Apr 04

vSphere Security Tip: Enable Tech Support Mode Timeout

Administration, Tips and Tricks 3 Comments »

Tech Support Mode is a great feature of ESXi that lets admins and support personnel access the command directly on a ESXi hosts.  This can be done via SSH or thru the host console.  The security risk is that the console does not shut down automatically by default.  There is a simple fix for this however, you can set the auto-timeout so that Tech Support Mode will shutdown automatically after a certain time has passed.  You can find a great article on tech support mode here.

To enable the Tech Support Mode Timeout via the vSphere Client (from the KB Article):

  1. Select the host and click the Configuration tab.
  2. Click Software>Advanced Settings.
    ESXi 5.0: Change the UserVars.ESXiShellTimeOut field to the desired value.
    ESXi 4.1: Change the UserVars.TSMTimeOut field to the desired value.
  3. Click OK.
The time is set in seconds so make sure you have it turn off but also leave enough time to work.
Feb 13

autoExpand for vSphere 5 distributed switch portgroups

Administration, Network, Tips and Tricks 2 Comments »

You have probably read my last post on when to use Ephemeral Port Bindings on distributed switches.  As mentioned in that article, Static port bindings should be the standard going forward.  When you create a port group with a Static port group binding, you set how may ports are dedicated to that port group.  The default is 128 ports and can be changed if need be.

There are some important numbers to remember from the vSphere 5 Maximums doc:

  • Distributed virtual network ports per vCenter: 30,000
  • Static port groups per vCenter: 5,000
  • Ephemeral port groups per vCenter:  256
  • Distributed switches per vCenter: 32
One of the concerns is that what if I run out of static ports and one of the other admins needs to put a new VM into that port group?  What if he does not have permission to expand the number of ports in the port group?
vSphere 5 includes a new feature for distributed switches called autoExpand.  This is a little known advanced option that will add ports to a port group before you run out of ports.

In vSphere 5.0 a new advanced option called autoExpand has been introduced. This property of Portgroup allows a Portgroup to expand automatically by a small predefined margin everytime Portgroup is about to run out of Ports.  The only documentation I could find about this procedure was in the KB article on port bindings.  This is the process from the referenced KB article at the time of this writing:

In vSphere 5.0 a new advanced option called autoExpand has been introduced. This property of a Portgroup allows a Portgroup to expand automatically by a small predefined margin everytime Portgroup is about to run out of Ports.

This is disabled by default and can be enabled using vSphere 5.0 sdk via managed object browser.

  1. In a browser, enter the address http://vc-ip-address/mob/.
  2. When prompted, enter your vCenter Server username and password.
  3. Click the content link.
  4. In the left pane, search for the row with the word rootFolder.
  5. Open the link in the right pane of the row. The link should be similar to group-d1 (Datacenters).
  6. In the left pane, search for the row with the word childEntity. In the right pane, you see a list of datacenter links.
  7. Click the datacenter link in which the vDS is defined.
  8. In the left pane, search for the row with the word networkFolder and open the link in the right pane. The link should be similar to group-n123 (network).
  9. In the left pane, search for the row with the word childEntity. You see a list of vDS and distributed port group links in the right pane.
  10. Click the vDS for which you want to change this property.
  11. In the left pane, search for the row with the word config and click the link in the right pane.
  12. In the left pane, search for the row with the word autoExpand. It is usually the first row.
  13. Note the corresponding value displayed in the right pane. The value should be false by default.
  14. Go back to the vDS page.
  15. Click the link that reads ReconfigureDvs_Task. A new window appears.In the Spec text field, enter <spec><autoExpand>true</autoExpand></spec>
  16. Click the Invoke Method link.
  17. Close the window.
  18. Repeat Steps 9 through 13 to verify the new value for autoExpand.

This looks like a great option to use to help you “auto-manage” you port group size if need be.

UPDATE: The procedure above is invalid.  Please refer to http://blogs.vmware.com/vsphere/2012/02/automating-auto-expand-configuration-for-a-dvportgroup-in-vsphere-5.html for a script that can implement the change.  VMware is in the process of updating the article and I will update this article as information becomes available.

