK, thus it can never grow larger than the base VMDK (except for snapshot overhead space). A delta file will be created for each snapshot that you create for a VM. An extra delta helper file will also be created to hold any disk changes when a snapshot is being deleted or reverted. These files are automatically deleted when the snapshot is deleted or reverted in snapshot manager.
vmsd file: This file is used to store metadata and information about snapshots. This file is in text format and will contain information such as the snapshot display name, unique identifier (UID), disk file name, etc. It is initially a 0 byte file until you create your first snapshot of a VM. From that point it will populate the file and continue to update it whenever new snapshots are taken.
This file does not cleanup completely after the snapshots are taken. Once you delete a snapshot, it will still increment the snapshot's last unique identifier for the next snapshot.
vmsn file: This is the snapshot state file, which stores the exact running state of a virtual machine at the time you take that snapshot. This file will either be small or large depending on if you select to preserve the VM's memory as part of the snapshot. If you do choose to preserve the VM's memory, then this file will be a few megabytes larger than the maximum RAM memory allocated to the VM.
What are the common issues with snapshots? What stops from taking a snapshot and how to fix it ?
If you configure the VM with Mapped LUN's, then the snapshot failed. If it is mapped as virtual then we can take a snapshot of it.
If you configure the VM with Mapped LUN's as physical, you need to remove it to take a snapshot.
What are the settings that are taken into to consideration when we initiate a snapshot?
Virtual Machine Configuration (What hardware is attached to it)
State of the Virtual Machine Hard Disk file ( To revert back if needed)
State of the Virtual Machine Memory (if it is powered on).
Port Group
The port group segregates the type of communication. A port group is always connected to a single vswitch.
What are the type of communications which requires an IP address for sure ?
Service Console and VMKernel (VMotion and iSCSI), these communications does not happen without an ip address.
In the ESX Server licensing features VMotion License is showing as Not used? Why
Even though the license box is selected, it shows as "License Not Used" until, you enable the VMotion option for specific vSwitch.
Does the vSwitches support VLAN Tagging? Why?
Yes, The vSwitches support VLAN Tagging, otherwise if the virtual machines in an esx host are connected to different VLANS, we need to install a separate physical nic (vSwitch) for every VLAN. That is the reason vmware included the VLANtagging for vSwitches. So every vSwitch supports upto 1016 ports, and BTW they can support 1016 VLANS if needed, but an ESX server doesn’t support that many VM’s.
28. What are the requirements for Converting a Physical machine to VM ?
I. An agent needs to be installed on the Physical machine
II. VI client needs to be installed with Converter Plug-in
III. A server to import/export virtual machines.
Backup Types
✓ Full backup - Will take the backup of all selected files and reset the archive bit
✓ Copy backup - Will take the backup of all selected files but does not reset the archive bit
✓ Incremental backup - Will take the backup of files whose archive bits are set and resets it after backup
✓ Differential backup - Will take the backup of files whose archive bits are set but does not reset it after backup.
✓ Archive bit is used to track any changes in the file.
Port used for Vmotion and Vcenter
Vmotion:- 8000 and for Vcenter :- 80,443,902.
902 (server-to-server migration and provisioning traffic)
2050–2250 (for HA traffic)
8000 (for vMotion)
8042–8045 (for HA traffic)
8100-8200- FT port
log file location for VMware host
var/log/VMware
What is vmdk file?
It is the disk descriptor file which describes the size and geometry of the virtual disk file. This file is in text format and contains the name of the –flat.vmdk file for which it is associated with and also the hard drive adapter type, drive sectors, heads and cylinders, etc.
Storage DRS
Storage DRS helps you manage multiple datastores as a single compute resource, called a datastore cluster.
A datastore cluster is an aggregation of multiple datastores into a single logical, load-balanced pool. You can treat the datastore cluster as a single flexible storage resource for resource management. In effect, a datastore cluster is the storage equivalent of an ESXi compute cluster.
You can dynamically populate datastore clusters with datastores of similar characteristics.
You can assign a virtual disk to a datastore cluster and Storage DRS finds an appropriate datastore for it. The load balancer manages initial placement and future migrations based on workload measurements.
Storage space balancing and storage I/O balancing minimize the risk of running out of space and the risk of I/O bottlenecks slowing the performance of virtual machines.
[pic]
Storage IO controller
VMware vSphere Storage I/O Control is used to provide I/O prioritization for virtual machines running on a group of VMware vSphere hosts that have access to a shared storage pool. It extends the familiar constructs of shares and limits, which exist for CPU and memory, to address storage utilization through a dynamic allocation of I/O capacity across a cluster of vSphere hosts. It increases administrator productivity by reducing active performance management.
Storage I/O Control can trigger device-latency monitoring that hosts observe when communicating with that datastore. When latency exceeds a set threshold, the feature engages to relieve congestion. Each virtual machine that accesses that datastore is then allocated I/O resources in proportion to their shares.
Network IO controller
Use VMware vSphere Network I/O Control to configure rules and policies at the virtual machine level and to assure that I/O resources are always available for your business-critical applications. NIOC monitors the network. Whenever it sees congestion, it automatically shifts resources to your highest-priority applications as defined by your business rules.
Thanks to NIOC, your administrators can be more productive, you can extend virtualization across more workloads and your infrastructure can become more versatile.
Distributed Power management
VMware Distributed Power Management (VMware DPM) provides additional power savings by allowing multiple workload to be done on single physical server
DPM used to provide workload placement should be adjusted automatically based on VM work utilizations.
Virtual machines are migrated onto fewer hosts and the unneeded ESX hosts are powered off. VMware DPM is an optional feature of VMware Distributed Resource Scheduler (DRS.
DPM can fit into that by migrating VM guests off of servers that are not in use and shut the host system down. Even better, once you configure DRS, using DPM is virtually a “checkbox away”.
Difference between NTFS and VMFS
|NTFS(New Technology File system) |VMFS(Virtual machine file system) |
|Support small disk type up to GB |Support large disk up to 4 TB |
|No Extension of hard drive |Dynamic extension of your hard drive. |
| |If your application is running you can add hard disk and processor. |
|Support Single OS |Support Multiple OS. |
|Support NTFS File system |Support one half of NTFS files and other half of ext3 files. |
|If we format hard disk with NTFS and attach the disk to linux server |It will detect always. |
|it won't detect | |
|File level locking not supported. |File locking supports in VMFS |
VMFS(Virtual Machine File system)
❖ VMFS is VMware's unique clustering file system which allow for multiple hosts to read and write from same storage location concurrently.
❖ It has adaptive block sizing and uses the large block sizes and sub blocks allocated for small files and directory.
❖ Uses on disk file locking to ensure that same VM is not powered by multiple servers at same time.
❖ Each VM is encapsulated in a small set of files and VMFS is the default storage management interface for these files on physical SCSI disk and partitions.
Ports In Vcenter Server
HTTP 80
HTTPS 443
Vi client 902
License 27000,2710
NTP 123
SNMP 161,162
ISCSI 3260
DNS 53
DHCP 67,68
Web Port 9086
Console 903
SOAP 9085
Different Memory reclaiming technologies
• Transparent page sharing (TPS)—reclaims memory by removing redundant pages with identical content;
• Ballooning—reclaims memory by artificially increasing the memory pressure inside the guest;
• Hypervisor swapping—reclaims memory by having ESXi directly swap out the virtual machine’s memory;
• Memory compression—reclaims memory by compressing the pages that need to be swapped out.
Transparent Page sharing:-
• As the word suggest ESXi server know what pages are there inside the RAM and start filtering the pages
• put a pointer whenever VM need pages the pointer start reading the pages.
• Hypervisor reclaim the redundant copy and keep only one copy which shared by the multiple ESX hosts.
• As a result the total VM host consumption is reduced and higher level of memory over commitment possible.
BALLOONING:- ESX server silently pushes the ballon driver that always runs as the process in the VM ballon driver asking more memory which reside inside the VM that doesn’t aware of the ESX Server. In ESX, a balloon driver is loaded into the guest operating system as a pseudo-device driver. It has no external interfaces to the guest operating system and communicates with the hypervisor through a private channel. The balloon driver polls the hypervisor to obtain a target balloon size. If the hypervisor needs to reclaim virtual machine memory, it sets a proper target balloon size for the it take the physical memory from non-reserved VM and provide reserved VM.
MEMORY OVER COMMITMENT(HYPERVISOR SWAPING):- As a last effort to manage excessively overcommitted physical memory, the hypervisor will swap the virtual machine’s memory.Transparent page sharing has very little impact to performance and, as stated earlier, ballooning will only induce guest paging if theguest operating system is short of memory.In the cases where ballooning and page sharing are not sufficient to reclaim memory, ESX employs hypervisor swapping to reclaimmemory. To support this, when starting a virtual machine, the hypervisor creates a separate swap file for the virtual machine. Then, ifnecessary, the hypervisor can directly swap out guest physical memory to the swap file, which frees host physical memory for othervirtual machines. hypervisor swapping is a guaranteed technique to reclaim a specific amount of memory within a specific amount of time
MEMORY COMPRESSION:- To reduce the impact of hypervisor swapping, vSphere 4.1 and later, including vSphere 5 a new memory-management technology was introduced called memory compression. The idea is to delay the need to swap hypervisor pages by compressing the memory pages managed by ESXi – the VMkernel will attempt to compress memory pages, if two pages can be compressed to use only one page of physical RAM, that’s one less page that needs to be swapped. Because the compression/decompression process is so much faster than disk access, performance is preserved. Compression is invoked only when the ESXi host reaches the point that swapping is needed.
Although these advanced memory-management technologies allow ESXi to improve performance in an overcommitted environment, it does not guarantee memory or prioritize access to memory. VMware vSphere administrator can use reservations, limits, and shares to modify or control how resources are allocated.
Virtualization
➢ Virtualization is a broad term that refers to the abstraction of resources across many aspects of computing
➢ For our purposes - One physical machine to support multiple virtual machines that run in parallel.
How does Virtualization works?
Virtualization The VMware virtualization platform is built on a business-ready architecture. Use software such as VMware vSphere to transform or “virtualize” the hardware resources of an x86-based computer—including the CPU, RAM, hard disk and network controller—to create a fully functional virtual machine that can run its own operating system and applications just like a “real” computer. Each virtual machine contains a complete system, eliminating potential conflicts. VMware virtualization works by inserting a thin layer of software directly on the computer hardware or on a host operating system. This contains a virtual machine monitor or “hypervisor” that allocates hardware resources dynamically and transparently. Multiple operating systems run concurrently on a single physical computer and share hardware resources with each other. By encapsulating an entire machine, including CPU, memory, operating system, and network devices, a virtual machine is completely compatible with all standard x86 operating systems, applications, and device drivers. You can safely run several operating systems and applications at the same time on a single computer, with each having access to the resources it needs when it needs them.
Key feature of Virtualization
[pic]
Different types of virtualizations.
➢ Hardware Virtualization uses software that is called a hypervisor (commonly VMware ESXi, Microsoft Hyper-V, or Citrix XenServer) to abstract the physical characteristics of a server. This permits multiple guest operating systems to run virtually on a single physical server. The guest virtual machines are not aware that they are sharing physical hardware. More so, the resources of the physical server are better utilized.
➢ Software or Application Virtualization streams a remotely installed application from a server to a client (commonly Citrix XenApp or Microsoft App-V) or packages up an application to run in a standalone sandbox without requiring local installation (commonly VMware ThinApp). Because the applications are no longer installed on client desktops, administrators can more easily administer and distribute applications and their patches from a single networked location.
➢ Desktop Virtualization is similar to hardware virtualization in that it separates a personal computer desktop environment from a physical machine by either remotely streaming the desktop (commonly VMware View or Citrix XenDesktop). In some cases the entire desktop may be cashed locally, but most solutions simply provide a remote keyboard, video, and mouse (KVM) interface via a locally installed application (commonly Citrix Receiver or Microsoft Remote Desktop Connection). The desktops run on high performing servers that are centrally managed and easily deployed by IT.
➢ Storage Virtualization abstracts logical storage from physical storage. Large pools of disks are divided into smaller logical units that are presented as a single volume but may actually span across many physical disks. This improves performance, increases drive space utilization, and provides redundancy.
➢ Network Virtualization either separate physically attached networks into different virtual networks or combine many separate virtual networks to share the same segments of a large physical network. By creating virtual networks administrators are able to logically group machines and their traffic while better utilizing the physical networking infrastructure
esx server
ESX Server is VMware’s flagship enterprise server virtualization platform. It comes in two versions – ESX Server and ESXi Server where the latter has no service console and is the thinnest version available. ESX Server has many optional features like VMotion and VMHA and some built-in features like the VMFS file system. Most end users purchase VMware ESX Server with some set of optional features in a package called VMware Infrastructure. ESX Server is managed by the VMware Infrastructure Client. Its centralized management platform is called Virtual Center.
✓ Supports 64-Bit Guest Operating Systems
✓ Advanced clustering and high availability features
✓ Windows and Linux Guest OS Support
✓ Advance management tools
✓ Low-overhead Hypervisor base installation
✓ Packages ranging from $10-$25k and beyond
Hypervisor
➢ A hypervisor, also called a virtual machine manager (VMM), is a program that allows multiple operating systems to share a single hardware host. Each operating system appears to have the host's processor, memory, and other resources all to itself. However, the hypervisor is actually controlling the host processor and resources, allocating what is needed to each operating system in turn and making sure that the guest operating systems (called virtual machines) cannot disrupt each other.
➢ A Hypervisor is a thin layer which is use to create the virtual machine and share hardware resources among the virtual machines.
BARE METAL HOSTED
[pic] [pic]
|Bare metal virtualization is running a virtual operating system on |Hosted OS virtualization is running a virtual operating system on |
|top of a hypervisor (a platform where multiple virtual operating |top of virtual hardware on top of a host operating system, which is |
|systems can be run) which is sitting right on top of the hardware. |sitting on the physical hardware. |
|Citrix XenServer and VMware ESX Server are examples of bare metal |Examples are VMware GSX Server and Microsoft Virtual Server. |
|virtual solutions. | |
|faster and more efficient. |Slower and less efficient. |
|Advantages scalability, enterprise features, and high data center |Advantages to hosted OS solutions are that they are usually free |
|availability |software and can be run on user workstations |
|Disadvantages of bare metal solutions are that good ones are not |Disadvantages to hosted OS solutions. These include the OS licenses |
|going to be free and they do not run on user workstations. |that are needed, it’s slower than bare metal solutions, and the |
| |enterprise features are limited. |
| | |
Differences between ESX server and ESXi server.
ESX SERVER ESXi SERVER
|Supports scriptable installations using utilities like Kick start |No support for scriptable installations |
|Supports boot from SAN |No support for boot from SAN |
|Manage using VI Client, web client, SSH, RCLI or VIMA |Manage using VI Client, RCLI or VIMA |
|Service Console Based |No Service Console |
|VMware ESX does not need OS,its still uses a Linux kernel. |Removal of Linux kernel affect lot of Charactaritic,it reduces |
| |the on-disk foot print of the software. |
|Having Bigger Foot-print |Having Much Smaller Foot print. |
|ESX needed more updates |ESXi needed fewer updates |
|ESX uses the Larger Foot-print |ESXi uses smaller Foot-print. |
|Slower boot time |Faster boot time |
| |ESXi uses the RCLi instead. |
|It Allow only disk host server. |ESXi allowed both disk and diskless host servers |
|Less Reliable |More Reliable |
| |Security Increased,ESXi ready build. |
Important Utilities of VMware
✓ Esxcfg
✓ Esxcfg –vmware
✓ Vmkfstools –x
IMPORTANT PARTITIONS OF ESiX SERVER
PARTITION NAME TYPE SIZE
• /Boot ext3 100MB
• / ext3 5GB
• Swap swp 512MB
• /var/log ext3 2GB
Vmkcore ext3 100MB
Difference between physical server and Virtual server
PHYSICAL SERVER VIRTUAL SERVER
|A single hardware with top of that |On the top of the hardware we can install esx server which can run |
|Only one os running. |many os on a single hardware. |
|No additional kernel is needed. |Additional kernel to be needed. |
|Physical server faster in execution |Virtual server slower in execution because multiple os running |
| |simultaneously. |
| |Virtual servers can easily migrates. |
Service Console:-It is an interface between user and ESX server.Redhat linux 5.0 Is the Service Console for ESX 3.5.There are no service console for ESXi.
VSwitch:- VSwitch is defaulty configure the virtual machine port group.
VSwitch have 56 port defaultly.
Minimum of 8 port, Maximum of 1016 ports.
We can create 128 port VSwitches in ESX server.
Security Feature in VSwitch:-
Premiscous mode:- If the promiscuous mode set to Accept, all the communication is visible to all the virtual machines, in other words all the packets are sent to all the ports on vSwitch.If the promiscuous mode set to Reject, the packets are sent to inteded port, so that the intended virtual machine was able to see the communication.
Mac Address Change:- When we create a virtual machine the configuration wizard generates a MAC address for that machine, you can see it in the .vmx (VM Config) file. If it doesn't matches with the MAC address in the OS this setting does not allow incoming traffic to the VM. So by setting Reject Option both MAC addresses will be remains same, and the incoming traffic will be allowed to the VM.
Forged Transmit mode:- When we create a virtual machine the configuration wizard generates a MAC address for that machine, you can see it in the .vmx (VM Config) file. If it doesn't matches with the MAC address in the OS this setting does not allow outgoing traffic from the VM. So by setting Reject Option both MAC addresses will be remains same, and the outgoing traffic will be allowed from the VM.
PORT GROUP:- Port group are used to manage the network traffic,port group segregates the type of communication.We can assign VLAN to the port groups.
There are three different types of port groups….
➢ Virtual Machine Portgroup:-Virtual Machine portgroup are used to
Manage Virtual Machine Traffic.
➢ Service Console:-Service console port group used to manage the host Management (ESX Server Management Traffic).
Virtual Machine portgroup:-VM Kernel port group are used to manage VMotion,NFS,iSCSi Network Traffic.
Resource Pool.
Grouping of resources for an optimum usage. used to manage CPU and memory resources for a pool of virtual machines by using share,reservations,and limits.
ADVANTAGES:-
➢ Control the usage of the resources.
➢ Permission can be set on the Resource Pool level.
➢ Servers can be grouped based upon the type of easy administration.
➢ We can restrict the VM to the level of resource utilization.
➢ Resource pool help the VM to fetch the resources from the higher level to satisfy the needs.
THE FOLLOWING ARE THE PARAMETERS OF THE RESOURCE POOL.
➢ SHARE:- Share is the numeric value more is the share more is the capacity of the VM to place more request. For examples if VM1 VM2 are importants then it will give more share to it.
➢ RESERVATION:- in the reservation reducing the load of the ESX Server,also reduces the CPU cycles giving priority to the VM by giving reservation.
➢ UNLIMIT:- if ESX Server not able to give the resources then it will give to the higher level i.e cluster level.
➢ LIMIT:-ESX Server gives limited resources.
DIFFERENT TYPES OF SWAP FILES
SWAP FILES:- A Swap file is the area in the hard disk where os uses it as a RAM.
Swap file is twice as the physical RAM.
Different types of Swap files are:-
a) Swap file:- Inside the VM.
b) Swap file:- To manage the VM,ESX Server create the swap file.
c) Swap file:- Created during the installation of ESX Server for its operations.
clone…
➢ Cloning is the duplicate copy of the virtual machine.
➢ Before cloning uncheck the network interface card.
➢ Cloning is not happen on two datacenters it only happens on VM’s
➢ Cloning is use for backup purpose or R&D or Deployment purpose.
➢ Clone is the copy of the existing virtual machine. the existing machine is called the parent of the clone.
➢ Changes made to the clone do not affect the parent virtual machine.
➢ Clones are useful when you must deploy many identical virtual machines to a group.
➢ Two types of Clones……
➢ A Full Clone:-It is a independent copy of the virtual machine that share nothing with the parent virtual machine after the cloning operations.On going operation of the Full clone is entirely separates from the virtual machine.
➢ Linked Clone:- It is the copy of the virtual machine that share with disk with the parent virtual machine in a on going manner. This conserves disk space, and allows multiple virtual machines to use the same software installation.
➢ The Clone Virtual Machine Wizard automatically copies everything required for a duplicate virtual machine. You don't have to locate the original virtual machine files, identify the files needed, and copy them manually. The Clone Virtual Machine Wizard automatically creates a new MAC address and other unique identifiers for the duplicate virtual machine.
templates.
➢ Template is a gold or base image of a virtual machine.
➢ Before creating the template VM should be power off.
➢ You cannot work on template because it is power off.
➢ Templates are same size as your VM.
➢ Templates are carry anywhere.
➢ Template are used to create or deploy multiple VM’s
➢ We can’t create template directly, require a VM to create a template.
➢ A virtual machine template is a virtual machine image loaded with an operating system, applications, and data
➢ After you define and publish a virtual machine template, you can quickly and easily create multiple virtual machines based on the virtual machine template without having to reinstall software or redo setup tasks on each virtual machine
➢ Using virtual machine templates ensures that virtual machines are consistently configured across an entire organization.
➢ By default, only administrators, organization administrators, and template creators can create virtual machine templates
➢ These users can create a new virtual machine template, import a virtual machine template, save a Lab Manager virtual machine as a virtual machine template, and clone an existing virtual machine template.
➢ Clone to template:- convert the original system to with templates.
➢ Convert to template:- convert the original machine to templates.
snapshot….
➢ Snapshot will allow us to go back to the previous state of the virtual machine.
➢ Snapshot doesn’t require equal amount of space. It create only delta file in the main disk the changes are stored in the delta file.It allow us to revert back to the change by using the snapshot.
➢ We can create multiple snapshot of the virtual machines.
➢ Workstation snapshots allow you to preserve the state of the virtual machine so you can return to the same state repeatedly.
➢ Represents the state of a virtual machine at the time it was taken.
➢ Includes the files and memory state of a virtual machine's guest operating system.
➢ Includes the settings and configuration of a virtual machine and its virtual hardware.
➢ Is stored as a set of files in the same directory as other files that comprise a virtual machine.
➢ Should be taken when testing something with unknown or potentially harmful effects.
differences between clone,template,snapshot
CLONE TEMPLATE SNAPSHOT
|You can create the copy of the virtual machine.|Template is a former virtual machine which act |A snapshot freezes a specific state (online or|
|It is non running VM. |as a source for new machine. |offline) at a given point of time of a virtual|
|Cloning is not happens between two datacenters |It is a copy of pre-installed VM containing all|machine. All changes beyond this point of time|
|it happens only on VM. |the softwares and configuration settings |are written to a different (delta) file. You |
|Power on the vm before cloning |Once template is created it cannot be power on.|have the option to keep this state as the new |
| |Power off the VM before creating templates. |default state or to revert to the state which |
| | |was kept when the snapshot was created |
| | | |
data center
❖ A data center represents the physical location of the company.
❖ A Data center is a primary container which hold the objects such as VM’s,ESX Servers, Cluster’s etc.
❖ We can have 32 ESX Servers in a Cluster.
vceter features
❖ Vmotion.
❖ HA i.e High Availability
❖ DRS i.e Distributed Resource Scheduler.
vmotion…
❖ Live migration of virtual machine from one ESX server to another ESX server with zero downtime is called Vmotion.
❖ Vmotion enable by three underlaying techniques..
❖ First the entire state of the virtual machine is encapsulated by set of files stored on the shared storage such as FC,iSCSi,SAN,NAS.
❖ Second the Active memory and precise execution state of the virtual machine is rapidly transform over the high speed network allowing the virtual machine to instantaneously switch from one ESX host to the Destination ESX hot.
❖ Third, the networks being used by the virtual machine are also
virtualized by the underlying ESX host, ensuring that even after
the migration, the virtual machine network identity and network connections are preserved.
KEY FEATURE vmotion…
Reliability.
Proven by thousands of customers in production environments
since 2004, VMotion continues to set the standard for the most
dependable live migration capabilities.
Performance.
Perform live migrations with downtime unnoticeable to the end
users. Optimal use of CPU and network resources ensures that
the live migrations occur quickly and efficiently.
Interoperability.
Migrate virtual machines running any operating system across
any type of hardware and storage supported by VMware ESX.
• Support for Fibre Channel SAN
.
Implement live migration of virtual machines utilizing a wide
range of up to 4GB Fibre Channel SAN storage systems.
• NAS and iSCSI SAN support.
Implement live migration of virtual machines with lower-cost,
more easily managed shared storage.
• Customizable CPU compatibility settings.
Ensure that virtual machines can be migrated across different
versions of hardware. Enable virtual machines to benefit from
the latest CPU innovations.
• New - Enhanced VMotion Compatibility.
Live migrate virtual machines across different generations of
hardware. Migrate virtual machines from older servers to new
ones without disruption or downtime.
[pic]
Figure:-Vmotion
[pic]
• VMotion allows you to quickly move an entire running virtual machine from one host to another without any downtime or interruption to the virtual machine This is also known as a “hot” or “live” migration.
• The entire state of a virtual machine is encapsulated and the VMFS file system allows both the source and the target ESX host to access the virtual machine files concurrently. The active memory and precise execution state of a virtual machine can then be rapidly transmitted over a high speed network. The virtual machine retains its network identity and connections, ensuring a seamless migration process.
vmotion…HOW IT IS WORK…?
1. Migration request is made to move the virtual machine from ESX1 to ESX2.
2. vCenter Server verifies that the virtual machine is in a stable state on ESX1 and checks the compatibility of ESX2 (CPU, networking, etc.) to ensure that it matches that of ESX1.
3. The virtual machine is registered on ESX2.
4. The virtual machine state information (including memory, registers and network connections) is copied to ESX2. Additional changes are copied to a memory bitmap on ESX1.
5. The virtual machine is quiesced(become quit) on ESX1 and the memory bitmap is copied to ESX2.
6. The virtual machine is started on ESX2 and all requests for the virtual machine are now directed to ESX2.
7. A final copy of the virtual machines memory is done from ESX1 to ESX2.
8. The virtual machine is un-registered from ESX1.
9. The virtual machine resumes operation on ESX2.
USE OF VMOTION WHY WE USE VMOTION.?
❖ Perform patching and Maintenance of ESX Servers.
❖ Vmotion doesn’t have any downtime.
❖ Save power by shutting down the ESXi using DPM
working of vmotion..
Fig Vmotion….
Suppose we want to make any hardware changes in ESX1 we move Virtual Machines
A,B to the Destination ESX2 host and made some changes in ESX1 without effecting the virtual machines we can perform maintenance activities such as increasing RAM,processor updating OS, and updating patches.
Condition for vmotion.
➢ Both the ESX Servers must Connected with common storage.
➢ Both ESX Servers should have connected with 1GBPS Ethernet card.
➢ Both ESX Servers should have same CPU Technology.
➢ VM port group Configuration should be same in both ESX Servers.
➢ VM Reside in the common storage.
➢ VM Kernel port group need to be configure and vMotion should be enabled on it.
➢ Vmotion can’t happen two data centers.
➢ VM should not have snapshots.
➢ VM should not have any physical driver attached.
➢ VM should not part of Microsoft Clusters.
➢ We should have virtual center with vMotion licensing.
➢ We can’t move the virtual machine from ESX 4 to ESX 3.5.
➢ Destination server should have enough resources.
BACKGROUD PROCESS OF vMotion.
❖ In Vmotion we move only physical memory contents because the two ESX server have common storage and virtual machine reside in the common storage.
❖ Vmotion will move RAM contents at the end of the copying at certain point of time it pauses the virtual machine at that time give the ownership of the virtual machine to another ESX server that pause time is called downtime.
❖ For Vmotion downtime will be 10-20 mille seconds, that downtime is negligible.
[pic]
problems in vMotion.
❖ Host CPU Compatibility.
❖ Insufficient Resources in the destination servers.
❖ Unable to access the virtual machine configuration(it doesn’t have common storage).
❖ The host doesn’t support virtual hardware version.
❖ The network interface card is not available ,vm port group are different.
STORAG vmotion.
➢ Live migration of Running Virtual Machine Disk files from one storage location to the another storage location with no downtime or service destruption.
➢ Storage Vmotion Relocate Virtual Machine Disk files from one shared storage location to the another shared storage location
➢ Storage Vmotion enable the organization to perform proactive storage migration, improve the virtual machine storage performance and free up the valuable storage capacity.
[pic]
USE OF STORAGE VMOTION WHY WE USE STORAGE VMOTION.?
❖ For Datastore Maintenance, we use storage vMotion if we want to move the virtual machine from local hard disk to common hard disk(SAN,iSCSi,NAS) we use svmotion.
❖ Improve the Virtual Machine performance.
❖ Free up the valuable storage capacity in the datastore.
❖ Maintaining the contiguous service Availability and complete the transaction integrity.
working of STORAGE vMotion..
1. New virtual machine directory is created on the target datastore, virtual machine configuration files and all non-virtual disk files are copied to the target directory.
2. ESX host does a “self” VMotion to the target directory.
3. A snapshot (without memory) is taken of the virtual machines disks in the source directory.
4. Virtual machine disk files are copied to the target directory.
5. Snapshot that is located in the source directory is consolidated into the virtual machine disk files located in the target directory.
6. Source disk files and directory are deleted.
BACKGROUD PROCESS OF STORAGE vmotion.
➢ In the storage Vmotion in the source Hard Disk it create a child file for .vmdk.
➢ All the files including the vmdk are copied to the destination hard disk at that time any changes occurred in the vmdk mean that data stored in the child file at the end of the copying pauses the virtual machine and move that child file and gives the ownership for destination disk it is called snapshot technique.
➢ Before moving a virtual machines disk file, Storage VMotion
moves the “home directory” of the virtual machine to the new
location. The home directory contains meta data about the
virtual machine (configuration, swap and log files). After
relocating the home directory, Storage VMotion copies the
contents of the entire virtual machine storage disk file to the
destination storage host, leveraging “changed block tracking” to
maintain data integrity during the migration process. Next, the
software queries the changed block tracking module to
determine what regions of the disk were written to during the
first iteration, and then performs a second iteration of copy,
where those regions that were changed during the first iteration
copy (there can be several more iterations).
Once the process is complete, the virtual machine is quickly
suspended and resumed so that it can begin using the virtual
machine home directory and disk file on the destination
datastore location. Before VMware ESX allows the virtual
machine to start running again, the final changed regions of the
source disk are copied over to the destination and the source
home and disks are removed.
This approach guarantees complete transactional integrity and is
fast enough to be unnoticeable to the end user.
Condition forSTORAGE vmotion.
➢ ESX server should have acces to source and destination datastore.
➢ Destination server should have enough free space.
➢ Vcenter with proper licensing.
➢ VM should be in persistent mode. Storage vMotion is new concept in ESX 3.5.we don’t have graphical interface for storage vmotion for vcenter 2.5,its only in vcenter 4.0 or above.
➢ The VM must have no snapshots. If it does, it cannot be migrated.
REQUIRMENTS for STORAGE vMotion.
1. Virtual machine disks must be in persistent mode or be a raw device mapping (RDM) that is in virtual compatibility mode.
2. If a virtual machine has any snapshots then it cannot be migrated, you must delete them before you can proceed.
3. The ESX host that the VM is running on must be licensed for VMotion and must also be configured to use VMotion.
4. The ESX host that the VM is running on must have access to the source and target data stores.
5. The ESX host that the VM is running on must have enough resources available to support two instances of the virtual machine running at the same time.
differences between vMotion and storage vMotion.
VMOTION. STORAGE VMOTION.
|VMotion simply moves a virtual machine from one ESX host to another but|Storage VMotion on the other hand changes the storage location of the |
|keeps the storage location of the VM the same |virtual machine while it is running and moves it to another datastore |
| |on the same ESX host |
|VMotion happens within the cluster |Storage VMotion happens across the Cluster |
|Vmotion between either host or cluster |Storage Vmotion between host as well cluster |
cluster
➢ Cluster contains group of ESX servers associated with virtual machines connected together for load balancing and failover purpose.
➢ When you add a host to the cluster the host’s resource become the part of cluster’s resources.
➢ When you create a cluster, you can choose to enable it for DRS, HA, or both
➢ Clusters are used for three things.
➢ HA(High Availability).
➢ DRS(Distributed Resource Scheduler).
➢ High performance computing.
➢ Max no of ESX Server in a Cluster is 32.
➢ Max no of host Failure in a cluster is 4.
HA(HIGH AVAILABILITY)
❖ It is a Failover mechanism of a cluster.
❖ HA Require downtime.
❖ Provide high availability across your entire virtualized IT environment without the cost or complexity of traditional clustering solutions.
❖ VMware HA provides high availability for virtual machines by pooling them and the hosts they reside on into a cluster. Hosts in the cluster are monitored and in the event of a failure, the virtual machines on a failed host are restarted on alternate hosts.
