::: Virtual Aleph ::: Virtualization Techniques: October 2010 Privacy Policy

25 October, 2010

Donate to UNICEF with RTFM VMworld 2010 SwagBag Xmas Raffle

On Mike's RTFM blog there is a money raising Xmas raffle. All the money raised will be donated to UNICEF.
Please follow the link RTFM Xmas Raffle  and buy some tickets! Donation must be done with PayPal and each ticket costs $1.99.

Follow the above link to see the contents of the SwagBag :)


VMTurbo Phase two: the Admin Tab

Hello all,
after installation and basic configuration of the Virtual Appliance IP, pointing via http to the correct IP address with a Adobe Flash enabled browser you will be presented the authentication page.

Insert the
default credentials

The main page will load and you'll see the various tabs that you can use:

Let's start with the Admin Tab:

Clicking on the Admin Tab you'll be conducted on the following page:

This is the left pane of the browser windows and let you choose a set of functions

Start with inserting the demo license that VMTurbo grant you clicking "License Configuration". this temporary license will let you access the "Observe" Tab of the virtual appliance.
Just under "License configuration" we can access "Target Configuration" function.

From here we can add the vCenter FQDN or IP address and the related credentials

In the "User Authentication Configuration" it's possible to create and manage the user access and roles to the VMTurbo VA.

As you can see the Appliance is Active Directory aware and can be configured leveraging existing or ad-hoc created Active Directory users and groups.

The last section of interest is the "Retention Configuration"

In this section you can configure how many statistical samples to retain per hour/month and how many logs to retain and the logrotate policy. Useful information is given at the end of the page on the estimated storage size for the undelying database.

Next post will be on the "Observe Tab"

24 October, 2010

VMTurbo. Phase one: Installation and configuration

Hello all,
during VMWorld 2010 I attend a session about useful tools for administering VmWare virtualized environment.  Among other tools, the speakers were talking of VMTurbo.

From the VMTurbo Appliance user guide:
VMTurbo provides system administrators with the only integrated suite of analytical tools that automatically resolve problems and optimize virtual infrastructure performance. VMTurbo uses supply-chain economics to dynamically and proactively maintain load balance across your environment. This enables you to perform proactive, ROI-centric virtualization management.

I've downloaded it and installed the OVF file from VMTurbo Site. The installation and configuration are straightforward. After downloading you have to import the ovf file with the virtual appliance wizard

Deploy OVF Template

select the latest downloaded release and continue

Next buttons will bring you to the "Ready to complete" window that will recap your configuration

Click finish and wait for the appliance to get deployed on one of your hosts.
When the appliance has been deployed, defaul settings are 2 vCPUs and 4Gigs of RAM SuSE based, power it on and wait for the login prompt to set the static IP address for your VM.
Enter the ipsetup/ipsetup credentials and wait for following screen

Set the IP settings for your network and save the configuration. The screen will suggest you to start using the virtual applince connecting via HTTP to the IP address you've configured.

Next post will be about the configuration tha you can do within the web based interface.
Enjoy your installation

14 October, 2010

BC8274 VMware Fault Tolerance best practice and usage scenario

speaker for this session Mr. Tom Stephens, Sr. TMA VMWare Inc.

recap for this session.

Vmware provides protection at component level, server level, storage level, backup level, site level. FT adds another level of availability to the Virtual Datacenter.

with HA, VMs get restarted. With FT there is zero downtime
it uses some kind of vMotion to create a secondary copy of the FT protected VM
the secondary machine is always up and running but never communicating with the outside world.

FT uses vLockStep Technology: the two VMs are exactly the same and access the same vmdk disk. Only the primary write to disk

FT requrements
   AMD Barcelona Intel Penryn or beyond
   storage: fc, iscsi, nas
   nics: 2 ft logging network 1 gb or better
   esx: same ft version on each hosts (release number and patch number)
   features: vmware HA must be enabled

   VMs must be: 1 vCPU, non thin provisioned, vmware tools recomended, no USB, no floppy, no CDROM, no RDM. No need of special guest drivers or patches

download sitesurvey tool from vmware site and run against hosts to kmow if you can enable FT on your hosts.

best practices
   while doing storage vMotion disable FT duringnthe task.
   do not put too many FT protected VM primary on the same host
   mix protected and ghist machine
   consider 10 GB link for logging NIC if possible

if latency is less than 1 millisecs this improves guest networking performances

scenario example
   FT on demand, during specific lapse of time, end of the quarter,... etc

where to use FT
   Databases medium size DB
   Exchange with < 1000 users
   remote branch office many workload that cannot be clustered
   custom application not application aware 

   in SAP, Ascs (messages and transaction locking service) is a spof and should be, for example, configured for FT.

