vBrownBag – VMware VSAN

I’m going to be presenting a vBrownBag session this Wednesday night (US) / Thursday morning (AUS) on how to set up VSAN in your lab. There’s been a few blog posts around already, Duncan, William and Cormac (to name a few) all have something for those wanting to read up before the session.

But for those that can’t attend in person, I thought I would answer a question I got from a customer today “How is this VSAN software defined storage?”

Not wanting to repeat too much of my vBrownBag session here, my answer revolved around the “defined” part. We “define” how we want to storage to operate on a per VM basis. Now, until we get vVOLs this isn’t going to become as simple on larger arrays, but when we control everything from the hypervisor like we do with VSAN this is a reality today.

So what can we control? Well once VSAN is set up (and boy is it simple!), you need to use the Virtual Machine Storage Policy section of the vSphere Web Client to tell VSAN how to treat your VMDKs.

There’s more detail in Cormac’s whitepaper here, but you’ll find the following are options for defining your storage policies on VSAN:

Number of disk stripes per object

The number of HDDs across which each replica of a storage object is striped. A value higher than 1 may result in better performance (for e.g. when flash read cache misses need to get services from HDD), but also results in higher use of system resources. Default value: 1, Maximum value: 12.

Flash read cache reservation (%)

Flash capacity reserved as read cache for the storage object. Specified as a percentage of the logical size of the object. To be used only for addressing read performance issues. Reserved flash capacity cannot be used by other objects. Unreserved flash is shares fairly among all object. Default value: 0%, Maximum value: 100%.

Number of failures to tolerate

Defines the number of host, disk or network failures a storage object can tolerate. For n failures tolerated, “n+1” copies of the object are created and “2n+1” hosts contributing storage are required. Default value: 1, Maximum value: 3.

Force provisioning

If this option is enabled, the object will be provisioned even if the policy specified in the storage policy is not satisfiable with the resources currently available in the cluster. VSAN will try to bring the object into compliance if and when resources become available. Default value: Disabled.

Object space reservation (%)

Percentage of the logical size of the storage object that will be reserved (thick provisioned) upon VM provisioning. The rest of the storage object is thin provisioned. Default value: 0%, Maximum value: 100%

Don’t forget the Study Guides

I’ve had a number of people talk to me about community based VMware study guides over the past few months. It’s been a little while since their creation, but the vBrownBag study guides are still relevant to VCP5-DCV, VCAP5-DCA and VCAP5-DCD. There’s also the VCDX Boot Camp we did late in 2012.

Along with these community guides, VMware has more recently added a heap of great (free) content on vmwarelearning.com including some very handy VCDX Mock Panels.

 

The vCenter Inventory Service

The vCenter Inventory Service is used for 2 main things. First of all it’s the place that stores all of the custom tags used within the vCenter Web Client. But what’s not as well known is that the vCenter Inventory Service is also proxy (or cache) for the Web Client. If you’re using the traditional vSphere Client, the Inventory Service is not used, it’s simply bypassed… hence no tags in the older client. Prior to vSphere 5.1, while the service did exist, it wasn’t separated out as an individual component. From vSphere 5.1 onwards this is a separate installable component that can co-exist on the same, or be split out onto a separate, windows server. Currently, separating out components on the linux based vCenter Server Appliance is not possible (unless you like to hack things like William does)

Why we need the Inventory Service

As I stated before, the Inventory Service is designed to reduce load on the vCenter server itself (VPXD). Traditionally only 10% of traffic to a vCenter Server consists of writes, and obviously the other 90% are reads. So if you can cache those reads closer to the Web Client and don’t have to ask vCenter to retrieve from its database each time, you can see a significant improvement in response times; while also reducing the load on the more critical vCenter Server itself.

 

So how much improvement in terms? Well if you look at the #vBrownBag from earlier in the year Justin King (VMware’s resident vCenter guru) outlines the numbers.

As you can see from the table, if you have a large environment with many administrators the Inventory Service can really be of benefit. The thing to keep in mind here is, if you have a large scale environment where should I deploy this service to see the benefit?

 

table.tftable {font-size:12px;color:#333333;width:100%;border-width: 1px;border-color: #a9a9a9;border-collapse: collapse;}
table.tftable th {font-size:12px;background-color:#b8b8b8;border-width: 1px;padding: 8px;border-style: solid;border-color: #a9a9a9;text-align:left;}
table.tftable tr {background-color:#ffffff;}
table.tftable td {font-size:12px;border-width: 1px;padding: 8px;border-style: solid;border-color: #a9a9a9;}

Client # Sessions vCenter CPU
VI Client 100 50%
Web Client 180 25%

Where the Inventory Service should be installed

While it makes sense to use the vCenter Web Client when scaling out to a large environment, you need to ensure that the Inventory Service is installed in the right location to be of most benefit.

I was recently onsite with a customer who were planning to install the Inventory Service on the same VM as their vCenter Server, but there were splitting out the Web Client to a separate server. I advised them that although this will reduce the load on the vCenter Server, the best place for this service is not on the vCenter Server itself, but to locate the Inventory Service on either its own server, or alongside the vSphere Web Client.

