Category vSphere

Oh, well hey there! OMG ITS VMWORLD! Hey guys! I bet you’re wondering WTF I’m talking about! It’s okay. Some of you were expecting this, or are saying, “Finally… I mean, Cisco has validated Designs, and they’ve been doing those technical design guides for DECADES…” But I digress… I mean because VMware hasn’t been half shabby with their NUMEROUS whitepapers on every single topic under the sun for application supportability, capability, design, you name it!

OMG SO WHAT DOES THIS MEAN?!

Alright, alright calm down…

The VMware Validated Designs now provide a Blue print for the whole data center instead of merely being an infinite series of reference architecture, Best Practices, and Guides based upon products in a bubble! 

How does this differ from a validated architecture like VSPEX?

How this differs from a validated architecture is that an architecture will often be presented as ‘IM A VENDOR BUY MY STUFF’ whereas a design basically sets the table that, “Here’s a design… buy whoseever stuff or whatever things you want! (obviously ensure its on the HCL :))”   I hear this come up a lot with friends, partners, colleagues, customers and the best initial comparison I can think of comes to having a house built, a design truly becomes the blueprint for your home.  You pay an architect to produce that and you can then take that deliverable anywhere and have it be built, whereas in the technical sense an validated architecture is like track housing.  You can have it look and feel any way you want, as long as its one of these THREE options.   So you can pick and choose which framework or model works best for you, they’re not mutually exclusive and you can layer the capabilities of one atop the other.   Also consider, HEY you can use this to apply the principles to your existing implementation to see what you might do to improve it!

OMG ARE YOU SAYING ITS WIN WIN?! Yes. I am. But I won’t use those words. You chose to use them. :)

Today there are a few VMware Validated Designs which have been released (with more to come)

• The VMware® Software-Defined Data Center Foundation
• Automated Provisioning with the VMware® Software-Defined Data Center – Single Region

And as an added bonus, VMware has ALSO just announced “Feature Walkthroughs”

What’s cool about the Walkthroughs is that it breaks down various business and technical elements of the VMware portfolio AND has direct links to take you to the hands on labs, so a little for the business and a little for the technical!  It’s a nice bit of fun all packaged up together! :)

For deeper insight into VMware Validated Designs, check out Felicia Jadczak’s post on the CTO Forum,  Introducing VMware Validated Designs

Enjoy! This is just a SMALL portion of things to be announced this week at #VMworld! <3

So you ever been in that situation where you either see a message like,

“Number of active connections has changed. There are now 2 active connections to this console”

Or…

“Unable to connect to the MKS: Console access to the virtual machine cannot be granted since the connection limit of ‘x’ has been reached.”  (This second one is most likely to come up when you have either a STIG or security defined limitation to the number of remote connections to use, thus by default you’re more likely to see message #1!)

Well, the question is… What do you do in these circumstances? You might ask yourself, “Damnit! Who is the other person connected!”   When looking for this answer you may come across responses in the forums such as:

• Just use tsadmin to login to the server to see who else is logged in
• Great if you’re on windows, but that doesn’t tell you show OWNS the SESSION
• ssh into the box to see who else is logged in
• Wow it’s like you’re not getting it. What if they’re not logged in, but simply sitting at the login prompt? I hear fail…
• Use arbitrary application to arbitrarily see who is logged in!
• Okay, seriously? (Yes I’ve seen NUMEROUS responses like this, which refer to lots of applications, and don’t solve the problem…)

Well, guess what, I don’t like these answers, which prompted me to write this blog post, thus I’ll show you how to do it via the GUI (Very Easy…) and also via PowerCLI because we love PowerCLI! Disclaimer: I do not show how to do this using the VMware Web Client, because I personally hate the web client, so if you’d like to document that part, go for it. :)

Checking for Remote console connected in the GUI!

So within the handy GUI from within a Virtual Machine (In this context I use the UI VM for vCOPS…) Just click on the “Tasks & Events” tab and you’ll notice the entry below, “Remote console connected” looking at the timestamp you’ll be able to note which user it was which connected and at what time.  Thus if this user doesn’t need to be logged into the console you can go kill their session as needed. Easy Peasy, right?! :)

Checking for Remote console connected using PowerCLI!!!

This one is just as easy if not easier, especially if you want to modify this script ultimately to query lots of objects, or you can even modify it to see which particular sessions a particular user has opened, that is outside the scope of THIS blog post, but nonetheless, here is the syntax!

