Online VMware Training

A vNetwork Distributed Switch (vDS) functions as a single virtual switch across all associated hosts. This enables you to set network configurations that span across all member hosts, and allows virtual machines to maintain consistent network configuration as they migrate across multiple hosts. In this video I'll show you how to troubleshoot and configure vNetwork Distributed Switch Network Adapters. The vNetwork Distributed Switch networking view of the host configuration page displays the configuration of the host’s associated vNetwork Distributed Switches and allows you to configure the vNetwork Distributed Switch network adapters and uplink ports. For each host associated with a vNetwork Distributed Switch, you must assign physical network adapters, or uplinks, to the vNetwork Distributed Switch. You can assign one uplink on each host per uplink port on the vNetwork Distributed Switch.

Although Expandable Reservations are enabled by default on a resource pool, it doesn’t mean that they should stay enabled in every situation. In this white boarding session I’ll show what the hidden danger of using expandable reservations can lead to. The system considers the resources available in the selected resource pool and its direct parent resource pool. If the parent resource pool also has the Expandable Reservation option selected, it can borrow resources from its parent resource pool. Borrowing resources occurs recursively from the ancestors of the current resource pool as long as the Expandable Reservation option is selected. Leaving this option selected offers more flexibility, but, at the same time provides less protection. A child resource pool owner might reserve more resources than you anticipate.

I’ve received some awesome birthday presents this year and one of coolest presents is a sketch Design Tablet. This sketch board can be connected to my laptop trough USB and came with an real cool sketching tool called Artweaver. In this first episode I’ll explain how VLAN IDs can be used within a standard vSwitch environment. I know I’ll have to pick up some drawing skills but I think it’s a great way to explain complicated topics.

What are datastore heartbeats? The host-X-hb (where X is the host’s MOID) is Located on each heartbeat datastore, this file is used to check for slave liveness through the heartbeat datastore. This file is checked by the master host if the master loses network heartbeats from the slave. For VMFS datastores, the vSphere HA agent locks this file with an exclusive lock and relies on the VMkernel heartbeat to indicate liveness. For NFS datastores, vSphere HA periodically updates the time stamp to this file to indicate liveness. The host-X-poweron (where X is the host’s MOID) is a per-host file that contains the list of all virtual machines that are powered on. This file is used as a communication channel if a management network outage occurs. Isolated slaves use this file to tell the master that it is isolated as well as to tell the master which virtual machines it has powered off. The master host must determine whether the slave host: • Actually crashed • Is not responding because of a network failure • The HA agent is in an unreachable state The absence of both a network and datastore heartbeat indicates full host failure. Datastores are used as a backup communication channel to detect virtual machine and host heartbeats. Datastore heartbeats are used to make the distinction between a failed, an isolated or a partitioned host.

VMware vShield is a suite of security virtual appliances built for VMware vCenter Server and VMware ESX integration. vShield is a critical security component for protecting virtualized datacenters from attacks and misuse helping you achieve your compliance-mandated goals. vShield App is an interior, vNIC-level firewall that allows you to create access control policies regardless of network topology. A vShield App monitors all traffic in and out of an ESX host, including between virtual machines in the same port group. vShield App includes traffic analysis and container-based policy creation. In this video I'll show you that vShield App installs as a hypervisor module and firewall service virtual appliance. vShield App integrates with ESX hosts through VMsafe APIs and works with VMware vSphere platform features such as DRS, vMotion, DPM, and maintenance mode. vShield App provides firewalling between virtual machines by placing a firewall filter on every virtual network adapter. The firewall filter operates transparently and does not require network changes or modification of IP addresses to create security zones. You can write access rules by using vCenter containers, like datacenters, cluster, resource pools and vApps, or network objects, like Port Groups and VLANs, to reduce the number of firewall rules and make the rules easier to track. You should install vShield App instances on all ESX hosts within a cluster so that VMware vMotion operations work and virtual machines remain protected as they migrate between ESX hosts. By default, a vShield App virtual appliance cannot be moved by using vMotion. The Flow Monitoring feature displays allowed and blocked network flows at the application protocol level. You can use this information to audit network traffic and troubleshoot operational.

