Category Archives: VMware

Anything and everything about VMware products.

Converting a 2008 R2 Server to Virtual

Get this – that doesn’t work yet!  I had the same error as popped up in this thread and evidently the work arounds are not too pretty.  Word to wise is to create an R2 VM on the virtualization platform you want to be using.

It appears, reading through the release notes for vSphere 4U1 that 7 and R2 are at least officially supported operating systems now.   So get right on that vCenter update, then your vSphere server updates.  You know the drill!  At least these should be the last significant OS releases from Redmond for a couple years 🙂


Frustration with Lab Manager

A large part of my new job has been helping with architect a large VMware Lab Manager 4 implementation.  This has proven to be fairly annoying when deploying Lab Manager in a big way.  It is important to keep in mind that the main design challenge and constraint of nearly all virtualization solutions is the back end disk, configured in VMware as “Datastores.” Some of the main frustrations we are currently facing:

  • Lab Manager blatantly disregards VMwares own best practices when it comes to disk allocation – we are talking about 2TB LUNS as a minimum and facing the issue of using VMFS extents.  Horrible!  You are almost forced to use NFS, which brings more support complications to the table as you can no longer rely on calling VMware as the primary support vendor.   How this can be when VMware sells and and supports it?  You would think VMFS would be the recommended file system for any VMware solution until they provide the ability to create and maintain NFS Datastores from within vCenter.
  • You can’t use thin provisioning in Lab Manager. Arguably, this would be more useful than Linked Clones, which just create more management headaches than they are worth in a bigger deployment.  I am not alone here in thinking this.  We are deploying unique VM’s with ~200-500GB of auxiliary disk.  Having this all thick provisioned upfront is harmful, especially as users have the ability to make clones of these – or even worse, check them into the library where they would take up that space again and be *required* to be on the same Datastore.
  • Even though Lab Manager devs are well aware of how they are bound by datastore limitations and know full well the way that vSphere overcomes many of those challenges, they don’t provide a way to seamlessly use storage vMotion either within Lab Manager or external to it.
  • Lab Manager could provide for automatic load balancing for Datastores and Networks, but it doesn’t.  Instead we have to trust users to do this for themselves.  That’s just silly, the users don’t care about these things and therefore no amount of training will get them to do this on a consistent basis.  I’ve already mentioned that we can’t fix overloaded Datastores without user impact, and Lab Manager doesn’t even help us preempt it.
  • It would be great if we could take actions on flags, for example once a datastore reaches 70% full we disable to the ability to create VM’s on it.  That would help keep us away from the situation where a LUN drops offline because it is packed to the gills.
  • Disable Linked Clones all together.  They make it more complicated than its worth with 100′ s of self provisioning users and tens of Datastores.  It also incredibly inhibits VM mobility.
  • A way to have a centralized template store that admins can put VM’s on but no one else can.

The items above are really inhibiting our ability to make good use of Lab Manager.  It is clear that this piece of software was not built with large scale deployment in mind.  It also features too many design compromises that hamper the overall value of running vSphere as a whole.  This is epitomized in a conversation I just had with my boss.  When talking about Lab Manager, we are constantly talking about the problems it is causing us.  With vSphere, we are talking about how the technology allows us to over come challenges.

We need a solution not a constraint, dammit.


VMware Workstation 7 Released

Workstation 7 went live last night and it looks like it brings plenty of interesting things to the table.

  • Windows 7 Support w/aero, OpenGl1.4 and SM3 hardware acceleration
  • OpenGL2 support for Windows XP
  • ESX Server Support

With a beefy enough workstation, you could setup a complete ESX cluster with shared storage and actual running 32 bit VM’s (it appears that VMware is still not making VT and AMD-V available to guest operating systems, which would prevent you from testing out Hyper-V.  Virtual Box purportedly supplies this functionality, but I have not tried it.)  That is pretty darn cool and a great resource given that a bunch of expensive hardware isn’t required to run through training labs, etc.

Windows 7 support is cool and I am sure it will continue to improve over the next couple minor releases.  It is also good to see that XP is still getting some love in the form of increased 3D support.  I wonder if that includes 64 bit XP guests?  Guess I’ll have to find out 🙂

This also means a new version of ACE, the image management tool, was released which I will be checking out…


Yellow Bricks Blogs

Seems like I keep coming back to this guys as great sources of content.  This is a great blog entry about getting esxi4 running in workstation without sacrificing all of your ram to it:

I need to build another box to be a secondary virtualization box at home, I think.   It would be interesting to see if I can get esx4 up in VMware Server 2.  I’ve got two boxes that have 8GB of ram each in them right now, one of them being my VMware Server box and the other one being my main box.  I really don’t need 8GB there, although I think turning my main box into another server platform and buying some new stuff to replace it is going to be tough to get by Kristin 😉

That link sure looks like a pretty WordPress Permalink though, doesn’t it 😉


More fun with ESX – VMFS at the command line

So, I’ve had an issue creating VMFS partitions from the GUI on the ESX 3.02 servers that I have built.   Given that I didn’t have it create partitions at installation because I wanted a bigger block size (its an 800GB local disk, so I want one VM to be able to use at least a majority of it, and the default 1MB block size means a .vmdk file is limited to 256GB, too small) so I elected  to wait until after the ESX installation. Doing this greeted me with a great “There was an unexpected error updating the partition table.”  Great, thanks for that descriptive error. So, to the command line we go:

  1. fdisk -l (check what the last partition is)
  2. fdisk /dev/sda
  3. n (new)
  4. default (start block)
  5. default (end block)
  6. t (partition type)
  7. 10 (partition 10, just created)
  8. fb (vmfs type)
  9. w (write config)
  10. reboot (Reboot the host before you format the newly created local partition)
  11. vmkfstools -C vmfs3 /vmfs/devices/disks/vmhba0:0:0:10
  12. Go to VI Client, Refresh storage view and rename the newly created volume
  13. W
  14. You can align the VMFS volume as follows, before you do step 9:
  15. X
  16. b
  17. 1
  18. 128 (disk alignment, check your SAN manual for the correct value, 128 is correct in most cases…)

Now I need to figure out how to set blocksize while running that command and I will be set.