Get-VM %VMNAME% | Get-VIEvent | Where {$_.Gettype().Name -eq "VMRemoteConsoleConnectedEvent"} | Select UserName, CreatedTime, FullFormattedMessage

What you have here is a Get-VM looking at a specific Virtual Machine (You supply) then it will pull up from that VM or VMs the Remote Console Connected event, After which point PowerCLI will dump the results of the Username connected, what time they did, and the FullFormattedMessage (Which I mainly have in there for errorchecking, you can omit if you’d like)

But lo and behold, BOOM you’re done! Hopefully this was easy for you, if you’d like there are a lot of VERY long and VERY complex scripts which do the EXACT same thing, but you know how I feel about One-Liners. :)

Good luck and stay Physical, VIRTUAL I MEAN VIRTUAL, OMG!

You’re not new to Virtualization, this isn’t your first VMware rodeo, but you find yourself starting to question… OMG DO I HAVE VMFS3 DATASTORES STEATHILY HIDING IN MY SYSTEM?! I mean you do your due diligence, you check and confirm that it says VMFS5 and that it has a 1MB (Universal) block size, but yet… you’re still not sure… Hell, you might even be saying WTF? 1MB BLOCK SIZES? WTFS?!  Well, hopefully this helps break through some of the barriers to not only identify whether you have VMFS3 datastores period, whether they’re actually stealthily hiding!

What’s the big deal with upgrading VMFS3 to VMFS5?

Yea, you read the VMware documentation like this; How VMFS5 Differs from VMFS3 – Basically by reading that you come to the conclusion of ITS EASY, JUST DO IT, YAY!  But to quote Jason Corbett @NGTJason “migrate > upgrade”

Why exactly though? I mean if you read what Cormac Hogan @VMwareStorage wrote so long ago vSphere 5.0 Storage Features Part 1 – VMFS-5 you might be pressured to believe that it’s all good, caveats aside that your VMFS5 upgraded datastores will rock out just like VMFS3, but take a gander at Jason Boche @JasonBoche VMFS-5 VMFS-3, What’s the Deal?

Differences between upgraded and newly created VMFS-5 datastores:

VMFS-5 upgraded from VMFS-3 continues to use the previous file block size which may be larger than the unified 1MB file block size. Copy operations between datastores with different block sizes won’t be able to leverage VAAI.  This is the primary reason I would recommend the creation of new VMFS-5 datastores and migrating virtual machines to new VMFS-5 datastores rather than performing in place upgrades of VMFS-3 datastores.
VMFS-5 upgraded from VMFS-3 continues to use 64KB sub-blocks and not new 8K sub-blocks.
VMFS-5 upgraded from VMFS-3 continues to have a file limit of 30,720 rather than the new file limit of > 100,000 for newly created VMFS-5.
VMFS-5 upgraded from VMFS-3 continues to use MBR (Master Boot Record) partition type; when the VMFS-5 volume is grown above 2TB, it automatically switches from MBR to GPT (GUID Partition Table) without impact to the running VMs.
VMFS-5 upgraded from VMFS-3 will continue to have a partition starting on sector 128; newly created VMFS-5 partitions start at sector 2,048.

I THINK I HAVE VMFS3 VOLUMES HOW DO I TELL, OMG WHAT IS THAT BURNING SENSATION

Hey, calm down, calm down… I think we can solve this problem pretty easily! And if the burning sensation continues, get that checked out!

I don’t know about you, you might have 1 vCenter, 3 Servers and a handful of Datastores. I have thousands… of EACH, so I needed something to do my scans and checks at scale with PowerCLI because I’m a baller, and apparently I pull that off rather well. :)

Methods of detecting whether you have VMFS3, VMFS3 upgraded to VMFS5 or otherwise mismatched sets..

• Block Size is greater than 1MB
• Partition type is msdos instead of gpt (*Detected by checking whether the StartSector is 128 instead of 2048)
• And of course, your VMFS version is VMFS3 or 3.46

But wait, didn’t you say above that partition types will change from MSDOS to GPT if they’re expanded? Doesn’t that make tracking harder? Yes.

Let’s get our PowerCLI on so we can crack this nut!

