Monday, 30 April 2012
McAfee MOVE Antivirus joins the vShield Endpoint Family
<http://blogs.vmware.com/.a/6a00d8341c328153ef0168eaf44a56970c-pi>We have seen a tremendous amount of customer interest in optimizing endpoint security in VMware vSphere and VMware View environments.
<http://blogs.vmware.com/.a/6a00d8341c328153ef0168eaf46bea970c-pi>As server consolidation ratios rise and as large scale virtual desktop infrastructure (VDI) environments roll out it is important to take a fresh look at endpoint security. While the tried and true practice of installing a thick security agent per virtual machine is certainly viable, there is a lot to be gained in taking a new approach that is optimized for the virtual environment.
VMware vShield Endpoint<http://www.vmware.com/products/vshield-endpoint/overview.html> offloads antivirus and anti-malware agent processing to a dedicated secure virtual appliance delivered by VMware partners. Our offload approach dramatically increases consolidation ratios and performance by eliminating anti-virus "storms", streamlines deployment, and satisfies compliance requirements. These capabilities combined with choice of industry leading endpoint security solutions are fundamental to your journey to the cloud.
VMware is proud to announce that McAfee is now shipping the McAfee MOVE Antivirus<http://www.mcafee.com/us/products/move-anti-virus.aspx> solution that integrates with VMware vShield Endpoint. The McAfee MOVE provides powerful, comprehensive, and consistent protection, and is managed and reported by the McAfee ePolicy Orchestrator platform.
With the addition of McAfee we now have four actively shipping solutions with vShield Endpoint including:
Bitdefender Security for Virtualized Environments
http://www.bitdefender.com/sve
Kaspersky Security for Virtualization
http://www.kaspersky.com/products/business/applications/security-virtualization
McAfee MOVE Antivirus
www.mcafee.com/us/products/move-anti-virus.aspx<http://www.mcafee.com/us/products/move-anti-virus.aspx>
Trend Micro Deep Security
http://www.trendmicro.com/us/enterprise/cloud-solutions/deep-security/index.html
Original Post:
http://blogs.vmware.com/vsphere/2012/04/mcafee-move-antivirus-joins-the-vshield-endpoint-family.html
Sunday, 29 April 2012
Technical Marketing Update 2012 - Week 17
By Duncan Epping<https://plus.google.com/112305325305827926631?rel=author>, Principal Architect.
Technical Marketing Update 2012 - Week 17
Great white paper by Cormac Hogan on Storage Protocols. I know many of you have asked for this in the past, so I am sure you will appreciate this paper that explains the various protocols and how they interoperate with VMware. Excellent work Cormac!
* Storage Protocol Comparison (Cormac Hogan) http://bit.ly/IkXoWP
Blog posts:
* vSphere Security Hardening Report Script for vSphere 5 (William Lam) http://bit.ly/Ju91uU
* Cool tool update: RVTools 3.3 released! (Duncan Epping) bit.ly/INHvor<http://bit.ly/INHvor>
* Removing Previous Local Datastore Label for Reinstall in ESXi 5 (William Lam) http://bit.ly/IfhmSN
* Does VMware Support Shared/Switched SAS? (Cormac Hogan) bit.ly/JD50lT<http://bit.ly/JD50lT>
* What is das.maskCleanShutdownEnabled about? (Duncan Epping) http://bit.ly/JnkKKd
* Demystifying Configuration Maximums for VSS and VDS (Venky Deshpande) bit.ly/JzZ7YC<http://bit.ly/JzZ7YC>
* VAAI Thin Provisioning Block Reclaim/UNMAP In Action (Cormac Hogan) bit.ly/JpTkB2<http://bit.ly/JpTkB2>
* Aggregating datastores from multiple storage arrays into one Storage DRS datastore cluster (Frank Denneman) bit.ly/I3Bx2z<http://bit.ly/I3Bx2z>
* Preparing the hosts in Provider VDCs with PowerCLI (Alan Renouf) bit.ly/IhJ00B<http://bit.ly/IhJ00B>
* SRM 5.0.1 Upgrade with vSphere Replication (Ken Werneburg) bit.ly/I8yIgD<http://bit.ly/I8yIgD>
* Using the vSphere ESXi Image Builder CLI (Kyle Gleed) bit.ly/IhAznV<http://bit.ly/IhAznV>
* Retrieving Information from VMware VDS + Cisco Nexus 1000v (William Lam) bit.ly/Ixeaxu<http://bit.ly/Ixeaxu>
Friday, 27 April 2012
SRM 5.0.1 Upgrade with vSphere Replication
Posted by
Ken Werneburg
Sr Tech Marketing Manager
Upgrading from 5.0 to 5.0.1 is such a very simple process that it doesn't require a lot of attention, but there's one quick caveat regarding the vSphere Replication virtual appliances that should be noted.
Because of this, I figured it would be worthwhile to walk you through a couple of different ways to make sure you VR appliances are up to date along with the latest SRM code.
As always, I follow an upgrade process like this:
A) Protected site VC first. Why? You can still do a recovery on the other site if things go sour for you for any reason! These are all in-place upgrades and should take minimal time and effort.
1) vCenter Server
2) vSphere Client
3) Web Client Server--- oh wait, nope, not for 5.0.1, there's no update. Careful you don't just blindly "next-next-next" your way through this or it'll uninstall your web client server.
4) VUM. Very important, make sure this is up to date!
B) Protected site SRM
1) In-place upgrade of SRM to 5.0.1.
