Wednesday, September 2, 2015
vSphere 6.0 U1
- Tech preview of vSphere Web Client Update Manager
- able to migration embedded PSC to external PSC
- added vCloud Air web client to plugin
Virtual SAN (VSAN) 6.1
- stretch cluster in All-Flash VSAN
- 2 nodes ROBO office with witness in main site
- vSphere Replication to support 5 minutes RPO
vSphere with Operations Manager 6.1 (vSOM), vRealize Operations 6.1 (vR Ops), vRealize Operations Insight 6.1 (vROI)
vR Ops Standard Edition now comes with SDDC management packs which include VSAN, vCloud Ai, NSX
- New OS & Applications monitoring starting with 5 supported apps. More to come.
- Tech preview: Workload Placement Engine (WLP) working with DRS
vCenter Site Recovery Manager 6.1
- Support of Metro cluster vMotion during planned downtime across different physical sites
- Previously named as EVO:RACK in tech preview
- 1/3 rack minimum
- available in 5 hardware profiles
- support up to 64 nodes with 16 appliances
vCloud Air Compliance (EAP-US)
- Realize visibility for continuous monitoring of compliance
- applicable for on premise and off premise services
- Horizon for Linux vGPU and vSGA support on top of existing vDGA
- Support for Skype Business
- New AMD GPU support for vDGA
- All-Flash VSAN support
- Zero day support for Windows 10
- Announce of Project Enzo
VMware Identity Manager Advanced Edition
- Previously known as VMware Workspace
- Advanced added support on SSO with enrollment of mobile devices for use to access applications via iDM
Wednesday, August 26, 2015
You can also bookmark this page for all the other version vSphere hardening guide.
Tuesday, August 25, 2015
Here I like congrats all new vExpert 2015 with the second half results announced 1 week before VMworld 2015. Results can be viewed here https://blogs.vmware.com/vmtn/2015/08/vexpert-2015-second-half-announcement-2.html.
If you are going to VMWorld this year, remember to grab all the freebies for vExpert as well as the meetup just for vExpert.
If you miss the application, look out for the application for vExpert 2016 likely end of this year.
Monday, August 17, 2015
In the past, VMware introduced the vCloud Suite to allows customer to build their own cloud. However with the adoption of mutliple clouds, VMware came up with another bundle.
VMware introduced the vRealize Suite (vR Suite) in both Advanced and Enterprise last year and this comprises of vRealize Operations Suite, Log Insight, vRealize Automation and vRealize Business all in one bundle.
vRealize Suite can be add on top for customer who are on naked vSphere. For customers on vSphere with Operations Management (vSOM) or vRealize Operations Insight (vROI), it becomes contradicting as it get duplicates of the vRealize Operations Suite from vSOM and vRealize Suite. For customers who are on vROI or vSOM, the only upgrade path is to vCloud Suite bundle.
However vCloud does not comes with Log Insight which makes monitoring shortfall of Log analysis. Moreover in the vCloud Suite Advanced and Enterprise, the vRealize Business Standard (which is available in these two bundles) is not able to extend to Public Cloud as it is a different software of it's own to vRealize Business Advanced/Enterprise. In addition, in vCloud Suite Enterprise, it included Site Recovery Manager (SRM). However not everyoneone would really need SRM to protect the whole infrastructure but perhaps a small subset. In such, it makes more sense to purchase this ala cart just enough to cover whatever is protected by SRM.
To add on with the new vCloud Suite bundle, the removal of vCloud Director (vCD) and vCloud Networking and Security (vCNS), makes the whole vCloud Suite bundle less attractive and appear more expensive comparing to vRealize Suite.
On the other hand, vRealize Suite can be purchase with naked vSphere without having to upgrade their vSphere. This allows customer to save the additional renewal they will incur on a higher upgrade of vSphere e.g. vSOM or vROI.
To start with vRealize Suite and implement everything in the Suite on Day 1 is nearly impossible. Often many will start small. This also make vRealize Suite less attractive as there isn't a gradually phase upgrade unlike customer moving to a vCloud Suite from vSOM to vROI before vCloud Suite.
