05-06-15

VCP6-CMA – Section 2: Administer vRealize Automation Users, Roles and Privileges

VCP6-CMA-sm-logo_120_108

Objective 2.1: Create Roles and Apply Privileges to Roles

Configure system-wide roles and responsibilities

  • There are three system wide roles, they are:-
    • System Administrator (create tenants, configure identity stores, assign IaaS and tenant administrator roles, configure Orchestrator, configure branding, notifications and monitor system logs)
    • IaaS Administrator (configure IaaS features and global properties, manage IaaS licences, create and manage fabric groups, create and manage endpoints and associated credentials, configure proxy agents, manage AWS instance types, monitor IaaS logs)
    • Fabric Administrator (manage build profiles, manage compute resources, manage cost profiles, manage network profiles, manage AWS EBS volumes and key pairs, manage machine prefixes, manage property dictionary, manage reservations and reservation policies)
    • Login as a tenant administrator and go to Administration > Users & Groups > Identity Store Users & Groups. Search for the required group, add the required roles from the list and click Update to save.

Assign user roles within tenants

    • There are seven tenant based roles, including:-
      • Tenant administrator (manage tenant identity stores, user and group roles, custom groups, tenant branding, notification providers and scenarios, create and manage approval policies, manage catalog services, item and actions, manage entitlements, monitor tenant machines and send reclamation requests, configure Orchestrator servers, plug-ins and workflows for use in the Advanced Service Designer, create and publish shared IaaS blueprints)
  • Service Architect (Define custom resource types, create and publish service blueprints with the ASD, create and publish custom actions)
  • Business Group Manager (create and publish business group specific blueprints from IaaS, catalog items and entitlements, monitor resource usage in a business group)
  • Support User (Request and manage items on behalf of other users within their business groups)
  • Business User (Request and manage services)
  • Approval Administrator (Create and manage approval policies)
  • Approver (Approve catalog requests, including provisioning requests or any resource actions)
  • Login as a tenant administrator and go to Administration > Users & Groups > Identity Store Users & Groups. Search for the required group, add the required roles from the list and click Update to save.

Configure tenant roles and responsibilities

  • Login to the vRealize Appliance as a tenant administrator
  • Select Administration > Groups
  • Click the Add icon
  • Select Identity Store Group
  • Type a group name in the Add existing Identity Store groups to this group search box
  • Select one or more roles from the Add Roles to this Group list (The Authorities Granted by Selected Roles list indicates the specific authorities you are granting)
  • Click Update.
  • Changes to user access rights are reflected immediately

 Add identity stores

    • Login to the vRealize Appliance as a tenant administrator
    • Select Administration > Identity Stores
    • Click the Add icon
    • Type a name in the Name text box
    • Select the type of the identity store from the Type drop-down menu
      • OpenLDAP
      • Active Directory
  •  Type the URL for the identity store in the URL text box. (For example, ldap://10.141.64.166:875)
  • Type the domain for the identity store in the Domain text box
  • (Optional) Type the domain alias in the Domain Alias text box
  • Type the login user Distinguished Name in the Login User DN text box (For example, cn=demoadmin,ou=demo,dc=dev,dc=mycompany,dc=com).
  • Type the password for the identity store login user in the Password text box.
  • Type the group search base Distinguished Name in the Group Search Base DN text box (For example, ou=demo,dc=dev,dc=mycompany,dc=com)
  • Type the user search base Distinguished Name in the User Search Base DN text box (For example, ou=demo,dc=dev,dc=mycompany,dc=com)
  • Click Test Connection
  • Click Add

Appoint tenant administrators

  • IaaS administrators cannot be added until IaaS components have been installed
  • You must first configure an identity store
  • Type the name of a user or group in the Tenant Administrators or Infrastructure Administrators search box and press Enter
  • Verify that the user or group name appears in Tenant Administrators or Infrastructure Administrators list
  • Click Update

Objective 2.2: Configure AD/LDAP Integration

Configure identity stores

  • Login to the vRealize Appliance as a tenant administrator
  • Procedure is much the same as in the “Add Identity Stores” listed above.
  • Changes can be made to search DNs, LDAP bind user and LDAP URL/port if required
  • Each tenant must have at least one identity store

Link an identity store to a tenant

  • Login to the vRealize Appliance as the system administrator
  • Click Add Tenant and fill in the details
  • Procedure is much the same as in the “Add Identity Stores” listed above

Configure a Native Active Directory Identity Store

  • Native Active Directory identity store is only available on the default tenant
  • Login to the vRealize Appliance as a system administrator
  • Join your Identity Appliance to Active Directory to enable Native Mode
  • When in the tenants view, select the default tenant (vsphere.local)
  • Click the Identity Stores tab, click Add and type in the name of the joined AD domain
  • Click Add and Update

04-06-15

North West England VMUG – Meeting Report

Yesterday was the summer get together of the North West England VMUG chapter at Rosylee in Manchester. A somewhat quirky venue, it offers an intimacy you don’t really get with other conference venues. We even had vRockstar Duncan Epping with us for the first time to cover off the latest and greatest in Virtual SAN. He seemed to like the venue too!

Although the event was planned as a vSphere 6.0 themed meeting, it seemed to err more towards the storage side of things. As well as event sponsors Pure Storage and Tegile, there were the usual sessions on “What’s New” and vNews. A new addition to the agenda was an “Ask the Experts” panel which seemed to work really well. Lots of questions about licencing! Anyway, without further ado..

VMware What’s  New – Ashley Davies

vmug-ashley

Long time chapter contributor Ashley Davies took us through the usual start of what’s new in the VMware world:-

– IT is in transition, stage 3 after mainframe and client/server
– New type apps coming to market like Uber etc
– How to bridge the two worlds between mobile and client server?
– VMware working on Cloud Native applications (docker, containerisation etc.)
– Photon and Lightwave are the first steps on the container engine development track
– Lightwave is the SSO solution, SAML, Kerberos, LDAP, OAuth, scalable architecture, multi tenant
– Open sourced both items
– Increased scalability in vSphere 6, at least x2 on everything
– Windows vCenter now same scalability as the appliance, VCSA supports Postgres and external Oracle
– Long distance vMotion, up to 150ms latency – migrations, disaster avoidance, multi site load balancing
– Fault Tolerance now up to 4 vCPU, requires 10Gbps networking
– Instant Clone – rapid cloning, Horizon View integration coming
– Data Protection based on Avamar and included from Essentials Plus and above
– Content Library – store and sync VMs, ISOs, templates
– NVIDIA GRID vGPU integration
– Enterprise Plus customers get Integrated OpenStack for free, but support is a paid option

Tegile Systems – Aaron Bell

vmug-tegile

We then had a session with Tegile, who are a storage startup with a presence in the UK.  Main points of the presentation were:-

– All Flash or Hybrid solution – Same O/S using IntelliFlash
– NAS and SAN protocols out of the box, block and file from the same system
– De dupe and compression (inline)
– Hybrid storage array for price per gig, all flash for performance
– Founded in 2010, launched Feb 2012
– 800+ mid-range enterprise customers
– 1900+ systems deployed
– Privately owned – Sandisk and Hitachi backed
– Best of VMworld 2012, Cisco, Citrix and VMware certified
– Partner with Microsoft, Oracle, Veeam and Zerto
– Citrix develop on Tegile, Apple develop iWorld on the platform
– Ferrari and McLaren
– 85% data reduction in VDI deployments, 10x performance improvement
– Boot and login storm mitigation
– Databases 33% data reduction
– Server virtualisation 50% data reduction, 5x 7 x performance improvement
– Hot data cached into top two layers of storage
– 5-10x less cooling
– 5-10x less power
– WAN efficient replication, just replicating new and changed blocks
– Set up ad hoc or automatic replication
– Web UI management
– REST API for automation, no Orchestrator plugin right now
– SCVMM support for Hyper-V (coming in next few weeks in new OS release)
– vCenter plugins available
– Call home alerts
– Opt in cloud analytics reports back twice daily and customer can access performance trends. Tipping point analysis not jusy yet
– VVol support on the way, September time. Native support, not an appliance
– IntelliCare Flash 5 guarantee

An interesting takeaway from the session was that the support/maintenance costs are flat across the five year term, making budgeting a whole lot easier. I’ve seen it previously where this figure can vary a great deal and really squeeze budgets. There is also an offer to replace the controllers in the array at the end of the five year term should you renew further past that. I didn’t note the full details, but I’d be happy to make any corrections where I’ve missed something off.

vRealize Operations 6.01- Matthew Steiner, VMware

Next up was Matthew Steiner with a session on what’s new with vRealize Operations Manager 6.01 (the product formerly known as vCenter Operations Manager). Although I’ve only had a quick play with it, it seems my assumption that it wouldn’t be a big change from 5.x was quite a common mistake. Even Matt admitted it took him a little time to get used to some of the differences.

Key points from the session:-

– vROPs 6 major change from 5.x series
– Don’t stand it up against a lab environment, can’t see the value. Needs to see “real world” examples
– Analytics, adapters, management packs and collections still the same
– Badges still the same (Health, Workload, Risk), numbers gone
– Dashboards and widgets still the same, super metrics
– Linux appliance or Windows
– Completely rewritten and re-architected from the ground up, 2 years development
– Single VM deployment, no longer Analytics and GUI VM
– Gemfire – in memory database
– Clustering – scale up, out, in, HA
– Scales to 64K VMs
– Use VCM to harden your hosts against hardening guidelines
– Improved reporting engine (major complaint of the 5.x product, apparently)
– Capacity modelling across all objects
– Capacity projects can forward plan resources needed for a deployment
– Action Framework – Symptoms, Recommendations, Action

 

VSANs and VVols – “Goodbye SAN Huggers” – Duncan Epping, VMware

vmug-duncan

Next was the session from VCDX and all round vRockstar Duncan Epping. He took us through the current status of the Virtual SAN product, it’s capabilities and use cases. There were also some important notes from the field around ensuring the hardware you use is HCL certified and you don’t just cobble together any old junk and expect it to fly like an eagle. To the sea, presumably. (My words, not his. Well, Peter Frampton’s words. Well, you get the idea.)