[http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03ad6970c-800wi] <http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03ad6970c-pi>
C) Recovery Site vCenter Server (same steps as above)
D) Recovery Site SRM Server (same steps as above)
That was easy. Now you should be back to a good state with everything protected and running. All you need to do is log into your vCenter and check that SRM is still functional.
Don't forget you'll need to update the SRM plugin as well! This upgrade requires that the vpxclient gets bounced, so do that and make sure SRM is working.
Ah but wait, SRM now has the vSphere Replication pieces if you've installed them, and we didn't upgrade those as part of the SRM server upgrade. So how do we do this? There are a couple of ways.
C) Upgrade vSphere Replication
One way is to upgrade the appliances themselves by logging into them and using the built-in update tools. The other is that we could use vSphere Update Manager.
I like logging into the appliances and running the update. The problem is that it presumes you have an internet connection available to the appliances, and it also assumes your proxy settings are correct, so please double check the appliance configuration in order to do this! I've done this through a proxy server and it worked like a charm for me.
For those of you who want to try it via the web interface of the appliance, it's quite straight forward. Log onto the appliance through the web interface, click on the "update" tab on the top, click on the "Check Updates" action button on the right, and if updates are available, click on the "Install Updates" action. That's it!
[http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03b83970c-800wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03b83970c-pi>
[http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03d0b970c-800wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03d0b970c-pi>
But this is far too manual overall, requires internet and proxy access for your appliances, and is not necessarily the most verbose about what's going on behind the scenes. Let's use VUM instead.
The great news is that VUM has built-in "VA Upgrade" baselines that include upgrading the VR component appliances to the latest available build. You can build your own baselines for the virtual appliances if you want, but in this case there's a predefined baseline that you can use.
[http://blogs.vmware.com/.a/6a00d8341c328153ef016304dab1a8970d-800wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef016304dab1a8970d-pi>
We can simply attach the appropriate baseline to the VR appliances, or a folder containing them, and remediate. It'll go through a bunch of actions you can follow via events in the Tasks and Events tab:
[http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03e88970c-800wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03e88970c-pi>
Voila. They are now upgraded to the latest and greatest.
[http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03ee7970c-800wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef0168ead03ee7970c-pi>
So I recommend doing all of this through VUM. It's quick, easy, doesn't require any manual process, and means we don't need to worry about network connectivity for the appliances to get to the outside world, so it's also more secure. You can also reuse the baseline pretty easily next time it comes time to upgrade. Lastly VUM has the great ability to do snapshots and rollbacks in case of problems, so it's nicely fixable if things go wrong!
That's it for now - basically, when upgrading SRM from now on, make sure you also remember to upgrade your vSphere Replication components, and my advice to you is to use VUM to do so.
-Ken
http://blogs.vmware.com/vsphere/2012/04/srm-501-upgrade-with-vsphere-replication.html
Sent with MobileRSS for iPhone<http://itunes.apple.com/app/mobilerss-pro-google-rss-news/id325594202?mt=8>
Mike Yallits, VTSP
Client Account Manager
ESTI Consulting Services
Cell: 204 294-7773
mike.yallits@esti.ca<mailto:mike.yallits@esti.ca>
Storage Protocol Comparison (A vSphere Perspective) White Paper now available
A number of months ago I published a blog article which compared the different storage protocols<http://blogs.vmware.com/vsphere/2012/02/storage-protocol-comparison-a-vsphere-perspective.html> which are found in a vSphere environment. On the back of this posting, a number of folks reached out to me to ask if there was a PDF version of the storage comparison available. Well, now there is. You can pick it up from the VMware Technical Resource Center<http://www.vmware.com/resources/techresources/> which has a great repository of VMware white papers.
The Storage Protocol Comparison white paper can be download by clicking on this link<http://www.vmware.com/resources/techresources/10276>.
Get notification of these blogs postings and more VMware Storage information by following me on Twitter: [http://blogs.vmware.com/.a/6a00d8341c328153ef014e8a7e2282970d-800wi] <http://twitter.com/#%21/VMwareStorage> @vmwStorage<http://twitter.com/#%21/vmwstorage>
Thursday, 26 April 2012
Technical Paper - Storage Protocol Comparison
The objective of this white paper is to provide information on storage protocols and how they interoperate with VMware vSphere and related features. Not all supported storage protocols are discussed. Some notable exceptions are ATA over Ethernet (AoE) and shared/switched SAS. However, the protocols that are included in this paper are the ones that VMware is most frequently asked to compare.
http://www.vmware.com/files/pdf/techpaper/Storage_Protocol_Comparison.pdf
VMware frequently is asked for guidance regarding the best storage protocol to use with VMware vSphere®. vSphere supports many storage protocols, with no preference given to any one over another. However, many customers still want to know how these protocols stack up against each other and to understand their respective pros and cons.This white paper looks at common storage protocols from a vSphere perspective. It is not intended to delve into performance comparisons, for the following two reasons:
* The Performance Engineering team at VMware already produces excellent storage performance white papers.
* Storage protocol performance can vary greatly, depending on the storage array vendor. It therefore does not make sense to compare iSCSI and NFS from one vendor, because another vendor might implement one of those protocols far better.
If you are interested in viewing performance comparisons of storage protocols, the "Conclusion" section of this paper includes links to several such documents.
Wednesday, 25 April 2012
Demystifying Configuration Maximums for VSS and VDS
In this blog entry, I will spend some time discussing the configuration maximums related to vSphere standard switch (VSS) and vSphere distributed switch (VDS). I always get this question, what will happen when you cross those configuration maximum limits? Especially, with the vSphere Distributed Switch configuration maximums where there are vCenter Server level limits as well as host level limits. I would like to clarify some of the things regarding these limits in this post. Here are the configuration maximums for vSPhere 5.0 as it pertains to Hosts, VSS, and VDS.