   BES is a good candidate (1vcpu with 200 users receiving 200 emails a day)

   when you enable ft there is a spike on the net while creating the ghost machine.
   impact on CPU is <10%
   introduces some IO latency NOT users experienciable
   traffic on the network depends on the workload of the primary VM: a gigabit is       sufficient for most workloads

on Oracle 11g performance is quite the same
on Exchange FT has small impact on Exchange Virtual Machine performances circa 1.5% worst than without FT)

Nahalem do a great job in conjunction with FT.


Top ten tools for vSphere administrators

David Davies and Kendrick Coleman (both VCPs and active in VMware communities) told us what are the top 10 tools for vSphere administrators

1 vmware guest console labs.vmware.com
alsomlook for 

2 veeam fastscp and veeam monitor
see also
   veeam business view
   veeam reoporter fre edition

3 trilead vm explorer www.trilead.com (poor man's backup)

4 xtravirt vSphere client RDP Plugin and vAlarm

5 powercli, powerGui, vim powerpack and Alan Renouf vmware community powerpack

6 vkernel capacity view

7 vSphere mini monitor http://nikapedia.org

8 RVTools www.robware.com

9 vFoglight quickview 3 days of hystorical data. voptimizer wastefinder

10 xangati www.xangati.com
look for others on 
   vmware communities beta



13 October, 2010

Hypervisor based antivirus and Endpoint security

Session speakers Dean Coza and Marios Leventopoulus

recap of the session

vShield products
   App and Zones
   Endpoint offload antivirus protection

Let's concentarte on Endpoint.
endpoint provides interfaces from vendors and move agent antivirus insiden an appliance one per host

Nowadays issues: AV storm. 
Antiviruses are heavy resources consumers and theynare not aware of being virtualized. scheduled scan create heavy IO on storage
Memory footprint of the agents are high and in a VDI environmemt can reach 6 GB of utilization. Moving antivirus agent outside the vms is more agile and remediate the painpoints above leveraging the Hyperfisors to offload AV function.

VMSafe: is related to VShield endpoint? 
VmSafe blocks threaths before entering the virtual machines while endpoint put remediations, scans actual disks file level and it' real file level scan.

With vShield endpoint we are deploing AV security as a service.

Key benefit
   less OPEX (new machine automatically protected, always on, always update)
   Protection tamper-resistant

API main features
   on access scan
   on demand scan
   chaching and filtering

There is a componenets inside Endpoint that monitors each events generated by their subcomponents and that display info, warnings and alarms into the vCenter Server giving reccomenndations too.
We can also trigger actions on events:
   email notifications
   execute a command

There is also a summary dashboard of thenstatus of Endpoint

the future:
    offload other security agents
    additional better than physical efficiencies
    stronger protection throught CPU and Memory introspection


BC7773 - SRM: Misconceptions and Misconfigurations

session speaker Mike Laverick (Mike Laverick Limited)

A brief recap of the session

keep in mind that snapshots on SRM are not suported (neither experimentally)

storage vMotion from a protected to a non replicated storage create an invalid entry and remove protection

svMotion from a protected group to another protected group creates an "already protected in X protection group" warning

vApps and Fault Tolerance
you can protect vApp but a VApp obj is not created in recovery site
if FT enabled you loose FT relationship on recovery site

in case you need to recreate use powerCLI

SRM and Firewalls
read release notes of 4.0.2 to get rid of firewall issues (firewall may close connection ungracefully). unfortunatly 4.1 gets the issue.

dvSwitches error
read kb1021491
resolved with in SRM 4.0.2 with vCenter 4.0.2 and later
VMs appears to loose inventory mapping

SCRIPTING in then recovery plan
useful for reducing memory entitlement to recovered VMs

Some ideas from Mike
better integration with vSphere
some house cleaning with Vi3.5 features - Storage vMotion
fater turnaround in releasing SRA
P2V for DR see KB1020796
VM Groups
export import copy recovery plan
datacenter move
SRM failover within the same building
Moving VMs to The Cloud
Per VM protection - not only license
tripple hop DR site - a--> b--> c

Further info on this subject can be found reading Mike's book on Administering and Configuring SRM 4.0: read more here .


BC6703 - How to be successfull with SRM implementation

Session by Michael White, VMWare specialist in BC/DR.

in a DR situations there are some challenges:
re-iping Virtual Machines
storage guys not understanding or not present at the time of DR

SRM helps out in facing these challenges.

SRM simplify and authomatize DR workflow (no manual runbook), give centralized management console to do all the processes and let you test whenever you want without disrupting the production environment.

Replocation of storage is a MUST have to get SRM to work and a supported SRA (storage replication adapter, third party storage provided) must exists, to connect SRM to the storage.