Get-Datastore | Get-View | Select-Object Name,@{N="VMFS version";E={$_.Info.Vmfs.Version}},@{N="BlocksizeMB";E={$_.Info.Vmfs.BlockSizeMB}}
// To check VMFS version & block sizes – Really useful to just check in general that your version is 5.54 and your blocksize is 1MB though if you VMFS3->5 In-place upgrade when VMFS3 was 1MB, this won’t reveal itself to you

Get-Datastore | Get-View | Where {$_.Info.Vmfs.Version –eq “3.46”} | Where {$_.Info.Vmfs.BlockSizeMB -eq "1"} | Select-Object Name,@{N="VMFS version";E={$_.Info.Vmfs.Version}},@{N="BlocksizeMB";E={$_.Info.Vmfs.BlockSizeMB}}
// To Check VMFS Version and Block Sizes but only listing mismatches you specify  – so if you want to see if you specifically have any 3.46 VMFS and various block sizes

Busting out the mad $esxcli syntax!

This is where we start to get real. The following examples are simple ‘one-liners’ which are cute and all if you’re checking one host, but I also give you one which will scan EVERYTHING so you can just sit back and bask in the glow of figuring out WTF IS GOING ON WITH THIS BURNING, HELP HELP HELP!

$esxcli.storage.core.device.partition.list() | Select Device, StartSector
// Dumps all Offsets – This can be useful if you want to see a lot of data… but less so if you’re looking for something specific…

$esxcli.storage.core.device.partition.list() | group-Object -Property Device | Where {$_.StartSector –eq “128”} | Select Device, StartSector
// Dumps only offsets which "equal" a startsector, in this case 128 – Now we’re cooking with oil, a StartSector of 128 leans on a datastore being VMFS3 or VMFS5 which had been upgraded from VMFS3

$esxcli.storage.core.device.partition.list() | Where {$_.StartSector -eq "128"} | Select Device, StartSector
// This will dump all of your partitions which have a starting offset of 128, same as above but shorter

Script me baby one more time!

OMG YOU JUST MADE A HORRIBLY DATED REFERENCE TO BRITNEY SPEARS. For what its worth, I believe she did some scripting in her days…   The scenarios below will just ‘do it’ based upon whatever hosts you connected to with Connect-VIServer, obviously the difference being ‘comments’ or not.

foreach ($myHost in get-VMHost)
#This tells the system to do a run the command against all "VMHosts" that you have defined as part of your Connect-VIServer
{
    Write-Host ‘$myHost = ‘ $myHost
    #Display the ESXi Host that it is operating against, helps if you’re scanning multiple vCenters
    $esxcli = Get-EsxCli -VMHost $myHost
    #This sets the syntax and the context for the Get-EsxCli command to operate, a requirement for running $esxcli.Commands
    $esxcli.storage.core.device.partition.list() |
    #Use Get-EsxCli to list the core storage devices
    Where {$_.StartSector -eq "128"} |
    #This specifies we’re only looking for partitions which have a StartSector of 128, which could mean either VMFS3 or VMFS3 upgraded to VMFS5 Datastores
    Select Device, StartSector
    #When all is said and done, it’s nice to see it in a ‘pretty’ format to see what work you need to do!
}

Without Comments

foreach ($myHost in get-VMHost)
{
    Write-Host ‘$myHost = ‘ $myHost
    $esxcli = Get-EsxCli -VMHost $myHost
    $esxcli.storage.core.device.partition.list() |
    Where {$_.StartSector -eq "128"} |
    Select Device, StartSector
}

Now technically you could use partedUtil but that’s a pain in the ass.  – But for the sake of continuity here is the syntax/results!

~ # partedUtil getptbl "/vmfs/devices/disks/naa.60a98000646e4f4b475a6a4975422d66"
msdos
261083 255 63 4194304000
1 128 4194298394 251 0
~ # partedUtil getptbl "/vmfs/devices/disks/naa.60a98000646e4f4b475a70516f34416f"
gpt
534698 255 63 8589934592
1 2048 8589934558 AA31E02A400F11DB9590000C2911D1B8 vmfs 0
~ #

So in case you’re wondering if the script is working properly you should end up with results similar to this below;

Results:
$myHost =  103.domain.local

Device                                                      StartSector
——                                                      ———–
naa.60a98000323764703424434e6246775a                        128
$myHost =  102.domain.local
naa.60a98000323764703424434e6246775a                        128
$myHost =  101.domain.local
naa.60a98000323764703424434e6246775a                        128
$myHost =  037.domain.local

And that is basically all it takes! This hopefully should give you the fuel you need to scan your environment with minimal effort and identify any VMFS3 datastores so you can clean that stuff up and MIGRATE!  I discovered a bunch of them which aren’t so kind, and what ensues is massive migrations!

