© 2009 VMware Inc. All rights reserved

Confidential

4.1 New Features: Network

2 Confidential

Network

Receive Side Scaling (RSS) Support Enhancements

• Improvements to RSS support for guests via enhancements to VMXNET3.

Enhanced VM to VM Communication

• Further, inter-VM throughput performance will be improved under conditions where VMs are communicating directly with one another over the same virtual switch on the same ESX/ESXi host (inter-VM traffic).

• This is achieved through networking asynchronous TX processing architecture which enables the leveraging of additional physical CPU cores for processing inter-VM traffic.

• VM – VM throughput improved by 2X, to up to 19 Gbps

10% improvement when going out to physical network

3 Confidential

Other Improvements – Network Performance

NetQueue Support Extension

• NetQueue support is extended to include support for hardware based LRO (large receive off-load) further improving CPU and throughput performance in 10 GE environments.

LRO support

• Large Receive Offload Each packets transmitted causes CPU to react

Lots of small packets received from physical media result in high CPU load

LRO merges packets and transmits them at once

Receive tests indicate 5-30% improvement in throughput

40 - 60% decrease in CPU cost

• Enabled for pNICs Broadcoms bnx2x and Intels Niantic

• Enabled for vNIC vmxnet2 and vmxnet3, but only recent Linux guestOS

3

4 Confidential

IPv6—Progress towards full NIST “Host” Profile Compliance

VI 3 (ESX 3.5)

• IPv6 supported in guests

vSphere 4.0

• IPv6 support for ESX 4

vSphere Client

vCenter

vMotion

IP Storage (iSCSI, NFS) — EXPERIMENTAL

• Not supported for vSphere vCLI, HA, FT, Auto Deploy

vSphere 4.1

• NIST compliance with “Host” Profile (http://www.antd.nist.gov/usgv6/usgv6-v1.pdf)

• Including IPSEC, IKEv2, etc.

• Not supported for vSphere vCLI, HA, FT

5 Confidential

Cisco Nexus 1000V—Planned Enhancements

Easier software upgrade

• In Service Software Upgrade (ISSU) for VSM and VEM

• Binary compatibility

Weighted Fair Queuing (s/w scheduler)

Increased Scalability, inline with vDS scalability

SPAN to and from Port Profile

VLAN pinning to PNIC

Installer app for VSM HA and L3 VEM/VSM communication

Start of EAL4 Common Criteria certification

4094 active VLANs

Scale Port Profiles > 512

Always check with Cisco for latest info.

6 Confidential

Network I/O Control

7 Confidential

• NICs dedicated for some traffic types

e.g. vMotion, IP Storage

• Bandwidth assured by dedicated physical

NICs

Network Traffic Management—Emergence of 10 GigE

FT vMotion NFS

vSwitch

TCP/IP

iSCSI

1GigE pNICs

FT vMotion NFS

vSwitch

TCP/IP

iSCSI

10 GigE pNICs

1GigE10 GigE

• Traffic typically converged to two 10 GigE NICs

• Some traffic types & flows could dominate others through oversubscription

Traffic Types compete.

Who gets what share of the vmnic?

8 Confidential

Traffic Shaping

Features in 4.0/4.1

• vSwitch or vSwitch Port Group Limit outbound traffic

Average bandwidth

Peek bandwidth

Burst Size

• vDS dvPortGroup Ingress/ Egress Traffic Shaping

Average bandwidth

Peak bandwidth

Burst Size

Not optimised for 10 GE

iSCSI

vMotion

COS

VMs

10 Gbit/s NIC

9 Confidential

Traffic Shaping

Traffic Shaping Disadvantages

• Limits are fixed- even if there is bandwidth available it will not be used for other services

• bandwidth cannot be guaranteed without limiting other traffic (like reservations)

• VMware recommended to have separate pNICs for iSCSI/ NFS/ vMotion/ COS to have enough bandwidth available for these traffic types

• Customers don’t want to waste 8-9Gbit/s if this pNIC is dedicated for vMotion Instead of 6 1Gbit pNICs customers might have two 10Gbit pNICs

sharing traffic

Guaranteed bandwidth for vMotion limits bandwidth for other traffic even in the case where there is no vMotion active

• Traffic shaping is only a static way to control traffic

iSCSI

vMotion

COS

VMs

10Gbit/s NIC

unused

unused

10 Confidential

Network I/O Control

Network I/O Control Goals

• Isolation One flow should not dominate others

• Flexible Partitioning Allow isolation and over commitment

Guarantee Service Levels when flows compete

Note: This feature is only available with vDS (Enterprise Plus)

11 Confidential

Overall Design

12 Confidential

Parameters

Limits and Shares

• Limits specify the absolute maximum bandwidth for a flow over a Team Specified in Mbps

Traffic from a given flow will never exceed its specified limit

Egress from ESX host

• Shares specify the relative importance of an egress flow on a vmnic i.e. guaranteed minimum Specified in abstract units, from 1-100

Presets for Low (25 shares), Normal (50 shares), High (100 shares), plus Custom

Bandwidth divided between flows based on their relative shares

• Controls apply to output from ESX host

• Shares apply to a given vmnic

• Limits apply across the team

13 Confidential

Configuration from vSphere Client

e.g. VM traffic in this example: - limited to max of 500 Mbps (aggregate of all VMs) - with minimum of 50/400 of pNIC bandwidth (50/(100+100+50+50+50+50)

vDS only feature!

SharesGuaranteed minimum service level

LimitsMaximum bandwidth for traffic class/type

Preconfigured Traffic Classes

14 Confidential

Resource Management

Shares Normal = 50

Low = 25

High = 100

Custom = any values between 1 and 100

• Default values VM traffic = High (100)

All others = Normal (50)

No limit set

15 Confidential

Implementation

• Each host calculates the shares separately or independantly One host might have only 1Gbit/s NICs while another one has already 10Gbit/s ones

So resulting guaranteed bandwidth is different

• Only outgoing traffic is controlled

• Inter-switch traffic is not controlled, only the pNICs are affected

• Limits are still valid even if the pNIC is opted out

• Scheduler uses a static “Packets-In-Flight” window inFlightPackets: Packets that are actually in flight and in transmit process in the pNIC

Window size is 50 kB

No more than 50 kB are in flight (to the wire) at a given moment

16 Confidential

Excluding a physical NIC

• Physical NICs per hosts can be excluded from Network Resource Management

• Host configuration → Advanced Settings → Net → Net.ResMgmtPnicOptOut

• Will exclude specified NICs from shares calculation, not from limits!

