CBT Nuggets vSphere 5.5

Hypervisor types:
-type1: called bare-metal
-type 2 on top of operating system


OVF Templates (Open Virtualization Format)
OVF -Folder of files
OVA- All in one

OVF files:.ovf (xml file),.vmdk,.iso,.mf (checksum SHA1 of files)
OVA files:.ova

Import/Export need to be done on a shutdown vmachine, can be included or not the ISO file

------------Standard vSwitch Configuration
VM Port Groups - associated with VLAN, can override security,traffic shapping,NIC teaming
VMkernel Ports - layer 3 interface, direct console user interface (DCUI)
UPlinks (vmnics) - physical nics

NIC teaming:
Source MAC
IP hash - determined based on hash of Source + Destination IP, used in etherchannel (802.3ad)/LCAP
Source VM Ports

Traffic shaping - only for outgoing from vmachine

VM Port Groups
VM Kernel

Promiscuous Mode - Reject by default
MAC Address Change - allow to change mac-address at guest OS, Accept by default
Forged Transmission - Allow send traffic with diff mac address attached to vmachine, Accept by default

beacon probing -  should be used with at least 3 interfaces, beacon intra interfaces
Notify Switches - Use Gratuitous ARP
Fallback - reuse the previous failed link(s) after comes up

------------Adding DNS to vSphere Lab
------------Home Sweet Home
vcenter can be part of a domain but cannot be installed in a Domain controller

vCenter Server 5.5 removes support for Windows Server 2003, adn Windows Server 2008 SP1. See the VMware Compatibility Guide at http://kb.vmware.com/kb/2091273.

If you plan to use the Microsoft SQL Server 2008 R2 Express database that is bundled with vCenter Server, Microsoft Windows Installer version 4.5 (MSI 4.5) is required on your system. You can download MSI 4.5 from the Microsoft Web site. You can also install MSI 4.5 directly from the vCenter Server autorun.exe installer.

The VMware vCenter Server Appliance can be deployed only on hosts that are running ESX version 4.x or ESXi version 4.x or later. 

https://pubs.vmware.com/vsphere-55/index.jsp#com.vmware.vsphere.install.doc/GUID-F2C3B932-21BB-4A87-B49C-D988B5D16C52.html
------------vCenter Installer

Components of vCenter:
Single Sign-on (SSO)
Web Client Service
Inventory Service
vCenter Server

If we choose a custom install, the components should be installed following order above (dependencies)

All components can be installed in different vmachines

Default Details for SSO
domain name:vsphere.local
username:administrator

Database can be install (SQL Server 2008 R2 Express) on same vmachine or using an external source (DSN)

------------Add ESXI to vCenter
Web vSphere Client URL
https://192.168.1.111.:9443/vsphere-client

Download vSphere Client directly from vcenter
https://10.202.201.3/client/VMware-viclient.exe

At vcenter the first connection with a host use root credencials, after it will use vpxuser to manage esxi hosts. DO NOT DELETE vpxuser

Lockdown mode prevents users change esxi hosts direcly, so only vcenter is allowed to

------------vCenter Authentication & Authorization

vCenter Single Sign On (SSO) - use a token to be able to login in other vcenter (without re-login)
Authentication Sources
Roles linked to vCenter objects

Administration->Access Control->Roles

------------ the vCenter Appliance (VCA)

Delivered as an OVA
Setup with HTTPS on port 5480
Includes:SSO,Inv,Web,Server
Web Client URL :9443/vsphere-client
60 day trial

Based on SUSE Linux distribution
Default credencials of VCA:root/vmware

VMware Tools synchronization provides gracefully shutdown machine

VCA Management https://vca_ip:5480

After login first time, it will run a wizard to finish the setup

------------ iSCSI SAN Appliance

IP based Small Computer system Inteface (iSCSI)

iSCSI Server Check openfiler_IP:446

iSCSI initiator (client side)
iSCSI target (server side)

IQN.date.name:string

iSCSI qualified Name (IQN)

Authentication can be mutual using CHAP (By Initiator and Target)
------------ 10 G (the hard way)

------------iSCSI Puzzle Pieces

Network VMkernel ports
Datastore

It's possible to use 2 vmkernel ports associated with different vmnics, for NICS teaming. It's called Multipath
Using L3 in multipath iSCSI will bring failures

------------iSCSI HBA Configuration

iSCSI can have only one uplink (Active Adapter,NIC Teaming), don't support vmnics in standby even with explicit failover. Etherchannel is not supported also

Multipathing Policies
Patch Selection Policy:Fixed (VMware), RoundRobin (VMware)

------------Datastore Adds and Changes
DataStore types:VMFS,NFS
DataStores can be renamed and increased (adding another LUN)

------------NSF based datastores

iSCSI - file based
NFS - File based

NAS device sharing via NFS with no_root_squash (this means host has write access to share)

------------Templates and Clones

For changes:convert from template to VM, update and convert it back

VM can be convert to Template, Clone to VM, Clone to Template

------------Distributed Switches Fundamentals

Available only with vCenter
vDS is managed across all ESXi's
Can be associated only with 1 type of vswitch (Standard/Distributed)
Uplink's can be renamed
DS Port Groups can contain VM ports or VM Kennel Ports
Distributed Switch -> add Distributed Port Group
LACP, Private VLAN, NetFlow, Port mirroring, Health Check
Port Allocation: Elastic (increase port group as needed)

To reset vDS config on esxi, go to Direct Console User Interface (DCUI) and press F2, Network Restore Options, Restore Network Settings

