Amazon Banner

Sunday, May 3, 2015

Applications for Storage or Storage for Applications?

With many new start ups from storage arrays, converged, hyper-converged to software defined storage (SDS), many users starts to have lots of choice to make.

Recently encountering many questions on which should they choose and which is better.  However there is no straight answer as there are just too many choices to choose from just like in a supermarket.  In the end, some may choose one that advertise the best and create the best reminder in your mind.  To be truth, you will not choose and replaced the rest, but rather some will still coexist for some reasons which we will go through later.

With several asks and questions, I like to give some guideline when deciding.  Here I will do my best to start non bias to make this beneficial and this is all my opinions and not by anyway entity.

1.  Ease of management: A big word often misused by marketing I would say.  Assess it do you have a team to manage different components are you have a lean team to manage it.  How it is define for ease of use.  Walk through the daily things you commonly need to perform on a traditional setup.

2.  What are the applications you are running it on, can this components support the performance:  When performance comes into play, many only look at the storage throughput and IOPS, we need to also look at the daily operations tasks.  How fast can it spin up a workload?  Test everything not just look at a demonstration on one task but all.  Rate everything a score and decide which you can do with or without.  There won't be one that will fit all the bill.

3.  How are you intend to protect this application?
You know they can meet your requirement in day 0 operations however will you need to protect this application?  If you are doing a backup, can it support any backup API.  This can be from Microsoft or VMware?  Weight the cost between the two.  Would you need storage snapshot, if so, would your workload need to be application/data consistent?  Can the storage as part of this new devices you are looking at able to do it?  If it can, is it build in or via a script or via an agent?

4.  How are you going to do disaster recovery?
The cheapest way might be leverage some host based replication technology that will work with any of the device chosen.  However what if you need to perform some kind of storage replication?  Will your workload be application/data consistent?  Can the storage as part of this new devices you are looking at able to do it?  If it can, is it build in or via a script or via an agent?

5.  Is it easy to do maintenance doing physical components upgrade, firmware upgrade, software upgrade?
This is important as you will definitely do this as it comes along.  We can't expect to have something which give you an ease of day 0 operations yet create lots of work for a maintenance.

6. Does it comes with a per-requisites?
The fine prints that always exist in this world of things.  Ask other than the device you are choosing, does it come with a requirement you need have or can it work with your existing infrastructure components.

7.  Before you perform a pilot or proof of concept, are you placing real data or dummy data.  You need to decide whether this data can be removed easily from the device later on and whose responsible to do that?  If it's yours, know how you are suppose to do it before you start any activity.

8.  Can it offload storage activities e.g. Full copy, snapshot activities to storage or this will leverage on your hosts' CPU cycle?  Understand this help to identify the specification requirement for your nodes or servers you are using and not to find out contention later.

From all these aboveconsiderations, which there might be more however these are just some questions ought to be thought through.  Definitely not one device can fulfill everything, this also means, either you might have mixture of a couple cater to different workloads which might need your traditional setup.

Tuesday, April 14, 2015

Orphaned Replica in Horizon View

In my home lab, I do not have any redundancy since it for testing purpose and in such, I encounter a power failure and resulted in my Horizon Connection server to be absent.

Upon recovery of powering up again, one of the replica end up lost link with the database.  In my vSphere Web Client, I see a replica (orphaned).  I was able to delete the replica folder but the entry still stay in the vSphere Web Client inventory tree (that applies the same to vSphere Client).

By the way I am running Horizon View 6.1 and this solution found in the KB still works.