Recovery plan:

SRM used for:
   Datacenter Migration
   Disaster avoidance: planned hw manteinance on Network in primary datacenter         or huricane arriving and you want to be a step ahead
   Moving application to QA nightly

application knowledge
   you need to know about your apps and to protect them
   difficult in sorting  out what to protect first (most important)
   what applications need to run to support the most important (AD, DBs, WEB servers, DNS, DHCP,...): what component should be online first in order for core application X to work?
   business impact assessment must be carried out

multitier applications are harder to protect so they need deep planning: commom dependencies is DNS/WEB/App/DB/AD

start protecting one application to understand all the undelying environmen: an application is the sum of his parts

BIA is critical for SRM project success.

Naminig conventions are VERY important in order to never get confused during a real disaster. Plan a vCenter Folder design that helps in finding protected and non protected machine at a glance.

Storage Organization
LUN is the granularity: everithing on a single LUN will be failed over together, so, one LUN equals to one Protection Group. Organize the storage so to know what VMs are on each LUN.

Storage Replication Adapter
    Alwayse read the realese notes and whitepaper from the storage vendors
    Mirrorview requires SnapView for testing and can only do one simultaneous running of recovery plan
    RecoveryPoint supports only 40 GBytes of changes during failover test
    some SRA needs Gatekeeper LUN's or or extra software
    support multiple running RP's?   
    Hitachi does automatic reversal after failover, without asking...   

   ESX 4.0U1 perform better than prior versions
   VMWare tools must be installed and uptodate on protected machine
   with NFS, fewer and bigger are better than more and smaller
   Recovery Plans need to be fine tuned
        Multiple simultaneous RP may help in improving RTO
DO COMPREHENSIVE TESTING! Test is done on an isolated VLAN.

some definition
RTO how quick can I be working again?
RPO how much data did I loose?


BC8675 SRM Futures

In the session the two speakers told us about nowadays implementations of SRM and the future enhancements that we will probably take advantage of: automatized fail back and Host based replication.

SRM UI has been improved yet, and both site status and summary can be seen from a single pane

Vmware is working to improve ip customization, in case of different subnets on the recovery site: the future IP customization process will monitor changes in the local IP settings, will be faster and will support IPv6

Host Based Replication will be available maybe next year.
HBR will provide:
   per vm replication
   async RPO from 15 mins to 24 hrs
   will be vsphere based, so no array replication required
   ethrogeneous storage will be supported
   can coexists with array replication
   will be vmotion and HA aware
   will be efficient, only changed blocks are replicated and self tuning to mantain RPO


12 October, 2010

VMWorld Europe 2010 - Day 1 picture slideshow

I think I will complete the posts from today session tomorrow morning.

for now enjoy the Flickr slideshow from today's sessions-


EA6705: Lead Practices for Virtualizing Active Directory using vSphere

@5.00PM ...
speaker Mr. chris Skinner

recap fornthe session

active directory virtualization is not magic.
A lot of customers have done and is doing successfully

the challenges you have to face in virtualizing AD are:
time sync
disaster recovery

Sync forest PDC emulator with external startum 1 time source, childs sync with parents. Clock sync issues must be payed attention because, in misconfigured vm that' s doing nothing, time drift can happen and test demonstrates 1700 seconds drift on 18 hours of execution.

Performance on Domain Controllers are not really a problem 'cause CPU is used about <10%. Nevertheless is good to have plenty of RAM to cache all NTDS Database.
Network hints: dedicatena port group or an vSwitch to Active Directory processes such as replication.

Check replica with the replmon and repladmin tools. After deployment wait 24-36 hours to have a complete replica in very big environment.

Availability and DR: take normal system state back up. It's the only right way to get protected from a failure.
Do not P2V physical DC: add a VM and promote it to DC. then demote the physical one.
respect MS best practices in placing FSMO roles.
Do not snapshot DC and do not suspend them for long time.



BC7803 Planning and Designing an HA Cluster that Maximizes VM uptime

I've lost one of my schedule due to lunch and booths... now I'm going to follow BC7803 session by Duncan Epping and Marc Sevegny, both from VMWare Inc.

the session was really interestingn andI enjoy attending it.
Duncan gives an actual view of what are the dos and donts in configuring HA, also in special topology as metroclusters..

Hope to see very quickly appearing the book on "HA and DRS best practices" that Duncan is working on.

All the session contents can be found on Yellow Bricks at this link .


