VMware

[SOLVED] Unable to migrate VM’s to other host

I had encountered the following issue when attempting to migrate a live VM to another host w/in my lab cluster.
The error received was: 

Currently connected network interface” ‘Network adapter 1’ cannot use network ‘VM Network’, because “the destination network on the destination host is configured for different offload or security policies than the source network on the source host”.

I was able to fix this by checking the configuration of the virtual switch (vSwitch0) on the ESXi host I was moving the virtual machine guest to.

  1. I click on each host went to the configure
  2. Under the Networking subsection located the virtual switch
  3. Selected edit on that virtual switch.
  4. Reviewed the settings in the Security tab and the Traffic Shaping tab between the hosts.

In my case the issue was with the Security tab.  The destination host did not match the source.
Just another reasons to use host profiles between systems so that settings all match.

 

VMware vCenter 6/6.5: Creating Host Profiles

This post describes how to perform the basic task of creating a host profile.
Description of Hos Profiles:

VMware Host Profiles are available through VMware vCenter Server and enable you to establish standard configurations for VMware ESXi hosts and to automate compliance to these configurations, simplifying operational management of large-scale environments and reducing errors caused by mis-configurations.

Prerequisites:

  1. You need to have a vSphere installation
  2. You need to have admin rights
  3. You need a configured ESXi host that acts as the reference model

Steps:

  1. In vCenter Navigate to the Host profiles view
  2. Click the Extract profile from a host icon
  3. Select the host that will act as the reference model host and click Next
  4. Enter the name and  a description for the new profile and click Next
  5. Review the summary information for the new profile and click Finish
  6. The new profile will appear in the profile list

Video:

Done!

VMware / vCenter: Terms, Acronyms, Glossary {Tag your IT}

Recently I have taken, failed later taken and passed my VMware 2V0–620 – vSphere 6 Foundations Exam and passed. I am now in the process of practicing and studying for proctored exam(s) for the VMware Certified Professional 6 – Data Center Virtualization Certificate.

With that there are many terms, acronyms, and Glossary items I will need to remember.
I am adding a list of terms and will expand on them as I come across new ones.

 

VM: Virtual Machine – a software computer that, like a physical computer, runs an operating system and applications. https://pubs.vmware.com/vsphere-50/topic/com.vmware.vsphere.vm_admin.doc_50/GUID-CEFF6D89-8C19-4143-8C26-4B6D6734D2CB.html

ESXi: The vSphere Hypervisor from VMware (formerly ESX) is an enterprise-class, type-1 hypervisor.

VMFS: Virtual Machine File System for ESXi hosts, a clustered file system for running VMs

DCUI: Direct Console User Interface

iSCSI: Ethernet-based shared storage protocol.

SAS: Drive type for local disks (also SATA).

FCoE: Fibre Channel over Ethernet, a networking and storage technology.

HBA: Host Bus Adapter for Fibre Channel storage networks.

LUN: Logical unit number, identifies shared storage (Fibre Channel/iSCSI).

IOPs: Input/Outputs per second, detailed measurement of a drive’s performance.

pRDM: Physical mode raw device mapping, presents a LUN directly to a VM.

vRDM: Virtual mode raw device mapping, encapsulates a path to a LUN specifically for one VM in a VMDK.

SAN: Storage area network, a shared storage technique for block protocols (Fibre Channel/iSCSI).

NAS: Network attached storage, a shared storage technique for file protocols (NFS).

NFS: Network file system, a file-based storage protocol.

DAS: Direct attached storage, disk devices in a host directly.

VAAI: vStorage APIs for Array Integration, the ability to offload I/O commands to the disk array.

SSD: Solid state disk, a non-rotational drive that is faster than rotating drives.

VM Snapshot: A point-in-time representation of a VM.

ALUA: Asymmetrical logical unit access, a storage array feature. Duncan Epping explains it well.

VMX: VM configuration file.

VMEM: The page file of the guest VM.

NVRAM: A VM file storing the state of the VM BIOS.

VMDK: The virtual machine disk format, containing the operating system of the VM. VMware’s virtual disk format.

VMSN: Snapshot state file of the running VM.

VMSD: VM file for storing information and metadata about snapshots.