– Disk I/O has to go through the through kernel anyway, so why not position Virtual SAN within the hypervisor?
– Enables workload awareness
– Storage policy based management (SPBM)
– PowerCLI, perl, python can be complex, policy driven via vCenter much easier, lower learning curve
– VVols provides a framework for third party vendors to use
– Policy based framework means engine knows best place to put VM based on features of VVol enabled storage (dedupe, compress, striped etc)
– Virtual SAN fully integrated with vSphere stack – DRS, HA, etc
– Brings data closer to compute
– Granular elastic scale out. More resource needed, add more Virtual SAN nodes
– Virtual SAN needs a minimum of three hosts, all three must contribute storage
– 10Gbps Ethernet preferred, dedicated VLAN for Virtual SAN traffic. 1Gbps works, but should you?
– Theoretical max of 9 PB per cluster based on current sizing
– Up to 90K IOPS per host, sub milli second latency
– Linear scaling across nodes, predictable performance gains as cluster scales out
– All flash or hybrid model with vSphere 6.0
– Zero data loss in the event of hardware failure – VM copies placed elsewhere in the cluster – If you build Virtual SAN node from HCL components, SKU list is big – Virtual SAN ready nodes from partners, pre-built and tested, single SKU
– EVO RAIL pre built hardware appliance, EVO RACK not yet available
– Always pick components from HCL, picking a good disk controller is key
– Dell FX 2 and IBM flex being certified
– Impact of any Virtual SAN changes shown in vSphere Web Client
– Virtual SAN is object based product. VM is an object and VMDK is a component
– Most customers using SAS drives
– 60 minute wait on failure before recopying component to another host
– Virtual SAN is maintenance mode aware
– Fault domains introduced in Virtual SAN 6.0 to make it rack aware
– Better performance on snapshot using Virsto technology
– Content based read cache (View Storage Accelerator) coming for server workloads
– Compression and dedupe on the way but issue is overhead on host in doing this
– Virtual SAN monitoring available in vCenter. VSAN observer? Management pack for vRealize Operations Manager on the way
– VDI is a good use case for Virtual SAN

Pure Storage – Adrian Clarke

vmug-adrian

First up my sincere apologies to Pure Storage. I didn’t capture many notes about the company and the product as I had to take a phone call and missed the vast chunk of your session. If anyone wants to provide a brief summary or a link to the slide deck, I’d be happy to post it on this blog. As much as I got was the following:-

– All flash storage solution
– Gartner magic quadrant leader
– All Flash Array with consumer SSDs, always on encryption and dedupe from 2011
– FlashArray M is the new product. 6 watts per TB, reduced number of cables
– 100TB in 3U – Product designed and manufactured from the ground up, so Pure control not only the software but the hardware also which is unique with this type of solution

VMware Certification Roadmap – Community Session

Next up was me! I was asked by Steve and Nathan (VMUG leaders) to do a presentation last year, but due to having to take a contract at short notice I had to let them down and I hated doing it. I was asked back a second time yesterday and delivered a session on VMware certification and the roadmap for version 6 of products. I hadn’t presented for a couple of years, and although a little apprehensive at the start, within a couple of minutes I got into my stride and actually felt fine. I think it probably helped that it wasn’t a presentation on storage!

A quick straw poll at the start of the session was really interesting. I asked for shows of hands as to who had VCA, VCP and VCAP. VCA had a few hands, VCP had lots of hands and VCAP had no hands! I was very surprised at this, I was expecting at least a couple! It seemed Duncan and I were the only two in the room that I could see.

Key takeaways from the session:-

– VCP certification has been going since 2003, there are now more than 100,000 worldwide
– VCAP introduced in 2010
– VCDX introduced in 2010, around 200 worldwide (of which Duncan is 007!)
– Traditionally, VCP requires one exam to pass the certification, but this requires the ICM course to be sat first
– As you rise up the “Pyramid of Power”, the bar goes higher and there are fewer candidates
– Differentiate yourself in the market by achieving higher levels of certification, pimp your LinkedIn profile – you have a 10 second window of opportunity to impress people looking at your profile!
– Traditionally, VCAP track has multiple skills (Cloud, DCV, Desktop) and design or admin tracks, this being simplified to Implementation Expert (VCIX). Two exams, one certification. Multiple VCIX grants “Elite Implementer” status which sadly current multiple VCAP holders can’t have!
– VCDX requires a panel defence of a design document, can result in hundreds of hours of work and can be expensive to get (£1500+)
– Achieving VCAP status helped me feel less intimidated about working with vRockstars at top partners such as Xtravirt, helps validate your skills to others
– VCP-NV (network virtualisation) exam is half price until the end of June
– If you plan on sitting an exam or two at VMworld, don’t bite off more than you can chew and leave yourself exhausted. VCAP exams are 3 hours plus

To finish off we had some vNews from Ashley Davies and a new addition to the agenda, “Ask the Experts” panel. There was a lot of good interaction between the panel and the audience, a few questions on licencing but a lot on Virtual SAN. Thanks to the VMware guys for doing this, and oiling them with a beer during the session obviously helped!

vmug-experts

The next meeting is planned for Wednesday 9th September back at Rosylee, keep an eye on the chapter Twitter feed for further information.

02-06-15

VCP6-CMA Study Guide – Section 1: Install, Configure and Upgrade vRealize Suite Components

 

VCP6-CMA-sm-logo_120_108

There don’t really seem to be many study guides around (if at all) for the new VCP6-CMA exam, so I thought I’d start cooking my own notes. I hope to sit this exam in the next couple of weeks, so hopefully I can complete it in that time frame. It’s a bit rough and ready in places, but it’s something worth sharing. Let me know what you think!

Section 1: Install, Configure and Upgrade vRealize Suite Components

 

Objective 1.1: Explain vRealize Suite Editions and Features

 

Identify available features and third party integrations for different vRealize Suite editions

  • Two versions of vRealize Suite – Advanced and Enterprise. Licenced by CPU or Operating System Instance (OSI)
  • Third party integrations available from VMware Solutions Exchange
  • Features include automated delivery (self service portal, IaaS, infrastructure governance (approval workflows etc.), custom IT services (Xaas). Application Services requires Enterprise Edition (Application Director)
  • Intelligent Operations includes Operations Manager, Log Insight, application awareness (Infrastructure Navigator)
  • Application aware monitoring and change management requires VMware Configuration Manager and Hyperic, which comes with Enterprise Edition
  • Business Insight – uses vRealize Business Standard for pricing, showback, running costs etc. Service Level Management requires Enterprise Edition
  • VMware Orchestrator can be leveraged to run custom workflows from within vRA. Can use either embedded Orchestrator instance or remote one (appliance etc.)
  • Contains the following:-
    • VMware vRealize™ Automation Advanced or Enterprise
    • VMware vRealize Operations Advanced or Enterprise
    • VMware vRealize™ Log Insight™
    • VMware vRealize™ Business™ Standard
    • VMware vRealize™ Business™ Advanced or Enterprise

 

Differentiate vCloud Air solutions

 

  • vCloud Air solutions reside in the cloud in VMware owned datacentres, but are fully managed by the end user from their own infrastructure
  • Can use a defined endpoint in vRA to provision services in the cloud to vCloud Air and use vRealize Business to provide reporting and billing information

 

Identify vRealize Automation/vCloud Air integration options

 

  • vCloud Air can be integrated with vRA by defining an endpoint for consumption of services
  • Some vApp limitations/non supported options include:-
    • Creating vApp templates
    • Defining vApp (vCloud) and vApp Component (vCloud) blueprints without specifying a vApp template
    • Moving vApps between virtual datacenters
    • Moving virtual machines between reservations
    • Adding or removing components from a vApp
    • Creating or using vApp snapshots
    • Using a static IP address
  • Goal navigator can be used to integrate with vCloud Air
  • You must define a separate endpoint for each organisation defined in vCloud Air if you do not have full administration rights to all VDCs
  • Obtain the organisation VDC URL by logging into vCloud Air management and click the vCloud Director API URL link, use the first part of the URL, for example https://acme.com:443 in the address box

 

Identify vRealize Business Standard key capabilities

 

  • Provides cost and usage visibility of virtual infrastructure / private cloud and public cloud with out of the box integration with VMware vCenter, vRealize Automation, and vCloud Director.
  • Performs what-if analysis of virtual infrastructure / private cloud and public cloud, based on cost and utilization.
  • Automatically prices the services available through self-service in a hybrid cloud.
  • Provides out of the box benchmarks for cloud / virtual infrastructure environments, providing insight into capacity, costs, and efficiency.
  • Covers more than 3,500 benchmark measurements across 20 industries, 18 towers or domains and four geographies.
  • Benchmarks cover items like hardware, software, infrastructure, personnel, applications, IT structure, costs and more.
  • Data is less than 18 months old.
  • Data can show relative differences (and similarities) with your peers and decile performers.

 

Identify available vRealize Suite editions

 

  • Comes in Advanced and Enterprise Editions
  • Licenced per CPU or OSI

 

Explain vRealize Application Services functionality

 

  • Application Services uses Application Director virtual appliance to provide PaaS options for vRealize Automation
  • Uses drag and drop canvas so Application Architects can design application deployments as application blueprints
  • Includes ability to install dependencies, services and custom packages as part of the blueprint
  • Portable across vCloud Director, vRealize Automation, vCloud Air and Amazon EC2
  • Works with existing vRealize Automation business groups, entitlements, approvals, catalogs and tenants to provide a unified end user experience
  • Provides standardised application deployment blueprints for end users to consume

 

Explain vRealize Orchestrator functionality

 

  • vRO is a process automation tool that provides a library of workflows.
  • Can be used to manage vSphere infrastructure as well as third party environments (Microsoft, AD, F5 etc.)
  • Uses extensible plug in architecture to provide additional functionality
  • Exposes all vCenter operations in the vCenter Server API
  • Integrates with Advanced Service Designer so Service Architects can enable Xaas catalog items in vRA (create AD user, change password etc.)