Host Maximums (These apply to both VSS and VDS):
- Total virtual network switch ports per host : 4096
- Maximum Active ports per host : 1016
VSS Maximums
- Port groups per standard switch : 256
VDS Maximums (These are all vCenter Server maximums as vCenter server controls the configuration of VDS)
- Hosts per VDS : 350
- Total distributed virtual network switch ports : 30,000
- Total number of Static Distributed Port groups : 5000
- Total number of Ephemeral Port groups : 256
After taking a look at the limits, let's focus our attention on the VSS deployments first. In such deployments you have to configure VSS on each host and in some cases there might be multiple VSSs on the same host. When you create a VSS you have an option to define the number of virtual ports on that specific virtual switch (default is 128). Next step is to create port groups. VSS only supports Ephemeral binding and allocates zero virtual ports when a port group is created. The virtual port is allocated only when a virtual machine or vmknic is connected to the port group. In this deployment by keeping the count of the number of VMs and vmknics on a host you can tell how many virtual ports are used. You can then compare the number of virtual ports with host limits.
The host limits are Hard limits. Hard limit means that the host will enforce the limit and you will not be allowed to create more than 4096 virtual ports or have more than 1016 active virtual ports. If you have multiple VSSs on the host this port maximum numbers don't change. You might have some VSS with more VMs connected and some with less. As long as the total number of VMs and vmknics on the VSSs are within the maximum range you are fine. Also, in my opinion there are enough virtual ports available as per the host maximums, and you should not have any problems regarding scaling your environment and achieving higher consolidation ratios.
Now let's look at the VDS deployments where there are additional limits placed by the vCenter Server. Before we dive into the limits discussion on VDS, I would like to point out one main difference between the port group configuration on VSS and the distributed port group configuration on VDS. On VSS port group there is only support for Ephemeral port binding. While on VDS distributed port group, you have an option to choose from the following three different port binding types:
1) Static binding: Assigns a distributed port when a virtual machine is connected to distributed port group
2) Dynamic binding: Assigns a distributed port when a powered on virtual machine is connected to distributed port group. This option is deprecated and won't be available in the future vSphere releases.
3) Ephemeral binding: There is no port binding with this choice. When you choose this option the behavior is similar to a standard virtual switch (VSS). The number of ports is automatically set to 0, and the port group allocates one port for each connected virtual machine, up to the maximum number of ports available on that port group.
The choice of port binding type on a distributed port group determines how the distributed virtual ports are allocated.
For example, if you choose static port binding for distributed port groups by default 128 virtual ports are allocated by vCenter Server. As you can see, this is different from the VSS deployment where no virtual ports are allocated when a port group is created. Some customers have concerns that they will run out of virtual ports as they create large number of distributed port groups OR they have to manually mange the number of virtual ports per distributed port group to overcome the limits.
To illustrate through an example, if you want to create 400 distributed port groups with default number of virtual ports then you would need 51,200 virtual ports. This number is above the vCenter server limit of 30,000 virtual ports. Even though the number of virtual ports are higher than the limit, vCenter Server will allow you to create 400 distributed port groups because vCenter server limits are Soft limits. Soft limit means that the limit is not enforced and you can create more number of distributed port group or virtual ports beyond the specified limits.
However, it is important to note that VMware has tested these maximum limits. If you go beyond those limits, things still should work but you might encounter other challenges in such big environments that are more related to manageability and performance of the management system.We are trying to simplify the workflow for customers where they don't have to manually manage the number of ports available on a distributed port group or worry about the limits. To that respect the Auto Expand feature that is available in vSphere 5.0 helps grow the number of virtual ports on a distributed port group automatically. For more details on how to configure this feature please take a look at the following blog entry by William Lam here<http://blogs.vmware.com/vsphere/2012/02/automating-auto-expand-configuration-for-a-dvportgroup-in-vsphere-5.html>
Finally, I just want to reiterate that the vCenter server limits are soft limits and doesn't stop you from going beyond the tested limits. And the Host limits are the one that will be enforced. Given the 1016 virtual port limits per host I am sure it provides enough capacity to grow as far as consolidation ratio goes. Would love to hear your comment on this topic. In the next post I will talk more about the Static port binding advantages and the Auto Expand capability.
VMware Forum 2012 - May 15th
Register here:
http://info.vmware.com/content/7339_REG
Mike Yallits, VTSP
Tuesday, 24 April 2012
Cool tool update: RVTools 3.3 released!
Version 3.3 (April, 2012)<http://www.robware.net/>
* GetWebResponse timeout value changed from 5 minutes to 10 minutes (for very big environments)
* New tabpage with HBA information
* On vDatastore tab the definition of the Provisioned MB and In Use MB columns was confusing! This is changed now.
* RVToolsSendMail accepts now multiple recipients (semicolon is used as separator)
* Folder information of VMs and Templates are now visible on vInfo tabpage
* Bugfix: data in comboboxes on filter form are now sorted
* Bugfix: Problem with api version 2.5.0 solved
* Bugfix: Improved exception handling on vCPU tab.
* Bugfix: Improved exception handling on vDatastore tab.
"Cool tool update: RVTools 3.3 released!<http://www.yellow-bricks.com/2012/04/24/cool-tool-update-rvtools-3-3-released/>" originally appeared on Yellow-Bricks.com<http://www.yellow-bricks.com>.