17 Confidential

Results

With QoS in place, performance is less impacted

18 Confidential

Load-Based Teaming

19 Confidential

Current Teaming Policy

• In vSphere 4.0 three policies Port ID

IP hash

MAC Hash

• Disadvantages Static mapping

No load balancing

Could cause unbalanced load on pNICs

Did not differ between pNIC bandwidth

20 Confidential

NIC Teaming Enhancements—Load Based Teaming (LBT)

• LBT invoked if saturation detected on Tx or Rx (>75% mean utilization over 30s period)

• 30 sec period—long period avoids MAC address flapping issues with adjacent physical switches

Note: adjacent physical switch configuration is same as other teaming types (except IP-hash). i.e. same L2 domain

21 Confidential

Load Based Teaming

Initial mapping

• Like PortID Balanced mapping between ports and pNICs

Mapping not based on load (as initially no load existed)

Adjusting the mapping

• Based on time frames; the load on a pNIC during a timeframe is taken into account

• In case load is unbalanced one VM (to be precise: the vSwitch port) will get re-assigned to a different pNIC

Parameters

• Time frames and load threshold Default frame 30 seconds, minimum value 10 seconds

Default load threshold 75%, possible values 0-100

• Both Configurable through command line tool (only for debug purpose - not for customer)

22 Confidential

Load Based Teaming

Advantages

• Dynamic adjustments to load

• Different NIC speeds are taken into account as this is based on % load Can have a mix of 1 Gbit, 10 Gbit and even 100 Mbit NICs

Dependencies

• LBT works independent from other algorithms

• Does not take limits or reservation from traffic shaping or Network I/O Management into account

• Algorithm based on the local host only DRS has to take care of cluster wide balancing

• Implemented on vNetwork Distributed Switch only Edit dvPortGroup to change setting

© 2009 VMware Inc. All rights reserved

Confidential

4.1 New Features: Storage

24 Confidential

NFS & HW iSCSI in vSphere 4.1

Improved NFS performance Up to 15% reduction in CPU cost for both read & write

Up to 15% improvement in Throughput cost for both read & write

Broadcom iSCSI HW Offload Support 89% improvement in CPU read cost!

83% improvement in CPU write cost!

25 Confidential

vSphere Client Plug-In- Ability for seamless switch between multiple backup

appliances- Improved usability and user experience

VMware vSphere 4.1- Improved VSS support for Windows 2008 and

Windows 7: application level quiescing

Destination Storage- Expanded support for DAS, NFS, iSCSI or Fibre

Channel storage plus CIFS shares as destination- Improved deduplication performance

Backup and Recovery Appliance- Support for up to 10 appliances per vCenter

instance to allow protection of up to 1000 VMs- File Level Restore client for Linux VMs

VMware vCenter

VMware Data Recovery: New Capabilities

26 Confidential

ParaVirtual SCSI (PVSCSI)

• We will now support PVSCSI when used with these guest OS: Windows XP (32bit and 64bit)

Vista (32bit and 64bit)

Windows 7 (32bit and 64bit)

/vmimages/floppies

Point the VM Floppy Driver at the .FLP file

When installing press F6 key to read the floppy

27 Confidential

ParaVirtual SCSI

• VM configured with a PVSCSI adapter can be part of an Fault Tolerant cluster.

• PVSCSI adapters already support hot-plugging or hot-unplugging of virtual devices, but the guest OS is not notified of any changes on the SCSI bus. Consequently, any addition/removal of devices need to be followed by a manual

rescan of the bus from within the guest.

28 Confidential

Storage IO Control

29 Confidential

The I/O Sharing Problem

What you see

datastore

online store

data mining

MicrosoftExchange

What you want to see

datastore

online store

data mining

MicrosoftExchange

• Low priority VM can limit I/O bandwidth for high priority VMs • Storage I/O allocation should be in line with VM priorities

30 Confidential

Solution: Storage I/O Control

32GHz 16GB

Datastore A

CPU shares: High

Memory shares: Highonline store

MicrosoftExchange

data mining

CPU shares: Low

Memory shares: Low

CPU shares: High

Memory shares: High

I/O shares: High I/O shares: LowI/O shares: High

31 Confidential

Setting I/O Controls

32 Confidential

Enabling Storage I/O Control

33 Confidential

Enabling Storage I/O Control

• Click the Storage I/O Control ‘Enabled’ checkbox to turn the feature on for that volume.

34 Confidential

Enabling Storage I/O Control

•Clicking on the Advanced button allow you to change the congestion threshold.

• If the latency rises above this value, Storage I/O Control will kick in, and prioritize a VM’s I/O based on its shares value.

35 Confidential

Viewing Configuration Settings

36 Confidential

Allocate I/O Resources

Shares translate into ESX I/O queue slots

• VMs with more shares are allowed to send more I/O’s at a time

• Slot assignment is dynamic, based on VM shares and current load

• Total # of slots available is dynamic, based on level of congestion

I/O’s in flight

STORAGE ARRAY

data mining

online store

MicrosoftExchange

37 Confidential

VMs Host CPU Memory (GB)

Disk Shares

# of DS2 Users

1 1 2 8 500 36

2 1 2 8 500 36

3 2 2 8 750 36

4 2 2 8 750 36

5 3 4 8 4000 50

Experimental Setup

38 Confidential

Without Storage I/O Control (Default)

14%

21%

15%

42%

Performance without Storage IO Control

39 Confidential

With Storage I/O Control (Congestion Threshold: 25ms)

14%8%

22%

500 shares500 shares750 shares750 shares4000 shares

Performance with Storage IO Control

40 Confidential

Storage I/O Control in Action: Example #2

Two Windows VMs running SQL Server on two hosts

• 250 GB data disk, 50 GB log disk

VM1: 500 shares

VM2: 2000 shares

Result: VM2 with higher shares gets more orders/min & lower latency!

Without Storage I/O Control With Storage I/O Control

Orders/ Minute

Processing Time (ms)

Orders/Minute

Processing Time (ms)

VM1(500 Shares)

8800 213 7000 275

VM2(2000 Shares)

8500 220 12400 150

Aggregate 17300 19400

41 Confidential

Step 1: Detect Congestion

Congestion signal: ESX-array response time > threshold

• Default threshold: 35ms

• We will likely recommend different defaults for SSD and SATA

Changing default threshold (not usually recommended)

• Low latency goal: set lower if latency is critical for some VMs

• High throughput goal: set close to IOPS maximization point

Thr

ough

put

(IO

PS

or

MB

/s)

Total Datastore Load (# of IO’s in flight)

No benefit beyond certain load

42 Confidential

Storage I/O Control Internals

•There are two I/O schedulers involved in Storage I/O Control.• The first is the local VM I/O scheduler. This is called SFQ, the start-time fair

queuing scheduler. This scheduler ensures share-based allocation of I/O resources between VMs on a per host basis.

• The second is the distributed I/O scheduler for ESX hosts. This is called PARDA, the Proportional Allocation of Resources for Distributed Storage Access.

•PARDA • carves out the array queue amongst all the VMs which are sending I/O to the

datastore on the array.

• adjusts the per host per datastore queue size (aka LUN queue/device queue) depending on the sum of the per VM shares on the host.

• communicates this adjustment to each ESX via VSI nodes.

•ESX servers also share cluster wide statistics between each other via a stats file

43 Confidential

New VSI Nodes for Storage I/O Control

•ESX 4.1 introduces a number of new VSI nodes for Storage I/O Control purposes:

• A new VSI node per datastore to get/set the latency threshold.

• A new VSI node per datastore to enable/disable PARDA.

• A new maxQueueDepth VSI nodes for /storage/scsifw/devices/* has been introduced which means that each device has a logical queue depth/ slot size parameter that the PARDA scheduler enforces.

44 Confidential

Storage I/O Control Architecture

SFQ

SFQ

SFQ

Host-LevelIssue Queues

Storage Array

Array Queue

Queue lengths varied dynamically

PARDA

PARDA

PARDA

45 Confidential

Requirements

Storage I/O Control

• supported on FC or iSCSI storage. NFS datastores are not supported.

• not supported on datastores with multiple extents.

