Home > Blogs > VMware vSphere Blog > Tag Archives: vSphere

Tag Archives: vSphere

Load Balancing vSphere Clusters with DRS

Recently, a customer reported that DRS was not working to load balance the cluster. Under normal circumstances, a minor imbalance is nothing to be concerned about. This is because the main objective for DRS is not to balance the load perfectly across every host. Rather, DRS monitors the resource demand and works to ensure that every VM is getting the resources entitled. When DRS determines that a better host exists for the VM, it make a recommendation to move that VM.

However, some customers still prefer to have an even distribution of utilization across all hosts within a cluster. This article is intended to provide recommendations to accomplish this goal, bearing in mind that in most cases this will result in additional vMotion activity.

Continue reading

vSphere 6.0 Update 2 – What’s New

VMware just recently released Update 2 for vSphere 6.0. Update 2 is full of new features and bug fixes for both ESXi and vCenter Server. For a complete list of features and bug fixes make sure to review the release notes for ESXi and vCenter Server. There are few features that stood out to me in this update. The Embedded Host Client is now integrated into ESXi and fully supported as of Update 2. VSAN 6.2 is feature rich with everything but the kitchen sink in this release. Two factor authentication support for the vSphere Web Client is now available in the PSC UI. Here’s a breakdown of what’s new in vSphere 6.0 Update 2.​

ESXi

VMware Embedded Host Client (EHC)

The Embedded Host Client (EHC) started out as a fling and now is a supported product in vSphere 6.0 Update 2. The EHC is now installed as part of ESXi 6.0U2 and provides the ability to manage any ESXi host using a web browser. After a host is installed with or upgraded to 6.0 U2, open a web browser and enter https://<FQDN or IP of host>/ui.  More information on the Embedded Host Client can be found by reviewing the release notes.

vSphere 6.0 Update 2 - What's New ESXi EHC

Virtual SAN 6.2 (VSAN)

Note: VSAN is a separate product and is licensed separately

If you thought this update couldn’t get any bigger, think again. Virtual SAN 6.2 is here and Jam-packed with new features. This release of VSAN now supports compression and deduplication. When enabled on a disk group redundant copies of data are reduced to single copy. There’re also new services related to performance, space savings and health of the cluster.  The Health service monitors the VSAN cluster for issues and provides diagnostics. Performance service collects and analyzes performance statistics.  Performance service starts at the cluster down the to the disk level. You want space savings reports, that’s included. Space reporting displays information of used and free space with a detailed breakdown. These are just a few of the new features in Virtual SAN 6.2. For more information check out the Virtual Blocks blog.

vSphere APIs for I/O filtering (VAIO) Enhancement

vSphere 6.0 Update 2 also includes updates to vSphere APIs for I/O filtering (VAIO). If you are not familiar with VAIO I highly recommend you read the following blog post by Ken Werneburg.

  • VASA provider in a pure IPv6 environment
  • VMIOF 1.0 and 1.1

High Ethernet Link Speed

ESXi hosts can now support 25G and 50G ethernet speeds.

vCenter Server

Two-factor authentication for vSphere Web client

vCenter Single Sign On allows authentication to the vSphere Web Client via username and password. vSphere 6.0 Update 2 introduces two-factor authentication supporting RSA SecurID and Smart card.  RSA SecurID is configured using the SSO-Config utility. It also requires RSA Authentication Manager in your environment. Once setup, login to the vSphere Web Client with your username and RSA passcode.  Mike Foley has an excellent two part blog post walking through RSA SecurID setup.

Smart card authentication as mentioned above is also supported. Many large enterprises and government agencies use smart cards to meet security regulations. Smart Cards such as Common Access Card (CAC) are used at a machines with a smart card reader. Smart Card Authentication can be configured from the Platform Services Controller UI or using SSO-Config utility. Stay tuned as Mike Foley will be discussing Smart card authentication in a future post.

vSphere 6.0 Update 2 - What's New Smart Card

In addition to two factor authentication, the vSphere Web Client now supports the ability to add a login banner.  The Login Banner can be configured from the Platform Services Controller UI by adding a title and message.

vSphere 6.0 Update 2 - What's New Login Banner

An added layer of consent ensures the user can not login without acknowledging the Login Banner.

vSphere 6.0 Update 2 - What's New Login Banner Consent

vCenter Server Appliance update status might be stuck at 70 percent

vSphere 6.0 Update 1b had a bug when using the virtual appliance management interface (VAMI) to update. The UI would hang at 70 percent, although the update had completed. The only way to verify the status of the upgrade was by checking the update log – /var/log/vmware/applmgmt/software-packages.log. This bug has been fixed in vSphere 6.0 Update 2 displaying 100 percent in the VAMI when the update is complete.

