January 19, 2009 7:47 PM
Posted by: Texiwill
Edward L. Haletky
, vExpert Awards
Last week VMware announced its VMware vExpert Awards, which will be given to those people who have contributed to the VMware virtualization community through their efforts either virtually (i.e. online) as VMware Communities members, bloggers, and evangelists, or physically as VMware Users Group members and leaders.
The vExperts may not get many material things, but they will get the recognition they deserve for their contributions from VMware and the community as a whole. If I was to grant the vExpert Awards I would possibly include invites to VMworld conferences at no cost, vouchers for future VCP exams, not-for-resale product licenses, and reduced cost training. What the real vExpert Award will entail is unknown at this time.
The number of awards is limited and an exact number or individuals to be rewarded has yet to be released. It is possible to nominate those you think should get the reward, but multiple nominations will not have much effect according to John Troyer of VMware in a Twitter response. You can also nominate yourself.
vExperts Award titles last one year only — you can claim to be a vExpert ’09, ’10, ’11, etc. I expect that some of the awards may be given sometime at VMworld Europe, but definitely before VMworld 2010 in San Francisco.
Good luck everyone, I look forward to seeing the first class of VMware vExperts!
January 16, 2009 4:56 PM
Posted by: Eric Siebert
, Virtualization Management
I recently had the opportunity to get a sneak peek at the upcoming release of Reflex System’s Virtual Management Center. Reflex Systems is set to launch its new version in a few weeks. Virtual Management Center reflects their recent company and product name change and has added performance monitoring and reporting to their product. Previously, their product was focused on network monitoring and reporting.
Reflex Systems has added real-time and historical performance monitoring for memory, disk, CPU, networking and more, and it presents this data in a much more attractive and usable interface then vCenter Server. In addition, Virtual Management Center has some cool features that let you automatically correlate performance data with events and changes that have taken place in the environment. It overlays the event/change data on top of the performance graphs so you can get a visual indicator of where changes were made and their effect on system performance.
This can be very useful when troubleshooting a problem as you could quickly pinpoint a specific change that may have caused it.
The performance data is displayed in various graphs and you have the ability to overlay different data (i.e. CPU, disk, etc.,) on top of other data charts so you can easily spot trends and correlations among different resources. There are many custom and ad-hoc reports that you can run on this data, and you can export it to a website or a variety of other formats. You can also do a historical comparison of the performance data and compare data between different VMs.
It appears that Reflex Systems is not resting on its laurels after winning Best of Show at VMworld 2008. The new product has many new useful features. I look forward to trying it when it is available.
January 13, 2009 3:27 PM
Posted by: Rick Vanover
, Rick Vanover
, VMware Converter
While performing a physical-to-virtual (P2V) conversion isn’t a new trick, there are always additional enhancements that can be performed to ensure a clean transition to a VMware platform. Recently when performing a P2V conversion, one particular system was not behaving as expected after the conversion was complete. While I have mentioned before that removing drivers from the new guest virtual machine is a good idea, this particular system required some more attention.
I found that some of the device drivers that were loaded in the Windows guest operating system even after all driver software was removed. Further, after the P2V conversion the hardware would not be enumerated in the hardware inventory because it was not present. This particular system had SAN connectivity before, and the drivers related to the fibre channel interface were causing me concern related to disk access, and a lot of errors in the local log. On the VMware virtual machine, the driver installed by VMware Tools provides all of the required disk access and I needed to stop this physical system hardware driver from filling up the error log.
The driver was listed in the Non-Plug and Play Drivers section of the Windows device manager. To view this section, be sure to view the hidden devices in the MMC snap-in for Windows Server 2003 systems. The figure below shows this area of Windows:
Once I identified the driver that was causing the issue, it was quite easy to disable the device. On subsequent boots, the offending process did not fill the Windows logs up with the errors related to the device not being present.
January 13, 2009 3:07 PM
Posted by: Texiwill
Edward L. Haletky
, Virtualization security
, VMware Communities
The VMware Communities roundtable podcast drew in a large crowd on Wednesday the 7th. In general, the show draws hundreds of listeners that download the recorded sessions available via Talkshoe and iTunes. The host of the podcast is VMware’s John Troyer and the show provides an ongoing forum to discuss current VMware technical issues. The show also provides in-depth information on both older and newer VMware products. I am a panelist in the forum, as are several other SearchVMware bloggers. Join us every Wednesday at 3:00 PM EST.