Array with Automated Storage Tiering capability

• Automated storage tiering is the ability of an array (or group of arrays) to automatically migrate LUNs/volumes or parts of LUNs/volumes to different types of storage media (SSD, FC, SAS, SATA) based on user-set policies and current I/O patterns.

• Before using Storage I/O Control on datastores that are backed by arrays with automated storage tiering capabilities, check the VMware Storage/SAN Compatibility Guide to verify whether your automated tiered storage array has been certified to be compatible with Storage I/O Control

• No special certification is required for arrays that do not have any such automatic migration/tiering feature, including those that provide the ability to manually migrate data between different types of storage media

46 Confidential

Hardware-Assist Storage Operation Formally known as vStorage API for Array Integration

47 Confidential

vStorage APIs for Array Integration (VAAI)

Improves performance by leveraging efficient array-based operations as an alternative to host-based solutions

Three Primitives include: Full Copy – Xcopy like function to offload work to the array

Write Same -Speeds up zeroing out of blocks or writing repeated content

Atomic Test and Set – Alternate means to locking the entire LUN

Helping function such as: Storage vMotion

Provisioning VMs from Template

Improves thin provisioning disk performance

VMFS share storage pool scalability

Notes:

• Requires firmware from Storage Vendors (6 participating)

• supports block based storage only. NFS not yet supported in 4.1

48 Confidential

Array Integration Primitives: Introduction

• Atomic Test & Set (ATS) A mechanism to modify a disk sector to improve the performance of

the ESX when doing metadata updates.

• Clone Blocks/Full Copy/XCOPY Full copy of blocks and ESX is guaranteed to have full space access

to the blocks. Default offloaded clone size is 4MB.

• Zero Blocks/Write Same Write Zeroes. This will address the issue of time falling behind in a

VM when the guest operating system writes to previously unwritten regions of its virtual disk: http://kb.vmware.com/kb/1008284

This primitive will improve MSCS in virtualization environment solutions where we need to zero out the virtual disk.

Default zeroing size is 1MB.

49 Confidential

Hardware Acceleration

All vStorage support will be grouped into one attribute, called "Hardware

Acceleration".

• Not Supported implies one or more Hardware Acceleration primitives failed.

• Unknown implies Hardware Acceleration primitives have not yet been attempted.

50 Confidential

VM Provisioning from Template with Full Copy

• Benefits Reduce installation time

Standardize to ensure efficient management, protection & control

• Challenges Requires a full data copy

100 GB template (10 GB to copy): 5-20 minutes

FT requires additional zeroing of blocks

• Improved Solution Use array’s native copy/clone & zeroing functions

Up to 10-20x speedup in provisioning time

51 Confidential

Storage vMotion with Array Full Copy Function

• Benefits Zero-downtime migration

Eases array maintenance, tiering, load balancing, upgrades, space mgmt

• Challenges Performance impact on host, array, network

Long migration time (0.5 - 2.5 hrs for 100GB VM)

Best practice: use infrequently

• Improved solution Use array’s native copy/clone functionality

52 Confidential

VAAI Speeds Up Storage vMotion - Example

42:27 - 39:12 = 2 Min 21 sec w/out(141 seconds)

33:04 - 32:37 =27 Sec with VAAI

141 sec vs. 27 sec

53 Confidential

Copying Data – Optimized Cloning with VAAI

VMFS directs storage to move data directly• Much less time!

Up to 95% reduction

• Dramatic reduction in load on: Servers Network Storage

Time Server CPU & Memory %

Network Bandwidth

Gb/sec

Storage Load MB/sec

Before VAAIWith VAAI

54 Confidential

Scalable Lock Management

• A number of VMFS operations cause the LUN to temporarily become locked for exclusive write use by one of the ESX nodes, including:

Moving a VM with vMotion

Creating a new VM or deploying a VM from a template

Powering a VM on or off

Creating a template

Creating or deleting a file, including snapshots

• A new VAAI feature, atomic_test_and_set allows the ESX Server to offload the management of the required locks to the storage and avoids locking the entire VMFS file system.

55 Confidential

Atomic Test & Set

Original file locking technique

1. Acquire SCSI reservation

2. Acquire file lock

3. Release SCSI reservation

4. Do work on VMFS file/metadata

5. Release file lock

New file locking technique

1. Acquire ATS lock

2. Acquire file lock

3. Release ATS lock

4. Do work on VMFS file/metadata

5. Release file lock

The main difference with using the ATS lock is that it does not affect the other ESX hosts sharing the datastore

56 Confidential

VMFS Scalability with Atomic Test and Set (ATS)

Makes VMFS more scalable overall, by offloading block locking mechanism

Using Atomic Test and Set (ATS) capability provides an alternate option to use of SCSI reservations to protect the VMFS metadata from being written to by two separate ESX Servers at one time.

Normal VMware Locking (No ATS)

Enhanced VMware Locking (With ATS)

57 Confidential

For more details on VAAI

vSphere 4.1 Documentation also describes use of this features in the ESX Configuration Guide Chapter 9 (pages 124 - 125)

Listed in TOC as “Storage Hardware Acceleration”

Three setting under advanced settings: DataMover.HardwareAcceratedMove - Full Copy

DataMover.HardwareAcceratedInit - Write Same

VMFS3.HarwareAccerated Locking - Atomic Test Set

Additional Collateral planned for release after GA Frequently Asked Questions

Datasheet or webpage content

Partners include: Dell/EQL, EMC, HDS, HP, IBM and NetApp

58 Confidential

Requirements

• The VMFS data mover will not leverage hardware offloads, and will use software data movement instead, in the following cases: If the source and destination VMFS volumes have different block size; in such

situations data movement will fall back to the generic FSDM layer, which will only do software data movement.

If the source file type is RDM and the destination file type is non-RDM (regular file)

If the source VMDK type is eagerzeroedthick and the destination VMDK type is thin.

If either source or destination VMDK is any sort of sparse or hosted format.

If the logical address and/or transfer length in the requested operation are not aligned to the minimum alignment required by the storage device.

59 Confidential

VMFS Data Movement Caveats

VMware supports VAAI primitives on VMFS with multiple LUNs/extents, if they are all on the same array and the array supports offloading.

VMware does not support VAAI primitives on VMFS with multiple LUNs/extents, if they are all on different arrays, but all arrays support offloading.

• HW cloning between arrays (even if it's within the same VMFS volume) won't work, so that would fall back to Software data movement.

© 2009 VMware Inc. All rights reserved

Confidential

vSphere 4.1 New Features: Management

Management related features

61 Confidential

Management – New Features Summary

vCenter

• 32-bit to 64-bit data migration

• Enhanced Scalability

• Faster response time

Update Manager

Host Profile Enhancements

Orchestrator

Active Directory Support (Host and vMA)

VMware Converter

• Hyper-V Import.

• Win08 R2 and Win7 convert

Virtual Serial Port Concentrator

62 Confidential

Scripting & Automation Host Profiles, Orchestrator, vMA, CLI, PowerCLI

63 Confidential

Summary

Host Profiles

VMware Orchestrator

VMware vMA

PowerShell

esxtop

vscsiStats

VMware Tools

64 Confidential

Host Profiles Enhancements

Host Profiles

• Cisco support

• PCI device ordering (support for selecting NICs)

• iSCSI support

• Admin password (setting root password)

Logging on the host

• File is at C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\Logs\PyVmomiServer.log

Config not covered by Host Profiles are:

• Licensing

• vDS policy configuration (however you can do non-policy vDS stuff)

• iSCSI

• Multipathing

65 Confidential

Host Profiles Enhancements

• Lbtd

• Lsassd (Part of AD. See the AD preso)

• Lwiod (Part of AD)

• Netlogond (part of AD)

vSphere 4.0

vSphere 4.1

66 Confidential

Orchestrator Enhancements

• provides a client and server for 64-bit installations, with an optional 32-bit client.

