Home > Blogs > VMware vSphere Blog > Monthly Archives: January 2010

Monthly Archives: January 2010

Blog Posts from Cycle 8 of the vSphere Blog Contest on ESXi

Blog Posts from Cycle 8 of the vSphere Blog Contest on ESXi

5 solid entries came in over the last two weeks on our focus topic: ESXi. Below are all five. 

    1.   Ron Singler – Migrating from ESX 3.5 to vSphere and ESXi

http://blogs.rupturedmonkey.com/?p=639

Ron’s post focuses in on an ESXi installation that occurred with a customer

2.    Didier Pironet – Why Should I Install ESXi instead of ESX?

http://deinoscloud.wordpress.com/2010/01/22/why-should-i-install-esxi-instead-of-esx/

Didier provides a strong comparison of ESXi and ESX 

3.    Vladan – The ESXi – COS less future of tomorrow

http://www.vladan.fr/esxi-the-past-and-the-future/

Vladan provides the story behind ESXi

4.    Stu – ESXi 4.0 Security

http://vinternals.com/2010/01/esxi-4-0-security/

Stu lays out key security consideration with ESXi

5.    Alan Renouf – PowerCLI: Scripting ESXi

http://www.virtu-al.net/2010/01/15/powercli-scripting-esxi/

Alan gives users some useful PowerCLI information.

Thanks to all those that entered! Don’t forget to visit our new ESXi pages on vmware.com


Winner of Cycle 8 on ESXi

Congratulations to Alan Renouf and his post on ESXi entitled "PowerCLI: Scripting ESXi". Alan's entire post can be seen below and also at http://www.virtu-al.net/2010/01/15/powercli-scripting-esxi/

PowerCLI: Scripting ESXi

As the service console is moved further away from the hypervisor, people are finding it harder to configure ESX in the same way as has been done in previous versions.

Moving forward the only way to do this really is by accessing ESXi through the API using scripting toolkits such as PowerCLI or the Perl toolkit.

There are two basic versions of ESXi “free” and “licensed”, the scripting toolkits are limited to read-only access for the free version of VMware ESXi. When the host is upgraded to vSphere Essentials, vSphere Essential Plus, vSphere Standard, vSphere Advanced, vSphere Enterprise, or vSphere Enterprise Plus these toolkits have write-access enabled and provide a scriptable method for managing ESXi hosts.

So what can we do ?  I have collated some useful ESXi methods into this blog post to help you when looking towards the future and trying to automate your configuration and management process of your ESXi hosts, all of the PowerCLI cmdlets will work in exactly the same way they would do with ESX but the below are a subset of useful functions and scripts which are either unique to ESXi or enable the easier management of ESXi.

The initial build of ESXi has no password so lets start there, how do we connect to the host ?

We connect in the normal way but we specify a username of root and no password as follows:


1 Connect-VIServer MyESXiHost -username root

Once connected we may want to change the password to something more secure, when doing this remember ESXi has a stricter password policy so make sure you have a password full of special characters, for more information on the default password rules and how to change these make sure you check out this link.


1 Set-VMHostAccount -UserAccount root -password MyPa$$!

We can view the hostd, messages and vpxa log files of the host by using one of the following:

1 Get-Log hostd | select -ExpandProperty Entries


1 Get-Log messages | select -ExpandProperty Entries


1 Get-Log vpxa | select -ExpandProperty Entries

<
p>

Or search for a particular string in these files by using the following:

1 Get-Log hostd | select -ExpandProperty Entries | Select-String WARNING

Or we could create a diagnostic bundle by using:


1 Get-Log -Bundle -DestinationPath C:\Temp

What about some of the cooler functions like Lockdown Mode or sometimes known as Admin mode ?