❖ VMware HA delivers the availability needed by many applications running in virtual machines, independent of the operating system and application running in it.
❖ VMware HA provides uniform, cost-effective failover protection against hardware and operating system failures within your virtualized IT environment.
❖ Monitors virtual machines to detect operating system and hardware failures.
❖ Protects applications from operating system failures by automatically restarting virtual machines when an operating system failure is detected.
❖ Continuously monitors all hosts in a cluster and restarts virtual machines affected by a host failure on other hosts
❖ Can also monitor guest OS's for a failure via a heartbeat and restart them on the same host in case of a failure
❖ Continuously monitors and chooses the optimal physical servers within a resource pool on which to restart virtual machines
HOW HA(HIGH AVAILABILITY) WORK.?
[pic]
VMware HA continuously monitors all servers in a resource pool and detects server failures. An agent placed on each server maintains a “heartbeat” with the other servers in the resource pool and a loss of “heartbeat” initiates the restart process of all affected virtual machines on other servers. VMware HA ensures that sufficient resources are available in the resource pool at all times to be able to restart virtual machines on different physical servers in the event of server failure. Restart of virtual machines is made possible by the Virtual Machine File System (VMFS) clustered file system which gives multiple ESX Server instances read-write access to the same virtual machine files, concurrently. VMware HA is easily configured for a resource pool through Virtual Center
KEY FEATURE OF HA
➢ • Automatic detection of server failures:- . Automate the monitoring of physical server availability. HA detects server failures and initiates the virtual machine restart without any human intervention.
➢ • Resource checks:- . Ensure that capacity is always available in order to restart all virtual machines affected by server failure. HA continuously monitors capacity utilization and “reserves” spare
capacity to be able to restart virtual machines.
➢ • Automatic restart of virtual machines:- Protect any application with automatic restart in a different physical server in the resource pool.
➢ • Intelligent choice of servers:- (when used with VMware Distributed Resource Scheduler (DRS)). Automate the optimal placement of virtual machines restarted after server failure.
The VMware HA Solution: With VMware HA, a set of ESX Server hosts is combined into a cluster with a shared pool of resources. VMware HA monitors all hosts in the cluster. If one of the hosts fails, VMware HA immediately responds by restarting each affected virtual machine on a different host.
HA has a number of advantages: Using a cluster enabled for VMware HA provides the following features:
• Automatic failover is provided on ESX Server host hardware failure for all running virtual machines within the bounds of failover capacity.
VMware HA provides automatic detection of server failures and initiates the virtual machine restart without any human intervention.
• VMware HA can take advantage of DRS to provide for dynamic and intelligent resource allocation and optimization of virtual machines after failover. After a host has failed and virtual machines have been restarted on other hosts, DRS can provide further migration recommendations or migrate virtual machines for more optimum host placement andbalanced resource allocation.
• VMware HA supports easy-to-use configuration and monitoring using VirtualCenter. HA ensures that capacity is always available (within the limits of specified failover capacity) in order to restart all virtual machines affected by server failure (based on resource reservations configured for the virtual machines.)
• HA continuously monitors capacity utilization and "reserves" spare capacity to be able to restart virtual machines. Virtual Machines can fully utilize spare failover capacity when there hasn't been a failure
CONDITION FOR HA
➢ All the host in a HA enable Cluster should have a common storage.
➢ We should have Vcenter with appropriate licensing.
➢ There should be proper communication between host and cluster.
➢ Host name resolution should be proper.
➢ We should have sufficient resources in a destination server.
PROBLEMS IN HA
➢ Insufficient Resources.
➢ DNS Naming resolution.
➢ VM in a local drive.
➢ Communication should be proper.
BACKGROUND PROCESS IN HA
[pic]
HA continuously monitors all servers in a resource pool and detects server failures. An agent placed on each server maintains a “heartbeat” with the other servers in the resource pool and a loss of “heartbeat” initiates the restart process of all affected virtual machines on other servers. VMware HA ensures that sufficient resources are available in the resource pool at all times to be able to restart virtual machines on different physical servers in the event of server failure. Restart of virtual machines is made possible by the Virtual Machine File System (VMFS) clustered file system which gives multiple ESX Server instances read-write access to the same virtual machine files, concurrently. VMware HA is easily configured for a resource pool through VirtualCenter.
DRS(Distributed Resource Scheduler)
➢ It is a load Balancing Feature.
➢ Align Resources to Meet Business Needs.
➢ DRS doesn’t require any downtime
➢ VMware DRS continuously monitors utilization across resource pools and intelligently aligns resources with business needs.
➢ • Dynamically allocate IT resources to the highest priority applications. Create rules and policies to prioritize how resources are allocated to virtual machines.
➢ • Give IT autonomy to business organizations. Provide dedicated IT infrastructure to business units while still achieving higher hardware utilization through resource pooling.
➢ • Empower business units to build and manage virtual machines within their resource pool while giving central IT control over hardware resources.
➢ DRS enables your virtual environment to automatically balance itself across your host servers in an effort to eliminate resource contention. It utilizes the VMotion feature to provide automated resource optimization and automatic migration of virtual machines across hosts in a cluster.
[pic]
[pic]
BACKGROUND PROCESS IN DRS
➢ In a given cluster if an ESX host is not having enough resources to satisfy the virtual machine at that time DRS move the virtual machine from that ESX server to resource available ESX server by using VMotion Technology.
➢ DRS doesn’t require any downtime.
➢ Balance Your Computing Capacity
VMware DRS continuously balances computing capacity in resource pools to deliver the performance, scalability and availability not possible with physical infrastructure. VMware DRS allows us to:
• Improve service levels for all applications. VMware DRS continuously balance capacity will ensure that each virtual machine has access to appropriate resources at any point in time.
• Easily deploy new capacity. VMware DRS will seamlessly take advantage of the additional capacity of new servers added to a resource pool by redistributing virtual machines without system disruption.
• Automate planned server maintenance. VMware DRS can automatically migrate all virtual machines off physical servers to enable scheduled server maintenance with zero downtime.
• Dramatically increase system administrator productivity. Enable system administrators to monitor and effectively manage more IT infrastructure.
➢ Reduce Energy Consumption in the Datacenter
VMware Distributed Power Management (DPM) continuously optimizes power consumption in the datacenter. When virtual machines in a DRS cluster need fewer resources, such as during nights and weekends, DPM consolidates workloads onto fewer servers and powers off the rest to reduce power consumption. When virtual machine resource requirements increase (such as when users log into applications in the morning), DPM brings powered-down hosts back online to ensure service levels are met.
VMware Distributed Power Management allows IT organizations to:
• Cut ongoing power and cooling costs by up to 20% in the datacenter during low utilization time periods.
• Automate management of energy efficiency in the datacenter
VMware DRS (with DPM) is included in the VMware vSphere Enterprise and Enterprise Plus edition. DRS and DPM leverage VMware vMotion (live migration) to balance load and optimize power consumption with no downtime.
KEY FEATURE OF DRS
• Aggregation of physical server resources. Manage CPU and memory across a group of physical servers as a uniform shared pool of resources.
• Flexible hierarchical organization. Organize resource pools hierarchically to match available IT resources to the business organization. VMware DRS ensures that resource utilization is maximized while business units retain control and autonomy of their infrastructure. Resource pools can be flexibly added, removed, or reorganized as business needs or organization change.
• Priority Settings. Assign priorities in the form of shares or reservations to virtual machines within resource pools and to sub resource pools to reflect business priorities. For example, the production sub resource pool can have higher shares of the total resources in a cluster and business critical applications within the production resource pool can have fixed guarantees(reservations) of CPU bandwidth and memory,
• Management of sets of virtual machines running a distributed application. Optimize the service level of distributed applications by controlling the aggregate allocation of resources for the entire set of virtual machines running the distributed application.
• Affinity Rules. Create rules that govern placement of virtual machines on physical servers. For example, a group of virtual machines can be set to always run on the same server for performance reasons. Alternatively, certain virtual machines can be set to always run on different servers to increase availability. New in vSphere 4.1 is the ability to restrict placement of virtual machines to a group of physical servers in a cluster. This is useful for controlling the mobility of virtual machines that run software licensed for a specific group of physical servers. In addition, this feature can be used to keep sets of virtual machines on different racks or blade systems for availability reasons.
• Power Management. Reduce energy consumption in the datacenter by using the Distributed Power Management (DPM) feature of DRS to consolidate workloads and power off servers when they are not needed by the virtual machines in the cluster. When resource requirements of virtual machines increase, DPM brings hosts back online so service levels can be met.
• Manual and Automatic Mode. VMware DRS collects resource usage information from servers and virtual machines, and then generates recommendations to optimize virtual machine allocation. These recommendations can be executed automatically or manually.
o Initial placement. When a virtual machine is first powered on, VMware DRS either automatically places the virtual machine on the most appropriate physical server or makes a recommendation.
o Continuous optimization. VMware DRS continuously optimizes resource allocations based on defined resource allocation rules and resource utilization. The resource allocation changes can be automatically executed by performing live migration of virtual machines through vMotion. Alternatively, in manual mode, VMware DRS provides execution recommendations for system administrators.
• Maintenance mode for servers. Perform maintenance on physical servers without disruption to virtual machines and end users. When a physical server is placed in maintenance mode, VMware DRS identifies alternative servers where the virtual machines can run. Based on automation mode settings, the virtual machines are either automatically moved to use the alternative servers, or the system administrator performs the move manually using the VMware DRS recommendations as a guideline.
• Large-scale management. Manage CPU and memory across up to 32 servers and 1280 virtual machines per DRS cluster.
DRS Rules
➢ Affinity Rule:-Keep the Virtual Machine together.
➢ Anti affinity Rule:- Keep the Virtual Machines Separate.
Condition for DRS
➢ All Vmotion condition are applicable for DRS.
➢ Vmotion work with datacenter DRS work with in the Cluster.
DRS Configuration Types
➢ Manual:-DRS gives migration Recommendation for the virtual machine. It doesn’t do load balancing.
➢ Partially Automatic:-Manual+initial placement of powered on virtual machine taken care by DRS.provide recommendation for load balancing.
➢ Fully Automatic:-Partial automatic+ in this mode DRS will do Automatic Vmotion load balancing.
Differences Between HA and DRS
HA DRS
|It is a fail over mechanism of Cluster |It is a load Balancing Feature of Cluster |
|HA Require more downtime |DRS doesn’t Require downtime |
|HA continues to work if VC is down. |DRS doesn’t work if VC is down. |
|For HA only config in VC. |For DRS the config,logic(service console) is completely in VC. |
|An agent is needed on HA. |DRS needs VC |
|VM kernel N/W not used in HA. |In DRS VM kernel Network should be configure. |
|HA work with host. |DRS work with Virtual Center. |
|HA continues to operates when component fail. |DRS does not operate if component fails. |
VMware Converter.
➢ VMware Converter is used to migrate physical machine to virtual machine and virtual machine to virtual machine.
➢ Quickly and reliably convert local and remote physical machines into virtual machines without any disruption or downtime.
➢ Complete multiple conversions simultaneously with a centralized management console and an intuitive conversion wizard.
➢ Convert other virtual machine formats such as Microsoft Hyper-V, Microsoft Virtual PC and Microsoft Virtual Server or backup images of physical machines such as Symantec Backup Exec System Recovery or Norton Ghost to VMware virtual machines.
Pre-Checklist for P2V
➢ Whether the physical machine is compatibles for Virtualization or not.
➢ There should be network connection between physical machine and ESX server.
➢ We should have appropriate right for the physical machine and ESX server.
➢ We should have free space on the physical machine.
➢ We should install the VMware converter directly on the physical machine at least a agent on it.
➢ We should stop appropriate services for the successful migration Services like SQL,SAP,etc.
➢ We should make sure the services such as workstation services, server services, volume shadow copy services are started.
➢ Do not customize the computer before the migration.
➢ Do not install VMware tools.
➢ In the destination OS go to the folder option view uncheck the box enable simple file sharing.
Prost Migration
➢ Keep the virtual machine appropriate port group.
➢ Power off the physical machine.
➢ Power on the virtual machine.
➢ Install the VMware tools on the virtual machine.
➢ Check the application from both server side and client side.
➢ Get a sign off from the application owner.
Differences Between Hot Clone Cold Clone
HOT CLONE COLD CLONE
|Hot clone take when powered on the virtual machine |Cold Clone take when power off the virtual machine. |
| |Cold cloning support all types of volume |
| |Cold cloning does not support Windows NT 4 Fault tolerance volumes. |
What is AAM in HA?
AAM is the Legato automated availability management. Prior to vSphere 4.1, VMware's HA is actually re engineered to work with VM's with the help of Legato's Automated Availability Manager (AAM) software. VMware's vCenter agent (vpxa) interfaces with the VMware HA agent which acts as an intermediary to the AAM software. From vSphere 5.0, it uses an agent called “FDM” (Fault Domain Manager).
What are pre-requites for HA to work?
1.Shared storage for the VMs running in HA cluster
2.Essentials plus, standard, Advanced, Enterprise and Enterprise Plus Licensing
3.Create VMHA enabled Cluster
4.Management network redundancy to avoid frequent isolation response in case of temporary network issues (preferred not a requirement)
What is maximum number of primary HA hosts in vSphere 4.1?
Maximum number of primary HA host is 5. VMware HA cluster chooses the first 5 hosts that joins the cluster as primary nodes and all others hosts are automatically selected as secondary nodes.
How to see the list of Primary nodes in HA cluster?
View the log file named "aam_config_util_listnodes.log" under /var/log/vmware/aam using the below command
cat /var/log/vmware/aam/aam_config_util_listnodes.log
[pic]
What is the command to restart /Start/Stop HA agent in the ESX host?
service vmware-aam restart
service vmware-aam stop
service vmware-aam start
Where to located HA related logs in case of troubleshooting?
/Var/log/vmware/aam
What the basic troubleshooting steps in case of HA agent install failed on hosts in HA cluster?
Below steps are are taken from my blog posts Troubleshooting HA
1. Check for some network issues
2. Check the DNS is configured properly
3. Check the VMware HA agent status in ESX host by using below commands
service vmware-aam status
4. Check the networks are properly configured and named exactly as other hosts in the cluster. otherwise, you will get the below errors while installing or reconfiguring HA agent.
5. Check HA related ports are open in firewall to allow for the communication
Incoming port: TCP/UDP 8042-8045
Outgoing port: TCP/UDP 2050-2250
6. First try to restart /stop/start the VMware HA agent on the affected host using the below commands. In addition u can also try to restart vpxa and management agent in the Host.
service vmware-aam restart
service vmware-aam stop
service vmware-aam start
7. Right Click the affected host and click on "Reconfigure for VMware HA" to re-install the HA agent that particular host.
8. Remove the affected host from the cluster. Removing ESX host from the cluster will not be allowed untill that host is put into maintenance mode.
9.Alternative solution for 3 step is, Goto cluster settings and uncheck the vmware HA in to turnoff the HA in that cluster and re-enable the vmware HA to get the agent installed.
10. For further troubleshooting , review the HA logs under /Var/log/vmware/aam directory.
What is the maximum number of hosts per HA cluster?
Maximum number of hosts in the HA cluster is 32.
What is Host Isolation?
VMware HA has a mechanism to detect a host is isolated from rest of hosts in the cluster. When the ESX host loses its ability to exchange heartbeat via management network between the other hosts in the HA cluster, that ESX host will be considered as a Isolated.
How Host Isolation is detected?
In HA cluster, ESX hosts uses heartbeats to communicate among other hosts in the cluster.By default, Heartbeat will be sent every 1 second.
If a ESX host in the cluster didn't received heartbeat for for 13 seconds from any other hosts in the cluster, The host considered it as isolated and host will ping the configured isolation address(default gateway by default). If the ping fails, VMware HA will execute the Host isolation response
What are the different types isolation response available in HA?
[pic]
Power off – All the VMs are powered off , when the HA detects that the network isolation occurs
Shut down – All VMs running on that host are shut down with the help of VMware Tools, when the HA detects that the network isolation occurs. If the shutdown via VMware tools not happened within 5 minutes, VM's power off operation will be executed. This behavior can be changed with the help of HA advanced options.
Leave powered on – The VM's state remain powered on or remain unchanged, when the HA detects that the network isolation occurs.
What is HA Admission control?
VCenter Server uses admission control to ensure that sufficient resources are available in a cluster to provide failover protection and to ensure that virtual machine resource reservations are respected.
What are the 2 types of settings available for admission control?
[pic]
Enable: Do not power on VMs that violate availability constraints
Disable: Power on VMs that violate availability constraints
What are the different types of Admission control policy available with VMware HA?
There are 3 different types of Admission control policy available.
[pic]
Host failures cluster tolerates
Percentage of cluster resources reserved as fail over spare capacity
Specify a fail over host
What is VM Monitoring status?
HA will usually monitors ESX hosts and reboot the virtual machine in the failed hosts in the other host in the cluster in case of host isolation but i need the HA to monitors for Virtual machine failures also. here the feature called VM monitoring status as part of HA settings.VM monitoring restarts the virtual machine if the VMware tools heartbeat didn't received with the specified time using Monitoring sensitivity.
[pic]
EVC Enhance VMotion Compatibility.
➢ Enhanced vMotion Compatibility (EVC) simplifies vMotion compatibility issues across CPU generations. EVC automatically configures server CPUs with Intel FlexMigration or AMD-V Extended Migration technologies to be compatible with older servers.
➢ It will automatically mask the non compatible features of different generation cpus from the hosts, which give you the ability to VMotion across hosts with different CPU generations.
➢ After EVC is enabled for a cluster in the Virtual Center inventory, all hosts in that cluster are configured to present identical CPU features and ensure CPU compatibility for vMotion.
➢ Enhanced vMotion Compatibility (EVC) simplifies vMotion compatibility issues across CPU generations. EVC automatically configures server CPUs with Intel FlexMigration or AMD-V Extended Migration technologies to be compatible with older servers
Firmware:- Firmware is used to enhance the performance of your hard drive. Firmware is just like a exe file.
Blade Servers.
A blade server is a server chassis housing multiple thin, modular electronic circuit boards, known as server blades. Each blade is a server in its own right, often dedicated to a single application. The blades are literally servers on a card, containing processors, memory, integrated network controllers, an optional Fiber Channel host bus adaptor (HBA) and other input/output (IO) ports.
Blade servers allow more processing power in less rack space, simplifying cabling and reducing power consumption. According to a article on server technology, enterprises moving to blade servers can experience as much as an 85% reduction in cabling for blade installations over conventional 1U or tower servers. With so much less cabling, IT administrators can spend less time managing the infrastructure and more time ensuring high availability.
Each blade typically comes with one or two local ATA or SCSI drives. For additional storage, blade servers can connect to a storage pool facilitated by a network-attached storage (NAS), Fiber Channel, or iSCSI storage-area network (SAN). The advantage of blade servers comes not only from the consolidation benefits of housing several servers in a single chassis, but also from the consolidation of associated resources (like storage and networking equipment) into a smaller architecture that can be managed through a single interface.
Differences between thin and thick provisioning in VMware
|ESX server assigns hard disk as per your requirements. |Entire hard disk is available for use. |
|No wastage of hard disk space |Wastage of hard disk space. |
|Thin-provisioned disks are virtual disks that "appear" to the VM as | |
|one size, but only consume up to the amount of data that is required | |
|by that disk. So, a 10 GB drive that is 50% utilized will only store | |
|5 GB on disk (a traditional "thick" virtual disk would consume the | |
|entire 10 GB on disk) | |
|Thin disks are options in VMware Workstation, and are the default disk| |
|type when using NFS storage in VMware ESX Server – however, VMs cloned| |
|from templates are always thick | |
RDM Limitations
There are two types of RDMs: virtual compatibility mode RDMs and physical compatibility mode RDMs. Physical mode RDMs, in particular, have some fairly significant limitations:
• No VMware snapshots
• No VCB support, because VCB requires VMware snapshots
• No cloning VMs that use physical mode RDMs
• No converting VMs that use physical mode RDMs into templates
• No migrating VMs with physical mode RDMs if the migration involves copying the disk
• No VMotion with physical mode RDMs
Virtual mode RDMs address some of these issues, allowing raw LUNs to be treated very much like virtual disks and enabling functionality like VMotion, snapshotting, and cloning. Virtual mode RDMs are acceptable in most cases where RDMs are required. For example, virtual mode RDMs can be used in virtual-to-virtual cluster across physical hosts. Note that physical-to-virtual clusters across boxes, though, require physical mode RDMs.
While virtual disks will work for the large majority of applications and workloads in a VI environment, the use of RDMs--either virtual mode RDMs or physical mode RDMs--can help eliminate potential compatibility issues or allow applications to run virtualized without any loss of functionality
Para Virtualization.
❖ Para-virtualization is a virtualization technique that allows similar virtual machines to be created on particular hardware.
❖ It allows many operating systems to run on host hardware at the same time.
❖ It makes good use of resources like processors, memory and networking.
❖ It acts as a virtual machine monitor that has high performance and more efficient
❖ It is used for development, testing and production of the virtual machines
❖ It also good in disaster recovery by moving the guest virtual machine till the hardware is being repaired.
Different types of DV port binding
Static Binding (Default): means that the dvPort is assigned to the virtual machine at configuration time. When all the ports are booked by virtual machines, it is not possible to connect to any more virtual machines, regardless of whether the connected virtual machines are powered up or not, and an error message is displayed. The assigned dvPort is immediately pushed to the host, written to the host’s cache and written in the VM’s vmx file.
Dynamic – assigned when the VM is powered on, and then pushed to the host. There is no guarantee that the VM will get the same DVPort on the next power on. However it uses a concept similar to DHCP in that if the same port is available then it will renew that one and this allows for over committing the number of dvPorts.
Ephemeral (No Binding) – a new port on every power-on. The port is destroyed when the VM disconnects from the port. This behaviour resembles the behaviour in the standard vSwitch. If you select this option, the numbers of ports are automatically set to 0, and the Portgroup allocates one port for each connected virtual machine, up to the maximum number of ports available in the Switch.
Virtual Ethernet adaptors
• Vlance: An emulated version of the AMD 79C970 PCnet32 LANCE NIC, an older 10 Mbps NIC with drivers available in most 32bit guest operating systems except Windows Vista and later. A virtual machine configured with this network adapter can use its network immediately.
• VMXNET: The VMXNET virtual network adapter has no physical counterpart. VMXNET is optimized for performance in a virtual machine. Because operating system vendors do not provide built-in drivers for this card, you must install VMware Tools to have a driver for the VMXNET network adapter available.
• Flexible: The Flexible network adapter identifies itself as a Vlance adapter when a virtual machine boots, but initializes itself and functions as either a Vlance or a VMXNET adapter, depending on which driver initializes it. With VMware Tools installed, the VMXNET driver changes the Vlance adapter to the higher performance VMXNET adapter.
• E1000:An emulated version of the Intel 82545EM Gigabit Ethernet NIC. A driver for this NIC is not included with all guest operating systems. Typically Linux versions 2.4.19 and later, Windows XP Professional x64 Edition and later, and Windows Server 2003 (32-bit) and later include the E1000 driver.
• VMXNET 2 (Enhanced): The VMXNET 2 adapter is based on the VMXNET adapter but provides some high-performance features commonly used on modern networks, such as jumbo frames and hardware offloads. This virtual network adapter is available only for some guest operating systems on ESX/ESXi 3.5 and later.
• VMXNET 3: The VMXNET 3 adapter is the next generation of a paravirtualized NIC designed for performance, and is not related to VMXNET or VMXNET 2. It offers all the features available in VMXNET 2, and adds several new features like multiqueue support (also known as Receive Side Scaling in Windows), IPv6 offloads, and MSI/MSI-X interrupt delivery.
Up to 248 virtual switches can be created on each VMware ESX host. Following are important features of virtual switches:
• Virtual ports: The ports on a virtual switch provide logical connection points among virtual devices and between virtual and physical devices. Each virtual switch can have up to 1,016 virtual ports, with a limit of 4,096 ports on all virtual switches on a host. The virtual ports provide a rich control channel for communication with the virtual Ethernet adapters attached to them.
• Uplink ports: Uplink ports are associated with physical adapters, providing a connection between the virtual network and the physical networks. They connect to physical adapters when they are initialized by a device driver or when the teaming policies for virtual switches are reconfigured. Virtual Ethernet adapters connect to virtual ports when you power on the virtual machine, when you take an action to connect the device, or when you migrate a virtual machine using VMware VMotion. A virtual Ethernet adapter updates the virtual switch port with MAC filtering information when it is initialized or when it changes.
• Port groups: Port groups make it possible to specify that a given virtual machine should have a particular type of connectivity on every host, and they contain enough configuration information to provide persistent and consistent network access for virtual Ethernet adapters. Some of the information contained in a port group includes virtual switch name, VLANIDs and policies for tagging and filtering, the teaming policy and traffic shaping parameters. This is all the information needed for a switch port.
• Uplinks: With VMware technology, uplinks are the physical Ethernet adapters that serve as bridges between the virtual and physical network. The virtual ports connected to them are called uplink ports. A host may have up to 32 uplinks.
NIC Teaming:-
You can connect a single virtual switch to multiple physical Ethernet adapters using the VMware Infrastructure feature called NIC teaming. A team can share the load of traffic between physical and virtual networks among some or all of its members and provide passive failover in the event of a hardware failure or a network outage. You can set NIC teaming policies at the port group level.
[pic]
Host Profiles
The host profiles feature creates a profile that encapsulates the host configuration and helps to manage the host configuration, especially in environments where an administrator manages more than one host or cluster in vCenter Server.
Host profiles eliminates per-host, manual or UI-based host configuration and maintain configuration consistency and correctness across the datacenter by using host profile policies.
These policies capture the blueprint of a known, validated reference host configuration and use this to configure networking, storage, security, and other settings on multiple hosts or clusters. You can then check a host or cluster against a profile’s configuration for any deviations.
Access the host profile view
Procedure
Select View > Management > Host Profiles.
Differences between Port Group and VLAN.
PORT GROUP VLAN
| A port group is a feature of a virtual switch. |A vLAN is a allows you to create virtual LANs by segment network |
| |traffic into different broadcast domain. |
|Port group that you will connect your virtual machines. | |
|Port group like a team which include the same configuration vm's, |VLAN, just mean about the vm's network. |
|A portgroup is a part of vSwitch that can have specific policy (for |A VLAN is a logical network that has his own broadcast domain. |
|shaping, security, teaming, ...) and can be tagged to a specific VLAN.| |
|Port groups can be referred as a various network hubs connecting to | |
|single virtual switch port. | |
|A single port group is always connected to the single vSwitch. | |
|Port Groups are nothing but the VLANs or virtual local area networks | |
|which are defined by IEEE 802.1Q standards | |
|For communication we assign VLAN ID to the network. | |
| All the members of the port groups share same VLAN ID also one member| |
|of the port group can see the packets sent by the other members of the| |
|port group. | |
|Port groups are identified by their names so they must be unique in | |
|the single ESX server. | |
PORT GROUPS
➢ Portgroup, this name we often see in the ESX , these port groups can be referred as a various network hubs connecting to single virtual switch port.
➢ We all know each ESX server has its own virtual network.
➢ It has virtual switches on which the virtual machines are connected.
➢ But we do not see the portgroup outside the ESX.
➢ A single port group is always connected to the single vSwitch.
➢ Port Groups are nothing but the VLANs or virtual local area networks which are defined by IEEE 802.1Q standards.
➢ These are configured to communicate within themselves as if they are on same LAN.
➢ For this communication we assign VLAN ID to the port group
➢ All the members of the port groups share same VLAN ID also one member of the port group can see the packets sent by the other members of the port group.
➢ Port groups are identified by their names so they must be unique in the single ESX server.
1 Understand the Difference between ESX and ESXi 5
|Capability |ESX 4.1 |ESXi 4.1 |ESXi 5.0 |
|Service Console |Present |Removed |Removed |
|Admin/config CLIs |COS + vCLI |PowerCLI + vCLI |PowerCLI + vCLI |
| | | |(enhanced) |
|Advanced Troubleshooting |COS |Tech Support Mode |ESXi Shell |
|Scripted Installation |Supported |Supported |Supported |
|Boot from SAN |Supported |Supported |Supported |
|SNMP |Supported |Supported (limited) |Supported |
|Active Directory |Integrated |Integrated |Integrated |
|HW Monitoring |3rd party agents in COS |CIM providers |CIM providers |
|Serial Port Connectivity |Supported |Not Supported |Not Supported |
|Jumbo Frames |Supported |Supported |Supported |
|Rapid deployment and central |Not Supported |Not Supported |Supported |
|management of hosts via Auto Deploy | | | |
|Custom image creation and management |Not Supported |Not Supported |Supported |
|Secure syslog |Not Supported |Not Supported |Supported |
|Management interface firewall |Supported |Not Supported |Supported |
| | | | |
Vmotion in VMware vSphere 6.0
In vSphere 6.0, It is possible to perform migration across Virtual switches (Standard switch or Distributed Switch),Which transfers all the VDS port metadata during the migration. It is entirely transparent to the Guest VM’s and No downtime is required to perform this operation across vSwitches. Only one requirement for the migration across vSwitches is that you should have L2 VM Connectivity.
[pic]
With vSphere 6.0, It is possible to perform vMotion of VM’s in 3 different ways:
• Migration of VMs from Standard switch to Standard switch (VSS to VSS)
• Migration of VMs from Standard switch to Distributed Switch (VSS to VDS)
• Migration of VMs from Distributed Switch to Distributed switch (VDS to VDS)
Take a look at the below article to understand difference between Standard switch and Distributed switch
vMotion Across vCenter Servers
With vSphere 6.0, vMotion across vCenter server allows you to simultaneously change the Compute, Storage, Networks and management. It leverage the migration with unshared Storage. In simple terms, VM1 is running on certain Host/Cluster running on certain Datastore and managed by vCenter 1 can be vMotioned to different ESXi host having different datastores managed by another vCenter server called vCenter 2.
[pic]Graphic Thanks to
Requirement for vMotion across vCenter Servers:
• Support for vMotion across vCenter server supports from vSphere 6.0 and later versions
• Destination vCenter server instance should have same SSO domain as source vCenter and this operation is possible via UI. Using API, it is possible with different SSO domain.
• 250 Mbps network bandwidth per vMotion operation
Properties of migration across vCenter Servers:
• Same VM UUID is maintained across vCenter Server instances
• All the VM related historical data like Events, Alarms and Tasks are preserved after the migration
• HA properties are Preserved and DRS anti-affinity rules are honored during the migration operation
Long Distance vMotion
With vSphere 6.0, migration for Long-Distance supports upto 100+ms RTTs(which was only 10 ms in previous versions). Long-Distance vMotion allows you to migrate your VMs from one datacenter to other datacenter of your organization. Below are few of the use cases of the Long Distance vMotion:
• SRM/DA testing
• Permanent migrations
• Disaster avoidance
• Multi-site load balancing
• Migration between Datacenters or Cloud Platform
Network Requirements:
• All the vCenters server must connect via Layer 3 Network.