Good luck out there! and if you can find some good way to hack esxcli to ALSO have it then correlate that data to what the datastore name is… I FAILED :)

So I hadn’t touched PowerCLI in a long while (Hey, I hadn’t touched the CONSOLE OF ANYTHING near production after having been in management for so long!   So, the first thing I decided to do was, “Well, what data is important to me… and what will make my life easier!”   Below you’ll see examples of some of those very scenarios, One-Liners and collections of data points! If you haven’t worked with PowerCLI this is a good way to get started.  I’ll also explain WTF I did and why, so you have some good logic and reasoning behind why to use some of these measures!  Also if you happen to have any really cool one-liners and scripts you’ve used, feel free to toss them into the comments!

Let’s start with … Well, getting started!

Launch PowerCLI CMDLine as an elevated user (This is especially important if you have a different administrative acct than your login)

Connect-VIServer

// You can paste in all of the vCenter Names in order to execute a ‘command’ against all of them.

Example, You can simply launch Connect-VIServer, hit enter and then paste a list of vCenters to connect to.  This is especially important if you happen to be managing more than one vCenter.

Get-VMHost | Get-VMHostNetwork | Select Hostname, VMKernelGateway -ExpandProperty VirtualNic | Where {$_.ManagementTrafficEnabled} | Select Hostname, PortGroupName, IP, SubnetMask

// This will then dump the ESXi Hostnames, IPs and Subnets – For the Management Network

Get-VMHost | Get-VMHostNetwork | Select Hostname, VMKernelGateway -ExpandProperty VirtualNic | Where {$_.vMotionEnabled} | Select Hostname, PortGroupName, IP, SubnetMask

// This will then dump the ESXi Hostnames, IPs and Subnets – For the vMotion Network

Get-VMHost | Get-Cluster | Select Name, DrsEnabled, DrsMode, DrsAutomationLevel

// Dump DRS Status

Get-VMHost | Get-Cluster | Select Name, VMSwapfilePolicy

// Dump VMSwapfilePolilcy

Get-VMHost | Get-Cluster | Select Name, HAAdmissionControlEnabled

// Check status of HA Admission Control

Get-VMHost | Get-Cluster | Select Name, HAFailoverLevel, HARestartPriority, HAIsolationResponse

// Check HA Status Levels

Get-VMHost | Get-VMHostNetwork | Select Hostname, VMKernelGateway -ExpandProperty VirtualNic | Select Hostname, PortGroupName, IP, MTU

// Check for MTU Mismatches

Get-VirtualSwitch | Select VMHost, Name, MTU

// Shows what the MTU settings on the Virtual Switches are

Get-VMGuestNetworkInterface –VM VMNAME | Select VM, IP, SubnetMask, DefaultGateway, Dns

// Dumps a hosts Name, IP, Subnet, Gateway and DNS configuration

Append ‘| Export-Csv “c:\location\filename”’

// This will allow you to export the results to a CSV file  – This is called out so you’re aware of the syntax to do CSV type exports!

Get-VMHost | Get-ScsiLun | Select VMHost, ConsoleDeviceName, Vendor, MultipathPolicy

// This will dump the Multipath Policy of the storage on the systems to determine what the MP configuration is.

Get-VMHost | Get-ScsiLun | Select VMHost, ConsoleDeviceName, Vendor, MultipathPolicy | Where {$_.Vendor –eq “NETAPP”} | Select VMHost, ConsoleDeviceName, Vendor, MultipathPolicy

// This will dump the Multipath Policy of ONLY NetApp systems

Get-VMHost | Get-ScsiLun | Select VMHost, ConsoleDeviceName, Vendor, Model, LunType, MultipathPolicy | Export-CSV “C:\temp\MultipathPolicyFull.csv”

// This will dump the Multipath Policy into a CSV as it’ll be a tad bit longer with multiple attributes specified!

