RSS

Category Archives: vSphere

Hyper-divergence and Datrium (@DatriumStorage)

This monday I had briefing with Datrium. They have a tag line of “Open Convergence”. I was grasping for a snappy title for this post as lead into writing about what they do. As ever my contrarian brain hit about the opposite of convergence which is divergence. I kind of like “hyper-divergence” because for me in away it describes the fact that despite the massive growth in the “hyper-convergence” marketplace – there persist radically different approaches to “getting there”. Both in the method of consumption (build your own VSAN Vs the ‘appliance’ model) and also the architecture (shared storage accessible directly from a hypervisor kernel (VSAN), a “controller” VM which shares out the storage back to the hypervisor (Nutanix)). I think Datrium and the recently announced NetApp HCI are delivering yet more options on both the consumptions/architecture front.

Read the rest of this entry »

 

Posted by on June 21, 2017 in HCI, vSphere

Comments Off on Hyper-divergence and Datrium (@DatriumStorage)

Reading the Runes with Runecast Analyzer

A runestone is typically a raised stone with a runic inscription, but the term can also be applied to inscriptions on boulders and on bedrock. The tradition began in the 4th century and lasted into the 12th century, but most of the runestones date from the late Viking Age. Most runestones are located in Scandinavia, but there are also scattered runestones in locations that were visited by Norsemen during the Viking Age. Runestones are often memorials to dead men. Runestones were usually brightly coloured when erected, though this is no longer evident as the colour has worn off.

https://en.wikipedia.org/wiki/Runestone

Introduction:

This week I was fortunate to have a briefing with Stan Markov (VCDX #74 and VCI), the CEO of Runecast. In case you don’t know Runecast Analyzer is a tool that gathers info from your vSphere environment and compares it to the VMware KB, Best Practices and the Security Hardening guide. The idea is it makes you proactively act on what it discovers to reduce the time spent reactively acting to events as they happening – in that typical “firefighting manner”.

Typically, we are so busy in the IT world we tend to respond to situations as they arise, and hope that by following design best practice we reduce these events to a minimum. In recent years a number of software vendors have been developing tools to break this cycle of behavior. Despite bold attempts to “automate all the things”, you’d be surprised how many people still are using a combination of Excel spreadsheets and Googling to both keep a track of changes, or respond to new issues as VMware finds them. And, of course, those pesky things called “default settings” that often are left as is, and never reviewed.

When the poop hits the fan such admins are forced into “Cutting and Pasting” cryptic log entries into Google, in the hope that a narrowly defined string will reduce the long list of false positives – it’s become a skill in it’s own right, scrolling through search results and translating the verbiage of KB articles to see if it answers your problem. And I can speak of situations first hand where I’ve had to “stitch together” KB articles to fix an issue. It’s this sort of first-hand pain that the folks at Runecast are addressing.

I was given an NFR license for a year (thank you) and spent yesterday getting my lab environment up and running to ingest their offer. I spent most my time making the lab work again replacing my expired vSphere license! The Runecast Analyzer appliance (in a OVF format) took less time to setup, than it did to download. I pointed at it my vCenter and I was up and running.

Note: As with any lab based evaluation I used my administrator@vsphere.local account. Runecast say a read-only account will cover about 90% of the analysis, but there are some higher-level privileges required to collect 100% of the data needed.

As you might gather with the lab being down for more than a year, it’s not been patched in ages, and also I’ve never bothered with any security hardening. So my results will not be reflective of most production environments (or will it?). As you’ve probably gathered, Runecast Analyzer is an on-premises appliance, and although it pulls data down from Runecast Central Repository, which in turn keeps a track on the VMware KB, nothing is pushed out of your environment. Runecast Analyzer does support offline patch-management for those people who require an air gap between themselves and the outside world for compliance purposes.