#vmkfstools –C vmfs3 –b 2M vmhba1:0:0:2

Found it.


Where is cold clone on vConverter 4 Standalone?

I’ve learned to trust the cold clone version of converter as my defacto conversion tool as you can be sure that it is going to do the job right the first time and not hit issues based on file system depth, etc.

The big question is where is this functionality with the newest version? Hardware support in the bootpe disc (especially network drivers!) is a big deal with newer hardware coming out. Let’s get it together VMware and release a new version. My cold clone CD appears to have last been updated in May 2009 – lame!


Password complexity and MOTD in ESX 3

Continuing the quest to install ESX 3.02, it came about that we need to enable some password security.  There is a couple things to do here, the first being to run the command “esxcfg-auth” – this command will bring up the list of commands available which include setting how long the password is valid, how often the password can be changed and when the warning will appear that the password for a given account is going to expire.

The meat of the password security is setting the password complexity rules setup.  I found that using the –usepamqc=values worked well.  Here is the verbose language:

Enables the use of the pam_passwdqc PAM module for password com-
plexity checking. It can be configured by passing a 6 value tuple
as the value. The tuple is formed from the following information:
– minimum length of a single character class password
– minimum length of a password that has characters from 2
character classes
– minimum number of words in a passphrase
– minimum length of a password that has characters from 3
character classes
– minimum length of a password that has characters from 4
character classes
This does not fully expose the abilities of this powerful PAM
module. See the pam_passwdqc man page for more information on how
to use this PAM module to enforce password rules on the user’s
If you pass a value of -1 for any of the six tuple values,
that is understood as disable this option. An example of a tuple
is “8 -1 -1 -1 8 4”.

That worked well (with some different values of course.)  The last number, not described above is the number of times a character can appear in the password.  In this case, that would mean any single character could appear four times.

To add the a nifty warning message when a user logs on, simply create a file titled “motd” in /etc and add your message.  Easy!


Fear Mongering Over Virtualization

Dailytech Virtualization Article

Seriously?  A dark side to virtualization?  If virtualization technology is phased in by someone that has a clue this cannot be an issue.  Take something like Exchange 2007 – will the performance be worse virtualized?  Yep.  But what kind of horsepower do you really need for 100?  Or 1,000?  A modern server on the VMware HCL that is configured reasonably should be able to take 30 to 40 servers, which means that many SMB’s could get away with a two node cluster.

Virutalization allows for enormous flexibility.  Even if you run the most basic version of VMware ESX, you’ll get fully encapsulated virtual servers that you can back up cheaply with a product like vRanger from Vizioncore for complete, bare metal backups.  You could run two or three servers per host and see incredible DR and utilization benefits very cheaply.

If the issue for SMB’s is that they are going to be dumb and deploy a technology in a way that dreadfully increases risk that’s a not a technology problem.  That’s a stupid person problem.

It really sounds like the analyst wanted to say something to stir it up.  Congrats, man, but you just sound ignorant.


More fun with legacy ESX 3.02

I’ve gotten really spoiled recently (say, for the last two years) on setting NTP on ESX servers.  I found a nifty script that would take an answer file, do all the necessary firewall and startup tweaking and that was that.

Unfortunately, it only worked if I used a certain version of winscp and my Dell 620.  For whatever reason, any other combination broke the script (confirmed by other admins here).   Well, the 620 died a couple months ago, just after my cube migration.   I didn’t bother fixing the script because recent (as in published in 2008 or newer) versions of ESX added NTP configuration to the GUI and that has worked fine.

Now, I am installing 3.02 again and NTP configuration looks like this:

(1) update /etc/ntp.conf


restrict default kod nomodify notrap

server xxxx

driftfile /var/lib/ntp/drift

(2) update /etc/ntp/step-tickers


(3) update /etc/hosts (if using hostname)

(4) using putty or similar to goto the console, login as root and run the following command. This opens the appropriate ports and enables the NTP daemon to talk with the external server.

root@esxhost# esxcfg-firewall –enableService ntpClient

(5) Restart the NTP service.

root@esxhost# service ntpd restart

(7) Now you can set the local hardware clock to the NTP synchronized local system time. Run:

root@esxhost# hwclock –systohc

Sheesh.   Props to the VMware Forums for coughing up that bit of goodness.

I like the GUI better...I like the GUI better...


2950 Series 3 & ESX 3.x

Something to watch out for as older versions of ESX drop off the support list – 3.02 Update 1 is the oldest version of ESX you can install on the latest version of the Dell 2950.  Even the 2950 is likely to go away soon, so be prepared to step up to at least 3.5 if you want hardware support in the near future.

Another awesome preparation note is that in order to install a version of ESX previous to 3.5 on a server that has a SATA CD-ROM (most do these days) you’ll want an external USB CD-ROM drive handy…  and make sure to enable the USB mass storage device driver when it complains about not having any install media.