When connected to a vCenter we can list the ESXi hosts to see if this feature is enabled by using:

1 Get-View -ViewType HostSystem | Select Name, @{N="Version";E={$_.Summary.Config.Product.Name}}, @{N="State";E={$_.Runtime.ConnectionState}}, @{N="LockedMode";E={$_.Config.AdminDisabled}},@{N="MaintenanceMode";E={$_.Runtime.InMaintenanceMode}} | Where { $_.Version -match "i"}

With the help of the excellent function in the ‘VI Toolkt Extensions’ (get them now!) we can even enable and disable lockdown mode:

1 Get-VMHost Set-TkeVMHostLockdown $True

Or to disable


1 Get-VMHost Set-TkeVMHostLockdown $False

We can backup the firmware or configuration so that we can easily restore it again after all our hard work:


1 Get-VMHost MyESXiHost | Set-VMHostFirmware -BackupConfiguration -DestinationPath C:\Temp

Once downloaded don’t forget you can always extract the files, edit them, re-compress and upload them back to the host !

(see this video from Eric Sloof)

And with the help of another cool function in the VITKE we can upload the firmware file and apply it:


1 $ESXiHost = Get-VMHost MyESXiHost


2 If ($ESXiHost.MaintenanceMode -eq $false) {

3    Set-VMHost $ESXiHost.Name -State maintenance }


4    Set-TKEVMHostFirmware -vmhost $ESXiHost –localfile “C:\temp\backup.tgz” -credential (get-credential)

If you like you can also set the firmware back to default and get rid of all the changes you have made to the host:

1 Get-VMHost MyESXiHost | Set-VMHostFirmware -ResetToDefaults

These are but a few of the cmdlets we can use against our ESXi host, do you really need a better reason to start learning PowerCLI ?!

A reminder that some of these actions are also available via my VESI/PowerGUI PowerPack, these can be activated from the GUI when selecting the “ESXi Hosts” node and are available on the right hand side of the screen under “ESXi Utils” as seen below:

image

You Still Have Time for a Blog Entry on ESXi

Don't forget, our vSphere blogging contest ends this Friday at midnight. Get your entry on ESXi in today for your chance at $100 and a spot on the vSphere blog itself.

Also, check out our ESXi demo by going to http://www.vmware.com/products/vi/esx/esx3i.html and clicking on "watch demo" at the top of the screen.

Winner of Cycle 7 on Virtualizing Tier 1 Applications

Congratulations to Jason Nash for his blog entry on virtualizing tier 1 applications. Jason has the distinct honor of being the first two time winner of this VMware vSphere blogging contest. Jason's complete post can be seen below or by going to the following link:

http://jasonnash.wordpress.com/2010/01/09/why-isnt-your-data-center-100-virtualized/

Why Isn’t Your Data Center 100% Virtualized?

January 9, 2010 by nashwj 

I understand that may not be a fair question. In many cases there are things that just can’t be virtualized, and I don’t mean for performance reasons. I’m talking about non-X86 workloads and applications with specialized hardware. Don’t forget about the dreaded dongle that some apps still require!

One thing that I find very interesting to discuss with customers is their comfort level limit with virtualization. At what point in their application tiering do they think that something couldn’t or shouldn’t be virtualized. It’s really not much of a secret that I’m a big proponent of virtualization and going as far with it as you can is something that I find myself preaching a lot. I do it for a number of reasons and I’m starting to see more and more people follow a similar train of thought.

From what I’ve observed there is usually a common migration to virtualization in an organization. I refer to it in a three step progression.

  1. Consolidation 
  2. Cool Features 
  3. Disaster Recovery 

Several years ago I was a Network Manager at a mid-sized company. Like most we were in the midst of serious server sprawl and needed to do something about it. Just saying “No” didn’t seem to work. We still had a rack full of 1U HP DL360 servers for varying tasks and groups. There were several for accounting apps that couldn’t run on the same system due to app conflict, then we had a couple with other apps that had Java conflicts….and even more for groups that just didn’t want to share resources or weren’t comfortable with it. All of these systems would sit at 5% utilization all day long sucking up power (that we didn’t have) and eating in to cooling (that we had even less of). This was the reason we first dipped in to virtualization and I refer to this as the consolidation phase. It’s the way to contain server sprawl and do it on low tier applications so you aren’t risking anything major.

