Browsed by
Category: vSphere 6.5

vCenter Server content library

vCenter Server content library

Content Library was introduced in vSphere 6.0 as a way to centrally store and manage VM templates, ISOs, and even scripts. Content Library operates with a Publisher/Subscriber model where multiple vCenter Servers can subscribe to another vCenter Server’s published Content Library so that the data stored within that Content Library is replicated across for local usage. For example, if there are two data centers each with their own vCenter Server a customer could create a Content Library to store their VM templates, ISOs, and scripts in and then the vCenter Server in the other data center could subscribe and have all of those items replicated to a local datastore or even NAS storage. Any changes made to the files in data center 1 would be replicated down to data center 2.

vcenter13

With vSphere 6.5 VMware has added the ability to mount an ISO directly from the Content Library versus having to copy it out to a local datastore prior to mounting. Customers also now have the ability to run VM customizations against a VM during deployment from a VM template within a Content Library. Previously, customers need to pull the template out of CL if a customization was required. Customers can now easily import an updated version of a template as opposed to replacing templates which could disrupt automated processes.

There are now additional optimizations related to the synchronization between vCenter Servers reducing the bandwidth and time required for synchronization to complete.

Customers can also take comfort in knowing that their Content Libraries are also included in the new file-based backup and recovery functionality as well as handled by vCenter HA.

SUMMARY:

  • Improved operational features
    • Mount an ISO file from a Content Library
    • OS customization during VM deployment from a library
    • Update an existing template with a new version
  • Optimized HTTP sync between vCenter Servers
  • Part of VC backup/restore and VC HA
vCenter Server HA – changes in vSphere 6.5

vCenter Server HA – changes in vSphere 6.5

In vSphere 6.5 vCenter has a new native high availability solution that is available exclusively for the vCenter Server Appliance. This solution consists of Active, Passive, and Witness nodes which are cloned from the existing vCenter Server. The vCenter HA cluster can be enabled, disabled, or destroyed at any time. There is also a maintenance mode so planned maintenance does not cause an unwanted failover.

vcenter10

vCenter HA supports both an external PSC as well as an embedded PSC. Note, however, that in vSphere 6.5 at GA an embedded PSC cannot be used to replicate to any other PSC. Thus, if using an embedded PSC the vCenter Server cannot participate in Enhanced Linked Mode.

vCenter HA has some basic network requirements. A vCenter HA network must be established be and separate from the currently used subnet of the primary network interface of the vCenter Server Appliance (eth0). If using the Basic workflow a new interface, eth1, will be added to the appliance automatically prior to the cloning process. eth1 will be attached to the vCenter HA private network. The port group connecting to this network may reside on either a VMware Virtual Standard Switch (VSS) or a VMware Virtual Distributed Switch (VDS). There are no specific TCP/IP requirements for the vCenter HA network other than latency within the prescribed 10 ms RTT. Layer 2 connectivity is not required.

Failover can occur when an entire node is lost (host failure for example) or when certain key services fail. For the initial release of vCenter HA an RTO of about 5 minutes is expected but may vary slightly depending on load, size, and capabilities of the underlying hardware. During a failover event a temporary web page will be displaying indicating that a failover is in progress. That page will then refresh to the vSphere Web Client login page once vCenter Server is back online. In the case where a user is not active during the failover they may not be prompted to re-login. When compared to other high availability solutions, vCenter HA has several advantages:

vcenter11

PSC High Availability

After making vCenter Server highly available we also need to consider the availability options for the Platform Services Controller.

As you remember in vSphere 6.0 to provide HA for the PSC a supported load balancer was required –. If automated failover is not required we got option to manually repoint a vCenter Server between PSCs within an SSO site.vcenter12

In vSphere 6.5 VMware is  providing PSC HA solution that doesn’t require a load balancer but there is some integration work to be completed with other products in the SDDC portfolio before native PSC HA can be enabled.