VMSS: VM file for storing suspended state.

VMTM: VM file containing team data.

VMXF: Supplemental configuration file for when VMs are used in a team.

Quiesce: The act of quieting (pausing running processes) a VM, usually through VMware Tools.

NUMA: Non-uniform memory access, when multiple processors are involved their memory access is relative to their location.

Virtual NUMA: Virtualizes NUMA with VMware hardware version 8 VMs.

VSAN: Virtual SAN, a new VMware announcement for making DAS deliver SAN features in a virtualized manner.

vSwitch: A virtual switch, places VMs on a physical network.

vDS: vNetwork Distributed Switch, an enhanced version of the virtual switch.

ISO: Image file, taken from ISO 9660file system for optical drives.

vSphere Client: Administrative interface of vCenter Server.

vSphere Web Client: Web-based administrative interface of vCenter Server.

Host Profiles: Feature to deploy a pre-determined configuration to an ESXi host.

Auto Deploy: Technique to automatically install ESXi to a host.

VUM: vSphere Update Manager, a way to update hosts and VMs with latest patches, VMware Tools and product updates.

vCLI: vSphere Command Line Interface, allows tasks to be run against hosts and vCenter Server.

vSphere HA: High Availability, will restart a VM on another host if it fails.

vCenter Server Heartbeat: Will keep the vCenter Server available in the event a host fails which is running vCenter.

Virtual Appliance: A pre-packed VM with an application on it.

vCenter Server: Server application that runs vSphere.

vCSA: Virtual appliance edition of vCenter Server.

vCloud Director: Application to pool vCenter environments and enable self-deployment of VMs.

vCloud Automation Center: IT service delivery through policy and portals, get familiar with vCAC.

VADP: vSphere APIs for Data Protection, a way to leverage the infrastructure for backups.

MOB: Managed Object Reference, a technique vCenter uses to classify every item.

DNS: Domain Name Service, a name resolution protocol. Not related to VMware, but it is imperative you set DNS up correctly to virtualize with vSphere.

vSphere: Collection of VMs, ESXi hosts, and vCenter Server.

vCenter Linked Mode: A way of pooling vCenter Servers, typically across geographies.

vMotion: A VM migration technique.

Storage vMotion: A VM storage migration technique from one datastore to another.

vSphere DRS: Distributed Resource Scheduler, service that manages performance of VMs.

vSphere SDRS: Storage DRS, manages free space and datastore latency for VMs in pools.

Storage DRS Cluster: A collection SDRS objects (volumes, VMs, configuration).

Shares: Numerical value representing the relative priority of a VM.

Datastore: A disk resource where VMs can run.

vSphere Fault Tolerance: An availability technique to run the networking, memory and CPU of a VM on two hosts to accommodate one host failure.

DPM: Distributed Power Management, a way to shut down ESXi hosts when they are not being used and turn them back on when needed.

vShield Zones: A firewall for vSphere VMs.

vCenter Orchestrator: An automation technique for vCloud environments.

OVF: Standards based format for delivering virtual appliances.

OVA: Packaging of OVF, usually as a URL to download the actual OVF from a source Internet site. Read more here.

VMware Tools: A set of drivers for VMs to work correctly on synthetic hardware devices. Read more on VMware Tools.

vSphere Licensing: Different features are available as the licensing level increases, from free ESXi to Enterprise Plus.

vCloud Suite: The collection of technologies to deliver the VMware Software Defined Data Center.

VMware Compatibility Matrix: List of supported storage, servers, and more for VMware technologies. Bookmark this page!

vSphere role: A permissions construct assigned to users or groups.

Configuration Maximums: Guidelines of how big a VM can be; see the newest for vSphere 5.5.

Transparent page sharing: A memory management technique; eliminates duplicate blocks in host memory.

Memory compression: A memory management technique; applies a compressor to active memory blocks on the host.

Balloon driver: A memory management technique; reclaims guest VM memory via VMware Tools.

Hypervisor swap: A memory management technique; puts guest VM memory to disk on the host.

Hot-add: A feature to add a device to a VM while it is running, such as a VMDK.

Dynamic grow: A feature to increase the size of VMDK while the VM is running.