• performance enhancements due to 64-bit installation

67 Confidential

VMware Tools Command Line Utility

• This feature provides an alternative to the VMware Tools control panel (the GUI dialog box)

• The command line based toolbox will allow for administrators to automate the use of the toolbox functionalities by writing their own scripts

68 Confidential

vSphere Management Assistant (vMA)

A convenient place to perform administration

• Virtual Appliance packaged as an OVF Distributed, maintained and supported by VMware

Not included with ESXi – must be downloaded separately

• The environment has the following pre-installed: 64-bit Enterprise Linux OS

VMware Tools

Perl Toolkit

vSphere Command Line Interface (VCLI)

JRE (to run applications built with the vSphere SDK)

VI Fast Pass (authentication service for scripts)

VI Logger (log aggregator)

69 Confidential

vMA

Improvements in 4.1

• Improved authentication capability – Active Directory support

• Transition from RHEL to CentOS

• Security The security hole that exposed clear text passwords on ESX(i) or vCenter hosts when

using vifpinit (vi-fastpass) is fixed

vMA as netdump server

• You can configure ESXi host to get the netcoredump onto a remote server in case of crash or panic.

• Each ESXi must be configured to write the core dump.

70 Confidential

For Tech Partner: VMware CIM API

What it is:

• for developers building management applications. With the VMware CIM APIs, developers can use standards-based CIM-compliant applications to manage ESX/ESXi hosts.

The VMware Common Information Model (CIM) APIs allow you to:

• view VMs and resources using profiles defined by the Storage Management Initiative Specification (SMI-S)

• manage hosts using the System Management Architecture for Server Hardware (SMASH) standard. SMASH profiles allow CIM clients to monitor system health of a managed server.

What’s new in 4.1

• www.vmware.com/support/developer/cim-sdk/4.1/cim_410_releasenotes.html

71 Confidential

vCLI and PowerCLI: primary scripting interfaces

vCLI and PowerCLI built on same API as vSphere Client

• Same authentication (e.g. Active Directory), roles and privileges, event logging

• API is secure, optimized for remote environments, firewall-friendly, standards-based

vSphere Web Service API

vSphere SDK

Otherlanguages

vCLI Other utility

scripts

vSphere Client

vSpherePowerCLI

72 Confidential

vCLI for Administrative and Troubleshooting Tasks

Areas of functionality

• Host Configuration: NTP, SNMP, Remote syslog, ESX conf, Kernel modules, local users

• Storage Configuration: NAS, SAN, iSCSI, vmkfstools, storage pathing, VMFS volume management

• Network Configuration: vSwitches (standard and distributed), physical NICs, Vmkernel NICs, DNS, Routing

• Miscellaneous: Monitoring, File management, VM Management, host backup, restore, and update

vCLI can point to an ESXi host or to vCenter

vMA is a convenient way for accessing vCLI

Remote CLI now run faster in 4.1 relative to 4.0

73 Confidential

Anatomy of a vCLI command

vicfg-nics --server hostname --user username --password mypassword options

Hostname of ESXi host

User defined locally on ESXi host

Run directly on ESXi Host

vicfg-nics --server hostname --user username --password mypassword --vihost hostname options

Hostname of vCenter host

User defined in vCenter (AD)

Run through vCenter

Target ESXi host

74 Confidential

Additional vCLI configuration commands in 4.1

Storage

• esxcli swiscsi session: Manage iSCSI sessions

• esxcli swiscsi nic: Manage iSCSI NICs

• esxcli swiscsi vmknic: List VMkernel NICs available for binding to particular iSCSI adapter

• esxcli swiscsi vmnic: List available uplink adapters for use with a specified iSCSI adapter

• esxcli vaai device: Display information about devices claimed by the VMware VAAI (vStorage APIs for Array Integration) Filter Plugin.

• esxcli corestorage device: List devices or plugins. Used in conjunction with hardware acceleration.

75 Confidential

Additional vCLI commands

Network

• esxcli network: List active connections or list active ARP table entries.

• vicfg-authconfig --server=<ESXi_IP_Adress> --username=root --password '' --authscheme AD --joindomain <ad_domain_name> --adusername=<ad_user_name> --adpassword=<ad_user_password>

Storage

• NFS statistics available in resxtop

VM

• esxcli vms: Forcibly stop VMs that do not respond to normal stop operations, by using kill commands. # esxcli vms vm kill --type <kill_type> --world-id <ID>

• Note: designed to kill VMs in a reliable way (not dependent upon well-behaving system)

• Eliminating one of the most common reasons for wanting to use TSM.

76 Confidential

esxcli - New Namespaces

esxcli has got 3 new namespaces – network, vaai and vms

[root@cs-tse-i132 ~]# esxcli Usage: esxcli [disp options] <namespace> <object> <command> For esxcli help please run esxcli –help Available namespaces: corestorage VMware core storage commands. network VMware networking commands. nmp VMware Native Multipath Plugin (NMP). This is the VMware default implementation of the Pluggable Storage Architecture. swiscsi VMware iSCSI commands. vaai Vaai Namespace containing vaai code. vms Limited Operations on VMs.

77 Confidential

Control VM Operations

# esxcli vms vm Usage: esxcli [disp options] vms vm <command> For esxcli help please run esxcli –help Available commands: kill Used to forcibly kill VMs that are stuck and not responding to normal stop operations.

list List the VMs on this system. This command currently will only list running VMs on the system.

[root@cs-tse-i132 ~]# esxcli vms vm list vSphere Management Assistant (vMA) World ID: 5588 Process ID: 27253 VMX Cartel ID: 5587 UUID: 42 01 a1 98 d6 65 6b e8-79 3b 2a 7c 9d 88 70 05 Display Name: vSphere Management Assistant (vMA) Config File: /vmfs/volumes/4b1e10ed-8ce9ce16-f692-00215e364468/vSphere Management Assistant (vM/vSphere Management Assistant (vM.vmx

78 Confidential

esxtop – Disk Devices View

• Use the ‘u’ option to display ‘Disk Devices’.

• NFS statistics can now be observed.

• Here we are looking at throughput and latency stats for the devices.

79 Confidential

New VAAI Statistics in esxtop (1 of 2)

•There are new fields in esxtop which look at VAAI statistics.

•Each of the three primitives has their own unique set of statistics.

•Toggle VAAI fields (‘O’ and ‘P’) to on for VAAI specific statistics.

80 Confidential

New VAAI Statistics in esxtop (2 of 2)

•The way to track failures is via esxtop or resxtop. Here you'll see CLONE_F, which is clone failures. Similarly, you'll see ATS_F, ZERO_F and so on.

Clone (Move) Ops VMFSLockOps

Zeroing (Init) Ops

Latencies

81 Confidential

esxtop – VM View

• esxtop also provides a mechanism to view VM I/O & latency statistics, even if they reside on NFS.