We still see a lot of companies in the midst of the consolidation phase but ultimately they move in to the Management phase. This is where they virtualized the low tier apps and started to see the benefit of VMware. They now can VMotion machines around and do maintenance without downtime. They like VMware HA for redundancy and FT even more. Storage VMotion allows for easy storage migrations, again with no downtime. They also get comfortable managing, backing up, and working with VMware at this level. They start to think “Now, wouldn’t it be cool to just VMotion the Exchange server to another server for maintenance instead of that 8 hour downtime on a weekend?”. But they are scared….. Things like Exchange and SQL worry them.

The final stage is the Disaster Recovery stage. I have several customers in this right now and it’s something I talk about a lot. In fact, I did a keynote on this very subject at the Carolinas VMware Summit in the summer. What really pushes people to the next level isn’t core VMware functionality, it’s Site Recovery Manager. They start looking hard at their DR strategy and what they need to do to simplify it. They get a taste of SRM and see how easy it makes DR planning and, more importantly, testing. They see that they can easily test their DR plan any time they want without impacting production and without taking days to build an environment and then days again after the test to tear it down. Those Tier 2, 3, and 4 apps take no time at all in the plan, but those pesky Tier 1 apps still have an inch thick play book to cover each time the plan is tested. There are people out there running a single VM on a single ESX server just for this capability. They get the abstraction and portability of virtual machines while still making sure that super-app gets all the resources it wants.

So what is stopping you from virtualizing those Tier 1 applications? IF you say performance I ask you to check again. In most cases people are scared about I/O performance under any virtualization product. Look at this white paper by VMware. A single vSphere server can do 350K IOPS! If you have an application that needs more than that on a single server I’d like to see it. Here is another great comparison showing Oracle native against Oracle under VMware. That’s also a very good blog for performance related information.

So why do we see people shy away from virtualizing Tier 1 apps? They don’t have the necessary information to make them feel comfortable doing it. One thing we do at the start of any engagement is to gather information, and sometimes a lot of it. We have excellent tools to go look at a customer’s applications to see what performance requirements it has. Too many times we see people just P2Ving a large app and having serious performance problems because they didn’t do the work ahead of time. VMware’s own Capacity Planner tool that partners can use is really good at looking at servers to gather CPU, memory, and I/O requirements. With this information you can really architect out your environment to handle any load. That’s the key. You have to build a good architecture before you start virtualizing these heavy hitter applications and it’s often something that gets overlooked. Virtualization has gotten common and with common comes complacency. When people get complacent they overlook the details that make or break a new deployment.

Once you have the information you need and the requirements for your applications you can then start specifying the equipment and I/O infrastructure. We have customers now going full speed with 10Gb connectivity and Fibre Channel over Ethernet (FCoE). They do this to give those really high-end applications the I/O that they need. While most people will read that and think “We can’t possibly afford that!” they need to look at what it really costs them to deploy applications in a legacy model. If your standard ESX deployment is 6 or 8 Gb Ethernet connections and 2 or 4 4Gb Fibre Channel connections what is that costing you in switches, cabling, power, cooling, and management? You will find that these new consolidated fabric solutions are not much, if any, more expensive then deploying more of these split fabric infrastructures.

In the majority of organizations the Tier 1 apps are SQL, Oracle, and Exchange-based services. What people miss is that these really aren’t I/O heavy. Sure, they can do a LOT of small transactions but that’s not a problem with VMware or even “legacy” Fibre Channel connectivity. Be smart when moving those systems to VMware by planning your I/O, CPU, and memory but also pay attention to your disk layout. Again, another common problem we see is a Tier 1 application being thrown on a datastore in use by other VMs and causing a problem. It’s also common to see back-end spindles shared so even though the administrator has the application on a low use datastore it’s still fighting for spindle contention. Gathering good performance requirements and a well planned architecture will stop that problem well before anything gets deployed.

So, in conclusion, get moving on those Tier 1 apps. If you aren’t sure how to gather reliable data on performance requirements get with a good VMware and storage partner. They can make the difference between a successful deployment and one where you spend your nights tracking down performance issues.


