Академический Документы
Профессиональный Документы
Культура Документы
Search by Google
Search
- VCP 4.0
Words of gratitude
Written by Matthijs van den Berg
Resource Rent
The test environment used to test all settings and create VMs to toy around with was provided by Resource Rent. A cloud computing provider using VMware as
default (and of cause reliable) platform!
FastOne - IS
My web hosting provider.. for helping me out when the site (SEO part) was broken once again..
My Girl..
For not complaining when I was working again.. (or studying.. accepted better ;-0 )
All who have replied and contributed to this guide!
I have written this study guide based upon the VCP 4.0 blueprint released by VMware. This blueprint outlines the study objectives to master before going for the VCP exam.
In the blueprint consists of bullets with objectives. I have used those bullets and placed my answer directly below the objective. You will find that some fat text and colors
are used:
• Fat test after a bullet – This is a objective / question from the blueprint
• Orange text – this is a hyperlink to a site with more information about the subject
All other text is (supposed) to be written by me or in some cases (minimized) copy / passed from a VMware whitepaper or Internet site. If another source then mentioned
under “Tools” at the bottom of the objective is used, this is mentioned.
Regards,
Matthijs
Hi All! I haven’t even finished my Design Expert certification yet but couldn’t wait to start with my VCP 4.0 any longer. There is huge demand for VCP 4 professionals and
vSphere is being deployed all over.
Since I did not wanted to take the training I did my exam before the 1st of January 2010. I passed.. but for all of you out there I finished the parts of the learning guide that i
did not finish before my exam date.
As of today, valentines day 2010 the 14th of February, the guide is done!
Of cause, when comments and improvements come in, I will adjust the guide! So keep them coming, I have received many responses via the commend system as well as
e-mails. Please keep them coming! Really motivating!
If you have any comments, feel like helping me out of are just in the mood of dropping me a line, please feel free to do so.
Enjoy reading and I hope this helps you guys out there!
Regards,
Matthijs
PS Use the menu in the upper right of the page to navigate through the items of the learning guide!
PS 2 on advice of Mike I have published a preliminar version in PDF format. Download it here. Only Chapter 8 is missing (dd 23-11-2009)
Working on it...
Knowledge
2 x 64 bit processor
2 GB RAM
System compatibility
I/O compatibility (Network and HBA cards)
Storage compatibility
Backup software compatibility
GUI
The configure a time server change this in “Time Configuration” in the tab Configuration when a ESX server is selected
CLI
Edit:
/etc/ntp.conf
and add the time servers you deem necessary. For example:
server 0.nl.pool.ntp.org
When you apply a minor upgrade or patch the ESX/ESXi or vCenter Server software, you do not need to replace the existing license key with a new one. If you
upgrade the edition of the license (for example, from standard to enterprise), you must replace the existing license key in the inventory with a new upgraded license
key.
Tools
VMware Hardware Compatibility Guid
VMware ESX/ESXi and vCenter Server Installation Guide
Configuration Maximums Guide
Product Documentation
VMware Virtualization Toolkit
Knowledge
Back up the files in the /etc/passwd, /etc/groups, /etc/shadow, and /etc/gshadow directories. The /etc/shadow and /etc/gshadow files might not be present
on all installations.
Back up any custom scripts.
Back up your .vmx files.
Back up local images, such as templates, exported virtual machines, and .iso files.
Example:
Use VCB to back-up your VMs in combination with you back-up tools for
Update Manager
With Update Manager 4.0 you can perform orchestrated upgrades of hosts and virtual machines. Orchestrated upgrades allow you to upgrade all hosts in
the inventory using host upgrade baselines. Orchestrated upgrades can be used to upgrade the virtual machine hardware and VMware Tools of virtual
machines in the inventory at once, using baseline groups containing the VM hardware and / or VMware tools that match.
Direct, in-place upgrade from ESX 2.5.5 to ESX 4.0 is not supported, even if you upgrade to ESX 3.x as an intermediary step. The default ESX 2.5.5
installation creates a /boot partition that is too small to enable upgrades to ESX 4.0. As an exception, if you have a non-default ESX 2.5.5 installation on
which at least 100MB of space is available on the /boot partition, you can upgrade ESX 2.5.5 to ESX 3.x and then to ESX 4.0. The upgrade of ESX 2.5.5
to ESX 3.x requires the use of one of the following methods:
Graphical upgrade from CD
Text-mode upgrade from CD
Tarball upgrade using the service console
Scripted upgrade from CD or PXE server using esxupdate
Scripted upgrade from CD or PXE server using kickstart commands
After each update, test the system to ensure that the update was completed successfully.
If the installation was unsuccessful, revert to the last good known image. See“RollBackanESXiUpdate, Patch, or Upgrade,” on page 83 and “Uninstall a Bundle
from a Host,” on page 106.
Rollback the upgrade using the provided tools (rollback-to-esx3 command of shift-r during boot for ESXi). Read the upgrade guide for detailed instructions.
Remember that if you already upgraded your VMs this upgrade is not automatically rolled back, you need a pre-upgrade snapshot. All changes to the VM are
also not rolled back.
Perform a fresh install of the ESX operating system and restore a backup you created before. You can restore this backup using this procedure for ESX
(http://www.vmware.com/pdf/esx3_backup_wp.pdf) and the procedure described in the upgrade guide for ESXi (vSphere CLI: vicfg-cfgbackup)
Tools
Knowledge
High
Medium
Low
Determine applications needed for accessing the service console in a given scenario
To access the service console the are roughly two option, from the local terminal (monitor, Keyboard) or remote using a SSH (Secure Shell) Client. Linux and Mac
OSX have a SSH client by default, for Windows Putty is a favored client for accessing SSH Servers.
Before you can access a VMware ESX server with a remote client you need to explicitly allow access. Also an account to login needs to be created. Remote root
access is disabled by default, but can be enabled. This however is not a best practice!!! The most secure way is to log in as a regular user and use sudo to execute
privileged commands.
Tools
vSphere Client
ESX/ESXi Configuration Guides
Product Documentation
Knowledge
LUN masking has been changed since the ESX 3.x version. A new command is used:
This new command allows you to (un)hide luns and the convert the previous LUN masking used in pre ESX 4 servers to the new format. To add a new LUN masking
to need to hide the LUN on every available path to the storage controller! This means that the underlying command line needs to be executed for every path. The
command to add a LUN is:
More information on how to migrate you existing pre ESX 4 LUN masking configuration to the new format can be found here on page 94.
Prepare SAN
To prepare the FC SAN:
Connect the FC and Ethernet cables, referring to any cabling guide that applies to your setup. Check the FC switch wiring, if there is any.
Configure the storage array.
From the SAN storage array, make the ESX host visible to the SAN. (This is often referred to as creating an object.)
From the SAN storage array, set up the ESX host to have the WWPNs of the host’s FC adapters as port names or node names.
Create LUNs.
Assign LUNs.
Record the IP addresses of the FC switches and storage arrays.
Record the WWPN for each SP and host adapter involved.
Caution! If you use scripted installation to install ESX in boot from SAN mode, you need to take special steps to avoid unintended data loss. See the Hide
LUN section above!
Caution If you use scripted installation to install ESX when booting from a SAN, you must take special steps to avoid unintended data loss. See VMware
knowledge base article 1540.
Connect network cables, referring to any cabling guide that applies to your setup.
Ensure IP connectivity between your storage system and server. This includes proper configuration of any routers or switches on your storage network. Storage
systems must be able to ping the iSCSI HBAs in your ESX hosts.
Configure the storage system.
Create a volume (or LUN) on the storage system for ESX to boot from.
Configure the storage system so that the ESX system has access to the assigned LUN. This could involve updating ACLs with the IP addresses, iSCSI
names, and the CHAP authentication parameter you use on the ESX system. On some storage systems, in addition to providing access information for the
ESX host, you must also explicitly associate the assigned LUN with the host.
Ensure that the LUN is presented to the ESX system as LUN 0. The host can also boot from LUN 255. On storage systems that present volumes as
multiple targets rather than multiple LUNs, the volumes are always presented as LUN 0.
Ensure that no other system has access to the configured LUN.
Record the iSCSI name and IP addresses of the targets assigned to the ESX host.
You must have this information to configure your iSCSI HBA.
Use the cursor keys to select the first entry in the list of storage processors.
Press Enter to open the Select Fibre Channel Device page.
Use the cursor keys to select the chosen SP and press Enter.