Support to change vSphere ESX Agent Manger Logging Level

vSphere Web Client support for Windows 10 operating system

vCenter Server now supports the following external databases

  • Microsoft SQL Server 2012 Service Pack 3
  • Microsoft SQL Server 2014 Service Pack 1

vCenter Server now supports multiple embedded to multiple PSC migrations in a single SSO domain

vSphere 6.0 Update 1 introduced the ability to reconfigure and repoint using CMSSO-UTIL. This is handy when going from a vCenter with an embedded PSC to an external PSC deployment in the same SSO domain. vSphere 6.0 Update 1 would not allow having two external PSCs and trying to repoint. The result was the following error:

vSphere 6.0 Update 2 - What's New ESXi EHC Repoint Error

vSphere 6.0 U2 now allows having multiple external PSCs with the use of the repoint command. The diagram below represent two embedded deployments replicating to each other. This deployment model is considered deprecated. The term deprecated means the topology will be supported in vSphere 6.0 but not in future releases. To get out of this deprecated topology two external Platform Services Controllers have been deployed. Now we can using the reconfigure command in CMSSO-Util to remove the embedded PSC and repoint vCenter Server to the external PSC.

vSphere 6.0 Update 2 - What's New Deprecated Embedded to External PSC

As you can see vSphere 6.0 U2 is loaded with lots of new features, go download and give them a try.

Blogger Talk Show–Pilot Episode on PowerCLI

Here at VMware we are always trying to make sure we give you the information you need in a way that you can best consume it.

With this in mind, a little while ago I was asked to take part in a pilot for a new talk show VMware is looking to gain feedback on, this gives us the chance to give you more information in a less formal way and you to learn more about a given subject.

The initial talk show is a little rough around the edges but please do take 30 minutes out of your busy schedule to check it out and perhaps learn a little more about PowerCLI and how to work with VMs in particular. Continue reading

Two Factor Authentication for vSphere – RSA SecurID – Part 2

Introduction

In Part 1 of Two Factor Authentication for vSphere – RSA SecurID, we configured RSA Authentication Manager to get it ready for adding the PSC as an Authentication Manager agent. In this post, we’ll configure the Platform Services Controller (PSC) itself by uploading the sdconf.rec file and running the appropriate CLI commands to enable RSA SecurID. We’ll also talk about other authentication options you can enable or disable as you see fit.

Configure Platform Services Controller

Continue reading

Virtual SAN 6.2 – Deduplication And Compression Deep Dive

Virtual SAN 6.2 introduced several highly anticipated product features and in this blog, we’ll focus on some of the coolest ones: Dedupe & Compression. These features were requested by VMware customers and I am glad that we listened to the customer. When talking about Dedupe and Compression, one first needs to determine why an organization would want to use Dedupe & Compression and what these features actually do. One of the many reasons for using Dedupe and Compression is to lower TCO for customers. Customers benefit from space efficiency as the Virtual SAN cluster will not utilize as much storage as it would if it was not using Dedupe and Compression, hence saving dollars. It is also important to note that Dedupe and Compression are supported on All Flash Virtual SAN configurations only.

What are Dedupe and Compression?

The basics of deduplication can be seen in the figure below. What happens is that blocks of data stay in the cache tier while they are being accessed regularly, but once this trend stops, the deduplication engine checks to see if the block of data that is in the cache tier has already been stored on the capacity tier. Therefore only storing unique chunks of data.

Pic 1

Continue reading

Maintenance Mode Improvements in vSphere 6.0 Update 2

vSphere 6.0 Update 2 has launched and with it comes a very simple change with the way that VMs and Templates are evacuated from hosts that enter Maintenance Mode. In all prior versions, when a host enters Maintenance Mode, DRS will evacuate the host by placing all the running VMs, powered off VMs, and the templates on other hosts within the cluster.  However, under certain conditions the order of operations produces very different results.  For math geeks, (4+2)2 ≠ 4+2×2.  Continue reading

VMware vSphere Beta – Indicate your interest!