With many enterprises embarking on public clouds or having multiple private clouds and wanting to automate and centralize platform of monitoring and management, vRealize Suite look more for the fit than vCloud Suite.
As VMworld is coming, let's wait and see what other bundling or improvement that could allows customers to adopt a possible approach into a Software Defined Data Center.
Monday, August 3, 2015
On day 0 daily operations activity, accessing the VM console is essential and often used. When you launch the vSphere Web Client, you will be at the login page. Below you will see the link to download the Client Integration Plug-in as shown below:
After installing, you will be able to access the VM console after logging in. Upon login, you will see the screen below when a VM is selected:
Above you see the screenshot taken from Hands-on-Lab. To access a VM console you will have selected the VM and on the right you will see the above. Clicking on "Launch Console", will launch the VM console in a new tab\window of your browser. However this link is invalid! So how are you going to use the console? You must be kidding me!
Now take a deep breath, the answer is simple just click on the Preview image of the console just above of the linked text. This will open another tab\window so you can access the console.
Now I know you will very piss off. How on earth did this happen? Are you stuck now?
The solution here is NOT to install the Client Integration Plug-in. Instead head over to VMware Download page of vSphere, under Drivers & Tools section, you will see a VMware Remote Console. Download and install this instead.
So the next time you access the VM console, just use the VMware Remote Console. This time it will work nicely.
Why did VMware release two different console one as a Plug-in while one is a standalone console? I have no idea. But with the VMware Remote Console, you can copy a link to a VM Console and send to someone with VMware Remote Console installed to access it. Provided they have the credential to the server and vCenter.
Now is to wait for the future release to have this fixed. For now, at least you can access your VM console and carry on your daily operations activity!
Saturday, July 11, 2015
Was doing a vSphere Optimization Assessment (VOA) and wanted to advise customer on the resources required. Other than the documentation from here or from the vR Ops Installation Guide, it does not state what was provided e.g. the different profile sizes of the vApp is suited for which type of environment other than running the deployment wizard. This is not very helpful especially when you are doing planning and the only way to get that information is to deploy it.
Upon deploying, you will get to know the disk size that vR Ops will use. Based on documentation, was 250GB however in the wizard it shows 1.4GB for thin provisioned and 266GB for thick provisioned.
Running out of Disk Space?
What if you run out of space for your vR Ops vApp? The procedures of increasing the disk size is stated here. It is fairly easy by just shutting down the vApp and expanding the vDisk 2 or adding a new vDisk and powering up and everything will be automatically detected. That definitely make life easier without having to bother to configure later.
Some environment require vR Ops to be placed in another network no similar to vCenter. This would require the need of opening some firewall ports which are all listed here.
Update 15th Jul 2015
Apparently there is a sizing guide in this KB but not updated as of 6.0.1.
Monday, June 29, 2015
I have that testing since Horizon 6.1 in a technical preview and was not able to show it. With this release, it is now official so I shall go through some of the screenshot how this was done.
The setup is all similar is no complicated steps just an installation of an .exe binary on top of latest View 6.1 agent and the HTML access binary on the connection server.
After which you have the freedom of choice to use a Horizon Client or a HTML5 to access your desktop as well as Applications remoting. The best part of this is there is no plugin needed for browser this not just keep the browser clean from any crashes which can be resulted as well as messing up browser performance and behaviour.
Using the Horizon Client this time, there are several improvement. Remember when I mentioned in my previous post, this has better improvement.
Here I am using a mobile Horizon Client:
On the HTML5 browser, this can be on mobile or on a laptop. Here I have one with mobile Chrome browser.
On my laptop I am using Firefox, you will be presented with your desktops and applications. This is utilizing the Blast protocol use on both the desktop and application.
Here you see after pointing the Connection server you get presented all the applications entitled. You can also favourite the applications by clicking on the star so you do not have to search for it. You can also present a Thinapp application as a Hosted App.