• VM network should have L2 connectivity and same VM IP address available at destination location
• vMotion network should have L3 connectivity and 250 MBps per vMotion Operation
• For NFC network,routed L3 through Management Network or L2 connection
• For Networking, L4-L7 services manually configured at destination
. Differences between Vsphere 5.0, Vsphere 5.1,Vsphere 5.5 and Vsphere 6.0
|Features |Vsphere 5.0 |Vsphere 5.1 |Vsphere 5.5 |Vsphere 6.0 |
|H/W version |8 |9 |10 |11 |
|vCPU per VM |32 |64 |64 |128 |
|VMemory per VM |1 TB |1 TB |1 TB |4 TB |
|Physical CPU per host |160 |160 |320 |480 |
|Physical RAM per host |2 TB |2 TB |4 TB |12 TB |
|VMDK size |2 TB |2 TB |62 TB |62 TB |
|Cluster Size |32 |32 |32 |64 |
|VM in cluster |3000 |4000 |4000 |8000 |
|FT CPU per VM |1 CPU |1 CPU |1 CPU |4 CPU |
|FT Supported disk types | | |Eagered-Zerod |Lazy zero,eagered zeroed, thin |
| | | | |provision. |
|VMFS Version |5.54 |5.58 |5.60 |5.61 |
|Authentication | |Single sign-on |Single Sign on 5.5 |Platform service controller |
|Vmotion |Vmotion supported |Vmotion without shared |Vmotion without shared |Vmotion across Vcenter |
| | |storage |storage long distance |Vmotion across Virtual switches |
| | | |vmotion 10 ms RTT |long distance vmotion 100 ms RTT|
|VSAN |NO |NO |VSAN 5.5 |VSAN 6.0 |
|Virtual Volumes |NO |NO |NO |YES |
|Content Library |NO |NO |NO |YES |
|All-Flash VSAN |NO |NO |NO |YES |
|VSAN Scale |NO |NO |32 Nodes |64 Nodes |
|VSAN Fault Domain |NO |NO |NO |YES |
|Vcenter linked mode |GFD |GFD |Window and Microsoft ADAM |Window and VCSA Native |
| | | |replication |replication |
|NFS Support |NFS V3 |NFS V3 |NFS V3 |NFS 4.1 Support multipathing and|
| | | | |kerberos Authentication |
|Graphics Support |Software Based 3D graphics|Hardware Based 3D graphics |Improved 3D graphics |WDDM 1.1 GDI graphics |
| |support |support |support |Accelarations |
|VCSA With embedded database|5 hosts and 50 VM's |5 hosts and 50 VM's |300 hosts and 1000 VM's |1000 hosts and 10000 VM's |
|Features |Auto Deploy |Single Sign-on enhancement |Vsphere Flash Read Cache. |Virtual Volumes |
| |Storage DRS |vMotion sparse virtual disk|Virtual SAN |Vmotion across Vswitches |
| |Vsphere Storage appliance |Single root IO |Vsphere Big data extension|Cross vCenter vMotion |
| |Profile driven storage |virtualization |Reliable memory Technology|Native linked mode |
| |Vsphere web client |Vsphere replication |Vsphere Single Sign-On |Platform service Controller |
| |Vcenter server appliances |vSphere Data protection |40 GB NIC support. |Certificate Authority |
| |ESXi Firewall. |VShield end point | |Content Library |
|VMware HA Mechanism |Primary and Secondary |Master and Slave |Master and Slave |Master and Slave |
Platform Service controller
Platform service controller:- PSC controller is new service in Vsphere 6.0 that handle the infra structure security functions such as
Vcenter Single Sign-On,
Licensing
Certificate Management
Server reservation.
There are 2 different Deployment Models:
• vCenter with an embedded Platform Services Controller
• vCenter with an external Platform Services Controller
One of the Considerable Change, you will notice with installation is deployment models and embedded database. Embedded database has been changed from SQL express edition to vFabric Postgres database. vFabric Postgres database embedded with the installer is suitable for the environments with up to 20 hosts and 200 virtual machines and virtual center server 6.0 continuous to support Microsoft and Oracle Database as external database. with upgrades, where SQL express was installed will be converted to vPostgres. Let’s review the System requirements for the installation:
1 Supported Windows Operation System for Installation:
• Microsoft Windows Server 2008 SP2 64-bit
• Microsoft Windows Server 2008 R2 64-bit
• Microsoft Windows Server 2008 R2 SP1 64-bit
• Microsoft Windows Server 2012 64-bit
• Microsoft Windows Server 2012 R2 64-bit
2 Supported Databases for Installation:
• Microsoft SQL Server 2008 R2 SP1
• Microsoft SQL Server 2008 R2 SP2
• Microsoft SQL Server 2012
• Microsoft SQL Server 2012 SP1
• Microsoft SQL Server 2014
• Oracle 11g R2 11.2.0.4
• Oracle 12c
2 vCenter Server 6.0 Components:
There are two Major Components :
• vCenter Server: It contains all of the products such as virtual center Server, vSphere Web Client,Inventory Service, vSphere Auto Deploy, vSphere ESXi Dump Collector, and vSphere Syslog Collector
• VMware Platform Services Controller: Platform Services Controller contains all of the services necessary for running the products, such as vCenter Single Sign-On, License Service and VMware Certificate Authority
3 vCenter 6.0 Deployment Models:
vSphere 6.0 introduces two deployment model. virtual center server with external Platform Services Controller and with an embedded Platform Services Controller.
1 vCenter with an embedded Platform Services Controller:
All services bundled with the Platform Services Controller are deployed on the same host machine as virtual center Server. virtual center Server with an embedded Platform Services Controller is suitable for smaller environments with eight or less product instances.
[pic]
vCenter with an external Platform Services Controller:
The services bundled with the Platform Services Controller and virtual center Server are deployed on different host machines. You must deploy the VMware Platform Services Controller first on one virtual machine or host and then deploy virtual center Server on another virtual machine or host. The Platform Services Controller can be shared across many products. This configuration is suitable for larger environments with nine or more product instances.
[pic]
Snapshots
Taking a snapshot preserves the disk state at a specific time by creating a series of delta disks for each attached virtual disk or virtual RDM and optionally preserves the memory and power state by creating a memory file.
Taking a snapshot creates a snapshot object in the Snapshot Manager that represents the virtual machine state and settings.
The Snapshot Manager presents the snapshot hierarchy as a tree with one or more branches. The
relationship between snapshots is like that of a parent to a child. In the linear process, each snapshot has one parent snapshot and one child snapshot, except for the last snapshot, which has no child snapshots. Each parent snapshot can have more than one child. You can revert to the current parent snapshot or restore any parent or child snapshot in the snapshot tree and create more snapshots from that snapshot. Each time you restore a snapshot and take another snapshot, a branch, or child snapshot, is created.
Parent snapshot:-
The first virtual machine snapshot that you create is the base parent
snapshot. The parent snapshot is the most recently saved version of the
current state of the virtual machine. Taking a snapshot creates a delta disk
file for each disk attached to the virtual machine and optionally, a memory
file. The delta disk files and memory file are stored with the base .vmdk file.
The parent snapshot is always the snapshot that appears immediately above
the You are here icon in the Snapshot Manager. If you revert or restore a
snapshot, that snapshot becomes the parent of the You are here current state.
Child snapshot:-
A snapshot that is taken of the same virtual machine after the parent
snapshot. Each child constitutes delta files for each attached virtual disk, and
optionally a memory file that points from the present state of the virtual disk
(You are here). Each child snapshot's delta files merge with each previous
child snapshot until reaching the parent disks. A child disk can later be a
parent disk for future child disks.
Memory Snapshots
The default selection for taking snapshots. When you capture the virtual
machine's memory state, the snapshot retains the live state of the virtual
machine. Memory snapshots create a snapshot at a precise time, for example,
to upgrade software that is still working. If you take a memory snapshot and
the upgrade does not complete as expected, or the software does not meet
your expectations, you can revert the virtual machine to its previous state.
When you capture the memory state, the virtual machine's files do not
require quiescing. If you do not capture the memory state, the snapshot does
not save the live state of the virtual machine and the disks are crash
consistent unless you quiesce them.
Quiesced Snapshots
When you quiesce a virtual machine, VMware Tools quiesces the file system
of the virtual machine. A quiesce operation ensures that a snapshot disk
represents a consistent state of the guest file systems. Quiesced snapshots are
appropriate for automated or periodic backups. For example, if you are
unaware of the virtual machine's activity, but want several recent backups to
revert to, you can quiesce the files.
If the virtual machine is powered off or VMware Tools is not available, the
Quiesce parameter is not available. You cannot quiesce virtual machines that
have large capacity disks.
TCP Segmentation Offload(TSO) and Large receive Offload(LRO)
TCP Segmentation Offload (TSO) and large receive offload (LRO) might cause the number of mirroring
packets to not equal to the number of mirrored packets.
When TSO is enabled on a vNIC, the vNIC might send a large packet to a distributed switch. When LRO is
enabled on a vNIC, small packets sent to it might be merged into a large packet
egress traffic and ingress traffic
egress traffic refers to any outbound network communication or traffic that originates from an end-user's terminal within internal private network towards any external destination. An outgoing email is a perfect example of an egress traffic.
ingress traffic refers to any inbound communication that is originated from an external network entity outside of the private network towards a terminal or server within private network.
Preventing Virtual Disk shrinking
1 Right click on VM>Edit Setting>Option>Advanced>General> Click on Configuration parameters and add the below lines.
Name Value
isolation.tools.diskWiper.disable TRUE
isolation.tools.diskShrink.disable TRUE
Disable copy paste operations between Guest operating system and Remote Console
1 Right click on VM>Edit Setting>Option>Advanced>General> Click on Configuration parameters and add the below lines.
Name Value
isolation.tools.copy.disable TRUE
isolation.tools.paste.disable TRUE
Preventing Virtual Machine user or process from disconnecting from device.
Users and processes without root or administrator privileges within virtual machines have the capability to connect or disconnect devices, such as network adaptors and CD-ROM drives, as well as the ability to
modify device settings. To increase virtual machine security, remove these devices. If you do not want to
permanently remove a device, you can prevent a virtual machine user or process from connecting or
disconnecting the device from within the guest operating system.
Prerequisites
Turn off the virtual machine.
1 Right click on VM>Edit Setting>Option>Advanced>General> Click on Configuration parameters and add the below lines.
Name Value
isolation.device.connectable.disable TRUE
isolation.device.edit.disable TRUE
Persistent and non persistent mode
Persistent mode:-
All data written to a disk in persistent mode are written permanently to the disk.
non Persistent mode:-
Changes to disks in nonpersistent mode are discarded when you power off or reset the virtual machine. With nonpersistent mode, you can restart the virtual machine with a virtual disk in the same state every time. Changes to the disk are written to and read from a redo log file that is deleted when you power off or reset.
Storage Controller
Bus Logic Parallel
LSI Logic Parallel
LSI Logic SAS
VMware Para virtual SCSI.
AHCI SATA Controller.
A SCSI controller, also called a host bus adapter (HBA), is a card or chip that allows a Small Computer System Interface (SCSI) storage device to communicate with the operating system across a SCSI bus.
Storage Controller limitation
• LSI Logic SAS and VMware Para virtual SCSI are available for virtual machines with ESXi 4.x and later compatibility.
• AHCI SATA is available only for virtual machines with ESXi 5.5 and later compatibility.
• Bus Logic Parallel controllers do not support virtual machines with disks larger than 2TB.
Port Binding
Ports are assigned to VM when VM's are connected to the Distributed Switch.
Static Port Binding:- Assign port to VM when it is connected to Distributed port group, this option is not available when Vsphere client directly connected to ESXi.
Dynamic Port Binding:- To assign port to VM the first time VM power on after its connected to distributed port group.
Ephemeral:- For no port binding, this option is not available when Vsphere client directly connected to ESXi.
VMware Standard Switch and Distributed Switch.
A Network Switch direct network traffic
vSwitch:- Carry VM's traffic to physical Network and other VM's.
A standard vSwitch works within one ESX/ESXi host only. Distributed Vswitches allow different hosts to use the switch as long as they exist within the same host cluster. A distributed vSwitch extends its ports and management across all the servers in a cluster, supporting up to 500 hosts per distributed switch.
VMware Standard and Distributed Switch (vSwitch and dvSwitch)
By default VMware hypervisors are configured with a standard switch called vSwitch0:
[pic]
By default the first physical adapter (called vmnic0) is attached to the vSwitch0 and acts as uplink to the physical network. A first network with label “VM Network” is created and dedicated to VMs, and a second label named “Management Network” is dedicated to VMkernel adapters. A VMkernel adapter is a special virtual adapter directly mapped to the hypervisor; inside it flow special types of traffic like: Management, vMotion, FT, vSAN, NFS/iSCSI… Only Management Traffic is enabled by default on first vmk adapter.
Port group is referred to a Network label and is a software isolated group of virtual ports. All ports inside a port group/network label has:
• same VLAN (can be also configured as a trunk even if it’s seldom used);
• same security policies (Promiscuous mode, MAC Address Changes, Forged Transmit);
• same traffic shaping policies;
• same failover policies.
No packets can flow between different Network labels using the hypervisor, but if two port group are defined for the same VLAN, communications can still happen using the physical switches.
A distributed virtual switch (dvSwitch) is an enhanced vSwitch where “distributed” refers to the configuration, not to the switching capabilities. A dvSwitch is a centrally managed vSwitch where host configuration is assured to be compliant.
Neither vSwitches or dvSwitches behave like physical switches:
• they don’t run Spanning Tree Protocol (STP), they simply ignore BPDU frames;
• each ESXi host presents itself like an end host (portfast and BPDU guard should be used on the switch side);
• Layer 2 loops are avoided because received frames from an uplink adapter are not retransmitted to other uplink adapters.
5 vSwitch and dvSwitch comparison
|Feature |vSwitch |dvSwitch |
|Spanning Tree Protocol (STP) |✕ |✕ |
|802.1q (VLAN) support |✓ |✓ |
|NIC Teaming/Load Balancing |✓ (No LACP) |✓ |
|Cisco Discovery Protocol (CDP) |Receive Only |✓ |
|Traffic Shaping |Outbound Only |✓ |
|Private VLAN (PVLAN) |✕ |✓ |
|Netflow |✕ |✓ |
|SPAN (dvMirror) port |✕ |✓ |
|Link Layer Discovery Protocol (LLDP) |✕ |✓ |
|Traffic Filtering |✕ |✓ |
|Traffic Marking |✕ |✓ |
Different Types of Vmotion.
➢ cross-vCenter vMotion
➢ cross-vSwitch vMotion (VSS to VSS, VSS to VDS, VDS to VDS)
➢ routed vMotion
➢ increased Metro vMotion capabilities (up to 100ms)
➢ Long distance Vmotion.
|CROSS VCENTER VMOTION |
vSphere 6 allows to simultaneously change compute, storage, networks, and management. This enables you to migrate virtual machines across Datacenter and vCenter boundaries. VM Properties are maintained across vCenter Server instances, this includes VM UUID, Events and Tasks History, Alarms, DRS anti-affinity rules and HA properties.
In single operation you’re able to move a VM from vCenter 1 where this VM is placed on certain Host, lays on some datastore and is present in some resource pool, into a vCenter 2 where the VM lays on different datastore, is on different host and it’s part of different resource pool.
➢ Change compute (vMotion) – Performs the migration of virtual machines across compute hosts.
➢ Change storage (Storage vMotion) – Performs the migration of the virtual machine disks across datastores.
➢ Change network (Cross vSwitch vMotion) – Performs the migration of a VM across different virtual switches.
➢ Change vCenter (Cross vCenter vMotion) – Performs the migration of the vCenter which manages the VM.
• Additionally HA/DRS settings that will persist after the vMotion are:
• Affinity/Anti Affinity Rules
• Automation level
• Start-up priority
• Host isolation response
• These are the resource settings that be migrated:
• Resource Settings
• Shares
• Reservations
• Limits
[pic]
Requirements for Cross Vcenter vMotion:-
➢ The source and destination vCenter Server instances and ESXi hosts must be running version 6.0 or later.
➢ The cross vCenter Server and long distance vMotion features require an Enterprise Plus license.
➢ When using the vSphere Web Client, both vCenter Server instances must be in Enhanced Linked Mode and must be in the same vCenter Single Sign-On domain so that the source vCenter Server can authenticate to the destination vCenter Server.
➢ Both vCenter Server instances must be time-synchronized with each other for correct vCenter Single Sign-On token verification.
➢ Both vCenter Server instances must be connected to the shared virtual machine storage.
➢ When using the vSphere APIs/SDK, both vCenter Server instances may exist in separate vSphere Single Sign-On domains. Additional parameters are required when performing a non-federated cross vCenter Server vMotion.
|CROSS vSWITCH VMOTION |
VMware vMotion is no longer restricted by the network configured with vSwitch. with vSphere 6.0, It is possible to perform migration across Virtual switches (Standard switch or Distributed Switch),Which transfers all the VDS port metadata during the migration. It is entirely transparent to the Guest VM’s and No downtime is required to perform this operation across Vswitches. Only one requirement for the migration across Vswitches is that you should have L2 VM Connectivity.
Cross vSwitch vMotion basically allows you to do what the name tells you. It allows you to migrate virtual machines between different vSwitches. Not just from vSS to vSS but also from vSS to vDS and vDS to vDS. Note that vDS to vSS is not supported. This is because when migrating from vDS metadata of the VM is transferred as well and the vSwitch does not have this logic and cannot handle the metadata. Note that the IP Address of the VM that you are migrating will not magically change, so you will need to make sure both the source and the destination portgroup belong to the same layer 2 network.
[pic]
With vSphere 6.0, It is possible to perform vMotion of VM’s in 3 different ways:
• Migration of VMs from Standard switch to Standard switch (VSS to VSS)
• Migration of VMs from Standard switch to Distributed Switch (VSS to VDS)
• Migration of VMs from Distributed Switch to Distributed switch (VDS to VDS)
•
|LONG DISTANCE VMOTION |
Long Distance vMotion is an extension of Cross vCenter vMotion however targeted for environments where vCenter servers are spread across large geographic distances and where the latency across sites is 100ms or less.
Although spread across a long distance, all the standard vMotion guarantees are honored. This does not require VVOLs to work. A VMFS/NFS system will work also.
[pic]
With Long Distance vMotion you can now:
• Migrate VMs across physical servers that spread across a large geographic distance without interruption to applications
• Perform a permanent migration for VMs in another datacenter.
• Migrate VMs to another site to avoid imminent disaster.
• Distribute VMs across sites to balance system load.
• Follow the sun support.
There are several requirements for Long Distance vMotion to work:
The requirements for Long Distance vMotion are the same as Cross vCenter vMotion, except with the addition of the maximum latency between the source and destination sites must be 100 ms or less, and there is 250 Mbps of available bandwidth.
To stress the point: The VM network will need to be a stretched L2 because the IP of the guest OS will not change. If the destination portgroup is not in the same L2 domain as the source, you will lose network connectivity to the guest OS. This means in some topologies, such as metro or cross-continental, you will need a stretched L2 technology in place. The stretched L2 technologies are not specified. Any technology that can present the L2 network to the vSphere hosts will work, as it’s unbeknown to ESX how the physical network is configured. Some examples of technologies that would work are VXLAN, NSX L2 Gateway Services, or GIF/GRE tunnels.
There is no defined maximum distance that will be supported as long as the network meets these requirements. Your mileage may vary, but are eventually constrained by the laws of physics.
The vMotion network can now be configured to operate over an L3 connection.
With vSphere 6.0, migration for Long-Distance supports upto 100+ms RTTs(which was only 10 ms in previous versions). Long-Distance vMotion allows you to migrate your VMs from one datacenter to other datacenter of your organization. Below are few of the use cases of the Long Distance vMotion:
SRM/DA testing
Permanent migrations
Disaster avoidance
Multi-site load balancing
Migration between Datacenters or Cloud Platform
Network Requirements:
✓ All the vCenter server must connect via Layer 3 Network.
✓ VM network should have L2 connectivity and same VM IP address available at destination location
✓ vMotion network should have L3 connectivity and 250 MBps per vMotion Operation
✓ For NFC network, routed L3 through Management Network or L2 connection
✓ For Networking, L4-L7 services manually configured at destination
|METRO VMOTION |
In vSphere 4.1, vMotion was supported only when the latency between the source and destination ESXi/ESX hosts was less than 5 ms RTT. Metro vMotion was introduced in vSphere 5.0: the maximum supported round trip time latency between two hosts was extended 10ms with vSphere Enterprise Plus license.
In vSphere 6, long-distance vMotion will be possible with up to 100 ms RTT between two hosts, allowing cross-continental migrations.
What is Fault domain Manager (FDM)
This agent is responsible for monitoring host availability and the power state of protected VMs, with the mission of restarting protected VMs when a host or VM fails.
DRS Affinity and Anti- affinity rule
Affinity rules – VM/VM
At times, you need to ensure that multiple virtual machines are always running on the same host. As such, if one of the virtual machines is vMotioned to a different host, the associated virtual machines must be moved as well. The scenario is common between, for example, application and database servers where keeping communications between the VMs on the same host is preferable to having that communication traverse a network link.
Affinity rules – Host/VM
In other cases, it’s not important to maintain VM to VM communication, but you need to make sure that certain workloads always run on the same host. Many companies, for example, want to know on which host vCenter is running or they may have an application running inside a virtual machine, but that application is tied via licensing rules to the current vSphere host. Administrators can create virtual machine to host affinity rules to make sure that these virtual machines are never migrated to other hosts. Of course, the downside here is that the failure of the host will result in the workload going down as well.
Anti-affinity rules – VM/VM
Finally, there are times during which certain virtual machines should not run on the same host. For example, most organizations want to make sure that at least one domain controller remains available at all times, so those organizations will create VM to VM anti-affinity rules which state that these virtual machines are to run on different hosts, even if performance would be better by combining them.
Differences between VMware ESX server and VMware ESXi server.
What is VMware ESX ?
ESX (Elastic Sky X) is the VMware’s enterprise server virtualization platform. In ESX, VMkernel is the virtualization kernel which is managed by a console operating system which is also called as Service console. Which is linux based and its main purpose is it to provide a Management interface for the host and lot of management agents and other thrid party software agents are installed on the service console to provide the functionalists like hardware management and monitoring of ESX hypervisor. [pic]
What is VMware ESXi ?
ESXi (Elastic sky X Integrated) is also the VMware’s enterprise server virtualization platform. In ESXi, Service console is removed. All the VMware related agents and third party agents such as management and monitoring agents can also run directly on the VMkernel. ESXi is ultra-thin architecture which is highly reliable and its small code-base allows it to be more secure with less codes to patch. ESXi uses Direct Console User Interface (DCUI) instead of a service console to perform management of ESXi server. ESXi installation will happen very quickly as compared to ESX installation.
[pic]
|Capability |ESX |ESXi |
|Service Console |Present |Removed |
|Troubleshooting performed via |Service Console |ESXi Shell |
|Active Director Authentication |Enabled |Enabled |
|Secure Syslog |Not Supported |Supported |
|Management Network |Service Console Interface |VMKernel Interface |
|Jumbo Frames |Supported |Supported |
|Hardware Montioring |3 rd Party agents installed in Service |Via CIM Providers |
| |console | |
|Boot from SAN |Supported in ESX |Supported in ESXi |
|Software patches and updates |Needed as smilar to linux operation |Few pacthes because of small footprint and more secure |
| |system | |
|vSphere web Access |Only experimental |Full managenet capability via vSPhere web client |
|Locked Down Mode |Not present |Present . Lockdown mode prevents remote users to login to |
| | |the host |
|Scripted Installtion |Supported |Supported |
|vMA Support |Yes |Yes |
|Major Administration command-line Command|esxcfg- |esxcli |
|Rapid deployment via Auto Deploy |Not supported |Supported |
|Custom Image creation |Not supported |Supported |
|VMkernel Network Used for |vMotion,Fault Tolarance,Stoarge |Management Network , vMotion, Fault Tolarance, Stoarge |
| |Connectivity |Connectivity, ISCSI port binding |
Storage IO Controller
• SIOC is a method to ensure that the VM's on datastore get a fair share of I/O resources during the period of high contention or latency.
• Important Virtual Machines get preferences when compared to less important Virtual Machines for I/O resource allocation.
• Can be used both with and without Storage DRS as it includes two different thresholds i.e Standalone without DRS and with vSphere Storage DRS.
• Quite Similar to the concept used by DRS for CPU/Memory the higher the shares value higher the resources it get.
SIOC Requirements
• SIOC is supported on FC,ISCSI, and NFS not supported with Raw Device Mapping (RDM)
• vSphere Enterprise Plus License.
• Datastore which are SIOC enabled must be managed by single vCenter Server.
• .
• Quite Similar to the concept used by DRS for CPU/Memory the higher the shares value higher the resources it get.
SIOC Requirements
• SIOC is supported on FC,ISCSI, and NFS not supported with Raw Device Mapping (RDM)
• vSphere Enterprise Plus License.
• Datastore which are SIOC enabled must be managed by single vCenter Server.
How It Works?
• To configure the vSphere SIOC enable it for the particular datastore as it is disabled by default.
• Set the number of storage I/O shares for each VM's and limit for IOPS by default the limit is unlimited.
• Once Enabled ESXi starts monitoring the latency when communicating with the datastore and if it exceeds the threshold value means it's congested.
• SIOC uses Workload Injector Based Model and only runs when the datastore is in an ideal state.
• It automatically determines the latency, moreover this can also be overridden by specifying specific latency value.
• Automatic detection works well when you have multiple disk arrays and many datastore are configured for SIOC
What’s New in VMware vSphere 6.0 ?
1. VMware vSphere Virtual Volumes. (vvols)
2. vSphere Content Library .
3. Cross-vCenter Clone and Migration
Enhancement Area’s:
1. Increased Scalability
2. Expanded Support
3. Amazing Graphics with NVIDIA
4. Instant 10x Faster Clone
5. Network IO Control
6. Multicast Snooping
7. Multiple TCP/IP Stack for vMotion
8. vMotion Enhancements (over distances of up to 100ms RTT. )
9. Replication-Assisted vMotion
10. Fault Tolerance (up to 4-vCPUs)
11. Enhanced User Interface (web client)
Let’s see the comparison between VMware vSphere 6.0 and VMware vSphere 5.5 & 5.1 versions.
ESXi – Hypervisor Level – Comparison:
[pic]Hyper-visor Level comparison – VMware
Virtual Machine Level Difference:
[pic]Virtual Machine Level Comparison
VMware vCenter Level Differences:
[pic]
Differences between NTFS and VMFS
|Capability |NTFS |VMFS |
|File Extension |No Extension |Dynamically extension of |
|Partition Style |MBR (Master Boot Record) style |GPT (GUID Partition Table) |
|Available Block Size |1 MB/2MB/4MB/8MB | only 1 MB |
|Maximum size of RDM in |2 TB less 512 bytes |2 TB less 512 bytes |
|Virtual Compatibiltiy | | |
|Maximum size of RDM in |2 TB less 512 bytes |64 TB |
|Phsical Compatibiltiy | | |
|Supported Hosts versions |ESX/ESX 3.X, 4.X & 5.x |Only ESXi 5 is supported |
Differences between vSphere 4.1 and vSphere 5.0
|Features |vSphere 4.1 |vSphere 5.0 |
|Hypervisor |ESX & ESXi |Only ESXi |
|VMA |Yes VMA 4.1 |Yes VMA 5 |
|HA Agent |AAM |FDM |
| |Automatic Availability |Fault Domain Manager |
| |Manager | |
|HA Host Approach |Primary & Secondary |Master & Slave |
|HA Failure Detection |Management N/W |Management N/W and Storage |
| | |communication |
|HA Log File |/etc/opt/vmware/AAM |/etc/opt/vmware/FDM |
|DNS Dependent on DNS |Yes |NO |
|Host UEFI boot support |NO |boot systems from hard drives, CD/DVD drives, or USB |
| | |media |
|Storage DRS |Not Available |Yes |
|VM Affinity & Anti-Affinity |Available |Available |
|VMDK Affinity & Anti-Affinity |Not Available |Available |
|Profile driven storage |Not Available |Available |
|VMFS version |VMFS-3 |VMFS-5 |
|VSphere Storage Appliance |Not Available |Available |
|Iscsi Port Binding |Can be only done via Cli | Configure dependent |
| |using ESXCLI |hardware iSCSI and software |
| | |iSCSI adapters along with the |
| | |network configurations and |
| | |port binding in a single dialog |
| | | box using the vSphere Client. |
|Storage I/O control for NFS |Fiber Channel |Fiber Channel & NFS |
|Storage Vmotion Snapshot support |VM with Snapshot cannot be migrated using |VM with Snapshot can be migrated using Storage |
| |Storage vMotion |vMotion |
|Swap to SSD |NO |Yes |
|Network I/O control |Yes |Yes with enhancement |
|ESXi firewall |Not Available |Yes |
|vCenter Linux Support |Not Available |vCenter Virtual Appliance |
|vSphere Full Client |Yes |Yes |
|vSphere Web Client |Yes |yes with lot of improvements |
|VM Hardware Version |7 |8 |
|Virtual CPU per VM |8 vCpu |32 vCpu |
|Virtual Machine RAM |255 GB |1 TB of vRAM |
|VM Swapfile size |255 GB |1 TB |
|Support for Client connected USB |Not Available |Yes |
|Non Hardware Accelerated |Not Available |Yes |
|3D grpahics support | | |
|UEFI Virtual BIOS |Not Available |Yes |
|VMware Tools Version |4.1 |5 |
|Mutlicore vCpu |Not Available |Yes configure at VM setting |
|MAC OS Guest Support |Not Available |Apple Mac OS X Server 10.6 |
|Smart card reader support for VM |Not Available |Yes |
|Auto Deploy |Not Available |Yes |
|Image Builder |Not Available |Yes |
|VM’s per host |320 |512 |
|Max Logical Cpu per Host |160 |160 |
|RAM per Host |1 TB |2 TB |
|MAX RAM for Service Console |800 MB |Not Applicable (NO SC) |
|LUNS per Server |256 |256 |
|Metro Vmotion |Round-trip latencies of up to |Round-trip latencies of up to |
| |5 milliseconds. |10 milliseconds. This provides better performance |
| | |over |
| | |long latency networks |
|Storage Vmotion |Moving VM Files using moving to using dirty|Moving VM Files using I/O |
| |block tracking |mirroring with better enhancements |
|Virtual Distributed Switch |Yes |Yes with more enhancements |
| | |like deeper view into virtual machine traffic through|
| | |Netflow and enhances monitoring and troubleshooting |
| | |capabilities through SPAN and LLDP |
|USB 3.0 Support |NO |Yes |
|Host Per vCenter |1000 |1000 |
|Powered on virtual machines |10000 |10000 |
| per vCenter Server | | |
|Vmkernel |64-bit |64-bit |
|Service Console |64-bit |Not Applicable (NO SC) |
|Licensing |vSphere Essentials |vSphere Essentials |
| |vSphere Essentials Plus |vSphere Essentials Plus |
| |vSphere Standard |vSphere Standard |
| |vSphere Advanced |vSphere Enterprise |
| |vSphere Enterprise |vSphere Enterprise Plus |
| |vSphere Enterprise Plus | |
Upgrading from VMFS3 to VMFS 5
[pic]
VCB VMware Consolidate Backup
➢ VMware Consolidated Backup is a backup framework, which enables 3rd party tools to take backups. VCB is used to help you backup your VMware ESX virtual servers. Essentially, VCB is a "backup proxy server".
➢ It is not backup software.
➢ Tools like Veritas Net backup,veeam backup.
➢ If you use VCB, you still need backup software.
➢ It is commonly installed on its own dedicated Windows physical server.
➢ VMware Consolidated Backup (VCB) is a Windows based application that provides a centralized backup facility to backup virtual machines through a proxy server without affecting the virtual machine itself
➢ VCB is an alternative to traditional agent based backup methods and is an enablement technology; it cannot backup virtual machines by itself but instead works with 3rd party backup products to help offload backup overhead from virtual machines and host servers.
[pic]
Figure .VCB VMware consolidate backup
How VCB Work:-
➢ If you are doing a file level backup, VCB does a snapshot of the VM, mounts the snapshot, and allows you to backup that mounted "drive" through VCB to your 3rd party backup software
➢ If you are doing an image level backup of the VM, VCB does a snapshot of the VM, copies the snapshot to the VCB server, unsnaps the VM, and allows you to backup the copied snapshot image with your 3rd party backup software.
Benefits of VCB:-
➢ Centralize backups of VMware ESX Virtual Servers
➢ Provide file-level backups of VMware ESX Virtual Servers - both full and incremental (file level backup available to only Windows guests)
➢ Provide image-level backups
➢ Prevent you from having to load a backup agent on every Virtual Machine
➢ Prevent you from having to shutdown Virtual Machines to get a backup
➢ Provides LAN-Free backup because the VCB server is connected to the SAN through your fibre channel adaptor
➢ Provides centralized storage of Virtual Server backups on the VCB server, that is then moved to your backup tapes through the 3rd party backup agent you install
➢ Reduces the load on the VMware ESX servers by not having to load a 3rd party backup agent on either the VMware ESX service console or on each virtual machine.
➢ Utilizes VMware Snapshots
differences between Virtual and Physical compatibility modes
Virtual compatibility mode—this mode fully virtualizes the mapped device, which appears to the guest operating system as a virtual disk file on a VMFS volume. Virtual mode provides such benefits of VMFS as advanced file locking for data protection and use of snapshots.
Physical compatibility mode—this mode provides access to most hardware characteristics of the mapped device. VMkernel passes all SCSI commands to the device, with one exception, thereby exposing all the physical characteristics of the underlying hardware. In this mode, the mapping is done as follows, when we create a mapping, the configuration stored in a file and that file is stored with the vm files in datastore. This file points to the raw device and makes it accessible to the vm.
RDM Raw Device Mapping.
❖ Raw device mapping (RDM) is an option in the VMware server virtualization environment that enables a storage logical unit number (LUN) to be directly connected to a virtual machine (VM) from the storage area network (SAN).
❖ RDM is one of two methods for enabling disk access in a virtual machine. The other method is Virtual Machine File System (VMFS).