I didn't manage to capture my screenshot and found the below similar.  You will see the same on the web client.  Do note that the name of the replica will look like "replica-d0d123123c-f3j2-... (orphaned)".  Do note the actual name does not contain "(orphaned)".  DO NOT include when using the commands below.

source: http://www.vladan.fr

The command in the KB states and this was the confusion I have and I like to address for you to use it correctly.


sviconfig -operation=UnprotectEntity -DsnName=name_of_DSN -DbUsername=Composer_DSN_User_Name -DbPassword=Composer_DSN_Password -VcUrl=https://vCenter_Server_address/sdk -VcUsername=Domain\User_of_vCenter_Server_account_name -VcPassword=vCenter_Server_account_password -InventoryPath=/Datacenter_name/vm/VMwareViewComposerReplicaFolder -Recursive=true
  • In View Composer 2.5 and later, you can re-protect the VMwareViewComposerReplicaFolder using -operation=ProtectEntity

The main problem comes from the InventoryPath.  As my Datacenter_Name contain space, please use "" for the whole string.

Leave the second part /vm the same, do not change it.

Since replica is in the main inventory list not in any Folder created, then leave /VMwareViewComposerReplicaFolder.   This is the default recognized for vCenter.

Here is an example how it should look:

sviconfig -operation=UnprotectEntity -DsnName=viewDSN -DbUsername=viewdsnuser -DbPassword=mypassword123 -VcUrl=https://prodvC/sdk -VcUsername=plain-virt\vCadmin -VcPassword=vCadminpasswd123 -InventoryPath=/Datacenter_name/vm/VMwareViewComposerReplicaFolder -Recursive=true


Hope this helps you to resolve such incident.  This was the first time I encounter it so I thought I just share this out. 

Friday, April 10, 2015

vSphere 6.0 Web Client Mark Disk As Flash or HDD

Just some sharing that I chanced upon.

This might be most useful for those who are building their demo labs when you try to nested environment or simulate your disk as Flash when it is actually magnetic disk (MD).

It is also applicable where your Flash Disk/SSD is detected as a normal MD but you need to mark is as Flash disk or revert it when needed.

This is typically very true in a Virtual SAN (VSAN) environment.  When you need for a disk group with a minimum of at least one SSD.

If you refer to our KB, you might have to go through a list of commands.  However in vSphere 6.0, the web client has the function to do it via the GUI.

Below is a screenshot taken from my home lab.  My ESXi server has a normal SATA disk and a SSD disk.  So upon selecting either of them the icon will change to allow you to change it.  Technically you can even build a all Flash VSAN without having to own a VSAN license only different is the read and write ratio remain the same unlike a real All-Flash VSAN where 100% write goes to the cache disk and 100% read comes from the persistent disks.

Mark as flash disks.

 Mark as HDD disks.

Wednesday, April 8, 2015

vSphere 6 Installation Experience

Previously I posted on my installation and upgrade of my vSphere 5.5 here.  Since each upgrade comes about a year or two that I perform, we ought to forget some important things.  So here is my experience.

Before you start, head to the vSphere Upgrade Center.  Here you will find all the resources needed.  There is also a simple install walkthrough to guide you through with screenshots!

1) Read the documents on the requirements!  During the installation the vCenter requires at least 17GB of space to store the MSI and part of it the new Platform Service Controller (PSC) takes up 8GB install in the C:\ProgramData path.  Go through the requirements in the product documentation page.


2) Your DSN user in SQL for vCenter (vpxuser), needs to have additional rights for installation and upgrade but not during operations time. Grant this rights back.  In vCenter 6 installation, it points out the additional rights required.  This is great!  So I just use my SQL Management Studio and do the needed instead of going through a list of stuff (Nope I am not a SQL expert :) )  You can of course remove these two rights after installation.



3) Yes poor Update Manager is still using 32bit ODBC DSN.  I haven't been using it for awhile so decide to install it.  So head over to Windows C:\Windows\SysWOW64\odbcad32.exe.  Also the SQL user for vCenter Update Manager need db_owner rights for MSDB too.


4) Already have all your VMFS volumes in version 5 yet still receiving warning that some of your datastore is deprecated?  This is a false positive warning as state in the KB, just restart your management agent.

5) In any case this is your new installation, do note that Transparent Page Sharing is disabled by default and if you need it to be on, refer to this KB.

