Your Daily VMware quiz!

Deathmage

kj0 wrote: »

It's really only picked up in the last 2 days.

As for the Cross vCenter vMotion. It's new in vSphere 6.0, You can find the answer in the What's New overview PDF. http://www.vmware.com/files/pdf/vsphere/VMW-WP-vSPHR-Whats-New-6-0-PLTFRM.pdf

Ahhh... I was like "did I miss something in my 6 months of study and past 6 months of VMware experience! ...are you going blind Trevor!"

jibbajabba wrote: »

OT but funny you mention Dell EQLs. We were one of the first ones in the UK to trials these ones back in the day (4k series or something) and the engineer / sales monkey combo were trying to tell us how great and stable and whatnot it is.

Whilst they were still chatting to our director i managed to blow it to bits (software wise) .. Needless to say the Dell guys where somewhat confused how that was possible and were embarrassed ..

We were still OEM partners at the end and I loved 'em .... Even though the initial setup was a bit rubbish network wise. You had to play with VLANs to get it setup in the right networks ... Ah ... good old days ..

Ya I'm liking them so far but not sure if I like the fact the you can only have one massive LUN for the EQL's. Subdividing datastores inside SAN HQ and that's what is dished to vCenter. Hopefully it will last a few years before we exceed the IOPS of it. We got a EQL 4100s; 22 drive @ 900GB's @ 15k.

tomtom1 wrote: »

I still think of Equallogic as one of the best SANs, especially for the smaller environments. Easy to setup, easy to manage and up to a few units easy to scale. Had one until very recently and I was more than happy with it. Did it's job for more than 3 years without even a single moment of downtime or issues, effectively 100% uptime.

That was my track records at President Container, had a workhorse EQL 4100s carrying 12 servers for 3 years on a boot-from-SAN config with all the servers being diskless (jibbajabba) I think they sold my predecessor on the wonders of EQL's to him like you and that's why they did diskless...it was SO NOT GOOD THOUGH! ... it was done for all physical boxes, they took 15+ minutes to boot on diskless Dell R610's. ....I'm so happy VMware reboots are 2 minutes tops at my current job, I hated waiting for 45 minutes for servers to post while controlling political bullshit phone calls every 3 minutes about why servers were offline!!!!!!

Even though the design was horrid, that 4100s trucked through it and NEVER failed, yes maybe a drive did here and there but it was a RAID 10 no worries one drive, pfff....Hence why we got the cheapest EQL we could afford to build out the cluster.

I actually just finally got all my hardware at my job this week for the ESXi 5.5 cluster.

The twin N3024's arrived Tuesday (configured them in 40 minutes) racked and stacked them Tuesday for the iSCSI/vMotion fabric. The (5) N3048's (228 Gbps throughput) arrived Friday, configured them, racked and stacked them and then moved over all the connections at 5:01pm yesterday (I was like GTFO of the office I'm pulling cables go home it's Friday!!!!) from the Dell 2824's (don't ask my previous predecessor didn't know they were campus-grade layer 2 switches NOT CORE SWITCHES!!!!! - 48Gbps throughput /facepalm SMH!!!)

VMware licensing arrived yesterday too so I got out of Free mode and I can live in vCenter again (LOVE!) - Next week is P2V Migrations, but now with a 228 Gbps backplane they 'should' be quick (The ESXi 5.5 server's both have 4 bonded gigabit connections for Production so 8 GBits aggregated - I know I tried to get 10 Gbit, but wasn't happening - someday). Each server has 12 gigabit nic's. Will be nice to migrated them off local arrays. iSCSI has two connections, 1 active/1 standby. - Mgiht make it two active and play with fire and say **** it for FT but I may want FT. Our IOPS are very low so it will be interesting as time moves along. Why Dell shipped the SAN with only 2 nic's per controller I'll never know must have miss that in the quote /failboat!

In a few weeks after the P2V's are done moving the network over to a 6 vlan setup: 1 /23 (really will be 2 /24's but the first block will be static and the last block of /24 will be for dynamic) and 5 /26's for departmental security concerns. It will be a complex IT infrastructure in a few months, lol! ... perfect work-lab for my certifications.

But back to the OT, keep them coming. Just had a small nerd rage rant

kj0

Q) Name the 5 new types of files that are brought in with VVols?

jibbajabba

kj0 wrote: »

Q) Name the 5 new types of files that are brought in with VVols?

Config, Data, Swap, Memory Generic ..

kj0

jibbajabba wrote: »

Config, Data, Swap, Memory Generic ..

Almost.

Other (Vendor-Specific) - Which when they say "Vendor" they are still meaning VMware. Check out the vBrownBBag VVols series.

jibbajabba

kj0 wrote: »

Almost.

Other (Vendor-Specific) - Which when they say "Vendor" they are still meaning VMware. Check out the vBrownBBag VVols series.

I go by the VMware document so I am being pedantic

kj0

jibbajabba wrote: »

I go by the VMware document so I am being pedantic

<snip>

Still called "Other-VVol"

Anyway... You guys should be testing me :P

Deathmage

My brain is shot after reviewing my entire CCNA book this weekend. I WANT to think of something but can't lol!