We are excited to announce the upcoming VMware vSphere Beta Program. This program enables participants to help define the direction of the most widely adopted industry-leading virtualization platform.

Folks who want to participate in the program can now indicate their interest by filling out this simple form. The vSphere team will grant access to the program to selected candidates in stages.

This vSphere Beta Program leverages a private Beta community to download software and share information. We will provide discussion forums, webinars, and service requests to enable you to share your feedback with us.

You can expect to download, install, and test vSphere Beta software in your environment or get invited to try new features in a VMware hosted environment. All testing is free-form and we encourage you to use our software in ways that interest you. This will provide us with valuable insight into how you use vSphere in real-world conditions and with real-world test cases, enabling us to better align our product with your business needs.

Some of the many reasons to participate in this vSphere Beta Program include:

  • Receive early access to the vSphere Beta products
  • Interact with the vSphere Beta team consisting of Product Managers, Engineers, Technical Support, and Technical Writers
  • Provide direct input on product functionality, configurability, usability, and performance
  • Provide feedback influencing future products, training, documentation, and services
  • Collaborate with other participants, learn about their use cases, and share advice and learnings

We welcome you to indicate your interest today at: VMware vSphere Beta Interest Capture

SSLv3 Protocol Disabled by Default in vSphere 5.5 Update 3b

Background

Why has the SSLv3 protocol been disabled by default in vSphere 5.5 Update 3b?

Across the industry, enterprise software products and solutions are dropping use of and support for the SSLv3 protocol. The Internet Engineering Task Force (IETF) officially deprecated the SSLv3 protocol in RFC 7568 due to its obsolescence and inherent unfixability. Instead, IETF recommends the latest version of TLS.

VMware is therefore dropping support for SSLv3 on both the server side and the client side in vSphere. The release of vSphere 5.5 Update 3b from VMware disables SSLv3 by default to meet current standards and compliance.

Continue reading

Significant Performance Improvements Come to the vSphere Web Client 5.5 Update 3

Over the course of the previous few years we’ve seen a steady improvement in the vSphere Web Client. VMware has been listening to the feedback coming in from our field, partners, and customers. And the feedback is that the vSphere Web Client in vCenter Server 6.0 and 6.0 Update 1 has been a really great step forward in terms of User Experience (UX). With that in mind, many of the improvements of the 6.0 vSphere Web Client have been “backported” to the vSphere Web Client in vCenter Server 5.5 Update 3. The primary scope of the backported functionality was to greatly improve performance while maintaining the consistency of the 5.5 User Interface (UI). So, while vSphere Web Client performance has drastically improved with 5.5 U3, the UI elements have stayed the same which makes it easier for Administrators to continue using the 5.5 Web Client.

Throughout this blog post I’ll highlight some of the enhancements that have been brought to the vSphere Web Client in 5.5 Update 3. This is especially important as we see customers continue to leverage the legacy vSphere Client (also referred to as the legacy C# client). Our goal is to make the Web Client everyone’s primary management tool for vCenter Server & vSphere and continuing to improve performance has been an essential requirement in doing that.

Continue reading

Configuring NSX-v 6.2 as a Load Balancer for the vSphere Platform Services Controller

VMware released NSX-v (NSX for vSphere) 6.2 back on August 20, 2015. With its release the NSX team introduced support to use NSX-v as a load balancer for the vSphere Platform Services Controller (PSC) for highly available deployments (Release Notes). This is a key new feature that enables customers to further leverage existing NSX-v deployments to simplify their vSphere infrastructure while providing additional HA capabilities for the PSC. This can be a fairly straightforward undertaking when there is an existing vCenter being used for management (e.g. a management cluster).

There is a second scenario, however, that requires some consideration. What if you’re deploying a new vSphere and NSX-v environment where a management vCenter does not already exist? Romain Decker, a Solution Architect in VMware’s Software-Defined Datacenter (SDDC) Professional Services Engineering team has put together a great blog post on the VMware Consulting Blog that walks through that exact scenario and provides a step-by-step instruction on how to work around this chicken and egg scenario using the ability to easily repoint a vCenter Server to an alternate PSC in vSphere 6.0 Update 1.

To learn more about configuring  NSX-v as a load balancer for the vSphere Platform Services Controller, read Romain’s full blog post at:

Configuring NSX-v Load Balancer for use with vSphere Platform Services Controller (PSC) 6.0