Upon clicking on the application, you will be presented with the below. You can see I have open a MS Word and two MS Paint. As MS Paint is the same, they are displayed under the same group on the taskbar on the left. The task bar, just like on the mobile client can be hidden and call upon.
The the screenshots from mobile Horizon Client to the HTML5 mobile browser and desktop browser, the look and feel and way of maneuvering around is rather similar. This will be great for end users as they do not have to relearn a new interface for every different application or device used.
There are few questions arises. What if you need to change password, typically this will have no impact on your desktop or applications. As long you are in desktop or application either on HTML5 or Horizon Client, you can still change them via a Ctrl-Alt-Del option.
Hope this gives you a good picture of HTML app remoting.
Update 6th Jul 2015
Added HTML5 access via a mobile browser.
Wednesday, June 3, 2015
When I go to my Horizon View Dashboard, it looks fine.
When I try to remove the vCenter entry under the Server options and adding it back I end up with another error when trying to add the View Composer.
Back to the strange behaviour. It seems my connection to my vCenter via Connection Server has a sudden slowness and the certificate seems to be corrupted. I tried to find a solution to replace the self-signed (in my case) certificate on my View Connection Server however in vain. I tried removing the vCenter and re-adding it back, that does not help.
So I chanced upon some steps by our internal team and use it to resolve my problem and it works.
In summary, this is what was done. First we backup the ADAM database and then we invalid the entry of the vCenter in View Connection Server. Then we try to add the existing vCenter again. So now we have two entry of the vCenter where oneis an invalid entry. Taking from the valid entry certificate thumbprint, we overwrite the invalid ones and remove the latter vCenter entry. Next revert back the entry to previous valid entry.
Here are the detailed steps that help me resolved my issues.
Note: Back up the ADAM database before proceeding. For more information, see Performing an end-to-end backup and restore for View Manager (1008046).
- Log in to the machine hosting your View Connection Server. If there is a cluster of View Connection Servers, this step can be done on any of the servers.
- Click Start > Run, type cmd, and click OK. The command prompt opens.
- Run this command, substituting a name for your back up file.
vdmexport > ViewBackupFilename.ldf
- Connect to the ADAM database. For more information, see Connecting to the View ADAM Database (2012377).
- Expand OU=Properties > OU=VirtualCenter.
Note the entry is is after expanding the OU=VirtualCenter.
- Document the first four characters of the vCenter Server entry, for example CN=f030. Right-click the vCenter Server entry and click Properties.
- Document these three values:
- pae-NameValuePair. Note the entry here and then remove it.
- pae-SVIURL. Note the entry and set to a value similar to https://OFFvComposer.domain.com:18443
- pae-VCURL. Note the entry and set to a value similar to https://OFFvCenter.domain.com:443/sdk
- In the View Administrator portal, refresh the dashboard to confirm the name change you made.
Do note that changes are reflected at two different location.
- In View Configuration > Servers > vCenter Server, add an entry for the proper
- Open the properties page for each vCenter Server entry.
- Manually copy these values from the new vCenter Server entry to the old vCenter Server entry:
Note: Take a note of the entries before copying. When copying these values, copy and paste directly between properties sheets or copy to a plain text editor that does not add any formatting such as Windows Notepad.exe.
- Remove the new vCenter Server entry from the View Administrator webpage.
- Undo the three changes you made at the beginning of the process, including adding the UNIQUEID=XX value back into pae-NameValuePair and rename the pae-SVIURL and pae-VCURL.
- Reboot all Connection Servers in the replicated group.
- In the View Administrator webpage, refresh the Dashboard page again and confirm vCenter Server and Composer are both shown correctly and are now showing as green status.
- Proceed with testing provisioning and recomposing, as well as login functionality.
Thursday, May 14, 2015
There were many discussion over storage UNMAP via thin provisioning and many called it a "myth". This was also discussed heavily in our Facebook VMUG - ASEAN group. This was due to many changes since VMFS3 to till VMFS5. Cody wrote a long history of what are the changes for those who have missed out here.