Get-ScsiLun –Hba [software iSCSI HBA] | Set-ScsiLun –MultipathPolicy “RoundRobin”

// You can use these parameters to change the LUNs from Fixed to RoundRobin

e.g.) Get-ScsiLun –Hba vmhba39 | Set-ScsiLun –MultipathPolicy “RoundRobin”

Get-VMhost | Get-SCSILun | Where {$_.Vendor –EQ “NETAPP”} | Select VMHost, Vendor, MultipathPolicy

// Identify the Netapp LUNs

Get-VMhost | Get-SCSILun | Where {$_.Vendor –EQ “NETAPP”} | Where {$_.MultipathPolicy -EQ "Fixed"} | Select VMHost, Vendor, MultipathPolicy

// Identify the Netapp LUNs which are “Fixed”

Get-VMhost | Get-SCSILun | Where {$_.Vendor –EQ “NETAPP”} | Set-SCSILun –MultipathPolicy “RoundRobin”

// Set the NetApp LUNs to RoundRobin

Get-VMhost | Get-SCSILun | Where {$_.Vendor –EQ “NETAPP”} | Where {$_.MultipathPolicy -EQ "Fixed"} | Set-SCSILun –MultipathPolicy “RoundRobin”

Get-VMHost | Sort Name | Select Name, @{N=”NTP”;E={Get-VMHostNtpServer $_}}

// This will dump NTP Configuration settings

Get-VMHost | Get-View | foreach {$_.Summary.Hardware.OtherIdentifyingInfo[3].IdentifierValue}

// This will dump the Dell Service Tags

Get-VMHost | Get-View | Select Name, @{N=”Service Tag”;E={$_.Summary.Hardware.OtherIdentifyingInfo[3].IdentifierValue}}

// This will dump the Host name and the Dell Service Tag

Get-VMHost | Sort Name | Get-View | Select Name, @{N=”Tag 3”;E={$_.Summary.Hardware.OtherIdentifyingInfo[3].IdentifierValue}}, @{N=”Tag 2”;E={$_.Summary.Hardware.OtherIdentifyingInfo[3].IdentifierValue}}, @{N=”Tag 1”;E={$_.Summary.Hardware.OtherIdentifyingInfo[3].IdentifierValue}}

// This will dump the Host name and the Dell Service Tag values across all 3 identifiers

Get-View -ViewType HostSystem | Sort Name | Select Name,@{N="BIOS version";E={$_.Hardware.BiosInfo.BiosVersion}}, @{N="BIOS date";E={$_.Hardware.BiosInfo.releaseDate}}

// This will dump the hosts BIOS version and date(s)

get-vmhost | Get-VMHostAdvancedConfiguration -Name Syslog.global.logHost

// Dump the current SYSLOG Configuration

You may notice that a lot of the Scripts identified in here are very selfishly scripts I’ve personally used… and I’ll tell you… that’s not all that bad ;)   I figure as time goes on, I’ll find other various switches and flags which are important and others ought to check out!  I’m constantly building and adding to this list as there are various scripts I’ll be running on a daily, weekly and monthly basis.   As I start to identify which items fall into the lists I’ll share my experiences with ya’ll here! Enjoy!

Well, here we are… vExpert nominations have been submitted, the data reviewed and the decisions unveiled as to whom represents the 2013 year of #vExperts and I am humbled and honored to be allowed to continue as a part of this absolutely awesome club.

To get a good feel for who are some of the members of this crazy and wild community that we’re a part of you can see the official list here;
vExpert 2013 Awardees announced

Oh and my fellow #vExperts be sure to take advantage of these folks who support our ability to continue to support the community!
Tintri free polo shirts for #vExperts with your Twitter handle on them!

2013 vExperts, come get a free one-year subscription to TrainSignal!

But enough with the lovefest for us, right?! Albeit… if you’re a new vExpert this year be sure you come say hi, introduce yourself within the community and amongst ourselves!

Some of you may ask the question, “With all this talk about vExperts, how do I become one too?!?!”
The Non-definitive guide to the VMware vExpert Program, Tips, Tricks, How to become a vExpert!

Last year I published this accord to give you a glimpse into the vExpert life, and even some tips on how to make this a reality. Well, with nominations over, and those aligned to 2013 chosen there’s no better time than the present to start fulfilling your destiny to ensure that when this time comes around again in 2014 you too will be on that list. The thing is, being a vExpert isn’t something arbitrary and it doesn’t come lightly. A lot of us eat, sleep and breathe Virtualization. Not because we’re paid to, but because it is a PART of us. It’s important to know that if you should so choose a future like this for yourself… there may be some responsibility resting upon your shoulders… That’s all I’m saying. :)

I congratulate my fellow vExperts and yes for those of you who have been asking, I WILL be attending VMworld 2013 in San Francisco this year, all of my flights have been booked to take me away from this beautiful desert warzone I’ve been spending my time in so I can enjoy my time with all of you and my family for a few weeks! And yes, this does mean there will be #CXIDinners as well! More details on that to come!

Congratulations all of you, this year just got even more interesting!

CAT OUT!

/@cxi