If the SP has only one LUN attached, it is selected as the boot LUN.
If the SP has more than one LUN attached, the Select LUN page opens. Use the arrow keys to position to the selected LUN and press Enter. If any
remaining storage processors show in the list, position to those entries and press C to clear the data.
Tools
Knowledge
Datacenter products
VMware Infrastructure 3
VMware vSphere 4
VMware Server
VMware ESXi (Free)
Management products in the vCenter lineup
Desktop products
Enterprise Desktop
VMware View
VMware ThinApp
VMware MVP
VMware ACE
Consumer Desktop
VMware Workstation
VMware Fusion
VMware Player (free)
Understand the various data-center solutions (View, SRM, Lab Manager, etc.)
VMware has developed more and more products that add functionality or help providing more up-time to you infrastructure. These additional software product can
help you solve complex business cases, add functionality of ensure your business is always on. For some of these additional products I have written a short
description:
Remember a lot is said about virtualization, the benefits, downsides etc. Google on Internet to find out so much more you never thought it would fit on the net. My estimation
is that if you understand the basics of virtualization and can point out the differences between bare metal and virtualization this will do for the VCP exam. If you disagree,
please use the comment system and let’s get talking!
Tools
Introduction to VMware vSphere Guide
Product Documentation
VMware vSphere Editions Comparison Chart
Note: Though all / most of the commands in this section can be performed by as well the Grafical User Interface as the Command Line I will only work out the GUI part
unless especially stated. This is based upon the “Tools” section below every Objective stating the GUI much more often than the CLI. If you need CLI command to perform
you configuration please take a look at the Enterprise Administrator exam prep I have written. This guide holds much more information in regards to the CLI.
Knowledge
Understand Virtual Switch and ESX/ESXi NIC and port maximums
A Virtual Switch (vSwitch) is a switch that lives on a single ESX host. This Virtual switch is connected to the physical network as well as to other Virtual Switches via
physical ethernet connections.
A vSwitch allows for many servers (via port groups) and uplinks to be connected. Port groups are the virtual extension of VLANs. Whitin a vSwitch you can create a
portgroup with a VLAN ID allowing only the traffic between that portgroup and the “physical” VLAN. In regards to the vSwitch there are some configuration maximums:
Physical hardware
The maximum number of physical adaptors depends on the brand / model of adaptor you use. Please see the configuration maximums guide on page 5 for
more information.
Total virtual network switch ports per host (vDS and vSS ports): 4096
Virtual network switch ports per standard switch: 4088
Port groups per standard switch: 512
Standard switches per host: 248
More information about the networking introduction can be found here, and basic understanding (really helpful if you are a newbie) can be found here. All
configuration maximums can be found here.
Load Balancing
In a load balanced configuration multiple NICs are used to handle the traffic from a vSwitch. Based upon a distribution logic (like port based, MAC based or IP
based (the last one requires a port channel on a physical switch, the others do not require switch configuration)) all traffic is distributed across the uploads
resulting in more usable bandwidth. When a NIC or uplink fails in a load balanced setup the remaining NIC handles all the traffic (after some detection and MAC
address learning downtime)
Failover
Used with multiple NICs where only one NIC is active at a given time. When a network error occurs on the active NIC the secondary NIC can take over. This is
used when there I no need for large bandwidth or the underlying network is not redundant or capable to support redundant uplinks.
Select the NIC (non available in the example, but there should be) you would like to use and click next.
Add a name and VLAN for a portgroup (or no VLAN of non are configured on you physical network). (Normally you would still see the physical NICs on the right
side in the preview pane)
Click Next, check the config, and click finish.
Besides adding Port Groups during the creation of a new vSwitch (like above) you can add them later. To do so:
Select a ESX host
Select the tab “Configuration”
Select “networking” under hardware
Click “Properties” next to an existing vSwitch
Name the new port group, optionally set the VLAN ID, next and Finish. The new port group is now added.
Configure VMotion
To configure VMotion you need to add a “VMkerel Portgroup” to one of you vSwitches (a dedicated vSwitch of a vSwitch with VLANs in where you VMotion network
has it’s own VLAN). To add a “VMkernel Port” you can use the Add a Port Group wizard described earlier. When you already add a portgroup you may need to enable
VMotion support on the portgroup. To do so:
Tools
ESX/ESXi Configuration Guides
Product Documentation
VMware vSphere Client
Note: I do not have a dvSwitch environment to make screenshots / test what I am writing here. So what you read is from the manuals or from my brain…. When a manual is
used you will find a link to it.
Knowledge
Unlike the previously covered vSwitch, a to an ESX host local switch, this dvSwitch has one configuration for all ESX hosts and allows for new features like network
statistics that VMotion along with the host. You need to have an Enterprise Plus license to be able to use the dvSwitch (the most expensive and feature rich version of
ESX).
However, just like the old fashioned per ESX host vSwitches a vNetwork Distributed Switch has it’s limits. Lets see:
Total virtual network switch ports per host (vDS and vSS ports): 4096
Distributed virtual network switch ports per vCenter: 6000
Distributed port groups per vCenter: 512
Distributed switches per vCenter: 16
Hosts per distributed switch: 64
Take a good look at these figures. This means that PER vCenter there can be no more than 16 switches and no more than 512 port groups! If we compare this to the
regular vSwitch we see that this allows for 248 switches PER HOST and 512 port groups PER SWITCH! Thus allowing for many more networks than a standard
switch. When being realistic no “normal” implementation will exceed 512 portgroups per virtual Center, but when implementing this for example for a hosting provider
you need to take this into account.
I think it is possible to mix vNetwork Distributed Switches with regular vSwitches, but I was unable to test this due to the lack of the right license
and the fact that I think it is too much work (sorry ;-) ) to create a virtual ESX environment for this with temporary keys. If someone know this /
is able to test this, please fill me in!
Update 15-dec-2009: Steve Desrosier left me a message about this You can have dvswitches and regular vswitches on the same server, but
you do need seperate uplinks. Thanks for the info Steve!
Determine the virtual port group NIC teaming and fail-over policy in a given situation
Can’t seem to find what I need on the net, so this one is done by head. I think that the NIC teaming and failover policy is done just like when handling a vSwitch. You
link the NIC’s to a vSwitch, and on the vSwitch you configure the failover policy. You need to link physical NICs to a dvSwitch on each ESX server that is using this
dvSwitch.
A dvSwitch allows for a more granular loadbalancing policy allowing you to team all physical adaptors into one big trunk to the ESX host. On the host you can specify
on a per Distributed Port Group basis what port group uses what NIC. For example you can assign a dedicated NIC for the Service Console needing only one NIC,
because on a failure of the network connection a different NIC temporary will be used (take the performance penealty into account!).
Determine the appropriate virtual port group security policies in a given situation
This is about promiscuous mode, MAC address changes, Forged Transmits. These techniques allow you to make your infrastructure more secure. Read more here
(second half). http://b3rg.nl/vcdx/section-2-networking/objective-2.2-install-and-configure-a-virtual-networking-infrastructure-to-meet-set-security-design-
requirements.html
Create/Modify a vNetwork Distributed Switch
Please read here on page 16. http://vmware.com/files/pdf/vsphere-vnetwork-ds-migration-configuration-wp.pdf
Create/Modify Uplink Group settings
DV Port Groups on vDS are configuration templates for a group of ports and have a similar function and purpose to Port Groups on a vSS. DV Port Groups span all
the hosts covered by a vDS, so any configuration change to a DV Port Group is reflected on all hosts covered by that vDS. To configure read here on page 17.
Create/Modify dvPort Group settings
To configure read here on page 18.
Add an ESX/ESXi Host to a vNetwork Distributed Switch
To configure read here on page 11.
Add/Delete a VMkernel dvPort
To configure read here on page 18.
Migrate Virtual Machines to a vNetwork Distributed Switch
The dvNetwork Migration and Configuration manual describes two separate methods of migrating to a dvSwitch
vDS UI only
This offers more per host control over migration, but is a longer process. Hosts do not need to be in maintenance mode so VMs can be powered up during
migration.
vDS UI and Host Profiles
This uses a reference host template and is the recommended method for bulk vDS migration and deployment on hosts with inactive VMs. Host Profiles requires
the target hosts to be in maintenance mode (i.e. VMs powered down).
