Sponsors

Monday, 17 September 2018

What is inside vSAN multicast/Unicast traffic?



In recent discussion I had on this topic, there was a query as below?

"If we are creating vSAN vmkernel port that carries vSAN traffic, in that case why do we need to use vSAN multicast (prior to vSAN 6.6) and Unicast (in vSAN 6.6 and onwards)?".

In other words, what is really transferred inside multicast or unicast vSAN traffic?

Virtual SAN uses a clustered metadata database and monitoring service (CMMDS) to make metadata available to each host in the cluster. The CMMDS is designed to be a highly available, performant and network efficient service that shares information regarding host, network, disks, objects, components, etc. among all of the hosts within the Virtual SAN cluster. Each host is intended to contain an identical copy of this metadata.

So multicast/unicast is used for metadata operations such as object creation, change in object status after a failure/publication of statistics like significant change of free disk space across all hosts in vSAN cluster. 

Monday, 3 September 2018

NFS 3.0 vs NFS 4.1 Locking mechanism


NFS 3 locking on ESXi does not use the Network Lock Manager (NLM) protocol. Instead, VMware does provide it's own locking protocol. NFS 3 locks are implemented by creating lock files on the NFS server. Lock files are named .lck-file_id.

NFS 4.1 uses share reservations as a locking mechanism.

File locking mechanisms are used to restrict access to data to only one user or process at a time. NFS 3 and NFS 4.1 file locking mechanisms are incompatible with each other.

Because NFS 3 and NFS 4.1 clients do not use the same locking protocol, you cannot use different NFS versions to mount the same datastore on multiple hosts. Accessing the same virtual disks from two incompatible clients might result in incorrect behavior and cause data corruption.

Saturday, 25 August 2018

What is VMware Cloud Foundation?

VMware Cloud Foundation product is a hyperconverged infrastructure offering from VMware. VMware Cloud Foundation is the unified SDDC platform that bundles VMware vSphere, vSAN, and NSX into a natively integrated stack to deliver enterprise-ready cloud infrastructure.

VMware Cloud Foundation includes a new software management product named SDDC Manager which controls the virtualized compute, network and storage resources. VMware Cloud Foundation uses SDDC Manager to bundle vSphere, vSAN and NSX into a single platform that can be deployed on premise as a part of private cloud or can be provisioned as a service through public cloud providers.

VMware Cloud Foundation automates the lifecycle operations like installation, configuration, operation of the software stack, features policy-driven Workload Domains and monitors both the physical topology of the software-defined datacenter, as well as its underling components.

VMware Cloud Foundation also integrates with pre-existing VMware products, including VMware vRealize Suite, VMware Integrated OpenStack, VMware Integrated Containers and VMware Horizon, and it leverages VMware vCenter Server for VM management, monitoring and provisioning.

Cloud Foundation is available with three deployment options: 
  • Ready Systems
Deploys Cloud Foundation with prequalified vSAN Ready Nodes and networking switches.
  • Integrated Systems: 
Deploys Cloud Foundation with software stack preinstalled and integrated on qualified hardware. 
  • As a Service from the Public Cloud:
Runs Cloud Foundation as a service, managed by public cloud providers.

Saturday, 18 August 2018

Upgrading vSphere 6.5 hosts to vSphere 6.7 using Update Manager - Fast upgrade

VMware vSphere 6.7 incorporates optimizations that speed up major version upgrades, so customers moving from 6.5 to 6.7 will spend less time waiting for hosts to upgrade.


Friday, 17 August 2018

VMware vSphere 6.7 Quick Boot Feature


VMware vSphere 6.7 introduces a new technology that reduces the time required for hypervisor maintenance tasks. By using vSphere Quick Boot, VMware ESXI restarts without rebooting the underlying physical server. This eliminates the time-consuming device initialization and self-testing procedures, shortening the time required to patch or upgrade a host.


Friday, 10 August 2018

From Zero to NSX Hero

The path toward virtualization and digital transformation can be arduous – but it doesn’t have to be. If you’re working to get a deep download on connectivity and security for apps and your data center for data, the cloud and the edge, look no further. For more details do check HERE at VMware blog.

