VCAP5-DCA Objective 5.2 -Deploy and Manage complex Update Manager environments

Objectives

• Install and configure Update Manager Download Service
• Configure a shared repository
• Configure smart rebooting
• Manually download updates to a repository
• Perform orchestrated vSphere upgrades
• Create and modify baseline groups
• Troubleshoot Update Manager problem areas and issues
• Generate database reports using MS Excel or MS SQL
• Upgrade vApps using Update Manager
• Utilize Update Manager PowerCLI to export baselines for testing
• Utilize the Update Manager Utility to reconfigure vUM settings

Install and configure Update Manager Download Service

Official Documentation:
Installing and Administering VMware vSphere Update Manager 5.0, Chapter 9 “Installing, Setting Up, and Using Update Manager Download Service”, page 57.

Summary:
Short Recap: Update Manager enables centralized, automated patch and version management for VMware vSphere and offers support for VMware ESX/ESXi hosts, virtual machines, and virtual appliances.
With Update Manager, you can perform the following tasks:

• Upgrade and patch ESX/ESXi hosts.
• Install and update third-party software on hosts.
• Upgrade virtual machine hardware, VMware Tools, and virtual appliances.

Update Manager requires network connectivity with VMware vCenter Server. Each installation of Update Manager must be associated (registered) with a single vCenter Server instance. The Update Manager module consists of a plug-in that runs on the vSphere Client, and of a server component, which you can install either on the same computer as the vCenter Server system or on a different computer.

You can deploy Update Manager in a secured network without Internet access. In such a case, you can use the VMware vSphere Update Manager Download Service (UMDS) to download update metadata and update binaries.

Upgrading vSphere objects and applying patches or extensions with Update Manager is a multistage process

in which procedures must be performed in a particular order. VMware recommends following this procedure.

Continue reading →

VCAP5-DCA Objective 5.1 – Implement and Maintain host profiles

Objectives

• Use Profile Editor to edit and/or disable policies
• Create sub-profiles
• Use Host Profiles to deploy vDS
• Use Host Profiles to deploy vStorage policies
• Manage Answer Files

Use Profile Editor to edit and/or disable policies

Official Documentation:
A good reading on Host Profiles is the  VMware Host Profiles: Technical Overview.

The vSphere Host Profiles Guide, covers the following aspects regarding Host profiles:

• Creating host profiles
• Exporting and importing a host profile
• Editing host profile policies
• Attaching an entity to a host profile
• Applying a host profile to an entity attached to the host profile
• Checking the host profile’s compliance to an entity attached to the host profile
• Checking and updating the host profile’s answer file

Summary:
The essence of Host profiles:

Host profiles eliminates per-host, manual, or UI-based host configuration and maintains configuration consistency and correctness across the datacenter by using host profile policies. These policies capture the blueprint of a known, validated reference host configuration and use this to configure networking, storage, security, and other settings on multiple hosts or clusters. You can then check a host or cluster against a profile’s configuration for any deviations.

Workflow

You perform host profiles tasks in a certain workflow order. You must have an existing vSphere installation with at least one properly configured host.

1. Set up and configure the host that will be used as the reference host.
   A reference host is the host from which the profile is created.
2. Create a profile using the designated reference host.
3. Attach a host or cluster to the profile.
4. Check the host’s compliance to the reference host’s profile. If all hosts are compliant with the reference host, they are correctly configured.
5. Apply the host profile of the reference host to other hosts or clusters of hosts.

Policies

A policy describes how a specific configuration setting should be applied. The Profile Editor allows you to edit policies belonging to a specific host profile.

Here, is an example how to use the Profile Editor to edit and/or disable policies

• After Applying a previously created Host profile to a ESXi host, this output is received:

Figure 1

Continue reading →

VCAP5-DCA Objective 4.2 – Deploy and test VMware FT

Objectives

• Modify VM and ESXi host settings to allow for FT compatibility
• Use VMware best practices to prepare a vSphere environment for FT
• Configure FT logging
• Prepare the infrastructure for FT compliance
• Test FT failover, secondary restart, and application fault tolerance in a FT Virtual Machine

Modify VM and ESXi host settings to allow for FT compatibility

Official Documentation:
vSphere Availability Guide, Chapter 3,” Providing Fault Tolerance for Virtual Machines”, page 35.

Summary:
Recap, what is FT? vSphere Fault Tolerance (FT) provides continuous availability for virtual machines by creating and maintaining a Secondary VM that is identical to, and continuously available to replace, the Primary VM in the event of a failover situation. This graphic provided by VMware shows the concept.

Figure 1 – FT (graphic by VMware)

Remember the following:

• FT with DRS. You can use FT with DRS when the Enhanced vMotion Compatibility (EVC) feature is enabled. This process allows fault tolerant virtual machines to benefit from better initial placement and also to be included in the cluster’s load balancing calculations.
  DRS does not place more than a fixed number (default=4) of Primary or Secondary VMs on a host during initial placement or load balancing. This limit is controlled by the advanced option das.maxftvmsperhost. When vSphere Fault Tolerance is used for virtual machines in a cluster that has EVC disabled, the fault tolerant virtual machines are given DRS automation levels of “disabled”.
• Affinity rules. If you use affinity rules with a pair of fault tolerant virtual machines, a VM-VM affinity rule applies to the Primary VM only, while a VM-Host affinity rule applies to both the Primary VM and its Secondary VM.

Unfortunately FT has a lot of requirements on the Cluster, Host and VM level!