I plan to test new vC and PSC HA  features in our lab environment – will provide separate article with my configuration details. At this moment let me point you to VMware KB as additional  reference:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1024051

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2147672

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2147018

VCSA monitoring and recovery options

VCSA monitoring and recovery options

The new vCenter Server Appliance Management Interface is still accessed via port 5480 for any vCenter Server or Platform Services Controller appliance. This refreshed UI now includes additional resource utilization graphs to provide a simple-to-consume visualization of CPU, Memory, Disk, and Database metrics :

vcenter7

Above screenshot to the right shows the new vCenter Database monitoring screen that provides some insight into the PostgreSQL database disk usage to help prevent crashes due to running out of space. There are also new default warnings presented in the vSphere Web Client to alert administrators when the database is getting close to running out of space and a graceful shutdown mechanism at 95% full to prevent database corruption. Customers can also configure syslog in this improved VAMI.

SUMMARY

  • New vCenter Server Appliance Management Interface
  • Built in monitoring : Network, CPU, and Memory
  • Visibility to vPostgres DB
  • Remote syslog configuration

New in vCenter Server 6.5 is native backup and restore for the vCenter Server Appliance. This new out-of-the-box functionality enables customers to backup vCenter Server and Platform Services Controller appliances directly from the VAMI or API. The backup consists of a set of files that will be streamed to a storage device of the customer’s choosing using SCP, HTTP(s), or FTP(s) protocols. This backup fully supports vCenter Server Appliances with embedded and external Platform Services Controllers.

vcenter8

vcenter9

The Restore workflow is launched from the same ISO from which the vCenter Server Appliance or PSC was originally deployed or upgraded. You can see from the lower screenshot that we have a new option to restore right from the deployment UI. The restore process deploys a new appliance and then uses the desired network protocol to ingest the backup files. It is important to note that the vCenter Server UUID and all configuration settings will be retained.

There is also an option to encrypt the backup files using symmetric key encryption. A simple checkbox and encrypted password is used to create the backup set and then that same password must be used to decrypt the backup set during a restore procedure. If the password is lost there is no way to recover those backup files as we do not store the password and do not use reversible encryption.

SUMMARY:

  • Restore vCenter Server instance to a brand new appliance
  • Supports backup/restore of VCSA & PSC appliances
  • Includes embedded and external deployments
  • Supported Protocols include:
    • HTTP/S
    • SCP
    • FTP/S
  • Option for Encryption
  • Restore directly from VCSA ISO
VCSA deployment and migration options

VCSA deployment and migration options

The vCenter Server Appliance deployment experience has been enhanced in the vSphere 6.5 release. Installation workflow is now performed in 2 stages. The first stage deploys an appliance with the basic configuration parameters: IP, hostname, and sizing information including storage, memory, and CPU resources.
vcenter4

Stage 2 then completes the configuration by setting up SSO and role-specific settings. Once Stage 1 is complete we can now snapshot the VM and rollback if any mistakes are made in Stage 2. This prevents from having to start completely over if anything were to go wrong during the deployment process.

NOTE!!! There are versions of the deployment application available for Windows, Linux, and macOS.

 vcenter5

 A new feature in vSphere 6.5 is the ability to migrate a Windows vCenter Server 5.5 or 6.0 to a vCenter Server Appliance 6.5. The migration process starts by running the Migration Assistant, which serves two purposes. The first, pre-checks of the source Windows vCenter Server 5.5 or 6.0 to determine if it meets the criteria to be migrated. Second, it is the data transport mechanism that migrates data from the source Windows vCenter Server 5.5 or 6.0 to the target vCenter Server Appliance 6.5.

The Migration tool will automatically deploy a new vCenter Server Appliance 6.5 and migrate configuration, inventory, and alarm data by default from a Windows vCenter Server 5.5 or 6.0. If you want to keep your historical and performance data (stats, events, tasks) along with configuration, inventory, and alarm data there is the option to also migrate that information. The vSphere 6.5 release of the Migration Tool provides granularity for historical and performance data selection.

vcenter6

Both embedded and external topologies are supported, the Migration Tool will not allow changing your topology during the migration process. Changing of topologies will need to be done before the migration process if consolidation of your vSphere SSO domain is required.