Monday, 23 April 2012
@vmwflings, 4/23/12 12:14 PM
4/23/12 12:14 PM<https://twitter.com/vmwflings/status/194474218644189184>
The Fling vBenchmark has been updated to 1.0.2, and includes fixed bugs and new tools: labs.vmware.com/flings/vbenchm…<http://t.co/92iz0CAU>
Saturday, 21 April 2012
Technical Marketing Update 2012 - Week 16
By Duncan Epping<https://plus.google.com/112305325305827926631?rel=author>, Principal Architect.
Technical Marketing Update 2012 - Week 16
Blog posts:
* Limiting stress on storage caused by HA restarts by lowering restart concurrency? (Duncan Epping) http://bit.ly/HYCF5F
* Identifying Virtual Machines Affected By SvMotion / VDS Issue (William Lam) http://bit.ly/HOg56f
* Identifying and fixing VMs Affected By SvMotion / VDS Issue (Alan Renouf) bit.ly/IUF570<http://bit.ly/IUF570>
* Scripts release for Storage vMotion / HA problem (Duncan Epping) http://bit.ly/IVLkaP
* VM Storage Profile behaviour when VASA Provider fails (Cormac Hogan) bit.ly/J9ocYh<http://bit.ly/J9ocYh>
* Disable LUN During ESXi Installation (William Lam) http://bit.ly/I2juYA
* Exiting VSA Maintenance Mode using WSCLI(Cormac Hogan) bit.ly/HSfj69<http://bit.ly/HSfj69>
* vSphere 5.0 Hardening Guide public draft available (Duncan Epping) http://bit.ly/J0Br00
* Connecting multiple DRS clusters to a single Storage DRS datastore cluster (Frank Denneman) bit.ly/HW9LZc<http://bit.ly/HW9LZc>
* 'vpxuser' Password Alert When Upgrading to ESXi 5.0 (Kyle Gleed) bit.ly/JcfVkn<http://bit.ly/JcfVkn>
* Automatically Remediating SvMotion / VDS Issue Using vCenter Alarms (William Lam) http://bit.ly/IcSWaF
Wednesday, 18 April 2012
vSphere 5.0 Hardening Guide public draft available
One of the things my team is responsible for is security of the cloud infrastructure suite. They have worked really hard the last couple of months on overhauling the vSphere Hardening Guide. Today the public draft<http://communities.vmware.com/docs/DOC-19056> was published. (Thanks Charu, Grant and Kyle!)
One of the major changes is the format of the guide. It has been poured into an Excel spreadsheet making it easier filter, sort and edit. Please take a look at the guide and if there is any feedback don't hesitate to comment on the community forum thread<http://communities.vmware.com/docs/DOC-19056>! The final version of the document should be published mid May.
Tuesday, 17 April 2012
Now available in Rough Cuts - Managing and Optimizing vSphere Deployments
[http://www.ntpro.nl/blog/uploads/manage.jpg]
The Rough Cuts service from Safari Books Online gives you exclusive access to an evolving manuscript that you can read online or download as a PDF and print. A Rough Cuts book is not fully edited or completely formatted, but you'll get access to new versions as they are created.
To make the most of VMware's vSphere 5, IT professionals need knowledge, tips, and insights they'll never find in the manuals - or in any book, until now! In Managing and Optimizing vSphere Deployments, two world-class VMware experts offer start-to-finish lessons for vSphere planning, implementation, operation, management, and troubleshooting: expert insights drawn from their own unsurpassed "in-the-trenches" consulting experience.
Harley Stagner (VCDX,vExpert) and Sean Crookston (VCAP-DCA, VCAP-DCD, vExpert) focus on the most crucial techniques VMware professionals need, providing guidance optimized for the new vSphere 5, and frameworks that will support the evolution of virtual infrastructure for years to come. They present scenarios and case studies drawn from real-world data, addressing areas ranging from sizing and performance to redundancy, coverage includes:
* Smoothly integrating vSphere 5 into current environments and considerations
* Overcoming roadblocks to 100% virtualization
* Establishing a more stable infrastructure
* Choosing hardware and making optimal configuration decisions
* Automating tasks with PowerCLI, Host Profiles, and Auto Deploy
* Maximizing availability with Distributed Resource Scheduler, Networking Redundancy, and Fault Tolerance
* Efficiently managing updates, patches, and upgrades * Monitoring vSphere 5 with tools provided by VMware and its community
* Planning for growth, and much more.
http://my.safaribooksonline.com/9780132947183?portal=pearsonitcertification
SMB Success Stories - Myron Steves and Company Slashes Disaster Recover Costs with VMware
[http://blogs.vmware.com/.a/6a00d8341c328153ef016304444e39970d-320wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef016304444e39970d-pi>While we already have tens hundreds of thousands of SMB customers today, we're building the SMB Business Unit to deliver even greater focus on the needs of Small and Mid-Size Businesses. Our goal is simple – we want to provide solutions that drive Real Advantage for our Customers by simplifying their IT environments and making IT a competitive advantage for their business.
When I talk with customers, I am always impressed with their stories and wanted to share one with you. Myron F. Steves and Company is a Houston-based insurance wholesaler that deployed virtualization and cloud solutions from VMware to help ensure the company's 200 employees can respond to customers should disaster strike. Myron Steves serves more than 3,000 independent insurance agencies and as you can imagine, they cannot afford the risk of being incapacitated in the event of a disaster. With the virtualized architecture enabled by VMware, Myron Steves is able to fail over to backup servers within hours instead of days - server failover is now a reliable process and the company has reduced IT costs significantly.