Lastly, if you did a fresh install but using back the same database which contain all your data of your infrastructure, do note that all password will not be recognize.  What I mean by password will be e.g. those you created in the Customization Specification Manager for automatic installation by joining domain etc., where you ahve specify perhaps a domain account to help join domain.

Wednesday, April 1, 2015

VMware VCP6-DCV Certification is now available!

The wait is over.  With the announcement of vSphere 6 in Feb 2015, to the General Availability in Mar 2015, today marks the day where the certification becomes available.  This is one of the fastest release over a major version release I seen since VI3.5.

Read about it here.  You can also find out the requirement to be certified VCP6-DCV.  There is also extension to re-certify your VCP and discount for existing VCP on VCP6-DCV as announced here.

In previous article, for new comers, you will have to take up the 5 days course, if you have attended a vSphere 5 training course but not taken an exam, you can proceed to next step.  Next step is to pass the foundations exam (75 questions in 90 minutes for USD50) and the VCP6-DCV (100 questions in 120 minutes for USD50) exam.  All exams requires application for authorization.

For existing VCP5-DCV, course is recommended but not required.  You can go straight to VCP6-DCV Delta (75 question in 90 minutes for USD50) exam.  Alternative you can choose to take the official exam too (which I do not see the need though).

Do note that current release are all beta exams.  In such, the passing score is not stated.  The price is also at priced at USD50 which you will not see this once this is general available.

Do it fast and quick and help evaluate the exam at this special price.  If you have experience, this should not be tough.

Good Luck!

Thinapp Assignment in Horizon View Access Denied

Finally upgrade my home lab with vSphere 6.0 and Horizon 6.1.  Have to perform a demonstration to my customer how to assign Thinapp easily via the Horizon View Admin portal.  Guess what, luck never on my side and hit with lots of issues.

This issue comes with lots of testing.  The error I encounter after assignment was HRESULT hr = 0×80070005. Access is denied.  Doing a few Google didn't bring me nowhere.  Assignment installation failed.

Let me just walk through what I have done:
  • Package a few Thinapp packages with editing of Package.ini mainly the MSI settings since I am doing a assignment from Horizon View Admin Portal.  Read more here.
  • Place them in a file share with permission to VDI users (yes make sure the VDI users can access those folders)
  • In Horizon View Admin portal, scan the repository for the Thinapp, make sure the .msi and .exe and .dat (if you are streaming and app is too big to build into .exe file) in the same folder in the repository. 
  • Assigned the Thinapp to my desktop pool.
  • Logon to one desktop that is part of the pool, check in Horizon View Admin portal on Thinapp and saw the screen shot as shown.
I know this is some permission problem but did not know where to start.  I checked the MSI settings and rebuild the Thinapp multiple times.

I came across this article, point 2 sound like something I never tried before.  I decide to give it a try, if it could be Local System account doesn't have rights to install on the virtual desktops which make sense here.

I create a service account (make sure it has local admin rights on the View Connection server else the service will not start) for View Connection Server.

This time round my Thinapp got installed successfully!  Horizon View Connection Server service is the one that trigger the Thinapp push down to the assigned desktop.  If it is by default installation, the service is assigned to Local System.  This "account" has log in rights for the local OS it is running on.  In such, it does not have rights to perform log on to a remote desktop.  Having to create a domain account and use it to run the Horizon View Server service, now I have an account that has rights to log on to the remote desktop.

Do note that, if you have already create any Application Pool or Desktop Pool, all your entitlement will be lost, you will need to entitle the rights again.


Tuesday, March 24, 2015

Upgrade or Migrate VMware Certification from 5 to 6

VMware has announced a proper migration/upgrade path many of us might be still wondering after VMware announced the version 6 certification roadmap awhile ago.  All these currently do not require a class.

VCP6
I read through a few times to make out how the migrates works.  Before we start with the example, let's understand some of the acronyms for the track.