 

Wrapping Up

Remember the KISS principle, you do not need to split out your components unless you have specific requirements and/or need to scale your environment. Always keep in mind the hardware requirements for each component and how those change if you co-locate services on the same server (see here). If you do split out the components, think about what the component is, and where it best fits. Along with storing tags, the idea of the Inventory Service is to reduce the number of queries to the vCenter Server… place it accordingly!

If you’re running your vCenter Server components as a VM (if not, why not?) think about your options. What about configuring DRS affinity rules to keep the Web Client and the Inventory Service VMs together, but your vCenter server separate? Everything depends on your specific requirements, but understanding the architecture and how different components work will ensure you can scale your environment effectively.

I’d be interested to know if anyone else has similar (or different) stories on where they locate the vCenter Inventory Service. Feel free to comment below.

“Random” sound in OSX

I changed over to using a Mac as my primary machine (again) around 12 months ago. Its a great workhorse for a laptop, the SSD and 16GB of RAM make it perfect for AutoLab.  However, every now and then I notice an annoying sound that I couldn’t work out where it was coming from. Admittedly I didn’t try too hard to find the source, but it wore me down today.

The culprit? iMessage. 

Every time someone signed in or out of Google Chat, Jabber etc, I got an annoying swoosh sound.  When I found it, I certainly felt like a noob.

Simple fix, head into iMessage -> Preferences -> Alerts. Change these two events to have no sound: Buddy Becomes Available and Buddy Becomes Unavailable

Problem solved. 

 

What it takes to become a vExpert

​What does it take to become a vExpert? Here’s what I did over the past 12 months.

There’s been a lot of chatter over the last few days with the recent announcement of the VMware vExpert 2013 group. I was fortunate enough to be given this honour again this year, an award that I’m surprised not more people know about!

I’ve had numerous conversations with customers and other VMware employees about “what it takes to be a vExpert”. Even within VMware, there’s people who are not aware of this program, so I do everything within my power to promote it both to employees and customers alike.

So, what does it take to be awarded a vExpert? Well, there are three available paths, the Evangelist Path, the Customer Path and the VPN (VMware Partner Network) Path. Without going into too much detail on each (as you can read about each here), I’ll explain what was in my application.

I applied under the Evangelist Path, with the following points against my name for 2012:

My list of things may be bigger or smaller than other vExpert award winners, but if you’re doing any of these things within the VMware community make sure you apply next year so you can get the recognition you deserve! It’s a great program, and I thank John Troyer and the rest of the VMware Social team for running it.

Edit: If anyone wants help obtaining vExpert, let me know as I have far too many VMware community ideas than I have time for!

Renaming the vSphere SSO Database

Renaming the vSphere SSO database is simpler than you’d think.

The other day while working with a customer, we needed to rename the vSphere 5.1 Single Sign On database to ensure it aligned to naming conventions. As I’d never had to do this before, I read up on a few different KB articles: 204552820335162045528

Based on the information presented I did the following:

  • Backed up the SSO configuration using the “Generate vCenter Single Sign-On backup bundle” link in the Start -> Programs menu from the SSO server.
  • Performed a backup of the original SSO DB within the SQL Management Studio from the DB VM.
  • Finally, I took a snapshot of both the DB and SSO VMs as a safeguard.

Once the fallback plan was in place, I stopping the “vCenter Single Sign On” service on the SSO VM, then renamed the RSA database on the DB server to the conforming name.

Then I thought it was a matter of using the following command on the SSO VM:

ssocli configure-riat -a configure-db –database-host new_database_server –database-port new_database_port -m master_password

However, you may notice with the SSOCLI utility while there’s a Host, Port, Instance, Username and Password option… there is NOT a database name option. (I mistook the “instance” option allowing me to do what I needed at first). This perplexed me at first, how do I reconfigure SSO to point to a renamed database? After a little digging I worked out that the database name is configured not through the SSOCLI utility, but through a configuration file:

installdirectorySSOServerwebappsimsWEB-INFclassesjindi.properties

It’s as simple as changing the following line:

com.rsa.db.instance=dbnamehere

And that’s it! Restart the SSO service on your SSO VM and then fire up the vSphere Web Client. Also, thanks to Gabe for pointing me in the right direction for the config file.

Becoming More Efficient – PomodoroApp and LastPass

I am determined to refine my workflow and constantly improve in this area. Two of the tools I am using to help ​my efficiency is the mac based PomodoroApp and the password manager LastPass.

This article relates to a previous post around becoming more efficient in the way I live my life.

As some of you know I’m working on a pretty big project at the moment that requires a huge time investment. Late last year I set about trying to improve my efficiency to ensure my work / life balance didn’t suffer. Unfortunately as with some big projects, it has to some extent… however, I am determined to refine my workflow and constantly improve in this area. Two of the tools I am using to help my efficiency is the mac based PomodoroApp and the password manager LastPass.

