Time for the beast - Study Log for VCAP5-DCA

blargoe

jibbajabba wrote: »

But I really wished as well that we could have startup orders without the use of vApps in clustered environments

I share the same gripe. It's not often that a full power down of VMs is necessary, but sometimes it is, and when you have 100's of VMs and need certain ones online before others, it would be helpful. Also, if you have a distributed application across several VMs that requires a reboot order, but you don't want to impose the "resource pool" effect on it.

Anyway, have fun in your VCAP journey, you will learn a lot.

jibbajabba

Thanks guys. As always, this place is great for encouragement

My progress is somewhat slower than expect at the moment. I need to upgrade out infrastructure, including vCloud Director, from 5.0 / 1.5 to 5.1 so my lab is somewhat bastardised at the moment as we don't have any testing kit at work (I know right). So testing the upgrade beforehand is obviously in my own interest. So my lab now has also vCloud Director 5.5 running alongside my nested 1.5.1 one .. Oh and for good measure I threw Operations Manager in as well (never used it, but I like it).

Then I did some hardening of my hosts, installed a public / private key combo so you won't be able to login via SSH without the key. The servers are joined to the domain as well but what I haven't tested yet is whether you can create public / private key combos for domain users .. Should make no difference, but might test that too.

I also ordered a SSL certificate so I can play "replace that self-signed thing"

You know - my approach of studying for the VCAP is something I should have done with the VCP lol ...Seem to be doing a lot of stuff I should have done years ago .. but there you go...

jibbajabba

Massive set-back. I created a provider VDC on my vCloud 5.5 setup which threw every single host into maintenance mode. What a stupid thing is that? Needless to say it didn't go well. Saturated the switchports of course and everything came to a halt. Not to mention that every single VM tried to migrate to another host (guess how successful that was with every host going into maintenance mode) ...

Only box still accessible is the storage server as it is physical.

Had to pull the plug so will need to see if I can recover it later.

Meh ... One disadvantage of using vDP for backups is you need a vCenter for restores to begin with and I am not sure I can be bothered. We'll see once I had a tea and some breakfast

jibbajabba

Thankfully a complete powercycle of the whole infrastructure brought it back to life ... Man I hate moments like that ...

jibbajabba

Not going well at the moment - so busy at work it's unreal .. I am leaving the house at 6am and I am usually not back until 8pm ..

Only productive thing I have done is keep reading "Mastering vSphere 5.5" and go through all Advanced videos on Pluralsight ..

And registering a new domain : vcap.guru

Ah well ... No need for a marathon to get to the finish line - crawling get's you there eventually too

tprice5

kj0 wrote: »

Eval Ran out, so I now have to rebuild my lab to so I can get some practice in before my VCP exam.

Stanly provided you with a license key. Why didn't you just use that?

jibbajabba

Right, I am having a brainfart here and it seems I am not the only one

So I thought I throw this out here for discussion (even though there is the risk of people telling me off for being stupid haha).

ISCSI Portbinding ... Now back in the days you likely configured MPIO using standard switches

VMK1
- VSS1
-- VMNIC1

VMK2
- VSS2
-- VMNIC2

Then you use the CLI to MPIO the lot.

Right, now vSphere Distributed Switch.

Portbinding is now fairly easy, right.

So host has two uplinks. You create two portgroups



and you make sure each portgroup is using one particular uplink



Then of course you use these two VMKs for the software initiator



Baddabing, baddabush, you are ready to go.

So where's the confusion ? Simple, a friend of mine needed to check something so I lend him my lab .. ok .. he was all over it when he saw my setup and called me names (ungrateful bastid )

So my setup :



As you can see, I have two iSCSI / vMotion portgroups per host. Now he was telling me that this is nonsense. He isn't the only one though .. now a few people told me that you won't need two portgroups per host. You just do what you do with the two ISCSI portgroups, bind them to uplinks and done.

That is fair - and I guess makes sense, but if you do that - all remaining hosts won't see their VMks as compliant as the relevant portgroups are in use by other VMKs / ISCSI initiators.

I can see that it might be somewhat rubbish to have 50 hosts and you end up with 100 Portgroups, but ... I don't know what "but" - But until now I thought I knew what I was doing and now I am more confused then anything ..

Any thawts ?

QHalo

You don't need two per host in a dvSwitch



Remember, the VMKs are unique to the host in question because they are part of the dvUplinks group. So each one is completely independent of the other hosts. They will all show compliant.

Asif Dasl

I will admit I am still a noob, so with that said and full expectation that someone might correct me... Here's how I set mine up (Post #19 the middle picture) - I was under the impression that the vmkernels & IPs are different on each host for MPIO but you use the same vDS portgroup for iSCSI / management / etc. I just set mine up for all traffic because it's almost a 10GigE connection with 9 NICs but I know some people split it up like this...

HTH

jibbajabba

@QHalo, so you aren't doing any port binding at all then? Because if you create a vmk port, assign it to a port group and bind it to an iSCSI initiator, it won't be available to any other host / iSCSI software initiator.

QHalo

I'm absolutely doing port binding with all my iSCSI ports on all my hosts.

jibbajabba

QHalo wrote: »

I'm absolutely doing port binding with all my iSCSI ports on all my hosts.