 

Determine the appropriate vRealize Suite edition based on customer requirements

 

  • Use cases for vRealize Advanced include:-
    • Rapid, self-service infrastructure provisioning
    • Infrastructure health, performance, and capacity monitoring across physical, virtual, and hybrid cloud deployments
    • Rapid creation of rate cards and automatic pricing of service catalog blueprints for use in a self-service portal
    • Out-of-the-box benchmarks, usage metering, and public cloud comparison
    • Plan, control, and recover costs expended in providing full IT Services stack, implementing cost transparency, cost optimization, and demand management
    • Visibility into application dependencies and hypervisor change and configuration management
  • Use cases for vRealize Enterprise include:-
    • All of the above, plus
    • Rapid, self-service infrastructure and application provisioning
    • Automated configuration and deployment of multi-tier cloud applications
    • Visibility into application performance
    • Regulatory compliance, OS-level change, and configuration management
    • IT service level management
    • Transparency into IT performance and value measures for all services and vendors, enabling IT to govern contractual commitments

 

Objective 1.2: Install and Upgrade vRealize Suite Components

 

Deploy and configure appliances for distributed vRealize deployment (e.g. SSO, automation, DB)

 

  • Verify pre-reqs have been met, then obtain SSL certificates
  • Deploy Identity Appliance, vRealize Appliance and vRealize appliance to use as standalone database
  • Configure the load balancer to handle vRealize appliance traffic
  • Configure the Identity Appliance, vRealize appliance, vPostgres appliance for high availability
  • Configure the load balancer for IaaS traffic, install IaaS components
  • Configure the default tenant and provide the IaaS licence
  • Identity Appliance is protected using a HA enabled cluster
  • Can deploy multiple vRealize Appliance instances, but only one Identity Appliance
  • 1 vCPU, 2 GB RAM and 2GB disk space for Identity Appliance
  • 2 vCPUs, 8GB RAM and 30GB disk space for vRealize Appliances

 

Install IaaS components

 

  • Modules that make up IaaS include:-
    • IaaS website
    • Model Manager
    • vCloud Automation Center Manager service
    • IaaS database
    • Distributed Execution Managers (DEMs)
    • vRealize Automation Agents
  • Can perform a full install on a single Windows server or instal components for a distributed architecture
  • Only one instance of the Model Manager is allowed
  • IaaS requires a SQL database, IIS installed and appropriate firewall rules configured
  • Also requires .NET 4.5, Java 1.7 64 bit only and JAVA_HOME set, MS DTC enabled on all SQL nodes in the system
  • For SQL Server Express, the Server Server Browser must be running
  • Secondary Logon service enabled and running
  • PowerShell 2.0 installed
  • 2 vCPUs, 8GB RAM and 30GB disk for IaaS components

 

Configure default tenant and any additional tenants

 

  • Default tenant is configured from vsphere.local domain
  • Active Directory native mode only supported for the default tenant only
  • Add tenant administrators and/or infrastructure administrators to the default tenant
  • Provide the IaaS licence
  • Additional tenants require the following information:-
    • Login URL (https://vcac-host/vcac/org/tenantURL – default tenant is just /vcac)
    • Identity stores (Active Directory via LDAP)
    • Branding (custom logos etc.)
    • Notification providers (e-mail notifications etc.)
    • Business policies
    • Service catalog offerings
    • Infrastructure resources
    • Tenant and infrastructure administrators

 

Appoint administrators

 

  • IaaS administrators cannot be created until IaaS has been installed and licenced
  • Type the name of a user or group in the Tenant or Infrastructure Administrators search boxes and press enter. Click Update to save changes.

 

Configure load balancer

 

  • Session affinity must be enabled, AKA “sticky sessions”
  • Timeout on the load balancer must be at least 100 seconds
  • Import an SSL certificate into your load balancer
  • Configure the load balancer for vRealize Appliance traffic
  • Configure the load balancer to forward port 5480 (management port)
  • Configure the appliances for vRealize Automation

 

Integrate vRealize with external systems

 

  • Single vRealize Orchestrator can be used for all tenants
  • Internal instance can be used from vRealize Appliance, or configure external instance such as appliance. Administration -> Advanced Services -> Server Configuration
  • For an external Orchestrator instance, you need IP/DNS details and the port number of 8281
  • Use Orchestrator to connect to external systems such as Active Directory, XenDesktop, Horizon View etc and execute workflows against these
  • External systems may access vRA functions using a REST API

 

Manage SSL certificates

 

  • Update certs in the following order – Identity Appliance, vRealize Appliance, IaaS
  • With one exception, changes to later components in this list do not affect earlier ones. For example, if you import a new certificate to a vRealize Appliance, you must register this change with the IaaS server, but not with the Identity Appliance. The exception is that an updated certificate for IaaS components must be registered with the vRealize Appliance.
  • New SSL certificates are imported via the Identity and vRealize appliance management interfaces and you use PEM format. For load balanced scenarios, used a SAN based certificate
  • On the IaaS Server, run vcac-config.exe UpdateServerCertificates -d vcac_database -s sql_database_server -v
  • Add the virtual appliance certificate to the trusted store if it is not trusted and reset IIS with the iisreset command. Must be done on all IIS servers in the IaaS infrastructure.

 

Resolve deployment and configuration issues

 

  • Windows logs can be found in the Event Viewer and also under the C:\Program Files (x86)\VMware\vCAC folders
  • The InstallLogs folder and \Server\ConfigTool\Log folders are used by the installer
  • vRealize Automation Framework Logs are stored under /var/log/vmware
  • Support bundles can be created from the virtual appliances
  • Verify DNS, connectivity and NTP is all correctly configured
  • Check IaaS service account password does not include double quotation marks
  • To reinstall IaaS components, uninstall:-
    • vRealize Automation Agents
    • vRealize Automation DEM-Worker
    • vRealize Automation DEM-Orchestrator
    • vRealize Automation Server
    • vRealize Automation WAPI
    • Clear the SQL database to pre-installation state
    • Remove IIS binding on Default Web Site from 443
    • Delete the applications repository, vCAC and WAPI and application pools RepositoryAppPool, vCACAppPool, WapiAppPool
  • Check encryption.key file on the vRealize Appliance is owned by vcac user and group and has rw permissions for the user
  • Verify all inter node SSL certificates are correct and trusted
  • Blank pages in IE9 or IE10 are caused by compatibility mode. Disable this.
  • Unable to login to a tenant – check SSO internal tenant administrator password has not expired, this is 90 days by default. This does not affect LDAP identity stores.
  • Verify load balancer timeout is set to 100 seconds minimum should install or upgrade of a distributed environment fail.

 

Perform upgrade of vCAC 6.1 to vRealize Automation

 

  • Make sure all prerequisites are met (backups, MSDTC enabled on SQL nodes, snapshots of all appliances)
  • Shut down the vco-service on each vRealize Appliance
  • Shut down services on each IaaS Windows Server

 

Download and install updates to vRealize component appliances

 

  • Check for updates to the Identity Appliance from the management interface (port 5480)
  • Install the 6.2 update to the Identity Appliance
  • Check for updates from each vRealize Appliance
  • Install updates on each vRealize Appliance

 

Upgrade IaaS components

 

  • Upgrade the IaaS database using the DBUpgrade.exe script (one time operation), can be downloaded from the vRealize Appliance installer page
  • Must run script as an administrator
  • Script sample syntax – DBUpgrade.exe -S (server name) localhost -d (database name) VCAC -E (use Windows credentials)
  • Run the IaaS installer from the vRealize Appliance installer page on each IaaS node
  • In multiple IaaS Server environments, perform the following:-
    • Upgrade all websites
    • Upgrade all Manager services
    • Upgrade DEM orchestrator and workers
    • Upgrade all agents
  • In a distributed environment, the load balancer must be configured to pass traffic on port 8444 to the vRealize Appliances to support remote console features

Objective 1.3: Configure and Administer vCloud ConnectorIdentify the components of vCloud Connector

  • vCloud Connector consists of three distinct components: the vCloud Connector user interface, the vCloud Connector server, and vCloud Connector nodes.

Explain vApp copy process

  • vCloud Connector uses a path-optimized copy mechanism that provides a relatively higher copy speed and lower storage requirements.
  • It uses a path optimization framework to export data from the source cloud, transfer it, and import it into the destination cloud in a parallel flow, instead of sequentially.
  • The data is streamed in small chunks. As data is being exported from the source cloud, it is transferred and imported into the destination cloud.
  • Files are not written to the staging area of either the source or destination vCloud Connector node during the copy process
  • Under optimal conditions, the node staging area is not used during copy. However, in some scenarios (for example, if the transfer or import part of the copy process is slower than the export), data needs to be buffered and the staging area is used to store chunks of data.
  • In such cases, the amount of storage needed might be equivalent to the size of the object being copied. Ensure that you have adequate storage on the nodes

Identify the virtual machine state

  • You can use vCloud Connector to power on, power off, suspend, resume or reset a virtual machine or vApp in a cloud that has been added to vCloud Connector.
  • Any action on a vApp applies to all its virtual machines.
  • In the Inventory panel, click the Virtual Machines or vApps tab. A list of virtual machines or vApps is displayed.
  • You can view the current state of the virtual machine or vApp in the Status column

Identify the configuration(s) necessary for Data Center Extension

  • Datacenter Extension (Stretch Deploy) lets you extend your private data center to a public vCloud
  • vSphere, vCloud Director, ESXi server, destination vCloud, vShield Manager, VDS must all be version 5.1 or higher
  • vShield Edge must be able to reach the internet
  • vShield Edge must have one external connection and an internal interface
  • VM must be connected to a port group
  • VM must be connected to a VDS, standard vSwitch is not supported
  • VM cannot be connected to multiple networks
  • If moving a vApp, VMs cannot be connected to different networks

Configure and Administer vCloud Connector

  • vCloud Connector is configured from the appliance management interface on port 5480
  • Comprises System, Network, Update, Server and Nodes tabs
  • System Tab – information and time zone
  • Network tab – IP address settings and any proxy servers required
  • Update Tab – Check and install updates, check update poll schedule
  • Server Tab – log files and SSL configuration, register Connector with vCenter Server for management
  • Nodes tab – manage nodes in the vCloud Connector configuration

Differentiate between functionality of components of vCloud Connector

  • Using vCloud Connector, you can manage virtual machines, deploy templates, and transfer virtual machines, vApps, and templates from one cloud to another
  • Content Sync lets you set up a Content Library to distribute and synchronize templates across clouds.
  • Datacenter Extension (Stretch Deploy) lets you extend your private data center to a public vCloud.
  • Offline Data Transfer enables you to transfer large amounts of data from your private data center to VMware vCloud® Air™

Implement required network and security settings

  • Ports 80 (HTTP), 443 (HTTPS), 8190 (UDT transfer) and 5480 (admin) need to be open

Determine storage requirements and add storage for vCloud Connector node

  • Default storage on vCloud Connector nodes is 40 GB. You may need to increase this in some cases.
  • If you will be copying large virtual machines, vApps, or templates. In some scenarios (for example, if the transfer or import part of the copy process is slower than the export), vCloud Connector uses the staging area during copy and might need storage equivalent to the size of the object being copied.
  • If you will be copying many items simultaneously from a cloud.
  • If you increase the maximum number of concurrent copies allowed for a node
  • You need to resize the data disk on the vCloud Connector node by expanding hard disk 2 in the vSphere Client
  • Login to the appliance console and run sudo  opt/vmware/hcagent/scripts/resize_disk.sh

Register vCloud Connector UI with vCenter Server

  • In the vCloud Connector server Admin Web Console at https://vCCserverIPaddress:5480, click the Server tab, then the vSphere Client tab
  • The vCloud Connector server URL field is automatically filled
  • Type the vCenter Server IP address or fully qualified domain name
  • If your vCenter Server is running on a port other than the default, specify the port number with the IP address. For example, 10.10.10.10:54
  • Type the user name and password for the vCenter Server
  • If the vCenter Server has a vCloud Connector server already registered with it that you want to replace, select Overwrite existing registration
  • To verify that the registration was successful, log in to the vSphere Client and check that the vCloud Connector icon appears under Solutions and Applications in the Home page.