❖ RDM can be used for configurations involving clustering between virtual machines, between physical and virtual machines or where SAN-aware applications are running inside a virtual machine.
❖ RDM can be configured in either virtual compatibility mode or physical compatibility mode
❖ VMFS and RDM produce similar input/output (I/O) throughput.
RDM is used when:-
❖ You wish to Cluster VM across boxes or Physical to Virtual,In any MSCS clustering scenario that spans physical hosts — virtual-to-virtual clusters as well as physical-to-virtual clusters. In this case, cluster data and quorum disks should be configured as RDMs rather than as files on a shared VMFS.
❖ To enable use of SAN Management software inside VM’s
[pic]
Imagine RDM as symbolic link from VMFS Volume to a raw LUN,mapping makes LUN appear as files in VMFS. It RDM not RAW LUN is referred in the virtual machine configuration. When you map a LUN to VMFS, it creates a file with extension vmdk, which points to RAW LUN.This just a file, which contains information about RAW LUN and it is locked by virtual center so that VM can write to LUN. In short it means actually data is written on the disk.
Types of data supported supported in esx 3.5
➢ ISCSI Datastore
➢ FC SAN Datastore
➢ Local VMFS
➢ NAS
➢ NFS
How can you configure these different types of data stores on ESX3.5?
If we have FC cards installed on the esx servers, by going to the storage option, we can scan for the luns.
What SAN or NAS boxes have you configured VMware with ? How did you do that ?
Storage team will provide the LUN information, with that we will add those LUNs to ESX hosts from VM storage.
What kind of applications or setups you have on you Virtual Machines ?
Exchange server and Share Point, but these are for DEMO purposes, Cirtrix presentation servers etc.
Snapshots
For live consolidations, virtual machine activity (specifically disk writes) during this time must also be committed. This delta information is kept in a temporary Consolidate Helper snapshot, committed at the end of the snapshot removal. For busy virtual machines, the volume of activity may obligate system resources for longer than a usual amount of time, resulting in more Consolidate Helper snapshot delta.
For example, a virtual machine with one virtual disk (disk.vmdk) and a snapshot.
disk.vmdk with extent disk-flat.vmdk
disk-000001.vmdk with extent disk-000001-delta.vmdk
If you choose to remove or consolidate the snapshot:
An additional snapshot delta is created, the Consolidate Helper:
disk.vmdk with extent disk-flat.vmdk
disk-000001.vmdk with extent disk-000001-delta.vmdk
disk-000002.vmdk with extent disk-000002-delta.vmdk. The virtual machine is no longer writing to the above two files; all current writes while the snapshot removal is in progress are committed to the disk-000002-delta.vmdk extent file via disk-000002.vmdk.
The VMware ESXi/ESX host's DiskLib API consolidates disk-flat.vmdk with disk-000001-delta.vmdk. Meanwhile, the virtual machine continues writing to disk-000002-delta.vmdk.
After completing the consolidation of the snapshot, the ESXi/ESX host consolidates the Consolidate Helper disk-000002-delta.vmdk with disk-flat.vmdk.
When all delta information recorded in disk-000002-delta.vmdk has been committed to disk-flat.vmdk, disk-000002-delta.vmdk and its descriptor file disk-000002.vmdk are removed from the datastore. The virtual machine continues from its base disk or selected point.
When performing a live migration of a virtual machine from one VMware vSphere ESXi host to another, VMware vMotion consist of these steps:
1. vMotion request is sent to the vCenter Server
2. vCenter Server sends the vMotion request to the destination ESXi host
3. vCenter Server computes the specifications of the virtual machine to migrate
4. vCenter Server sends the vMotion request to the source ESXi host to prepare the virtual machine for migration
5. vCenter Server initiates the destination virtual machine
6. vCenter Server initiates the source virtual machine
7. vCenter Server switches the virtual machine's ESXi host from the source to destination
8. vCenter Server completes the vMotion task
Role is a collection of privileges assigned to group or a user.
Global Permissions – Global permissions are applied to a global root object .
vCenter Server Permissions – Hierarchical model. Permission gives you a certain number of privileges.
.
• Group Membership in vSphere.local Groups – The vsphere.local domain includes several predefined groups.
ESXi Local Host Permissions – If you are managing a standalone ESXi host that is not managed by a vCenter Server system, you can assign one of the predefined roles to users.
ENABLE/CONFIGURE/DISABLE SERVICES IN THE ESXI FIREWALL
esxcli network firewall ruleset list
OPEN FIREWALL PORT VIA CLI:
esxcli network firewall ruleset set -e true -r httpClient
ENABLE LOCKDOWN MODE
When you enable lockdown mode, you can't connect directly from the console. the host is accessible only through the
vSphere client directly or via vCenter server.
Lockdown Modes:
• Disabled - Lockdown mode is disabled.
• Normal - Lockdown mode is enabled. The host can only be accessed from vCenter or from the console (DCUI).
• Strict - Lockdown mode is enabled. The DCUI service is stopped. The host can not be accessed from the console
(DCUI).
CONFIGURE NETWORK SECURITY POLICIES
Network security policies are defined on two places:
• vSwitch level
• Portgroup level
Three different policies:
• Promiscuous mode – If set to Accept then it allows the guest OS to receive all traffic observed on the
connected vSwitch or PortGroup (the switch becames a HUB basically - with all the inconveniences, packet
colisions, performance degradation etc... ). By default it's Reject
• MAC address changes – A host is able to accepts requests to change the effective MAC address to a different
address than the initial MAC address. By default it's Accept
• Forged transmits – A host does not compare source and effective MAC addresses transmitted from a virtual
machine. By default it's Accept.
PSC Deployment Options - A two different type installation are allowed:
• Embedded (in the same VM)
• External
The embedded PSC is meant to be used for standalone sites where vCenter server will be the only SSO integrated
solution. In this case a replication to another PSC is not necessary.
External PSC shall be deployed in environments where there is more then one SSO enabled solution (vCenter Server,
vRealize Automation, etc…) OR where replication to another PSC (another site) is necessary.
There are different ESXi Certificate replacement modes:
• Default - VMCA as cert authority where VMCA issues certs for your hosts.
• Custom - you can override and do and issue certs manually via VMCA
• Thumbprint mode - this way you keep certs from vSphere 5.5
The VMware SSO uses different configuration policy which can be found via vSphere Web client only:
Administration > Single Sign-On > Configuration Policies
• Password Policy
• Lockout Policy
• Token Policy
IDENTIFY AVAILABLE AUTHENTICATION METHODS WITH VMWARE VCENTER
web client >Administration > Single Sign-On > Configuration > Identity Sources
And we can see that there are four of them:
• AD integrated (preferred)
• Active Directory LDAP
• Open LDAP
• NetFlow Support - Netflow is used for troubleshooting, it picks a configurable number of samples of network
traffic for monitoring..
• PVLAN Support - PVLAN is able to get more from VLANs (which are limited in numbers) and you can use these
PVLANS to further segregate your traffic and increase security. (Note: Enterprise plus licensing required! Check
my detailed post on PVLANs here.
• Ingress and egress traffic shaping - Inbound/outbound traffic shaping, which allows you throttle bandwidth
to the switch.
• VM Port Blocking - can block VM ports in case of viruses or troubleshooting...
• Load Based Teaming - LBT is an additional load balancing that works off the amount of traffic a queue is
sending
• Central Management across cluster - vDS can create the config once and push it to all attached hosts...so you
don't have to go to each host one-by-one...
• Per Port Policy Settings - It's possible to override policies at a port level which gives you more controll
• Port State Monitoring - This feature allows each port to be monitored separately from other ports
• LLDP - Allows supports for link layer discovery protocol
• Network IO Control - possibility to set priority on port groups and reserve bandwidth for VMs connected to
this port group.
• LACP Support - LACP (Link aggregation control protocol) ability to aggregate links together into a single link
(your physical switch must support it!)
• Backup/Restore Network config - It's possible to backup/restore network config at the vDS level (Not new!
• Port Mirroring - Allows monitoring and can send all traffic from one port to another
Stats stays at the VM level - statistics move with the VM even after vMotion.
Different VMkernel Services, like :
• vMotion traffic
• Provisioning traffic
• Fault Tolerance (FT) traffic
• Management traffic
• vSphere Replication traffic
• vSphere Replication NFC traffic
• VSAN traffic
Memory Reclaiming Techniques.
Memory reclamation techniques such as ( Memory ballooning, Compression or swapping) will come into action based on the amount of ESXi free host memory. There are 4 different ESXi host states.
1. High
2. Soft
3. Hard
4. Low
High -> By default Transparent Page sharing will be always running
Soft -> Memory ballooning will be activate, when ESXi enters the soft state and remains active until ESXi is back to high state.
Hard & Low -> Memory compression and hypervisor-level memory swapping are used by ESXi when ESX is in the hard or low state
Low -> If the host’s memory usage is above the Low state, ESXi host will stop creating the new pages for Virtual machines and continues compressing and swapping until free up more memory.
There are four different methods by which ESX reclaims virtual machine memory. They are:
Transparent Page sharing
Ballooning
Hypervisor swapping
Memory compression
Transparent Page Sharing
TPS Which is similar to the storage deduplication technique but it works for memory instead of storage. Transparent page sharing runs by default regardless of ESXi host memory state. TPS will always run on the ESXi host even ESXi memory state is high. Transparent page sharing works with powered on Virtual machines. Transparent page sharing finds all the identical memory pages of the virtual machines running on the host and maps that all identical pages with a single page. ESXi hosts periodically scans the content of guest physical memory for sharing. Let’s consider, When multiple virtual machines are running same guest operating systems and similar applications. Using this transparent page sharing, hypervisor will eliminates the redundant memory pages and maps the identical contents in only one page in the physical memory. with the use of TPS, Virtual machine memory consumption on the host will get reduced and allows higher level of memory over commitment.
TPS runs periodically and it scans all memory pages and calculates the hash value for each of them. Those hash values are saved in the global hash table and which are compared to each other by ESXi kernel. Every time VMkernel finds two identical hashes, It performs bit-by-bit comparison of corresponding memory pages. If pages are same, Kernel leaves only one copy of the page in the memory and removes the second copy. when one of your Virtual machine requests to write to the page, VMkernel creates a new page and new page access will only be provided to that particular virtual machine. This terminology is called Copy-on Write (COW).
[pic]
3 VM’s (vCenter-vm01,vm02 & vm03) on the ESXi host. You can see the Logical Page number(a,b,d) which are common on all the 3 virtual machines. Using Transparent Page sharing, redundant memory pages (a,b,d) are mapped into single copy at physical memory by removing the redundant copies. You can compare the memory savings before and after TPS. It uses the Hash table to compare the identical memory pages.
esxtop -> Press m
You will be able to see how much % of memory is overcommitted in your ESXi host using the Value MEM Overcommit avg. The MEM overcommit avg tells us that the average memory over commitment level averages in 1-min, 5-min and 15-min. A value of 0.50 is a 50% over commitment of memory. In our case it is 5.87 which is nothing but 587% memory over commitment on my host. My ESXi host is having 5 GB of memory with 5 Virtual Machines. Out 5, 4 VM’s are allocated with 8 GB and 1 VM alloacted with 2 GB of memory. My total ESXi memory is 5 Gb but allocated memory for Virtual machines is 34 GB. which is almost 7 times the available memory of my ESXi host. This over commitment becomes only possible because of this VMware Memory management techniques.
Detailed stats about Memory saving using Transparent page sharing can be found with PSHARE value. Take a look at PSHARE/MB 2575 MB which is shared between the Virtual machines out of which 355 MB is common. Which allows us to save 2220 MB of memory using Transparent Page sharing.
[pic]
Memory which are shared at individual Virtual Machines can also be viewed using the resource allocation tab of each virtual machines. Below Virtual machine is having around shared memory of around 1.64 GB. which is the Amount of guest “physical” memory shared with other virtual machines using the transparent page-sharing mechanism.
[pic]
> What is shared ? (See the first image) What is TPS (Transparent Page Sharing) ? How it works ?
Shared is amount of memory that has been shared across other VM’s using TPS (Transparent Page Sharing) mechanism. Hope you have heard about the deduplication on the storage. In storage, deduplication is the process to eliminate the duplicate copies of data using some check-sum mechanism. Same sense has been applied for Memory here.Its just eliminates the duplicate memory contents at ESXi level.
[pic]TPS – VMware
In one ESXi host , you may run many similar VM’s (Ex: 10 Redhat Linux 6.5 VM’s). So the VM’s memory pages will be same(Some part) as other VM since you have the same operating system installed on those. VMkernel will scan the host’s physical memory periodically and find the duplicate pages.It just removes the duplicate pages when the host system to run on low memory. The default page size will be 4k .Some of the new VM guests will use 2MB page size ,but you will get less duplicate pages since 2MB page is huge to match with other. But TPS will think more than us and it will break the 2MB page as 4k chunks and eliminates the duplicate.
Ballooning:
VMware Memory Ballooning is one of memory reclamation technique used by hypervisor, when ESXi host is running low on memory.
When the ESXi host memory state is High, None of the action will be taken by hypervisor expect Transparent page sharing.
Memory Ballooning will be active, if your ESXi host Memory state is soft.
Memory Ballooning is the memory reclamation technique used by hypervisor to reclaim the memory back from the virtual machine.
Ballooning will happen on the ESXi host which is running out of physical memory or its memory state is soft
In Virtualization, ESXi host doesn’t know what guest operating is performing and also Guest does not aware that it is running on virtual machine.
That's where balloon driver come into picture. There is balloon driver called vmmemctl.sys which is running on the virtual machine which is available as part of VMware Tools. When ESXi host running low on physical memory, It uses ballooning driver (vmmemctl.sys) to determine the how much memory from virtual machines can be get back to prevent the hypervisor swapping.
Before I explain about Memory ballooning in detail, I would like explain 3 Memory terminologies which you should understand to better understand the Memory ballooning.
1. Host Physical Memory : Memory which is visible to your ESXi host or in other terms available on the your physical server or system
[pic]
2. Guest Physical Memory : Memory which is visible to your Guest operating system running in the VM. Let’s say , you have created a VM called VM1 with 4 GB of memory. Guest OS will see 4 GB of memory, which is referred to as Guest Physical memory.
3. Guest Virtual Memory : Guest Virtual memory mostly visible to your applications running inside the Virtual machine. Guest Virtual Memory refers to a continuous virtual address space presented by the guest operating system to applications.
Memory Ballooning with Real- Time Example:
[pic]
1. You are running a virtual Machine called ” VM1″ and You are starting a application called SAP Application on that VM. SAP Application as an application will ask the windows guest operating system for memory. Windows will provide the memory to the application and map it from the Guest virtual memory -> guest physical memory
2. When the Guest Virtual Memory is mapped Guest Physical memory, Hypervisor sees the request for memory from guest and hypervisor maps guest physical memory -> Host physical memory. You are generating report on SAP application for around 2 hours and closed the application ,once you have done with it.
3. When you close the SAP Application, Guest operating system will mark the memory allocated to SAP Application as “free” and make it available for other applications running on the guest OS but your hypervsior will not aware aware about the “free memory list” of your guest OS, so it keeps the memory mapped in the host physical memory and which puts the memory load on the ESXi host.
4. So When ESXi host is running low on memory or ESXi host memory state is Soft, VMware Memory Ballooning comes into picture. Hypervisor will ask the balloon driver installed inside the virtual machine to “inflate” . Since, memory ballooning driver is running on the guest operating system, It will get the memory from the “free list”. Hypervisor will detect the memory reclaimed by the balloon driver and will free it up on the host physical memory layer and provides that physical memory to other virtual machines which is in need of memory instead of swapping it into disk. By default, Balloon driver (vmmemctl.sys) can reclaim upto a maximum of 65 % of guest physical memory. For example, You VM is allocated with 1000 MB of memory, It can be reclaimed upto 650 MB using this technique.
Analyzing Memory Ballooning Statistics:
.esxtop -> Press m
MEMCTLMB counter which shows us the overall ballooning activity (22110 MB).
[pic]
MCTL: indicates if the balloon driver is active “Y” or not “N”. If VMware tools is not installed or not running this value will show as “N”
MCTLSZ: the amount (in MB) of guest physical memory that is actually reclaimed by the balloon driver.
MCTLTGT: the amount (in MB) of guest physical memory that is going to be reclaimed (targeted memory). If this counter is greater than “MCTLSZ”, the balloon driver inflates causing more memory to be reclaimed. If “MCTLTGT” is less than “MCTLSZ”, then the balloon will deflate. This deflating process runs slowly unless the guest requests memory.
MCTLMAX: the maximum amount of guest physical memory that the balloon driver can reclaim. Default is 65% of assigned memory.
Resource Allocation Tab:
You can verify the Memory Ballooning stats of each individual VM from VM Resource Allocation Tab. This particular VM Ballooned value is 5.08 GB
[pic]
What is Ballooned ? How it works ?
Memory ballooning is one of the great memory reclaim method to overcome the memory over-commitment. All the VM’s may not use its full memory quota but application/DB require that amount of memory for that VM during the peak time. VMware ESXi can reclaim the un-used memory during the memory over-commitment with help of ballooning the driver. Ballooning driver will communicate with VM’s using vmware tools when the memory pressure is increased and reclaims the memory pages which are used in VM.
Hypervisor swapping
This is generally used as a last resort to reclaim memory. In this technique, the hypervisor creates a separate swap file for each virtual machine when it is powered on and swaps out guest physical memory thus freeing up host memory.
> What is swapped ? How it works ?
This is traditional swapping mechanism which works in ESXi level. When the ESXi is running out of physical memory, It will start move the VM’s low priority pages to the disks.(Inactive memory). When the VM requires these pages , ESXi will bring it back to memory for use.This swapping will impact the VM’s performance. So its better to use the Guest level swapping.
Memory compression:
> What is Compressed? How it works ?
ESXi provides the memory compression cache to boost the VM performance during the memory over-commitment. When the memory is over-committed, VMkernel will compress the VM’s low priority pages and stored in memory.
[pic]Memory Compression – Vmware
Compression provides better performance than swapping since the contents are retrieved from the memory where as swapping needs to be read from the disk.
Here instead of the pages being swapped out, they are compressed and stored in a cache on the main memory itself. These pages can be accessed again just by a decompression rather than through disk I/O in the case of page swapping which can significantly improve application performance when the host is under memory pressure. If a page cannot be compressed, it will be swapped out.
1.Transparent page sharing (TPS)
reclaims memory by removing redundant pages with identical content
2.Ballooning
reclaims memory by artificially increasing the memory pressure inside the guest
3.Hypervisor swapping
reclaims memory by having ESX directly swap out the virtual machine’s memory
4.Memory compression
reclaims memory by compressing the pages that need to be swapped
**** From here starting esxtop sections********
Using "vmdumper -l" command to get the VM UUID number.
esxcli vm process kill -w world-d -t soft.
This will kill the vm in soft mode.
How to install VisualEsxtop
esxtop:- esxtop can be used to gather information on CPU, Memory, Networking, and Storage.
When troubleshooting CPU performance for your virtual machines the following counters are the most important.
%USED, %RDY, %CSTP
%USED tells you how much time did the virtual machine spend executing CPU cycles on the physical CPU.
%RDY :- This one defines how much time your virtual machine wanted to execute CPU cycles but could not get access to the physical CPU
%CSTP tells you how much time a virtual machine is waiting for a virtual machine with multiple vCPU to catch up. If this number is higher than 3% you should consider lowering the amount of vCPU in your virtual machine.
|Counter |Reference |Symptom |Solution |
|%RDY |CPU ready time |A high number of >60% indicates that there is |See if you can reduce the vCPU count of your VM.|
| | |contention and VMs are in a queue awaiting an |Also check if the VM has the correct HAL |
| | |opportunity to use CPU. |(hardware abstraction layer) version to match |
| | | |the processor numbers. |
|%USED |Used processor |High percentages (>60%) for this means that a |Investigate whether you can resource-control |
| |resource |particular VM is consuming a lot of CPU. |other VMs in order to redirect resources back to|
| | | |the VM that is suffering. |
|%CSTP |Co scheduling |As with %RDY, a high percentage (>60%) shows that |Establish if your VMs with multiple vCPU are |
| |volume |vCPU is used far too heavily across the complete |actually multithread capable. If not, reduce |
| | |host. |thread capability to provide more available |
| | | |scheduler time to VMs that do support |
| | | |multithread apps. |
|%MLMTD | |If this is high (>60%), it indicates that limits are|Review why there’s a limit imposed. Is it |
| | |set for this particular VM. |because it was placed at deployment stage? Was |
| | | |it added to a resource pool or were limits |
| | | |applied to the VM by mistake? |
Memory
1 Memory
When troubleshooting memory performance this is the counters you want to focus on from a virtual machine perspective.
MCTL?, MCTLSZ, SWCUR, SWR/s, SWW/s
MCTL? This column is either YES or NO. If Yes it means that the balloon driver is installed. The Balloon driver is automatically installed with VMware tools and should be in every virtual machine. If it says No in this column then figure out why.
MCTLSZ The column show you how inflated the balloon is in the virtual machine. If it says 500MB it translates to the balloon driver inside the guest operating system has “stolen” 500MB from Windows/Linux etc. You would expect to see a value of 0 (zero) in this column
SWCUR tells you how much memory the virtual machine has in the .vswp file. If you see a number of 500MB here it means that 500MB is from the swap file. This does not necessarily equals to bad performance. To figure out if you virtual machine is suffering from hypervisor swapping you need to look at the next two counters. In a healthy environment you would want this value to på 0 (zero)
SWR/s This value tells you the Read activity to your swap file. If you see a number here, then your virtual machine is suffering from hypervisor swapping.
SWW/s This value tells you the Write activity to your swap file. You want to see the number 0 (zero) here. Every number above 0 is BAD.
|Counter |Explanation |
|SWCUR |This shows the amount of memory (in MB) this VM has swapped to disk in the past. |
|r/s & w/s |Read and write levels of swap shown in high amounts indicate large amounts of paging. If |
| |R/S is high, this could indicate that a large memory request was made by the application |
| |and it is still using swap memory. |
[pic]
“FDUPLX” ‘Y’ implies the corresponding link is operating at full duplex. ‘N’ implies it is not. This information is only valid for a physical NIC.
“UP” ‘Y’ implies the corresponding link is up. ‘N’ implies it is not. This information is only valid for a physical NIC.
“PKTTX/s” The number of packets transmitted per second.
“PKTRX/s” The number of packets received per second.
“MbTX/s” (Mbps) The MegaBits transmitted per second.
“MbRX/s” (Mbps) The MegaBits received per second.
DRPTX:- the number of packets dropped per second.
DRPRX:- the number of dropped packets received per second.
Storage (d:disk adapter u:disk device v:disk VM – vscsiStats )
Disk Adapters:
[pic]
CMDS/s – sum of commands per second with IOPS (Input/Output Operations Per Second). Here are also other SCSI commands like SCSI reservations, locks, vendor string requests, unit attention commands etc. All those are flowing to or are coming from the device or virtual machine which is monitored.
|KAVG/cmd | Average ESXi VMkernel latency per command, in milliseconds |
|DAVG/cmd | Average device latency per command, in milliseconds. |
|GAVG/cmd | Average virtual machine operating system latency per command, in milliseconds. |
|QAVG/cmd | Average queue latency per command, in milliseconds. |
| | |
|Metric | Threshold |What to Check |
|DAVG/cmd |>20 |Storage processor/array performance |
| | |for bottleneck. |
|KAVG/cmd |>1 |Kernel driver firmware and adapter |
| | |queue length. |
|GAVG/cmd |>20 |DAVG/KAVG metrics, and Guest OS |
| | |performance. |
| | | |
|Column | | |
|Explanation | | |
|Solution | | |
| | | |
|CMDS/s | | |
|Total IOPs between storage device and VM. | | |
|If this is low, look to the external storage array configuration. You can increase | | |
|the total amount of disk spindles present within the relevant storage for more I/O or| | |
|review RAID configurations to establish if it is appropriate for the workload. | | |
| | | |
|DAVG/cmd | | |
|Average response time in milliseconds for each command being sent to the storage | | |
|device | | |
|Look for any configuration issues on the external storage connectivity devices such | | |
|as the SAN switch. | | |
| | | |
What I found was that all affected VMs had massive latency towards the storage system for DAVG/cmd (see screendump 1) of about 700 ms (rule of thumb is that max latency should be about 20 ms). Another important counter is KAVG/cmd which is time commands spend in the VMkernel, the ESX host, (see screendump 3). So there was no latency in the ESX host and long latency towards the storage system.
GAVG/cmd = KAVG/cmd + DAVG/cmd
DAVG/cmd is the adapter device Driver Average Latency per Command. This is the round-trip in milliseconds from the HBA to the storage array and the return acknowledgement. Typically, most admins like to see around 20ms or less.
KAVG/cmd is the adapter device VMkernel Average Latency per Command. This is the average latency between when the HBA receives the data from the storage fabric and passes it along to the Guest OS, or vice versa—basically the round trip time in the kernel itself. So, it should be a very low value possible—zero or near-zero is ideal—in the kernel.
GAVG/cmd is the adapter device Guest OS Average Latency per Command. This is the round-trip in milliseconds from the Guest OS through the HBA to the storage array and back. This is why this number is a sum of DAVG/cmd + KAVG/cmd. If DAVG & KAVG are within normal thresholds, but GAVG/cmd is high, typically this indicates the VMs on that adapter or at least one of them is constrained by another resource, and needs more ESXi resources in order to process IOs more quickly.
If KAVG/cmd is greater than 1ms or so, check a couple of things.
1) Your device drivers are up-to-date and you are using compatible firmware versions, as this can slow down the kernel IO path;
2) Your adapter optimization settings, which will be provided by the vendor (some of which we will discuss in the next post).
Disk Device:
[pic]
|Metric |Threshold |What to Check |
|DQLEN |n/a |For reference; configured device queue length (prior to 5.0 LQLEN) |
|BLKSZ |n/a |For reference; configured device block size (for alignment issues) |
|RESETS/s |>0 |Check paths and device availability Check storage fabric/array for bottleneck. |
|ABRTS/sQUED |>0 |Check queue depth and storage fabric/array for bottleneck |
|RESV/s |>0-1 |Compare to CONS/s |
|CON/s |n/a |If >RESV/s, check for reservation conflicts with other ESXi hosts |
| |>RESV/s | |
DQLEN is the configured Device Queue Length. This is really a reference point to make sure you have configured your devices correctly.
BLKSZ is the configured Device Block Size. This is another reference point to ensure that you have the correct block size for the type of workload you are running.
RESETS/s is the number of Device SCSI Reset Commands per Second. A SCSI reset command is issued when the SCSI operation fails to reach the target, and in a SAN environment is usually indicative in a path down or multipathing issue—i.e., ESXi thinks a path is fine but in reality it is faulty. This is commonly seen on Cisco Nexus fabrics as CRC errors on a port, for example.
ABRTS/s is the number of Device SCSI Abort Commands per Second. A SCSI abort command is issued from the Guest OS when the command times out waiting for a response acknowledgement. In Windows 2008 and later, this is 60 seconds by default. Typically if you are encountering a large number of aborts, the storage fabric/array is causing a bottleneck and is the place to begin your investigation.
QUED is the current Device Commands Queued in the VMkernel. As I explained previously, this number should be at zero or near zero, otherwise it is indicating that something in the kernel is throttling the IO throughput between the Guest OS and the HBA/storage fabric/array. Check firmware versions for correct revisions and other performance tuning options within ESXi, especially vendor recommendations.
RESV/s is the Device SCSI Reservations per Second. SCSI reservations are commonplace; that’s how SCSI commands work. This value is only important as it relates to CONS/s.
CONS/s is the Device SCSI Reservation Conflicts per Second. If this value is greater than RESV/s, then it is indicative that some other ESXi hosts are holding reservations on this particular path that are conflicting with reservations currently held by this particular host. A very high value could be felt as a performance sluggishness in the storage subsystem due to the kernel constantly requesting SCSI locks and being denied, and consequently, retrying.
Virtual Machine Disk
[pic]
Determine use cases for and apply esxtop/resxtop Interactive, Batch and Replay modes
Use cases:
Troubleshooting poor performance for specific VM , or identify issues with storage , network or Memory.
Interactive mode (the default mode): – All statistics are displayed are in real time
[pic]
Batch mode: – Statistics can be collected so that the output can be saved in a file (csv) and can be viewed & analyzed using windows perfmon & other tools in later time.
~ # esxtop -b -d 20 -n 2 -a > /tmp/20secsnds2intrpts.csv
This will run for 20 seconds for 2 iterations and output as csv
[pic]
Replay mode: – It is similar to record and replay operation. Data that was collected by the vm-support command is interpreted and played back as esxtop statistics. We can view the captured performance information for a particular duration or time period as like real time to view what was happening during that time. It is perfectly used for the VMware support person to replay the stats to understand what was happening to the server during that time.
First let us see the vm-support switches:
[pic]
So I run it with p to collect the performance data and d during a period of 100 seconds , then over 2 seconds intervals
/vmfs/volumes/4aaa440f-1a187eb4-6f5e-0000c985147e/LoGs # vm-support -p -d 100 -i 2 -w /vmfs/volumes/4aaa440f-1a187eb4-6f5e-0000c985147e/LoGs
[pic]
Then reconstruct the data:
/vmfs/volumes/4aaa440f-1a187eb4-6f5e-0000c985147e/LoGs # cd esx--2015-04-21–04.56/
./reconstruct.sh
[pic]
A high USED time indicates that the guest is using a lot of CPU. If the used time is close to 100% it may indicate the VM is CPU bound.
A high RDY time can be an indicator that a VM isn’t getting sufficient CPU resources, further investigation of the MLMTD statistic can differentiate between a CPU reservation that is artificially limiting the resources and a system that is overloaded.
A high SWPWT time indicates that the VM is having to spend long periods of time having its memory swapped. This can indicate that the memory reservation is too low or the host is over subscribed.
When looking at a specific VM it can be helpful to limit the output to just the worlds of the VM. This can be done using “l” and “e”:
[pic]
is view shows only the worlds associated with the VM humpty. It’s a useful way to examine the WAIT vs VMWAIT percentages. VMWAIT only applies to the vcpu worlds of a VM. The big difference between WAIT and VMWAIT is that VMWAIT does not include IDLE time. This provides an indication of the percentage of time that the VM is blocked
waiting for the hyper-visor to do work.
Memory details:
To see memory details press “m”:
[pic]
The memory view of esxtop allows you to see the total amount of physical memory allocated to each virtual machine. MEMSZ shows the amount of memory the VM has configured, while GRANT shows amount of physical memory currently mapped to the VM.
A few things to look for:
SWCUR shows the total amount of memory currently swapped out for the VM, and SWTGT shows the target amount of memory the hyper-visor is trying to swap. High values here indicate that the VM is swapping, which can lead to degraded performance.
SWR/s, SWW/s LLSWR/s, LLSWW/s will give a breakdown of reads and writes of memory to disk and SSD respectively.
Network details:
To see network details press “n”:
[pic]
This screen is useful for determining the network throughput for virtual switches, VMkernel NICs, and VMs. It is a useful tool for determining if the networking infrastructure is overloaded. A few things to look for:
A high DRPTX indicates packets are being dropped on transmit. Packets may be dropped on transmit due to congestion, queue depth, etc.
A high DRPRX indicates packets being dropped on receive. This may indicate a problem where the guest doesn’t have enough CPU to process the incoming networking traffic, the ring for the virtual adapter is too small, or the VMkernel NIC is over subscribed.
Disk device details:
To see disk device details press “u”:
[pic]
This view shows the utilization of the physical host’s disk devices and NFS shares. The following statistics are useful:
QUED/USED/LOAD can show if a device is overloaded.
DAVG/cmd KAVG/cmd GAVG/cmd QAVG/cmd are useful statistics to see average latency at various levels (DAVG == device, KAVG == as viewed by the ESX kernel, GAVG == sum of DAVG + KAVG, QAVG == time spent in queues in the storage stack). This can help to indiate if there is a bottleneck at a particular layer.
Storage adapter details:
To see storage adapter details press “d”:
[pic]
This view is very similar to the device view. It can be useful to determine if there is a bottleneck on an adapter as opposed to a specific device.
Virtual disk details:
To see virtual disk details press “v”:
[pic]
This view shows the performance of the virtual disks of a VM. You can unroll a specific VM using “e” to see each disk individually, which allows you to see the read/write latency per virtual disk. Comparing the latency of the virtual disk to the physical device can help narrow down bottlenecks.