A KB was also release and this create some discussion VMFS3 with different block size would benefit thin provision so to speak before vSphere 5.0 Update 1. Sadly after which, all UNMAP was not possible via GUI or automatically other than via command line or script.
I try to ask internally as well and luckily Cormac with his findings has listed all the answers on questions here. Sadly we still cannot support Linux due to legacy SCSI version. At least we are on the right track now to see at least Windows are supported.
VMware Data Protection (VDP) first introduced in vSphere 5.1 replacing VMware Data Recovery. VDP is running a vApp version of EMC Avamar and first introduced with the normal edition and Advanced edition. The Advanced edition (VDPA) has to be purchased and comes with three agents (SQL, Sharepoint, Exchange) and storage of deduped data up to 8TB instead of 2TB per appliance as on the normal edition.
With VDPA, customers were also able to purchase the per OS Instance license to backup their physical server as shown here.
With vSphere 6, VDPA is now known as VDP and provided free and no longer a purchase option. So the next question that arise was can user used VDP in vSphere 6 to backup physical server via the agent? The answer is Yes. Is there a cost to this? VDP is now free so the simple answer is yes it is free! How good is that!
There are two different mode of Locked Down mode.
- Normal Locked Down
- Strict Locked Down
Exception Users is also introduced. Only users with administrative privileges added into Exception Users list will allow be able to access the DCUI in Normal Locked Down mode. Other options is to add user into DCUI.Access in advanced option to have access to DCUI.
In Strict Locked Down, DCUI is disable, only when SSH or ESXi Shell is enabled, will users with administrative privileges in Exception Users able to access the ESXi server. If not, a reinstall is required.
NIOC version 2 and 3 coexist in vSphere 6.0 and what is the different is be recorded here. The performance improvement white paper is also been produced.
Many might not be aware or not make aware the changes that has been done on vSphere Replication (vR). There are actually enhancements been done on it but not publicly made known. One of the major enhancement is compression. This helps in reducing the amount of data to be replicated across and effectively save you on bandwidth. Also mentioned here is the introduction of dedicated Network used for NFC instead of sharing with Management Network in the past. Also the inclusion of Linux OS quiesce. Also removing to the need of Full Sync whenever a Storage vMotion is triggered. A White Paper just on vR is also provided here.
I have previously written an article on the new improvement on vNUMA here. With this improvement, memory locality can be increased across NUMA nodes.
I will include more information here on things that are not really made known here as I get hold of it. Hope this give you the beauty of this release.
Monday, May 11, 2015
To understand what is NUMA and how it works, a very good article to read will be from here. Mathias has explained this in a very simple terms with good pictures that I do not have to reinvent. How I wish I have this article back then.
Starting from ESX 3.5, NUMA was made aware to ESX servers. Allowing for memory locality via a NUMA node concept. This helps address memory locality performance.
In vSphere 4.1, wide-VM was introduce this was due to VM been allocating more vCPUs than the physical cores per CPU (larger than a NUMA node). Check out Frank's post.
In vSphere 5.0, vNUMA was introduced to improve the performance of the CPU scheduling having VM to be exposed to the physical NUMA architecture. Understanding how this works help to understand why in best practice we try not to placed different make of ESXi servers in the same cluster. You can read more of it here.
With all these improvement on NUMA helps address memory locality issues. How memory allocation works when using Memory Hot-Add since Memory Hot-add was not vNUMA aware.
With the release of vSphere 6, there are also improvement in NUMA in terms of memory. One of which is Memory hot-add is now vNUMA aware. However many wasn't aware how Memory was previously allocated.
Here I will illustrate with some diagram to help in understanding.
Let's start with what happen in prior with vSphere 6 when a VM is hot-added with memory.
In vSphere 6.0, Hot-Add memory is now more NUMA friendly.
We would wish that this could be smarter but of course we cannot predict where memory would be accessed from which NUMA node when a processes is running.
Hope this helps give you a better picture when doing sizing and enabling hot-add function.