Register vCloud Networking and Security Manager with the vCloud Connector server

  • Don’t understand what is being asked here!

Troubleshoot common vCloud Connector installation and operations issues

  • Test network connectivity between all objects by using the curl -k command
  • Log files can be downloaded from the appliance management interface on port 5480
  • Log files are /opt/vmware/hcserver/logs/hcs.log and  /opt/vmware/hcagent/logs/hca.log
  • Edit the logback.xml file to change log behaviour settings
  • Upgrades can be troubleshooted using the /opt/vmware/var/log/vami/vami.log and /opt/vmware/var/log/postinstall log files. Log file should read “Finished installing version n.”
  • Verify FQDNs can be resolved if they are being used

Create a vCloud Connector Content Library

  • The vCloud Connector Content Library is a library of published folders or catalogs of templates to which users can subscribe. These templates can be virtual machine templates from vSphere clouds or vApp templates from vCloud Director clouds or public vCloud Director-based clouds.

Publish vSphere folders and vCloud catalogs to a vCloud Connector Content Library

  • In the Browser panel, expand the Clouds tree and find the folder or catalog of templates that you want to publish.
  • Right-click the folder and select Publish to Content Library. If Publish to Content Library is disabled, check that you are right-clicking a folder or catalog. The option is disabled for other objects, such as a datacenter or an organization.
  • Click Publish in the confirmation dialog box
  • In the Browser panel, select Content Library. The Catalogs table appears in the Inventory panel. The table lists the catalog or folder that you published, along with details such as its location, publisher, and the time that it was last updated.
  • Click on the folder name to view the templates it contains. Users can now subscribe to the published folder

Subscribe/unsubscribe to a published folder or catalog

  • In the Browser panel, select Content Library. The Inventory panel displays a Catalogs table which lists all published catalogs and folders
  • To view the templates contained in a folder or catalog, select it in the Catalogs table. The Templates table that appears below the Catalogs table displays the contents of the selected folder or catalog.
  • In the Catalogs table, select the catalog or folder to which you want to subscribe
  • Click the Subscribe icon (down arrow) at the top of the Inventory panel. The Subscribe Wizard appears
  • If you want templates to be deleted from your subscription folder or catalog if they are deleted in the published catalog, select Remove entities if deleted at publisher.
  • Select the cloud to which you want to copy the templates.
  • If your destination cloud is a vSphere cloud, do the following.
    • Select the folder to which you want to copy the templates, then click Next.
    • Specify an empty folder and do not add other content to it after you subscribe. vCloud Connector assumes that the folder is under its management and might replace or delete content in it.
    • Select a cluster, host or resource pool, then click Next.
    • Select the virtual disk format and a datastore, then click Next.
    • Select the frequency at which you want the subscription folder to be synchronized with the published folder. You can specify either the interval, in hours, or a custom schedule indicating the specific days and times at which you want the folder to be synchronized.
    • In the Ready to complete page, review your selections and click Finish.
  • If your destination cloud is a vCloud Director cloud, do the following.
    • Select the catalog to which you want to copy the templates, then click Next.0
    • Specify an empty catalog and do not add other content to it after you subscribe. vCloud Connector assumes that the catalog is under its management and might replace or delete content in it.
    • Select a virtual datacenter, then click Next.
    • Select the frequency at which you want the subscription folder to be synchronized with the published folder. You can specify either the interval, in hours, or a custom schedule indicating the specific days and times at which you want the folder to be synchronized.
    • In the Ready to complete page, review your selections, then click Finish.

Stretch deploy a VM or vApp using Data Center Extension

  • Ensure the VM to be moved is powered off
  • Click Stretch Deploy icon
  • Select the destination cloud
  • Give the vApp a name (stretched_ is added)
  • Choose a catalog and VDC for storage
  • Select VDC network and supply an external IP address
  • If the VM is manual static IP address, this should be changed from DCHP once inside the public cloud
  • Power on the VM

Objective 1.4: Configure vRealize Automation Settings
Configure vRealize system settings to handle system notifications and appearance

  • Login to the vRealize Application as either a tenant or system administrator
  • Select Administration -> Branding, click Choose File
  • Set privacy policy and contact links if required
  • Click update
  • To set e-mail, login to vRealize Application as a system administrator
  • Select Administration -> Email Servers
  • Click the add button, select Email inbound or Email outbound
  • Configure the appropriate settings, click test connection and add to finish

Enable connections and set concurrency limits on IaaS server

  • To conserve resources, vRealize Automation limits the number of concurrently running instances of machine provisioning and data collection. You can change the limits.
  • The default delivery timeout intervals for the SetupOS and Clone workflow activities are 20 hours for each
  • Open the ManagerService.exe.config file in an editor. The file is located in the vRealize Automation server install directory, typically %SystemDrive%\Program Files x86\VMware\vCAC\Server
  • Locate the section called workflowTimeoutConfigurationSection
  • Update the following variables, as required (MaxOutstandingResourceIntensive WorkItems, CloneExecutionTimeout, SetupOSExecutionTimeout, CloneTimeout, SetupOSTimeout, CloudInitializeProvisioning, MaxOutstandingDataCollectionWorkItems, InventoryTimeout, PerformanceTimeout, StateTimeout)
  • Save and close the file, restart the vRealize Automation service
  • You can change the frequency of several callback procedures, including the frequency that the vRealize Automation callback procedure is run for changed machine leases
  • Open the ManagerService.exe.config file in an editor. The file is located in the vRealize Automation server install directory, typically %SystemDrive%\Program Files x86\VMware\vCAC\Server.
  • Update the following variables, as desired (RepositoryWorkflowTimerCallback MiliSeconds, ProcessLeaseWorkflowTimerCallbackIntervalMiliSeconds, BulkRequestWorkflowTimerCallbackMiliSeconds, MachineRequestTimerCallbackMiliSeconds, MachineWorkflowCreationTimerCallbackMiliSeconds)
  • Save and close the file, restart the vRealize Automation service

Configure Datacenter locations

  • Locations are stored in the file %SystemDrive%\Program Files x86\VMware\vCAC\ServerWebSite\XmlData\DataCenterLocations.xml
  • Add the string <Data Name=”Manchester” Description=”Manchester DC” /> within the <CustomDataType> section
  • Save and close the file
  • Restart the Manager service

20-05-15

IP Expo Manchester – Day 1 Review

As part of my new role, I’m hopefully going to be getting out and about a lot more and seeing what the virtualisation market has to offer that is complementary to our VMware offerings. As a result, I attended day 1 of the new IP Expo conference at Manchester Central today (that’s the G-MEX in old money!), where there were a whole slew of VMware partners showing off their wares. Not only VMware too, but other vendors and some quirky exhibitors (such as the Museum of Computing).

My first impressions of the solutions hall was that it was a bit smaller than I was expecting, taking up just half the hall. I suppose seeing as delegate tickets were free, the organisers wanted to dip of a bit of a toe in the water before committing to a much bigger event. The Expo also shared the venue with the TMRW conference, which is a “paid for” event with the likes of Brian Cox (that’s the scientist and not the mad Scottish actor) speaking to the masses.

Opening Keynote – Sir Richard Leese, Leader of Manchester City Council

leese

So first up was Sir Richard Leese to open the event. The general theme of the speech was to re-iterate the growth in the local economy and how that was being driven by the digital economy. There were so many facts and figures sprinkled throughout the speech that I wondered if I should have a bingo card on my lap to tick off all the numbers!

Anyway, some key information taken from the speech was:-

  • Greater Manchester population grew by 19% in the last 10 years
  • 28% growth employment rate between 2004 and 2014
  • Manchester is home to the two most popular universities in the UK
  • £2 billion invested in transport over last 5 years
  • 45,000 people working in digital economy
  • The Sharp Project in East Manchester is now fully let
  • The north west textiles industry growing fast again because of technology
  • Manchester hosts the only Internet exchange outside of London
  • Government support for “Devo Max” in Manchester area, first of it’s kind in England

At the end of the keynote we were promptly kicked out of the keynote hall for TMRW guests only. Bad form! Most of the room stood up and left, and to be honest it was all a bit awkward. I hope the organisers don’t make this mistake next year. That being said, as Tim Lovejoy was MC, I wasn’t sorry to leave!

Veeam – 3 2 1 Rule of Backups – Kevin Ridings

veeam

The next session I attended was by Veeam. I’m especially interested in this vendor as we already partner with them successfully and it’s a partnership we’re looking to extend as we grow our portfolio of solutions. Some pearls gleaned from this session:-

  • What is the 3210 rule? 3 copies of data, two different media types, one copy off site with zero errors
  • The 321 Rule protects you in most DR scenarios
  • Tape support in version 7 of Backup & Replication as customers asked for it
  • Tape provides best price per GB, doesn’t consume power to be stored
  • However, tape requires man hours to move around
  • Slow RTO
  • Veeam B&R Backup Copy jobs automatically copies backups to secondary repository, which uses different retention  policies
  • Built in WAN accelerator is aware of de-duplication and content
  • Cloud Gateway provides SSL connections over a single port
  • Additional role on the Veeam server
  • Cloud providers can securely share storage between tenants, optimising costs
  • CloudConnect works as a local repository
  • Possible to enable self service, PowerShell and REST
  • Requires version 8 update 2

The main takeaway from this session was that CloudConnect partners could be used as secondary repositories for Veeam backups and you can work with your existing Veeam partner to do this and ensure your data is safe, secure and with a trusted partner (and not “in the cloud” where you may not know where the hell it is!).