To migrate from standard to vDS, we can use templates

------------Distributed Switches Features
Common across Standard and Distributed:
VLANs
802.1q (trunking)
NIC teaming
Outbound traffic shaping
IPv6

Only in Distributed:
Inbound traffic shaping
Load Based Teaming (LBT)
Private VLANs
LACP
Network I/O Control (NIOC) - enabled by default
Netflow, LLDP
Port mirroring, monitoring, policies, statistics
Configuration Backup/Restore

With vDS .dvsData keeps statistics available even when VM is moved to another host

Different mirror types: DS to DS, to an agent,etc
Health Check - notifies if something is wrong, for example a LAG interface issue, MTU, etc
We can create Network resource Pool

DS port group->advanced->override port policies {Allowed|Disabled}

By default on DS port group Promiscuous mode, MAC address changes, Forged transmits are Reject

Load Balancing:Router based on physical NIC load

Traffic filtering and marking: Tag CoS/DSCP value, based traffic direction (Ingress/Egress) based on {New System Traffic Qualifier|New MAC Qualifier|New IP Qualifier}

------------vMotion Fundamentals

VM State and Storage
Hot, cold or suspended


State:BIOS,Devices,CPU,MAC,RAM
Storage:Content of Disks

Storage vMotion (Cross vSwitch):move VM between DataStores

CDRom and Floppy drive must no be connected while doing vMotion if we don't have these on ESXi destination

Tool from VMWare "CPU Identification utility"

------------vMotion in Motion

Migrate type - Host | datastore | Host/datastore

------------Distributed Resource Scheduler
Create a Cluster to use DRS
Automation Level:Manual|Partially automated|Fully automated
Migration Method:Conservative (values between 1 and 5) Aggressive

You can run DRS instantaneously, by default get info every 5 minutes

------------Affinity

Keep VMs running in different hosts

affinity=together
anti-affinity=apart/separate

VMs to specific ESXi hosts
VMs away from specific ESXi hosts

My-Cluster->Manage->DRS Rules

Type:Keep Virtual Machines Together | Separate Virtual Machines | Virtual Machines to Hosts

DRS detects conflicts between rules, and new rule it's disabled showing a conflict

DRS Groups allows assign VMs to ESXi hosts

While creating a DRS Group:
Must run on hosts in group | Should run on hosts in group | Must Not run on hosts in group | Should Not run on hosts in group


------------Snapshots and VM files

Some extensions:
vmsd Snapshot description file
vmsn Snapshot state file
vmss Suspended state file
vswp VM swap Files(s)
vmem Paging file

After a snapshot, all info is keep in a vmdk delta file

To bring to inventory again a VM after delete it from inventory, just go to vm-name.vmx on datastore and right click and Register

To consolidate all vm delta files:
vm-name->All vCenter Actions->Snapshots->Consolidate

After consolidate you still need to delete all snapshots in Snapshot Manager

------------ VM Memory & CPU Controls
Guarantees, Ceilings (and Priority during Contention)

ESXI Memory Techniques
-Transparent Paging Sharing TPS (4Kb pages)
-Balloon driver (part of vmtools) manage memory not used by VM and give it back to ESXi host
-Memory compression (enabled by default)
-Swapping by the ESXi host (referenced an esxi kernel swap)

Memory guaranteed 0 Mb by default

No Reservation or Limit (ceiling) by default

If ESXI can't guarantee resources (VM/CPU), it will not be possible to power it on

Insufficient resources on ESXi host brings Contention for CPU and Memory, which requires using shares

by default 1 Mb = 10 shares

option Reserve all guest memory (all Locked) - it will allow make a reservation of memory (same of attached to VM)

------------Resource Pools
Pools, no pools, pool within pools
Contending at the same level(s)
Contending within a pool
Option to expand using parent - if it needs more resources ask root pool (cluster). option Reservation type:Expandable
Reservation admission control

VMs are assigned to Pools

Disable DRS will remove all Resource Pools, this will allow to backup resource pools
(web client) To import backup my-cluster->All vCenter Action-> Restore Resource Pool tree

------------vAPPs

VMs as a group "vApp"
vCenter object containing VMs
Reservation, Limits & Shares
Create, Clone, Import / Export OVF or OVA

Options of vApp:Deployment and Authoring
vApp IP allocation - [Static - Manual|Static - IP Pool| Transient - IP Pool]

Guest Shutdown -gracefully shutdown (requires vmtools)

Start Order of VMs Startup Action ->Power On, 120 seconds elapsed by default

VMware vShere Host Client - used for esxi hosts

------------ High Availability (HA)

Used within an HA cluster
Heartbeats to check health
VMs that fail on their own
VMs that fail due to host

its possible check health of VM using vmtools (heart beat between ESX and VM), it's possible check health of Application too (heart beat between esx and app)

If the management fails (heart beat primary method) you can use Storage heart beat (use the storage to work as an heart beat)

Turn ON HA By Default does Host monitoring and Admission Control

-Host monitoring
--VM restart priority, Host isolation response

Admission Control - is a policy use by vSphere HA to ensure failover capacity within a cluster
 
-Define failover capacity by static number of hosts
--Slot size policy (cover all powered-on VMs or Fixed slot size)
-Define failover capacity by reserving a percentage of the cluster resources
--Define failover capacity, use dedicated hosts or do not reserve failover capacity

VM Monitoring

Disabled by default

Requires vmtools

VM Monitoring and Application require 3party API

Host isolation and host failure differs


------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------
------------