Right, like I say, it all makes sense but something ain't right. I'll have another look tonight or tomorrow. Feels like I never worked with vSphere lol.

QHalo

Let me know if you want another set of eyes. We could do a webchat or something.

jibbajabba

Appreciated but I need to find that out myself.

God, played too much with FC over the last few years ... losing the edge (and mind) here lol.

tomtom1

Having multiple vMotion VMkernel interfaces allows for loadbalancing over the pNICs. If you have multiple VMkernel ports dedicated to vMotion, you can create a 1 to 1 mapping of the VMkernel port and the pNIC. This achieves better loadbalancing (simultaneous data streams) then placing all NICs under the Active Adapter heading of the failover order.

If you do this, I would suggest using 2 port groups for the vMotion network on the DVS. In my lab (which I used to achieve VCAP-DCA), I set it up like this:



So, there is a method to the madness, but unless you specifically want this, you should be fine with just one vMotion enabled VMkernel port.

See also: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2007467

jibbajabba

QHalo wrote: »

Let me know if you want another set of eyes. We could do a webchat or something.

No idea what happened, but all working

I think my first hunch was the best describing the situation:

jibbajabba wrote:

Right, I am having a brainfart here

QHalo

Cheers bub. Glad you worked it out.

Essendon

kj0 wrote: »

Eval Ran out, so I now have to rebuild my lab to so I can get some practice in before my VCP exam.

Your lab layout has given me some great ideas on how I should set my new lab up.


I'm liking all the extra bits you are throwing into this lab. Keep up the excellent work, JJ.

Bit late to post this and kinda irrelevant to the thread, but you can "renew" the eval license (certainly not supported for production, labs only). Check this out > Information about Cloud Computing (IaaS) and VMware Technologies: vCenter Reinstallation after 60-Days trial expires without losing Database Contents

jibbajabba

If your company is VMware partner then there might be a chance they got NFR licences.

kj0

Essendon wrote: »

Bit late to post this and kinda irrelevant to the thread, but you can "renew" the eval license (certainly not supported for production, labs only). Check this out > Information about Cloud Computing (IaaS) and VMware Technologies: vCenter Reinstallation after 60-Days trial expires without losing Database Contents

Yeap. Didn't work for 5.5, but that's ok, I rebuilt last weekend. I think I'll ned to rebuild the entire environment, having more errors occurring.

Essendon, Shouldn't you be the one with the DCD giving JJ the solution to DvS layout? :P

Essendon

@kj0 - thanks for letting me know that this doesnt work with 5.5 . More incentive to get this PernixData blog finished! Might get the chance to demo this at work too.

Yeah I saw the question when I had had a few beers and I thought I'd look more into it later and by that time QHalo had jumped in already. Besides, sometimes you got to let the kids learn on their own

jibbajabba

Only way

I have no idea what I was thinking why / what is not working ..Heck knows .. Ah well .. .moving on

tprice5

How's it coming?

jibbajabba

Rubbish ... I am lead VMware Engineer here responsible for upgrading vCloud Director in 5 sites. This is taking most of my time. I leave the house at 6am and am usually not back until 9pm .. not much time left to study anything ... Now I also have to get my head around VXLANs so needless to say, working life is "doing my head in" at the moment

TheProf

Honestly, I am pretty sure that you already know a lot of the blueprint... Its a matter of going over the stuff that you've haven't touched much, you can probably cut down your time. But, finding the time is tough indeed!

At some point I was pretty much in the same situation, had to use weekends to prep, was tough.

jibbajabba

Yea, weekends are the only way to go but because me and my wife are out of the house all week, so much "normal human" stuff is to be done over the weekend that all I care at that stage is a nice Single Malt Scotch

Took this Friday off to hit the books though ...

TheProf

jibbajabba wrote: »

Yea, weekends are the only way to go but because me and my wife are out of the house all week, so much "normal human" stuff is to be done over the weekend that all I care at that stage is a nice Single Malt Scotch

Took this Friday off to hit the books though ...

That Single Malt Scotch should give you all the boost you need

jibbajabba

wow, been a while since I updated this one. I am very busy at work. Thankfully it is VMware related, although not quite helpful in getting the DCA, more like the VCAP-CLOUD. But nonetheless I have learned a ton. I am in the process of upgrading three vCloud Director sites and whilst it seems simple, it isn't. It would be if the documentation would be accurate but heh, where there is a lab, there is a way, right.

I even thought I understand how vShield Edge and NAT and Firewalling works, but I clearly didn't. Even the VMware support monkey needed conformation from their engineering, so that's a bonus (did you know that firewalling comes before NAT when working with Edge?).

Either way, not related but like I say, I learned a lot so it will help one way or another. I did however finish the Advanced Series on Pluralsight and the 'Mastering vSphere 5.5 book.

At the same time my lab grew a few Edges lol. I ended up with three, not even counting the vCloud ones. I must say, if you need some routing in your lab, Edge is quick and dirty.

GSXRules

Sounds like great practice for VCAP-CIA! iI covers 5.1 on 5.1, but should be close enough!

jibbajabba

GSXRules wrote: »

Sounds like great practice for VCAP-CIA! iI covers 5.1 on 5.1, but should be close enough!

Maybe not VCAP-CIA, but booked the VCP-IAAS (VCPVCD510) for April 1st. Nice way to renew my VCPs I suppose