• The VM with GID 65 (SmallVMOnNAS) above resides on an NFS datastore.

82 Confidential

VSI

# vsish /> cat /vmkModules/nfsclient/mnt/isos/properties mount point information { server name:rhtraining.vmware.com server IP:10.21.64.206 server volume:/mnt/repo/isos UUID:4f125ca5-de4ee74d socketSendSize:270336 socketReceiveSize:131072 reads:7 writes:0 readBytes:92160 writeBytes:0 readTime:404366 writeTime:0 aborts:0 active:0 readOnly:1 isMounted:1 isAccessible:1 unstableWrites:0 unstableNoCommit:0 }

NFS I/O statistics are also available via the VSI nodes

83 Confidential

vm-support enhancements

vm-support now enables user to run 3rd party scripts.

• To make vm-support run such scripts, add the scripts to "/etc/vmware/vm-support/command-files.d" directory and run vm-support.

• The results will be added to the vm-support archive.

Each script that is run will have its own directory which contain output and log files for that script in the vm-support archive.

• These directories are stored in top-level directory "vm-support-commands-output".

84 Confidential

Power CLI

Feature Highlights:

• Easier to customize and extend PowerCLI, especially for reporting Output objects can be customized by adding extra properties

Better readability and less typing in scripts based on Get-View. Each output object has its associated view as nested property. Less typing is required to call Get-View and convert between PowerCLI object IDs and managed object IDs.

• Basic vDS support – moving VMs from/to vDS, adding/removing hosts from/to vDS

• More reporting: new getter cmdlets, new properties added to existing output objects, improvements in Get-Stat.

• Cmdlets for host HBAs

• PowerCLI Cmdlet Reference now documents all output types

• Cmdlets to control host routing tables

• Faster Datastore provider

http://blogs.vmware.com/vipowershell/2010/07/powercli-41-is-out.html

85 Confidential

If you are really really curious….

Additional commands (not supported)

• http://www.petri.co.il/vmware-esxi4-console-secret-commands.htm

86 Confidential

vCenter specific

87 Confidential

vCenter improvement

Better load balancing with improved DRS/DPM algorithm effectiveness

Improved performance at higher vCenter inventory limits – up to 7x higher throughput and up to 75% reduced latency

Improved performance at higher cluster inventory limits – up to 3x higher throughput and up to 60% reduced latency

Faster vCenter startup – around 5 minutes for maximum vCenter inventory size

Better vSphere Client responsiveness, quicker user interaction, and faster user login

Faster host operations and VM operations on standalone hosts – up to 60% reduction in latency

Lower resource usage by vCenter agents by up to 40%

Reduced VM group power-on latency by up to 25%

Faster VM recovery with HA – up to 60% reduction in total recovery time for 1.6x more VMs

88 Confidential

88

Enhanced vCenter Scalability

vSphere 4 vSphere 4.1 RatioVMs per host 320 320 1x

Hosts per cluster 32 32 1x

VMs per cluster 1280 3000 3x

Hosts per VC 300 1000 3x

Registered VMs per VC 4500 15000 3x+

Powered-On VMs per VC 3000 10000 3x

Concurrent VI Clients 30 120 4x

Hosts per DC 100 500 5x

VMs per DC 2500 5000 2x

89 Confidential

vCenter 4.1 install

New option: Managing the RAM of JVM

90 Confidential

vCenter Server: Changing JVM Sizing

• The same change should be visible by launching "Configure Tomcat" from the program menu (Start->Programs->VMware->VMware Tomcat).

91 Confidential

vCenter: Services in Windows

The following are not shown as services

• Licence Reporting manager

92 Confidential

New Alarms

Name Descriptions

Health status monitoringDefault alarm to monitor changes in overall health status. See vCenter Service Status on the Home view for more details.

Host Baseboard Management Controller status

Monitors the status of the Baseboard Management Controller. See the host's Hardware Status Tab for more details.

Host IPMI System Event Log statusMonitors the fullness of the IPMI System Event Log. See the host's Hardware Status Tab for more details.

License user threshold monitoring Default alarm to monitor if a user-defined license threshold is exceeded

Non-VI workload detected on the datastore Default alarm that triggers if a non-VI workload is detected on a datastore

93 Confidential

Predefined Alarms

94 Confidential

Remote Console to VM Formally known as Virtual Serial Port Concentrator

95 Confidential

Overview

• Many customers rely on managing physical hosts by connecting to the target machine over the serial port.

• Physical serial port concentrators are used by such admins to multiplex connections to multiple hosts. Provides a suitable way to remote a VM’s serial port(s) over a network connection,

and supporting a “virtual serial port concentrator” utility.

• Using VMs you lose this functionality and the ability to do remote management using scripted installs and management.

• Virtual Serial Port Concentrator Communicate between VMs and IP-enabled serial devices.

Connect to VM's serial port over the network, using telnet /ssh.

Have this connection uninterrupted during vmotion and other similar events.

96 Confidential

Virtual Serial Port Concentrator

What it is

• Redirect VM serial ports over a

standard network link

• vSPC aggregates traffic from

multiple serial ports onto

one management console.

It behaves similarly as

physical serial port concentrators.

Benefits

• Using a vSPC also allows

network connections to

a VM's serial ports to migrate

seamlessly when the VM is migrated using vMotion

• Management efficiencies

• Lower costs for multi-host management

• Enables 3rd party concentrator integration if required

97 Confidential

Example (using Avocent)

• ACS 6000 Advanced Console Server running as a vSPC.

• There is not a serial port or virtual serial port in the ACS6000 console server.

• ACS6000 console server has a telnet daemon (server) listen to connections coming from ESX.

• ESX will make one telnet connection for each virtual serial port configured to send data to ACS6000 console server.

• The serial daemon will implement the telnet server with support to all telnet extensions implemented by VMware.

98 Confidential

99 Confidential

Configuring Virtual Ports on a VM

100 Confidential

Configuring Virtual Ports on a VM

vSPC, which will act as proxy.

Enables two VMs or a VM and a process on the host tocommunicate as if they were physical machines connected by a serial cable. For example, this can be used for remote debugging on a VM

101 Confidential

Configuring Virtual Ports on a VM

Example (for Avocent):

• Type ACSID://ttySxx in the Port URI, where xx is between 1 to 48. It defines which virtual

serial port from the ACS6000 console server this serial port will connect to.

1 VM 1 port.

ACS6000 has 48 ports only

Type telnet://<IP of Avocent VM>:8801

102 Confidential

Configuring Virtual Ports on a VM

103 Confidential

Configure VM to redirect Console Login

Check your system's serial support

• Check operating system recognizes serial ports in your hardware

• Configure your /etc/inittab to support serial console logins Add the following lines to the /etc/inittab

# Run agetty on COM1/ttyS0

s0:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS0 vt100

104 Confidential

Configure VM to redirect Console Login

• Activate the changes that you made in /etc/inittab# init q

• If you want to be able to login via serial console as the root user, you will need to edit the /etc/securetty configuration file. Add ttyS0 as an entry in the /etc/securetty

consolettyS0 vc/1 vc/2

105 Confidential

Configure serial port as the system console

• Use options in /etc/grub.conf to redirect console output to one of your serial ports Enables you to see all of the bootup and shutdown messages from your terminal.