Tools
Knowledge
Modify Service Console IP Settings
The Service Console (SC) is a essential part of an ESX host to manage the system. When installing the ESX host you need to configure a SC with IP addresses, and
later on you can add additional SCs, change a SC or delete an SC. A Service Console usually is a port group within a vSwitch. This same vSwitch can be used for
other networking issues as well, but best is to limit the amount of traffic that this vSwitch has to handle, for example no IP storage traffic if possible.
Change the IP settings to you needs. Remember network connectivity will probably be lost.
You can assign multiple NIC’s to the vSwitch where the Service Console is running on. When wired adequately to different switches this will provide a level of
high availability to you Service Console. It will protect you agains NIC, wire and switch failure.
The Second option is to create a second Service Console, preferable on virtual and physical different network segments. This option has some more
configuration as for the second SC a gateway has to be configured via the advanced network settings. There are many good walkthroughs out there who can
help you to configure this. Read more here. http://communities.vmware.com/thread/227140 This will protect you againt all the failures a second NIC will, and also
helps to combat configuration issues you might have on the service console / service console IP settings.
Configure DNS and Routing settings for an ESX Host
To make you Service Console work adequately and reachable setting up you IP settings, including DNS
resolvers and IP gateway, is essential. The DNS will be used for resolving hostname, and Is required for a decent operation of techniques as HA and DRS. A correct
resolvers and IP gateway, is essential. The DNS will be used for resolving hostname, and Is required for a decent operation of techniques as HA and DRS. A correct
IP routing / IP gateway is needed for you SC to be reachable from other IP subnets.
Both those settings can be configured from the GUI and the CLI.
DNS – Command line To change the DNS settings from the commandline: Edit the file /etc/resolv.conf
This file holds the DNS servers for name resolution and the local domain name. Example:
nameserver 192.168.1.1
nameserver 195.241.77.55
search b3rg.local
More info and advance settings can be found here under “Configure Hostname Resolution”.
Routing – GUI
To configure DNS settings via the GUI:
Routing – CLI
VMware allows a default gateway for iSCSI, VMkernel and VMotion (when separated on different networks) but does not require one. You can set the VMkernel
default gateway / gateway of last resort with the command:
esxcfg-route <DefaultGatewayIP>
You can add additional or specific routes with the following command:
During some surfing on the web I found this forum posting on the VMware website. Apparently it is not possible to have a separate gateway for you Service
Console and for IP based storage on ESXi (ESX should work). This means that if you would like to use IP based storage on ESXi you need an interface in the
same subnet as you SC is. Read more here.
Tools
ESX/ESXi Configuration Guides
Product Documentation
VMware vSphere Client
Knowledge
Identify FC SAN hardware components
When you decide to use a SAN with you VMware environment first make sure that this particular SAN is on the Hardware Compatibility List (HCL). A SAN is build up
out of several components:
SAN Controller
This is the controller that controls disk, creates LUN and presents these LUNs to your ESX hosts. The controller is managed from a web based console or by
using a software suite. This of course depends on you SAN vendor.
SAN Switches
The SAN controller and the ESX hosts are connected by means of SAN switches. You can think of SAN switches like Ethernet switches, but they cannot be
mixed, SAN switches only switch the FC protocol. Usually zoning is in place a SAN switch. Zoning creates separate segments (like VLANs when compared to
Ethernet switches) the separate the devices in the fabric (a fabric is a collection of a SAN controller, SAN Switch and HBA on a single path. When using a
redundant setup you usually have two fabrics, read more here.
Host Bus Adaptor
Within the ESX host a Host Bus Adaptor (HBA) is used to connect to the SAN switch. Again, also the HBA has to be supported by VMware and be listed on the
HCL. Configuration of SAN LUNS is done from the Virtual Center or from the command line of the ESX host.
GUI
CLI
esxcfg-mpath –l
Zoning
Zoning is a technique typically implemented on your SAN switches. Zoning makes segments on SAN switch that separate traffic and allows only hosts configured
in that zone to see each other. Zoning is quite straight forward and allows a host based segmentation. When a host can see a storage controller it can see all
LUNs presented on that storage controller to the host. No LUN based granularity is possible.
LUN Masking
LUN Masking u typically implemented on the ESX server. This technique allows LUNs to be hided fromthe ESX host.
LUN masking has been changed since the ESX 3.x version. A new command is used: “esxcli corestorage claimrules convert”. This new command allows you to
(un)hide luns and the convert the previous LUN maksing used in pre ESX 4 servers to the new format. To add a new LUN masking to need to hide the LUN on every
available path to the storage controller! This means that the underlaying command line needs to be executed for every path. The command to add a LUN is:
More information on how to migrate you existing pre ESX 4 LUN masking configuration to the new format can be found here on page 94.
These only apply to VMware's Native Multipathing (NMP) Path Selection Plugins (PSP). Third party PSPs have their own restrictions.
VMware does not recommend changing the LUN policy from Fixed to MRU as this policy is based on the array that has been detected by the NMP PSP.
SATPs and PSPs can be built-in and provided by VMware, or can be provided by a third party.
If more multipathing functionality is required, a third party can also provide an Mulitple Multipathing Plugin (MPP) to run in addition to, or as a replacement for, the
default NMP. A MPP is provided especially for one type of storage array by you vendor and can contain specific multipathing configurations the further improve
performance.
The multipathing modules perform the following operations:
Tools
FC SAN Configuration Guide
Product Documentation
VMware vSphere Client
Knowledge
Identify iSCSI SAN hardware components
Like a Fibre channel SAN a iSCSI SAN is build up out of three components (normal setup). We find:
iSCSI Target
This is the controller of the disk and the device that converts the undelaying disk technology (for example SCSI) to iSCSI traffic on a network.
Switch
The iSCSI target is connected to the network. The iSCSI initiators talk to the iSCSI target over this network layer. A regular ethenet switch can be used, but a
dedicated VLAN, or even better, a dedicated switch with jumbo frame support is recommended. Minimum speed must be gigabit.
iSCSI initiator
The iSCSI initiator is the ESX host. On this host a software of hardware iSCSI initiator can be installed. Read further down for a comparison between the soft-
and hardware initiators.
If you use multiple network adapters, activate multipathing on your host using the port binding technique. You can find all about multipathing here op page 33.
If needed, enable Jumbo Frames
Jumbo Frames must be enabled for each vSwitch through the vSphere CLI. Also, if you use an ESX host, you must create a VMkernel network interface enabled
with Jumbo Frames. This can only be done from the Command Line.
To check if the creation succeded successfully you can use the command:
vicfg-vswitch -l
Make sure that you use the Jumbo frames enable vSwitch to create the VMkernel interface in. To check if the VMkernel interface is jumbo frames enabled:
esxcfg-vmknic -l
Dynamic Discovery
With Dynamic Discovery, each time the initiator contacts a specified iSCSI server, it sends the Send Targets request to the server. The server responds by
supplying a list of available targets to the initiator.
Static Discevery
With iSCSI initiators, in addition to the dynamic discovery method, you can use static discovery and manually enter information for the targets.
To set-up the discovery:
ESX/ESXi supports CHAP authentication at the adapter level. In this case, all targets receive the same CHAP name and secret from the iSCSI initiator. For software
iSCSI, ESX/ESXi also supports per-target CHAP authentication, which allows you to configure different credentials for each target to achieve greater level of security.
Before setting up CHAP parameters for software iSCSI, determine whether to configure one-way or mutual CHAP. Hardware iSCSI does not support mutual CHAP.
Important: when you would like to configure multipathing for iSCSI you must connect the iSCSI software initiator to the VMkernel ports. This can be done only by hand
via the ESXCLI.
Discover LUNs
When you have added the iSCSI initiator and added an iSCSI target you can start discovering targets:
iqn.yyyy-mm.naming-authority:unique name
yyyy-mm is the year and month when the naming authority was established.
naming-authority is usually reverse syntax of the Internet domain name of the naming authority. For example, the iscsi.vmware.com naming authority could have
the iSCSI qualified name form of iqn. 1998-01.com.vmware.iscsi. The name indicates that the vmware.com domain name was registered in January of 1998, and
iscsi is a subdomain, maintained by vmware.com.
unique name is any name you want to use, for example, the name of your host. The naming authority must make sure that any names assigned following the
colon are unique, such as:
iqn.1998-01.com.vmware.iscsi:name1
iqn.1998-01.com.vmware.iscsi:name2
iqn.1998-01.com.vmware.iscsi:name999
Tools
iSCSI SAN Configuration Guide
Product Documentation
VMware vSphere Client
esxcli
Knowledge
Identify the NFS hardware components
To be able to add NFS datastores to your configuration you need an infrastructure that supports NFS. The following componets must be in place:
CAUTION When your host accesses a virtual machine disk file on an NFS-based datastore, a .lck-XXX lock file
is generated in the same directory where the disk file resides to prevent other hosts from accessing this virtual
disk file. Do not remove the .lck-XXX lock file, because without it, the running virtual machine cannot access
its virtual disk file.