Read the rest of this entry »

 

Posted by on June 2, 2017 in vSphere

Comments Off on Reading the Runes with Runecast Analyzer

Altaro VM Backup V7 Released

Download the 30-day trial: http://www.altaro.com/vm-backup/download.php
Product Info: http://www.altaro.com/vm-backup/

Hi there, and thanks for reading this blog post about Altaro VM Backup. I was asked by the guys at Altaro to take a look at their latest release. I said yes, and I also managed to persuade Altaro to make a donation to the charity (aquabox.org) who I’m volunteering for whilst I look for a new role. So firstly, a big thank you goes out to Altaro for agreeing to this arrangement. I think its setup that works well for all. Altaro gets exposure to their new offering; I get stick time with a product that’s new to me – and a good cause benefits as well. I managed to raise £280 for Aquabox. If you want to donate to Aquabox as well click the logo!

Lets start with some basic facts. Altaro has won a number of pludits from the reviewers on Spiceworks and VirtualizationAdmin.com. Their Altaro VM Backup software can backup both VMware vSphere as well as Microsoft HyperV, so is handy for those people working in a hybrid environment. It’s licensed on a per-host basis, not per-socket or CPU, so customers who go for a high-density consolidation ratios (the number of VMs per hosts) are really going to benefit from a licensing perspective. It’s chocked full of all the features you would normally expect from any enterprise backup system. Altaro VM Backup is fully compatible with Microsoft VSS, and that means you will get a consistent backup from those tricky customers like Microsoft SQL. The software is granular enough to restore individual files and emails from within a virtual machine backup. Finally, a number of backup targets are supported including USB External Drives and Flash Drives eSata External Drives, File Server Network Shares (via UNC), NAS devices (via UNC), RDX Cartridges – as well as the Offsite Altaro Backup Server with WAN acceleration. In my own case I pointed my simple Altaro Server to my local NAS box that already had backup shared out accessible to Microsoft Windows, the same NAS is visible to my VMware ESXi hosts on the same network using NFS.

The Setup

As you might expect the setup routine was a relatively trivial affair, and indeed the software itself does a good job of walking you through the 3-step routine to provide the core details need to do your first test backup – this means adding your VMware vCenter, individual VMware ESXi Hosts or Microsoft Hyper-V Hosts.

Each of these stages has a ‘test connection’ component before you proceed, tha you can see in this screen grab below:

The next stage is adding your storage options for carrying out the backup itself. You can opt for a directly connected device, or for a remote location supported by UNC. In my case my Altaro VM Backup Server was a Windows 2012 R2 virtual machine, with access to my remote NAS.

As you can see once a backup target has been added its simply a case of dragging and dropping a VM to that target. From this point onwards most of the admin tasks are of a drag-and-drop variety – dragging VMs to predefinied schedules and retentention policys, so you can control the frequency of backups, and hold old backups are disgarded. As my lab has been offline for a year, I don’t really have that many VMs to backup, except of course the infrastructure VMs that make up the lab itself. So I decided to backup these VMs as a matter of course.

What’s New

The V7 Edition boasts a number of new features. The first is “Augmented Inline Deduplication”. This decreases the time it takes to both take and restore a backup. It creates the smallest backup size, and doesn’t require you to group VMs together to get the benefits. The fact that its inline means the deduplication process isn’t run as a post-backup process. This is important because the storage savings that deduplication brings mean little in real terms if you still need the temporary space required to carry out the backup. By definition backups often mean backing up the same bit of data that repeats itself in different VMs over and over again, and this deduplication cancels out bloat in backups.

Altaro have published blogs that explain this augmented deduplication process. This blogpost is a centred around Hyper-V and they have a very similar one for VMware as well. Calculating the upfront exact amount of potential savings any customer will get from any dedupe process is difficult. However, the Altaro VM Backup Dashboard does a good job of showing those dedupe and compression savings.

Also new to V7 is “Boot from Backup”, it’s the ability to power on a VM directly from the source backup. Typically, this means a network location like a CIFS/NFS server share/export is mounted directly to the hypervisor and powered on. That means the IO performance will be constrained by the disk capabilities of the system backing it. Remember this is merely away of getting the VM up and running in the shortest possible time. In most cases the availability issue trumps any short-term performance hit, because it’s the clever stuff going on in the background that matters. In the background the restore process is continuing – once the restore process has completed, all you need to do is schedule a small maintenance window to shutdown the “boot from backup” and replace it with the restored copy. As you might expect, a reboot takes less time than waiting for a full VM restore.