Continue reading →

VCAP5-DCA Objective 4.1 – Implement and maintain complex VMware HA solutions

Objectives

• Calculate host failure requirements
• Configure customized isolation response settings
• Configure HA redundancy
  • Management Network
  • Datastore Heartbeat
  • Network partitions
• Configure HA related alarms and monitor an HA cluster
• Create a custom slot size configuration
• Understand interactions between DRS and HA
• Analyze vSphere environment to determine appropriate HA admission control policy
• Analyze performance metrics to calculate host failure requirements
• Analyze Virtual Machine workload to determine optimum slot size
• Analyze HA cluster capacity to determine optimum cluster size

Reading:

• vSphere Availability Guide
• vSphere Availability Guide Deployment Best Practices for vSphere 5.x
• Troubleshooting VMware High Availability (HA) in vSphere;
• Advanced Configuration options for VMware High Availability
• The ultimate resource on this topic is of course  VMware vSphere 5 Clustering, Technical Deepdive by Duncan Epping and Frank Denneman.

Calculate host failure requirements

Official Documentation:
vSphere Availability Guide, Chapter 2, Section “Host Failures Cluster Tolerates Admission Control Policy”, page 16.

Summary:
One step back:
vCenter Server uses admission control to ensure that sufficient resources are available in a cluster to provide failover protection and to ensure that virtual machine resource reservations are respected.
Three types of admission control are available.

• Host
  Ensures that a host has sufficient resources to satisfy the reservations of all virtual machines running on it.
• Resource Pool
  Ensures that a resource pool has sufficient resources to satisfy the reservations, shares, and limits of all virtual machines associated with it.
• vSphere HA
  Ensures that sufficient resources in the cluster are reserved for virtual machine recovery in the event of host failure.

NOTE: vSphere HA is the only type of admission control that can be disabled. When vSphere HA admission control is disabled, vSphere HA ensures that there are at least two powered-on hosts in the cluster even if DPM is enabled and can consolidate all virtual machines onto a single host. This is to ensure that failover is possible.

There are three options for vSphere HA admission control:

1. Host Failures Cluster Tolerates;
2. Percentage of Cluster Resources Reserved (preferred option)
3. Specify a Failover Host

With the Host Failures Cluster Tolerates admission control policy, vSphere HA ensures that a specified number of hosts can fail and sufficient resources remain in the cluster to fail over all the virtual machines from those hosts.

This is how the policy works:

1. Calculates the slot size.
   A slot is a logical representation of memory and CPU resources. By default, it is sized to satisfy the requirements for any powered-on virtual machine in the cluster.
2. Determines how many slots each host in the cluster can hold.
3. Determines the Current Failover Capacity of the cluster.
   This is the number of hosts that can fail and still leave enough slots to satisfy all of the powered-on virtual machines.
4. Determines whether the Current Failover Capacity is less than the Configured Failover Capacity (provided by the user).
   If it is, admission control disallows the operation.

This leaves a few questions

Continue reading →

VCAP5-DCA Objective 3.4 – Utilize advanced vSphere Performance Monitoring tools

Objectives

• Configure esxtop/resxtop custom profiles
• Determine use cases for and apply esxtop/resxtop Interactive, Batch and Replay modes
• Use vscsiStats to gather storage performance data
• Use esxtop/resxtop to collect performance data
• Given esxtop/resxtop output, identify relative performance data for capacity planning purposes

Configure esxtop/resxtop custom profiles

Official Documentation:
vSphere Monitoring and Performance Guide, Chapter 7 “Performance Monitoring Utilities: resxtop and esxtop”, page 45.
And not the Resource Management Guide as the Blueprint states…

Summary:
Chapter 7 presents a nice overview.

The resxtop and esxtop command-line utilities provide a detailed look at how ESXi uses resources in real time. For thos familiar with Unix/Linux esxtop is the vSphee equivalent of the well known top command.

esxtop can be run from the Shell of an ESXi server and can only be used locally on a ESXi host. You need root privileges to run esxtop.
resxtop stands for remote esxtop and is found in the vMA or in the vSphere CLI. For remote connections, you can connect to a host either directly or through vCenter Server.
Whenusing the vMA, resxtop is vifp aware.

Both utilities operate in 3  modes:

• interactive (default),
• batch
• replay.

A lot has been written about the available options. A few tips to get started:

If you do forgot about options,  for both commands type:

# esxtop –help or # esxtop -h

The output is slightly different. Esxtop has the Replay mode and a few experimental features. Resxtop, of course has the options for remote connections.

Figure 1 –  esxtop

Continue reading →

Dismounting a Datastore…

Just a quick one. Apparently a simple issue. I wanted to completely un-mount an iSCSI Datastore on just one ESXi host in a Cluster. In case you wonder why, the answer is “for testing purposes”.

The vSphere Client has an option to accomplish this task. Select the desired Datastore, right-click and select “Unmount” from the menu. After a few moments, the affected Datastores disappears from the overview. Now select the “Devices” view and you will notice that the device is still there. Select “Properties” and “Manage Paths..” and connections are still there.
I have tried quite a few things to completely remove all traces. Fortunately there is a simple solution. Just perform the following steps, you do not need to perform the unmount procedure.

The first step is to remove the ESXi host from the access list. This depends on the shared storage solution. In this example an Equallogic series. Select the Volume, go to the “Access” tab and remove the ESXi host from the list.

Figure 1- Access

Continue reading →