Cetus – From Ground To The Cloud
cetus
The next session was by Cetus Solutions, who discussed their project to deliver cloud services to NextGear Capital, which was a rare example of a startup company and a greenfield site. What was interesting about this case study was that as a brand new company, NextGear were not lashed to a legacy infrastructure and deliberately wanted to leverage cloud technologies to give them scale and performance without needing a large IT department and on premises kit.
  • New company founded by Cox Automotive Group in US
  • £40 million to 300 dealers in first 6 months
  • Enterprise grade infrastructure from day one
  • Highly scalable with lean back office infrastructure
  • Startup company wanted IT as OpEx rather than CapEx
  • Financial data needed to be secure and in compliance with industry legislation
  • Core infrastructure,  applications, disaster recovery as a service
  • FlexPod solution
  • Xenapp 7.5 with Atlantis ILIO
  • Citrix NetScaler with thin clients and mobile devices
  • External cloud services such as SalesForce
  • Replicate VMs to Cetus environment
  • NetScaler sat in front of desktops and environment, aggregated content from “internal” cloud and third parties into a single interface.

The key message from this case study was that this startup could be agile and keep costs and complexity down by building a bespoke environment from scratch using best of breed technologies that would allow them to scale up in future with predictable costs. Interesting!

 

SimpliVity – Making Sense of Hyper Converged Infrastructure – Hani El Qasem
hani
My next session was with SimpliVity, who are a relatively new company in the hyper converged space. I’d heard of them before owing to them sponsoring a vBeers event (hic!) but also because Cisco have partnered with them, plus I’m linked to a couple of their guys on LinkedIn and see what they’re up to.
Hani’s session was really interesting as in my mind it raised the question of whether the monolithic stacks we have now such as FlexPod and vBlock might already be a thing of the past? Yes they’re solid and reliable, but it’s still a multi vendor solution and there are a lot of moving parts. Not to mention separate compute, storage and networking takes a lot of additional overhead. I can see both sides of the argument on FlexPod type solutions and hyperconverged solutions such as SimpliVity and Nutanix. I guess it all comes down to customer requirements, as it always should be.
  • 3 1/2 years in development before shipping the product, rare for a startup
  • Best of VMworld 2013 and 2014, amongst others
  • Customers include T-Systems (aka T-Mobile), NHS
  • Customers want consumer economics on a cloud scale
  • Data protection, performance, data efficiency and global unified management all baked into the product
  • Web providers such as Facebook and Google use cheap, disposable hardware and build resiliency into the application
  • Enterprise do it the other way around
  • Converged infrastructure phase 1 like FlexPod/vBlock,  Phase 2 is storage and server. Phase 3 collapse all into one stack like SimpliVity
  • Omnicube (SimpliVity solution) is x86 architecture. Accelerator card performs dedupe,  compression,  accelerator, optimisation. Dedupe once and forever. Across all tiers (SSD, HDD, DRAM).
  • Can scale down. Minimum of 1 cube, other hyperconverged solutions need 3 as a minimum,  some need 4 if you need maintenance
  • Global unified management
  • Extension of vCenter,  not a proprietary interface. Single pane of glass plus no big learning curve of a new management UI
  • Integrated data protection and WAN optimisation
  • Reduced energy consumption, less physical space if renting CoLo space
  • One SKU
  • DRAM,  SSD and HDD tiers
  • Presentation layer uses NFS
  • 40 to 1 reduction in data storage required
  • Example given was 5.4 TB of raw data, reduced to 2.7 TB on competition solution,  650 GB on Omnicube
Virtual Volumes – Jonathan Disley Nimble Storage
After a wander around the hall, I dropped into my final session of the day by Nimble Storage. I’d lost track of time to be quite honest, so I was a little bit late and missed the first part. The session was a whistle stop tour of the new Virtual Volumes (VVols) functionality baked into vSphere 6.0. I have to say, Jonathan had to whip through it so quickly because of time that I didn’t really digest all of what was being said, so it’s something I need to follow up on. I did take some notes though:-
  • There are three main different storage designs on VMware – guest connected, VMDK on VMFS or RDM
  • Virtual volumes break into policy control plane and virtual data plane
  • Storage container is the logical construct, advertises services such as snapshot, encryption etc
  • Set storage policy and assign to a VM such as thin provisioned, snapshot etc
  • Uses VASA provider to be storage aware. Nimble embeds this into the controller. Some vendors use a separate virtual appliance
  • No VMFS partition on the virtual volume
  • Nimble InfoSight software has per VM performance monitoring. Cloud based offering that uses “call home” messages and statistics from installed controllers
  • Possible to see noisy neighbours causing latency on a data store

I’ll be back for day two tomorrow, so watch out for another review!

06-05-15

The Open Road

open-road

I know I haven’t blogged for a while, but you’ll probably see now why. I recently left ANS to join a consulting and services company called Frontline Consultancy, who are another VMware partner in the North West. I realise I wasn’t at ANS too long, but to be honest, this new role was an opportunity not to be missed.

I wasn’t on the lookout for a new position, but it was nice to be spotted and once I found out what the role was about, I couldn’t say no. This blog has been EUC centric for quite a long time, and while there will still be some EUC content, I will be moving into a more general VMware space in terms of content. I’m headed back into the data centre and adding vCloud technologies to my bow (or vRealise, or whatever it’s called today!).

Obviously I’ve been doing DCV activities for some years, but cloud was the major missing piece of my personal skills jigsaw. Now I have the chance to close this gap and get involved with some automation projects that take me out of my comfort zone and force me to adapt once again. Ultimately, I do believe variety is the spice of life and as the picture above would suggest, the road is open for me and the chances appear to be limitless.

As I left ANS, they were recently awarded the Converged Infrastructure gong at the NetApp Partner awards, so they continue to go from strength to strength and I wish them well. As for my new role, it’s a good chance to for me to get stuck into a really high profile projects and become a better and more rounded techie.

One more thing, I have accepted the invitation to speak at next month’s North West England UK VMUG where I will be discussing the new VMware certification roadmaps and the recent changes made. Please do come along and give it a whirl, I believe we also have a vRockstar there in the shape of Duncan Epping. An event not to be missed! More details and registration are available at the event page. We’re back at Rosylee in Manchester, with the ubiquitous (and free) vBeers available afterwards.

Hope to see you there!

26-03-15

Upgrading The Home Lab Part III : Upgrading VMware Tools and Virtual Hardware

We’ve arrived at the final part of our odyssey (a small odyssey in my case, but an odyssey none the less!) in our upgrade to vSphere 6.0. We’ve upgraded vCenter (relatively trouble free), ESXi (not so much, but that was down to my Jurassic era hardware) and now we have the small matter of the VMs left, to upgrade VMware Tools and virtual hardware to the latest versions.

This might seem like the easiest task of the lot, but actually in my experience this is the hardest part. Not so much from a technical level, but from the perspective of there being large numbers of VMs to touch, and of course in times of Change Management, getting agreement to down VMs to upgrade their virtual hardware can sometimes feel like rutting stags in a field. Although from vSphere 5.1 onwards, a Windows reboot for an upgrade of VMware Tools was eliminated, we still need to power off VMs in order to upgrade their virtual hardware.

29fc1f37d00bf7a74decf694dce0559225f242e6 “Barry, let me upgrade the virtual hardware on your Exchange Server!..” “…No! Bugger off, Maurice! I can’t have 5 minutes downtime!..”

Thankfully, VUM can come to our rescue again. When it’s installed, it creates some default patch baselines. Two of which include baselines for upgrading virtual hardware and VMware Tools. You can see these by clicking on the VMware Update Manager button in the Home view in the vSphere Client. You need to click on the “Baselines and Groups” tab and then on the “VMs/VAs” button. You should see the following in your VUM screen:-

vum-vm-baselines

There is also an upgrade path for virtual appliances you can see at the bottom, we’re not going to cover that here as usually appliances are in the minority. VMs are what we’re looking at here. In order get VUM to bring our VMs up to date, we need to create a couple of Baseline Groups, or we can just use a single group if we want to consolidate both upgrades into a single operation, which is what I’ll be doing. We can do this from the same screen as above, in the right hand pane. Click on the “Create” button to start the Baseline Group as shown below:-

create-baseline-group

This starts the Baseline Group creation wizard, which only really has a couple of steps to set up, nothing too tricky. Give the Baseline Group a name, as below. And no, don’t use one of the Bee Gees like I did with the stag picture:-

baseline-1

Click Next and as we’re only upgrading VMware Tools and virtual hardware, we’re going to leave virtual appliances alone. We are going to create VM upgrades, so tick the radio buttons next to the following groups:-

  • VM Hardware Upgrade to match host (predefined)
  • VMware Tools Upgrade to match host (predefined)

This is shown below:-

baseline-types

Click Next..review the settings and click Finish and you’ll see the following screen:-

baseline-group-complete

So now we have our baseline groups created, we now need some VMs to attach them to. As I’ve said countless times before, this is a test environment, so I don’t suffer from the same constraints as a production system. That’s another way of saying “if something explodes, I don’t care”, but that being said, I do want to stage these updates to make sure everything works as I expect before I push the baseline group to a wider audience.

I am not going to update any virtual appliances as I mentioned previously, and I have no VMs right now that are Linux based. Rather than pushing out the baseline to all Windows VMs, I’m going to stage them by folder. First up is my seldom used Windows Cluster folder. This has two Windows Server 2012 R2 nodes and an iSCSI target also running Windows 2012 R2. As I hardly use this cluster, it spends most of it’s life powered off, meaning it’s a good place to test my rolling VM updates.

So to start with, if you haven’t already, create a folder and move the VMs you want to update into this folder (hint: you’ll need to be in the “VMs and Templates” view in vSphere Client to do this). Once you’ve done this, you can add the baseline group to the folder by clicking the Update Manager tab and clicking the Attach.. button. You’ll then see the dialog below:-

attach-baseline-to-folder

As you can see, I already ticked the box to add the Baseline Group to the folder. The sharper eyed readers amongst others will notice I could have done this without creating a baseline group first, but I think my way is neater 😉

Click Attach and then you will need to perform a Scan.. just as we did with the hosts. In fact, it’s exactly the same process. Remember at this stage, we don’t care about virtual appliance updates, so make sure you untick that box and tick the other boxes for VMware Tools and virtual hardware, as below:-

confirm-tools-scan

The scan results are in, and lo and behold I’m not compliant:-

vm-scan

In which case, I need to hit the Remediate.. button to apply both sets of upgrades, just like we did with the hosts. This starts an upgrade wizard, as shown below:-

remediate-vm-1

On clicking Next.. the next step is to schedule when we want the upgrades to occur. Like I said, these boxes are my guinea pigs as they are hardly ever powered on, so I can go ahead and do it immediately. In the production world, you’d probably have to do this out of hours or whenever your maintenance windows are:-

remediate-vm-2

Give the task a name and description as shown above, and decide when you want the process to run. The scheduled intervals are applied via powered on machines, powered off machines and suspended virtual machines. By default, Immediately is set for all cases. Take care here!