Virtual machine latency statistics
The latency statistics displayed inside the virtual machine display are not displayed using the same column headers as the previous two views. Instead, they are displayed as LAT/rd and LAT/wr. These counters are measured in milliseconds and represent the amount of time it takes to issue an I/O request from the virtual machine. This is a great view that can be used to determine a couple of things. One, is it just one virtual machine that is experiencing latency? And two, is the latency observed on mostly reads or writes?
[pic]
What to monitor/troubleshoot?
• Per LUN
• Per VM
• per Disk (HBA mode)
Let’s monitor a LUN with ESXTOP
1. Start ESXTOP and press U to switch to disk view (LUN mode).
[pic]
2. Press F (Field Order) to modify fields which you want to display. Then hit Enter to validate.
[pic]
3. Press S and then 3 (or other smaller/bigger value) to set the auto-update time to every 3 seconds…. In order to view the whole device name (the complete naa identifier) you’ll have to enlarge the column pres Shift + L and enter “32”. (or other larger number).
[pic]
Let’s try to monitor Disk View (hba mode).
1. Start ESXTOP utility and press D to switch to Disk view (hba mode). In order to view the whole device name (the complete naa identifier) you’ll have to enlarge the column pres Shift + L and enter “32”. (or other larger number).
[pic]
2. From here you can hit F (Field Order) to modify fields which you want to display. (You can see small star diplayed next to each visible field….). When OK, you can hit Enter.
[pic]
3. Press S and then 3 to set the auto-update time for 3 sec. (you can enter smaller/bigger value as you wish).
[pic]
Monitor VM performance (Per VM)
1. Start ESXTOP and press V to switch to disk view.
[pic]
2. Again, Press F (Field Order) to modify fields which you want to display. Then hit Enter to validate.
3. And again, press S and then 3 (or other smaller/bigger value) to set the auto-update time to every 3 seconds…. In order to view the whole device name (the complete naa identifier) you’ll have to enlarge the column pres Shift + L and enter “32”. (or other larger number).
[pic]
HA
components of HA:-
▪ Vcenter server
▪ hostd and vpxa
▪ FDM agent
Vcenter server:- Vcenter server responsible for
▪ Deploying and configuration of HA agent
▪ Protection of VM's
▪ Communicate cluster configuration changes to the master host.
Function of FDM Agent:-
• FDM support master and slave architecture
• FDM support IP V6
• FDM Addresses the issue of Network partitioning and Network isolations.
• FDM uses management network storage device for communications.
Master and Slave:-
When you add a host to a vSphere HA cluster, an agent is uploaded to the host and configured to communicate with other agents in the cluster. Each host in the cluster functions as a master host or a slave host..
When vSphere HA is enabled for a cluster, all active hosts (those not in standby or maintenance mode, or not disconnected) participate in an election to choose the cluster's master host. The host that mounts the greatest number of datastores has an advantage in the election. Only one master host exists per cluster and all other hosts are slave hosts. If the master host fails, is shut down, or is removed from the cluster a new election is held.
Master host is elected in the below situations:-
Fail
Disconnect from VC.
Isolated or partitioned network.
If the master is in maintenance mode or standby mode.
If HA is reconfigured in cluster.
The master host election take about 15 seconds using UDP port.
Master responsible for following tasks.
• Monitor the slave hosts, will restart the VM in the event of slave host failure.
• Monitor the VM power state that are protected by HA, if the protected VM fails HA will restart VM.
• Master manages the list of protected VM's in the cluster update the liust each time when user initiate power on or power off operations.
• Vcenter inform and notify about cluster configuration changes in cluster to master host.
• Master send heartbeat to slave hosts so that slave hosts know that master is alive.
• Master host is isolated or partitioned from the network master inform the Vcenter that slave hosts are not reachable.
Master responsible for following tasks.
• Slave use to monitor the VM power state.
• slave hosts monitor the master health status, if master fails then slave hosts participate in election process for new master host.
Election process:-
The host that is participating in the election process having the greater number of datastores connected. and that will be elected as master but if in some case if more than one hosts having the equal number of datastores connected then one host which having greatest Manage object ID(MOID) will be selected as master host.
Protected list file
Master uses the protected list file to store the inventory. It use to store list of all protected VM's and also stores the CPU reservation information's. The master distributed protected list file to all the datastores.
What happen if the master host failed or isolated from the network?
If the master fails the lock on protected list file will expire and new master use to relock the protected list file .
What happen if the slave host failed or isolated from the network?
Master host use to determine which VM need to restart.
files for both master and slave:-
Remote file:- It is stored in the shared datastores not locally. Remote files are powered on files that are stored in each hosts. Powered on files are not only used for tracking the powered on state for VM's but also for informing the master that slave host is isolated from the network.
Local files:- when HA is configured for the host host will store the specific information about the cluster locally.
✓ Cluster config
✓ Compact list
✓ .cfg
✓ Host list
✓ VM metadata
Heart beating:- Datastores heart beating enable master to determine whether slave host is isolated from the network.
Isolated and Partitioned networks:-
ISOLATED NETWORK:- when one or more hosts have lost all the management network connectivity is called isolated hosts. Isolated hosts neither can communicate with master hosts nor can communicate with slave hosts. slave hosts use the datastores heart beating to notify the master that it is isolated. Slave hosts use the specific binary file host-x powered on file to notify the master.
PARTITIONED NETWORK:- When one or more slaves cannot communicate with master across management network even though they have still connectivity with other slaves. In this case HA uses the datastores heart beating to determine whether the slave hosts are alive or master host need to take appropriate action to protect the VM's running on the slave hosts.
Hostd and vpxa:- hostd is the most crucial componenr of esxi. vpxa is the management agent for vcenter server. fdm relies on hostd agent and use to get list of all VM's which are registered in the esxi hosts.
FDM agent:- Fault domain manager is used to check hosts availability and protected VM in HA cluster. In case of host failure fdm used to restart vm in alternate hosts.
Function of FDM:-
I. FDM is used to support master and slave architecture
II. It support IPV6
III. FDM addresses the issue of network partitioning and network isolations
IV. FDM uses both management network and storage devices for communications.
What is VMware HA:
VMware High Availability (HA) provides a simple and cost effective clustering solution to increase uptime for virtual machines. HA uses a heartbeat mechanism to detect a host or virtual machine failure. In the event of a host failure, affected virtual machines are automatically restarted on other production hosts within the cluster with spare capacity. In the case of a failure caused by the Guest OS, HA restarts the failed virtual machine on the same host. This feature is called VM Monitoring, but sometimes also referred to as VM HA.
How Does VMware HA Work?
VMware HA continuously monitors all virtualized servers in a resource pool and detects physical server and operating system failures. To monitor physical servers, an agent on each server maintains a heartbeat with the other servers in the resource pool such that a loss of heartbeat automatically initiates the restart of all affected virtual machines on other servers in the resource pool.
[pic]
VMware HA leverages shared storage and, for FibreChannel and iSCSI SAN storage, the VMware vStorage Virtual Machine File System (VMFS) to enable the other servers in the resource pool to safely access the virtual machine for failover. When used with VMware Distributed Resource Scheduler (DRS), VMware HA automates the optimal placement of virtual machines on other servers in the resource pool after server failure.
[pic]
To monitor operating system failures, VMware HA monitors heartbeat information provided by the VMware Tools package installed in each virtual machine in the VMware HA cluster. Failures are detected when no heartbeat is received from a given virtual machine within a user-specified time interval.
VMware HA ensures that sufficient resources are available in the resource pool at all times to be able to restart virtual machines on different physical servers in the event of server failure. VMware HA is easily configured for a resource pool through VMware vCenter™ Server.
How is VMware HA Used?
Ensuring the availability of virtual machines within an environment is of paramount concern to administrators. VMware HA alleviates these concerns by providing protection from failures within the following three key layers:
• The infrastructure layer
At this layer, VMware HA monitors the health of the virtual machine and will attempt to restart the virtual machine when a failure, such as the loss of a physical host, occurs. This protection is independent of the OS used within the virtual machine.
• The OS layer
Through the use of VMware Tools installed within the OS, VMware HA can monitor the OS for proper operation. This protects against such failures as an unresponsive OS.
• The application layer
With some customization or with a third-party tool, an administrator can also monitor the application running within the OS for proper operation. In the event of a failure of the application, HA can be triggered to restart the virtual machine hosting the application.
In this section, you will learn how to enable, configure, and test the operation of HA to provide basic high availability services for your virtual machines at the infrastructure layer.
Prerequisites
Before continuing, it is important that the environment be configured properly with the the following:
o Ensure that you have a working management network with all hosts in the environment.
o Verify that all of the virtual machines are online.
o Have at least one virtual machine running on each host.
o Validate that you have access to VMware vCenter™ utilizing the vSphere Client.
o Shared Storage for VMs – NFS, SAN, iSCSI
datastore, you will display a list of all the hosts that are using the selected datastore as a heartbeat datastore.
Click OK to exit the cluster status screen.
Step 5 – Configuring VMware HA Advanced Options
VMware HA provides a user with the ability to change various options based on their individual needs. This
section provides an overview of the most commonly used options.
Select cluster and click edit settings:
[pic]
This brings up the wizard that allows you to edit the cluster settings. Once VMware HA is enabled, additional
settings are displayed allowing for the configuration of VMware HA.
1. vSphere HA tab
[pic]
In the cluster settings dialog box, select vSphere HA from the navigation tree on the left. This allows you to edit
the Host Monitoring Status and Admission Control attributes.
Host Monitoring
Host monitoring enables VMware HA to take action if a host fails to send heartbeats over the management network. During maintenance operations on the management network, it is possible that the hosts will not be able to send heartbeats. When this occurs, you should unselect this option to prevent VMware HA from believing
the hosts are isolated.
Admission Control:
Admission control is used to ensure that adequate resources within the cluster are available to facilitate failover if
needed. It also serves to ensure that the virtual machine reservations are respected. Three options are available to specify the desired admission control policy. These include the following:
• Host failures
This option attempts to reserve enough capacity within the cluster to provide for the failure of any host within
the cluster.
• Percentage
As with the host failures option, this also attempts to reserve enough capacity within the cluster. However, this
option allows you to specify a percentage of CPU and memory that you want reserved.
• Failover hosts
Alternately, you can specify particular hosts within the cluster that will be used as a preferred target host to start any virtual machines that were protected on a failed host. In the event of a failure, vSphere HA will first attempt to restart the protected VMs on these hosts before trying others. Additionally, vSphere HA prevents VMs from being moved to these hosts, or powered on by the user or vSphere Distributed Resource Scheduler (DRS) on these hosts.
[pic]
2. Virtual Machine Options tab:
Select Virtual Machine Options from the left-hand navigation pane. Here, you can define the behavior of virtual machines for VMware HA. The two settings you can edit are the VM restart priority and the Host Isolation response.
The VM restart priority enables you to specify the order that virtual machines will be started in the event of a failure. In cases where there might not be enough resources available within the cluster to accommodate the restart of a series of virtual machines, this setting allows a level of prioritization, allowing the most important virtual machines to be restarted first. Notice that this can be set on a per–virtual machine basis as well.
[pic]
Host Isolation Response specifies the behavior that HA will take in the event that a host is determined to be isolated. Host isolation occurs when a host loses the ability to communicate through the management network to the other hosts within the environment and is unable to ping its configured isolation addresses—this is the default gateway. In this event, the host is still functioning, although it is not able to communicate. The default setting for this is Leave powered on.
[pic]
3. Virtual Machine Monitoring tab:
Selecting VM Monitoring from the left-hand navigation pane enables you to change settings related to the monitoring of the OS or application running within a virtual machine. In order to use this feature, you must have VMware Tools installed within the virtual machine.
[pic]
By selecting the Custom option, you can exert a fine level of control over the various parameters involved. You can specify these settings on a per–virtual machine basis:
[pic]
4. Database heartbeating tab:
Storage heartbeats provide a secondary communication path in the event of a failure of the management network. This is advantageous, because it provides another level of redundancy and allows for the determination of failure between a network and a host failure. By default, two datastores will be chosen based on the connectivity they have to other hosts and the type of storage. This attempts to provide protection against array failures and allows for the highest number of hosts to utilize the heartbeat datastore. The datastores utilized can be manually specified if desired.
[pic]
Step 6 – How VM will be migrated in case a host failure:
The most common failure case involves the failure of a physical host. This can be for a variety of reasons, such as a loss of power to the host or a motherboard failure.
When this event occurs, VMware HA will identify the failure of the host and will attempt to restart the protected virtual machines on a functional host.
First, use the vSphere Client to examine the virtual machines hosted within the cluster. In this example, we are going to cause the system tm-pod1-esx01.tmsb.local to fail. You need to check the virtual machines in your environment and ensure that at least one is online on the host that you are going to fail.
[pic]
Next, remove the power from one of your hosts. By looking at the hosts within the cluster, you will see that VMware HA will detect the failure of the host and generate an alert.
[pic]
By examining the events, you will see messages similar to the ones demonstrated in the preceding figure validating that VMware HA has detected the failure.
[pic]
After a failure of a host has been detected, HA will attempt to restart the virtual machines that were running on the failed host on other available hosts within the cluster. Go back to the virtual machine view of your cluster and notice that the virtual machines that were previously on the failed host are now online on other hosts.
[pic]
You can also examine the events for a host to see the log messages denoting that VMware HA has attempted to
restart the virtual machine.
[pic]
By selecting the Summary tab for the failed host, you will notice that the issue is displayed in multiple places. The first is located at the top of the screen and second location is the vSphere HA State. At this point, you will reapply power to the failed host and allow it to boot. Once it completes this process, you will see that it rejoins the cluster and continues to function as before.
[pic]
Summary –
VMware High Availability (HA) provides easy-to-use, costeffective high availability for applications running in virtual machines. In the event of physical server failure, affected virtual machines are automatically restarted on other production servers with spare capacity. In the case of operating system failure, VMware HA restarts the affected virtual machine on the same physical server. The combination of VMware HA and the other availability features of the VMware vSphere™ platform provides organizations the ability to select and easily deliver the level of availability required for all of their important applications
FDM. This agent is responsible for monitoring host availability and the power state of protected VMs, with the mission of restarting protected VMs when a host or VM fails.
What is VMware HA?
As per VMware Definition,
VMware® High Availability (HA) provides easy to use, cost effective high availability for applications running in virtual machines. In the event of server failure, affected virtual machines are automatically restarted on other production servers with spare capacity
What is AAM in HA?
AAM is the Legato automated availability management. Prior to vSphere 4.1, VMware's HA is actually re engineered to work with VM's with the help of Legato's Automated Availability Manager (AAM) software. VMware's vCenter agent (vpxa) interfaces with the VMware HA agent which acts as an intermediary to the AAM software. From vSphere 5.0, it uses an agent called “FDM” (Fault Domain Manager).
What are pre-requites for HA to work?
1.Shared storage for the VMs running in HA cluster
2.Essentials plus, standard, Advanced, Enterprise and Enterprise Plus Licensing
3.Create VMHA enabled Cluster
4.Management network redundancy to avoid frequent isolation response in case of temporary network issues (preferred not a requirement)
What is maximum number of primary HA hosts in vSphere 4.1?
Maximum number of primary HA host is 5. VMware HA cluster chooses the first 5 hosts that joins the cluster as primary nodes and all others hosts are automatically selected as secondary nodes.
How to see the list of Primary nodes in HA cluster?
View the log file named "aam_config_util_listnodes.log" under /var/log/vmware/aam using the below command
cat /var/log/vmware/aam/aam_config_util_listnodes.log
[pic]
What is the command to restart /Start/Stop HA agent in the ESX host?
service vmware-aam restart
service vmware-aam stop
service vmware-aam start
Where to located HA related logs in case of troubleshooting?
/Var/log/vmware/aam
What the basic troubleshooting steps in case of HA agent install failed on hosts in HA cluster?
Below steps are are taken from my blog posts Troubleshooting HA
1. Check for some network issues
2. Check the DNS is configured properly
3. Check the vmware HA agent status in ESX host by using below commands
service vmware-aam status
4. Check the networks are properly configured and named exactly as other hosts in the cluster. otherwise, you will get the below errors while installing or reconfiguring HA agent.
5. Check HA related ports are open in firewall to allow for the communication
Incoming port: TCP/UDP 8042-8045
Outgoing port: TCP/UDP 2050-2250
6. First try to restart /stop/start the vmware HA agent on the affected host using the below commands. In addition u can also try to restart vpxa and management agent in the Host.
service vmware-aam restart
service vmware-aam stop
service vmware-aam start
7. Right Click the affected host and click on "Reconfigure for VMWare HA" to re-install the HA agent that particular host.
8. Remove the affected host from the cluster. Removing ESX host from the cluster will not be allowed untill that host is put into maintenance mode.
9.Alternative solution for 3 step is, Goto cluster settings and uncheck the vmware HA in to turnoff the HA in that cluster and re-enable the vmware HA to get the agent installed.
10. For further troubleshooting , review the HA logs under /Var/log/vmware/aam directory.
What is the maximum number of hosts per HA cluster?
Maximum number of hosts in the HA cluster is 32
What is Host Isolation?
VMware HA has a mechanism to detect a host is isolated from rest of hosts in the cluster. When the ESX host loses its ability to exchange heartbeat via management network between the other hosts in the HA cluster, that ESX host will be considered as a Isolated.
How Host Isolation is detected?
In HA cluster, ESX hosts uses heartbeats to communicate among other hosts in the cluster.By default, Heartbeat will be sent every 1 second.
If a ESX host in the cluster didn't received heartbeat for for 13 seconds from any other hosts in the cluster, The host considered it as isolated and host will ping the configured isolation address(default gateway by default). If the ping fails, VMware HA will execute the Host isolation response
What are the different types isolation response available in HA?
[pic]
Power off – All the VMs are powered off , when the HA detects that the network isolation occurs
Shut down – All VMs running on that host are shut down with the help of VMware Tools, when the HA detects that the network isolation occurs.If the shutdown via VMWare tools not happened within 5 minutes, VM's power off operation will be executed. This behavior can be changed with the help of HA advanced options. Please refer my Post on HA Advanced configuration
Leave powered on – The VM's state remain powered on or remain unchanged, when the HA detects that the network isolation occurs.
How to add additional isolation address for redundancy?
By default, VMWare HA use to ping default gateway as the isolation address if it stops receiving heartbeat.We can add an additional values in case if we are using redundant service console both belongs to different subnet.Let's say we can add the default gateway of SC1 as first value and gateway of SC2 as the additional one using the below value
1. Right Click your HA cluster
2. Goto to advanced options of HA
3. Add the line "das.isolationaddress1 = 192.168.0.1"
4. Add the line "das.isolationaddress2 = 192.168.1.1" as the additional isolation address
To know more about the Advanced HA Options
What is HA Admission control?
As per "VMware Availability Guide",
VCenter Server uses admission control to ensure that sufficient resources are available in a cluster to provide failover protection and to ensure that virtual machine resource reservations are respected.
What are the 2 types of settings available for admission control?
[pic]
Enable: Do not power on VMs that violate availability constraints
Disable: Power on VMs that violate availability constraints
What are the different types of Admission control policy available with VMware HA?
There are 3 different types of Admission control policy available.
[pic]
Host failures cluster tolerates
Percentage of cluster resources reserved as fail over spare capacity
Specify a fail over host
How the Host Failures cluster tolerates admission control policy works?
[pic]
Select the maximum number of host failures that you can afford for or to guarantee fail over. Prior vSphere 4.1, Minimum is 1 and the maximum is 4.
In the Host Failures cluster tolerates admission control policy , we can define the specific number of hosts that can fail in the cluster and also it ensures that the sufficient resources remain to fail over all the virtual machines from that failed hosts to the other hosts in cluster. VMware High Availability(HA) uses a mechanism called slots to calculate both the available and required resources in the cluster for a failing over virtual machines from a failed host to other hosts in the cluster.
What is SLOT?
As per VMWare's Definition,
"A slot is a logical representation of the memory and CPU resources that satisfy the requirements for any powered-on virtual machine in the cluster."
If you have configured reservations at VM level, It influence the HA slot calculation. Highest memory reservation and highest CPU reservation of the VM in your cluster determines the slot size for the cluster.
How the HA Slots are Calculated?
I have written a post about how the HA slots are calculated.
How to Check the HA Slot information from vSphere Client?
Click on Cluster Summary Tab and Click on "Advanced Runtime Info" to see the the detailed HA slots information.
[pic]
What is use of Host Monitoring status in HA cluster?
[pic]
Let's take an example, you are performing network maintenance activity on your switches which connects your one of th ESX host in HA cluster.
what will happen if the switch connected to the ESX host in HA cluster is down?
It will not receive heartbeat and also ping to the isolation address also failed. so, host will think itself as isolated and HA will initiate the reboot of virtual machines on the host to other hosts in the cluster. Why do you need this unwanted situation while performing scheduled maintenance window.
To avoid the above situation when performing scheduled activity which may cause ESX host to isolate, remove the check box in " Enable Host Monitoring" until you are done with the network maintenance activity.
How to Manually define the HA Slot size?
By default, HA slot size is determined by the Virtual machine Highest CPU and memory reservation. If no reservation is specified at the VM level, default slot size of 256 MHZ for CPU and 0 MB + memory overhead for RAM will be taken as slot size. We can control the HA slot size manually by using the following values.
There are 4 options we can configure at HA advanced options related to slot size
das.slotMemInMB - Maximum Bound value for HA memory slot size
das.slotCpuInMHz - Maximum Bound value for HA CPU slot Size
das.vmMemoryMinMB - Minimum Bound value for HA memory slot size
das.vmCpuMinMHz - Minimum Bound value for HA CPU slot size
For More HA related Advanced options, Please refer my blog post
How the "Percentage of cluster resources reserved as failover spare capacity" admission control policy works?
[pic]
In the Percentage of cluster resources reserved as failover spare capacity admission control policy, We can define the specific percentage of total cluster resources are reserved for failover.In contrast to the "Host Failures cluster tolerates admission control policy", It will not use slots. Instead This policy calculates the in the way below
1.It calculates the Total resource requirement for all Powered-on Virtual Machines in the cluster and also calculates the total resource available in host for virtual machines.
2.It calculates the current CPU and Memory Failover capacity for the capacity.
3.If the current CPU and Memory Failover capacity for the cluster < configured failover capacity (ex 25 %)
4.Admission control will not allow to power on the virtual machine which violates the availability constraints.
How the "Specify a failover host" admission control policy works?
[pic]
In the Specify a failover host" admission control policy, We can define a specific host as a dedicated failover host. When isolation response is detected, HA attempts to restart the virtual machines on the specified failover host.In this Approach, dedicated failover hist will be sitting idle without actively involving or not participating in DRS load balancing.DRS will not migrate or power on placement of virtual machines on the defined failover host.
What is VM Monitoring status?
HA will usually monitors ESX hosts and reboot the virtual machine in the failed hosts in the other host in the cluster in case of host isolation but i need the HA to monitors for Virtual machine failures also. here the feature called VM monitoring status as part of HA settings.VM monitoring restarts the virtual machine if the vmware tools heartbeat didn't received with the specified time using Monitoring sensitivity.
[pic]
4 Troubleshooting VMWare HA -Cannot complete the HA Configuration
What the basic troubleshooting steps in case of HA agent install failed on hosts in HA cluster?
If you are facing any issues related to hosts in the HA cluster , I would recommend to follow the below basic 10 troubleshooting steps. Most of the time, This will resolve the issues.
Error message will be similar to the below one
[pic]
1. Check your environment, if any temporary network problem exists
2. Check the DNS is configured properly
3. Check the vmware HA agent status in ESX host by using below commands
service vmware-aam status
4. Check the ESX networks are properly configured and named exactly as other hosts in the cluster. otherwise, you will get the below errors while installing or reconfiguring HA agent.
[pic]
5. Check HA related ports are open in firewall to allow for the communication
Incoming port: TCP/UDP 8042-8045
Outgoing port: TCP/UDP 2050-2250
6. Try to restart /stop/start the vmware HA agent on the affected host using the below commands.
In addition, u can also try to restart vpxa and management agent in the Host.
service vmware-aam restart
service vmware-aam stop
service vmware-aam start
7. Right Click the affected host and click on "Reconfigure for VMWare HA" to re-install the HA agent that particular host.
[pic]
8. Remove the affected host from the cluster. Removing ESX host from the cluster will not be allowed untill that host is put into maintenance mode.
9.Alternative solution for 8 step is, Goto cluster settings and uncheck the vmware HA to turnoff the HA in that cluster and re-enable the vmware HA to get the agent installed from the scratch.
10. For further troubleshooting , review the HA logs under /Var/log/vmware/aam directory.
HA(HIGH AVAILABILITY)
❖ It is a Failover mechanism of a cluster.
❖ HA Require downtime.
❖ Provide high availability across your entire virtualized IT environment without the cost or complexity of traditional clustering solutions.
❖ VMware HA provides high availability for virtual machines by pooling them and the hosts they reside on into a cluster. Hosts in the cluster are monitored and in the event of a failure, the virtual machines on a failed host are restarted on alternate hosts.
❖ VMware HA delivers the availability needed by many applications running in virtual machines, independent of the operating system and application running in it.
❖ VMware HA provides uniform, cost-effective failover protection against hardware and operating system failures within your virtualized IT environment.
❖ Monitors virtual machines to detect operating system and hardware failures.
❖ Protects applications from operating system failures by automatically restarting virtual machines when an operating system failure is detected.
❖ Continuously monitors all hosts in a cluster and restarts virtual machines affected by a host failure on other hosts
❖ Can also monitor guest OS's for a failure via a heartbeat and restart them on the same host in case of a failure
❖ Continuously monitors and chooses the optimal physical servers within a resource pool on which to restart virtual machines
HOW HA(HIGH AVAILABILITY) WORK.?
[pic]
VMware HA continuously monitors all servers in a resource pool and detects server failures. An agent placed on each server maintains a “heartbeat” with the other servers in the resource pool and a loss of “heartbeat” initiates the restart process of all affected virtual machines on other servers. VMware HA ensures that sufficient resources are available in the resource pool at all times to be able to restart virtual machines on different physical servers in the event of server failure. Restart of virtual machines is made possible by the Virtual Machine File System (VMFS) clustered file system which gives multiple ESX Server instances read-write access to the same virtual machine files, concurrently. VMware HA is easily configured for a resource pool through Virtual Center
KEY FEATURE OF HA
➢ • Automatic detection of server failures:- . Automate the monitoring of physical server availability. HA detects server failures and initiates the virtual machine restart without any human intervention.
➢ • Resource checks:- . Ensure that capacity is always available in order to restart all virtual machines affected by server failure. HA continuously monitors capacity utilization and “reserves” spare
capacity to be able to restart virtual machines.
➢ • Automatic restart of virtual machines:- Protect any application with automatic restart in a different physical server in the resource pool.
➢ • Intelligent choice of servers:- (when used with VMware Distributed Resource Scheduler (DRS)). Automate the optimal placement of virtual machines restarted after server failure.
The VMware HA Solution: With VMware HA, a set of ESX Server hosts is combined into a cluster with a shared pool of resources. VMware HA monitors all hosts in the cluster. If one of the hosts fails, VMware HA immediately responds by restarting each affected virtual machine on a different host.
HA has a number of advantages: Using a cluster enabled for VMware HA provides the following features:
• Automatic failover is provided on ESX Server host hardware failure for all running virtual machines within the bounds of failover capacity.
VMware HA provides automatic detection of server failures and initiates the virtual machine restart without any human intervention.
• VMware HA can take advantage of DRS to provide for dynamic and intelligent resource allocation and optimization of virtual machines after failover. After a host has failed and virtual machines have been restarted on other hosts, DRS can provide further migration recommendations or migrate virtual machines for more optimum host placement andbalanced resource allocation.
• VMware HA supports easy-to-use configuration and monitoring using VirtualCenter. HA ensures that capacity is always available (within the limits of specified failover capacity) in order to restart all virtual machines affected by server failure (based on resource reservations configured for the virtual machines.)
• HA continuously monitors capacity utilization and "reserves" spare capacity to be able to restart virtual machines. Virtual Machines can fully utilize spare failover capacity when there hasn't been a failure
CONDITION FOR HA
➢ All the host in a HA enable Cluster should have a common storage.
➢ We should have Vcenter with appropriate licensing.
➢ There should be proper communication between host and cluster.
➢ Host name resolution should be proper.
➢ We should have sufficient resources in a destination server.
PROBLEMS IN HA
➢ Insufficient Resources.
➢ DNS Naming resolution.
➢ VM in a local drive.
➢ Communication should be proper.
BACKGROUND PROCESS IN HA
[pic]
HA continuously monitors all servers in a resource pool and detects server failures. An agent placed on each server maintains a “heartbeat” with the other servers in the resource pool and a loss of “heartbeat” initiates the restart process of all affected virtual machines on other servers. VMware HA ensures that sufficient resources are available in the resource pool at all times to be able to restart virtual machines on different physical servers in the event of server failure. Restart of virtual machines is made possible by the Virtual Machine File System (VMFS) clustered file system which gives multiple ESX Server instances read-write access to the same virtual machine files, concurrently. VMware HA is easily configured for a resource pool through VirtualCenter.
DRS(Distributed Resource Scheduler)
➢ It is a load Balancing Feature.
➢ Align Resources to Meet Business Needs.
➢ DRS doesn’t require any downtime
➢ VMware DRS continuously monitors utilization across resource pools and intelligently aligns resources with business needs.
➢ • Dynamically allocate IT resources to the highest priority applications. Create rules and policies to prioritize how resources are allocated to virtual machines.
➢ • Give IT autonomy to business organizations. Provide dedicated IT infrastructure to business units while still achieving higher hardware utilization through resource pooling.
➢ • Empower business units to build and manage virtual machines within their resource pool while giving central IT control over hardware resources.
➢ DRS enables your virtual environment to automatically balance itself across your host servers in an effort to eliminate resource contention. It utilizes the VMotion feature to provide automated resource optimization and automatic migration of virtual machines across hosts in a cluster.
[pic]
[pic]
BACKGROUND PROCESS IN DRS
➢ In a given cluster if an ESX host is not having enough resources to satisfy the virtual machine at that time DRS move the virtual machine from that ESX server to resource available ESX server by using VMotion Technology.
➢ DRS doesn’t require any downtime.
➢ Balance Your Computing Capacity
VMware DRS continuously balances computing capacity in resource pools to deliver the performance, scalability and availability not possible with physical infrastructure. VMware DRS allows us to:
• Improve service levels for all applications. VMware DRS continuously balance capacity will ensure that each virtual machine has access to appropriate resources at any point in time.
• Easily deploy new capacity. VMware DRS will seamlessly take advantage of the additional capacity of new servers added to a resource pool by redistributing virtual machines without system disruption.
• Automate planned server maintenance. VMware DRS can automatically migrate all virtual machines off physical servers to enable scheduled server maintenance with zero downtime.
• Dramatically increase system administrator productivity. Enable system administrators to monitor and effectively manage more IT infrastructure.
➢ Reduce Energy Consumption in the Datacenter
VMware Distributed Power Management (DPM) continuously optimizes power consumption in the datacenter. When virtual machines in a DRS cluster need fewer resources, such as during nights and weekends, DPM consolidates workloads onto fewer servers and powers off the rest to reduce power consumption. When virtual machine resource requirements increase (such as when users log into applications in the morning), DPM brings powered-down hosts back online to ensure service levels are met.
VMware Distributed Power Management allows IT organizations to:
• Cut ongoing power and cooling costs by up to 20% in the datacenter during low utilization time periods.
• Automate management of energy efficiency in the datacenter
VMware DRS (with DPM) is included in the VMware vSphere Enterprise and Enterprise Plus edition. DRS and DPM leverage VMware vMotion (live migration) to balance load and optimize power consumption with no downtime.
KEY FEATURE OF DRS
• Aggregation of physical server resources. Manage CPU and memory across a group of physical servers as a uniform shared pool of resources.
• Flexible hierarchical organization. Organize resource pools hierarchically to match available IT resources to the business organization. VMware DRS ensures that resource utilization is maximized while business units retain control and autonomy of their infrastructure. Resource pools can be flexibly added, removed, or reorganized as business needs or organization change.
• Priority Settings. Assign priorities in the form of shares or reservations to virtual machines within resource pools and to sub resource pools to reflect business priorities. For example, the production sub resource pool can have higher shares of the total resources in a cluster and business critical applications within the production resource pool can have fixed guarantees(reservations) of CPU bandwidth and memory,
• Management of sets of virtual machines running a distributed application. Optimize the service level of distributed applications by controlling the aggregate allocation of resources for the entire set of virtual machines running the distributed application.
