Getting started with the vCSA 6.x – Part 2

30/07/2017

In the previous post we started to unravel the vCSA and discussed topics like the Appliance shell, the file system and the services. In this post we will continue with the vCSA Health.

Health

Knowing the health of your system is important. Like the Windows vCenter Server, the vCSA is also able to report its health. Most common is using the vSphere Web Client and from the main menu, choose: System Configuration and watch the “Service Health” pane. Detailed information can be found by clicking on the various Services.

Figure 1

However, from the Appliance shell, the following API command will also inform you”

Command> system.health.get

If everything is OK, it will report; Health: green

In the Bash shell, you can browse to the folder: /etc/vmware-sca/health/.
On a vCSA 6.0, you will find two files with health status information:

vmware-vpxd-health-status.xml
vmware-postgres-health-status.xml

On a vCSA 6.5, you will only find the first file.

Logging

When it comes to logging and support bundles, you will most probably use the vSphere Web Client or VMware Loginsight. In case you want to know where the log files are actually stored, VMware followed the general rule for all things Unix/Linux. Start in the well-known /var/log folder. Here you will find the common Linux log files.

The folder  /var/log/vmware, a symbolic link to /storage/log/vmware is the starting point for the vCSA specific log files. Here you will find a sub-folder for each service running on the vCSA, e.g.
/var/log/vmware/vpxd.

Database

One of the most important parts of the vCSA is the embedded vPostgres database. vPostgres is a VMware tweaked version of the well know PostgreSQL database. If you’re looking for more information about the nuts and bolts of PostgreSQL, the official documentation is a good starting point: https://www.postgresql.org/docs/9.3/static/

VMware employee Adam Eckerle wrote an interesting three-part blog post about vPostgres and the vCSA, the links are here, one, two and three.

One of the most important parts of a DBMS is the configuration files. For vPostgres these can be found in the following folder: /storage/db/vpostgres/

If you want to interact with the vPostgres database yourself, you can start with this KB “Interacting with the vCenter Server Appliance 6.5 embedded vPostgres Database (2147285)

Note: Although this post covers vPostgres on a Windows based vCenter Server and it is fully unsupported, the idea certainly is original.

A vCenter Server, whether it be a Windows based or an appliance, is a precious item, so backup and restore is really important. If you are not sure if your backup method of the vCenter Server is supported, start reading VMware KB “Overview of Backup and Restore options in vCenter Server 6.x (2149237)”.

VMware KB “Back up and restore vCenter Server Appliance/vCenter Server 6.0 vPostgres database (2091961)” presents more information when using a not supported method.

vCenter Server Appliance version 6.5 has many new features, one of these is the built-in native file-based backup and restore. For more information and links to the Walkthroughs, see this post.

Some more reading about vPostgres, although the first post is based on the Windows version, you will find some useful information.

http://www.virtually-limitless.com/vsphere-6-0/interacting-with-the-vpostgres-database-in-vsphere-6-0/

https://nilic.github.io/2015/03/21/exploring-vcsa-embedded-postgresql-database/

Extra tools

The VCSA has two hidden gems. The first one is a tool named “VIMtop” and can best be described as ESXtop de luxe for the VCSA. VIMtop has three views; Processes, Networks and Disks.

VIMtop can be started from both shells.

Figure 2

For a deep dive, a description of all metrics and the keyboard shortcuts, see this post by William Lam.
vCSA 6.5 comes with a newer version (0.9) of this tool.

The other tool is “pgtop”, a plug-in that can be used to monitor the vPostgres database. As it’s a plug-in, you can only start pgtop from the appliance shell.

Figure 3

At first glance pgtop shows information about the vPostgres processes, similar to what you see in VIMtop. However there are a few interesting options that can be explored by pressing just a few keys, for example:

  • Toggle the “c” key to see the current commands and queries.
  • After pressing the “L” you can find out which locks are held by one of the processes.

Pressing the “h” key presents an overview of all available single-character commands.

Finally

I hope these posts were helpful to get you more comfortable with the vCSA. One final tip (as it happened to me a few times in my home lab), if you ever lose the root password and need to reset the vCSA, see this useful VMware KB “ Reset root account, Unable to log in to the root account of vCenter Server Appliance (2069041).


Getting started with the vCSA 6.x – Part 1

12/07/2017

The vCenter Server Appliance is the new vCenter Server. In the old days, we had a brand new Windows Server on which the vCenter Server was installed. The necessary database server was quite often an external MS SQL database and sometimes an internal database. In the those days, tweaking the Windows Server and the installed components was more or less a common practice, due to the familiarity with Windows.

But now the vCenter Server Appliance (vCSA) is the new and preferred standard. The vCSA comes as a virtual appliance and is ready to run within minutes compared to the old vCenter Server. Although a (virtual) appliance still means; (virtual) hardware, an operating system, middleware and applications, VMware likes to treat the vCSA as a “black box”. Like most appliances, the operating system is a Linux flavor and you can log in. After a successful log in, you will encounter the first discouragement; you are not welcomed by a Bash shell but with the default “Appliance Shell”. For more information read my post on the vCSA shells.
In this post, a brief introduction on the following topics; Appliance shell, File system and the Services.