• The text to add to the config file is highlighted :

106 Confidential

Accessing the Serial Port of the Virtual Machine

• Open a Web connection to the Avocent ACS6000

• Click on the Ports folder and click Serial Ports

• Based on the Serial Port connection configured in the Virtual Machine, you should see Signals of CTS|DSR|CD|RI

107 Confidential

Accessing the Serial Port of the Virtual Machine

•Click in the Serial Viewer link and a console will open

•Enter password of avocent and hit the Enter key to establish the connection

108 Confidential

Performance Monitoring

109 Confidential

UI > Performance > Advanced

• Additional Chart Options in vSphere 4.1 around storage performance statistics: Datastore, Power, Storage adapter & Storage path.

vSphere 4.0 vSphere 4.1

110 Confidential

110

Performance Graphs

• Additional Performance Graph Views added to vSphere 4.1 Host – Datastore, Management Agent, Power, Storage Adapter, Storage Path

VM – Datastore, Power, Virtual Disk

110

111 Confidential

Storage Statistics: vCenter & esxtop

Inventory object

Per Component

Statistic FC/NFS/

iSCSI

vCenter? Esxtop?

Host datastore Throughput, latency

All

Storage adapter

Throughput, latency

FC* Available today

Storage path Throughput, latency

FC* Available today

LUN Throughput, latency

FC, iSCSI** Available today

Available today

VM Datastore Throughput, latency

All

VMDK Throughput, latency

All

Not available in this timeframe: Aggregation at cluster level in vCenter (possible through APIs)

*Network-based storage (NFS, iSCSI) I/O breakdown still being researched

** Not applicable to NFS; datastore is the equivalent

ESXTOP publishes throughput and latency for LUN, if datastore has only one LUN then LUN will be equal datastore

112 Confidential

Volume Stats for NFS Device

113 Confidential

Datastore Activity Per Host

114 Confidential

Other Host Stats

115 Confidential

Datastore Activity per VM

116 Confidential

Virtual Disk Activity per VM

117 Confidential

VMware Update Manager

118 Confidential

Update Manager

Central automated, actionable VI patch compliance management solution

Define, track, and enforce software update compliance for ESX hosts/clusters, 3rd party ESX extensions, Virtual Appliances, VMTools/VM Hardware, online*/offline VMs, templates

Patch notification and recall Cluster level pre-remediation check

analysis and report Framework to support 3rd party IHV/ISV

updates, customizations: mass install, /update of EMC’s PowerPath module

Enhanced compatibility with DPM for cluster level patch operations

Performance and scalability enhancements to match vCenter

119 Confidential

Overview

•vCenter Update Manager enables centralized, automated patch and version management .

•Define, track, and enforce software update compliance and support for :

• ESX/ESXi hosts

• VMs

• Virtual Appliances

• 3rd Party ESX Modules

• Online/Offline VMs, Templates

• Automate and Generate Reports using Update Manager Database Views

ESX/ESXi

VM

Virtual

Applianc

e

VMTool

s

VM

H/W Online/offline ; Templates

VMToolsVM H/W

3rd party extensions

vCenter Update Manager

120 Confidential

Deployment Components

Confidential

VI Client

vCenterServer

UpdateManagerServer

Update Manager Components:1. Update Manager Server + DB2. Update Manager VI Client Plug-in 3. Update Manager Download Service

VirtualizedInfrastructureExternal

Patch Feeds

121 Confidential

New Features in 4.1

Update Manager now provides management of host upgrade packages.

Provisioning, patching, and upgrade support for third-party modules.

Offline bundles.

Recalled patches

Enhanced cluster operation.

Better handling of low bandwidth and high latency network

PowerCLI

Better support for virtual vCenter

122 Confidential

Notifications

• As we have already seen with the notification Schedule, Update Manager 4.1 contacts VMware at regular intervals to download notifications about patch recalls, new fixes and alerts.

• If patches with problems/potential issues are released, these patches are recalled in the metadata and VUM marks them as recalled.

• If you try to install a recalled patch, Update Manager notifies you that the patch is recalled and does not install it on the host.

• If you have already installed such a patch, VUM notifies you that the recalled patch is installed on certain hosts, but does not remove the recalled patch from the host.

• Update Manager also deletes all the recalled patches from the Update Manager patch repository.

• When a patch fixing the problem is released, Update Manager 4.1 downloads the new patch and prompts you to install it.

123 Confidential

Notifications

• Notifications which Update Manager downloads are displayed on the Notifications tab of the Update Manager Administration view.

• An Alarm is Generated and an email sent if the Notification Check Schedule is configured

• Update Manager shows the patch as recalled

124 Confidential

Notifications - Patch Recall Details

125 Confidential

Notifications

• Alarms posted for recalled and fixed Patches

• Recalled Patches are represented by a Flag

126 Confidential

VUM 4.1 Feature - Notification Check Schedule

• By default Update Manager checks for notifications about patch recalls, patch fixes and alerts at certain time intervals.

• Edit Notifications to define the Frequency (hourly, daily, weekly, Monthly) and the Start time ( minutes after hour ), the Interval and the email address of who to Notify for recalled Patches

127 Confidential

VUM 4.1 Feature - ESX Host/Cluster Settings

• When Remediating objects in a cluster with Distributed Power Management (DPM), High Availability (HA), and Fault Tolerance (FT) you should temporarily disable these features for the entire cluster. VUM does not remediate hosts on which these features are enabled.

• When the update completes, VUM restores these features

• These settings become the default failure response. You can specify different settings when you configure individual remediation tasks.

128 Confidential

VUM 4.1 Feature - ESX Host/Cluster Settings

• Update Manager can not remediate hosts where VMs have connected CD/DVD drives.

• CD/DVD drives that are connected to the VMs on a host might prevent the host from entering maintenance mode and interrupt remediation.

• Select Temporarily disable any CD-ROMs that may prevent a host from entering maintenance mode.

129 Confidential

Baselines and Groups

• Baselines might be upgrade, extension or patch baselines. Baselines contain a collection of one or more patches, service packs and bug fixes, extensions or upgrades.

• Baseline groups are assembled from existing baselines and might contain one upgrade baseline per type and one or more patch and extension baselines, or a combination of multiple patch and extension baselines.

• Preconfigured Baselines Hosts – 2 Baselines

VM/VA – 6 Baselines

130 Confidential

Baselines and Groups

• Update Manager 4.1 introduces a new Host Extension Baseline

• Host Extension baselines contain additional software for ESX/ESXi hosts. This additional software might be VMware software or third-party software.

131 Confidential

Patch Download Settings

• Update Manager can download patches and extensions either from the Internet ( vmware.com ) or from a shared repository.

• A new feature of Update Manager 4.1 allows you to import both VMware and Third-party patches manually from a ZIP file, called an Offline Bundle. You download these patches from the Internet or copy them from a media

drive, and then save them as offline bundle ZIP files on a local drive.

• Use the Import Patches to upload to the Update Manager Repository

132 Confidential

Patch Download Settings

• Click Import Patches at the bottom of the Patch Download Sources pane.

• Browse to locate the ZIP file containing the patches you want to import in the Update Manager patch repository.

133 Confidential

Patch Download Settings

• The patches are successfully imported into the Update Manager Patch Repository.

• Use the Search box to filter e.g. ThirdParty

Right Mouse Click Patch and select Show Patch Detail

134 Confidential

VUM 4.1 Feature - Host Upgrade Releases

• You can upgrade the hosts in your environment using Host Upgrade Release Baselines which is a new feature of Update Manager 4.1.