SUMMARY:

  • 5 support for Windows vCenter 5.5 or 6.0 à 6.5
  • Migrations for both embedded and external topologies
  • VUM included
  • Embedded and external Database support: MSSQL, MSSQL Express, Oracle
  • Option to select historical and performance data
vCenter Server Appliance 6.5 – new default deployment choice

vCenter Server Appliance 6.5 – new default deployment choice

vcenter1The vCenter Server Appliance 6.5 is the first VMware Appliance to run on Photon OS, it is a Linux OS optimized for virtualization which will become in near future  standard for all VMware virtual appliances. Photon OS provide many benefits to the performance of the vCenter Server Appliance, which includes about 3x performance gain over its Windows counterpart and significantly reduces boot and restart times. This also means no more dependency on 3rd party for OS patching and should greatly reduces the amount of time it takes VMware to deliver security patches and updates to the vCenter Server Appliance.

VCSA – main features:

  • Native High Availability
  • VMware Update Manager
  • Improved Appliance Management
  • Native Backup / Restore

In vSphere 6.0 we saw performance and scalability parity for the vCenter Server Appliance when compared to it’s Windows-based counterpart. With vSphere 6.5 we now see feature parity and even new features that are exclusive to the vCenter Server Appliance. Let’s take a quick look at each of these new features before addressing them in more details later:

vcenter2

vcenter3

Let’s start with vCenter High Availability which is a native HA solution built right into the appliance. Using an Active/Passive/Witness architecture, vCenter is no longer a single point of failure and can provide a 5-minute RTO. This HA capability is available out of the box and has no dependency on shared storage, RDMs or external databases.

Next, we have the integration of VMware Update Manager into the vCenter Server Appliance. Now VMware Update Manager is included by default into the vCenter Server Appliance and makes deployment and configuration a snap.

Another exclusive feature of the vCenter Server Appliance 6.5 is the improved appliance management capabilities. The vCenter Server Appliance Management Interface continues its evolution and exposes additional health and configurations. This simple user interface now shows Network and Database statistics, disk space, and health in addition to CPU and memory statistics which reduces the reliance on using a command line interface for simple monitoring and operational tasks.

Finally, VMware have added a native backup and restore capability to the vCenter Server Appliance in 6.5 to allow for simple out-of-the-box backup options in addition to the traditional supported methods including VMware Data Protection and VMware vSphere Storage APIs – Data Protection (formerly known as VMware vStorage APIs for Data Protection or VADP). This new backup and restore mechanism allows customers to use a simple user interface to remove reliance on 3rd party backup solutions to protect their vCenter Servers and Platform Services Controllers.

Note !!! All these new features are only available in the vCenter Server Appliance.

HTML5 Client – the new way of managing vSphere environment?

HTML5 Client – the new way of managing vSphere environment?

Since vSphere 6.5, VMware killed standard Windows vSphere Client. However, it was promised so we should not be suprised (anyway I am still shocked ;)).

Fortunatelly, every cloud has a silver lining. I reckon that VMware is aware that the current Web Client is not a perfect solution. That’s why they released completely new HTML5 vSphere Client which seems to be quite useful, intuitive and what’s the most important – it works as it should in therms of response times. Some of Administrators claims it reminds the old GSX console.

The darker side of the new Client is that it’s constrained in terms of functionality and it will not let you perform all of the administrative tasks. But do not worry it’s the first release and I hope VMware will expand the functionality quickly.

The HTML5 Client could be accessed by energing the FQDN or IP address of our vCenter in the Web browser, then you will see two possible options – classic Web Client and the new one. You will also notice that there is a caution saying that it has only partial functionality.

html5_1

The list of non supported functionalities you will find here.