Management of VMware ESXi on HP ProLiant Servers

A joint paper between VMware and HP was published recently that goes over another option for hardware monitoring on ESXi systems.  This paper describes the integration of VMware ESXi with HP System Insight Manager to provide full hardware management capabilities on HP ProLiant Servers. It also describes the hardware information and monitoring features available with VMware vCenter.

You can download the paper here.

Learn Why Fulton Financial Chose ESXi Over ESX

We wanted to showcase another ESXi customer story.

Fulton Financial Corporation, a leading financial services organization, is currently running their entire virtual footprint on VMware ESXi, which includes 200 virtual machines running on 55 HP ProLiant BL465 blade servers.  Fulton made the switch from VMware ESX to ESXi when they decided to upgrade to VMware vSphere 4. ESXi was a more attractive architecture to them due to its increased security, lower patching requirements, and ability to run on diskless servers.  

“ESXi is architected so that it does not require local drives and is small enough to fit on a USB,” says Scott Armold, Engineering Manager at Fulton Financial Corporation.  “We boot our ESXi images from USB keys and have gotten rid of our hard drives all together.  The fact that the ESXi architecture does not include a traditional OS increases security—a paramount concern at Fulton and other financial institutions. “We like the idea of getting away from installing an OS,” says Armold. “Since ESXi doesn’t have one, that means it’s a safer hypervisor–more of a black box.” 

Another significant benefit from the move from ESX to ESXi is the need for far fewer patches. “We were up to about 125 patches per quarter with ESX,” Armold reports. “Now that we’re running ESXi, I guess we do about three patches per quarter. So that’s made a huge difference for us.” 

Armold’s team used the PowerCLI to automate their initial ESXi deployment. It took Armold and his team a week and a half to get their Windows PowerShell scripts written and tested for the migration. “We used the PowerCLI to write PowerShell scripts to automate our ESXi host configuration. It was easy to use and took us less than a week to write and test the script. We highly recommend it to other administrators looking to automate some aspects of their ESXi deployment.”

Read the full case study

VMware vSphere + Cisco Nexus 1000V bundles program extended in 2010

Ok, it’s not really technical, but definitely worth a short blog post.

When we released vSphere in May last year, we introduced some cut-price bundles that included the Cisco Nexus 1000V virtual switch. These ‘one stop shop’ bundles made it easier and cheaper for customers to adopt the Nexus 1000V as their virtual networking solution.

Last week we announced we’re continuing the bundle program. For more information, talk with your VMware account manager or reseller.

And, don’t forget … Release 1.2 of the Nexus 1000V is released and available. I wrote about it back on December 18.

VMXNET3 vs. VMXNET2 Performance Shootout

With vSphere 4, we introduced a new paravirtualized adapter—VMXNET3. This was designed from the ground up for high performance and supports a bunch of new features.

So how does it perform? One of our engineers pitched it against the previous generation—VMXNET2. VMXNET3 not only performs better (greater throughput on transmit and receive), but consumes less CPU. These results were most significant with a 10GigE NIC on Windows (Windows Server 2008 Enterprise). The results for IPv4 and IPv6 are shown in the graph below.

Windows 10GigE throughput (IPv4)                    

image

Windows10GigE throughput (IPv6)

image

The results are published in this paper posted on vmware.com. It will also appear on the Network Technology site (vmware.com/go/networking) in the coming week. 

Learn Why and How to upgrade from ESX to ESXi

Visit the new VMware ESX to ESXi Upgrade Center to learn about the ESXi architecture and how to upgrade from ESX to ESXi. VMware ESXi is an operating system independent hypervisor, designed to improve hypervisor management in the areas of security, deployment and configuration, and ongoing administration.  All VMware vSphere features are fully supported on ESXi. VMware vSphere customers that currently only deploy ESX are strongly encouraged to visit the ESX to ESXi Upgrade Center and begin planning their upgrade from ESX to ESXi. 

vSphere 4 Wins TechTarget’s 2009 SearchServerVirtualization.com Product of the Year Award

Good stuff! You can read more about this here