I first heard about this “Pomodoro” thing a few years back from Scott Johnson, a podcaster and fellow geek. At the time I had no need for such a thing and disregarded it as something that didn’t interest me. Fast forward and my project now gives me a different perspective on time and how I need it use it. So I decided to give the PomodoroApp a try.

What is a Pomodoro? From Wikipedia: “The technique uses a timer to break down periods of work into 25-minute intervals called ‘Pomodori’ (from the Italian word for ‘tomatoes’) separated by short breaks.” The PomodoroApp is just a basic app that times you for 25 minutes (or whatever time you set) and then times a 5 minute break with alarms helping you to remember the time.

Now, I know that everyone works slightly differently and I was pretty sceptical that this time management technique would work for me. But oh my! How wrong I was! I must admit, I don’t use it all the time but when I have a set amount of work to get done in a short amount of time this helps me concentrate, reminds me to take a break and helps keep me on task. The breaks are especially important for me because I find myself working and working without a break, slowly loosing productivity. When I have a five minute break to stretch my legs, make a coffee or talk to the family, it helps me reset my focus for when I sit down for the next 25 minute block.

The downside? Well, sometimes you don’t WANT to work your butt off. At times you want to just methodically get through work and not be stressed about it. For me the Pomodoro Technique is a double edge sword. On one had it helps me get things done (no doubt about it) but on the other it does add to the stress of things if you don’t have a hard deadline to hit. For example I’m NOT using it to write this blog post, however I do when I have a writing deadline due from the publisher.

When Sony had their infamous PSN hacking debacle, I took it as notice to change the way I secured my digital life. I was one of the many who used the same password in multiple sites (and I’m sure many of you still do). Now I wasn’t so bad as to only have a single password for all sites, but I had a number that I rotated.

LastPass is an app that I use to stay efficient, and more importantly, secure. There are arguments both for and against password management apps, which ones a more secure, which ones do things the right way etc. For me the “right” way was just simply to use one and ensure I didn’t have multiple sites / accounts using the same password. LastPass helps me in this area, but it also help me be more efficient too.

The fact that I can have all of my passwords handy in every browser I use both desktop and mobile is a godsend. The auto-logon / fillout feature saves me time and mind power, I don’t think about my passwords, yet they are all complex with over 16 characters (where possible). I can now honestly say that I don’t have a single password that is duplicated on multiple sites.

LastPass, 1Password, whatever you may use, staying secure can be difficult and take time but if you have a system set up it’s just as convenient as using a single password for every account.

Becoming More Efficient – Evernote and TSW

One of the tools I’ve been using for a while now is Evernote, it’s a note taking, information capturing, cloud based… trusted system. I use it daily to sort through various tasks, notes and ideas. However, I use it in a different way than most.

This article relates to a previous post around becoming more efficient in the way I live my life.

One of the tools I’ve been using for a while now is Evernote, it’s a note taking, information capturing, cloud based… trusted system. I use it daily to sort through various tasks, notes and ideas. However, I use it in a different way than most.

For me, Evernote is my “everything”, if it’s not in Evernote I can pretty much guarantee that within a few days I will have forgotten about it. My mind can be like a sieve, and I can’t rely on it to hold everything I need to remember. Even if a task is sitting within an email in Outlook, I need to remember to look at it… plus look my personal task list, and also check my “projects” task list and… the list goes on. I needed a system that would take all of my task lists and ideas and put them into one central location. I needed it to be available all the time, both online & offline, and I also needed it on multiple devices. Evernote checks all of these requirements nicely. So I have this wonderful tool but I didn’t have a great system that used the tool effectively.

A while back I came across “The Secret Weapon” or TSW for short. Now I agree it has  an “interesting” name choice, but I was intreged on how it complemented Evernote and more importantly how it couple improve my efficiency.

For starters TSW gives you a process to follow to ingest all of your email based tasks into Evernote rather seamlessly. Secondly TSW takes the Getting Things Done principles and applies them to Evernote using tags so you can manage information in an efficient manner. It’s hard to explain how this all works without actually watching the videos on TSW’s website.

If you’re getting started or just want to be more organised, I recommend using Evernote and TSW. It’s not perfect, but you can always improve the system and tweak it to your liking!

VXLAN with vSphere

There’s an interesting article recently published by VMware’s Technical Marketing team around using VXLAN with vSphere. Typically most information around VXLAN that I have seen is geared towards integration with vCloud Director to stretch organisation and DC networks over multiple segments. This article however specifically deals with just the vSphere potion.

So for those of you that want to delve into VXLAN with a more traditional vSphere environment but without the added complexity of vCloud, I recommend you check it out:

http://www.vmware.com/files/pdf/techpaper/VMware-VXLAN-Deployment-Guide.pdf

VMware Port Requirements

I’m currently working on a project in a very secure network. Sometimes it almost feels like every other server is in it’s own DMZ and I’m constantly looking up what the network ports need opening beteeen them.

The following document outlines port requirements. The reason I like it so much is because it’s not just one product, it’s for most of VMware’s product portfolio! Very handy.

http://kb.vmware.com/kb/1012382