To cut to the chase, Myron Steves eliminated $400,000 in annual costs for a 3rd-party disaster recovery service; saved $200,000 in yearly payroll costs in the IT department; reduced maintenance costs by $150,000 per year and deployed 100+ Virtual Desktops to enable employees to work from anywhere. In addition, after escaping the third-most expensive hurricane in U.S. history as Hurricane Ike hit in nearby Galveston, Texas, Myron Steves realized quickly how critical implementing a disaster recovery strategy would be to their bottom line. They needed a simpler and more reliable solution that would enable IT infrastructure to seamlessly failover in the event of a data center outage and also ensure that the company's voice-over-IP (VoIP) phones wouldn't go down with the data center. After evaluating other solutions from Citrix and Microsoft, Myron Steves chose VMware for its cost effectiveness, simplicity and reliability. Additionally, by leveraging VMware vCenter Site Recovery Manager<http://bit.ly/IAcHoB>, Myron Steves automated server replication between its Houston and San Antonio offices, allowing the company to run its entire infrastructure from the San Antonio office in just a few hours compared with ten days or more using a disaster recovery vendor. Read the full story here<http://bit.ly/HOK3n1>.
Myron Steves is another example of a company that used technology to drive Real World Advantage while simplifying their IT environment, containing costs and increasing employee productivity. What's your story? I am eager to hear your stories about how and why you decided to implement VMware and how our solutions and partners helped your company deploy virtualization, business continuity and disaster recovery solutions. I am also very interested to learn where we need to improve....so please share your thoughts.
Until next time…
Brandon
Sunday, 15 April 2012
Technical Marketing Update 2012 - Week 15
http://blogs.vmware.com/vsphere/2012/04/technical-marketing-update-2012-week-15.html
By Duncan Epping<https://plus.google.com/112305325305827926631?rel=author>, Principal Architect.
Technical Marketing Update 2012 - Week 15
Blog posts:
* Scripts to Extract vCloud Director Chain Length and Linked Clone Mappings (William Lam) http://bit.ly/HmoTv5
* Cluster Sizes - vSphere 5 style!? (Duncan Epping) http://bit.ly/HvhGwE
* Auditing vMotion Migrations (William Lam) http://bit.ly/HFDnsJ
* HA fails to initiate restart when a VM is being SvMotioned and on a VDS! (Duncan Epping) http://bit.ly/HJLRe6
* Storage DRS, more than I/O load-balancing only (Frank Denneman) bit.ly/HQkmD7<http://bit.ly/HQkmD7>
* Clarifying the SvMotion / VDS problem (Duncan Epping) http://bit.ly/HE3VXN
* Extracting SSL Thumbprint from ESXi (William Lam) http://bit.ly/HDtbxf
Thursday, 12 April 2012
vCenter Operations 5 - Level 300 training
My virtualization friend Bas Vinken<http://twitter.com/#!/bvinken> pointed me to a real great vCenter Operations 5 presentation created by Iwan 'e1' Rahabok<http://Linkedin.com/in/e1ang> who's working as a VMware staff SE, Strategic Accounts in Singapore. It's available for download in PowerPoint format<http://communities.vmware.com/docs/DOC-18592> and I really would like to advise you to read the slide notes (they're awesome). The presentation serves 2 purposes, first it provides in-depth training for those who are learning or evaluating vCenter Operations 5 and second it provides materials that vCenter Ops champion can use to share with internal colleagues (e.g. storage team, app team, etc).
Wednesday, 11 April 2012
vCloud networking explained in 1 slide and 52 animations
http://feedproxy.google.com/~r/Ntpronl/~3/XqmE2X834pU/2024-vCloud-networking-explained-in-1-slide-and-52-animations.html
In this video you will learn how a vCloud Director network is constructed. The PowerPoint presentation "vCloud networking explained in 1 slide and 52 animations" is created by fellow VCI over at Tuukka Korhonen (itvirtuoosit.fi).
Port group backed network pools require preconfigured set of port groups either on a vNetwork distributed switch or on a standard vSwitch and port groups must be available on each ESX/ESXi host in the cluster. They need to be imported into vCloud Director when creating this network pool. This network pool is used in circumstances where vCenter cannot programmatically create port groups on the fly. Other scenarios when you want to use this network pool is when do not have vNetwork Distributed switches and want to use the Standard switch or when you want to use the Nexus 1000v switches. The port groups must be isolated at the layer 2 level from all other port groups. The port groups must be physically isolated or must be isolated using VLAN tags. Failure to properly isolate the port groups can cause a disruption on the network.
Unlike other types of network pools, a network pool that is backed by port groups does not require a vNetwork distributed switch and this is the only type of network pool that works with Cisco Nexus 1000V virtual switches. A network pool is backed by vSphere network resources such as VLAN IDs, port groups, or cloud isolated networks. Network traffic on each network in a pool is isolated at layer 2 from all other networks. Each organization vDC in vCloud Director can have one network pool. Meaning each Organization vDC can only be assigned to only one network pool. Multiple organization vDCs can share the same network pool but make sure that networks in the pool are isolated. Only system administrators can create and manage network pools.
vApp networks are used for connectivity of virtual machines within a vApp. A vApp can be connected to a vApp specific network or to an organization network. A vApp network isolates the virtual machines in that vApp from everything else; in that way, it is like an internal organization network, but is only used by that vApp. You can connect vApps to organization network to allow them to communicate with other vApps in that organization. When you connect a vApp to an organization network, determine whether you want a fence or direct connection. Fenced will allow you to have identical virtual machines to connect to organization networks without worrying about IP and MAC address conflicts. You can also have additional firewall rules added to protect virtual machines in the vApp. While direct connection will allow you to directly connect the vApp to the organization network.