Deathmage

Ok; let me take a crack at this; probably will be easy peezy for you guys.

Q: You try to access the ESXi DCUI via Putty at 172.16.80.13 (or similar tool) but when you go to access the server you get a "failure to connect" warning and your like...

After you do some digging you look over your Servers, Cisco switches, and Sonicwall your curious what it could be. On The Cisco switch you find this:

!
!
!
Extended IP access list RedSox_suck!
09 remark you'll never guess it
10 deny tcp any host 172.16.80.13 0.0.0.0 eq 22
20 deny tcp any host 172.16.80.13 0.0.0.0 eg 23
30 permit ip any any
!
!
!

What's happened?

kj0

I don't have any of that gear, no touched a Sonicwall, but given port 22 has "Deny" against it, any TCP traffic to the host will be blocked using that port.

jibbajabba

Deathmage wrote: »

Ok; let me take a crack at this; probably will be easy peezy for you guys.

Q: You try to access the ESXi DCUI via Putty at 172.16.80.13 (or similar tool) but when you go to access the server you get a "failure to connect" warning and your like...

After you do some digging you look over your Servers, Cisco switches, and Sonicwall your curious what it could be. On The Cisco switch you find this:

!
!
!
Extended IP access list RedSox_suck!
09 remark you'll never guess it
10 deny tcp any host 172.16.80.13 0.0.0.0 eq 22
20 deny tcp any host 172.16.80.13 0.0.0.0 eg 23
30 permit ip any any
!
!
!

What's happened?

Hang on, where do you get the message ? You say DCUI via SSH, so you connect to the server via SSH and run 'dcui' and you get the error then or the error when you SSH in the first place ?

Either way, both DCUI and SSH need to be enabled if you want to use SSH to connect to the DCUI ..

Deathmage

kj0 wrote: »

I don't have any of that gear, no touched a Sonicwall, but given port 22 has "Deny" against it, any TCP traffic to the host will be blocked using that port.

Correct. SSH is port 22. So even though SSH is enabled on the ESXI host the connection wouldn't be established.

Deathmage

Q: You just made a brand-new VM and you selected Windows 7 64 bit and you install Windows, you do all of the normal stuff once Windows is done installing: settings in system for best-performance, turn off the Windows firewall, run msconfig for startup programs and you do Windows updates and let it do it's thing and walk away. You step away from the vCenter Console for 30 minutes and come back and the VM is suspended; Why?

jibbajabba

Deathmage wrote: »

Q: You just made a brand-new VM and you selected Windows 7 64 bit and you install Windows, you do all of the normal stuff once Windows is done installing: settings in system for best-performance, turn off the Windows firewall, run msconfig for startup programs and you do Windows updates and let it do it's thing and walk away. You step away from the vCenter Console for 30 minutes and come back and the VM is suspended; Why?

Even in VMs, Powersaving will suspend the OS after X-Minutes / Hours.

Konflikt

jibbajabba ....or because of using a thin vmdk under the VM, and the LUN went out of space (growing disks), so (all of) the VM(s) was/were suspended which is/are on the LUN.

Deathmage

jibbajabba wrote: »

Even in VMs, Powersaving will suspend the OS after X-Minutes / Hours.

Correct, with default settings Windows 7 is set to balanced in power settings and hard drives are set to turn off after 20 minutes of no input. This is why after 30 minutes the VM was suspended.

Deathmage

So guys, no pressure. I told a number of people at the local VMUG in NY/NJ about this forum and many of them know of this thread specifically. So Koodos to that and no pressure on keeping it alive.

Deathmage

jibbajabba wrote: »

Hang on, where do you get the message ? You say DCUI via SSH, so you connect to the server via SSH and run 'dcui' and you get the error then or the error when you SSH in the first place ?

Either way, both DCUI and SSH need to be enabled if you want to use SSH to connect to the DCUI ..

That message I just formulated in my brain however theory is sounds I think.

If you opened up say a Putty and tried to use a SSH on a server that you knew had SSH turned on, that error would occur if the port for SSH was blocked on the physical layer by a ACL.

Tried to make a error that even though on the VMware side things looked fine on the physical layer someone in your networking team made a boo boo. Never know might come in handy sometime in the future.

DevilWAH

Question.

you set up you virtual switch in esxi5.5 and create 3 portgroups on it, each tagged to a separate vlan (5,10,15)

you hosts uplink nics are connected to a cisco switch which has trunks enabled, and permits all vlans.

guests in port-groups 1 and 3 (vlan 5 and 15) can connect but not devices in port-group 2(vlan 10), although all NIC on the host are showing up and there are no errors on the switch port.

What could be the issue?

jibbajabba

DevilWAH wrote: »

Question.

you set up you virtual switch in esxi5.5 and create 3 portgroups on it, each tagged to a separate vlan (5,10,15)

you hosts uplink nics are connected to a cisco switch which has trunks enabled, and permits all vlans.

guests in port-groups 1 and 3 (vlan 5 and 15) can connect but not devices in port-group 2(vlan 10), although all NIC on the host are showing up and there are no errors on the switch port.