VCP-DCV = Data Center Virtualization
VCP-DTA = Desktop & Mobility (formerly VCP-DT = Desktop)
VCP-CMA = Cloud Management & Automation (formerly VCP-Cloud = Cloud)
VCP-NV = Network Virtualization

For existing VCP5-DCV, you can upgrade this without a class via a VCP6-DCV Delta exam (this is yet to release) similar to VCP5.5-DCV Delta exam.

For new users trying to get certified, you will be taking the VCP6-DCV inclusive of a class as usual.

Since there are already new some version 6 exams: VCP6-DT and VCP6-Cloud, already released (Check here).  These certification will be automatic upgrade to VCP6-DTA and VCP6-CMA respectively without taking another exam.

Do note that this does not renew any of your VCA if you own any.  VCA is just an accreditation for individual in the business function to prove they understanding the VMware solution they acquired.

VCIX6
The main jest of it is here upgrading to VCIX6.  Reminder VCIX6 contains two exams: Design & Administration similar for all three tracks: DCV, DTM, CMA.

For existing single VCAP5 either in Design or Administration, you will need to take the other of what you do not have in VCIX6 exam.  E.g. if you hold VCAP5-DCD, you will need to take VCIX6 administration exam and vice versus.  This applies similar to all tracks.

For existing dual VCAP5 for a single track (Design & Administration), you can choose to take either VCIX6 exams; design or administration.

For existing VCIX-NV, you will be upgraded automatically to VCIX6-NV.

So to take VCAP design or administration first, before doing one of the other exam of VCIX is an option or is it better to head directly to VCIX by taking both design and administration exams is subjective.  One give you a VCAP certification upon passing while the other needs both exams to be VCIX.

One thing to note, each exam in VCAP is 4 hours each for design or administration while each exam in VCIX is 2 hours, taking both adds up to 4 hours to achieve VCIX.

An incentive, while passing VCIX, it will automatically renew your VCP6.


VCDX6
For VCDX5, this applies the same.  They are only required to take VCIX6 design exam portion for the tracks they are on.  This also renew your VCP6.

Friday, March 13, 2015

VMware 6 GA!

Following the announcement on 2nd Feb 2015 on the new vSphere 6 which is part of vSphere with Operations Management and vCloud Suite 6, today is the general availability (GA) for the binary.

These includes but not limited to vSphere 6 (vCenter Server 6, ESXi 6), vRealize Orchestrator (vRO) 6, VMware Data Protection (VDP) 6, vSphere Replication (vR) 6, Virtual SAN (VSAN) 6, Site Recovery Manager (SRM) 6, vRealize Automation (vRA) 6.2.1, vRealize Business (vRB) 6.1.0 and also not new in today release vRealize Operations (vROps) 6.0.1.

Head over to the vCloud Suite download site to get those bits.

Also do check out the product documentation site on the changes from release notes.

In conjuction, the release of Horizon 6.1 also announced and made available.  In this release, Horizon 6 Enterprise now includes App Volumes.

Get the binary here and product document here.  Also refer to the vSphere Update Center for more information on upgrading.

Need some help from community, head over to the vSphere Product Community.

Monday, March 9, 2015

Virtual Machine Automatic Shutdown

Like to share this incident which I encounter twice.  Once was during our ASEAN demo lab and the next is one incident that was reported by one user in our VMUG-ASEAN Group in Facebook.

VMs started shutting down after 1 hour by itself automatically and on vCenter you start to see memory status changes.
Source: VMUG-ASEAN group in Facebook

From the above, you see that memory state changes.  The first thing most people thought was there must be some issue or misconfiguration on the vSphere portion.

Further checks and view, the host and VM seems to be healthy and this is affecting a majority of VMs.  Further isolation, all these were running Microsoft Windows.

The first thing I wanted to confirm was to run a VM that is non-windows to make sure this is not due to OS issue.  Instead of installing one, you can use a tiny VM version small and won't take up much resource from here.

The VM runs normal and nothing happens.  This confirmed is not a vSphere issue but more of a OS related problem.  So a check on the license activation is required.  And indeed confirmed license has expired and not activated.