The “boot from backup” feature has two modes – a verification and recovery mode, and of course the performance mileage will vary dependent on the qualities and capabilities of the storage backing that VM’s backup target location.

Once you have gone through the usual suspects of selecting the mode, backup location and VM itself – you get granular control over the way VM is brought up. This includes attributes such as renaming the VM and ensuring its network card is in a disconnected state – to avoid conflicts with the existing VM.

What’s Next?

VM Backup V7 will soon promises a feature called Cloud Management Console (CMC), which will allow administrators to monitor and manage remotely all their backup installations using a single tool that can be accessed from any web browser – without VPN or any requirement to be on-site. The CMC dashboard gives a more site-by-site or customer-by-customer point of view and will be designed for a more multi-tenant approach to backup management.

What’s There?

Well, as I stated earlier everything you’d expect from an enterprise backup solution is pretty much there. So along side multi-hypervisor support you’ll see an impressive list of features:

  • Drastically reduce backup storage requirements on both local and offsite locations, and therefore significantly speed up backups with Altaro’s unique Augmented Inline Deduplication process
  • Back up live VMs by leveraging Microsoft VSS with Zero downtime
  • Full support for Cluster Shared Volumes & VMware vCenter
  • Offsite Backup Replication for disaster recovery protection
  • Compression and military grade Encryption
  • Schedule backups the way you want them (View video)
  • Specify backup retention policies for individual VMs (View video)
  • Back up VMs to multiple backup locations

So there are plenty of positives to be hand, along side a competitive licensing policy… but….

What’s Missing?

If there’s one repeated criticism levelled at Altaro VM Backup is the lack of public cloud as a backup targets. So for offsite backup use your very much dependent on having another site in which to host the Altaro VM Backup Offsite Server. Now for many small businesses this might not be an issue, as many SMBs actually have more than one location – such as their main warehouse facility and the customer-facing location. However, for SMBs that literally only have one location this is tricky. Such customers might look to services like Amazon S3, Glacier or Azure as way of getting their backups a distance from the core site. The alternative is transporting removable media to another location – and that feels decidedly 1990’s for an era where data can and should be held anywhere.

I raised this issue with the guys at Altaro and they pointed me to blogpost they have which show using the Altaro VM Backup Office Server in Azure. The first blogpost covers off the planning and pricing aspects of placing an Altaro Offsite Server in Microsoft Azure. The second blogpost explains the process of how to setup it up. This configuration is something that Altaro intends to fully develop and it in the pipeline, and part of an overall cloud strategy – but they weren’t understandably able to give me an ETA on that – because it would be commercial sensitive to do so.

In Conclusion

If you are familiar with virtualisation and have been following the backup space for virtualization for a while – there are no surprises here. What’s certainly true for me is that a new tier of backup vendors is entering an already crowded space. This is not dissimilar to the shake-up we saw in the storage space in the last 5 years. Features that were once unique and only available from premium vendors are now going mainstream. The question remains – if you are working with a premium mainstream vendor what unique features are they offering you that you can’t get elsewhere from a relatively new player in the market who is hitting the streets with very attractive pricing and licensing policies? So I see it as a mark of ‘due diligence’ to do a scoping out of alternatives, rather than simply disengaging the brain and signing the renewal contract. You don’t do that with any other insurance premium, so why do that with your backup insurance premium?

Finally, for home labs and small environments, that need basic features, they can also use the free edition that enables backup up to two VMs for free, valid forever.