One really useful feature of using VUM to upgrade VMs is the ability to create snapshots ahead of the actual upgrade processes. This is very handy on the off chance that something goes badly pear shaped. There’s no reason it should, but it’s always nice to have a safety net, isn’t it? And you are creating full offline backups, aren’t you?

remediate-vm-3

So as you can see above, I’m keeping the snapshot for 24 hours (default is 18, for some reason). You can keep them forever if you like, but if there are a lot of VMs to be upgraded, this could swallow a lot of expensive storage in a busy environment very quickly. I just want to make sure the VM boots and reports back in as up to date once the process is complete. 24 hours is plenty of time for me to validate the update hasn’t eaten my VM. As these particular VMs are already powered off, no need for me to select Take a snapshot of the memory for the virtual machine. This requires a running instance of VMware Tools and can add a lot of time to the process, so use sparingly.

Time for one last sanity check and then hit Finish if you’re happy:-

remediate-vm-4

You can then monitor the upgrade task in the tasks pane at the bottom of the screen, as below (click to expand):-

remediate-vm-5

Once the upgrade task completes (and this could take a while, so go and make a coffee or something), you should see a fully compliant bunch of VMs. If you don’t, you can use the Tasks/Events window (Events mainly) to help troubleshoot what went wrong. The law of averages says that a couple of VMs out of dozens will need some minor hand holding. To get through them all without issues is pretty much unheard of, so don’t worry. As you can see below from the Events window, the upgrade process is ongoing:-

vum-progress

And then after a little while of VUM whirring away in the background, skidoosh! We have 100% compliance!

remediate-vms-100-percent

Don’t believe me? Here’s what one of the VMs says..

vm-status

We’re on version 11 virtual hardware (ESXi 6.0 compatible) and VMware Tools are current. All done by VUM in the background. Multiply that by a few dozen VMs and you’ve got a nice time saver there! I also wanted to show that the pre-upgrade snapshot is available for us, on the off chance something went septic:-

vm-snapshot

As you can see, VUM even puts in a useful description so we know what the snapshot is, when it was created and when it will be deleted (if applicable).

Conclusion

Upgrading VMs can often be the trickiest part of the upgrade process as there can be hundreds or thousands of objects to be updated. However, VUM can make this process pretty painless by automating the upgrades and scheduling them for a time that suits you. Don’t be like Barry and Maurice at the top of the article – get a maintenance window with the VM owner and get VUM to do all of the heavy lifting for you.

 

25-03-15

Upgrading the home lab Part II : ESXi hosts

In Part I of the “Upgrading the home lab” series, we migrated/upgraded the vCenter appliance from version 5.5 to 6.0. That all seemed to go pretty well, so the next major step on the road to vSphere 6.0 is to upgrade the ESXi hosts in the environment to ESXi 6.0. Just before we get to that, we’ve actually missed a step out. Once vCenter has been upgraded to version 6.0, you should take a few minutes to upgrade VMware Update Manager (VUM) to version 6.0 too. In my case I hadn’t got around to building a 5.5 VUM server, so I just built one out from scratch with the vSphere 6.0 installer DVD. I just did a simple install and used the SQL Server 2012 Express version for the database, as I’m just managing a single host. For 5 or more hosts, you should go and get the “full fat” SQL Server.

What’s new with VUM?

Not really a lot as far as I can see. It still requires a Windows Server (minimum 2008, but 2012 R2 should be your aim these days), still requires a SQL database (see above) and still requires the vSphere Client (not the Web Client) to perform any kind of meaningful management. In that respect, it doesn’t look much different than it did in 5.5 days. You can read what’s new in the VUM 6.0 documentation, but it seems to be more database support than anything to get excited about (like baking it into the appliance, for example).

Upgrading the ESXi host(s)

To upgrade your hosts, there are a couple of different ways you can do it. You can boot from the DVD (or remotely attach an ISO image if you have an iLO/DRAC card etc.) and perform an in-place upgrade, you can use VUM to upgrade your hosts, or you can boot from DVD/ISO and perform a fresh installation. It depends what you want to achieve in the process, obviously you want a quick and supported way of getting your hosts up to date, and VUM is VMware’s recommended method.

However, in most enterprise environments, ESXi hosts are commodity items – by this I mean all VM data (and even ISOs) are stored on shared datastores on SAN/NAS etc. In this case, you can achieve a “clean slate” installation by using the installation DVD to perform a fresh installation with the original addressing information. Consider the use of host profiles to “backup” the host configuration before you start (requires Enterprise Plus licencing).

You can also use scripted upgrades, using Auto Deploy or the esxcli command, see here for further information on supported methods. I’m lazy, so I’m using VUM.

Using VUM to upgrade your hosts

As noted above, VUM is the recommended method of upgrading hosts to the latest version of ESXi. In terms of supported prior versions of ESXi, if you’re version 5.x or above, you’re pretty much in clover. Anything older than that is basically a fresh new installation. That’s not all bad, depending of course on how many hosts you have to get through. Remember to check the VMware HCL to ensure your host hardware is supported with ESXi 6.0 and if you can, obtain the custom vendor ISO for ESXi for the best level of driver support and functionality. At the time of writing however, I was only able to find the HP version of the custom ISO (as you can see below), so I will have to use the GA ISO to upgrade my PowerEdge. Hurry up, Dell!

esxi-downloads

Once you have obtained the ESXi 6.0 ISO, ensure your VUM plugin in the vSphere Client is installed and enabled (and one step I haven’t specifically called out is to ensure you upgrade your vSphere Client to version 6.0 before you start this part. Reports of it’s demise have been somewhat premature!).  You can check this by going to the Plugins menu and selecting Manage Plugins.., you should see something similar to the following:-

plugin-manager

If you have a prior version of the VUM plugin installed or you don’t have the plugin installed, you will have to select the “Download and install” option. This runs a brief installer and does not require a reboot nor a restart of the vSphere Client. If the installation has been successful, you’ll see the plugin enabled in the Plugin Manager and you’ll also have a button on the home screen and an extra tab on the host view.

The next step is to upload our ESXi ISO into the VUM repository and create a patch baseline. To do this, you need to go to the Home view in the vSphere Client and then click on the VUM button in the Solutions and Applications section, as shown below:-

vum-home

This button takes you into the VUM management view and from here we need the ESXi Images tab, as shown below:-

esxi-images

And then from there, click on “Import ESXi Image” as shown above. Browse to and select the ESXi 6.0 ISO you downloaded, click next to start the import process and you should see the following progress dialog. This only usually takes a couple of minutes or so.

iso-upload

If the import has been successful, you’ll see the following dialog:-

import-successful

We now need to create an upgrade patch baseline from this ISO so we can add it to our hosts to be upgraded. Leave the “create a baseline” option ticked and give it a meaningful name, as shown below:-

baseline-name

And click “Finish”. All being well, you should now have both the ISO imported and the baseline created, as shown below:-

baseline-iso

So now we have imported our ISO and we have created a baseline. Now we need to associate this baseline with an object to be upgraded. We basically have three choices here – we can apply the baseline at datacenter level, cluster level or we can apply the baseline at individual host level. I’m going to go for the first option, just so I can call out some differences between the options. To apply the baseline to the datacenter object, select the datacenter object in the vSphere Client, select the Update Manager tab and click the Attach.. button on the far right, as shown below:-

attach-baseline

As you can see, my datacenter has no baselines already attached. In the “Attach baseline or Group” dialog, you should see the upgrade baseline we created earlier. Tick the box and tick “Attach” as shown below:-

attach-baseline-group

Once you have attached the patch baseline to the datacenter object, the view in Update Manager should change. You will see the hosts added and a 0% compliance report. This is because we haven’t yet run a scan against the host to check what version of ESXi already exists and if the host is compatible with the ESXi 6.0 upgrade. Next, select your hosts and click the “Scan..” button in the top right.

vum-scan

In our case we just want to scan against upgrade baselines, so be sure to tick this box in the “Confirm Scan” dialog:-

confirm-scan

Click the “Scan” button and VUM will go off and query each host in turn for their compliance against the ESXi 6.0 upgrade baseline we created. This should only take a couple of minutes per host. Once the scan is complete, you should see new information in the VUM tab. In my case, my host as come back as “Incompatible”, which doesn’t surprise me in the least as this host hardware is prehistoric by any measure. However, I can still force the upgrade to run if I know the installer will complete successfully. This isn’t strictly supported by VMware, but all this basically means is that only current generations of servers are tested by VMware and their partners for HCL purposes. To recertify every piece of server hardware for each new release of ESXi does not make sense. This does not however mean that your server can’t run ESXi 6.0, I suggest you test it on some development kit first before moving forward. In my lab, I don’t care!

vum-incompatible

As you can see in the above graphic, my host is older than Bruce Forsyth and as such comes back as non compliant in VUM. No surprises there. In order to force this upgrade through, I can hit the “Remediate” button to force the upgrade to start. I have seen in the field some HCL certified kit come back as incomplete, so sometimes you do need to know how to do this to get the upgrade done. This in turn starts a 6 step wizard to push the upgrade down to the host via VUM. First up, we need to select which hosts and which baseline to use, as below:-

remediate-1

Then we thoroughly read and agree to the software EULA:-

remediate-2

The next step is “signing the death warrant”. If this goes toes up, that’s down to you! Check the box to ignore warnings and in my case, hope my offline backups are good!

remediate-3

Then we give the task a name and description (you can call it anything you like, really) and schedule when this upgrade should be done. I’m going to do it immediately, because I just can’t wait for ESXi 6.0 goodness!

remediate-4

In the final configuration step, I need to tell VUM what to do if there are running VMs on the host to be upgraded. Normally you wouldn’t change anything here as really you should already have your host in maintenance mode before you target it with the upgrade. As my vCenter appliance is on the host to be upgraded, I need to be slightly more creative and get vCenter to power VMs off.

remediate-5

Then one last sanity check before we hit the chicken switch…

remediate-6

And off we went. However, big problems lay ahead. VUM spat out my upgrade saying the CPU in my host was not compatible. OK, fair enough. I did buy it from Fred Flintstone! What I did instead was to burn the ESXi 6.0 ISO to CD and boot it off the physical DVD drive in the host. This way I can basically tell the installer I don’t care about compatibility and support issues, I’m going to bear the risk of it all turning to toast.