CPU Ready: The percentage of time that the VM is ready to get a CPU cycle (higher number is bad).

Nested hypervisor: The ability to run ESXi as a VM either on ESXi, VMware Workstation, or VMware Fusion.

Virtual hardware version: A revision of a VM that aligns to its compatibility. vSphere 5.5 is hardware version 10, for example.

Maintenance mode: An administration technique where a host evacuates it’s running and powered off VMs safely before changes are made.

vApp: An organizational construct combining one or more VMs.

Cluster: A collection of hosts in a vSphere data center.

Resource pool: A performance management technique, has DRS rules applied to it and contains one or more VMs, vApps, etc.

vSphere folder: An organizational construct, a great way to administer permissions and roles on VMs.

Datacenter: Parent object of the vSphere Cluster.

vCloud Networking and Security: Part of the vCloud Suite; provides basic networking and security functionality.

vCenter Site Recovery Manager: An automated solution to prepare for a site failover event for the entire vSphere environment.

NSX: New technology virtualizing the network layer for VMware environments. Read more here.

VDI: Virtual desktop infrastructure, also called DaaS (Desktop as a Service) from Horizon View; run as ESXi VMs and with vSphere.

VXLAN: VMs with a logical network across different networks.

vCenter Configuration Manager: Part of vCloud Suite that automates configuration and compliance for multiple platforms.

vCenter Single Sign on: Authentication construct between components of the vCloud Suite.

VM-VM affinity: Sets rules so two VMs should run on the same ESXi host or stay separated.

Storage I/O Control: I/O prioritization for VMs.

NIOC: vSphere Network I/O Control – Enabled by default network I/O control is enabled, distributed switch traffic is divided into the following predefined network resource pools: Fault Tolerance traffic, iSCSI traffic, vMotion traffic, management traffic, vSphere Replication (VR) traffic, NFS traffic, and virtual machine traffic.

 

 

 

PowerCLI: HowTo Remove Floppy Drive From {All} Powered Off VM`s

The following simple script will iterate though your vCenter environment and remove the floppy disk from VMware guest machines that are in a powered off state.

Script text: I used Windows PowerShell ISE

Set-ExecutionPolicy RemoteSigned #may require running as administrator
Import-Module VMware.VimAutomation.Core
Connect-VIServer -Server ‘your.server.here’

$off = Get-VM | where {$_.powerstate -eq “PoweredOff”}
$floppy = Get-FloppyDrive -VM $off
Remove-FloppyDrive -Floppy $floppy -Confirm:$false

Purpose:

The purpose of removing the floppy is to remove potential attack channels to the guest VM itself. It has also been noted that removing such devices will save kernel resources.

Ref: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-600D24C8-0F77-4D96-B273-A30F256B29D4.html

 

Restore of Checkpoint Fails with “The following hotfixes seem to be missing”

Ran into a slight snag when attempting to restore a production backup into a VM(*VMware*) image of Checkpoint R77.30. I was using the Gaia WebUI to restore image returns a message: “The following hotfixes seem to be missing”.

The message points me to a log file located under /tmp/ which indicates missing updates to the firewall I am restoring to. To get around this the following steps were taken.

 

  1. Log into the Checkpoint firewall via SSH to access the console (You could also console in  (i’m using a vm so the terminal would work also).
  2. Enter ‘Expert’ mode (password required.)
  3. The the command: dbset backup:override_hfs t’ from  the expert mode.
  4. Go back into Gain WebUI and attempt the restore of the backup.

Wait … Wait… The system will reboot and the configuration will be restored.

All done.

Cause of this issue was the backup file was taken from a system which had a version different from the system I was restoring into. In some cases, this message can be safely ignored and the restore can be performed without incident.

Please take time to review your configuration after you restore.

Virtualize Everything

The PolygraphTest

Installing vCenter Appliance 6.5

With the general availability (GA) release of vSphere 6.5 I decided to upgrade my home lab and learning environment to the latest and greatest of VMware’s product. Not only for learning, but for running the systems I use daily in my lab.

Preparation work:

  • Download and Install ESXi 6.5 to my new lab hardware – Configure ESXi 6.5
  • Download the VCSA 6.5 Installation media and start the install process – See below

I mounted the installation media (ISO) on my Windows notebook and started the installation by navigating to \vcsa-ui-installer\win32\ and starting the installer.exe application.