Configure ESX/ESXi network connectivity to the NAS device
For the connectivity to a NFS device you need the same network configuration as you would for iSCSI, a VMkernel interface. To do so:
You cannot run MSCS on NFS, this needs an block I/O device (iSCSI / FC)
Tools
ESX/ESXi Configuration Guides
Product Documentation
VMware vSphere Client
Matthijs' Links
Some people are very enthusiastic about running VMs on NFS.
Knowledge
Identify VMFS file system attributes
You can lookup the VMFS file system attributes from the command line.
for example:
vmkfstools -P -h /vmfs/volumes/AOPSY001/TST001/TST001.vmdk
Thick or thin
When you create a disk or clone a VM from template you can choose if you would like the disk you will be creating to be thick or thin provisioned. Think means
that the complete size of the disk will be reserved on the storage array. Thin will use only the size that is actually use within the Virtual Machine.
SCSI Controller Type
You can change the SCSI controller type in the properties of the VM. In vSphere there are four types of controllers you can choose from:
BUSLogic Parallel
LSI Logic Parallel
LSI Logic SAS
VMware Paravirtual
What controller you choose depends on you OS and performance needs. In general the VMware Paravirtual is the fastesed controller you can choose, but also
the controller that has the least number of operating systems that it is supported on.
Spread the disks If you have a VM with multiple disks you can spread those disk over multiple VMFS volumes. Especially when these volumes are separate
RAID sets and even better, accessed over different paths to the storage controller (or even on different storage controllers!) this can improve the performance of
a VM.
SCSI Bus Sharing
This defines if is disk can be used by one VM or by more than one VM the options are:
None
Disk is for one VM only
Virtual
Disk can be shared by VMs on the same ESX host
Physical
Disk can be shared by VMs on different ESX hosts
Group/Unmount/Delete Datastores
When a datastore is decommissioned you can delete a datastore from the storage view.
Tools
ESX/ESXi Configuration Guides
Product Documentation
VMware vSphere Client
Knowledge
Identify hardware requirements
The hardware requirements for a vCenter Server depend on the number of ESX hosts and Virtual Machines you plan to deploy in that environment. VMware has
made some estimation on the hardware requirements based on the number of VMs and ESX host:
Up to 200 ESX hosts a 32 bit can be sufficient, however a 64 bit server is always recommended. Above 200 ESX hosts a 64 bit server is required.
The MINIMUM requirements (thank you ITTamer!) are (can be more when the DB is on the same machine):
2 x 2Ghz CPU
3 GB RAM
2 GB Disk
The recommended setting for up to 50 ESX hosts and 250 VMs are:
2 CPUs
4 GB RAM
3GB Disk Space
The recommended setting for up to 200 hosts and 2000 VMs are:
4 CPUs
4 GB RAM
3GB Disk Space
The recommended setting for up to 300 hosts and 3000 VMs are:
4 CPUs
8 GB RAM
3GB Disk Space
Item Max.
Linked vCenters 10
Availability
When you link vCenter servers those servers can manage the entire infrastructure. When one server fails, for example on site A, you can connect to the linked
server on site B to continue working.
Configuration maximums
The number of ESX hosts, VMs and users per vCenter server is limited. When running into those limits adding additional vCenter servers can increase those
configuration maximums. The number of ESX hosts can grow up to a 1000 and the number of powered on VM can be 10.000! You can link a maximum of 10
vCenter servers.
Tools
ESX/ESXi and vCenter Server Installation Guides
Product Documentation
Database Sizing Tool/Calculators
Knowledge
Identify available plug-ins
The number of plug-ins can very with the exact release of vSphere. During the initial release the plug-ins worth mentioning are:
Update 1 dec 2009: I have received a mail from Peter. He point me to 'Table a-6 - extension priveleges' of vsphere basic system administration. This should allow
control over registering/unregistering/
updating and extension (plug-in). Unfortunately after testing this with a user, and leaving this option unchecked, it does not do the trick. I am not sure whether this is a
bug and should work (cannot find anything else this setting should do) or that we are on the wrong track here.. if you know more... please help.
If anybody knows a better way, please contact me or leave a message in the commend system!
Tools
ESX/ESXi and vCenter Server Installation Guides
Product Documentation
vSphere Client
Knowledge
Identify the vCenter Server managed ESX Hosts and Virtual Machine maximums
Here we go again, another list of figures that made the VCP 3 exam so famous.
Item Max.
Linked vCenters 10
Here you can create new specifications, manage existing ones and import specifications.
“Management”
“Maps”
Example output:
Use Storage Reports/Storage Maps
To open storage information including Maps choose:
“Inventory”
“Datastores”
goto the tab Maps to see the connections between ESX hosts, VM and storage
goto the tab datastores to see the datastores on the ESX hosts and the amount of storage that is used.
View/Manage Events
In the event log all events are logged including the person who initiated the event (another reason for decent delegation of control!). To open the events:
“Management”
“Events”
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
Right Click in the left “Name” pane and select “Add” or “Edit” to add or edit user roles.
Select the object you would like to apply the user rights on
Goto the tab Permissions
Right click and select “Add”
Select the role you would like to assign in the right pane
Select the local or AD user / user group you would like to assign
Optionally; deselect the “Propagate to Child Objects” check box if you need user rights only on the object and not on underlying objects.
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
Knowledge
Understand virtual machine hardware maximums
A virtual machines can handle the values as described in the following table. Please note that these maximums can depend on the VMware version you are using.
Item Max.
Max. CPUs 8
SCSI adaptors 4
Virtual NICs 10
Parallel ports 3
Serial Ports 4
Buslogic Parallel
Older guest operating systems default to the BusLogic adapter.
LSI Logic Parallel
This is the default adaptor when a VM is created (for most OSes).
LSI Logic SAS
LSI Logic SAS is available only for virtual machines with hardware version 7. Disks with snapshots might not experience performance gains when used on
LSI Logic SAS and LSI Logic Parallel adapters.
Paravirtual SCSI adaptor
Paravirtual SCSI (PVSCSI) adapters are high-performance storage adapters that can result in greater throughput and lower CPU utilization. Paravirtual
SCSI adapters are best suited for high performance storage environments. Paravirtual SCSI adapters are not suited for DAS environments. VMware
recommends that you create a primary adapter (LSI Logic by default) for use with a disk that will host the system software (boot disk) and a separate
PVSCSI adapter for the disk that will store user data, such as a database.
Create/Convert templates
It is possible to create template from VMs. Those templates can be used to VMs from. To create a template:
Create a VM like you normally would but use general settings (no specific hardware etc.)
When you have installed the OS and the VMware tools and other general software shutdown the VM
Right click the VM and choose “Template”, “Clone to Template” (can be done when VM is powered on, source VM stays as a VM) or “Convert to Template” (only
available when VM is off, VM will be converted to template.).
Before you can use those tools some OSes (like 2003) need the sysprep tools installed on the vCenter server.
Right click a template and select “Deploy a Virtual Machine from the template”
Follow the wizard that appears.
One of the last steps of the wizard allows you to save the customization specification you have just created. Those saved specifications allow you to reuse those
settings when deploying other VMs later on.
Here you can create new specifications, manage existing ones and import
specifications.
Deploy a virtual machine from a template
Explained two bullets above.
Deploy a virtual machine using VMware vCenter Converter Enterprise
VMware Converter is available in two editions; VMware Converter Standalone and VMware Converter Integrated (I could not find a “Enterprise” version for vSphere…
So let’s presume that the Integrated version is meant here). The Standalone version is free, the integrated version is free only when you have valid vSphere licences.
Perform Discovery
Analyze discovered virtual machines
Consolidate selected virtual machines
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
Knowledge
Configure/Modify virtual machines
It is possible to add / modify certain aspects / remove some types of hardware while the VM is running. This is called “Hot Add”. This might depend of the type of
guest OS you are using. You can Hot Add the following types of hardware:
A Thin provisioned disk is a disk that is assigned a predefined amount of disk space, but the disk space is not being used on the VMFS volume until the VM
actually needs the space. Because many VMs will never fully use the assigned disk space this can potentially save much space. The downside is that you
can over-commit you VMFS volumes with the danger of quickly filling the volumes when many VM start to allocate space at the same time (virus, large
updates, etc.).