First off, I booted from the CD and as the files were copying (black screen with yellow thin progress bar at the top), I got the error “Error loading /s.v00 Fatal error: 6 (Buffer too small)” and the whole thing just stopped. I didn’t get it – the MD5 matched the VMware download site! I downloaded the ISO again, but this time I performed a “direct” download rather than using the Download Manager. The MD5 matched again, I burned a new CD and this time it all worked just fine.

Even though the installer complained bitterly about the host CPU, CPU virtualisation modes and a PCI device not being supported, it all seems to work just fine. The host booted and my vCenter appliance auto started as usual. For completeness, time to go back into VUM and validate my upgrade. To do this, select the host, go to the Update Manager tab and select “Scan” again, as previously. This should take just a minute or so, and then we get what we were hoping for. Green!

vum-green

So now we have vCenter at 6.0 and ESXi at 6.0. Not without a few niggles, but that’s just a consequence of using such old hardware. The moral of the story for me is that it’s high time I gave my boxen an overhaul. Finally, as a last piece of housekeeping, I’m going to validate the status of my vSphere Client plug-ins :-

plugin-error

It seems everyone is happy except Mr Auto Deploy. I don’t use Auto Deploy in my lab, but red errors kind of piss me off anyway. I performed a quick Google and found a blog post by Kyle Gleed that tells you how to fix this. You simply start the Auto Deploy service on the appliance as it’s disabled by default. God bless the internet. However, Kyle’s instructions reference a management interface to the appliance which is no longer used in 6.0. In order to configure appliance based services, you must login to the Web Client as an administrator and enable it from there.

In the main Web Client home screen, click on the “Administration” button on the left and navigate down to Deployment/System Configuration as shown below:-

deploy-sysconfig

Then click “Services”..

services

And then right click on “Auto Deploy”.. and select “Edit Startup Type”..

rightclick-autodeploy

 

Select the Startup Type, depending on how you want the service to start on appliance boot – I’m choosing “Automatic“and click OK..

startup-type

And then manually start the service by right clicking again on “Auto Deploy” and selecting “Start”..

autodeploy-start

I then go back into Plugin Manager, enable the Auto Deploy plugin (accepting any certificate warnings) and we should be free of errors!

plugin-manager-fixed

As a side effect, we also have a nice button added to the home screen:-

autodeploy-button

Conclusion

So there we go, we now have an upgraded vCenter Server and ESXi host. I wouldn’t advise forcing the upgrade through the way I did unless you have nothing to lose – i.e. it’s a test lab or something non production. If the host hardware you are installing to is HCL listed, you should whizz through a VUM focused upgrade just fine.

If you get any odd errors in the Web Client, try deleting your browser cache and also the Flash Player cache from Control Panel. There could be something caught up in there from 5.x days.

Next stop is upgrades to the virtual machines – virtual hardware and VMware Tools. That is to come in Part III !

 

23-03-15

Upgrading the home lab Part I : vCenter Server

vSphere 6.0 has finally shipped, so I decided to take the plunge and upgrade the home lab to vSphere 6.0. In the next couple of posts, I’ll outline the steps required to perform the upgrade, plus any issues I encountered along the way. I think most people know that most articles I write are focused around VDI, so let me express this straight out of the gate. vSphere 6.0 does not support Horizon View until release 6.1. So basically, don’t upgrade any environments to vSphere 6.0 where View is in use, stuff will probably break. When is View 6.1 out? I don’t have a clue right now, but seeing as the release notes have been posted up, I can’t imagine it’s too far away.

If you’re project planning and you need to have certified upgrade paths (I know some project documentation requires this in some companies), the current (at the time of writing) interoperability matrix result is shown below:-

Compatibility Matrix

 

So my home lab is a very simple affair indeed. It comprises a single host which is a Dell PowerEdge 1435SC with 32GB RAM and two Opteron processors. Old hat I know, but it gets the job done. For those wondering how I deal with power management on such old kit, it’s simple. I turn the bugger off when I’m not using it! As I’m often on the road, I don’t see a lot of value having the beast humming away in the attic when I’m not around to use it.

Anyway, that aside, it’s currently on ESXi 5.5 U2 and runs the vCenter Server Appliance. I chose the appliance because it’s quick and simple, and I don’t have to faff around with Windows licenses. I know Linux quite well, so I don’t have any fear knocking around on the command line. In vSphere 6.0, the back end architecture of vCenter changes somewhat. If you recall, in vCenter 4.x and 5.0, everything was pretty much just baked into one installer. In vSphere 5.1 and 5.5, Single Sign On was broken out (and made good in 5.5!), as was the Inventory Service to provide a more modular environment should you wish to break things out a little for scalability and to mitigate the “all eggs in one basket” factor.

Further to that, vCenter 6.0 now has the concept of the “Platform Controller”.  Put simply, the Platform Controller are infrastructure or access services such as SSO, License Service, Lookup Service and the Certificate Authority. vCenter Server is basically everything else, so Inventory Service, PostgreSQL, Web Client, Dump Collector, et al. For my simple purposes, I’m just going to upgrade from my current vCenter 5.5 appliance to the 6.0 appliance, I don’t really need to start making the design overly complex. In fact, because it is just a lab environment, I’m not massively bothered if the upgrade process blows up, I can just rebuild from scratch. Obviously in a live environment, I’d be slightly more circumspect!

One important caveat to note is in the VMware documentation:-

You cannot switch the models after deployment, which means that after you deploy vCenter Server with an embedded Platform Services Controller, you cannot switch to vCenter Server with an external Platform Services Controller, and the reverse.

For full information of the pros and cons of either method, please refer to the product documentation. I’m not going to go into that level of detail here. What is reassuring for me with my one host and a dozen VMs is the following comment in the documentation:-

vCenter Server with an embedded Platform Services Controller is suitable for most environments.

Cool, I feel kind of validated now. I couldn’t see at first blush how the sizing of your environment effects your design decision, I suspect it’s more to do with geographical constraints, multiple vCenters and other VMware products that integrate with it, such as vRealise Automation. More on that in the future once I understand it better!

The Appliance Upgrade Process

The process of upgrading your vCenter appliance from 5.x to 6.0 is actually more of a migration than an upgrade. In essence what you’re doing is spinning up a new appliance as 6.0 with temporary IP address information, using SSH to copy over the database from the source 5.x appliance (and historical data if you so choose), changing the target appliance’s IP address to the source’s address and then dropping the source 5.x appliance.

Meeting Prerequisites

As you might expect, there are several prerequisites to be met before actually copying over any files or making any changes. First and foremost – have a backup and no, a snapshot is not a backup! By all means take a snapshot of your vCenter Server prior to starting the process, but have a block based backup too, whether that’s via Veeam or any other backup method. Don’t rely on snapshots. If you do, you’re upgrade deserves to fail!

Again the product documentation is the best place to refer to, as I’m sure over time these will change as experiences come back from the field when the product is being deployed. Once pre-requisites have been met, we’re hot to trot and ready to install our vCenter Server 6.0 appliance.

Download the appliance ISO file from MyVMware (at the time of writing this is VMware-VCSA-all-6.0.0-2562643.iso) and you may notice from the off we’re not downloading an OVA/OVF as we did previously. This is because the upgrade method is slightly different. Instead we’re going to take the ISO and mount it locally on our Windows machine (if you’re on Windows 8.1, you can right click and select Mount to mount the ISO to your DVD drive) as shown below:-

mount-vcsa

 

Alternatively, you can right click and extract with 7-Zip (for example) and create a source directory of files. However, for my purposes, I’m going to keep it simple and mount the ISO in Windows. Once mounted, we need to navigate to the DVD drive and go to the \vcsa folder. In here is the installer for the Client Integration Plugin, which we will need for this process. As a good habit, don’t forget to right click the installer and select “Run as Administrator”, as shown below:-

client-runasadmin

You’ll need to close any running browsers as plugins are installed, and then step through the simple installer, which should take just a minute or so. Once this install is complete, no reboot should be required and we can jump back into the root of the installation DVD and run the main installer vcsa-setup.html. I ran this with IE, I don’t know how well it works with other browsers. You will need the browser plugin access to start the installer, so click “Allow” (if you’re using IE):-

allow_installer

You should then be greeted with the option to install or upgrade. If you don’t see this screen, go back and check your client integration plugin installation (a reboot may help):-

install

Time for another quick sanity check at this point that the pre-requisites have truly been met. In my case I’m running a 5.5 version of the virtual appliance, as shown below:-

old-vc

 

so I’m good to go:-

sanity-check

Now to the meat and potatoes of the installer itself, and a nine part wizard now has to be negotiated in order to kick the upgrade process off. First up is the usual EULA. I read this thoroughly (twice!) and consider myself happy with it and click “I accept..” and click Next:-

part1-eula

Next I need to input details of the ESXi host to which I’d like to push out the new virtual appliance. Note the caveats listed at the bottom of this step – disable lockdown or maintenance mode and if you’re using a VDS, initial deployment of the appliance must be to an ephemeral port group. Click Next:-

part2-esxi

Accept the certificate warning by clicking Yes in order to continue:-

part2-cert

Your host credentials will then be validated as shown below:-

part2-creds

Step 3 is setting up the appliance name and SSH options. I’m calling mine the highly imaginative and original name of “vCenter” and I’m turning SSH on because it’s a lab and I’m not massively fussed about security. In the real world, leave this disabled unless you specifically need it. Click Next to proceed.