After you sign in to the new administration interface you will see quite grey and simple but in my opinion still good looking interface.

html5_2

The whole structure of it is designed to be intuitive expecially for those Admins which are still using mostly just the standard vSphere client. In my option the design combines the best things from Web and Windows Client in one interface. The problem is just the lask of functionality. I decided to try it and start with configuring iSCSI in my new nested LAB. However, I was quickly brought to the heel – there was not an option to add software SCSI adapter. This suddenly ended my adventure with new HTML5 Client 🙂

To sum up, it would be a handy tool in the future, it just need to be completed in terms of functionality.  Unfortunatelly, for those who want to migrate to vSphere 6.5 there will be still a need to use Web Client.

vSphere 6.5 – What’s new in networking  

vSphere 6.5 – What’s new in networking  

 

In this article I will try to review all new network features.

1. vmknic gateway

  • Each VMKERNEL port can have its own Gateway.
  • This will make it easy for vSphere features to function seamlessly.
  • This eliminates the need for adding and maintaining static routes.

network1

Before vSphere 6.5 there was only one default gateway allowed for all VMKernel ports in an ESXi host. vSphere features such as DRS , iSCSI, vMotion, etc. leverage  that use VMKERNEL ports are constrained by this limitation. Many of the VMKERNEL ports were not routable without the use of static routes unless they belonged to a subnet other than the one with the default gateway. These static routes had to be manually created and were hard to maintain.

vSphere 6.5 provides the capability to have separate  default Gateways for every VMKernel port. This simplifies management of VMKernel ports and eliminates the need for static routes.

Prior to vSphere 6.5, VMware services like DRS, iSCSI, vMotion & provisioning leverage a single gateway. This has been an impediment as one needed to  add static routes on all hosts to get around the problem. Managing these routes could be cumbersome process and not scalable.

vSphere 6.5 provides capabilities, where different services use different default gateways. It will make it easy for end users to consume these feature without the need to add static routes. vSphere 6.5 completely eliminates the need for static routes for all VMKernel based services making it simpler and more scalable.

 

2.SR-IOV provisioning:

VM provisioning workflow prior to vSphere 6.5, for SR-IOV devices required the user to manually assign the SR-IOV NIC.  This resulted in VM provisioning operations being inflexible and not amenable to automation at scale. In vSphere 6.5 SR-IOV devices can be added to virtual machines like any other device making it easier to manage and automate.

 

3.Support for ERSPAN:

ERSPAN mirrors traffic on one or more “source” ports and delivers the mirrored traffic to one or more “destination” ports on another switch. vSphere 6.5 includes support for the ERSPAN protocol.

network2

 

4.Improvements in DATAPATH:

 vSphere 6.5 has data path improvements to handle heavy load. In order to process large numbers of packets, CPU needs to be performing optimally, in 6.5 ESXi hosts leverage CPU resources in order to maximize the packet rate of VMs.

network3

Where are the improvements being made ?

  1. VMXNET 3 optimization
    1. Using copy TX for small messages size (<=256B)
    2. Optimized usage of pinned memory
  2. Physical NIC improvements
    1. Native driver support for Intel cards (removes overhead of translating from VMkernel to VMKLinux data structures)
  3. CPU Scheduling Improvements
    1. Up to 8 separate threads can be created per vNIC
      • To enable on VM level add:

ethernetX.ctxPerDev = “3” to vmx file

 

Summary:

  • Optimizing code to improve efficiency
  • Allowing the ability to increase thread count for networking
  • Introducing support for more native drivers (Intel)
  • VMXNET3 enhancements

 

vSphere 6.5 – vCenter Configuration Backup

vSphere 6.5 – vCenter Configuration Backup

In vSphere 6.5 new feature to backup vCenter Server Appliance is available. You can back up it by using build-in file-based solution which backup the core configuration and inventory into a few files. You can also decide which historical data you want to include in such backup.