• This feature facilitates faster remediation of hosts by having the Upgrade Release media already uploaded to the VUM Repository. Previously, the media had to be uploaded for each remediation.

• To create a Host Upgrade Release Baseline, download the host upgrade files from vmware.com and then upload them to the Update Manager Repository.

• Each upgrade file that you upload contains information about the target version to which it will upgrade the host.

• Update Manager distinguishes the target release versions and combines the uploaded Host Upgrade files into Host Upgrade Releases.

• A host upgrade release is a combination of host upgrade files, which allows you to upgrade hosts to a particular release.

135 Confidential

VUM 4.1 Feature - Host Upgrade Releases

• You cannot delete an Host Upgrade Release if it is included in a baseline. First delete any Baselines that have the Host Upgrade Release included.

• Update Manager 4.1 supports upgrades from versions ESX 3.0.x and later as well as ESXi 3.5 and later to versions ESX 4.0.x and ESX 4.1.

• The remediation from ESX 4.0 to ESX 4.0.x is a patching operation, while the remediation from ESX 4.0.x to ESX 4.1 is considered an upgrade.

136 Confidential

VUM 4.1 Feature - Host Upgrade Releases

• The Upgrade files that you upload are ISO or ZIP files.

• The file type depends on the host type, host version and on the upgrade that you want to perform.

• The following Table represents the types of the upgrade files that you must upload for upgrading the ESX/ESXi hosts in your environment.

Target ESX/ESXi

Host Version

Source ESX/ESXi Host Version

ESX 4.0.x ESXi 4.0.x ESX 3.x ESXi 3.x

4.0.x N/A N/A ISO Zip

4.1 Zip Zip ISO Zip

137 Confidential

VUM 4.1 Feature - Host Upgrade Releases

• Depending on the files that you upload, host upgrade releases can be partial or complete. Partial upgrade releases are host upgrade releases that do not contain

all of the upgrade files required for an upgrade of both the ESX and ESXi hosts.

Complete upgrade releases are host upgrade releases that contain all of the upgrade files required for an upgrade of both the ESX and ESXi hosts.

• To upgrade all of the ESX/ESXi hosts in your vSphere environment to version 4.1, you must upload all of the files required for this upgrade (three ZIP files and one ISO file): esx-DVD-4.1.0-build_number.iso for ESX 3.x hosts

upgrade-from-ESXi3.5-to-4.1.0.build_number.zip for ESXi 3.x hosts

upgrade-from-ESX-4.0-to-4.1.0-0.0.build_number-release.zip for ESX 4.0.x hosts

upgrade-from-ESXi4.0-to-4.1.0-0.0.build_number-release.zip for ESXi 4.0.x hosts

138 Confidential

VUM 4.1 Feature - Host Upgrade Releases

• You can upgrade multiple ESX/ESXi hosts of different versions simultaneously if you import a complete release bundle.

• You import and manage host upgrade files from the Host Upgrade Releases tab of the Update Manager Administration view.

139 Confidential

VUM 4.1 Feature - Host Upgrade Releases

•Wait until the file upload completes.

• The uploaded Host Upgrade Release files appear in the Imported Upgrade Releases pane as an upgrade release.

139

140 Confidential

VUM 4.1 Feature - Host Upgrade Releases

• Host Upgrade Releases are stored in the <patchStore> location specified in the vci-integrity.xml file in the host_upgrade_packages folder.

• We can use the Update Manager Database View called VUMV_HOST_UPGRADES to locate them.

141 Confidential

Patch Repository

• Patch and extension metadata is kept in the Update Manager Patch Repository.

• You can use the repository to manage patches and extensions, check on new patches and extensions, view patch and extension details, view in which baseline a patch or an extension is included, view the recalled patches and import patches.

141

142 Confidential

Import Offline Patch to Repository

• From the Patch Repository you can include available, recently downloaded patches and extensions in a baseline you select.

• Instead of using a shared repository or the Internet as a patch download source, you can import patches manually by using an offline bundle.

143 Confidential

Notifications

• As we have already seen with the notification Schedule, Update Manager 4.1 contacts VMware at regular intervals to download notifications about patch recalls, new fixes and alerts.

• If patches with problems/potential issues are released, these patches are recalled in the metadata and VUM marks them as recalled.

• If you try to install a recalled patch, Update Manager notifies you that the patch is recalled and does not install it on the host.

• If you have already installed such a patch, VUM notifies you that the recalled patch is installed on certain hosts, but does not remove the recalled patch from the host.

• Update Manager also deletes all the recalled patches from the Update Manager patch repository.

• When a patch fixing the problem is released, Update Manager 4.1 downloads the new patch and prompts you to install it.

144 Confidential

Notifications

• Notifications which Update Manager downloads are displayed on the Notifications tab of the Update Manager Administration view.

• An Alarm is Generated and an email sent if the Notification Check Schedule is configured

• Update Manager shows the patch as recalled

145 Confidential

Notifications - Patch Recall Details

146 Confidential

Notifications

• Alarms posted for recalled and fixed Patches

• Recalled Patches are represented by a Flag

147 Confidential

VMware Converter

148 Confidential

Converter 4.2 (not 4.1)

Physical to VM conversion support for Linux sources including:

• Red Hat Enterprise Linux 2.1, 3.0, 4.0, and 5.0

• SUSE Linux Enterprise Server 8.0, 9.0, 10.0, and 11.0

• Ubuntu 5.x, 6.x, 7.x, and 8.x

Hot cloning improvements to clone any incremental changes to physical machine during the P2V conversion process

Support for converting new third-party image formats including Parallels Desktop VMs, newer versions of Symantec, Acronis, and StorageCraft

Workflow automation enhancements:

• automatic source shutdown, automatic start-up of the destination VM as well as shutting down one or more services at the source and starting up selected services at the destination

Destination disk selection and the ability to specify how the volumes are laid out in the new destination VM

Destination VM configuration, including CPU, memory, and disk controller type

Support for importing powered-off Microsoft Hyper-V R1 and Hyper-V R2 VMs

Support for importing Windows 7 sources

Ability to throttle the data transfer from source to destination based on network bandwidth or CPU

149 Confidential

Converter – Hyper-V Import

Microsoft Hyper-V Import

• Hyper-V can be compared to VMware Server Runs on top of operating system

By default only manageable locally

Up to now import went through P2V inside of the VM

• Converter imports VMs from Hyper-V now as V2V Collects information from the Hyper-V server re VMs

Does not go through Hyper-V administration tools

Uses default Windows methods to access the VM

• Requirements Converter needs administrator credentials to import a VM

Hyper-V must be able to create a network connection to destination ESX host

VM to be imported must be powered off

VM OS must be supported guestOS by vSphere

© 2009 VMware Inc. All rights reserved

Confidential

Implementation Services

Upgrading, Next Steps, etc

151 Confidential

Support Info

VMware Converter plug-in.

• vSphere 4.1 and its updates/patches are the last releases for the VMware Converter plug-in for vSphere Client.

• We will continue to update and support the free Converter Standalone product

VMware Guided Consolidation.

• vSphere 4.1 and its update/patch are the last major releases for VMware Guided Consolidation.

VMware Update Manager: Guest OS patching

• Update Manager 4.1 and its update are the last releases to support scanning and remediation of patches for Windows and Linux guest OS.