Read the rest of this entry »


Get-ClusterRules

16/06/2017

I recently encountered an interesting question, maybe not the one you will see every day. A vCenter Center server runs a large number of Clusters; the VMs on those clusters are controlled by a considerable number of DRS rules. The question that raised; “How do we know if the DRS rules we once designed are still in place?” In the course of time, rules can be disabled, VM or Host groups does not match any more. Trying to answer this question by going through the vCenter Server configuration is not the way to go.

Thankfully, the VMware PowerCLI contains a useful Cmdlet Get-DrsRule that enables you to create a dump of the configured rules for each cluster. This makes checking your configuration a lot easier.

But there is another thing, now we know about the configuration, but what do we know about the actual situation? For instance, VM to Host affinity has “should” and “must” rules, but to what extent is a “should” rule fulfilled?

So time to create a PowerShell script which performs the following tasks; for each Cluster within a vCenter Server, a dump of the configured DRS rule is made. The second part of the script determines on which host a VM is running and compares it to the configured rules. The script will also report if a DRS rule is disabled and displays the power state of each VM. You will probably worry less about a powered down VM.

The script can be found here on GitHub.

I am aware that the script and my programming skills are far from perfect, so expect updated versions in the future.


vCSA how to disable IPv6?

18/04/2017

For me it was already a common practice to disable IPv6 on ESXi hosts, but until recently I did not realize that vCenter Server can also benefit from it. For vCenter Server on Windows, you reconfigure the Windows network configuration. But how do you disable IPv6 on the vCSA?

I recently found that a vCSA 6.0 has at least three options to reconfigure the network settings. But only one option enables you to disable IPv6.

Using a web browser you can log in to the vCSA Web console by entering URL: https: //<vCSA hostname or IP address>:5480

From there go to Networking, under Networking Interfaces, choose Edit to open the “Edit IP Configuration” window. Here you can configure IPv4 and IPv6 and disable IPv4, but no option to disable IPv6.

Fig.1

Read the rest of this entry »


vCSA default shell is BASH

14/04/2017

A quick post about a little caveat while working in the vCenter Server Appliance (vCSA) shells. Yes correctly, shells in plural. The vCSA is bundled with at least two different shells:

  • Appliance Shell (default)
  • BASH shell

The “Appliance shell” is the default shell. After you log in to the vCSA, it will present the following well known screen.
Fig 1.

The appliance shell can be used for updating the vCSA, using the software-packages command and has some other use cases. From here you can enable the BASH shell as shown in the Fig 1. for the duration of your session with the following commands:

# shell.set --en -s /bin/bash root
# chsh -s /bin/bash root

You can also set the BASH shell as the default shell by performing the following command. Make sure, you first enable the BASH shell as shown above:

# chsh -s /bin/bash root

For the change to take effect, log out and log in again. Now you will directly enter the BASH shell.

But while working in the BASH shell, you need to temporarily switch to the Appliance shell?
In that case, provide the following command:

# appliancesh

That’s it. A shell is nothing more or less than an executable; the “Appliance shell” is no exception and can be found as /bin/appliancesh.

For more information, see: VMware KB “Toggling the vCenter Server Appliance 6.x default shell (2100508)


Best way to create vCSA support bundles

09/04/2017

In general, during contact with a Customer Support team, whether being a Hardware vendor (Servers, Storage) or a Software vendor, the likelihood that you will be asked to upload some log files for further investigation is significantly.

In case of VMware vSphere, you will have multiple options for collecting a support bundle; to name a few:

  • Windows vSphere Client
  • vSphere Web Client
  • PowerShell scripts

See also VMware KB “Collecting diagnostic information for VMware vCenter Server 4.x, 5.x and 6.x (1011641)” for a complete overview.

Using some of these methods is very convenient; however there is a little caveat, when the vCenter Server is a vCenter Server Appliance (vCSA) 6.x.

Under certain conditions, a vCSA might contain core dump files. When requested to create a support bundle these core dump files will be added to the support bundle, together with the log files. The issue that may arise is that the location where the support bundle will be created (partition /storage/log) has a fixed size and possibly is too small.

Is that is the case, the creation of the support bundle will halt with error “Cannot create a diagnostic bundle” and the desired support bundle will not be created.

VMware recommendation is to create and download a support bundle using the web browser. To do so enter the following URL:
https ://<VCSA Hostname or IP address>/appliance/support-bundle

Fig 1

After providing the credentials, the support-bundle (filename is: vm-support.tgz) will start downloading. The progress of the process will be shown in the browser.

Using this method, the files will be directly downloaded to your local computer, instead of being prepared on the vCSA.

As always, I thank you for reading.


Check_MK and vSphere – ESXi

14/08/2016

This post is the second part in a series about Check_MK monitor and vSphere. In the first part Check_MK was introduced and some basic Installation and Configuration was explained.

According to the documentation, for monitoring VMware ESXi and vCenter Server, Check_MK has implemented a plugin that uses the vSphere API for retrieving information. This plugin is much more efficient than versions based on the Perl API.

So let’s start and see what can be revealed. To get a clear understanding of the various options, I will perform a step-by-step configuration instead of ticking all options at once.

The first step is to go into WATO and add an ESXi host. Under WATO, choose, Hosts and New Host.

2016-08-10-01Figure 1

You must at least enter the Hostname and an IP address, the Alias is optional. Under Agent Type place a tick and select “No Agent”.

At this time, the result is not very exciting; the ESXi host will be pinged.

2016-08-10-02Figure 2

Read the rest of this entry »