A few weeks ago I’ve delivered a VMware Site Recovery Manager training course and one of the attendees was Arnim van Lieshout. Besides being a co-author of the VMware vSphere PowerCLI Reference: Automating vSphere Administration guide, Arnim also works as a VMware PSO consultant. While we were trying to set-up SRM Host Based Replication, Arnim showed me a real cool trick to do some fast troubleshooting regarding the VPXD daemon, also known as the vCenter Service. This video guides you through the process of troubleshooting a corrupted vCenter Server database with vpxd.exe -s and helps you to fix VPX daemon start-up problems. The video also helps you eliminate common causes for your problem by verifying the configuration of your database, validating network connectivity, and verifying the configuration of the vCenter Server service with vpxd.exe -b.

With VMware Data Recovery 2.0, VMware has extended the ability to quickly and simply protect and restore virtual machines. Fully integrated with VMware vCenter Server, VMware Data Recovery gives central management of backup and restore operations, and the inherent deduplication of data saves significant disk space and provides flexible options for storage. VMware Data Recovery 2.0 has introduced a number of improvements including performance enhancements, speed, and reliability improvements, as well as capabilities to enhance management with the ability to email reports and schedule maintenance windows

vSphere 5 introduces a new latency-aware Metro vMotion feature that not only provides better performance over long latency networks but also increases the round-trip latency limit for vMotion networks from 5 milliseconds to 10 milliseconds. Previously, vMotion was supported only on networks with round-trip latencies of up to 5 milliseconds. In vSphere 4.1, vMotion is supported only when the latency between the source and destination ESXi/ESX hosts is less than 5 ms RTT (round-trip time). For higher latencies, not all workloads are guaranteed to converge. With Metro vMotion in vSphere 5.0, vMotion can be used to move a running virtual machine when the source and destination ESX hosts have a latency of more than 5ms RTT. The maximum supported round trip time latency between the two hosts is now 10ms. Metro vMotion is only available with vSphere Enterprise Plus license.

Quest has created a piece of software that contains our entire ‘optimizing knowledge’ called the Quest vWorkspace Desktop Optimizer and they have decided to make it available to the desktop virtualization community, completely free of charge! The impact of the Desktop Optimizer can be huge. Quest has performed tests where they compared a vanilla install of Windows 7 Enterprise (no users logged on) to an install that was optimized using the default set of optimizations in the Quest vWorkspace Desktop Optimizer. The results are staggering! This Video will show you how easy your desktop can be optimized. More information and a download link can be found here.

I’ve created a real cool video which shows you how to configure your vSphere 5 network in order to use multiple network adapters for vMotion. The idea for this video came from fellow VCI and virtualization friend Frank Brix Pedersen. More information about vMotion Architecture, Performance, and Best Practices in VMware vSphere 5 can be found here.

VMware Workstation 8 provides a seamless way to access all of the virtual machines you need, regardless of where they are running. Connect to Server enables remote connections to virtual machines running on VMware Workstation, VMware vSphere, and VMware vCenter. Now you can work with local and server hosted virtual machines side by side within the same interface. You are no longer constrained by the power of your PC to run multiple virtual machines at the same time.In this video you will see how easy you can add another instance of Workstation 8 but also the vCenter server to your inventory.