part3-vm

Step 4 is configuring the source information for the migration, so your existing vCenter Server. In this screen you need to enter IP/DNS details of the current appliance, version number, your administrator@vsphere.local SSO password (and if you’re a buffoon like me and forgot what the password was, you can reset it using this KB!), the root password for the appliance and host information along similar lines. You can optionally choose to migrate performance and other historical data. I’m going to enable this option, and I can’t think of any great reason in the real world why you wouldn’t do this (unless your database is mah-oosive). Before you proceed, check the caveats at the bottom of the page – that lockdown mode and maintenance mode is disabled and the source appliance’s DRS setting is disabled so it doesn’t move off that source host part way through. Click Next:-

part4-source

Once the credentials have been accepted, take care to check the information presented to you on what happens post upgrade. The new appliance will inherit the old appliance’s IP address. Also make sure no firewalls prevent SSH access between both appliances as this is the transfer method used during the migration/upgrade. The installer will start the SSH process will be started on the source appliance if it is not already running. Click Yes:-

part4-warning

In step 5, we have the choice of choosing what size appliance we’d like. This is pretty similar to the Windows based installation and helps determine JVM heap sizes are set appropriately, amongst other things. I feel quite inadequate choosing the “Tiny” option, but it is what it is and I have no requirement to go any bigger than that. Size clearly is everything in this case. Make your selection as appropriate and click Next:-

step5-size

Step 6 is choosing which datastore you’d like the appliance to go on. I’m going to choose the one with the most available space and I’m also going to thin provision it. This appliance won’t be doing a great deal in my lab and the datastore isn’t likely to fill up quickly, so I have no real need to thick provision here. Click Next:-

step6-datastore

Step 7 is the creation of some temporary network details for the new appliance as this is a migration really as opposed to an in place upgrade. In this step, we should pick the same port group as the source appliance and use the same subnet as well if possible, especially if the data migration is going to be large. My database is small and it’s a single host, so speed shouldn’t be an issue. Fill out the details appropriate to your environment and click Next:-

step7-network

Step 8 is the “Ready to complete” or final sanity check. Review the information presented and check for typos, wrong IP addresses, what size appliance you need (sometimes “Tiny” just ain’t enough!) and when you’re happy, click Finish:-

step8-ready

All being well, the process should start by initiating the appliance deployment to your ESXi host as below:-

Deploy

You can also monitor what is going on by connecting to the ESXi host with your vSphere Client and clicking on the “Events” tab of your target appliance, you should see something similar to below:-

transfer

And some while later, I was greeted with the following screen. The process took around an hour, but bear in mind this is a “tiny” and simple deployment. Larger enterprises should budget a lot more time for this process when migrating between appliances:-

finished

I double checked my “old” appliance has been powered off, and the new appliance is up with the original appliance’s identity:-

appliance-screen

Once the install is completed, you may like to perform some housekeeping before you put the appliance into production. By default, my appliance came up with the DNS name localhostI don’t really want that, so I quickly logged into the appliance console to change it. Something you may notice that’s new is that the vCenter appliance has now been set to behave just like an ESXi host, so once you press F2 to customise the system and entered the root password, the menu structure should be something that’s pretty familiar:-

appliance-menu

I like that VMware use a different colour scheme on the appliance to save any confusion with connecting with an ESXi host. Even though you can see it’s the appliance at the bottom of the screen, with many screens open it may help prevent costly mistakes! To go back to the original housekeeping, go into Configure Management Network and then DNS Configuration. Input the appropriate values for your appliance, as shown below:-

new-dns

I also like to disable IPv6, though there is a mixed bag of opinion on this. I say if you don’t use it, don’t enable it. However, this is a subjective thing and purely optional. To disable IPv6, go into Configure Management Network and then into IPv6 Configuration. To disable it, hit the space bar to uncheck the box as shown below and restart your appliance.

disable-ipv6

Once rebooted, you can see we’re up to vCenter 6.0!

about-vsphere6

Post upgrade issues

I have only really come across two issues so far – firstly I got an “Error #1009” which I cleared by deleting cookies etc from my web browser (and also upgrading the Flash Player in Firefox to the latest version).

As you can also see from the above screen shot, I was having issues with the Client Integration Plug-In. It was definitely installed from when we started the migration process, and all three browsers I had reported the issue (IE11, Firefox, Chrome) so I uninstalled the plug-in from Add/Remove Programs, rebooted, downloaded the plug-in again from the Web Client login page, installed it and as you can see below, all was good:-

integation-enabled

Conclusion

In conclusion, I’d say well done to VMware for streamlining the upgrade process for the vCenter appliance. Yes, it has a couple of quirks and yes you should ensure all pre-reqs are met, but by and large I was pretty impressed with the whole process. Next up, my ESXi host….!

 

16-02-15

Elite Implementer Status : A Few Thoughts

Cert_Roadmap_2015Q1_v5_final_WEB

 

(Image taken from vmware.com)

There is a lively thread going on over at LinkedIn regarding the new VCx 6.x tracks that I felt compelled to jot down a few thoughts on. Firstly, once the new track becomes live, the VCAP level certs will be renamed to VCIX (VMware Certified Implementation Expert) and will require two exams as before. One for administration and one for design. So far, so good. Two exams as before, presumably of similar lengths as the VCAPs now with the same core set of skills being measured. However, instead of having two certifications to your name (VCAP-DCx and VCAP-DTx), you’ll have one. Fine, I suppose it makes sense and I don’t have a problem with that.

Now comes the interesting bit – “Elite Implementer status will be granted for candidates who complete multiple VCIX certifications”. I’m glad VMware have recognised the amount of effort and skill required to complete multiple Advanced tracks, however these exams aren’t yet live (I’m guessing it will be  around VMworld time before we see them in the wild) and there are a lot of people out there whose VCAP certifications are current and have completed multiple tracks.

In my opinion, there is no reason why VMware cannot enact this change right now. It costs them nothing and provides recognition to those who have spent a minimum of around 12/14 hours sitting these tough VCAP exams and getting through them. Think about it. Yes, we’d all like to be VCDXs, but the crushing reality is often that this certification requires a level of commitment way over and above anything I’ve seen from any other certification. I simply don’t have the time and energy to commit to around 100-150 hours on putting together a design and submitting it to VMware and then defending it in front of a panel, much as I’d love to.

The VCAP exams are tough, make no mistake. Not only do you need to have “operational” experience with all the respective products, but you also need to have a good understanding of the overlapping ecosystem – such things as third party solutions, Active Directory, Group Policy, storage, networking and more. Anyone with a VCAP cert has been through the mill to get it and deserves a pat on the back. To have both design and administration certs for multiple different VMware technologies elevates you to another level still.

So in short, come on VMware, recognise your multi-track vRockstars now and give them Elite Implementer status. It’s a small gesture that will go a long way and keep existing holders motivated for when the 6.x track comes on line. For more information on the 2105 track announcements, please visit MyLearn.

Comments and opinions are welcome, maybe with enough weight we can make it happen!

 

29-01-15

VCP-DT6 – What’s New?

I noticed the other day when looking for something entirely unconnected that the latest iteration of the VCP-DT has sneaked out, somewhat under the radar. The exam is intended to test your skills around the full Horizon View stack, including Workspace, vCenter Ops for View and Mirage. AppStacks doesn’t make it in there, but that’s not a great surprise. The ink is barely wet on the acquisition paperwork, so I suppose that will form part of the VCP7 track, or whatever it gets called.

So then, what’s new? The most obvious items that leap out from the exam blueprint are Mirage and Horizon Workspace. If you’ve been hiding under a rock or EUC stuff just isn’t your thing, Mirage is a product acquired from Wanova a couple of years back which performs layered image management of physical and virtual desktops. Horizon Workspace is a web based portal that runs from a Linux appliance which can present virtual desktops, applications and such via a unified web portal.

The exam itself is 120 questions, which does sound like rather a lot but you have 120 minutes in which to answer them all, so 1 question per minute. Even I can work that one out! If English isn’t your mother tongue, then you get an extra 30 minutes.

So other than Mirage and Workspace, what else does the exam cover? As you’d expect, as View requires a vSphere stack, there are some questions relating to the install and configuration of vCenter and ESXi hosts. That’s been in there since the start, so no real surprises there. You’ll also need to know the basic building blocks of a View infrastructure, so Connection Servers and the like. I notice the blueprint makes mention of RDSH (Terminal Services in old money), which of course is new in View 6.x., so as well as firewall rules you’ll need to know how to manage RDSH. There are also objectives around creating RDSH farms and desktop and application pools for RDSH apps.

View Cloud Pod architecture is featured as objective 2.6 – this again is a new feature of View 6.x and is lovingly referred to by me alone it seems as Linked Mode for View. This is where you can have two separate View instances and tie them logically together as one for fault tolerance and high availability.

Section 5 is pretty heavy on VMware Mirage, so my inference here is that you’re going to have to know this product reasonably well if you want to pass the exam. Installation and configuration seems to be the order of the day, so know how to install and configure the major components such as Management Server and Console, Web Manager, Mirage Server and Mirage Gateway Server. If you’ve not come across Mirage before and you want a primer to get you going for the exam, I recommend giving the free VMware Hands On LabHOL-MBL-1455 – Managing Desktops with VMware Mirage“a go.

Section 6 hammers Workspace Portal. As users become more and more mobile and have expectations of a consumer type “App Store” environment, I forsee Workspace Portal becoming ever more popular. It can also serve as a single point of entry for virtual desktops, RDSH applications and ThinApps. Again, if you don’t have time to spin up a test environment and you want to get to grips with the product a bit better, try the hands on lab “HOL-MBL-1453 – VMware Workspace Portal – Explore and Deploy“.

Virtual SAN gets a mention in objective 9.2. I suppose this is more of a product awareness thing, as in it’s first iteration it has a reasonably narrow use case in my opinion, certainly in the EUC space. Again the Hands On Labs come to the rescue to give you the insight on the product basics, try “HOL-SDC-1408 – VMware Virtual SAN 101“, which I would expect to give you enough knowledge to get past any questions you might have about Virtual SAN.

Finally, objective 12.3 covers off vCenter Operations Manager for View. Yes, I know it isn’t called vCOps anymore, but there was obviously a timing issue with the exam and the rebranding of the product! V4V is basically a View specific driver that snaps into the regular vCOps product, so you’ll need to know how to do that too. Guess what? There’s a lab for that! Have a look at “HOL-MBL-1452 – Horizon View – Use Cases” to get a first hand view of what V4V is all about.

As for me, I doubt I’ll sit this exam unless I have to (maintain Partner status etc.) as I’ll wait for the VCAP updated exams. I actually prefer the VCAP exams as they focus a lot more on “doing” rather than memorising numbers of scale and things like “What version of SQL do I use for vCenter?”. I’m also busy at the moment with other vendors’ certs, so hopefully the VCAP updates are a few months off yet!

If I get some time, I’ll try and put together a short study guide for the VCP6-DT exam, so I’ll tweet about that if and when it happens.