We experience this in our ASEAN demo lab with our Active Directory shutting down and similar problem and this is all mentioned in Microsoft knowledge base.  For Windows 2008 R2 & Windows 7 refer to this KB for Windows 2012 refer to this KB.  From the field, the reported time for Windows 7 & Windows 8 automatic restart within 1 hour while Windows 2012 is 30 minutes.


Side Thoughts.
If this happens on a physical server, we would likely not suspect a hardware failure since it was able to run normally.  Instead we will be troubleshooting in the OS.  So why in virtualized environment we start to investigate on the virtualization layer when all was good?

We start to forget the main place to start.  With or without virtualization, we should always find out more from one area and isolate it rather of jumping straight to an area that hasn't done any harm but showing your more information.

This do not change very much and I hope this give everyone a clearer picture that something things happen just very near to us but we have jump to conclusion too far away.

Tuesday, March 3, 2015

Vote for the Top vBlog 2015

The annual vBlog 2015 voting is now on.  It's my first time getting my blog listed; Plain Virtualization (Wee Kiong Tan).  Vote for your favourite blogs to give bloggers the credit to keep them going.  Vote for my blog if you think is worth you following too :)

All the blogs are listed here.

For those voting the first time (like myself), you must vote for 10 blogs and the rest of the sections are up to you discretion and the last section you will arrange the 10 blogs that you have selected.  The "Next" button is right at the bottom of the page to start the voting.

http://www.surveygizmo.com/s3/2032977/TopvBlog2015

Cast your votes NOW!


Update 1st Apr 2015
The full results of all the 411 blogs are out!  And thank you all for your support.  Tt was my first time listing and am ranked 253.

VCS to VCSA Converter

Many are not aware that VMware has a site dedicated to tools developed for public use to make our life better called Flings under VMware Labs.

You will find several tools developed by engineers to help in making life much easier for adminstrator or engineers alike.  Some tools provide things like a GUI front for some of the common PowerCLI commands while some are load generator for a VDI POC or Test.  Of course since this is a tool created by an engineer and not by a company, it is not a supported tool.  It will be your own risk using them and supporting them.

A new tool was release on 2nd Mar named VCS to VCSA Converter.  The name already tells it all.  VCS is our vCenter Server while VCSA is vCenter Server Appliance.  With each release of vSphere, there have been more and more improvement for the VCSA to match what VCS can do.  With the recent announcement of vSphere 6, VCSA has already catched up if not all the features of VCS.

With this tool, you will be able to to move your VCS which is on Windows to a VCSA.  Why would you want to do that you might ask?  Well the reason is simple, cost and manageability.  In terms of cost, you will save on your external database and Windows OS cost.  In terms of manageability, it much easier to handle a vApp than to handle a Windows OS and a Databases separately (or as one depending how you deploy it).

Before going into too much joy, there are a few things that this tools migrate and not everything (almost all); vCenter database, roles, permissions, privileges, certificates and inventory service.  You will see that metrics data is not part of the migration which means that need to be collected over time.
source: VMware, Inc.

I would love to see this becoming a VMware Standalone Converter to be supported by VMware eventually.  As of now, it helps to migrate than having nothing at all.

Thursday, February 12, 2015

VMware Virtual SAN 6.0 What's New

With the announcement of vSphere 6.0, comes Virtual SAN (VSAN) 6.0 the next release of VSAN since 5.5.

This makes several improvement and I will be listing them here and do note of the differences as there are some improvement with changes to existing VSAN 5.5.

To start clear, we need to know the terms right.  You will often hear Hybrid VSAN and All-Flash VSAN.  Hybrid is not new.  Since VSAN 5.5, it is always in Hybrid VSAN.  What it means it's a mixed of Flash or Solid State Harddisk (SSD) for cache and Magnetic Disk (MD) for persistent data.