Jan 24

Release: vCenter Infrastructure Navigator 1.0

Administration, Disaster Recovery, Software Releases, Tips and Tricks, VMware News 1 Comment »

Infrastructor Navigator has been released and can be found here.  Rather than go thru the details, I’ll repost the features from the release notes:

VMware vCenter™ Infrastructure Navigator is an application awareness plug-in to vCenter Server, and provides continuous dependency mapping of applications. Infrastructure Navigator offers application context to the virtual infrastructure administrators to monitor and manage the virtual infrastructure inventory objects and actions. Administrators can use Infrastructure Navigator to understand the impact of the change on the virtual environment in their application infrastructure. Infrastructure Navigator helps virtual infrastructure administrators perform the following tasks:

  • Make accurate first-level triage to help either eliminate the problem or associate the problem with the virtual infrastructure when business service users report problems.
  • Assess change impact, manage, and communicate virtual infrastructure issues for critical applications.
  • Understand the application and business impact of changes to the virtual infrastructure on applications.

The Open Source Licenses (OSL) file for the virtual appliance is available at /root/open_source_licenses.txt. You can retrieve the file by running the scp root@<appliance IP>:open_source_licenses.txt command.

Infrastructure Navigator is supported on vCenter Server 5.0 with the vSphere Web Client. The supported ESX versions include ESX/ESXi 3.5 (build 425420), ESX/ESXi 4.0 (build 398348), ESX/ESXi 4.1 (build 433742), and all builds of ESXi 5.x.

Features

This section describes the key features for the Infrastructure Navigator 1.0.0 release.

Simplifies and automates the deployment and the discovery process and keeps manages Application Component Knowledge Base (KB) current

  • Eliminates physical switch spanning or credential based discovery.
  • Discovers and maps the application components and dependencies using KBs and presents this knowledge through maps or search for relevant use cases.

Provide Infrastructure Navigator data for vCenter Server and related solutions

  • Ensures that the application and dependency data is available to the rest of the vCenter Server entities and its various solutions through the vCenter extensibility APIs.
  • Supports SRM integration to set up more focused and accurate site recovery and backup plans.

 

Jan 24

Release: vCenter Operations Manager 5.0

Administration, Software Releases, VMware News Comments Off

The enterprise and standard editions of Operations Manager have been updated to v5 and can be downloaded here.  There’s not really a What’s new in the release notes, but rather a high-level summary of the features as so:

VMware vCenter Operations Manager is an automated operations management solution that provides integrated performance, capacity, and configuration management for highly virtualized and cloud infrastructure. Deep VMware vSphere integration provides the most comprehensive management of VMware environments. VMware vCenter Operations Manager is purpose-built for VMware administrators to more effectively manage the performance of their VMware environments as they move to the private cloud.

Key Benefits

  • Actionable intelligence to automate manual operations processes
  • Visibility across infrastructure and applications for rapid problem resolution
  • Proactively ensures optimal resource utilization and virtual and cloud infrastructure performance

 

 

Oct 17

Release: VMware vSphere Client for iPad 1.2.0

Administration, Software Releases, Tips and Tricks, VMware News Comments Off

Fresh out of the app store comes the VMware vSphere Client for iPad v1.2.0.  You rush right over to the download section in iTues here.  If you already have it downloaded, visit the app store on your device and download the update.  Here’s What’s New from the App Store:

New in v1.2 (see notes below):

  • Migrate virtual machines without downtime using vMotion.  This feature is available via Host & VM action menus.  Virtual machines can also be two-finger flicked/dragged from the Host detail view to enter vMotion mode
  • Ability to email vMotion validation error details to others
  • View task progress reporting on VM cards
  • Ability to refresh vCenter host list
  • Support of ESX 3.5
  • Support for vSphere 5.0

Release Notes:

  • This version requires vCMA 1.2, available at: http://labs.vmware.com/flings/vcma
  • Min iOS version: 4.0

 

Previous Entries
WP Theme & Icons by N.Design Studio
Entries RSS Comments RSS Log in