Saturday, 19 May 2018

vNUMA: VMware vSphere 6.5

In vSphere 6.5, changing the cores per socket value no longer influences vNUMA or the configuration of the vNUMA topology. The configuration of vSockets and cores per socket only affects the presentation of the virtual processors to the guest OS, done generally for guest OS licensing purpose. 

vNUMA will automatically determine the proper vNUMA topology to present to the guest OS based on the underlying ESXi host. 

For example, lets assume that we create a 4-vSocket virtual machine with 4 cores per socket (i.e. total of 16 vCPU) on a ESXi host that has dual-socket-16-core per socket. Prior to vSphere 6.5, vNUMA would have created 4 vNUMA nodes based on the cores per socket setting. 

As of vSphere 6.5, the guest OS will still see 4 sockets and 4 cores per socket, but vNUMA will now only create 1 vNUMA node for the entire virtual machine since it can be placed in a single physical NUMA node. 

This new disconnection of the cores per socket setting with vNUMA allows vSphere to determine the best vNUMA topology automatically in all circumstances.

In case you still want to revert to the earlier behavior in vSphere 6.0, use the advanced setting:

numa.FollowCoresPerSocket = 1

For more Information concerning vNUMA can be found in the following articles:

Saturday, 12 May 2018

Wednesday, 2 May 2018

Upgrade to VMware vSAN 6.7

vSAN 6.7 is a new release that requires a full upgrade to vSphere 6.7.

Perform the following tasks to complete the upgrade to vSAN 6.7:

1. Upgrade to vCenter Server 6.7. For more information, see the VMware vSphere 6.7 Release Notes.

2. Upgrade hosts to ESXi 6.7. For more information, see the VMware vSphere 6.7 Release Notes.

3. Upgrade the vSAN on-disk format to version 6.0.

If you upgrade from on-disk format version 5.0, no data evacuation is performed as the disks are reformatted.

Note: Upgrading from vSphere 6.5 Update 2 to vSphere 6.7 is not supported.

Tuesday, 1 May 2018

VMware vSAN 6.7: What's New?



vSAN 6.7 introduces the following new features and enhancements:

4Kn drive support:- vSAN 6.7 supports 4K Native disk drives. 4Kn drives provide higher capacity densities compared to 512n. This support enables you to deploy storage heavy configurations using 4Kn drives with higher capacity points.


vSphere and vSAN FIPS 140-2 validation:- vSAN 6.7 encryption has been validated for the Federal Information Processing Standard 140-2. FIPS validated software modules have numerous advantages over special purpose hardware, because they can be executed on a general-purpose computing system, providing portability and flexibility. You can configure a vSAN host using any HCL-compatible set of drives in thousands of form factors, capacities and features, while maintaining data security using FIPS 140-2 validated modules.

HTML interface:- 

The HTML5-based vSphere Client ships with vCenter Server alongside the Flex-based vSphere Web Client. The vSphere Client uses many of the same interface terminologies, topologies, and workflows as the vSphere Web Client. You can use the new vSphere Client, or continue to use the vSphere Web Client.

vRealize Operations within vCenter Server
:- 

The vSphere Client includes an embedded vRealize Operations plugin that provides basic vSAN and vSphere operational dashboards. The plugin provides a method to easily deploy a new vROps instance or specify an existing instance in the environment, one of which is required to access the dashboards. The vROps plugin does not require any additional vROps licensing.

Windows Server Failover Clustering support
:- 

vSAN 6.7 supports Windows Server Failover Clustering by building WSFC targets on top of vSAN iSCSI targets. vSAN iSCSI target service supports SCSI-3 Persistent Reservations for shared disks and transparent failover for WSFC. WSFC can run on either physical servers or VMs.

Intelligent site continuity for stretched clusters
:- 

In the case of a partition between the preferred and secondary data sites, vSAN 6.7 will intelligently determine which site leads to maximum data availability before automatically forming quorum with the witness. The secondary site can operate as the active site until the preferred site has the latest copy of the data. This prevents the VMs from migrating back to the preferred site and losing locality of data reads.