The backup is available from VAMI interface ( at port 5480).

backup1

The available locations where you can backup the configuration are:

  • FTP and FTPS
  • SCP
  • HTTP and HTTPS

backup2

As I mentioned before you can choose if you want to backup the historical data aswell or not. The common part ( inventory and configuration) is always checked by default.

backup3

Tha backed up files looks like these:

backup4

 

In case you are forced to use your backup you have to use the vCSA ISO file downloadable from VMware site and then select the Restore option. The process is quite similar to normal deployment (2 stages in the process).

vSphere 6.5 – New scale limits for paths & LUNs

vSphere 6.5 – New scale limits for paths & LUNs

In vSphere 6.5 VMware  doubled  the  current limits and continuously work on reaching new scale around this . Current limits (before 6.5) pose challenge as for example in some cases our customers have 8 paths to a LUN, in this configuration one can have max of 128 LUNs in a cluster. Also, many of the customers tend to have smaller size LUNs to segregate important data for easy backup and restore. This approach can also exhaust current LUN and Path limits.

Large LUN limits  enable  to have larger cluster sizes and hence reducing management over head.storage4

SUMMARY:

  • Current Limit is 256 LUNs and 1024 Paths ,
  • This limits customer deployments requiring higher Path counts ,
  • Customers requiring small sized LUNs for important files/data require larger LUN limits to work with ,
  • Larger Path/LUN limits can enable larger cluster sizes, reducing the overhead of managing multiple clusters ,
  • Support 512 LUNs and 2K paths in vSphere 6.5 .

 

vSphere 6.5 – vSphere HA Orchestrated Restart

vSphere 6.5 – vSphere HA Orchestrated Restart

VMware announced a new feature in vSphere 6.5 called HA Orchestrated Restart. But wait a minute – it was already available in previous version where you were able to set the restart priority for specific VMs or group of VMs. So what’s going on with this “new feature” ? As always, the devil is in the details 🙂

Let’s start from the old behavior. Using VM overrides in previous version of vSphere, we could set one of three available priorities – High, Medium (default) and Low. However it doesn’t guarantee that the restart order will be successful for our three-tier apps because HA is only really concerned about the resources to the VM, and once the VM had received the resources, HA’s job was done. The restart priority defined the order in which VMs would secure their resources. But if there was plenty of resources for everyone, then the VMs would receive their allocations in pretty quick succession and could start powering on. For example if DB server takes longer to boot than the App server for example, the App will not be able to access the DB and may fail.

vSphere 6.5 now allows you to create VM to VM dependency chains.  These dependency rules are also enforced if when vSphere HA is used to restart VMs from failed hosts.  That’s gives you the ability to configure the right chain of dependency where App server will wait for DB until it boots up. The VM to VM rules must also be created that complies with the Restart Priority level.  In this example, if the app server depended on the database server, the database server would need to be configured in a priority level higher or equal to the app server.orchestrated-restart

Validation checks are also automatically done when this feature is configured to ensure circular dependencies or conflicting rules are not unknowingly created.

There are number of conditions that HA can check for to determine the readiness of a VM which can be chosen by the administrator as the acceptable readiness state for orchestrated restarts.

Conditions:

  1. VM has resources secured (same as old behavior)
  2. VM is powered on
  3. VMware Tools heartbeat detected
  4. VMware Tools Application heartbeat detected

Post condition delays:

  1. User-configurable delay – e.g. wait 10 minutes after power on

The configuration of the dependency chain is very simple.  In the Cluster configuration of the Web Client, you would first create the VM groups under VM/Host Groups.  For each group, you would include only a single VM.

orchestrated-restart2-jpg

The next thing to configure is the VM Rules in VM/Host Rules section.  This is where you can define the dependency between the VM Groups.  Since each group only contains a single VM, you are essentially creating a VM to VM rule.

orchestrated-restart3

In previous releases we were able to manage such behavior using e.g. SRM during failover to recovery site. However there are plenty of use cases where it’s necessary to provide the correct order of restarts during single site and HA cluster. Fortunately, now it’s possible 🙂