This will display the Center Server Appliance 6.5 Installer. Seeing how this install will be a new installation of vCenter I selected “Install”

Here you find a two step installation process. The first step will deploy a vCenter Server 6,5 appliance and the second step will be configuring this deployed appliance.

Accept the standard End User License Agreement (EULA) to move forward into the installation.

Next you select the type of installation you need for your environment needs. In my case I have chosen the embedded Platform Services Controller deployment.

Next, choose the ESXi host where you would like to have this vCenter appliance deployed and provide the root credentials of the host for authentication.

Then, provide a name for the vCenter appliance VM that is going to be deployed and set the root password for the appliance.

Based upon your environment size, select the sizing of the vCenter appliance. I went with Tiny as it fits the needs of my Lab environment. Note: It will configure the Virtual Appliance with 10GB of ram so be sure you can support this in yours.

Next, select the datastore where the vCenter appliance files need to reside.

Configure the networking of vCenter appliance. Please have a valid IP which can be resolved both forward / reverse prior to this to prevent any failures during installation.

Review and finish the deployment, and the progress for stage 1 begins. Upon completion, Continue to proceed to configure the appliance. This is stage 2.

The stage 2 wizard begins at this point. The first section is to configure Network Time Protocol (NTP) setting for the appliance and enable Shell access for the same.

Next configure an SSO domain name, the SSO password and the Site name for the appliance. Once the configuration wizard is completed you can login to the web client.

The following short video I made gives you an feel for the install process. Enjoy.

 

 

vSphere 6.5 release notes & download links

 

This weekend I had the fun of getting my hands and feet wet with installs of VMware’s ESXi 6.5 and vCenter 6.5. The links below should be useful to any of you looking to learn about the new release and download bits to install.

Release Notes:

Downloads:

Documentation:

VMware vCenter 6 Phantom Snapshots

I’ve been using vCenter 6 for a while now and noticed an odd issue pertaining to snapshots. It seems that all guest show a “revert to current snapshot” state even if a snapshot does not actually exist.

However viewing under the Snapshot Manger… shows no existing snapshots associated with the virtual machine guests.

I’ve noticed this this issue does not exist when using the vSphere Web Client.

These symptoms have been confirmed by VMware official in the following KB: https://kb.vmware.com/kb/2111363

For now there are no resolution steps…

Symptom Recap:

  • There are no snapshots on virtual machine(s).
  • Virtual machines show Revert to current snapshot (right-click on the virtual machine > Snapshot > Revert to current snapshot) enabled in vSphere Client when connected to the vCenter Server 6.0.
  • When viewing the Snapshot Manager (right-click on the virtual machine > Snapshot > Snapshot Manager) for the virtual machine in the vSphere Client, there are no snapshots present.
  • Directly logging into the ESXi host using the vSphere Client shows the Revert to current snapshot grayed out.
  • Creating and deleting a snapshot does not resolve this issue.
  • In the vSphere Web Client Revert to current snapshot appears grayed out.

Work around: 

  1. Ignore the vSphere Client results and use the vSphere Web Client
  2. Use PowerCli to display snapshots.

Example command I like to use:

 

ntopng on Ubuntu 14.04

I just completed my ntopNG appliance setup. Once more I can look into my network traffic to get an idea of what’s going on.

Below you will find the steps to complete the install

Here are the steps

Log into the ubuntu server host and issue the following commands:

  1. sudo into root: sudo -i
  2. wget http://www.nmon.net/apt-stable/14.04/all/apt-ntop-stable.deb
  3. dpkg -i apt-ntop-stable.deb
  4. apt-get update
  5. apt-get -y install pfring nprobe ntopng ntopng-data n2disk nbox
  6. service apache2 restart

The steps provided here are the official ntop.org directions for their stable build packages.

Please note you will need to have a management and monitoring interface for your configuration.

In my configuration, I will be listening on a mirrored port to capture network traffic to be displayed under ntopNG

 

Are you interested in learning more about Ubuntu.  Check out the following book:  Ubuntu Unleashed 2016 Edition