• Affinity Rules. Create rules that govern placement of virtual machines on physical servers. For example, a group of virtual machines can be set to always run on the same server for performance reasons. Alternatively, certain virtual machines can be set to always run on different servers to increase availability. New in vSphere 4.1 is the ability to restrict placement of virtual machines to a group of physical servers in a cluster. This is useful for controlling the mobility of virtual machines that run software licensed for a specific group of physical servers. In addition, this feature can be used to keep sets of virtual machines on different racks or blade systems for availability reasons.
• Power Management. Reduce energy consumption in the datacenter by using the Distributed Power Management (DPM) feature of DRS to consolidate workloads and power off servers when they are not needed by the virtual machines in the cluster. When resource requirements of virtual machines increase, DPM brings hosts back online so service levels can be met.
• Manual and Automatic Mode. VMware DRS collects resource usage information from servers and virtual machines, and then generates recommendations to optimize virtual machine allocation. These recommendations can be executed automatically or manually.
o Initial placement. When a virtual machine is first powered on, VMware DRS either automatically places the virtual machine on the most appropriate physical server or makes a recommendation.
o Continuous optimization. VMware DRS continuously optimizes resource allocations based on defined resource allocation rules and resource utilization. The resource allocation changes can be automatically executed by performing live migration of virtual machines through vMotion. Alternatively, in manual mode, VMware DRS provides execution recommendations for system administrators.
• Maintenance mode for servers. Perform maintenance on physical servers without disruption to virtual machines and end users. When a physical server is placed in maintenance mode, VMware DRS identifies alternative servers where the virtual machines can run. Based on automation mode settings, the virtual machines are either automatically moved to use the alternative servers, or the system administrator performs the move manually using the VMware DRS recommendations as a guideline.
• Large-scale management. Manage CPU and memory across up to 32 servers and 1280 virtual machines per DRS cluster.
DRS Rules
➢ Affinity Rule:-Keep the Virtual Machine together.
➢ Anti affinity Rule:- Keep the Virtual Machines Separate.
Condition for DRS
➢ All Vmotion condition are applicable for DRS.
➢ Vmotion work with datacenter DRS work with in the Cluster.
DRS Configuration Types
➢ Manual:-DRS gives migration Recommendation for the virtual machine. It doesn’t do load balancing.
➢ Partially Automatic:-Manual+initial placement of powered on virtual machine taken care by DRS.provide recommendation for load balancing.
➢ Fully Automatic:-Partial automatic+ in this mode DRS will do Automatic Vmotion load balancing.
Differences Between HA and DRS
HA DRS
|It is a fail over mechanism of Cluster |It is a load Balancing Feature of Cluster |
|HA Require more downtime |DRS doesn’t Require downtime |
|HA continues to work if VC is down. |DRS doesn’t work if VC is down. |
|For HA only config in VC. |For DRS the config,logic(service console) is completely in VC. |
|An agent is needed on HA. |DRS needs VC |
|VM kernel N/W not used in HA. |In DRS VM kernel Network should be configure. |
|HA work with host. |DRS work with Virtual Center. |
|HA continues to operates when component fail. |DRS does not operate if component fails. |
Install Patches on ESXi host using esxcli commands
1. Login to your ESXi host using SSH or ESXi shell with your root credentials
2. Browse towards the Patch location in your datastore and verify the donwloaded patches are alread in and note down the complete path for the patch.
cd /vmfs/volumes/datastore1/folder loctaion
[pic]
3.Before installing patches placing your ESXi host in maintenance mode is very important. Please take look at my blog post "Placing ESX host in Maintenenace mode"
4. Execute the below command to install the patch "ESXi510-201210001.zip"
esxcli software vib install -d /vmfs/volumes/datastore1/ESXi\ patches/ESXi510-201210001.zip
[pic]
5. To verify the installed VIB's installed on your host execute the below command
esxcli software vib list
[pic]
Limitations of physical compatibility mode
1.VMware snapshots are not allowed
2.VCB (VMware consolidated backup) support is not possible, because VCB requires VMware snapshots
3.Cloning of VMs that use physical mode RDMs is not possible
4.Converting VMs into templates that use physical mode RDMs is not possible
5.Migration of VMs with physical mode RDMs if the migration involves copying the disk is not possible.
6.No VMotion with physical mode RDMs
5 Difference between vSphere 4.1 and vSphere 5
13:39 Mohammed Raffic
I am getting lot of request from email to post the difference between the vSphere 4.0 and vSphere 5.0. Here the post for the requests and I believe this could be the definite questions in interviews and this post helps you to just quickly review the difference between the features of this 2 vSphere Releases.
If you are looking for Difference between ESX 3.5 and ESX 4.0. Please refer my Blogpost "Difference between ESX 3.5 and ESX 4.0"
-->
|Features |vSphere 4.1 |vSphere 5.0 |
|Hypervisor |ESX & ESXi |Only ESXi |
|VMA |Yes VMA 4.1 |Yes VMA 5 |
|HA Agent |AAM |FDM |
| |Automatic Availability |Fault Domain Manager |
| |Manager | |
|HA Host Approach |Primary & Secondary |Master & Slave |
|HA Failure Detection |Management N/W |Management N/W and Storage |
| | |communication |
|HA Log File |/etc/opt/vmware/AAM |/etc/opt/vmware/FDM |
|DNS Dependent on DNS |Yes |NO |
|Host UEFI boot support |NO |boot systems from hard drives, CD/DVD drives, or USB |
| | |media |
|Storage DRS |Not Available |Yes |
|VM Affinity & Anti-Affinity |Available |Available |
|VMDK Affinity & Anti-Affinity |Not Available |Available |
|Profile driven storage |Not Available |Available |
|VMFS version |VMFS-3 |VMFS-5 |
|VSphere Storage Appliance |Not Available |Available |
|Iscsi Port Binding |Can be only done via Cli | Configure dependent |
| |using ESXCLI |hardware iSCSI and software |
| | |iSCSI adapters along with the |
| | |network configurations and |
| | |port binding in a single dialog |
| | | box using the vSphere Client. |
|Storage I/O control for NFS |Fiber Channel |Fiber Channel & NFS |
|Storage Vmotion Snapshot support |VM with Snapshot cannot be migrated using |VM with Snapshot can be migrated using Storage |
| |Storage vMotion |vMotion |
|Swap to SSD |NO |Yes |
|Network I/O control |Yes |Yes with enhancement |
|ESXi firewall |Not Available |Yes |
|vCenter Linux Support |Not Available |vCenter Virtual Appliance |
|vSphere Full Client |Yes |Yes |
|vSphere Web Client |Yes |yes with lot of improvements |
|VM Hardware Version |7 |8 |
|Virtual CPU per VM |8 vCpu |32 vCpu |
|Virtual Machine RAM |255 GB |1 TB of vRAM |
|VM Swapfile size |255 GB |1 TB |
|Support for Client connected USB |Not Available |Yes |
|Non Hardware Accelerated |Not Available |Yes |
|3D grpahics support | | |
|UEFI Virtual BIOS |Not Available |Yes |
|VMware Tools Version |4.1 |5 |
|Mutlicore vCpu |Not Available |Yes configure at VM setting |
|MAC OS Guest Support |Not Available |Apple Mac OS X Server 10.6 |
|Smart card reader support for VM |Not Available |Yes |
|Auto Deploy |Not Available |Yes |
|Image Builder |Not Available |Yes |
|VM's per host |320 |512 |
|Max Logical Cpu per Host |160 |160 |
|RAM per Host |1 TB |2 TB |
|MAX RAM for Service Console |800 MB |Not Applicable (NO SC) |
|LUNS per Server |256 |256 |
|Metro Vmotion |Round-trip latencies of up to |Round-trip latencies of up to |
| |5 milliseconds. |10 milliseconds. This provides better performance |
| | |over |
| | |long latency networks |
|Storage Vmotion |Moving VM Files using moving to using dirty|Moving VM Files using I/O |
| |block tracking |mirroring with better enhancements |
|Virtual Distributed Switch |Yes |Yes with more enhancements |
| | |like deeper view into virtual machine traffic through|
| | |Netflow and enhances monitoring and troubleshooting |
| | |capabilities through SPAN and LLDP |
|USB 3.0 Support |NO |Yes |
|Host Per vCenter |1000 |1000 |
|Powered on virtual machines |10000 |10000 |
| per vCenter Server | | |
|Vmkernel |64-bit |64-bit |
|Service Console |64-bit |Not Applicable (NO SC) |
|Licensing | | |
| |vSphere Essentials |vSphere Essentials |
| |vSphere Essentials Plus |vSphere Essentials Plus |
| |vSphere Standard |vSphere Standard |
| |vSphere Advanced |vSphere Enterprise |
| |vSphere Enterprise |vSphere Enterprise Plus |
| |vSphere Enterprise Plus | |
6 Provisioned Storage, Non-Shared Storage & Used Storage in VMware
There will be difference in the view of Provisioned Storage, Non-shared Storage & Used Storage for Thick VMDK and Thin VMDK disk For Thick VMDK, All the above 3 values will be same but refer the value difference for the Thin Disk. In My case, My virtual Machine is allocated with 45 GB of disk size and Disk type is Thin.
[pic]
Why Provisioned Storage in the above screenshot is showing as 53.01 GB which is not matching with the Provisioned size of VMDK which is 45 GB. This is because the Provisioned storage of 53.01 GB includes the virtual machine files like swap,vmx and log files, etc in virtual machine directory.
Not-Shared Storage:
Not-shared storage shows the space occupied by the virtual machine on the datastore space and it is not shared with any other virtual machines.
Used Storage:
Used Storage shows the space actually occupied by the virtual machine files (Config Files, Log files, VMDK & Snapshots,etc) in the Virtual Machine Directory. Value of the used storage will be changed or little more when the virtual machine is powered on because Swap files will be created in the virtual machine directory and disappeared, when VM is powered down.
7 Service Console Commands:Basic How to's for ESX
How to find out the ESX server Version you are running with ?
vmware -v
How to find the ESX server IP address?
hostname -i
How to find the default gateway of ESX server?
cat /etc/sysconfig/network
How to find ESX server hardware information ?
dmidecode | more
How to find ESX server Serial Number?
dmidecode | grep "Serial Number"
How to find ESX server Installed Memory ?
cat /proc/meminfo | grep MachineMem
How to find last reboot and shutdown date& time ?
last
How to find the list of patches installed on your ESX server?
esxupdate query
How to create log file bundles from ESX/ESXi hosts ?
vm-support
How to find out the list of softwares installed on ESX host?
rpm -q -a
How to find the list of configured NTP servers and delay?
ntpq -p
How to find the current configured firewall rules in ESX?
esxcfg-firewall -q
How to find the basic partition information of ESX?
vdf -h
How to find the current password policy for ESX?
esxcfg-auth -p
How to find the list of users created in ESX?
cat /etc/passwd
How to find the list of virtual machines running on the ESX host?
vmware-cmd -s listvms
How to find the list of added static routes in ESX host?
route
How to find the port status in ESX host ?
netstat -an
How to find the list of datastores in the ESX host?
cd /vmfs/volumes and type ls -l
Steps to find the Virtual Machine Process ID
1. Login to ESX host via SSH with Root credentials
[pic]
I have an unresponsive virtual machine named "vmware-arena-vm"
[pic]
2. To find the PID of one of my virtual machine named "vmware-arena-vm". Execute the below command
ps -ef | grep vmware-arena-vm
[pic]
3. To kill the unresponsive virtual machine "vmware-arena-vm" process . Execute the below command
[pic]
Command to place the ESX host in maintenance mode using vmware-vim-cmd
[root@vmware-arena ~]# vmware-vim-cmd /hostsvc/maintenance_mode_enter
[pic]
Command to verify the host entered into maintenance mode
[root@vmware-arena ~]# vmware-vim-cmd hostsvc/hostsummary|grep -i maintenance
[pic]
Command to exit the ESX host from maintenance mode using vmware-vim-cmd
[root@vmware-arena ~]# vmware-vim-cmd /hostsvc/maintenance_mode_exit
[pic]
Command to verify the host exited from maintenance mode
[root@vmware-arena ~]# vmware-vim-cmd hostsvc/hostsummary|grep -i maintenance
What is Hyperthreading?
"Intel's proprietary HT Technology is used to improve parallelization of computations (doing multiple tasks at once) performed on PC microprocessors. For each processor core that is physically present, the operating system addresses two virtual or logical cores, and shares the workload between them when possible. The main function of hyper-threading is to decrease the number of dependent instructions on the pipeline."Hyperthreading technology allows a single physical processor to behave like two logical processors.Although hyperthreading does not double the performance of a system, it can increase performance by better utilizing idle resources.
The HT core sharing option enable us to define the different types of physical core sharing techniques with the virtual Machines.
There are 3 different HT Sharing methods
1. Any
2. None
3.Internal
Any
With this Setting, CPU cores of the ESX server is allowed to freely share with virtual CPUs of the virtual machine and also with the virtual CPUs of any other virtual Machine.
None
With this Setting, CPU cores of the ESX server is not allowed to share within the virtual CPUs of the virtual machine and also not allowed to share with the virtual CPU of any other virtual machine.Each virtual CPU from this virtual machine should always get a dedicated core for it is own.
Internal
With this Setting, CPU cores of the ESX server is allowed to share within the virtual CPUs of the virtual machine but not allowed to share with the virtual CPUs of other virtual Machine. This option is similar to None. Only virtual machine configured with virtual SMP can utilize this setting.
[pic]
A Raw Disk Mapping (RDM) can be used to present a LUN directly to a virtual machine from a SAN. Rather than creating a virtual disk (VMDK) on a LUN, which is generally shared with other VMs and virtual disks.
VMware raw device mapping mode (RDM) allows a virtual machine to directly access physical disks. With raw device mapping, a VMware virtual machine can use large storage devices such as disk arrays. Access to the data on an RDM disk is faster than to a fully virtualized disk (vmdk file). An RDM disk can be locally attached to the ESX server or configured on a Fibre Channel SAN.
NetBackup supports the disk arrays that are configured on a virtual machine as RDMs.
Note:
NetBackup cannot back up the RDM by means of a VMware backup host.
The main reason for using an RDM should be as follows:
To utilize native SAN tools and commands
If using Microsoft Cluster Services (MSCS), Failover Clusters or other clustering solution
LUNs presented from FC, FCoE and iSCSI are supported for RDMs.
Virtual compatibility mode provides vSphere snapshots of this virtual disk.
(Allow Virtual machine to use VMware snapshot and other functionality.)
Physical compatibility mode allows the VM to pass SCSI commands direct to the storage system LUN. This allows it to leverage SAN specific features such as interation with the SANs own snapshot functions.
(Allow the guest operating system to access the hardware directly. Taking the snapshot will not include the disk.)
f
How does DRS calculate the Cluster in balance in the cluster?
To calculate the cluster in balance, DRS compare the Current Host load standard deviation(CHLSD) and Target Host Load Standard Deviations(THLSD).
CHLSD>THLSD
Cluster is considered as imbalanced.
CHLSD Calculation:-
DRS Compute the normalize Entitlement(NE) and standard deviations of each ESXI hosts.
NE nothing but the calculation of how much resources are currently utilized out of total resources.
NE= Dynamic usage of all VM's / Total host Capacity
THLSD Calculation:-
THLSD derived from DRS migration threshold which is defined at the time of configuration of DRS.
Each threshold level set different imbalance tolerance margin.
Aggressive threshold level set tight margin allowing for little imbalance.
Conservative threshold level tolerate bigger imbalance.
Components of PSC
VMware Appliance management service
VMware Authentication frame work
VMware Certificate service
VMware Component Manager
VMware common login service
VMware Directory service
VMware HTTP Reverse proxy
VMware Identity Management service.
VMware Security token service
VMware service control agent.
MPLS(multi protocol label switching
It is a data carrying technique for high performance network that direct the data from one network node to other network node based on short path label rather than long network address, avoiding complex look up in routing table. MPLS encapsulate the packets of various network protocol hence name multi protocol.
MPLS allow most packet to be forwarded at layer 2 rather than having to be passed to layer 3 network.
Each packet get labeled on entry into the service provider network by ingress router.
Finally egress router remove the label and forward the original IP packets to destination.
As the corporate data enter into the carrier network, a label is attached to each packet. This label identifies your VPN. upon reaching the destination the label is removed, return the data packet to original state.
services and agent present in VMware vsphere environment.
• CIM HTTP server
• CIM HTTPS server
• FTP client
• FTP server
• ISCSI software client
• NFS client
• NFS server
• NIS client
• SMB client
• SNMP server
• SSH client
• SSH server
• Syslog client
• Telnet client
• Telnet server.
6 vCenter Server Components and Services
This is a brief overview of vCenter Server Components and Services. It applies to both vCenter Server(Windows) and vCenter Server Appliance
[pic]
vCenter Platform Services Controller
• vCenter Single Sign-On : SSO provides secure authentication services to vSphere components. Through SSO, vSphere components communicate with each other through a secure token based mechanism, instead of each component/solution user reaching out to an external directory service like Active Directory for authentication. All components/solutions while install or upgrade process gets registered with SSO constructed security domain (vSphere.local). From then SSO can authenticate users from its default Identity Source(vSphere.local) or an explicitly added external Identity Source like Active Directory. Authenticated users can then be assigned registered solution-based permissions or roles within vSphere environment. (vSphere.local can be a custom name now)
• vSphere License Service : Provides license inventory and management capabilities to all vCenter instances connected to a Platform Services Controller
• VMware Certificate Authority : VMware Certificate Authority (VMCA) provides each ESXi host with a signed certificate with VMCA as root certificate authority. Certificate provisioning occurs when an ESXi host is added to vCenter explicitly or it can be part of ESXi host installation process. All ESXi certificates are stored locally on the host
vCenter Server
• vCenter Inventory Service : Stores vCenter configuration and inventory data. It enables to search and access inventory objects across vCenter Server instances
• vSphere Web Client : Allows to connect to vCenter Server instances through a Web browser for managing vSphere Infrastructure
• PostgreSQL : VMware distribution of PostgreSQL database for vSphere (Embedded database with vCenter)
• vSphere ESXi Dump Collector : Allows you to configure ESXi to save VMKernel memory to a network server, rather than to a disk, when a PSOD is encountered.
• vSphere Syslog Collector : The vCenter Server on Windows support tool that enables network logging and combining of logs from multiple hosts. You can use the Syslog Collector to direct ESXi system logs to a server on the network, rather than to a local disk. The recommended maximum number of supported hosts to collect logs from is 30
• vSphere Syslog Service : The vCenter Server Appliance support tool that provides a unified architecture for system logging, network logging and collecting logs from hosts. You can use the vSphere Syslog Service to direct ESXi system logs to a server on the network, rather than to a local disk. The recommended maximum number of supported hosts to collect logs from is 30
• vSphere Auto Deploy : The vCenter Server support tool that can provision hundreds of physical hosts with ESXi software. You can specify the image to deploy and the hosts to provision with the image.
[pic]
How Vsphere 6.0 differ from Vsphere 5.x
|VMware Platform Services Controller |The VMware Platform Services Controller contains common infrastructure services such as vCenter |
|Introduced |Single Sign-On, VMware certificate authority, licensing, and server reservation and registration |
| |services. |
| |You can deploy a Platform Services Controller instance on the same virtual machine (VM) or physical |
| |server as vCenter Server, which is vCenter Server with an embedded Platform Services Controller |
| |instance. You can also deploy a Platform Services Controller instance on a separate machine or |
| |physical server, which is vCenter Server with an external Platform Services Controller instance |
|Enhanced Linked Mode |You no longer need to join vCenter Server instances to Linked Mode groups. You can access the |
| |replication functionality provided by Linked Mode in vSphere 5.5 by registering multiple vCenter |
| |Server instances to the same Platform Services Controller or joining Platform Services Controller |
| |instances in the same vCenter Single Sign-On domain. |
| |To enable high availability between the vCenter Server instances in a single vCenter Single Sign-On |
| |domain, the vCenter Server instances must use the same site name. |
| |Unlike the original Linked Mode, Enhanced Linked Mode is available and supported on vCenter Server on|
| |Windows and vCenter Server Appliance. |
|vCenter Server Component Services |Starting with vSphere 6.0, vCenter Server component services are deployed in either the vCenter |
|Deployment |Server or Platform Services Controller group of services. |
| |The vCenter Server upgrade software migrates, upgrades, and configures existing vCenter Server 5.1 or|
| |vCenter Server 5.5 services as needed, migrating individually deployed vCenter Server 5.0 or vCenter |
| |Server 5.1 services to the appropriate service group during the upgrade process. |
| |■ |
| |vCenter Single Sign-On credentials, certificates, and ports are now part of the Platform Services |
| |Controller instance. |
| | |
| |■ |
| |Tagging data and licensing is part of the Platform Services Controller instance. |
| | |
| | |
| | |
| | |
| |■ |
| |You can now choose the destination folder for the upgrade software to use. |
| | |
| |. |
|Simple Upgrade Process Replaced |Upgrading to vCenter Server 6.0 with an embedded Platform Services Controller instance replaces the |
| |vCenter Server 5.1 or vCenter Server 5.5 simple upgrade process. The upgrade process migrates your |
| |vCenter Server 5.1 or vCenter Server 5.5 services to a vCenter Server 6.0 deployment with an embedded|
| |Platform Services Controller instance. |
|Custom Upgrade Process Replaced |Upgrading to vCenter Server 6.0 with an external Platform Services Controller instance replaces the |
| |vCenter Server 5.1 or 5.5 Custom or separate upgrade process. When you upgrade your custom or |
| |distributed vCenter Server 5.1 or 5.5 instance, the upgrade process includes any vCenter Server 5.1 |
| |or 5.5 services that are deployed separately from vCenter Server. You do not need to upgrade them |
| |separately. |
| |During the process of upgrading to vCenter Server 6.0 with an external Platform Services Controller |
| |deployment, any vCenter Server 5.1 or 5.5 services that are deployed on a separate VM or physical |
| |server from the vCenter Server are migrated to the same VM or physical server as the vCenter Server |
| |instance. vCenter Server components can no longer be deployed individually. For more details on |
| |service migration during upgrade. |
|No Change of Deployment Model for |During the upgrade to vCenter Server 6.0 , you cannot change your deployment model. For example, if |
|Platform Services Controller During |you deploy vCenter Server with an embedded Platform Services Controller instance, you cannot switch |
|Upgrade |to vCenter Server with an external Platform Services Controller instance. You can only remove the |
| |Platform Services Controller instance. |
| |After the upgrade, you can update your vCenter Server deployment by repointing the connections |
| |between vCenter Server and Platform Services Controller. You can also convert an embedded Platform |
| |Services Controller deployment to an external Platform Services Controller deployment. |
|Database Changes |The vCenter Server 5.x embedded Microsoft SQL Server Express database is replaced with an embedded |
| |PostgreSQL database during the upgrade to vCenter Server 6.0. The maximum inventory size that applied|
| |for Microsoft SQL Server Express still applies for PostgreSQL. |
|VMware vSphere Syslog Collector |For vCenter Server 6.0 for Windows, vSphere Syslog Collector is included in the vCenter Server group |
| |of services and continues to function exactly as for vCenter Server 5.5. However, it is no longer |
| |used for vCenter Server Appliance 6.0. |
|VMware Syslog Service |For vCenter Server Appliance 6.0, vSphere Syslog Service is a support tool for logging that is |
| |included in the vCenter Server group of services. |
VMware log files
• /var/log/auth.log:- ESXI shell authentication success and failure.
• /var/log/dhclient.log: DHCP client services, including discovery, address lease request and renewals.
• /var/log/esxupdate.log:- ESXI patch and update installation logs
• /var/log/hostd.log:- Host management service logs, including VM and host tasks and events communication with vsphere client and vcenter server.
• /var/log/shell.log:- ESXi shell usage logs including enable disable and every command entered.
• /var/log/sysboot.log:- VMkernel startup and module loading.
• /var/log/syslog.log:- Management service initialization, watch dog and schedule task and DCUI.
• /var/log/usb.log:- USB device arbitration event such as discovery and pass through the VM.
• /var/log/vob.log:- VMkernel observation events.
• /var/log/vmkernel:- Core VM kernel logs, including device discovery and network device driver events and VM startup.
• /var/log/vmkwarning.log:- A summary of warning and Alerts log messages from VM kernel logs.
• /var/log/vmksummary.log:- A summary of ESXi startup and shutdown.
• /var/log/vpxa.log:- vcenter server vpxa agent logs including communication with vcenter server and host.
• /var/log/fdm.log:- HA logs
Register VM in host.
To register a virtual machine in vCenter Server:
Open the vSphere/VMware Infrastructure (VI) Client and log in with appropriate credentials.
✓ If connecting to vCenter Server, click on the desired host.
✓ Click the Configuration tab.
✓ Click Storage.
✓ Right-click on the appropriate datastore and click Browse Datastore.
✓ Navigate to the folder named after the virtual machine, and locate the .vmx file.
✓ Right-click the .vmx file and click Add to inventory. The Add to Inventory wizard opens.
✓ Continue to follow the wizard to add the virtual machine.
To register a virtual machine from a command line on an ESX host:
Log in as root to the ESX host with an SSH client.
Run the command:
# vmware-cmd -s register \.vmx
To register a virtual machine from a command line on an ESXi host:
Log in as root to the ESXi host with an SSH client. For information on using Tech Support mode, see Using Tech Support Mode in ESXi 4.1 and ESXi 5.x (1017910).
Run the command:
# vim-cmd solo/registervm /vmfs/volumes/datastore_name/VM_directory/VM_name.vmx
The products which are integrated into PSC
✓ VMware vCenter Server
✓ VMware vCenter Inventory Services
✓ VMware vSphere Web Client
✓ VMware Log Browser
✓ VMware NSX for vSphere
✓ VMware Site Recovery Manager
✓ VMware vCloud Air
✓ VMware vCloud Director
✓ VMware vRealize Automation Center
✓ VMware vRealize Orchestrator
✓ VMware vSphere Data Protection
✓ VMware vShield Manager
Platform Services Controller (PSC)
VMware is introducing a new component called the VMware Platform Services Controller (which had a previous beta name of Infrastructure Controller).
SSO was the first component to be spun out into what is now being built up as the PSC. SSO was first released in 5.1 and had major issues and was rebuilt as SSO 2.0 for vSphere 5.5
vCenter, vCOPs, vCloud Director, vCloud Automation Center can use functionality within the PSC as a shared component.
vCenter is actually being split in two. One part is now called the Management Node and the other is the Platform Services Controller.
[pic]
The Management Node contains all the vCenter Server components with all the security related things stripped out.
[pic]
The PSC now contains the following functionality:
• SSO
• Licensing
• Certificate Authority
• Certificate Store
• Miscellaneous Services
[pic]
The Certificate Authority and Certificate Store are new components to at last tame the wild and woefully inadequate management of vSphere certificates. The new VMware Certificate Authority (VMCA) can act as a root certificate authority either managing its own certificates or handling certificates from an external Certificate Authority. VMCA provisions each ESXi host with a signed certificate when it is added to vCenter as part of installation or upgrade. You can view and manage these certificates from the vSphere Web Client and manage the full certificate lifecycle workflow.
Other services will be added to the PSC in future releases.
The PSC is built into vCenter and runs as a vPostgres database so there’s no additional database to worry about and it runs in both the Windows and appliance version. The PSCs self replicate and importantly don’t use ADAM so it can replicate between Windows and appliance vCenters.
You can either have the PSC embedded within vCenter Server or run it as an external component to vCenter Server.
VMware suggests if you are running 8 or less vCenters it is best to use PSC embedded with vCenter. vCenter will then connect only to its internal PSC.
If you have more than 8 vCenters, VMware recommends using an external PSC rather than the embedded one. You can then use the PSC as a highly available and load balanced service shared by your many vCenters. You won’t then be connected to one PSC but a pool of them.
[pic]
[pic]
Just to clarify, the PSC is a new service and separate from the Inventory Service which handles inventory management of VMs.
vCenter Server Appliance (VCSA)
The VCSA has also been beefed up. With 5.1 you could manage 100 hosts and 3000 powered on VMs. vSphere 6 now allows 1000 hosts and 10,000 powered on VMs.
Oracle is still the only external database supported as Microsoft doesn’t have an officially supported ODBC Driver for Linux (SLES), the one they do have is only community supported.
vSphere Web Client
Continued performance gains and tagging improvements along with all new functionality. It still uses Flash which won’t please many people, will we ever get a native HTML5 web client?
vSphere Client
You may be happy or disappointed to hear that VMware has decided to keep on the VI Client (C# Client) for one more release, vSphere 6.0. After that they say it will definitely be gone. Although the Web Client continues to progress and speed up, customer feedback has been that they would like to continue to use the familiar older client for now. No new functionality is being added to the C# Client so although it will be supported, it is only able to manage an ever decreasing subset of vSphere functionality.
Install and Upgrade
The vCenter installer for Windows has been streamlined. We are back to one installer now with all input up front. There is more and better pre-check functionality. You can choose between embedded and external (pre-existing) PSCs during installation
The upgrade procedure hasn’t changed since vSphere 5.5, vCenter is upgraded using the standalone installer or vSphere Update Manager and ESXi is updated using the .ISO or Update Manager.
ESXi firewall commands
esxcli network firewall ruleset list
esxcli network firewall get
|Command |Description |
|esxcli network firewall get |Returns the enabled or disabled status of the firewall and lists default actions. |
|esxcli network firewall set --default-action |Update default actions. |
|esxcli network firewall set --enabled |Enable or disable the ESXi firewall. |
|esxcli network firewall load |Load the firewall module and rule set configuration files. |
|esxcli network firewall refresh |Refresh the firewall configuration by reading the rule set files if the firewall module |
| |is loaded. |
|esxcli network firewall unload |Destroy filters and unload the firewall module. |
|esxcli network firewall ruleset list |List rule sets information. |
|esxcli network firewall ruleset set |Set the allowedall flag. |
|--allowed-all | |
|esxcli network firewall ruleset set --enabled |Enable or disable the specified rule set. |
|esxcli network firewall ruleset allowedip list |List the allowed IP addresses of the specified rule set. |
|esxcli network firewall ruleset allowedip add |Allow access to the rule set from the specified IP address or range of IP addresses. |
|esxcli network firewall ruleset allowedip remove|Remove access to the rule set from the specified IP address or range of IP addresses. |
Virtual switch failover order:
a) Active uplinks
b) Standby uplinks
c) Unused uplinks
THERE ARE DIFFERENT TYPES OF PVLAN S :
Promiscuous Primary VLAN – Imagine this VLAN as a kind of a router. All packets from the secondary VLANS go through this VLAN. Packets which also goes downstream and so this type of VLAN is used to forward packets downstream to all Secondary VLANs.
Isolated (Secondary) – VMs can communicate with other devices on the Promiscuous VLAN but not with other VMs on the Isolated VLAN.
Community (Secondary) – VMs can communicate with other VMs on Promiscuous and also w those on the same community VLAN.
[pic]
There are different ESXi certificate replacement modes:-
• Default - VMCA as cert authority where VMCA issues certs for your hosts.
• Custom - you can override and do and issue certs manually via VMCA
• Thumbprint mode - this way you keep certs from vSphere 5.5
LAG Modes
LAG Mode can be:
• Passive - where the LAG ports respond to LACP packets they receive but do not initiate LACP negotiations.
• Active - where LAG ports are in active mode and they initiate negotiations with LACP Port Channel.
LAG load balancing mode (LNB mode):
• Source and destination IP address, TCP/UDP port and VLAN
• Source and destination IP address and VLAN
• Source and destination MAC address
• Source and destination TCP/UDP port
• Source port ID
• VLAN
vDS load balancing (LNB):
• Route based on IP hash - The virtual switch selects uplinks for virtual machines based on the source and destination IP address of each packet.
• Route based on source MAC hash - The virtual switch selects an uplink for a virtual machine based on the virtual machine MAC address.
• Route based on originating virtual port - Each virtual machine running on an ESXi host has an associated virtual port ID on the virtual switch. To calculate an uplink for a virtual machine, the virtual switch uses the virtual machine port ID and the number of uplinks in the NIC team. After the virtual switch selects an uplink for a virtual machine, it always forwards traffic through the same uplink for this virtual machine as long as the machine runs on the same port. The virtual switch calculates uplinks for virtual machines only once, unless uplinks are added or removed from the NIC team.
• Use explicit failover order - No actual load balancing is available with this policy. The virtual switch always uses the uplink that stands first in the list of Active adapters from the failover order and that passes failover detection criteria. If no uplinks in the Active list are available, the virtual switch uses the uplinks from the Standby list.
• Route based on physical NIC load (Only available on vDS) - based on Route Based on Originating Virtual Port, where the virtual switch checks the actual load of the uplinks and takes steps to reduce it on overloaded uplinks. Available only for vSphere Distributed Switch. The distributed switch calculates uplinks for virtual machines by taking their port ID and the number of uplinks in the NIC team. The distributed switch tests the uplinks every 30 seconds, and if their load exceeds 75 percent of usage, the port ID of the virtual machine with the highest I/O is moved to a different uplink.