A Thick Provisioned file system is a file-system that works a little bit more the old fashioned way. When you assign a VM a 20 GB partition a 20 GB file is
created on the VMFS file system whether the VM uses it or not. This is a little bit more save, but way more inefficient use of disk space.
General Options
To open the general options of a VM:
Advanced Options
There are several field you can change. As stated on the Advanced window you can leave those to the default most of the time. Consider this a warning
from VMware ;-). I won’t go through all the option but you can enable mem and CPU hot plug and NPIV (SAN WWN to a VM) here.
Knowledge
Determine whether a vApp is appropriate for a given situation
A vApp is a logical group of VMs that have a dependency on each other. When you are not using a vApp starting or stopping an application that exists out of multiple
VMs means you need to start / stop the VMs in a particular order by hand. When the fist VM is started (let’s say a domain controller) you need to check is it is up
(Tools report back, or see the CTRL-ALT-DEL screen) and then start the next server. This is exactly what a vApp automates for you in combination with a Resource
Pool. A vApp allows you to:
Determine a start-up oder including dependencies (start only when.. ) and define groups of VMs to start / stop when a criteria is met.
Configures resources like you would using a resource pool
Configure vApp properties and version numbers
Configure vApp IP allocation
Nest other vApps within a vApp. You can manage a vApp within a vApp as a single server. This makes using vApps really powerful.
File
“VA Martketplace…”
Select a VM in the screen that pop’s up to download and follow the wizard to install this in you VI.
Build a vApp
To build a new vApp:
Export vApps
To export a vApp:
Clone a vApp
To clone a vApp:
Right click the vApp (the vApp has to be shut down for this option to be selectable)
Choose “Clone” from the menu (the vApp has to be shut down for this option to be selectable)
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
OVF Tool
Knowledge
Determine installation requirements and database sizing
When installing vCenter you can choose to install the Vmware Update Manager (VUM). The update manager allows you to centrally download, distribute and install
updates in a controlled way. The VUM supports the ESX Operating Systems as well as some mainstream guest OSes.
To distribute these updates VUM downloads and stores the updates locally and the signatures are stored in a Database that can be local or on a central Database
To distribute these updates VUM downloads and stores the updates locally and the signatures are stored in a Database that can be local or on a central Database
server. The size that the update store and database needs can be calculated with the Sizing Estimator VMware distributes here.
The installation requirements are:
Hardware
2 Ghz processor
2 GB RAM. When VUM is installer on the same server as vCente Server (fully supported) a minimum of 4 GB of RAM is needed.
Preferable a Gigabit connection, but 10/100 can suffy
Software
From this view you can select and configure multiple option from the VUM like when and how to download what patches, see events and create baselines to attach to
ESX hosts for scanning etc.
Configure patch download options
Under the tab “Configuration” you can select the “Patch Download Settings” and the “Patch Download Schedule”. Here you can configure the settings like: for wat OS
to download patches, use a shared repository, use a proxy server and create download schedules for updates.
Create baselines
A baseline holds specific updates or update groups / criteria for OS’s. You can create a baseline for example to hold all ESX(i) updates. When scanning for updates a
host will be checked whether those updates defined in the baseline are installed. A base line can be static, containing only specific updates, of dynamic, containing all
available updates with certain urgency for a specific OS.
Attach baselines to vCenter inventory objects
When you have created a baseline you need to attach this baseline to objects in the vSphere environment. This allows you to select single or multiple entities in one
baseline to create a granular update policy. A baseline can be applied to:
Knowledge
Create/Delete Host Profiles
Host profiles can be used to capture a configuration of an ESX host. This configuration can be used to be applied on other ESX hosts or as a baseline to check
whether an ESX host complies to the standard defined.
To export
I think right click a profile and export, but since I do not have the correct licence I cannot test this.
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
Matthijs’ links
http://communities.vmware.com/docs/DOC-10850
Knowledge
Create new cluster
A cluster is an entity that exists within a Data center. You can create multiple clusters to segment ESX hosts due to version, proc type, etc. or to to counter cluster
configuration maximums. To create a cluster:
Fill in the FQDN hostname, user name and password of the local ESX host user (password created during setup)
Follow the rest of th wizard to add the host to the cluster.
Idea, but not officially meant for this purpose: You can increase the number that the cluster tolerates if you have a second site that is being replicated to the
first and would like to make sure that you have sufficient capacity for the VMs on the second site.
Click Advanced to change advanced settings. Advanced Settings can only be added manually.
Enable/Configure VM Monitoring
VM Monitoring allows you to monitor the availability of the VMware Tools within a VM. When the VMware Tools heart beat is not received for a certain period of time
the VM will be reset. You can specify a default value for the monitoring times of specify this by hand:
Failure Interval
This value determines the period of time that no heart beats are received and the VM will be reset.
Minimum Up-time
Number of seconds that a VM is not being monitors after it’s power on.
Maximum per VM resets
The maximum number of times a VM is reset during a certain time frame. By setting this you can prevent infinite reboots, but it most likely will reboot multiple
times every time frame. Pay attention!
Maximum resets time windows
The time frame to what the “Maximum per VM Resets” setting apply.
Manual
VMware DRS make the load level recommendation only; you need to apply the recommendations manually.
Partially Automated
This will start a VM when being powered on the host with the most resources available. You still need to apply the recommendations to VMotion a VM to level the
load manually
Fully Automated
This will place VMs when being powered on and migrate VMs to level the load fully automated. You can select how aggressive this is being handled.
Advanced option van be entered manually. VMware recommends this only to use in conjunction with their support desk. I could not find a complete comprehensive list
of all the DRS advanced options on the Internet.
Note: to enable none of you VMs must use technology from a newer processor type. For example, when you build a cluster from ESX hosts with Core i7
processors, create VMs and add a Core 2 due processor host later on you VMs are using Core i7 functionality. You cannot enable the EVC mode for anything
less that Core i7 mode. You have to change the VM CPU details to allow this.
Resources in use
Total amount of resources available
Amount of CPU resources available on the host with the largest amount of Mhz
Amount of CPU resources available on the host with the most RAM
When you account for 1 host failure this can be the host with the most RAM, CPU etc. So you need to make sure that you always have the largest amount
of RAM and the largest mount of CPU resources available in the cluster to accommodate for a host failure. This can be calculated bu using the total
amount of resources minus the amount of resources in use. Read more here on page 13 – 19.
Those settings can prevent a VM from starting up or can prevent settings new reservations, limits or shares on a VM. Only HA admission control can be
disabled. You can choose your HA admission control policy based on your needs. You can account for fragmentation (the total amount of resources in the
cluster can be sufficient for one large VM but it might not fit on any of the hosts) and flexibility. Read more here on page 19.
Important: In addition to the user-specified memory reservation, for each virtual machine there is also an amount of overhead memory. This extra memory
commitment is included in the admission control calculation and can provide readings that you might not anticipate. It can even prevent you from powering on a
VM that, when calculated on paper before, should fit!
Determine use cases for DRS automation levels and migration thresholds
DRS is a very powerful technology that automatically distributes resources. This is typically used in environments where resources used by VMs vary and can lead to
performance bottlenecks or uneven distributed ESX hosts. When turning on DRS the resources are load balanced automatically giving you the best performance. How
aggressive you set your DRM depends on the type of VMs. When you have VMs that have a very volatile CPU / MEM usage setting it to conservative might prevent
many VMotions that need to be undone some minutes later. When you need the best performance asap you mijght set this to aggressive. Be aware that VMotion uses
system resources.
Determine use cases for DPM policies
I my opinion this should be “allways-on”. It consolidates you VMs on the least amount of ESX hosts needed to accommodate the resources needed savinf energy. If
however you expect that VMs need CPU of memory in large amounts faster that you ESX hosts can power on you might disable this. Also HA can be a reason the be
conservative on those settings. And last but not least, you hardware must support the shutting down / powering on of the ESX hosts. Technologies like HP iLO can
help you make sure you can turn your hosts back on.
Tools
Knowledge
Identify FT restrictions
There are ‘some’ restrictions to the use of VMware Fault Tolorance. Those are for the ESX host system
Migration traffic happens over the NIC designated for VMotion and it causes network bandwidth usage to spike for a short time. Separate and dedicated NICs are
recommended for FT logging traffic and VMotion traffic, especially when multiple FT virtual machines reside on the same host. Sharing the same NIC for both FT
logging and VMotion can affect the performance of FT virtual machines whenever a secondary is created for another FT pair or a VMotion operation is performed for
any other reason.