VMware vSphere 5 Memory Management and Monitoring diagram
[http://www.ntpro.nl/blog/uploads/memmory.png]<http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2017642>
The VMware vSphere 5 Memory Management and Monitoring diagram provides a comprehensive look into the ESXi memory management mechanisms and reclamation methods. This diagram also provides the relevant monitoring components in vCenter Server and the troubleshooting tools like ESXTOP. Source KB: 2017642<http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2017642> kudos to Hany Michael<http://twitter.com/#!/hany_michael>
Monday, 9 April 2012
Technical Marketing Update 2012 - Week 14
By Duncan Epping<https://plus.google.com/112305325305827926631?rel=author>, Principal Architect.
Technical Marketing Update 2012 - Week 14
Blog posts:
* Silicon Valley VMUG – April 11th (Alan Renouf) bit.ly/H8RCr6<http://bit.ly/H8RCr6>
* VMware Technical Journal, download it now! (Duncan Epping) http://bit.ly/HbJfLU
* Configuring Multiple Syslog Servers for ESXi 5 (William Lam) http://bit.ly/HdD4Th
* Fling: vBenchmark 1.0.1 just released (Duncan Epping) bit.ly/I2UvHP<http://bit.ly/I2UvHP>
* Quickly Finding Objects Using the vCloud API Query Service (William Lam) http://bit.ly/IaQLkL
* The number of vSphere HA heartbeat datastores for this host is 1 which is less than required 2 (Duncan Epping) http://bit.ly/I5pMa9
* Org vDC to vCenter Resource Pool Workflow Using vCenter Orchestrator (William Lam) goo.gl/Mq8Lf<http://goo.gl/Mq8Lf>
* Using Datastore maintenance mode for migration virtual machines to Datastore clusters (Frank Denneman) bit.ly/HtL54G<http://bit.ly/HtL54G>
Podcast:
* VMware Communities Roundtable Podcast #182 - DR of the cloud (vCD & SRM) - Duncan Epping & Chris Colotti - http://bit.ly/Hn1rk3
Wednesday, 4 April 2012
Configuring Multiple Syslog Servers for ESXi 5
By William Lam, Sr. Technical Marketing Engineer
There were some questions on twitter last night about the number of syslog servers that can be configured for an ESXi host and the answer depends on the version of ESXi you are running. With ESXi 4.x, you could only forward to a single syslog server, but with ESXi 5.0 you can now forward to multiple syslog servers which is great for providing redundancy when shipping your logs. In addition to supporting multiple syslog servers, with the release of ESXi 5.0, you can specify different transport protocols: UDP (default), TCP and SSL.
You can configure the syslog servers using the vSphere Client, but if you need to configure this across several hundred hosts you will probably want to automate this using one of the following methods:
* ESXCLI in the ESXi Shell<http://kb.vmware.com/kb/2003322>
* remote ESXCLI using vCLI<http://pubs.vmware.com/vsphere-50/index.jsp?topic=/com.vmware.vcli.examples.doc_50/cli_performance.12.5.html>
* remote ESXCLI using PowerCLI<http://www.vmware.com/support/developer/PowerCLI/PowerCLI501/html/Get-EsxCli.html> or just PowerCLI<http://www.vmware.com/support/developer/PowerCLI/PowerCLI501/html/Set-VMHostSysLogServer.html>
* Host Profiles<http://kb.vmware.com/kb/2003322>
Though it may not have been clear in our documentation that you can now specify multiple syslog servers in ESXi 5.0, here is a quick example on how to configure multiple syslog servers using the remote ESXCLI:
1. Enable ESXi Firewall
You will need to enable the syslog rule in the ESXi firewall (only in ESXi 5.0):
$ esxcli --server esxi1 --username root network firewall ruleset set --enabled yes --ruleset-id syslog
Note: The default syslog ruleset allows UDP/TCP 514 and TCP 1514, if you choose to use a different port you will need to update firewall ruleset.
2. Configure Syslog Servers
To specify more than one syslog server, you will need to separate them using a comma. By default, the host will use UDP protocol and port 514. However, you can specify tcp or ssl as the protocol to be used as well as the port number:
$ esxcli --server esxi1 --username root system syslog config set --loghost 10.20.182.46,tcp://10.20.182.50:514,ssl://10.20.182.52:1514
Note: You can also authenticate against vCenter Server by specifying the --vihost parameter
3. Reload Syslog Configuration
For the syslog configuration to take effect, you will need to reload the configuration:
$ esxcli --server esxi1 --username root system syslog reload
You can easily create shell script and using a "for" loop to execute the preceding 3 commands across multiple hosts. Here is a script called configSyslog.sh<http://vghetto.svn.sourceforge.net/viewvc/vghetto/other/configSyslog.sh?view=log> that accepts three parameters: username, file that includes list of all ESXi hosts seperated by a newline and syslog servers (same syntax as ESXCLI). You will need to edit the script and specify the password for your ESXi host before executing the script.
Disclaimer: This script is provided for informational/educational purposes only. It should be thoroughly tested before attempting to use in a production environment.