MA7528 - VMWare vCenter Server: Operational Best Practices in the Datacenter

In this session
Ashawin Kotian and Praveen Kannan (both VMWare product manager for vCenter product) describe operational best practice in the DC for vCenter.
All is in function of levereging resources pooling on-demand
they have done a quick overview on how to get to the Cloud and the three ways are:
    enterprise private cloud
    service provides public cloud
    hybrid cloud bridging then two
the datacenter of the future is an aggregation of resources shared among business units and among users on-demand.
vCenter is and will be the private cloud management platform (foto slide)
New in vCenter 4.x,  64 bits support tobe more scalable and to minimize the limitations that we encounter with the 32 bit version.
We can execute vCenter on more powerful hardware using  all the memory above 4 GBytes
compared with the 32 bits releases we can support 4x hosts pe DC, 5x VMs per DC, 3x Powered on VMs per DC (now 10000 vms per vCenter powered on). Also we have some hosts profile enahancements and vCenter update manager support EMC powerpath
We can import Microsoft Hyper-V with vCenter Converter and ESX ESXi integration in Active directory has been added.
Virtual serial ports concentartors has been added too

the four phases of vCenter management lifecycle are

think about the workload types
do size the infrastructure in a good way
think about geographical location and about the QOS of the whole infrastructure

keep attention on how much statistics you re collecting: default is fine
database sizing calculator online on vmware site

linked mode, based on adam. Keep in mind to establish trust relationship between domains, dns must be perfect, leverage NTP to ensure <5 minutes drift between all the vCenter.

the deployment choice must not be lead by bandwidth consideration but by latency. (64kbps fare well for most operations)

keep in mind that the below operation put large payload on vCenter Server
adding hosts
patching with vCenter Update Manager

if possinble use rdp or ssh to consume less bandwidth while connecting to Virtual Machine instead of using console (unless necessary)

the core process is vpxd
then tomcat
then DB
then ESX hosts side hostd and vpxa
learn how to interpret vpxd.log: timestamp, thread id, log level, task id,

vCenter is, and for sure will be, critical part of the virtual infrastructure.
it depends on rto/rpo and how many time you can afford have no management on your infrastructure: vCenter Heartbeat is a solution for enterprise class environment and for very important infrastucture


VMWorld Europe 2010 - Day 1: Breakout session

Hello all,
I've just followed the breakout session for VMWorld EMEA 2010 Day 1
The main speker was Mr. Steve Harrod that give us the vision of what will be the cloud in the near future.
I will post about it this evening 'cause I'm @ auditorium 12 following "Introduction to business continuity / disaster recovery"

11 October, 2010

VMWorld day 0 - Partner Track Super session


Hello all,
Here's some pictures I've taken with my mobile phone... sorry for the quality.
these are on Flickr and you can see them following the link below.

Flickr slideshow

some of the pictures are from the surroundings of the Bella Center, where VMWorld EMEA 2010 is taking place.

Most of the other are pictures taken during the Partner Track Super Session (SS1055).
The speakers of this session were:
Maurizio Carli who speaks about the importance of the partner in VMWare business model: the example he brought was that VMW grows +41% in the 1H10 Y/Y and about 90% of that grown was reached thanks to the Partners.

Mr. Carli introduces Mr. Paul Maritz, President and CEO of VMware: he states that IT is evolving and "The Cloud" is a way of running IT more efficently and with a better OPEX and the partners must take into count in their deals to help customers in approaching cloud computing.

After the CEO speech, we get Mr. Carl Eschenbach, executive VP, Global Field Operations, who tells us about the investments VMW is doing in its core products (vSphere 4.1, ThinApp, View 4.5 and vShield) and on partners, trying to get ever better in Partner Central and intoducing new certifications and accreditations: this kind of approach is due to the fact that the industry is changing and, as a result, the way of doing business is changing, too.

The session proceed with some basic information on IT as a service (ITaas) brought us by Mr. Andy Hunt, with considerations on Cost Efficiency and Quality of Service (QOS) in order to optimize the "business consumption" of IT services.

There is a lot of way for doing business with cloud computing so:



VMworld 2010: day 0 Partners Day

Hello all,
I've just registered for the event and ready for Partners Day.
Today will start at 10.30 with the Partner Track Supersession.
Then, in the afternoon, will be possible to choose among different technical/sales sessions.
I will come back later with details.

10 October, 2010

boarding in one hour for VMWorld 2010 in Copenhagen

hi all,
I'm at MPX airport ready to boarding to Copenhagen.
This year with scarf and overcoat... Denmark is not so warm as Nice or Cannes, but I like the location choice.
hope to see some of you there and shake hands.

05 October, 2010

VmWorld Europe 2010 approaching: -6 days

Hello all,
in order to arrive at VMWorld prepared to follow the speechs you prefer, take some time to fill out the VMWorld Europe 2010 Scheduler
To do so, login following the link above, and plan.

I've added a cute widget for the weather forecast in the right part of the blog

Enjoy your Agenda planning!


04 October, 2010

VmWorld Europe 2010 approaching: -7 days

This year Copenaghen is hosting VMWorld 2010 Europe
have a look at the official site.

If you're coming to the event check out the weather forecast on Weather Report