 

 

 

 

 

 

Posted by on January 30, 2017 in Other, vSphere

Comments Off on Altaro VM Backup V7 Released

VMUG Wiki Update: VMware vCenter Server Appliance 6.0 Update 1 (VCSA)

This chapter of the VMUG Wiki has been up for a while on the public site, and just haven’t got round to making folks aware of its existence. The new chapter is over here:

http://wiki.vmug.com/index.php/Deploying_VMware_vCenter_Server_Appliance_6_(VCSA)

There’s a couple of things new about the VCSA that caught my eye. Firstly, the setup/installations/import/configuration (take your pick about the appropriate word to use for getting the appliance ready for use) has been radically overhauled from previous releases. Previously, there was convoluted process of downloading, importing and then running thru a configuration process (the manual process was better the automated method) – that involved ‘toggling’ between different UI. That’s all changed – now you mount .ISO to your workstation with visibility to an ESXi host – and ‘setup’ wizard runs though the entire process. This is MUCH better than the previous approach, and I think it will help improve adoption of the “linux version” of vCenter.

As ever care must be taken over the FQDNs/IP address used – ensuring that DNS is up, accessible and is resolving. If you don’t you find the installer process will crash and burn… In this case I asked for the VCSA to have FQDN of vcwdc.corp.com, and that wasn’t resolvable to the IP I’d assigned.

Secondly, The ye olde 5480 VMware Studio portal still exists but the look, feel and functionality has changed significantly.You shouldn’t really need to touch this unless you need to re-configure the networking (for example) of the VCSA…

Thirdly, the VCSA Console is much more like the ESXi DCUI interface. I quite like this tidying up process – standardising on the console look and feel, makes the VCSA and ESXi feel more like the double act they really are. There isn’t a huge amount you can do here admittedly – just to say that you can do things like enable SSH to PuTTy into….

 

Posted by on March 11, 2016 in VMUG Wiki, vSphere

Comments Off on VMUG Wiki Update: VMware vCenter Server Appliance 6.0 Update 1 (VCSA)

VMUG Wiki Update: VMware vCenter 6.0 Update 1 (Windows)

As promised I’ve been chipping away at the VMUG Wiki. I’ve spent the last couple of weeks updating the vCenter chapter based on the Windows edition. I say weeks, in truth I spend a couple of hours each week on the Wiki, just fitting it in around my other interests that are focus of my gap year. I’ve been toying with recording the “sets” that I’m “touring” (more grand term, than it really implies) around various acoustic sessions in my local area. The other week someone said I should go to Sheffield and put myself up on stage all mic’d up and plugged in. Not sure I’m quite ‘seasoned’ enough for that yet! But perhaps I might record each monthly set and put it up on SoundCloud for those who are interested.

ANYWAY. Digression. This post is supposed to be about the VMUG Wiki. So the main “news” is the chapter on the Windows vCenter setup is completed and live – you can find it here:

Install VMware vCenter (Windows)

To any old hands here. There’s isn’t much to report in the “What’s New” stakes – but there were a couple of notable changes which I thought I’d bring to people attention.

Read the rest of this entry »

 

Posted by on February 23, 2016 in VMUG Wiki, vSphere

Comments Off on VMUG Wiki Update: VMware vCenter 6.0 Update 1 (Windows)

VMUG Wiki Update: VMware ESXi 6.0 Update 1

Well, a few weeks have gone by since I made my little announcement. I’m happy to say things are going well on the creative front, and I’ve been toying with the idea of recording some songs and putting them on her for your delight and delectation. This post is about my computer life. As promised I’ve started contributing to the VMUG Wiki project. I must admit the first couple of attempts were disaster. I had technical problems as my home lab has been down for months, and the process of updating the vSphere5 content to vSphere6 content is actually – sorry to say this – tedious.

Anyway, last week and the week before – I got over my technical problems and started to find an approach for updating the content that feels quicker, and therefore less tedious. What floats my boat is writing new content about something that has changed significantly, rather than playing a ‘spot the difference” game with software that if you blinked you’d miss any changes. Anyway, someone had to do this job, and as I have time on my hands now, it might as well be me.

So I’m pleased to report we have a new chapter on the VMUG Wiki (probably the first in months!) called thrillingly “Installing VMware ESX 6“.  Yes, I know there’s a broken image in the content. I’m working to resolve that – we have a more serious problem with images in Wiki generally – as MediaWiki sometimes fails to create “thumbnails” correctly. I’m working with the VMUG folks to try and resolve that.

For those like me who have been in this game for a while – there are no surprises here. Indeed some of the content is so similar I haven’t bother to swap graphics around when the only difference in the UI is the bloody build number! However, there were one or two new things that caught my eye.