• The ability to perform VM operations such as upgrade of VMware Tools and VM hardware will continue to be supported and enhanced.

VMware Consolidated Backup 1.5 U2

• VMware has extended the end of availability timeline for VCB and added VCB support for vSphere 4.1. VMware supports VCB 1.5 U2 for vSphere 4.1 and its update/patch through the end of their lifecycles.

VMware Host Update utility

• No longer used. Use Update Manager or CLI to patch ESX

vSphere Client no longer bundled with ESX/ESXi

• Reduced size by around 160 MB.

152 Confidential

Support Info

VMI Paravirtualized Guest OS support.

• vSphere 4.1 is the last release to support the VMI guest OS paravirtualization interface. For information about migrating VMs that are enabled for VMI so that they can run on future vSphere releases, see Knowledge Base article 1013842.

vSphere Web Access.

• Support is now on best effort basis.

Linux Guest OS Customization.

• vSphere 4.1 is the last release to support customization for these Linux guest OS: RedHat Enterprise Linux (AS/ES) 2.1, RedHat Desktop 3, RedHat Enterprise Linux

(AS/ES) 3.0,

SUSE Linux Enterprise Server 8

Ubuntu 8.04, Ubuntu 8.10, Debian 4.0, Debian 5.0

Microsoft Clustering with Windows 2000 is not supported in vSphere 4.1.

• See the Microsoft Website for additional information.

• Likely due to MSCS with Win2K EOL. Need to double confirm.

153 Confidential

vCenter MUST be hosted on 64-bit Windows OS

• 32-bit OS NOT supported as a host OS with vCenter vSphere 4.1

Why the change?

• Scalability is restricted by the x86 32 bit virtual address space and moving to 64 bit will eliminate this problem

• Reduces dev and QA cycles and resources (faster time to market)

Two Options

1. vCenter in a VM running 64-bit Windows OS

2. vCenter install on a 64-bit Windows OS

Best Practice – Use Option 1

http://kb.vmware.com/kb/1021635

vCenter – Migration to 64-bit

154 Confidential

Data Migration Tool - What is backed up ?

• vCenter LDAP data

Configuration

Port settings

HTTP/S ports

Heartbeat port

Web services HTTP/S ports

LDAP / LDAP SSL ports

Certificates

SSL folder

Database

Bundled SQL Server Express only

Install Data

License folder

155 Confidential

Data Migration Tool - Steps to Backup the Configuration

• Example of the start of the backup.bat command running

156 Confidential

Compatibility

vSphere Client compatibility

• Can use the “same” client to access 4.1, 4.0 and 3.5

vCenter LinkedMode

• vCenter 4.1 and 4.0 can co-exist in Linked Mode

• After both versions of vSphere Client are installed, you can access vCenter linked objects with either client.

• For Linked Mode environments with vCenter 4.0 and vCenter 4.1, you must have vSphere Client 4.0 Update 1 and vSphere Client 4.1.

MS SQL Server

• Unchanged. 4.1, 4.0 U2, 4.0 U1 and 4.0 have identical support

• 32 bit DB is also supported.

157 Confidential

Compatibility

vCenter 4.0 does not support ESX 4.1

• Upgrade vCenter before upgrading ESX

vCenter 4.1 does not support ESX 2.5

• ESX 2.5 has reached the limited/non support status

vCenter 4.1 adds support for ESX 3.0.3 U1

Storage:

• No change in VMFS format

Network

• Distributed Switch 4.1 needs ESX 4.1

• Quiz: how to upgrade?

158 Confidential

Upgrading Distributed Switch

Source:

• Manual. ESX Configuration Guide, see “Upgrade a vDS to a Newer Version”

159 Confidential

Compatibility

View

• Need to upgrade to 4.5

• View 4.0 composer is a 32-bit application, while vCenter 4.1 is 64 bit.

SRM

• need to upgrade to SRM 4.1

• SRM 4.1 supports vSphere 4.0 U1, 4.0 U2 and 3.5 U5

• SRM 4.1 needs vCenter 4.1

• SRM 4.1 needs 64 bit OS. SRM 4.1 adds support for Win08 R2

CapacityIQ

• CapacityIQ 1.0.3 (the current shipping release) is not known to have any issues with VC 4.1 but you need to use a “–NoVersionCheck” flag when registering CIQ with it.

• CapacityIQ 1.0.4 will be released soon to address that.

160 Confidential

Compatibility: Win08 R2

This is for R2, not R1

This is to run the VMware products on Windows, not to host Win08 as Guest OS

• Win08 as guest is supported on 4.0

Minimum vSphere products version to run on Windows 2008 R2:

• vSphere Client 4.1

• vCenter 4.1

• Guest OS Customization for 4.0 and 4.1

• vCenter Update Manager as its server. It is not yet supported for patching Win08 R2. Update Manager also does not patch Win7

• vCenter Converter

• Vmware Orchestrator vCO: Client and Server 4.1

• SRM 4.1

161 Confidential

Known Issues

Full list: https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_vc41_rel_notes.html#sdk

IPv6 Disabled by Default when installing ESXi 4.1.

Hardware iSCSI.

• Broadcom Hardware iSCSI does not support Jumbo Frames or IPv6. Dependent hardware iSCSI does not support iSCSI access to the same LUN when a host uses dependent and independent hardware iSCSI adapters simultaneously.

VM MAC address conflicts

• Each vCenter system has a vCenter instance ID. This ID is a number between 0 and 63 that is randomly generated at installation time but can be reconfigured after installation.

• vCenter uses the vCenter instance ID to generate MAC addresses and UUIDs for VMs. If two vCenter systems have the same vCenter instance ID, they might generate identical MAC addresses for VMs. This can cause conflicts if the VMs are on the same network, leading to packet loss and other problems.

© 2009 VMware Inc. All rights reserved

Confidential

Thank You

I’m sure you are tired too

163 Confidential

Useful references

• http://vsphere-land.com/news/tidbits-on-the-new-vsphere-41-release.html

• ]http://www.petri.co.il/virtualization.htm

• http://www.petri.co.il/vmware-esxi4-console-secret-commands.htm

• http://www.petri.co.il/vmware-data-recovery-backup-and-restore.htm

• http://www.delltechcenter.com/page/VMware+Tech

• http://www.kendrickcoleman.com/index.php?/Tech-Blog/vm-advanced-iso-free-tools-for-advanced-tasks.html

• http://www.ntpro.nl/blog/archives/1461-Storage-Protocol-Choices-Storage-Best-Practices-for-vSphere.html

• http://www.ntpro.nl/blog/archives/1539-vSphere-4.1-Virtual-Serial-Port-Concentrator.html

• http://www.virtuallyghetto.com/2010/07/vsphere-41-is-gift-that-keeps-on-giving.html

• http://www.virtuallyghetto.com/2010/07/script-automate-vaai-configurations-in.html

• http://searchvmware.techtarget.com/tip/0,289483,sid179_gci1516821,00.html

• http://vmware-land.com/esxcfg-help.html

• http://virtualizationreview.com/blogs/everyday-virtualization/2010/07/esxi-hosts-ad-integrated-security-gotcha.aspx

• http://www.MS.com/licensing/about-licensing/client-access-license.aspx#tab=2

• http://www.MSvolumelicensing.com/userights/ProductPage.aspx?pid=348