Thursday, June 30, 2011

HA and DRS Best Practices

It has been quite a while since my last post, that’s because I was wrapping up my studies to take 70-649 Microsoft exam, it’s intent for the ones upgrading their MCSE to the new Microsoft Titles as MCTS and MCITP

I know I’m a “little” behind the schedule, but so much to learn on so many areas…anyway, first step has been taken. I passed !!

But that’s not I want to talk about on this post.

Do you remember when I wrote about the Vmware Vsphere HA and DRS Technical deepdive book ?

It has happen that Alan Renouf, owner of the web site has created a script that queries your cluster and compare it to the best practices presented by the book and provide recommendations.

Be aware, the recommendations are based on book's best practices and despite the fact it has been written for some skilled guys there's not size that fits all.
So, the idea is to learn the details, understand your environment and if it’s the case, fix them.

At least it’s a wonderful tool to document your environment.

How to use. (dont need to mention to download the script, right)
- Start vSphere PowerCli
- Run the script from the powercli console
- Fill the fields with your Virtual Center Name, your ID, password and the location to safe your report

- Then click Connect

In a few seconds the report will open, as you can see bellow there are so many cool details.

I recommend a try

Thursday, June 16, 2011

Update Manager not working after June 01st.

Probably you guys are aware of VMWARE KB1030001, which states:
“To continue applying patches on ESX 3.5 hosts, the secure key needs to be updated before June 1, 2011. This patch updates the secure key.”

As state on the KB you need to install the patch ESX350-201012410-BG.

That’s OK so far, but, it was not clear, at least for me, how your environment will behavior in this situation: will it provide a clear message about the requirement, will just the patches released after June 01st be affected ?

I’ll try to answers these questions and how to solve it.

First, you will not be able to even scan your host, so it will affect not only the new patches but the entirely Update Manager functionality.
Second, it will not give you a clear message about this issue. Instead you get an general error, like:
“VMware vCenter Update Manager had an unknown error. Check the Tasks and Events tab and log files for details.”

It does not help much, right ?

To get the confirmation about this error is being caused by the secure keys you need to check the update manager log. (/var/log/vmware/esxupdate.log)
There you will find detailed description as bellow:
- Integrity Error!
- keyExpired

Now that you are sure about the cause, let’s see how to fix it

At this point you are unable to use Update Manager on this host, so will need to manually update the new secure keys.

Download ESX350-201012410-BG.

As you can see there’s a dependency patch called ESX350-201012404-BG.
If your host does not have it installed already, download it as well.

Unzip the packets and copy them to your destination host.
Log on the host through the console or a SSH session.
Navigate to the folder where you copied the patches to be installed and run the following command:
esxupdate--noreboot--nosig update

Again, if you don’t have ESX350-201012404-BG installed you will need to install it before you proceed with ESX350-201012410-BG.

Both patches don’t require a reboot of your host.

After the installation you should be able to use Update Manager to scan and patch your host.

Piece of Cake, right ; )

Thursday, June 9, 2011

VMFS Version – VMWARE Datastore

Do you know the LUNs on your environment might have different versions ?

Yeah, that’s true!!
To check tha LUN version, on the configuration tab, select the Storage option and click on the desired LUN.

On Datastore Details, you will see it’s VMFS version

So, why did it happen ?

VMFS version depends on the version of your ESX host by the time when you last formatted the LUN.

• ESX 3.0.0 is provided with 3.21 (initial release)
• ESX 3.5.0 is provided with 3.31
• vSphere (ESX 4.0) is provided with 3.33
• vSphere (ESX 4.1) is provided with 3.46

Now you might be wondering, Does the version of my VMFS impact any new feature or performance ?
The answer is NO. Features and enhacements are implemented at the system drivers level.

But if your environment is standing long enough, since ESX 2 days, you might have one or two LUNs formatted with VMFS2, but you would probably notice that a long time ago.

If you have a mixed environment with ESX with different versions, my advice is to always format new LUNs using the host with your latest version, that way the LUN will be created on the latest version. Would not hurt, right ; )

Now if you are a kind o control freak and want all your LUNs at the same and latest level the only way to upgrade it is deleting the LUN and creating it again.
Make sure to move your data to another LUN before delete it.

If you want more details VMware has a KB about it: KB1005325

Thursday, June 2, 2011

ESX Active Directory Integration 2/2

On my last post we talked about the AD integration with ESX 3.5.
Now it’s time to cover it under the new ESX version, vSphere 4.1

Instead of having to create local users on your hosts and configure LPAD direction you can make your ESX 4.x member of the domain. That’s right. It’s a new functionality for ESX 4.x, you can actually make your ESX host a member of the domain and setup privileges based on the AD users and groups.

Just for the record, ESX make is possible through Likewise.

Because I don’t like to reinvent the wheel, I will not describe here all the steps to configure it, I’m pretty sure if you do a google search you will find a lot of references on how to accomplish that, So I will show will this video that covers all the aspects on how to configure it.

If you want to know more check it out.
Have fun

Who am I

My photo
I’m an IT specialist with over 15 years of experience, working from IT infrastructure to management products, troubleshooting and project management skills from medium to large environments. Nowadays I'm working for VMware as a Consulting Architect, helping customers to embrace the Cloud Era and make them successfully on their journey. Despite the fact I'm a VMware employee these postings reflect my own opinion and do not represents VMware's position, strategies or opinions. Reach me at @dumeirell

Most Viewed Posts

Blog Archive