Here is a sample execution:
[http://blogs.vmware.com/.a/6a00d8341c328153ef016764a3c2d4970b-500wi]<http://blogs.vmware.com/.a/6a00d8341c328153ef016764a3c2d4970b-pi>
Get notification of new blog postings and more by following VMware Automation on Twitter: [https://lh6.googleusercontent.com/jfcRcFaZ6S2i6S2NRZRqFve7F4gbyD8CSt5dhkZnpegb9b0j3tkB6VzgA0sS6SMZTl4AwLS4ykxurw1WmOyyixIYQepsqCw4U8TWWUQi3SpZEqamKeo] @VMWAutomation<http://twitter.com/vmwautomation>
Fling: vBenchmark 1.0.1 just released
An update to the recently released fling vBenchmark<http://labs.vmware.com/flings/vbenchmark> was just posted. This update includes some fixes and a feature request which was heard often… Here is what's new/fixed with 1.0.1:
* Added a checkbox to include or exclude vCenter license keys when submitting the data to the community repository
* The application now listens on port 443 (https), requests to port 80 will be automatically redirected to 443
* The appliance will now prompt you to change the root password at first logon
* Fixed bugs that prevented some customers from proceeding to the dashboard when they have ESX 3.x hosts in their cluster or are using vCenter credentials that did not have access to the full inventory
* vBenchmark application log is now written to the VM serial port. If you are using the VMX package, the serial port output will be redirected to a file named vBenchmark.log in the virtual machine folder. If you are importing an OVA or OVF, you need to manually add a serial port device and specify a filename.
Make sure to download the latest version of vBenchmark<http://labs.vmware.com/flings/vbenchmark> and try it out! If you don't have a clue what it does, check out my introduction post here…<http://www.yellow-bricks.com/2012/02/29/cool-tool-vbenchmark-fling/>
Tuesday, 3 April 2012
Storage Validation in A Virtual World
http://blogs.technet.com/b/exchange/archive/2012/04/02/storage-validation-in-a-virtual-world.aspx
Deploying Exchange can be a challenge. Particularly when you are all ready to validate your servers & storage with Jetstress and you realize that even though we suggest that you should always run Jetstress prior to going into production, you discover that we don't support running Jetstress in a virtual machine on that fancy new virtual platform you just deployed. Ouch. Now what?
First, some background. You might be wondering why we don't support running Jetstress in a virtual machine. The reason is actually quite straightforward. Over the years as we have worked with customers and partners who were either deploying new hardware for Exchange or validating Exchange storage solutions in the Exchange Solution Reviewed Program<http://technet.microsoft.com/en-us/exchange/ff182054> (ESRP), we saw a number of examples of Jetstress test results where the reported IO latency numbers were wildly inaccurate. Given the lack of trust in the reported performance metrics, we had to ensure that Jetstress was not run in this configuration. This resulted in the guidance that customers deploying on virtual infrastructure should validate storage performance by running Jetstress in the root rather than in a guest virtual machine. While this was a feasible workaround with Hyper-V, it's not a realistic solution for other hypervisors.
Just as the Exchange product has matured, the hypervisor products that some of our customers use to manage their Exchange infrastructure have matured as well, and we decided that the time had come to do some new testing and see if those strange performance results of the past would come to haunt us again. After weeks of automated testing with multiple hypervisors and well over 100 individual Jetstress tests completed in various configurations, we've reached a conclusion…
Effective immediately, we support running the Microsoft Exchange Server Jetstress 2010 tool in virtual guest instances which are deployed on one of the following hypervisors:
* Microsoft Windows Server 2008 R2 (or newer)
* Microsoft Hyper-V Server 2008 R2 (or newer)
* VMware ESX 4.1 (or newer)
Additionally, we are removing the restriction in the ESRP v3.0 program on using virtual machines, so from this point on our storage partners will be able to submit ESRP solutions for Exchange Server 2010 where the validation testing was performed on a virtual machine.
As a reminder, the best place to learn about supportability for Exchange Server 2010 virtualization is on TechNet in the Hardware Virtualization section of the System Requirements topic<http://technet.microsoft.com/en-us/library/aa996719.aspx>. Additionally, we have published a Best Practices for Virtualizing Exchange Server 2010 with Windows Server 2008 R2 Hyper-V<http://www.microsoft.com/download/en/details.aspx?id=2428> whitepaper that contains many helpful deployment recommendations. The best resource for understanding how to properly use Jetstress for storage and solution validation is the Jetstress Field Guide<http://gallery.technet.microsoft.com/Jetstress-Field-Guide-1602d64c>, which has been recently updated to include this change to our support for guest virtual machines.
I hope this is good news for some of you and that this will result in simpler, easier, and more thorough pre-production validation of your Exchange deployments.
Jeff Mealiffe<http://blogs.technet.com/b/exchange/archive/2004/02/11/jeff-mealiffe-s-biography.aspx>
Senior Program Manager
Exchange Customer Experience
VMware Technical Journal, download it now!
I've read this several times by now, so I figured I would share it with you. Hopefully most of you will already be aware though at this point as several people blogged and tweeted about it.
The VMware Technical Journal<http://labs.vmware.com/publications/vmware-technical-journal> is a new publication for the company. We are looking forward to producing future journal issues at regular intervals to highlight the R&D efforts taking place in several different areas of engineering. Our current issue includes papers related to distributed resource management, user experience monitoring, and statistics collection frameworks for virtualized environments, along with several other topics. In future issues we will highlight other areas of VMware R&D, including Cloud Application Platform and End User Computing, and research collaborations with academic partners.