Witness traffic separation for stretched clusters
:- 

You now have the option to configure a dedicated VMkernel NIC for witness traffic. The witness VMkernel NIC does not transmit any data traffic. This feature enhances data security by isolating the witness traffic from vSAN data traffic. It also is useful when the witness NIC has less bandwidth and latency compared to the data NICs.

Efficient inter-site resync for stretched clusters
:- 

Instead of resyncing all copies across the inter-site link for a rebuild or repair operation, vSAN 6.7 sends only one copy and performs the remaining resyncs from that local copy. This reduces the amount of data transmitted between sites in a stretched cluster.

Fast failovers when using redundant vSAN networks:- When vSAN 6.7 is deployed with multiple VMkernel adapters for redundancy, failure of one of the adapters will result in immediate failover to the other VMkernel adapter. In prior releases, vSAN waits for TCP to timeout before failing over network traffic to healthy VMkernel adapters.

Adaptive resync for dynamic management of resynchronization traffic
:-

Adaptive resynchronization speeds up time to compliance (restoring an object back to its provisioned failures to tolerate) by allocating dedicated bandwidth to resynchronization I/O. Resynchronization I/O is generated by vSAN to bring an object back to compliance. While minimum bandwidth is guaranteed for resynchronization I/Os, the bandwidth can be increased dynamically if there is no contention from the client I/O. Conversely, if there are no resynchronization I/Os, client I/Os can use the additional bandwidth.

Consolidation of replica components
:- 

During placement, components belonging to different replicas are placed in different fault domains, due to the replica anti-affinity rule. However, when the cluster is running at high capacity utilization and objects must be moved or rebuilt, either because of maintenance operation or failure, enough FDs might not be available. Replica consolidation is an improvement over the point fix method used in vSAN 6.6. Whereas point fix reconfigures the entire RAID tree (considerable data movement), replica consolidation moves the least amount of data to create FDs that meet the replica anti-affinity requirement.

Host pinning for shared nothing applications
:- 

vSAN Host Pinning is a new storage policy that adapts the efficiency and resiliency of vSAN for next-generation, shared-nothing applications. With this policy, vSAN maintains a single copy of the data and stores the data blocks local to the ESXi host running the VM. This policy is offered as a deployment choice for Big Data (Hadoop, Spark), NoSQL, and other such applications that maintain data redundancy at the application layer. vSAN Host Pinning has specific requirements and guidelines that require VMware validation to ensure proper deployment. You must work with your VMware representative to ensure the configuration is validated before deploying this policy.

Enhanced diagnostics partition (coredump) support
:-

vSAN 6.7 automatically resizes the coredump partition on USB/SD media if there is free space on the device, so that coredumps and logs can be persisted locally. If there is insufficient free space or no boot device is present, then no re-partitioning is performed.

vSAN destaging optimizations
:- 

vSAN 6.7 includes enhancements to improve the speed at which data is written from the caching tier to the capacity tier. These changes will improve the performance of VM I/Os and resynchronization speed.

Health check additions and improvements
:- 

vSAN 6.7 includes several new health checks and improvements to the health service for better proactive and reactive guidance.

vSAN Support insight
:- 

vSAN 6.7 has improved customer support by providing anonymized environmental data to VMware Global Support Services (GSS) for proactive support and faster troubleshooting. Customer enrollment in the Customer Experience Improvement Program (CEIP) is required to receive this benefit.

Swap object thin provisioning and policy inheritance improvements
:-

VM swap files in vSAN 6.7 inherit the VM storage policy for all settings, including thin provisioning. In prior versions, the swap file was always thick provisioned.


Source:- VMware

Monday, 29 January 2018

New bridge Upgrade Path brings good news for Current VCPs

Starting immediately, any VCP who is two versions behind the most current available version in the same solution track can upgrade to the latest by only taking one exam.