VMware vSwitch networking allows you to send VMotion and FT traffic to separate NICs while also using them as redundant links for NIC failover.
Adding multiple uplinks to the virtual switch does not automatically result in distribution of FT logging traffic. If there are multiple FT pairs, then traffic could be
distributed with IP-hash based load balancing policy, and by spreading the secondary virtual machines to different hosts. Remember that IP hashed based load
balancing require switch configuration.
“enable FT” operation enables Fault Tolerance by live-migrating the virtual machine to another host to create a secondary virtual machine.
When “Turn on FT” operation succeeds for a virtual machine that is already powered on, it automatically creates a new secondary virtual machine. So it has the
same effect as “Enabling FT”. This uses a substantial amount of resources. Keep turning on / off to a minimum. When not enough resources are available to
process is terminated.
Test an FT configuration
Thank you Henrique: There are two build in methods to test FT. Right-click the VM and there'll be a Fault Tolerance option.
Update the two hosts not in use by FT VMs and check the levels are exactly the same
Disable FT (turning off would take longer)
VMotion the FT machine to an updates ESX host
Enable FT. A replica is automatically created on the ESX host with the same patch level.
Tools
Matthijs’ Links
Knowledge
Determine Resource Pool requirements for a given situation
…for a given situation. But no situation is given, so a general explanation here. VMware resource pools can be used for delegation of control and, the main purpose
meant to use them for, resource compartmentalization. You can use resource pools to:
Select the object you would like to create a resource pool in (ESX host, other resource pool or vApp)
Right click, and select “Create Resource Pool…”
Tools
vSphere Resource Management Guide
Product Documentation
vSphere Client
Knowledge
Identify compatibility requirements
For a VMotion to work some requirements need to be met. Those requirements depend on the specific environment you are using. Some factors are:
Cold Migration
a cold migration is a migration of a VM when it is powered off. The benefits of a cold migration are:
You can move the VM files, also when those are not on shared storage
The Host you move the VM to does not need to have the same CPU
The downside is, obvious, that you need to power down the VM. I think that VMotion of a suspended VM is also a cold migration. Almost the same benefits
apply here, with the exception of the host CPU. Those must be of the same proc family for the migration of a suspended VM to work.
VMotion
Migration with VMotion allows virtual machine working processes to continue throughout a migration. The entire state of the virtual machine, as well as its
configuration file, if necessary, is moved to the new host, while the associated virtual disk remains in the same location on storage that is shared between the two
hosts. After the virtual machine state is migrated to the alternate host, the virtual machine runs on the new host. The state information includes the current
memory content and all the information that defines and identifies the virtual machine. The memory content includes transaction data and whatever bits of the
operating system and applications are in the memory. The defining and identification information stored in the state includes all the data that maps to the virtual
machine hardware elements, such as BIOS, devices, CPU, MAC addresses for the Ethernet cards, chip set states, registers, and so forth. When you migrate a
virtual machine with VMotion, the new host for the virtual machine must meet compatibility requirements in order for the migration to proceed.
The benefits of a VMotion are that there is no host downtime. The downsides are:
Storage VMotion
Use migration with Storage VMotion to relocate a virtual machine’s configuration file and virtual disks while the virtual machine is powered on.
You cannot change the virtual machine’s execution host during a migration with Storage VMotion. You can use storage VMotion while the VM keeps on running.
This allows you to free up space in storage array’s without downtime.
Understand/Apply
Migration with VMotion allows virtual machine working processes to continue throughout a migration. The entire state of the virtual machine as well as its configuration
file, if necessary, is moved to the new host, while the associated virtual disk remains in the same location on storage that is shared between the two hosts. After the
virtual machine state is migrated to the alternate host, the virtual machine runs on the new host. The state information includes the current memory content and all the
information that defines and identifies the virtual machine. The memory content includes transaction data and whatever bits of the operating system and applications
are in the memory. The defining and identification information stored in the state includes all the data that maps to the virtual machine hardware elements, such as
BIOS, devices, CPU, MAC addresses for the Ethernet cards, chip set states, registers, and so forth. When you migrate a virtual machine with VMotion, the new host
for the virtual machine must meet compatibility requirements in order for the migration to proceed.
Migration with VMotion happens in three stages:
When the migration with VMotion is requested, vCenter Server verifies that the existing virtual machine is in a stable state with its current host.
The virtual machine state information (memory, registers, and network connections) is copied to the target host.
The virtual machine resumes its activities on the new host. If any error occurs during migration, the virtual machines revert to their original states and locations.
Migration of a suspended virtual machine and migration with VMotion can be referred to as hot migration, because they allow migration of a virtual machine
without powering it off.
Migrate VMs to perform hard- and or software maintenance of the host or underlying layers as network / storage
Migrate VMs for migration purposes
Migrate VMs for balancing the use of resources (automated with DRS)
Migrate VMs to separate certain servers onto different hosts
Migrate VMs to automatically shut down remaining hosts for power savings (DPM)
Migrate VMs for disaster recovery reasons
VMotion
For the live migration of a VM from one ESX hosts to another. No downtime
Storage VMotion
With storage VMotion techniques you can migrate the files the VM uses from one VMFS to another storage array. No downtime for the VM.
VMware converter
you can use the VMware converter to migrate VMs of physical machines to a VM. Usually this requires downtime and the old machine is not removed (default).
Select the format you would like to disk to use. Here you can change a thin disk to a thick disk or visa versa.
Finish to start the VMotion (remember that there is a maximum to the number of concurrent VMotions.
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
Knowledge
Describe different back-up/restore procedures and strategies
Wow, what a question. There are quite a lot way’s to backup VMs. In general there are two types of backups with per type several implementations. Let’s sun some of
them:
Install you old-fashioned decent backup agent as an application in you OS. This agent is not aware of the fact that this OS is virtualized.
Use a backup proxy to backup you data. With backup proxy I usually mean VCB; VMware Consolidated Backup. This allows a file level backup for some
supported guest OSes
Image Backup
an image back up is a copy of the VM files. Those files can be transferred and restored on other location and ESX hosts. Usually this backup method is used for
disaster recovery of VMs. A few ways to go:
Manually using VMware converter or coping the files from the ESX host (downtime!)
Automatically using VMware VCB.
Using the new VMware “Backup and Recovery Appliance”
Using several thirty party products that are out there.
Create/Delete/Restore Snapshots
The new “Backup and Recovery Appliance” VMware provides as a downloadable appliance from there website uses snapshots to create backups. Snapshots are
differentials between two points in time. Using this principle VMware can create easy backups. To manually create / delete or restore snapshots you can use the
vSphere Client. When right clicking a VM you can use the “Snapshot” menu to create, remove re restore snapshots. There is the Snapshot manager that allows you to
revert of delete snapshots and gives an overview of all the snapshot available.
Install Backup and Recovery Appliance
First make sure that you pass all the requirements that this solution requires. Please read here on page 11 and further to check. The appliance can be downloaded
from the VMware site. To install you can choose:
File
“Deploy OVF template…”. This will give you a wizard to install a VM into you environment.
Follow all the steps in the wizard to get the VM running
Remember that backups are only performed when the CPU usage of the host is below 90% and that no more that 8 back-up jobs can run at the same time.
Tools
VMware Data Recovery Administration Guide
Product Documentation
vSphere Client
Backup and Recovery Appliance
To download you need a VMware vSpere Enterprise (plus), advanced or essential plus edition or buy it separately in advance to the standard edition.
Knowledge
Understand general ESX Server troubleshooting guidelines
VMware maintains some documentation and Self Service guides to troubleshoot issues wih VMware ESX / vSphere. I searched the Internet and the VMware website
but there is no chapter ”Trouble shoot” or what so ever. So I put something together myself:
You have installed ESX on to a LUN instead of the local hard drive (possibly over writing VMFS partitions). Solve by reinstalling and before starting the
installation hide the LUNs presented to the server
You intentionally installed ESX to a LUN (boot from SAN) but ESX does not boot. Solve by adjusting the HBA BIOS to boot from LUN and by selecting the
correct LUN.
You have selected the wrong boot device in the BIOS of the server
After installation you cannot reach the server via the network
Select the ESX host you would like to export log files from, optionally you can download them to a specified location.