Firstly, “Lockdown Mode” (that highly popular feature of ESX 😉 ) has a new option or mode called “strict”. I understand this prohibs the use of the DCUI to turn it off. So the only way to turn off “Lockdown Mode” is if the host is manageable via vCenter. That makes vCenter the only method by which the host can be managed. I guess this removes a ‘backdoor’ method caused by the root account being compromised. In my experience customers (except govt/military types) rarely use this feature – in fact many people lower security by enabling SSH which is normally disabled.

Secondly, the other thing I noticed is if you attach two vmnic to vSwitch0 they marked as being Active/Active. Previously, ESX marked one as being Active (vmnic0) and the other being Passive (vmnic1 for example). I consider this an ‘improvement’ but I imagine most experience VMware shops pretty much have the network setup nailed down by now and automated – and never use this method anyway.

Thirdly, I notice the TCP configuration has changed slightly for DNS (this might have changed a while ago, and I hadn’t noticed). You can now set a IPv6 DNS address (whoopee!), But the ‘odd’ thing is the option to set a secondary DNS for IPv4 seems to have disappeared. I assumed you could use comma separated values in the box – but it doesn’t seem to accept that. I dunno if that’s “by design” or bug…. If someone in the ESX team is reading this and knows their onions I’d be interest to know what the rationale is behind this… so I can feel less stupid and educate the community.

Finally, I am working on Chapter 2: Installing vCenter. That’s proved to be a bit more interesting given that there’s the new “Platform Service Controller” (great sexy name there!) and new Postgres support for the Windows version of vCenter. I increasingly find setting up the Windows vCenter a total ball-ache. That’s not because of VMware, but because of the bloody Windows dependencies that must met first. I mean why does anyone bother with the Windows vCenter for new deployments (lights touch paper and walks away!

 

Posted by on February 7, 2016 in VMUG Wiki, vSphere

Comments Off on VMUG Wiki Update: VMware ESXi 6.0 Update 1

The Ultimate Deployment Appliance adds VMware ESXi 6 Support

Actually, this happened last week – but I was so flattened by work leading up to VMworld – the joint announcement planned by myself and Carl fell flat on it face! That’s completely my mistake, as I totally dropped the ball on this one.

In case you don’t know the Ultimate Deployment Appliance (UDA) is a Community Project that I have promoted and used for some years – its an all-in-one PXE/DHCP/TFTP Appliance that massively simplifies the deployment of many operating systems – and I primarily use it for deploying VMware ESXi.

In my tests i found that merely selecting ESXi 5 Installable in the UDA menus and then selecting the ESXi 6 .iso worked right of the box. So it was a piece of cake for Carl to produce a patch bundle that allows you to select ESXi 6 from the menus to keep things both neat and logical.

Screen Shot 2015-08-27 at 10.47.37

The patch bundle can be download either from my site or Carl’s

From mikelaverick.com: uda-2.0.26.tgz

From UltimateDeployment.org: uda-2.0.26.tgz

 

Posted by on August 27, 2015 in vSphere

Comments Off on The Ultimate Deployment Appliance adds VMware ESXi 6 Support

Scripted VMware ESXi 5.5 Installs – Error: Read-only file system during write on

I’ve been recently doing some scripting work with the Ultimate Deployment Appliance (UDA) which was developed by Carl Thijsen of the Netherlands. The reason for this work is to make it easy for me to switch between different versions of EVO:RAIL using my SuperMicro systems. I want to be able to easily flip between different builds, and its seemed like the easiest way to do this remotely was using my old faithful the UDA. This means I can run EVO:RAIL 1.2.1 which based on vSphere5.5, and then rebuild the physical systems around our newer builds, which incidentally use vSphere6.0.

Anyway, I encountered an odd error when scripting the install of VMware ESXi 5.5. One hadn’t seen with VMware ESXi 6.0. The error looked like said :Error: Error: Read-only file system during write on /dev/disks/naa.blah.blah.blah.