Image: VMware

Because before this change, if you held a VCP5-DCV and want to upgrade to VCP6.5-DCV, you would first have to earn the VCP6-DCV (by passing the delta exam) and then upgrade to the VCP6.5-DCV (again, through the delta exam.) In other words, you were not allowed to “skip” a version, unless you wanted to start the track from the beginning and take training and the Foundations exam.

But now, with this bridge path available – if you are a current VCP and want to upgrade over two versions, you can by passing the latest VCP exam for that track. One exam and that’s all, and you will hold the most current version. 

For example:



Note:

Bridge path only applies if your VCP is current; if yours has expired, you will need to take the Expired path for your VCP.

Wednesday, 17 January 2018

Announcement: VMware Response to Speculative Execution security issues CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 (aka Spectre and Meltdown)

On January 3, 2018, it became public that CPU data cache timing can be abused by software to efficiently leak information out of mis-speculated CPU execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. 

Three variants have been recently discovered by Google Project Zero and other security researchers; these can affect many modern processors, including certain processors by Intel, AMD and ARM. 

For more information see KB52245

Tuesday, 16 January 2018

VMware Tools Bundling Changes in ESXi 6.5


In ESXi 6.5, only a subset of VMware Tools ISO images are bundled with the ESXi 6.5 host by default.

The following VMware Tools ISO images are bundled with ESXi:
  • windows.iso
VMware Tools image for Windows Vista or higher 
  • linux.iso
VMware Tools image for Linux OS with glibc 2.5 or higher (for example, RHEL 5 or later, SLES 11 or later, Ubuntu 10.04 or later) 
  • winPreVista.iso
VMware Tools image for Windows 2000, Windows XP, and Windows 2003 


The following additional VMware Tools ISO images are available for download from My VMware:
  • solaris.iso: 
VMware Tools image for Solaris 
  • freebsd.iso: 
VMware Tools image for FreeBSD
  • winPre2k.iso: 
VMware Tools image for pre Windows 2000
  • linuxPreGlibc25.iso: 
VMware Tools image for Linux OS with glibc less than 2.5
  • darwin.iso: 
VMware Tools image for OS X 10.11 or later
  • darwinPre15.iso: 
VMware Tools image for Pre-OS X 10.11
  • netware.iso: 
VMware Tools image for Netware

Sunday, 14 January 2018

Discontinued processors support in vSphere 6.5

During an installation or upgrade, the installer checks the compatibility of the host CPU with vSphere 6.5.

If your host hardware is not compatible, a purple screen (PSOD) appears with an incompatibility information message, and the vSphere 6.5 installation process stops.

vSphere 6.5 no longer supports the following processors:
  • Intel Xeon 51xx series 
  • Intel Xeon 30xx series 
  • Intel core 2 duo 6xxx series 
  • Intel Xeon 32xx series 
  • Intel core 2 quad 6xxx series 
  • Intel Xeon 53xx series 
  • Intel Xeon 72xx/73xx series

    Thursday, 11 January 2018

    vRealize Operations 6.6 Persistence Layer Databases


    Image:VMware

    vRealize Operations maintains the following databases:
    • File system database: 
    This contains all the statistical time series data. This raw metric data is used to provide live status displays in the user interface.

    • Central vPostgres: 
    This contains user configuration data, such as alert and symptom definitions, dashboard configurations, and super metric formulas. The global database is found only on the master node and master replica nodes.
    • Alerts/symptoms vPostgres: 
    This contains alerts and symptoms information.
    • HIS vPostgres: 
    This contains a historical view of all object properties and relationships.
    • Cassandra: 
    This enables expansion of the cluster size to 16 nodes.

    Wednesday, 10 January 2018

    vCenter Server Appliance 6.5 Update 1e Released

    Product Patch for vCenter Server Appliance 6.5 contains VMware software fixes, security fixes, and Third Party Product fixes.
    • This release of vCenter Server 6.5 Update 1e delivers the following patches. 
    VMware-vCenter-Server-Appliance-6.5.0.14000-7515524-patch-FP.iso

    • This updated version of vCenter Server also provides part of the hypervisor-assisted guest remediation of CVE-2017-5715 for guest operating systems. For important details on this remediation, see VMware Security Advisory VMSA-2018-0004.