Tools
ESX/ESXi and vCenter Server Installation Guides
Product Documentation
vSphere Client
Additionel Links
Performance and Troubleshooting Guide - Thanks to Milopez using the comment system
Knowledge
Analyze and evaluate VM population for maintenance mode considerations
As explained before in chapter 7.2 you need to take special care before placing a host in maintenance mode when using FT. Because a FT VM requires two instead of
one active host you need to make sure that you have at least two hosts supporting FT and having exactly the same configuration and version number. If you cannot
meet these criteria you disable FT (remember that disabling is faster than turing it off).
Understand manual Third-Party failover/failback processes
When using other fail-over techniques VMware provides you with nothing more or less than hardware virtualization (assuming that FT is not used). There are many 3th
When using other fail-over techniques VMware provides you with nothing more or less than hardware virtualization (assuming that FT is not used). There are many 3th
party techniques to provide fail-over scenarios on the guest (VM) level. Every tool has its own requirements and procedures to fail-over.
Tools
vSphere Availability Guide
Product Documentation
vSphere Client
Knowledge
Verify VM is connected to the correct port group
To check if a VM is connected to the correct port group you can check if the Vm is connected to the correct port group. Changing the name of a port group when virtual
machines are already connected to that port group causes an invalid network configuration for the virtual machines configured to connect to that port group. The
connection from virtual network adapters to port groups is made by name, and the name is what is stored in the virtual machine configuration. Changing the name of a
port group does not cause a mass reconfiguration of all the virtual machines connected to that port group. Virtual machines that are already powered on continue to
function until they are powered off, because their connections to the network are already established. Avoid renaming networks after they are in use. After you rename
a port group, you must reconfigure each associated virtual machine by using the service console to reflect the new port group name. To look up the port group name:
Select the VM
Right Click and select “Edit Settings”
Select the network adaptor of your choosing
Check if the drop down box shows the correct network adaptor
Select “Hosts and Clusters” view (Home > Inventory > Hosts and Clusters)
Select an ESX host
Select the “Configuration” tab
Select “Networking”
Select the vSwitch that the port group belongs to
Check the Upload Adaptors and check speed, duplex and VLAN trunk on the switch
Select the port group in the pop-up screen that appears and click “Edit”
Check if the VLAN mentioned is the correct one.
Select the VM
Right Click and select “Edit Settings”
Select the network adaptor
Select the VM
Right Click and select “Edit Settings”
Select the network adaptor
Check if the adaptor is of the correct type (e1000, enhanched VMXNET3 etc.)
Check if the adaptor has the correct MAC address (or better; auto)
Select “Hosts and Custer's” view (Home > Inventory > Hosts and Custer's)
Select an ESX host
Select the “Configuration” tab
Select “Networking”
Select the tab “Network Adaptors”
Check “Edit” to change the speed and duplex
Tools
ESX/ESXi Configuration Guides
Product Documentation
vSphere Client
ping, vmkping, tcpdump, nslookup
Knowledge
Identify storage contention issues
The first thing here is; what is storage contention. Storage contention is the battle of several, in our case, VMs for storage performance. A SAN is limited in
performance, mostly limited by write I/Os of sometimes in bandwidth. This can cause a higher than usual latency before a write to disk is committed. This latency
depends on many things like the performance of the array (duh), the network, the disks, synchronous replication to a second site, the amount used, etc.
To effectively find the one issue that is causing delay in your SAN / NAS network might be quite a quest. Usually I p think SAN / NAS tooling is used to find the delays.
It all starts with finding the cause of the contention. For this reason VMware a build Performance section in vSphere. To look at disk latency:
Look at the milliseconds to see if your SAN has structural latency (congestion) issues.
You can also use ESXTOP on the command line to find latency information. Read more on ESXTOP here and look for davg / gavg / kavg. Also read my blof on
how to log to a remote share for a longer period of time.
VMware recommends smaller LUNs to reduce the contention of storage.
Latency
Number of I/Os verses you storage array’s maximum
The Queue depth used
Etc.
LUN presentation at the storage array (presented to the correct ESX host (WWN Name))
Zoning of the Fibre Channel Switches
LUN masking on the ESX host, configuration of the HBA, are you using boot from SAN? Check the HBA BIOS, etc.
IP address
Jumbo Frames
Subnets configures for iSCSI
VLAN ID
Etc.
Tools
FC SAN Configuration Guide
iSCSI SAN Configuration Guide
Product Documentation
vSphere Client
Knowledge
Explain the requirements of HA/DRS and VMotion
VMotion, the technique used for DRS and in some extend HA have certain requirements to work. I have tried to put most of them in a list:
Compatible CPUs
Depending on your VMotion type (Enhanced VMotion of the previous regular stuff) you need matching CPUs. For regular VMotion these must come from the
same family, with enhanced vMotion this requirement is stretched to “vendor”.
Advanced CPU Features
All hosts must have AMD-V or Intel-VT and AMD-NX or Intel XD.
A Gigabit network interface
At least a gigabit NIC is required for vMotion to transferr the state of the VM to another host.
Jumbo Frames
Jumbo Frames are recommended for the best vMotion performance
All hosts must be connected to a vCenter server
The hosts must be part of a vCenter environment and have the correct licences applied.
Shared Storage
All hosts must be able to access shared storage where VMs can reside.
VM without RAW disk of physically connected devices
The VM must not have a RAW device for clustering purposes or any physically devices, like local CD-ROM players from a host or managemnt station, connected.
Verify VMotion functionality
vMotion uses a dedicated interface to transfer data. Usually this interface in designed to use a separate VLAN / subnet. To test if network connectivity, optionally with
jumbo frames, is working properly you can use the vmkping command
Read more on vmkping ant the available options here. For the ultimate test can can manually vMotion a VM from one host to another.
Verify DNS settings
Adding a host to your company's DNS is essential. Without DNS things like HA will act strange. Though a hostfile can do the trick, DNS usually is more easy to
configure and maintain. Make sure that the following in regards to DNS resolving works:
This view shows the amount or resource (CPU / Memory) being used on each hosts. When CPU or memory are unbalanced for a longer period of time moving one or
more VMs might balance the load en let all servers on those hosts perform better.
Troubleshoot VMotion using topology maps
Topology maps are a easy way to show you the network and storage connection from an to ESX hosts and / or VMs. As stated above there are some requirements to
the use of vMotion live storage, networking etc. A first and easy check is to look at the topology maps and see if these requirements are met. Maps can be found
when selecting a server and than selecting the tab Maps.
Troubleshoot HA capacity issues
When planning for HA you need to plan for a maximum host failure; the number of hosts that can fail before you run short on resources. When VMs can no longer
start this might be due to a lack of resources (memory is quite common). You Vi will provide you with warnings like “insufficient resources to satisfy failover level” etc.
Read more here (VI doc but most info is still relevant). http://www.vmware.com/files/pdf/VMwareHA_twp.pdf
Troubleshoot HA redundancy issues
HA redundancy.. What is meant here? The number of host failures allowed? A second service console to counter network issues? If you know, help me out using the
comment system please!
Tools
vSphere Availability Guide
vSphere Resource Management Guide
Product Documentation
vSphere Client
DRS Resource Distribution Graph
Topology Maps
cpuid, ping, vmkping
Matthijs’ Links
DRS Performance Best Practice
Knowledge
List vCenter default connectivity alarms
Going to do this one the easy way. VMware publishes a table in their Online Library (see blow) that shows all the default. Below is a selection that excludes the
performance alarms (see 8.7 for those).
Exit Standby Error Monitors whether a host cannot exit standby mode.
Health Status Changed Monitors changes to service and extension health status.
Host Connection and Power State Monitors host connection and power state.
Host Service Console SwapIn Rate Monitors host service console memory swapin rate.
Host Service Console SwapOut Rate Monitors host service console memory swapout rate.
Host Status for Hardware Objects Monitors the status of host hardware objects.
Send a notification email SMTP sends an email message. datacenter, datastore, cluster, host,
The SMTP must be ready when the resource pool, virtual machine,
email message is sent. You can set network, vNetwork distributed
SMTP through vCenter Server or switch, dvPort group
through Microsoft Outlook Express.
Send a notification trap SNMP sends a notification trap. datacenter, datastore, cluster, host,
vCenter Server is the default SNMP resource pool, virtual machine
notification receiver. An SNMP trap
viewer is required to view a sent
viewer is required to view a sent
trap.