Screen Shot 2015-08-04 at 13.46.16

Normally, the lines:

clearpart –alldrives –overwritevmfs
install –firstdisk=ST300MM0026,local –overwritevmfs

Would be enough to wipe any existing installation and VMFS volume. But the installer wasn’t happy. Incidentally “ST300MM0026” is the boot disk, a Seagate drive. However, that didn’t seem to work. I had to modify the ‘clearpart’ line like so:

clearpart –firstdisk=ST300MM0026 –overwritevmfs
install –firstdisk=ST300MM0026,local –overwritevmfs

I think what was happening was that clearpart wasn’t seeing the drive properly, and specifing it by model number allowed the VMFS partition to properly cleared.

Anyway, I doubt this will matter to most people, but I thought I would share in case someone else sees this…

UPDATE: Well, after automating the install of VMware ESXi 5.5, decided to flip back to VMware ESXi 6.0. I encountered the exact same error. So now both my 5.5 and 6.0 scripts include the change to clearpart.

 

Posted by on August 4, 2015 in vSphere

Comments Off on Scripted VMware ESXi 5.5 Installs – Error: Read-only file system during write on

vSphere Web Client Error with FireFox on the Mac…

Yesterday after deploying two new vCenters (with the same FQDN as the previous vCenters) FireFox on the Mac gave me this error when ever I loaded up the Web Client:

RSL https://vcnyc.corp.com:9443/vsphere-client/locales/rsl/flex-common-lib-5.5.0.swf failed to load. Error #2032

All my other web-browsers (Chrome, FireFox, IE on Windows, Chrome, Safari on the Mac) were happy. Fortunately, a full reset of FireFox fixed my issue – all I had to do after the reset of FireFox was re-install my LastPass plug-in…

Article: How to reset FireFox…

 

 

Posted by on July 30, 2014 in vSphere

1 Comment

HP ML350e: Upgrade from ESX 5.5 (133182) to ESX 5.5 U1 (1746018)

Today, I had wont to upgrade my ESX 5.5 installation to ESX 5.5 U1b. No particular reason, I just thought an upgrade was a bit overdue – plus I’m about to embark on a new project and I thought it was perhaps safest to be on the latest and greatest before going any further. The first installation had been made with a custom HP ISO, so it made sense to go for the same option. As you might recall from a post earlier this year, I experienced PSOD when using the generic vanilla ESX 5.5 media.

I download the HP edition of the U1b code, and proceed to do a DVD still upgrade. I only have 3 hosts so I thought I’d go down the simple route. However, my first attempt didn’t go as smoothly as I hoped.

Screen Shot 2014-07-10 at 12.48.17

Fortunately, I wasn’t on my own – folks on the community forums had been caught out by this before. The error appears during the checking devices phase after selecting the storage that contains the installation (local disk, SAN disk or USB/SD disk)…

https://communities.vmware.com/thread/482105

It turns out the work around is to find the offending Broadcom VIB on HP website, and then INSTALL it as an individual VIB, and then try the upgrade. This effectively overwrites the old driver – and when the upgrade takes place – its doesn’t get touched because its the same version.

To grab the driver I went over to – http://vibsdepot.hp.com/hpq/jun2014/esxi-550-devicedrivers/ and downloaded the BCM-NetXtremeII-4.0-1796156.zip. I extracted this zip using the Mac’s native utilities to find the offline ZIP bundle.

Screen Shot 2014-07-10 at 16.08.21

I transferred this over to my “software” datastore which is available to every node in the cluster, and then SSH to one of my hosts to do the update using ESXCLI:

esxcli software vib install –depot=/vmfs/volumes/software/BCM-NetXtremeII-4.0-offline_bundle-1796156.zip

Note: That’s two – – for the depot switch by the way. That went through without a fuss.

Screen Shot 2014-07-10 at 16.25.47

I rebooted the ESXi host and after that DVD upgrade went though as normal…

Screen Shot 2014-07-10 at 17.28.21

Screen Shot 2014-07-10 at 17.39.34

Screen Shot 2014-07-10 at 17.39.48

 

 

 

Posted by on July 10, 2014 in vSphere

3 Comments