Traffic shaping policies
Traffic shaping policy is applied to each port in the port group. You can Enable or Disable the Ingress or egress traffic.
• Average bandwidth in kbits (Kb) per second - Establishes the number of bits per second to allow across a port, averaged over time. This number is the allowed average load.
• Peak bandwidth in kbits (Kb) per second - Maximum number of bits per second to allow across a port when it is sending or receiving a burst of traffic. This number limits the bandwidth that a port uses when it is using its burst bonus.
• Burst size in kbytes (KB) per second - Maximum number of bytes to allow in a burst. If set, a port might gain a burst bonus if it does not use all its allocated bandwidth. When the port needs more bandwidth than specified by the average bandwidth, it might be allowed to temporarily transmit data at a higher speed if a burst bonus is available
ENABLE TCP SEGMENTATION OFFLOAD SUPPORT FOR A VIRTUAL MACHINE
Use TCP Segmentation Offload (TSO) in VMkernel network adapters and virtual machines to improve the network performance in workloads that have severe latency requirements.
When TSO is enabled, the network adapter divides larger data chunks into TCP segments instead of the CPU. The VMkernel and the guest operating system can use more CPU cycles to run applications. By default, TSO is enabled in the VMkernel of the ESXi host , and in the VMXNET 2 and VMXNET 3 virtual machine adapters
DETERMINE APPROPRIATE VLAN CONFIGURATION FOR A VSPHERE IMPLEMENTATION
There are three main places or three different ways to tag frames in vSphere.
• External Switch Tagging (EST) - VLAN ID is set to None or 0 and it is the physical switch that does the VLAN tagging.
• Virtual Switch Tagging (VST) - VLAN set between 1 and 4094 and the virtual switch does the VLAN tagging.
• Virtual Guest Tagging (VGT) - the tagging happens in the guest OS. VLAN set to 4095 (vSwitch) or VLAN trunking on vDS.
[pic]
Network IO controller.
What is network I/O control? It's a mechanism which allows to prioritize certain data flows on distributed switch over others. It allows to allocate more network bandwidth to business critical applications/VMs where those have to "fight" for bandwidth.
THE REQUIREMENTS:
• Licensing - Enterprise + license required because it uses vSphere Distributed Switch.
• VDS Only - the Network I/O control can be enabled only on VDS
• Network I/O control v3 possible only on VDS 6.0
• SR-IOV is not available for virtual machines configured to use Network I/O Control version 3.
vSphere Web Client > Networking > vDS > Manage > Resource Allocation > System traffic
[pic]
Enable/Disable Network I/O Control - at the vDS level..
[pic]
Network Resource Pools - You can create new network resource pools to reserve part of the aggregated bandwidth for VMs system traffic on all the physical adapters connected to the VDS.
Virtual Standard Switch policies and settings
The virtual standard switches (vSS) can have following policies and settings:
• Traffic shaping (outbound only)
• VLANs (none, VLAN ID, All) - at the portgroup level config
• MTU
• Teaming and failover
• Security
Virtual Distributed Switch policies and settings
vSphere distributed switches (vDS) policies and settings:
• Traffic filtering and marking
• MTU
• VLANs (none, VLAN ID, VLAN trunking, PVLANs)
• Monitoring (netflow)
• Security
• Traffic Shaping - inbound and outbount (ingress / egress)
• LACP
• Port mirroring
• Health check for VLAN and MTU, teaming and failover - allows to check the status of the overall config.
• And Teaming and failiover like on vSS swiches.
DESCRIBE VDS SECURITY POLICES/SETTINGS
There are three network security policies on vDS. Those are promiscuous mode, MAC address changes and Forged transmits.
• Promiscuous Mode - Default settings are set to reject for both (VSS and VDS). If you change to accept then the guest OS can receive all traffic which passes through the vSwitch or Portgroup.
• MAC address change - The default setting is reject for VDS but accept on VSS. If set to allow then the host accepts requests to change the effective MAC address to a different one than the original.
• Forged transmits - The default settings is Reject for VDS but accept on VSS. The host do not compare source and effective MAC addresses which are transmitted from a VM.
Network Fail over detection option
Link Status only - check link availability. Is the adapter is physically up or down? Depending on the result it can possibly detects physical switch failures.
• Beacon Probing - Sends out and listens for beacon probes on all NICs in the team. Can be used together with link status and get better results to determine if there is a link failure. Beacon probing should not be used with IP hash load balancing policy or on vSwitches which has less than 3 uplinks. Unused NICs do not participate in beacon probing. Active/active or active/standby only.
3 types of VLAN
3 types of VLAN:
• None - no tags. Physical switch ports are configured as an access ports or VLAN is configured as native VLAN on trunk port
• VLAN - in this case, the VLAN ID Tag is done on the virtual switch level.
• VLAN Trunking - VLANs are tagged at the guest OS level.
• PVLAN - private VLANs.
Virtual disk thin provisioning allows to allocate only small amount of disk space at the storage level, but the guest OS sees as it had the whole space. The thin disk grows in size when adding more data, installing applications at the VM level. So it's possible to over-allocate the datastore space, but it brings a risks so it's important to monitor actual storage usage to avoid conditions when you run out of physical storage space.
• Thick Lazy Zeroed - default thick format. Space is allocated at creation, but the physical device is not erased during the creation proces, but zeroed-on-demand instead.
• Thick Eager Zeroed - Used for FT protected VMs. Space is allocated at creation and zeroed immediately. The Data remaining on the physical device is zeroed out when the virtual disk is created. Takes longer to create Eager Zeroed Thick disks.
• Thin provission - as on the image above. Starts small and at first, uses only as much datastore space as the disk needs for its initial operations. If the thin disk needs more space later, it can grow to its maximum capacity and occupy the entire datastore space provisioned to it. Thin disk can be inflated (thin > thick) via datastore browser (right click vmdk > inflate).
BSOD and PSOD Causes
• Exception Type 0 #DE: Divide Error
• Exception Type 1 #DB: Debug Exception
• Exception Type 2 NMI: Non-Maskable Interrupt
• Exception Type 3 #BP: Breakpoint Exception
• Exception Type 4 #OF: Overflow (INTO instruction)
• Exception Type 5 #BR: Bounds check (BOUND instruction)
• Exception Type 6 #UD: Invalid Opcode
• Exception Type 7 #NM: Coprocessor not available
• Exception Type 8 #DF: Double Fault
• Exception Type 10 #TS: Invalid TSS
• Exception Type 11 #NP: Segment Not Present
• Exception Type 12 #SS: Stack Segment Fault
• Exception Type 13 #GP: General Protection Fault
• Exception Type 14 #PF: Page Fault
• Exception Type 16 #MF: Coprocessor error
• Exception Type 17 #AC: Alignment Check
• Exception Type 18 #MC: Machine Check Exception
• Exception Type 19 #XF: SIMD Floating-Point Exception
• Exception Type 20-31: Reserved
• Exception Type 32-255: User-defined (clock scheduler)
Causes
Lots of different problems can cause blue screens including file system/application corruption, bad/incompatible drivers, or hardware problems. From my experience the two most common issues are bad drivers and hardware problems. Here are some suggestions to narrow down the cause of your blue screen.
An ESX/ESXi purple screen error appears similar to:
[pic]
Note: This article uses the information in this purple screen as an example.
1 Resolution
2 What is the VMkernel?
The VMkernel is the operating system core of ESX/ESXi. The kernel handles resource scheduling and device IO. Device IO is handled by the VMware network and storage stacks, which serves as a layer between the virtual file system, network devices and the device drivers that control physical devices.
3 Interpreting the purple diagnostic screen
If the VMkernel experiences an error, the error appears in a purple diagnostic screen. The purple diagnostic screen looks similar to:
VMware ESX Server [Releasebuild-98103
PCPU 1 locked up. Failed to ack TLB invalidate.
frame=0x3a37d98 ip=0x625e94 cr2=0x0 cr3=0x40c66000 cr4=0x16c
es=0xffffffff ds=0xffffffff fs=0xffffffff gs=0xffffffff
eax=0xffffffff ebx=0xffffffff ecx=0xffffffff edx=0xffffffff
ebp=0x3a37ef4 esi=0xffffffff edi=0xffffffff err=-1 eflags=0xffffffff
*0:1037/helper1-4 1:1107/vmm0:Fagi 2:1121/vmware-vm 3:1122/mks:Franc
0x3a37ef4:[0x625e94]Panic+0x17 stack: 0x833ab4, 0x3a37f10, 0x3a37f48
0x3a37f04:[0x625e94]Panic+0x17 stack: 0x833ab4, 0x1, 0x14a03a0
0x3a37f48:[0x64bfa4]TLBDoInvalidate+0x38f stack: 0x3a37f54, 0x40, 0x2
0x3a37f70:[0x66da4d]XMapForceFlush+0x64 stack: 0x0, 0x4d3a, 0x0
0x3a37fac:[0x652b8b]helpFunc+0x2d2 stack: 0x1, 0x14a4580, 0x0
0x3a37ffc:[0x750902]CpuSched_StartWorld+0x109 stack: 0x0, 0x0, 0x0
0x3a38000:[0x0]blk_dev+0xfd76461f stack: 0x0, 0x0, 0x0
VMK uptime: 7:05:43:45.014 TSC: 1751259712918392
Starting coredump to disk Starting coredump to disk Dumping using slot 1 of 1...using slot 1 of 1... log
Here is a breakdown of each section of the above purple diagnostic screen:
• The Product and Build:
VMware ESX Server [Releasebuild-98103]
This section of the purple diagnostic screen identifies the product and build that has experienced the error. In this example, the product is VMware ESX Server build 98103.
• The Error Message:
PCPU 1 locked up. Failed to ack TLB invalidate
This section of the purple diagnostic screen identifies the reported error message. There are only a finite number of error messages that can be reported. These error messages are discussed in this article.
• The CPU Registers:
frame=0x3a37d98 ip=0x625e94 cr2=0x0 cr3=0x40c66000 cr4=0x16c
es=0xffffffff ds=0xffffffff fs=0xffffffff gs=0xffffffff
eax=0xffffffff ebx=0xffffffff ecx=0xffffffff edx=0xffffffff
ebp=0x3a37ef4 esi=0xffffffff edi=0xffffffff err=-1 eflags=0xffffffff
These are the values that were in the physical CPU registers at the time of the error. The information in these registers may vary greatly between VMkernel errors.
• The Physical CPU:
*0:1037/helper1-4 1:1107/vmm0:Fagi 2:1121/vmware-vm 3:1122/mks:Franc
This section of the purple diagnostic screen identifies the physical CPU that was running instructions during the VMkernel error. In the example, the * beside the 0 indicates that physical CPU 0 was running an operation at the time of the failure. In newer versions of ESX, instead of including an *, the preceding letters CPU are included. For example, if the same error as the above were to occur in newer versions of VMware ESX, the same line appears as:
CPU0:1037/helper1-4 cpu1:1107/vmm0:Fagi cpu2:1121/vmware-vm cpu3:1122/mks:Franc.
This section of the purple diagnostic screen also describes the world (process) that was running on the CPU at the time of the error. In the above example, the userworld running was helper1-4.
Note: The name of the process may be truncated.
• The Stack Trace:
0x3a37ef4:[0x625e94]Panic+0x17 stack: 0x833ab4, 0x3a37f10, 0x3a37f48
0x3a37f04:[0x625e94]Panic+0x17 stack: 0x833ab4, 0x1, 0x14a03a0
0x3a37f48:[0x64bfa4]TLBDoInvalidate+0x38f stack: 0x3a37f54, 0x40, 0x2
0x3a37f70:[0x66da4d]XMapForceFlush+0x64 stack: 0x0, 0x4d3a, 0x0
0x3a37fac:[0x652b8b]helpFunc+0x2d2 stack: 0x1, 0x14a4580, 0x0
0x3a37ffc:[0x750902]CpuSched_StartWorld+0x109 stack: 0x0, 0x0, 0x0
0x3a38000:[0x0]blk_dev+0xfd76461f stack: 0x0, 0x0, 0x0
The stack represents what the VMkernel was doing at the time of the error. In this example, it was trying to clear memory page tables (TLB). This information is a vital tool in the diagnosis of purple screen errors by evaluating the actions of the kernel at the time of the error.
• The Uptime:
VMK uptime: 7:05:43:45.014 TSC: 1751259712918392
This section indicates how long a server is running since the last boot. In this example, the ESX host was running for 7 days, 5 hours, 43 minutes and 45.014 seconds. The TSC value is the number of CPU clock cycles that have elapsed since the server was started.
• The Core Dump:
Starting coredump to disk Starting coredump to disk Dumping using slot 1 of 1...using slot 1 of 1... log
This section of the purple diagnostic screen indicates that the contents of the VMkernel memory are being copied to the vmkcore partition.
4 Using the error message of the purple diagnostic screen to troubleshoot a vmkernel error
The VMkernel error message generated by the purple screen can be used to identify the cause of the issue. The number of error messages that can be produced are finite. This is a list of known VMkernel error messages.
• Type: Console Oops
Example Error: COS Error: Oops
Description: An ESX host fails and causes a purple screen when there is a Service Console oops. Unlike most purple screen errors, it is not triggered by the VMkernel. Instead the error is triggered by the Service Console and occurs at the Linux level. These purple screen errors contain additional information from the Linux kernel. For more information about Console Oops, see Understanding an "Oops" purple diagnostic screen (1006802).
• Type: Lost Heartbeat
Example Error: Lost Heartbeat
Description: The ESX VMkernel and the Service Console Linux kernel run at the same time on ESX. The Service Console Linux kernel runs a process called vmnixhbd, which heartbeats the VMkernel as long as it is able to allocate and free a page of memory. If no heartbeats are received before a timeout period of 30 minutes, the VMkernel triggers a COS Panic and a purple diagnostics screen that mentions a Lost Heartbeat. For more information on Lost Heatbeats, see Understanding a "Lost Heartbeat" purple diagnostic screen (1009525) .
• Type: Assert
Example Error: ASSERT bora/vmkernel/main/pframe_int.h:527
Description: Assert errors are software errors, because they are related to assumptions on which the program is based. This type of purple screen error is primarily caused by software issues. For more information on the assert error message, see Understanding ASSERT and NOT_IMPLEMENTED purple diagnostic screens (1019956).
• Type: Not Implemented
Example Error: NOT_IMPLEMENTED /build/mts/release/bora-84374/bora/vmkernel/main/util.c:83
Description: A not implemented error message occurs when the code encounters a situation that it was not designed to handle. For more information, see Understanding ASSERT and NOT_IMPLEMENTED purple diagnostic screens (1019956).
• Type: Spin count exceeded / Possible deadlock
Example Error: Spin count exceeded (iplLock) - possible deadlock
Description: A VMware ESX host may report a Spin count exceeded and possible deadlock in a purple diagnostic screen when a thread is attempting to execute in the critical section of code. Since it was trying to enter the critical section, the thread needed to poll a mutex for a lock prior to executing the code by conducting a spinlock operation. The thread continues to poll the mutex during the spinlock operation, but there is a certain limit of how many times it polls the mutex. For more information on Spin count exceeded errors, see Understanding a "Spin count exceeded" purple diagnostic screen (1020105).
• Type: Failed to ack TLB invalidate
Example Error: PCPU 1 locked up. Failed to ack TLB invalidate.
Description: Physical CPUs fail when trying to clear memory page tables. For more information, see Understanding a Failed to ack TLB invalidate purple diagnostic screen (1020214).
A purple diagnostic screen can also come in the form of an Exception. An Exception Handler is a computer hardware mechanism designed to handle some condition that changes the normal flow of execution (Division by Zero, Page Fault, etc). There is no trace from handlers, so you need logging to determine if handler faulted (or single step debugging). This is a list of common exceptions:
• Type: Exception 13 (General Protection Fault)
Example Error: #GP Exception(13) in world 4130:helper13-0 @ 0x41803399e303
Description: A general protection fault (Exception 13) occurs under one of the following circumstances: the page being requested does not belong to the program requesting it (and not mapped in program memory), or the program does not have rights to perform a read or write operation on the page. For more information on Exception 13 or Page Fault, see Understanding Exception 13 and Exception 14 purple diagnostic screen events (1020181).
• Type: Exception 14 (Page Fault)
Example Error: #PF Exception type 14 in world 136:helper0-0 @ 0x4a8e6e
Description: A page fault (Exception 14) occurs when the page being requested has not been successfully loaded into memory. For more information on Exception 14 or Page Fault, see Understanding Exception 13 and Exception 14 purple diagnostic screen events (1020181).
• Type: Exception 18 (Machine Check Exception)
Example Error: Machine Check Exception: Unable to continue
Example Error: Hardware (Machine) Error
Description: A Machine Check Exception (MCE) is generated by the hardware and reported by the host. Consult your hardware vendor in the event of an MCE. By evaluating the information presented, it is possible to identify the individual component reporting the error. For more information on MCE, see Decoding Machine Check Exception (MCE) output after a purple screen error (1005184).
To disable the memory Ballooning
Disable Balloon Driver
Disabling balloon drivers can be done by editing the configuration parameter of the virtual machine.
1.Power down the virtual machine.
2.Right Click the virtual machine and click Edit Settings
3.Go to Options Tab > Advanced > General
[pic]
Click on Advanced Parameters and Click Add Row and add the below name and values.
sched.mem.maxmemctl = 0 to disable the balloon driver.
[pic]
Enable the Balloon Driver
To re-enable the Balloon driver of the particular virtual machine.Browse towards the virtual Machine Configuration file that .VMX file and remove the below entry
sched.mem.maxmemctl = “0”
[pic]
Save and Exit from editing. The memory balloon driver is enabled.
HBA Drivers
The new native drivers and their predecessor are:
Emulex FC: lpfc (replaces lpfc820)
QLogic FC: qlnativefc (replaces qla2xxx)
esxcfg-scsidevs -a
It will list the HBA Card information
cd /proc/scsi/mptspi--- then type ls
2
then type head -5 2
Emulex FC HBA with Native Driver
~ # esxcli storage core adapter list
HBA Name Driver Link State
-------- ----------- ----------
vmhba1 lpfc link-up
vmhba2 lpfc link-up
Emulex FC HBA with Legacy Driver
~ # esxcli storage core adapter list
HBA Name Driver Link State
-------- ----------- ----------
vmhba1 lpfc820 link-up
vmhba2 lpfc820 link-up
QLogic FC HBA with Native Driver
~ # esxcli storage core adapter list
HBA Name Driver Link State
-------- ----------- ----------
vmhba1 qlnativefc link-up
vmhba2 qlnativefc link-up
Enable Change Block Tracking (CBT) for VMware Virtual Machine
1. Connect to your ESX/ESXi host or vCenter server using vSphere Client
2.Select a virtual Machine which is in powered off state to enable CBT
3. Right-Click the virtual Machine and select Edit Settings
4. Click on Options tab and Select General
5. Click on Configuration Parameters
[pic]
6.Click Add row and Enter the Below value
ctkEnabled = “TRUE”
[pic]
7. For each virtual disk in your virtual Machine, add the below entry
scsix:x.ctkEnabled = “TRUE”
SCSi#:#.ctkEnabled where # signs should be replaced with the controller and disk number of the disk. For example My Virtual Machine “win2k3-prod” has 2 virtual disk (VMDK) in the same controller. So i have to add the 2 entries which is matching to my controller number and disk number
[pic]
[pic]
scsi0:0.ctkEnabled = “TRUE”
scsi0:1.ctkEnabled = “TRUE”
[pic]
8. Click Ok to enable the CBT for the virtual Machine.
P2V Error: A General System Error Occur Invalid Fault for windows 2008 using VMware Converter 4.3
A General System Error Occur: Invalid Fault
[pic]
I found the below error messages from VMware Converter Worker log (vmware-converter-worker.log)located in (C:\Documents and Settings\All Users\Application Data\VMware\VMware vCenter Converter Standalone\logs)
CreateVm task failed: The device or operation specified at index ‘6’ is not supported for the current virtual machine version ‘vmx-04’.
[#11] A minimum version of ‘vmx-07’ is required for this operation to succeed.
[#11] TargetVmManagerImpl::CreateVM: Vm creation failed with fault vim.fault.DeviceUnsupportedForVmVersion
After analyzing the above error, I noticed that I have selected the VM version as 7. and also my destination ESXi hosts is version 5.0. So understood from the Web search that It is recommended to use VMware Converter version 5 when converting to ESXi 5. So, I installed VMware Converter standalone version 5.0 to start converting the same windows 2008 server and selected VM version as 8. It was completed successfully without any issues.
Failed to power on VM "Admission check failed for memory resource"
When you try to power on the virtual machine in the ESXi host configured with the lower amount of RAM. Generally the ESXi host running in the lab environment. I got the below error when try to power on the virtual machine yesterday.
“Failed to power on VM :
Could not power on VM : Admission check failed for memory resource See the VMware ESX Resource Management Guide for information on resource management settings.
Group vm.80740: Cannot admit VM: Memory admission check failed. Requested reservation: 25046 pages”
[pic]
It looks something that memory resource allocation problem. First I thought to check the resource pool settings But unfortunately, I am not using resource pools in my lab environment. After that I verified the memory information of the ESXi host in the configuration Tab -> Memory. Please refer the below snapshot. It tells me the memory available in the ESXi host for virtual machines is 1641.0 MB. So nothing bad here.
[pic]
I have only one virtual Machine named “vmwarearena” with 256 MB and also verified any virtual machine level reservation. I don’t have any.
[pic]
After that, I have moved towards the Resource allocation tab of the ESXi host to check the available memory resource in the host. Found here is the culprit, It shows only 90 MB as available capacity of Memory.
[pic]
Still you may think OK you have 90 MB available memory..Go ahead and power on but the problem is My VM “vmwarearena” has 256 MB of memory configured and with the memory overhead of 122.73 MB. SO to power on the virtual machine, i require 379 MB of memory( VM configured memory + memory overhead of the VM) i.e (256 MB +123 MB = 379 MB).
[pic]
The below steps are not supported procedure and under allocating the system resource in the production environment will create a negative impact on the performance of the host and vm’s. In a production environment, I would recommend to review the proper allocation of memory resources and to increase the memory of host to accommodate and power on the failed virtual machines.
Goto To ESXi host -> Configuration Tab-> Software -> System Resource Allocation
[pic]
Click on Advanced, You will get the below screen.
[pic]
Notice the above screenshot shows that ESXi host has 1641 MB memory reserved for the host use. I am going to reduce the memory reservation of ESXi host.
Select the node ” VIM” and under that click on “vmvisor“. vmvisor has 974 MB of memory reservation. To edit this, Click on Edit Settings.
[pic]
Reduce the Memory Reservation from 974 MB to 500 MB and click on OK. Now Memory reservation for “VMvisor” is only 500 MB.
[pic]
[pic]
[pic]
Now we have reduced the memory reservation of the host. Lets’ Try to Power on my VM “vmwarearena“.Wow!!!..It’s Powered on…..!!!!!!
How to reset a forgotten ESX server root password
1. Boot the ESX server and hit “a” when ESX boots with grub menu to edit kernel arguments.
[pic]
2.Type the command “single” and hit enter
[pic]
3.ESX will boot up and the below prompt will come up after the boot up. Type “passwd” and hit enter.
[pic]
4. Enter the new password for root and re-type the password for the confirmation
[pic]
[pic]
You will get the message “passwd: all authentication tokens updated successfully”. Reboot the ESX host to login with the newly assigned password.
Unable to power on the Server from ILO – Reset the Blade Slot in c7000 Chassis
Login to your Onboard Administrator using SSH and execute the below command
Mohammed-OA1> show server list
Bay iLO Name iLO IP Address Status Power UID Partner
— ————– ————– ————— ——– ——- –
1 Arena-ESXi-1-ilo 192.168.0.20 OK On On
2 Arena-ESXi-2-ilo 192.168.0.30 OK Off Off
3 Arena-ESXi-3-ilo 192.168.0.40 OK On Off
4 Arena-ESXi-4-ilo 192.168.0.50 OK On Off
Note down the server bay which you want to reset. I have problem the server “Arena-ESXi-2″which is bay 2. Execute the below command to reset the blade on bay 2.
reset Server 2
reset Server
Resizing VMDK size using Vmkfstools
Before proceeding with the expansion step . Let’s take a look at my virtual machine “winxp-arena” has hard disk with the provisioned size of 14 GB
[pic]
Browse towards the location of VMDK file of the particular virtual machine.In my case, /vmfs/volumes/datastore1/winxp-arena
Type ls -l to see the list of files located on the virtual machine folder and note down the vmdk name “winxp-arena.vmdk
I am going to expand my virtual machine vmdk ” winxp-arena.vmdk” from 14 GB to 20 GB i.e increasing 6 GB of additional hardisk space. Execute the below command
vmkfstools -X 20G /vmfs/volumes/datastore1/winxp-arena/winxp-arena.vmdk
Troubleshooting a non-responsive virtual machine Process
1. Login to ESX host via SSH with Root credentials
[pic]
I have an unresponsive virtual machine named “vmware-arena-vm“
[pic]
2. To find the PID of one of my virtual machine named “vmware-arena-vm“. Execute the below command
ps –ef | grep vmware-arena-vm
[pic]
3. To kill the unresponsive virtual machine “vmware-arena-vm” process . Execute the below command
[pic]
Unable to increase VM Memory (grayed out)
1. Try to remove VM from host inventory and re add.
2. Restart the management agent on the ESXi host.
1 Troubleshooting when virtual machine options are grayed out in vSphere Client (2048748)
2 Symptoms
In vSphere client, you experience these symptoms:
• Virtual machine operations are grayed out.
• You are unable to perform operations on the virtual machine.
• Menu options are grayed out when you right-click the virtual machine.
• You see the error:
Another task in progress
1 Purpose
This article provides troubleshooting steps when virtual machine options are grayed out in vSphere Client.
2 Cause
This issue occurs when:
• Permissions are not set correctly.
• There are virtual machine tasks running in the background.
• The .vmx file is corrupted.
• There are invalid arguments in the .vmx file.
3 Resolution
Note: The virtual machine must be powered off to edit the .vmx file as required.
Permissions are not set correctly
To troubleshoot this issue:
1. Ensure there are sufficient permissions on the virtual machine. In vSphere Client, select the virtual machine. Click the Permission tab. Ensure that sufficient permissions are applied to the user/group.
2. If permissions are defined at a host, cluster, datacenter or vCenter level, apply the required permissions to the user or group to edit the virtual machine settings.
There are virtual machine tasks running in the background
Virtual machine tasks that cannot be seen in the vSphere Client Tasks & Events tab or in the Recent Tasks pane may be running in the background.
To check if other virtual machine tasks are running in the background:
1. Log in to the ESXi host using SSH or on the console.
2.
vim-cmd vmsvc/getallvms
Note: Make note of the vmid for the problem virtual machine.
3. To check tasks running on the virtual machine, run the command:
vim-cmd vmsvc/get.tasklist vmid
Note: If a task is running on that virtual machine, you see output listing the tasks. For example:
(ManagedObjectReference)
['vim.Task:haTask-8-vim.VirtualMachine.createSnapshot-534613324',
'vim.Task:haTask-8-vim.VirtualMachine.powerOn-534613303']
Note: Wait for the task(s) to finish before performing operations on the virtual machine.
If there is no task running on that virtual machine, you see output:
(ManagedObjectReference) []
The .vmx file is corrupted
The .vmx file associated with the virtual machine may be corrupted. The .vmx file size displays as zero and the content may be garbled or empty. For more information,
There are blank lines or invalid arguments in the .vmx file
To check if the .vmx file contains blank lines or invalid arguments:
Caution: Take a backup of the .vmx file before modifying it.
1. Open the .vmx file using a text editor.
2. Search for any blank lines and delete them.
Note: To delete a line using vi editor, press d twice.
3. Compare the .vmx file with a working virtual machine .vmx file and see if there is any invalid arguments.
4. To apply the changes, reload the .vmx file by running the command:
vim-cmd vmsvc/reload vmid
For more information, see Tips for editing a .vmx file (1714).
Note: The default location of the .vmx file:
/vmfs/volumes/name_of_the_datastore/VM_name/VM_name.vmx
3 Powering on a virtual machine fails with the error: A general system error occurred (1006232)
1 Symptoms
• Powering on a virtual machine fails.
• When trying to power on a virtual machine, you see one or more of these errors:
o A general system error occurred. The system returned on error. Communication with the virtual machine may have been interrupted.
o Heap worldGroup could not be grown by 65536 bytes for allocation of 12288 bytes
• The progress bar may appear and get to 20%, but the machine always fails to power on.
• If there is a resource pool which has a memory reservation equal to the amount of memory installed on the ESXi host, you may see one or more of these errors:
o An unexpected error was received from the ESX host while powering on VM vm-name
o Failed to power on VM
o Could not power on VM : Out of memory
• If you restart services.sh, you may see the error:
Component sfcb-ProviderMa not running, Restarting sfcbd.
/etc/init.d/sfcbd: line 38: cannot fork
/sbin/esxcfg-advcfg: error while loading shared libraries: libvmkctl.so: failed to map segment from shared object: Error 28
/etc/init.d/sfcbd-watchdog: line 455: cannot fork
2 Resolution
The problem can be caused by one of three different issues.
2 Issue 1
The .vmx file associated with the virtual machine is corrupted.
To create a new .vmx file:
1. Create a new, custom virtual machine.
2. During the wizard, do not create a new virtual disk, but instead select Use existing disk.
3. Browse to the location of the virtual machine's virtual disk.
4. Finish the wizard.
5. If possible, view the original .vmx file and edit the new one if you wish to copy over the original MAC address entry. This may be necessary if the virtual machine's operating system licensing scheme is impacted by a MAC address change. Look for a line similar to:
ethernetN.address = "xx:xx:xx:xx:xx:xx"
3 Issue 2
Treat this issue like a hostd process that has stopped responding on the ESXi/ESX host. For more information, see Restarting the Management agents on an ESXi or ESX host (1003490).
This issue can also be resolved by reloading the virtual machine configuration on the ESXi/ESX host. To reload the virtual machine configuration, run these commands in SSH session of the host:
vmware-vim-cmd vmsvc/getallvms
(Note the vmid of the virtual machine)
vmware-vim-cmd vmsvc/reload vmid
On ESXi, substitute vim-cmd for vmware-vim-cmd.
Note: If your problem still exists after trying the steps in this article:
• Gather the VMware Support Script Data. For more information, see Collecting diagnostic information for VMware products (1008524).
• File a support request with VMware Support and note this Knowledge Base article ID in the problem description. For more information, see Filing a Support Request in My VMware (2006985).
4 Issue 3
The memory usage of an ESXi/ESX host consists of the total consumed memory by the virtual machines plus memory allocated to the resource pools.
On vCenter Server, if you highlight the virtual machine and go to the Resource Allocation tab, you see the Consumed value of the Host Memory does not take the memory reservation into account.
To power on the virtual machine, reduce the memory reservation on the associated resource pool:
• Right-click the resource pool and click Edit Settings.
• In the Memory Resources pane, reduce the memory reservation.
• Power on the virtual machine.
If the virtual machine still does not power on, check the memory reservation on the virtual machine itself:
• Right-click the virtual machine and click Edit Settings.
• Go to the Resources tab, select Memory and reduce the reservation if necessary.
Memory limit greyed out ESXI 5.5
Check the VM hardware version.
VM Memory gray out
power off the VM or else enable the hot add memory.
P2V Check list.
1. To eliminate permission issues, always use the local administrator account instead of a domain account.
2. To eliminate DNS problems, use IP addresses instead of host names.
3. Ensure that you do not choose partitions that contain any vendor specific Diagnostic Partitions before proceeding with a conversion.
4. To reduce network obstructions, convert directly to an ESX host instead of vCenter Server as the destination.
5. If a conversion fails using the exact size of hard disks, decrease the size of the disks by at least 1MB. This forces VMware Converter to do a file level copy instead of a block level copy, which can be more successful if there are errors with the volume or if there are file-locking issues.
6. Make sure there is at least 500MB of free space on the machine being converted. VMware Converter requires this space to copy data.
7. Shut down any unnecessary services, such as SQL, antivirus programs, and firewalls. These services can cause issues during conversion.
8. Run a check disk on the volume before running a conversion as errors on disk volumes can cause VMware Converter to fail.
9. Do not install VMware Tools during the conversion. Install VMware Tools after you confirm that the conversion was successful.