Run a command Performs the operation defined in datacenter, datastore, cluster, host,
the script you specify. It runs as resource pool, virtual machine,
separate process and does not network, vNetwork distributed
block vCenter Server processes. switch, dvPort group
Enter or exit maintenance mode Puts the host in and out of host
maintenance mode. Maintenance
mode restricts virtual machine
operations on the host. You put a
host in maintenance mode when
you need to move or service it.
Reboot or shut down host Reboots or shuts down the host. host
For a given alarm, analyze and evaluate the affected virtual infrastructure components
See the second column from the table above.
Create a vCenter connectivity alarm
To create a custom alarm you first need te specify the level you would like to create an alarm on. The Virtual Infrastrcture level is a good start (highest level). Do:
For example, you can create a alarm for one VM only that monitors the VM and reboots the host when memory usage is out of control.
Another answer to this question is perhaps how to see what part of your virtual infrastructure is affected by the issue indicated by the alarm. You can see this under
“object” in the “Triggered Alarms” view.
But perhaps something different is meant here. If you think so, help me out and reply below!
Tools
vSphere Basic System Administration Guide
Product Documentation
vSphere Client
Objective 8.7 – Create and Respond to vCenter Utilization Alarms
Written by Matthijs van den Berg
Knowledge
List vCenter default utilization alarms
No Compatible Host For Secondary Virtual Monitors whether there are no compatible hosts available to
Machine place a secondary virtual machine.
Timed Out Starting Secondary Virtual Machine Monitors timeouts when starting a Secondary virtual machine.
Virtual Machine CPU Ready Monitors virtual machine CPU ready time.
Virtual machine disk commands canceled Monitors the number of virtual machine disk commands that
are canceled.
Virtual machine disk reset Monitors the number of virtual machine bus resets.
Virtual Machine Error Monitors virtual machine error and warning events.
Virtual Machine Fault Tolerance Secondary Monitors changes in latency status of a fault tolerance
Latency Status Changed secondary virtual machine.
Virtual Machine Fault Tolerance State Monitors changes in the fault tolerance state of a virtual
Changed machine.
Virtual Machine High Availability Error Monitors high availability errors on a virtual machine.
Virtual Machine Total Disk Latency Monitors virtual machine total disk latency.
Suspend the virtual machine Suspends the virtual machine when virtual machine
the alarm triggers. You can use the
suspend feature to make resources
available on a short-term basis or
for other situations in which you
want to put a virtual machine on
hold without powering it down.
Power on or power off the virtual Power on starts the virtual machine virtual machine
machine and boots the guest operating
system if the guest operating
system is installed.Power off is
analogous to pulling the power
cable on a physical machine. It is
not a graceful shutdown of the guest
operating system, but is used when
a shut down might not succeed. For
example, a shut down will not work if
the guest operating system is not
responding.
Reset the virtual machine Pauses activity on the virtual virtual machine
machine. Transactions are frozen
until you issue a Resume
command.
Migrate the virtual machine Powers off the virtual machine and virtual machine
migrates it according to the settings
you define when you created the
alarm action.
Reboot or shutdown the guest Reboot shuts down and restarts the virtual machine
guest operating system without
powering off the virtual
machine.Shutdown shuts down the
guest operating system gracefully.
For a given alarm, analyze and evaluate the affected virtual infrastructure resource
See the tables above
Create a vCenter utilization alarm
To create a custom alarm you first need te specify the level you would like to create an alarm on. The Virtual Infrastructure level is a good start (highest level). Do:
For example, you can create a alarm for one VM only that monitors the VM and reboots the host when memory usage is out of control.
Another answer to this question is perhaps how to see what part of your virtual infrastructure is affected by the issue indicated by the alarm. You can see this under
“object” in the “Triggered Alarms” view.
But perhaps something different is meant here. If you think so, help me out and reply below!
Tools
vSphere Basic System Administration Guide
Product Documentation
esxtop/resxtop
Performance Charts
vSphere Client
Identify critical performance metrics (e.g., CPU ready, queue depth, etc.)
As you might have read before working with virtual servers kinda changes the way to think about resources and servers. Because VMware places multiple servers on
1 host those servers will, at some point, start competing for resources. This battle might result in a lack of a particular resource. To find out what resources are short
you can monitor some metrics of the ESX host.
In fact, sometimes providing a server with LESS vCPUs might result in BETTER performance. This strongly depends on you specific hardware, VMs and Load. A
general rule, use the MINIMUM amount of vCPU as possible.
For those who would like to dig in to this, you do have things like less further relaxed co-scheduling. Read some here: http://www.vmware.com/files/pdf/perf-
vsphere-cpu_scheduler.pdf
Queue depth
This queue depth applies to the storage queue on your ESX system. VMware places request on the storage queue. You can use ESXTOP to monitor the queue
depth over time. I have written a blog about ESXTOP monitoring here . When the queue starts to rise, you storage array / SAN infrastructure is not able to get all
I/Os written to disk. When the queue overflows, I/Os are in fact lost.
Since queued commands are an instantaneous statistic, you will need to monitor it over a period of time to see if you are hitting the queue limit. To determine
queued commands, 'QUED' is the counter to look for in the esxtop, storage resource screen. If queueing, then try to adjust queue depths. See “Related
Publications” on page 22, KB article 1267.
Unfortunately the memory techniques within the guest usually mean SWAPPING. Swapping is, as we all know, done on slower disk resulting in performance
degradation. When ballooning occurs be aware the performance might drop because your ESX host is short in memory.
PORT-ID
The virtual network device port id.
UPLINK
Y implies the corresponding port is an up-link. N implies it is not.
UP
Y implies the corresponding link is up. N implies it is not.
%USED
The amount of total network capacity used. My ESX host shows 800% here when having 4 NICs in the system. So I think this shows 200% per physical NIC,
100% for up and 100% for down.
PKTTX/s
The number of packets transmitted per second.
PKTRX/s
The number of packets received per second.
MbTX/s
The Megabits transmitted per second.
MbRX/s The MegaBits received per second.
%DRPTX The percentage of transmit packets dropped.
%DRPRX
The percentage of receive packets dropped.
You an find all items explained bu reading the MAN pages of esxtop. You can also find them on the internet.
NLUNS
The number of LUN’s that are behind the specific adaptor. You can check wheter you have distributed your LUN’s evenly across you HBA’s. Be aware the when
using multiple storage processors you have more paths to you SAN / NAS than HBA’s. This means this figure will not provide you with a complete picture of all
using multiple storage processors you have more paths to you SAN / NAS than HBA’s. This means this figure will not provide you with a complete picture of all
your storage paths!
READS/s and WRITES/S
This show the number of reads and writes per second per HBA. This gives you an insight in the amount of I/Os you esx host and storage device are processing.
MBREAD/s and MBWRTN/s
The amount of Megabytes read and written per second. This gives you an insight into the amount of data your ESX hosts and storage device are processing.
When using the GUI you can view the latency. This latency figure shows you the round trip time from you ESX host to you storage device. This can be important
as long latency is killing for a good overall performance. Latency can increase due to heavy load, long distances to the storage device (second site for example)
of a bad of over committed network / storage infrastructure.
AQLEN
The storage adapter queue depth. This is the maximum number of ESX VMKernel active commands that the adapter driver is configured to support.
LQLEN
The LUN queue depth. This is the maximum number of ESX VMKernel active commands that the LUN is allowed to have.
Overview
Give you an overview of some of the most important counts of an object. This is a clean overview
Advanced
Gives you some more advance charts and the ability to create you own charts. This can help you make charts for a specific VM or ESX host when running
into issues.
Select a Chart option area you would like to create a custom chart for
Select all counters you would like to include
Click “Save Chart Settings…” in the lower right corner, give a name and save.
You can select you custom chart settings under “Switch To…” in the top of the screen.
Tools
vSphere Resource Management Guide
Product Documentation
esxtop/resxtop
Performance Charts
vSphere Client
Matthijs’s Links
Comparison between VMXNET and VMXNET3 Ethernet adaptors
Performance Monitoring and Analysis on the VMware site
Practice Exams
Written by Matthijs van den Berg
There are some exam practice sites and tools out there that can help you prep for the actual exam and give you an insight of the type of questions that will be asked.
I would recommend that you first learn (for example by using my learning guide) and then use the practice exam to test if you are ready to go for it.
Warning: Those practice exams might but also MIGHT NOT represent actual exam questions!
Simon Longs Practice Exams
Exam Collection.com (You need a special tool ($) to take this test exam!)
Testking
Pass4Sure
....