What could be the issue?

VLAN is not on the switch. VLANs are automatically added to the switch when a port is configured as access port, but won't if they are just added to the trunk allow list.

switch#sh vlan
Created by: D-Default, S-Static, G-GVRP, R-Radius Assigned VLAN, V-Voice VLAN

Vlan       Name           Tagged Ports      UnTagged Ports      Created by
---- ----------------- ------------------ ------------------ ----------------
 1           1                            gi1-7,gi9-11,             V
                                          gi13-28,Po1-8
 10  Internal Network  gi2-7,gi9-11,                                S
                       gi13-28
 11   Storage Network  gi2-7,gi9-11,           gi8,gi12             S
                       gi13-28
 12    vSAN Network    gi2-7,gi9-11,                                S
                       gi13-28
 13   vMotion Network  gi2-7,gi9-11,                                S
                       gi13-28
 14  Fault Tolerance   gi2-7,gi9-11,                                S
     Network           gi13-28
 15  vCloud Isolation  gi2-7,gi9-11,                                S
     Network           gi13-28

DevilWAH

Possible (good answer so you get a point), so now you check and see the vlan is on the switch and is not shut-down, but still no traffic is passing...

Essendon

Security settings on the portgroup/switch.

DevilWAH

could be but i was looking for

"the switch port has the native vlan set to vlan 10"

Cisco switchs do not tag traffic on the native vlan, a trunk port connected to a esxi host will not pass data on the native vlan, vmware recomend that you insure the native vlan on the switch port is a vlan unused by teh vmware estate .

VMware KB: Configuring Network Switches for VLAN Tagging

while its not good practice to used vlan 1, this is by default the native vlan on a switch.

to resolve either change the native vlan to an unused vlan (recomended) or use the swotch port commend "tag native vlan" so all packets are expected to have a vlan tag.

Essendon

Yep, I agree with this and admit it didn't spring to my mind. Your questions highlights the need to think outside the box. Many of us virtualization folks lack decent networking skills.

Deathmage

Essendon wrote: »

Yep, I agree with this and admit it didn't spring to my mind. Your questions highlights the need to think outside the box. Many of us virtualization folks lack decent networking skills.

Was going to say native vlan but I just kept on reading...

Guess this is where I should have read this thread earlier huh.... this is where you say networking and VMware go hand-n-hand huh Manny.

DevilWAH

Essendon wrote: »

Yep, I agree with this and admit it didn't spring to my mind. Your questions highlights the need to think outside the box. Many of us virtualization folks lack decent networking skills.

Yer this one caught me out twice in the course of a few months, and its a bugger to trouble shoot because unless you know how to get under the hood on the systems there is no errors thrown up.

Often its where two systems meet that the issues happen.

kj0

Q. You're an administrator noticing some strange issues with time sync. You notice that each time you migrate a VM, the guest time changes. You note that the ESXi host that you migrate too has an incorrect time, you also note that your "Sync Guest OS time with host" option is unticked. You correct the time on the host and point it to a new NTP server and restart the service.
To prevent this from happening again when a new host is added with the wrong NTP settings, what must you also change with the VM?

Deathmage

kj0 wrote: »

Q. You're an administrator noticing some strange issues with time sync. You notice that each time you migrate a VM, the guest time changes. You note that the ESXi host that you migrate too has an incorrect time, you also note that your "Sync Guest OS time with host" option is unticked. You correct the time on the host and point it to a new NTP server and restart the service.
To prevent this from happening again when a new host is added with the wrong NTP settings, what must you also change with the VM?

throwing out a guess here cause I recently did this myself but I would turn off the VMware tools periodic time synchronization. To me Windows Time (Win32Time) is way more accurate than VMware tool, sadly.

Alternatively, if you still have hope for VMware, lol! - you can right click the VM and go to settings, then click on the option tab and then click on the VMware tool setting and tick the 'Synchronize guest time with host' option in the Advanced section on the bottom right.

kj0

Deathmage wrote: »

throwing out a guess here cause I recently did this myself but I would turn off the VMware tools periodic time synchronization. To me Windows Time (Win32Time) is way more accurate than VMware tool, sadly.

Alternatively, if you still have hope for VMware, lol! - you can right click the VM and go to settings, then click on the option tab and then click on the VMware tool setting and tick the 'Synchronize guest time with host' option in the Advanced section on the bottom right.

But what happens if you add a new host with the incorrect time settings and the VM migrates to it? How do you prevent the sync from happening and allow the Guest OS to stay in sync with it's specified NTP source?



[Edit] this is something that is highly recommended to know, I've been caught once in production environment with it.

Deathmage

kj0 wrote: »

But what happens if you add a new host with the incorrect time settings and the VM migrates to it? How do you prevent the sync from happening and allow the Guest OS to stay in sync with it's specified NTP source?



[Edit] this is something that is highly recommended to know, I've been caught once in production environment with it.

untick the 'Synchronize guest time with host' option? - only other thing I can think of is to make a host profile with the NTP service off. If this isn't it, I'd learn something new.

Essendon

From memory there's an advanced host setting for this, dont remember exactly what though.