10. Do not customize the new virtual machine before conversion.
11. Ensure that these services are enabled:
o Workstation Service
o Server Service
o TCP/IP NetBIOS Helper Service
o Volume Shadow Copy Service
12. Check that the appropriate firewall ports are opened. For more information.
13. Check that boot.ini is not looking for a Diagnostic/Utility Partition that no longer exists.
14. If you are unable to see some or all of the data disks on the source system, ensure that you are not using GPT on the disk partitions. For more information, see VMware vCenter Converter is unable to see the disks when converting Windows operating systems (1016992).
15. In Windows XP, disable Windows Simple File Sharing. This service has been known to cause issues during conversion.
16. Unplug any USB, serial/parallel port devices from the source system. VMware Converter may interpret these as additional devices, such as external hard drives which may cause the conversion to fail.
17. If the source machine contains multiple drives or partitions and you are having issues failing on certain drives, consider converting one drive or partition at a time.
18. Verify that there are no host NICs or network devices in the environment that have been statically configured to be at a different speed or duplex. This includes settings on the source operating system, switches and networking devices between the source and destination server. If this is the case, Converter sees the C: drive but not the D: drive.
19. If you are using a security firewall or Stateful Packet Inspecting (SPI) firewall, check firewall alerts and logs to make sure the connection is not being blocked as malicious traffic.
20. If you have static IP addresses assigned, assign the interfaces DHCP addresses prior to conversion.
21. If the source server contains a hard drive or partition larger than 256GB, ensure that the destination datastores block size is 2MB, 4MB, or 8MB, and not the default 1MB size. The 1MB default block size cannot accommodate a file larger than 256GB.
22. Clear any third-party software from the physical machine that could be using the Volume Shadow Copy Service (VSS). VMware Converter relies on VSS, and other programs can cause contention.
23. Disable mirrored or striped volumes. Mirrored or striped volumes cannot be converted.
24. Verify that the VMware Converter agent is installed on the source machine. It may not be if the conversion fails right away.
25. Verify that DNS and reverse DNS lookups are working. It may be necessary to make entries into the local hosts file on source machine. Use IP addresses, if possible.
26. Run msconfig on the source server to reduce the number of services and applications running at startup. Only Microsoft services and the VMware Converter Service should be running.
27. Inject VMware SCSI drivers into the machine before conversion. Windows tries to Plug-n-Play the new SCSI Controller, and Windows may fail if the proper drivers are not installed.
28. If you customized permissions in your environment, ensure that local administrator has rights to all files, directories, or registry permissions before conversion.
29. Uninstall any UPS software. This has been known to cause issues after Conversion.
30. Ensure that you do not have any virtual mounted media through an ILO- or DRAC-type connection. Converter can misinterpret these as convertible drives, and fails upon detecting them. As a precaution, disconnect your ILO or DRAC to prevent this issue.
5 Tasks to perform after conversion has completed
After conversion has completed:
1. Review the virtual hardware settings:
o Adjust the number of virtual NICs. If you need to customize the host name or IP address, leave all NICs disconnected but present.
o Remove any unnecessary devices such as USB controllers (if running on ESX), COM ports or floppy drives
2. Start the virtual machine in Safe Mode.
3. Click Start > Control Panel > Add / Remove Programs. Remove any unnecessary programs used to install or support device drivers, such a RAID management tools, network teaming or management software, wireless card management software, and video and sound drivers. Do not restart if prompted by an uninstall program.
4. Restart the virtual machine into Normal mode.
5. Remove any additional devices or device drivers that were used to support hardware on the physical server. Use either the Device Manager or Control Panel, depending on the version of Windows, to remove unnecessary devices. It may also be necessary to view the Event Log to clear any remaining device startup failure messages.
6. VMware recommends changing the HAL in the virtual machine to uniprocessor if the source server is configured with multi-CPU hardware abstraction layer (HAL), and the destination virtual machine is configured to use a single CPU. For more information, see Modifying the Hardware Abstraction Layer (HAL) for a Windows virtual machine (1003978).
7. Install VMware Tools and restart if prompted.
8. If required, customize the virtual machine's identity. VMware recommends using the Microsoft Sysprep utility to accomplish this, however it can also be accomplished by manually changing its computer host name, IP address, and any other required unique identification. For more information, see Microsoft's article How to Use Sysprep: An Introduction.
Note: The preceding link was correct as of November 21, 2014. If you find the link is broken, provide feedback and a VMware employee will update the link.
9. If the System Configuration Utility(msconfig) was used prior to conversion, select the Normal startup option to change switch back to a normal boot configuration. For more information, see Using the Windows System Configuration utility (1004010).
10. Apply any previously removed static IP address settings, as required.
11. Reconnect any disconnected virtual NICs, as required.
6 Troubleshooting a converted virtual machine that fails to boot
To troubleshoot a converted virtual machine that fails to boot:
1. Avoid load balancers between the source and destination.
2. If a virtual machine experiences a blue screen error after conversion, run a repair.
3. If a virtual machine fails with a STOP 0x1E error, see the Microsoft Knowledge Base article 828514.
Note: The preceding link was correct as of December 11, 2012. If you find the link is broken, provide feedback and a VMware employee will update the link.
4. Toggle between using Bus Logic and LSI Logic as the Virtual SCSI controller.
For more information, see Troubleshooting a virtual machine converted with VMware Converter that fails to boot with the error: STOP 0x0000007B INACCESSIBLE_BOOT_DEVICE (1006295).
7 Troubleshooting a Conversion that fails at 2% or below
To troubleshoot a conversion that fails at less than 2%:
1. Use a local administrator account.
2. Use IP addresses and verify DNS entries.
3. Check firewall settings.
4. Make sure the Converter agent is installed on the source machine.
5. Verify network adapter settings for speed and duplex.
8 VMware Converter logs
There are also several ways to diagnose issues by viewing the VMware Converter logs. The logs can contain information that is not apparent from error messages. In newer versions of VMware Converter, you can use the Export Log Data button. Otherwise, logs are typically stored in these directories:
• Windows NT, 2000, XP, and 2003:
o C:\Documents and Settings\All Users\Application Data\VMware\VMware Converter Enterprise\Logs
o C:\WINDOWS\Temp\vmware-converter
o C:\WINDOWS\Temp\vmware-temp
• Windows Vista, 7, and 2008:
o C:\Users\All Users\Application Data\VMware\VMware Converter Enterprise\Logs
• Windows 8 and Windows 2012:
o C:\ProgramData\VMware\VMware vCenter Converter Standalone\logs
•
o
Note: In order to access this location in Windows Vista, 7, or 2008, you may need to go into the folder options and ensure that Show Hidden Files is enabled and that Hide Protected Operating System Files is disabled.
o C:\WINDOWS\Temp\vmware-converter
o C:\WINDOWS\Temp\vmware-temp
• Windows NT and 2000:
o C:\WINNT\Temp\vmware-converter
o C:\WINNT\Temp\vmware-temp
4 Required VMware vCenter Converter ports (1010056)
1 Symptoms
You may receive these errors, which can indicate blocked ports:
• Unable to contact the specified host
• The host is not available, there is a network configuration problem, or the management services on the host are not responding
• Failed to connect to peer
• Error: Failed to connect to server
• The operation failed
• Incorrect user credentials
• Unable to SSH to the source machine
• Please check if a firewall is blocking access to the SSH daemon on the source machine
• Failed to clone the volume
• Unable to connect
• FAILED: The request refers to an unexpected or unknown type
• Failed to connect ISO image to remote VM
• FAILED: unable to obtain the IP address of the helper virtual machine
• ssh: Could not resolve hostname
• Name or service not known
• FAILED: An error occurred during the conversion
• Unable to obtain IP addresss of helper virtual machine
• A general system error occurred: unknown internal error
2 Purpose
This article describes the ports required to be open for VMware vCenter Converter.
Following the article and ensuring the ports are open ensures that common firewall configurations in your environment are compatible with Converter.
3 Resolution
VMware vCenter Converter fails if one or more required ports are blocked. Follow the section that matches your conversion scenario.
In this article, these terms are used:
|Source computer |The physical or virtual machine that is being converted. |
|Converter server |The server portion of VMware vCenter Converter. In a typical installation, both the Converter server and Converter |
| |client are installed at the same location. By default, this is the installation method that is used. |
|Converter client |The client portion of VMware vCenter Converter. In a custom installation, the Converter client can be installed to a |
| |different computer than the Converter server. |
|VirtualCenter |The VirtualCenter computer that is being used as the conversion destination, if such was chosen. |
|ESX |The VMware ESX host that is being used as the conversion destination, if one is chosen, or the ESX host that is |
| |hosting the target virtual machine. |
|Fileshare path |The path to a virtual machine's .vmx file, if the source is an existing or standalone virtual machine, or the path to|
| |a directory if the destination is to be a standalone virtual machine. |
|Standalone virtual |A virtual machine that is being managed by a VMware product other than VMware ESX. |
|machine | |
|Helper virtual machine|When converting a powered on Linux operating system (P2V), this is the target virtual machine that is being used |
| |temporarily for the purpose of copying files from the source computer. It uses the TCP/IP information that is entered|
| |in the Converter wizard for the target virtual machine. Ensure that this IP address can communicate directly with the|
| |source computer. |
Notes:
• If you perform a corrective action, determine if the problems initially encountered are still being experienced.
• To test port connectivity, do so from a command or shell prompt. For more information, see Opening a command or shell prompt (1003892).
• To test TCP port connectivity use the telnet command. For more information, see Testing port connectivity with Telnet (1003487).
• To test UDP port connectivity from Linux or MacOS use the traceroute command. For more information, see a traceroute man page.
• To test UDP port connectivity from Windows use the Portqry utility. For more information, see the Microsoft Knowledge Base article 310099.
• For powered-on Windows conversions to vCenter destinations, Proxy Mode feature in Converter 6.0 is introduced. By selecting this option, no direct connectivity is required from the source machine to the destination ESX host.
Note: The preceding links were correct as of March 15, 2009. If you find a link is broken, provide feedback and a VMware employee will update the link.
Converting a powered on Windows operating system (P2V)
|Source |Destination |TCP Ports |UDP Ports|Notes |
|Converter |Source computer |445, 139, |137, 138 |If the source computer uses NetBIOS, port 445 is not required. If NetBIOS is |
|server | |9089 or9090 | |not being used, ports 137, 138, and 139 are not required. If in doubt, ensure |
| | | | |that none of the ports are blocked. |
| | | | |Port 9089 is used for Converter Standalone versions,and 9090 isused for the |
| | | | |Converter plugin. |
| | | | | |
| | | | |Note: Unless you have installed Converter server to the source computer, the |
| | | | |account used for authentication to the source computer must have a password, |
| | | | |the source computer must have network file sharing enabled, and it cannot be |
| | | | |using Simple File Sharing. |
|Converter |VirtualCenter |443 | |Only required if the conversion target is VirtualCenter. |
|server | | | | |
|Converter |Converter server |443 | |Only required if a custom installation was performed and the Converter server |
|client | | | |and client portions are on different computers. |
|Source computer|ESX/ESXi |443, 902 | |If the conversion destination is vCenter Server, only port 902 is required from|
| | | | |the source to the ESX/ESXi hosts. |
Converting a powered on Linux operating system (P2V)
Note: These are the default ports. If custom ports were used when installing vCenter Server, these will need to be changed to match your environment.
|Source |Destination |TCP Ports|Notes |
|Converter server |Source computer |22 |The Converter server must be able to establish an SSH connection with the source computer.|
|Converter client |Converter server |443 |Only required if a custom installation was performed and the Converter server and client |
| | | |portions are on different computers. |
|Converter server |VirtualCenter |443 |Only required if the conversion target is VirtualCenter. |
|Converter server |ESX/ESXi |443, 902,|If the conversion destination is vCenter Server, only port 902 is required from the source|
| | |903 |to the ESX/ESXi hosts. |
|Converter server |Helper virtual |443 | |
| |machine | | |
|Helper virtual |Source computer |22 |The helper virtual machine must be able to establish an SSH connection with the source |
|machine | | |computer. By default the helper virtual machine gets its IP address assigned by DHCP. If |
| | | |there is no DHCP server available on the network chosen for the target virtual machine you|
| | | |must manually assign it an IP address. |
Converting an existing virtual machine (V2V)
Note: These are the default ports. If custom ports were used when installing vCenter Server, these will need to be changed to match your environment.
|Source |Destination |TCP Ports|UDP Ports|Notes |
|Converter server|Fileshare path |445, 139 |137, 138 |This is only required for standalone virtual machine sources or destinations. |
| | | | |If the computer hosting the source or destination path uses NetBIOS, port 445 is |
| | | | |not required. If NetBIOS is not being used, ports 137, 138, and 139 are not |
| | | | |required. If in doubt, ensure that none of the ports are blocked. |
|Converter client|Converter server |443 | |Only required if a custom installation was performed and the Converter server and |
| | | | |client portions are on different computers. |
|Converter server|VirtualCenter |443 | |Only required if the target is VirtualCenter. |
|Converter server|ESX/ESXi |443, 902 | |If the conversion destination is vCenter Server, only port 902 is required from the|
| | | | |source to the ESX/ESXi hosts. |
• You see one of these messages in a VMware Converter log file:
• Failed to establish Vim connection
• Import host not found
• P2VError UFAD_SYSTEM_ERROR(Internal Error)
• Pcopy_CloneTree failed with err=80
• The file exists (80)
• Failed to connect
• Giving up trying to connect
• Failed to take snapshot of the source volume
• stcbasic.sys not installed or snapshot creation failed. err=2
• Can't create undo folder
• sysimage.fault.FileCreateError
• sysimage.fault.ReconfigFault
• sysimage.fault.PlatformError
• Number of virtual devices exceeds maximum for a given controller
• TooManyDevices
• QueryDosDevice: ret=270 size=1024 err=0
• Error opening disk device: Incorrect function (1)
• Vsnap does not have admin rights
• Specified key identifier already exists
• vim.fault.NoDiskSpac
2 Notes and preparation for conversion
To prepare for conversion:
1. If the source is a domain controller, special considerations must be made. VMware does not recommend virtualizing an active domain controller with Converter. For more information, see Virtualizing existing domain controllers (1006996).
2. If the source is Microsoft Exchange, SQL, or other database server, VMware recommends that the application (Microsoft Exchange/SQL) and database services be shut down prior to conversion. This minimizes any chance of corrupted database tables or stale data in the destination virtual machine.
3. Disable the real-time antivirus scanning during the conversion.
4. Read the VMware Converter Release Notes. The release notes review important limitations or issues that may affect the conversion process.
5. Verify that you are using or have downloaded the latest version of VMware Converter.
If you have previously installed or attempted a conversion with an earlier version of VMware Converter, a previous version may still be installed.
a. Uninstall VMware Converter from the source computer:
i. Click Start > Control Panel > Add / Remove Programs or Programs and Features depending on the Operating System.
ii. Uninstall any version of VMware Converter, Converter agent, or Converter Enterprise.
b. Restart the server.
c. Install the latest version of VMware Converter using the local Administrator account. If you are going to use the remote hot clone feature you may choose a custom installation to only install the Converter Agent.
d. If the server is running Windows 2000 or Windows NT, you must restart the server or Converter does not start.
6. Install VMware Converter directly to the source operating system using the local Administrator account. If the source server is running Windows NT or Windows 2000, you must reboot it after installing VMware Converter or Converter does not start.
Note: In some cases, a domain administrator account may be used depending on your environment, local and group policies, and account permissions.
7. If the NIC on the source machine is compatible with TOE (TCP Offload Engine), you need to disable it by running this command in a command prompt on the source machine:
netsh int tcp set global chimney=disabled
For additional information, see the Microsoft Knowledge Base article 951037.
Note: The preceding link was correct as of November 21, 2014. If you find the link is broken, provide feedback and a VMware employee will update the link.
8. Confirm that the source has 200 MB of free disk space on its system volume. This space is required to operate the disk snapshot features in Converter. For more information, see Investigating operating system disk space (1004007).
Note: It is possible to separate the source partitions in different destination volumes during the conversion.
9. Run VMware Converter as a local administrator. Using a local administrator account removes any possible permissions issues. If you are performing a remote conversion, be sure to specify the login user as the Administrator account.
Note: In some cases a domain administrator account may be used depending on your environment, local and group policies, and account permissions.
10. Run the System Configuration Utility(msconfig) on the source server to reduce the number of services and applications running on startup, all software except for All Microsoft Services and VMware Converter Service. For more information, see Using the Windows System Configuration utility (1004010).
11. If you have static IP addresses assigned, assign the interfaces DHCP addresses prior to conversion, if possible.
12. If the source is a virtual machine created in Microsoft Virtual PC, remove the Virtual PC Additions, prior to conversion.
13. If the destination is an ESX host:
a. Connect to the server using its IP address instead of DNS host name. Using the host name of the ESX host may expose issues with DNS name resolution that can prevent the Converter from connecting.
b. Confirm that the source server can access the destination ESX host directly using ports 443 and 902, even if using VirtualCenter. For more information, see Verifying and troubleshooting networking connections that may cause VMware Converter to fail (1006607).
c. Authenticate to the ESX host using the root account.
d. If the source server contains a hard drive or partition larger than 256GB, ensure that the destination datastore's block size is 2MB, 4MB, or 8MB, and not the default 1MB size. The 1 MB default block size cannot accommodate a file larger than 256 GB. The block size is no longer used on a VMFS 5 datastore connected to an ESXi 5.0 Host.
e. Confirm that you are providing a unique name for the target virtual machine. Use the Virtual Infrastructure (VI) client to confirm that the name is not already in use.
3 Optimizing the conversion for best success
To set up conversion for the best success:
If you are encountering failures with Converter, reduce the number of optional items in the Conversion Wizard:
• Do not convert diagnostic partitions or unrecognized file systems.
• If you are experiencing cloning phase failures, do not choose to resize the partitions.
• If there are multiple volumes, attempt converting only the system volume.
• If you are experiencing network or Ethernet issues, trying using a different network type. For more information, see Understanding networking types in hosted products (1006480).
• Leave the default number of virtual network cards (NICs) unaltered. The number of virtual NICs can be changed after conversion has completed.
• Deselect the option to install VMware Tools.
• Deselect the option to perform Customization on the virtual machine.
5 P2V conversion using VMware Converter fails with the error: Unable to find the system volume, reconfiguration is not possible (1037507)
1 Symptoms
• Cannot perform a P2V conversion using VMware Converter.
• During a P2V conversion, Converter fails at 96%.
• You see the error:
Unable to find the system volume, reconfiguration is not possible.
• In the vmware-converter-worker-#.log file, you see entries similar to:
[#8] [2011-04-03 info 'App'] [,0] Error 13 reading Element value from key mntApi355069955430142598\Objects\{9dea862c-5cdd-4e70-acc1-f32b344d4795}\Elements\24000001
[#8] [2011-04-03 info 'App'] [,0] Error 13 reading Element value from key mntApi350180466530142598\Objects\{9dea862c-5cdd-4e70-acc1-f32b344d4795}\Elements\24000001
[#8] [2011-04-03 info 'App'] [,0] Unloaded hive mntApi350180466530142598
[#8] [2011-04-03 error 'task-8'] [GetMntapiOsInfo] Got an error getting MNTAPI OS information
2 Cause
This issue occurs when converting a physical machine that uses Boot Configuration Data or BCD (Windows Vista, 7, Windows Server 2008, Windows Server 2008 R2). In this case, the physical machine may have some type of system, hidden, or recovery partition that results in inaccurate BCD configuration data after the conversion and causes the virtual machine reconfiguration process to fail. BCD issues can be addressed by rebuilding automatically using the bootrec command or by editing the BCD stores using the bcdedit command.
3 Resolution
To resolve this issue:
1. Import the virtual machine to vCenter Server.
2. Boot the virtual machine from the correct Microsoft Windows installation media (Correct architecture and version of the operating system).
3. Select the appropriate keyboard layout and language options and click Next.
4. Click Repair your computer.
5. Select the operating system to be repaired and click Next.
6. Click Start > Run, type cmd and click OK.
7. Type bcdedit and press Enter.
8. Under the Windows Boot Manager title with the identifier set to {bootmgr}, you may see that the device is set to boot. Similarly, under the Windows Boot Loader with the identifier set to {default}, you may see that the device and osdevice are set to boot. These items should be set properly for your environment. Usually these appear as partition=C:. In some cases the {default} identifier may have them set to partition=D:.
Run these commands to correct the configuration:
Note: bcdedit is located in this path: c:\windows\system32.
bcdedit /set {bootmgr} device partition=C:
bcdedit /set {default} device partition=C:
bcdedit /set {default} osdevice partition=C:
9. Type exit at the command prompt and select Shutdown.
10. Try to reconfigure using VMware Converter. The reconfigure should now complete successfully. If it fails again, repeat Steps 1 to 7 and then run these commands to set the default device to partition=D::
bcdedit /set {bootmgr} device partition=C:
bcdedit /set {default} device partition=D:
bcdedit /set {default} osdevice partition=D:
Note: The D: partition is used as an example. You can use any available drive letter.
Note: If, after running the preceding bcdedit commands, the virtual machine boots and then fails with a blue screen, perform these steps to resolve the issue:
1. Boot the virtual machine from the Windows 2008 ISO.
2. Load the Recovery Console.
3. Click Start > Run, type regedit, and click OK. The Registry Editor window opens.
4. Click HKEY_LOCAL_MACHINE (HKLM) and then click Menu > File > Load Hive.
5. Browse to C:\Windows\system32\config and select the file SYSTEM.
6. When prompted for a name enter p2v.
7. Locate the key HKLM\p2v\ControlSet001\services\LSI_SAS.
8. Set the value of the start type to REG_DWORD 0.
9. Select HKLM\p2v and click Menu > File > Unload Hive.
10. Close Registry Editor and restart the virtual machine.
What Is P2V?
P2V is the term used for creating a new virtual server containing the operating system, applications and data copied over from an existing physical server. It refers to the process and/or technology used to perform the conversion.
Why Would I Want to P2V?
The virtual infrastructure doesn’t just provide a platform for newly deployed servers – it also offers the opportunity to dramatically reduce your server room requirements by phasing out legacy hardware. Less datacenter space, reduced power consumption, not to mention less hardware to maintain and repair – all reduce costs and better for the environment.
Give a brief description of each of the features available on a vDS that are not available on a vSS?
■ Inbound traffic shaping: A port group setting that can throttle or control the aggregate bandwidth inbound to the switch. This might be useful for a port group containing VMs that are being used a web servers. vSS has outbound traffic shaping features only.
■ VM network port block: Specific ports can be configured as “blocked” for a specified VMs use. This might be helpful for troubleshooting or for advanced configurations.
■ Private VLANs: This is a vSphere implementation of a VLAN standard that is available on the latest physical switches. With regard to vSphere, private virtual local-area networks (PVLANs) can be created in the vSphere that are only used in the vSphere and not on your external network. In essence, a PVLAN is a VLAN within a VLAN. In addition, the PVLANs in your vSphere can be kept from seeing each other.
■ Load-based teaming: You can configure network load balancing in a much
more intelligent fashion than with vSSs, by enabling the system to recognize the current load on each link before making frame forwarding decisions. This could be useful if the loads that are on each link vary considerably over time.
■ Datacenter-level management: A vDS is managed from the vCenter as a
single switch from the control plane, even though many hosts are connected to each other at the I/O plane. This provides a centralized control mechanism and guarantees consistency of configuration.
■ Network vMotion: Because a port group that is on a vDS is actually connected to multiple hosts, a VM can migrate from one host to another without changing ports. The positive effect of this is that the attributes assigned to the port group (such as security, traffic shaping, and NIC teaming) will migrate as well.
■ vSphere switch APIs: Third-party switches have been and are being created that can be installed in the control plane. On switches such as the Cisco Nexus 1000v, the true essence of the switch is installed into the vCenter as a virtual appliance (VA).
■ Per-port policy settings: Most of the configuration on a vDS is at the port group level, but it can be overridden at the individual port level. This allows you tremendous flexibility with regard to port settings such as security, traffic shaping, and so on.
■ Port state monitoring: Each port on vDS can be managed and monitored independently of all other ports. This means that you can quickly identify an issue that relates to a specific port.
■ Link Layer Discovery Protocol: Similar to Cisco's, Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP) enables vDSs to discover other devices such as switches and routers that are directly connected to them. The advantage of LLDP is that it is an open protocol which is not proprietary to Cisco.
■ User-defined network I/O control: You can set up a quality of service (QoS) (of a sort), but instead of defining traffic paths by protocols, you can define the traffic paths by types of VMware traffic. In earlier versions of vDSs, you could define traffic as vMotion, Management, and others, but now you can define your own categories. This adds to flexibility in network control and design.
■ NetFlow: You can use the standard for traffic monitoring, NetFlow, to monitor, analyze, and log traffic flows in your vSphere. This enables you to easily monitor virtual network flows with the same tools that you use to monitor traffic flows in the physical network. Your vDS can forward NetFlow information to a monitoring machine in your external network.
■ Port Mirroring: Most commonly used with intrusion detection systems (IDSs) and intrusion prevention systems (IPSs), port mirroring provides for a copy of a packet to be sent to a monitoring station so that traffic flows can be monitored without the IPS/IDS skewing the data. Port mirroring is new to vSphere 5.0 vDSs.
What is vDS Total Ports and Available ports?
With vSphere Standard Switches, the VMkernel reserved eight ports for its own use, creating a discrepancy between the total number of ports listed in different places. When looking at a vDS, you may think the same thing is true — a vDS with two hosts will have a total port count of 136, with only 128 ports remaining. Where are the other eight ports? Those are the ports in the "vDS Uplink" port group, reserved for uplinks.
For every host added to a vDS, another four ports (by default) are added to the vDS Uplinks port group. So, a vDS with three hosts would have 140 total ports with 128 available, a vDS with four hosts would have 144 total ports with 128 available, and so forth.
If a value other than four was selected as the maximum number of uplinks, then the difference between total ports and available ports would be that value times the number of hosts in the vDS.
vDS vSS
2 Hosts =128+(4X2)=136 Maximum Port per vSwitch 4096
3 Hosts=128+(4X3)=140 Maximum Port per Host 4096-8
4 Hosts=128+(4X4)=144 =4088
4 What is the difference between an online P2V conversion and an offline P2V conversion?
An online P2V conversion creates a consistent point-in-time copy of local NTFS volumes and data of Volume Shadow Copy Service (VSS)–aware applications. P2V essentially plays the role of VSS backup requester. Online P2V provides a method for cloning a source machine with minimal interruption of service on the source machine. The computer continues to perform the tasks that it is expected to perform during normal operations.
During an offline P2V conversion, the computer is rebooted into a different operating system, Vista WinPE, to take a consistent image of the source machine. Offline P2V is a more appropriate method for migrating a physical computer to a virtual source machine to a virtualized environment when you want to avoid any potential data loss or you need to merge any changes that occur on the source machine during the conversion with the data on the new virtual machine.
Offline P2V is the default mode for converting source machines with the Windows Server 2000 operating system. It is the only method to reliably convert an Active Directory domain controller or a source machine that contains FAT volumes.
5 Can I perform a P2V conversion on an Active Directory domain controller?
Yes. You can perform an offline P2V conversion on a domain controller. Performing the conversion offline helps avoid potential Active Directory USN rollback issues during the process. For more information about offline P2V conversions, see P2V: Converting Physical Computers to Virtual Machines in VMM.
6 Can I run more than one P2V process simultaneously on the same VMM server?
Yes. VMM does not limit the number of P2V processes that can be run simultaneously by using the Convert Physical Server Wizard or the New-P2V cmdlet.
7 What protocols are used to communicate between computers during a P2V conversion?
During a P2V conversion, the participating computers communicate over the following protocols:
• Destination host and the source computer: HTTPs
• VMM server and the P2V agent on the source computer: WMI
• VMM server and the destination host: WS-Management (formerly known as Windows Remote Management or WinRM)
8 How can I tell the status of a P2V conversion?
You can view the P2V status by clicking the Jobs tab at the bottom left of the Administrator Console, clicking the job at the top, and then viewing the results of the running job on the lower right.
9 Does VMM convert VMware virtual machines?
Yes. P2V can convert physical computers or virtual machines presented as physical entities. You can specify the machine name of a running VMWare virtual machine and run P2V. You can also run a virtual machine to virtual machine (V2V) conversion on a shut down VMware virtual machine. Before you convert a VMware virtual machine to Hyper-V, regardless of the method that you use, you must uninstall VMware Tools on the guest operating system of the virtual machine. (You must also remove VMware Tools before you convert a VMware virtual machine to a Virtual Server virtual machine.) For more information, see V2V: Converting a Virtual Machine to a VMM Virtual Machine.
10 Can I uninstall updates within a virtual machine after a P2V conversion?
No, you should not uninstall updates within the virtual machine after a P2V operation. Treat virtual machines like physical computers and keep them up-to-date with the latest updates.
11 Can I perform P2V conversions on one or all of the physical nodes of an existing Microsoft cluster?
You cannot perform a P2V conversion to convert a failover cluster to a guest cluster. VMM does not recognize a failover cluster as a P2V source if you specify a cluster name or node name for a P2V conversion. To create a guest cluster, you can perform a P2V conversion on each individual cluster node by using VMM and then manually configure the failover cluster of the resultant virtual machines by using cluster management tools. For more information about offline P2V conversions, see P2V: Converting Physical Computers to Virtual Machines in VMM.
12 Does VMM automatically install VM Additions or Hyper-V Integration Components during the P2V process?
Yes.
13 During the P2V process, is data transferred directly from the source computer to the destination host or does it go through the VMM computer?
Data is transferred directly between the source computer and the destination host over HTTPs. Machine configuration and P2V parameters are exchanged between the source computer and VMM over WMI.
14 Does VMM resize disks during P2V conversions?
If a volume is in NTFS format and you select the default Dynamic setting for the disk, the P2V process only copies data from the volume. The physical size of the resulting virtual hard disk is very close to the space used on the original volume.
15 Does VMM P2V support third-party boot loaders?
Not at this time.
16 How can I perform an offline P2V in an environment where there is no DHCP server or where NETBIOS communication is not enabled?
You can choose the Static IP configuration option in the Convert Physical Server Wizard to provide a static IP address. VMM will customize the WinPE image before deploying it to the source computer. When the source computer is restarted, VMM will configure the IP stack on WinPE according to the user's preferences instead of using DHCP to acquire the IP address.
17 If there is a port conflict, is it possible to change a P2V port from the default setting of TCP 443?
Yes. To change the P2V port, perform the following tasks:
1. Create the following registry key: HKLM\Software\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings\P2VBITSTcpPort of the type DWORD.
2. Enter the number of the port that you want to use on the VMM server. The port number must be smaller than 32768.
3. Restart the VMM service, and then try again.
6 Virtual-to-Virtual (V2V) Conversions
This section provides answers to common questions about virtual-to-virtual conversions, known as V2V conversions.
1 Does VMM automatically install VM Additions or Hyper-V Integration Components during the V2V process?
Yes.
2 Can VMM perform a V2V conversion on a VMware virtual machine that has checkpoints (has differencing disks)?
No. See the source computer requirements in the “Source Virtual Machines” section, earlier in this topic.
3 Is it possible to perform a V2V conversion on a virtual machine with a Linux operating system?
Yes. VMM can convert a VMware VMDK to a VHD and the VMware virtual machine configuration (VMX) to VMC for Virtual Server or XML for Hyper-V. However, if the operating system is not in the list of supported operating systems, VMM will not have information to perform the fix-up stage, including the installation of the drivers compatible with the hardware presented by the virtualization platform on the destination host.
4 Can VMM perform a V2V conversion on a VMware virtual machine that has its data on an RDM (raw device mapping) disk?
No. See the source computer requirements in the “Source Virtual Machines” section, earlier in this topic.
7 Virtual to Physical (V2P) Conversions
This section provides answers to common questions about virtual-to-physical conversions, known as V2P conversions.
1 Can VMM 2008 perform virtual to physical conversions?
No. virtual to physical conversions (V2P) are not supported in VMM 2008.
[pic]
-----------------------
C
B
A
Shared Storage.
ESX2
B
C
A
ESX 1
[Type the document title]
[Type the document subtitle]
[Type the abstract of the document here. The abstract is typically a short summary of the contents of the document. Type the abstract of the document here. The abstract is typically a short summary of the contents of the document.]
[Year]
[Type the author name]
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- getroman com reviews
- acurafinancialservices.com account management
- acurafinancialservices.com account ma
- getroman.com tv
- http cashier.95516.com bing
- http cashier.95516.com bingprivacy notice.pdf
- connected mcgraw hill com lausd
- education.com games play
- rushmorelm.com one time payment
- autotrader.com used cars
- b com 2nd year syllabus
- gmail.com sign in