This video will show you an new vSphere 5 feature which enables you to get access to the Direct Console User Interface (DCUI) through SSH instead of the ESXi physical console. Only users that are assigned the Administrator role can log in to the Direct Console User Interface (DCUI). To allow access to the direct console, add the user to the local administrators group. Enabling or disabling lockdown mode affects which types of users are authorized to access host services, but it does not affect the availability of those services. In other words, if the ESXi Shell, SSH, or Direct Console User Interface (DCUI) services are enabled, they will continue to run whether or not the host is in lockdown mode. Configure Lockdown Mode To increase the security of your ESXi hosts, you can put them in lockdown mode. When you enable lockdown mode, no users other than vpxuser have authentication permissions, nor can they perform operations against the host directly. Lockdown mode forces all operations to be performed through vCenter Server. When a host is in lockdown mode, you cannot run vSphere CLI commands from an administration server,vfrom a script, or from vMA against the host. External software or management tools might not be able to retrieve or modify information from the ESXi host. The root user is still authorized to log in to the direct console user interface when lockdown mode is enabled. Enabling or disabling lockdown mode affects which types of users are authorized to access host services, but it does not affect the availability of those services. In other words, if the ESXi Shell, SSH, or Direct Console User Interface (DCUI) services are enabled, they will continue to run whether or not the host is in lockdown mode.

User-defined network resource pools in vSphere 5.0 provide an ability to add new traffic types beyond the standard system traffic types that are used for I/O scheduling. This video shows an example of a user-defined resource pool with shares, limits and IEEE 802.1p tag parameters. When customers are deploying critical applications on virtual infrastructure, they can utilize this advanced feature to reserve I/O resources for the important, business-critical application traffic and provide SLA guarantees. Service providers who are deploying public clouds and serving multiple tenants can now define and provision I/O resources per tenant, based on each tenant’s need. The new resource pools can be defined at the Distributed Switch level by selecting the resource allocation tab and clicking on new network resource pools. After a new network resource pool is defined with shares and limits parameters, that resource pool can be associated with a port group. This association of a network resource pool with a port group enables customers to allocate I/O resources to a group of virtual machines or workloads.

Port mirroring is the capability on a network switch to send a copy of network packets seen on a switch port to a network monitoring device connected to another switch port. Port mirroring is also referred to as Switch Port Analyzer (SPAN) on Cisco switches. In VMware vSphere 5.0, a Distributed Switch provides a similar port mirroring capability to that available on a physical network switch. After a port mirror session is configured with a destination—a virtual machine, a vmknic or an uplink port—the Distributed Switch copies packets to the destination. Port mirroring provides visibility into: • Intrahost virtual machine traffic (virtual machine–to–virtual machine traffic on the same host) • Interhost virtual machine traffic (virtual machine–to–virtual machine traffic on different hosts) The port mirroring capability on a Distributed Switch is a valuable tool that helps network administrators in debugging network issues in a virtual infrastructure. The granular control over monitoring ingress, egress or all traffic of a port helps administrators fine-tune what traffic is sent for analysis. Port mirror configuration can be done at the Distributed Switch level, where a network administrator can create a port mirror session by identifying the traffic source that needs monitoring and the traffic destination where the traffic will be mirrored. The traffic source can be any port with ingress, egress or all traffic selected. The traffic destination can be any virtual machine, vmknic or uplink port. http://www.ntpro.nl

NetFlow is a general networking tool with multiple uses, including network monitoring and profiling, billing, intrusion detection and prevention, networking forensics, and SOX compliance. NetFlow sends aggregated networking flow data to a third‐party collector (an appliance or server). The collector and analyzer report on various information such as the current top flows consuming the most bandwidth in a particular virtual switch, which IP addresses are behaving irregularly, and the number of bytes a particular virtual machine has sent and received in the past 24 hours. NetFlow is a mature technology, developed by Cisco, that is widely supported by third‐party collectors. NetFlow enables visibility into virtual machine traffic in a virtualized datacenter. ManageEngine NetFlow Analyzer is a web-based bandwidth monitoring tool that collects NetFlow data exported from routing devices, and uses it to analyze and report on IP traffic across the network. With instant reports on top applications, protocols, conversations, and hosts, NetFlow Analyzer gives you valuable insight into bandwidth usage in your enterprise without the complexity and expense involved in a traditional WAN analysis setup.