What about All-Flash, this is new in VSAN 6.0.  There will be no MD but make of all Flash/SSD for flash and SSD for persistent.

source: VMware, Inc

In VSAN 5.5, the cache read/write ratio was 70/30.  This is fixed and cannot be changed.  Of course in a VDI environment, this will be less favorable though it is using flash/SDD for cache since only 30% of the cache is used for write cache in a write intensive VDI environment.

In VSAN 6.0, the cache is 100% write where read is straight from the SSD persistent area.  This is definitely very favourable for any environment and workload.

Here is a table of the changes.  Between VSAN 6.0 Hybrid and All-Flash is only the IOPS different.


Virtual SAN 5.5
Virtual SAN 6.0
Hybrid
Virtual SAN 6.0
All-Flash
Hosts per Cluster
32
64
64
VMs per Host
100
200
200
IOPS per Host
20K
40K
90K
Snapshot depth
per VM
2
32
32
Virtual Disk size
2TB
62TB
62TB
Virtual Machine per Cluster
3200
6400
6400
Components per host
3000
9000
9000

The next most still ask for the overheads since it is running on the kernel.  A rule of thumb will be
less than 10% of CPU utilization.

With the announced of VSAN 6.0 which will include VSAN 5.5 will support Direct Attached JBODs for Blade servers.  This will allow Blade servers which have little or no disk to scale with such storage and used in a VSAN setup.

VSAN is supported in self build servers from the HCL list or via VSAN Ready nodes which comes with all the parts already certified to run or available through EVO:RAIL.

Use Cases
  • In VSAN 5.5, it was mostly suitable for DR, Test/Dev, VDI.  However in VSAN 6.0, it is now added with one more which is Business Critical Applications (BCA).  This is made possible due to 1) All-Flash, 2) New disk format which will results in better performance.
Requirements
  • The Ethernet for Hybrid VSAN network required is at least 1GB Ethernet but recommended to use 10GB.  For All-Flash VSAN, 10GB is a requirement.
  • Minimum hosts is still three for VSAN 6.0.  However I would recommend a N+1 which is four hosts to start.
  • Minimum one disk group per host.  One Flash/SDD for cache and One MD/SSD for persistent data per disk group.
  • Maximum of 7 MD/SSD for persistent data.
  • Maximum of 5 diskgroup.
File Format
  • VSAN 6.0 uses VSAN FS as the new file format vs VMFS-L in VSAN 5.5.  Online migration via RVC Console is supported.  VSAN 6.0 will still support VMFS-L even if you choose not to upgrade.
  • VSAN 5.5 uses vmfsSparse (redo logs) for snapshot while VSAN 6.0 uses vsanSparse.  Read more of vmfsSparse here
  • Note that once VSAN 6.0 file format is used, vSphere 5.5 will not be able to join the VSAN cluster.
Updated 13/2: Availability
In VSAN 5.5, we were unable to control where each nodes in the VSAN cluster will be e.g. in a 10 hosts clusters, 5 nodes are sharing the same power supply i.e. same rack and the other 5 nodes on another power supply i.e different rack.  This helps also help in network partitioning where the bigger Fault Domain will win when separated.

With VSAN 6.0, we are able to create Fault Domain where we can grouping a VSAN cluster into different logical failure zones.  This allows VSAN to understand and ensure provision of replica will not fall into the same logical failure zones.

This is extremely useful as in the past, without fault domain we could need more resources to create a workaround. Assuming FTT=2, you will need at least 5 nodes for 3 replicas and 2 witness.  As illustrate below, without logically creating a Fault Domain, there are actually 6 Fault Domains due to the number of servers and in such, even though two nodes are in the same rack its actually 2 Fault Domains to VSAN so resulting replica be still be placed in the same rack so creating FTT=2 ensure at least one replica is on a separate Fault Domain.
source: VMware, Inc

With the new Fault Domain, we can maintain the default FTT=1 and ensure at least one replica will be in each separate Fault Domain to achieve redundancy as shown below.  Not only does this allows even the minimum of 3 nodes, it also uses less resources.
source: VMware, Inc