Unfortunately, as it’s a general virtualization roundtable this particular podcast forum cannot get into the intracacies of any one area such as security. While security is brought up from time to time within the roundtable, it is a detailed enough subject to warrant its own round table.
To that end, I would like to announce the first Virtualization security round table podcast to be held on Thursday Jan. 15 at 2:30 PM EST. This will be the first of a series of podcasts that will run every other week.
Roundtable podcasts, Twitter, blogs, and the VMware Communities Forum are some of the best ways to get information and help about virtualization products and resources.
January 9, 2009 7:20 PM
Posted by: Rick Vanover
, Sun Ray
Planning a virtual desktop infrastructure implementation is an incredible task on many accounts. Many administrators that are familiar with server-based virtualization are sharpening their skillsets in regards to planning a VDI implementation.
A virtual desktop infrastructure (VDI) solution is a collection of three main components: the user device, the broker software, and the back-end hypervisor. The Sun Ray series of devices are among the more refined products in the space, check out this SearchServerVirtualization tip for more on their features, pricing, and capabilities. For administrators who prefer to use an ESX hypervisor for their VDI, the Sun Ray server software can fill this void. Sun Ray server software runs on Sun Solaris and connects the devices to a VMware View broker. While this configuration does add another component compared to a native VMware View solution, there are benefits to using the Sun Ray devices. Sun Ray devices are a mature product line that allows any Sun Ray to connect to Sun Ray server software to be provided a connection. This helps with utilizing existing resources as well as interoperating with mixed versions of their current equipment, which includes three separate models. The architecture using Sun Ray connectors to VMware is shown in the figure below:
Test drive Sun Ray devices and software
Setting up a Sun Ray server software installation is not overwhelming. In fact, Sun makes it quite easy by working to simplify the process and break down the steps for administrators considering Sun Ray software. In this Sun blog post, it is broken down to a few steps that any virtualization administrator can tackle.
Each component requires thorough planning
Like many administrators, I prefer to seek a VDI solution that has ESX for the hypervisor. This is simply due to the memory overcommit technology and the new linked clone technology of VMware View. These two pieces make the hypervisor selection quite easy in my opinion. Selecting the device, and any broker accompaniments are important to delivering a robust VDI installation.
January 8, 2009 7:25 PM
Posted by: Eric Siebert
In a recent blog post in response to my Open letter to VMware post that mentioned relaxing the VMware Certified Professional (VCP) certification, someone brought up the fact that a 9 year old was able to pass the Microsoft Certified Professional (MCP) exam and became a MCP. The blogger was arguing that the $3,000 cost of a VCP course, which is required to take the VCP exam, makes the certification more valuable (and deters 9 year olds from earning professional certifications).
I think some people are missing my point on why VMware should drop the requirement to take a class in order to take the VCP test, so let me explain.
My request was for VMware to drop this requirement as it discriminates against qualified people from taking the test unless they take VMware’s revenue-generating course. In my opinion, all that this class does is help those that are new to using VMware Infrastructure 3 get started with the product. The course may be good for that purpose, but taking a class does not necessarily mean a person is qualified to become a VMware Certified Professional.
If said 9 year old had rich parents, took the class and then took the test right after and passed it, would you want them working in your data center?
I don’t agree with those that argue that taking the class is vital to ensuring the integrity of the VCP. In my book, experience tops classroom learning; what you’ve done is more important than what you know.
I would prefer working with someone who has had years of experience working with VMware and was not a VCP rather then someone who has very limited experience and took a one week class and passed a test. Knowledge comes from experience, not vice-versa. Experienced veterans should not need to take a class to become certified. I’m all for having qualified professionals with VCP certifications, but there are other ways to do it rather than requiring that someone taking a class.
For those who are more then qualified to take the test: While $3,000 may not be a lot of money for some, it’s a waste of money if the person taking the class is not really going to gain anything from it. Also, in these times many companies are forced to cut their training budgets. Is it fair that someone who has worked hard and learned by methods other than a VCP class is excluded from becoming a VCP?
VMware: let me modify my request, drop the class requirement and make the test tough enough so only knowledgeable and experienced people can pass it. Doing this should help those that cannot afford to take your class and ensure that the integrity of the certification remains intact.