    For more detail check Release notes here.

    Tuesday, 9 January 2018

    Vembu BDR Suite v3.9.0: What's New?

    With the begining of year 2018, Vembu has introduced new release of its BDR suite v3.9.0. Vembu BDR Suite provides flexible deployment options like offsite, cloud, on-premise and hybrid cloud. The centralized monitoring and management portal also makes it very easy to monitor and manage large deployments with minimal effort.
    Vembu BDR Suite v3.9.0 new features are as below:

    Tape Backup Support:

    Vembu extends its support to native tape backup through the Vembu BDR console. You can utilise the best known 3-2-1 backup strategy of having 3 copies of backup data in 2 different media and 1 off-site location for an efficient DR plan. 


    This secondary backup approach will help you to archive the image based backups in both virtual and physical environments like VMware, Hyper-V and Windows Servers and recover them in multiple formats like VHD, VMDK, VHDX, VMDK-Flat and RAW.

    Auto Authorization at Off-siteDR:

    Enabling the auto authorization feature will allow only the authorized Vembu BDR servers to get connected with Vembu OffsiteDR servers (Replication) using the registration key.

    Quick VM Recovery on ESXi for Hyper-V and Disk Image Backups:

    Instant recovery of backed up data on VMware ESXi is now made available for both the Hyper-V VMs and Windows Servers backup jobs for an effective Disaster Recovery. This recovery of the virtual machines happens in a matter of seconds by booting the backed up machine directly from the backup storage repository, from where all the files, folders and applications can be accessed.

    Windows Event Viewer Integration:
    All the events of the Vembu BDR, Off-siteDR & agents like information on critical, warnings and major events are updated in the Event Viewer of Windows Servers when enabled for better management.

    Advanced Backup level encryption for all agents:

    Users will be able to configure AES-256 bit encryption for all their backup jobs of VMware, Hyper-V, Disk Image through their customized passwords using corresponding password hints as well.

    OffsiteDR Server retentions using Vembu Network Backup:

    OffsiteDR retention policies is now available for the Network Backup plugins too, like the image based backups of VMware, Hyper-V and Disk Image backups at the too.

    Listing of files & Folders in aciTree structure:

    The listing of files and folders while configuring backups on a Network Backup plugin is now up with the aciTree structure for easy and quick navigation.

    Pre/Post backup scripts for all Network & Image Backup clients:

    This feature provides the ability to configure running custom actions before and after the execution backup schedule. The custom actions may include running an application using some script files.

    AngularJS conversion of UI for Vembu OnlineBackups:
    The overall UI of Vembu OnlineBackup is improved for better performance like the current Vembu BDR and Off-siteDR.

    Update of consumed space on the Vembu Portal:

    Based on the display of the consumed space of Vembu OnlineBackup and SaaSBackup plugins, the customer will be able to allocate and purchase further cloud storage post purchase and upgrade.


    Download free trial of Vembu BDR Suite v3.9.0 here.

    Monday, 8 January 2018

    New security advisory released by VMware

    VMware has released the following new security advisory:
    VMSA-2018-0002 – VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.
    This advisory documents remediation for known variants of the Bounds-Check Bypass (CVE-2017-5753) and Branch Target Injection (CVE-2017-5715) issues due to speculative execution disclosed today by Google Project Zero. These issues may result in information disclosure from one Virtual Machine to another Virtual Machine that is running on the same host.
    A third issue due to speculative execution, Rogue Data Cache Load (CVE-2017-5754), was disclosed along the other two issues. It does not affect ESXi, Workstation, and Fusion because ESXi does not run untrusted user mode code, and Workstation and Fusion rely on the protection that the underlying operating system provides.
    The remediation as documented in VMSA-2018-0002, has been present in VMware Cloud on AWS since early December 2017.
    Source:- VMware blog.


    vRealize Automation upgrade path

    Below is the valid upgrade path latest version of vRealize Automation. 




    Popular Posts This Week