All of the papers included in the tech journal can also be downloaded separately through the following links:
* VisorFS: A Special-purpose File System for Efficient Handling of System Images<http://labs.vmware.com/publications/cremel-vmtj-spring2012> (Olivier Cremel)
* A Software-based Approach to Testing VMware® vSphere® VMkernel Public APIs<http://labs.vmware.com/publications/xue-vmtj-spring2012>(Lan Xue, Sreevathsa Sathyanarayana, James Truong, Sriram Sankaran, Ramesh Pallapotu, Thorbjoern Donbaek, Eric Lorimer)
* Providing Efficient and Seamless Desktop Services in Ubiquitous Computing Environments<http://labs.vmware.com/publications/zhang-vmtj-spring2012>(Lizhu Zhang, Wenlong Shao, Jim Grandy)
* Comprehensive User Experience Monitoring<http://labs.vmware.com/publications/spracklen-vmtj-spring2012>(Lawrence Spracklen, Banit Agrawal, Rishi Bidarkar, Hari Sivaraman)
* StatsFeeder: An Extensible Statistics Collection Framework for Virtualized Environments<http://labs.vmware.com/publications/ravi-vmtj-spring2012>(Vijayaraghavan Soundararajan, Balaji Parimi, Jon Cook)
* VMware Distributed Resource Management: Design, Implementation, and Lessons Learned<http://labs.vmware.com/publications/gulati-vmtj-spring2012>(Ajay Gulati, Anne Holler, Minwen Ji, Ganesha Shanmuganathan, Carl Waldspurger, Xiaoyun Zhu)
* Identity, Access Control, and VMware Horizon<http://labs.vmware.com/publications/pugh-vmtj-spring2012>(Will Pugh, Kyle Austin)
* VMworld 2011 Hands-On Labs: Implementation and Workflow<http://labs.vmware.com/publications/zimman-vmtj-spring2012>(Adam Zimman, Clair Roberts, Mornay Van Der Walt)
Worth reading believe me!
I've already put in the request to make these available as both mobi/epub.
Monday, 2 April 2012
Video - vSphere Storage Profiles
In this video, we'll be exploring how to use Storage Profiles. Storage Profiles enable the creation of data stores that provide varying levels of service. You can categorize data stores based on system-defined user-defined levels of service.
Video - vSphere Hot & Cold Migration and Storage DRS
http://feedproxy.google.com/~r/Ntpronl/~3/lbkMmdLK49A/2018-Video-vSphere-Hot-Cold-Migration-and-Storage-DRS.html
In this video, we'll be exploring how to use Storage DRS. A datastore cluster is a collection of datastores that are grouped together. Typically, the reason why you'd create a datastore cluster is in order to enable storage DRS on that cluster.
Video - vSphere Migration with vMotion
http://feedproxy.google.com/~r/Ntpronl/~3/_7XueDoZIAw/2017-Video-vSphere-Migration-with-vMotion.html
In this video, we're going to investigate how to migrate virtual machines using vMotion migration. vMotion migration allows you to move a virtual machine that's powered on from one host to another.
Sunday, 1 April 2012
EMC Virtual Storage Integrator 5.2 now available…
http://feedproxy.google.com/~r/typepad/dsAV/~3/FtbGqnB7GUU/emc-virtual-storage-integrator-52-now-available.html
EMC Virtual Storage Integrator (VSI) is the free vCenter plugin provided by EMC that extends the vCenter UI to add additional EMC-specific capabilities.
We continue to invest in VSI based on what customers tell us they want….
In EMC VSI 5.1, we introduced performance reporting - one of the most recommended features - which is a simple, lightweight way of seeing the view of the VM, the ESX host and the array in vCenter.
While not as sophisticated as something like EMC ProSphere – this VSI capability means that customers who use EMC and VMware together can see vSCSIstats level info, ESXtop level info, and array level info all in one view, and that it is context-sensitive, only showing info based on the objects selected in vCenter
In EMC VSI 5.1, only VMFS data stores were supported, in 5.2 we added support for NFS datastores on EMC VNX and EMC VG gateways.
VSI can be downloaded from EMC Powerlink under Home > Support > Software Downloads and Licensing > Downloads T-Z > Virtual Storage Integrator (VSI)
You can download this demo in high-rez MOV format here<https://vspecialist.emc.com/human.aspx?Username=Bloglink&Password=vgeekb1og&arg01=793691976&arg05=0/[DownloadAs_Filename]&arg12=downloaddirect&transaction=signon&quiet=true>.
Have fun, and please give us feedback!
Technical Marketing Update 2012 - Week 13
By Duncan Epping<https://plus.google.com/112305325305827926631?rel=author>, Principal Architect.
Technical Marketing Update 2012 - Week 13
A short update this time, most members of the Technical Marketing group were in Palo Alto last week. I am certain though we will have a lot more posts upcoming week because of that!
Blog posts:
* VASA, Profile Driven Storage & RDMs - Heads Up (Cormac Hogan) bit.ly/GTj76h<http://bit.ly/GTj76h>
* Slight change in "restart" behavior for HA with vSphere 5.0 Update 1 (Duncan Epping) http://bit.ly/H9Ag7w
* Automating the creation of vCD Provider VDCs (Alan Renouf) http://bit.ly/HdLpqy
* Free ESXi Hypervisor - Auto Start Breaks with 5.0 Update 1 (Kyle Gleed) http://bit.ly/GT2Gbn
* Debunking Storage I/O Control Myths (Cormac Hogan) bit.ly/HnSxyH<http://bit.ly/HnSxyH>
* Creating Custom Metadata using the vCloud API (William Lam) http://bit.ly/HwR4J6
* Update: VMware vCloud Director DR paper available in Kindle / iBooks format! (Duncan Epping) bit.ly/H43ILJ<http://bit.ly/H43ILJ>
* NFS and the vCD Appliance (Tom Stephens) bit.ly/Hx6I4v<http://bit.ly/Hx6I4v>
* How to Create Bootable ESXi 5 ISO & Specifying Kernel Boot Options (William Lam) http://bit.ly/Htbjck