January 8, 2009 6:47 PM
Posted by: Texiwill
, Desktop virtualization
, Edward L. Haletky
, VMware Player
The gang at Milw0rm have posted one of the few exploits against VMware’s desktop line of products, specifically VMware Player version 2.5.1. This exploits the vmwarebase.dll file when running VMware Player on Windows systems. There is no chance of being able to run generic code through this exploit. In addition, VMware ESX, VMware ESXi, VMware Server and older versions of VMware Player are unaffected.
The issue occurs when you pass long usernames or passwords into VMware-Authd which will cause the application to crash. While it is restarted, a DoS attack could occur which would keep crashing the application and possibly filling up disk space with crash files as well.
VMware has been very responsive to this vulnerability and a fix is already completed. Check out this VMware thread for some more details. This type of response is quite commendable.
Milw0rm is a great resource for exploits of any kind, but since it is used by hackers it is best to access this site from a system you do not mind rebuilding occasionally; a VM works as does using The Onion Ring (TOR) plug-in for Firefox and Internet Explorer. It is best to be overly cautious when browsing sites that hackers create and visit, though they often have the latest exploits and attacks available.
Another good site is prometric.com, which hosts the 100 top hacker sites. As always be cautious when accessing any of these sites.
A hearty “good job” to VMware for their response to this and all other security issues!
January 7, 2009 6:18 PM
Posted by: Eric Siebert
, VMworld 2008
Looks like VMware has finally made all the sessions available to non-attendees via an annual subscription program. I inquired about this at VMworld this year and was told that this year they would be offering a subscription program for all the sessions that non-attendees could purchase. Well it’s been several months and they have finally released it; hopefully next year they offer this at an earlier date.
The subscription includes access to all of the VMworld 2008 sessions and also the upcoming VMworld 2009 Europe sessions when they are released. The cost for this is $699 US dollars which includes access to the flash audio/presentations, MP3 recordings of the sessions, PDF downloads of the sessions and lab materials and also demo videos and scripts from the labs. As an added bonus you also get a VMworld.com t-shirt, VMworld 2008 shoulder bag, notebook/pen, water bottle and a deck of cards.
To purchase a subscription simply go to VMworld’s website and create an account (if you do not already have one) and then click the Purchase button. Once you have access you can begin to enjoy the huge amount of information that the sessions and labs provide. This is a small price to pay for the amount of information you will get out of it and in my opinion is better and cheaper then any training class that you could take. If you do purchase a subscription be sure and check out the VMTN Communities Experts session which includes myself and other well-known experts answering questions from the session attendees.
January 5, 2009 4:17 PM
Posted by: Rick Vanover
, Rick Vanover
In reading fellow SearchVMware.com IT Knowledge Exchange blogger Edward Haletky’s post on restoring the ESX host from a backup, I would like to say that I concur with all of his points and would like to add a few of my own.
I do not back up the ESX host in a way that I would ever want to restore it. Occasionally, there are needs for onetime backups of VMDK files or such that are well suited for an agent backup, but for the most part the hosts are a transient set of resources that I present vCenter.
There are some practice issues that can optimize how this preference can be used, and I’ll share a few of them here. Some of these I currently use in production, some I have used in lab functions only.
Before you locally destroy a server’s state, it may be a good idea to run the vm-support tool or generate diagnostic bundles before the system is gone forever. Of course, this is not always possible, but it is a nice way to have the critical logs available before the installation is replaced.
One of the first points is the server reinstallation time requirement. Simply installing ESX is quite easy and can be done in twenty minutes or so. Some large ESX environments may want to look into an ESX kickstart script. These scripts can provide a scripted out answer file for the ESX install and can be made to work on a PXE boot. This can not only slightly reduce the reinstallation time, but can also ensure configuration consistency.
Now that ESX is configured, you may have a wonderful time reconfiguring all of the virtual switches and port groups. ESX has some native help here with the use of the esxcfg-vswitch series of commands, (check out the link for a blog post I did earlier that can get you started using this command). I’ll also pass along a site I recently came across with some good tools from Richard Garsthagen, a Netherlands-based VMware evangelist who has a cool blog with some good ESX tools that can help in this area, especially with the ITQ VLAN and portgroup manager tool.
The last series of configuration in a re-installation can revolve around storage pieces, such as multipath policies, iSCSI, or host bus adapter (HBA) information and configuration may also be optimized by making scripts with the esxcfg series of commands.
Finally, again echoing Edward’s comments, the best tool to have is good documentation and a confidence in the installation. This will permit the reinstallation to succeed smoothly and in a timely fashion.