Nov 19 2009 8:08PM GMT
Posted by: Eric Siebert
Eric Siebert,
vShield Zones,
VMware,
use case
VMware introduced vShield Zones as part of the vSphere release along with VMware Data Recovery as a value-added product that is available in certain editions. I’m always interested in virtualization security products so I spent a lot of time checking out the product which resulted in me writing a series of tips about it. That was a while ago, so I thought I would summarize the information in this blog post and provide some use cases for vShield Zones.
Let’s start with what a vShield Zone is.
A vShield Zone is essentially a virtual security guard for your vSwitches that protects virtual machines (VMs) based on rules you define. If you took a physical firewall and did a physical-to-virtual (P2V) conversion, you would end up with a vShield Zone appliance that is a virtual firewall that works inside an ESX(i) host to protect the VMs on it. Continued »
Nov 12 2009 3:22AM GMT
Posted by: Eric Siebert
Eric Siebert,
VMware,
vSphere
A reader was recently reading the VMware white paper What Is New in VMware vSphere 4: Storage and he came across this paragraph:
Improved Storage Resources Control
As the scope of storage resources have increased significantly with large deployments of virtualization environments, so has the need for greater automation and control of these resources. In the vSphere release, vCenter has been enhanced with several new storage specific capabilities to help the virtual administrator manage these environments with a higher degree of control. These enhancements provide administrators with proactive alerts and alarms to address issues before they interrupt the availability of applications running on those resources. vCenter allows setting permissions and quota limits on datastores, as well as per VM.
His question was to explain the meaning of the following line: “vCenter allows setting permissions and quota limits on datastores, as well as per VM.” In particular he wanted to know about setting quota limits on data stores and VMs. While I know a lot about the new permissions in vSphere, particularly for data stores, the part about quota limits confused me also because I have never heard of quota limits in vSphere. I did some research, checked all the vSphere documentation and couldn’t find anything about them. So I contacted VMware to get some clarification and I received the following response from the white paper author:
The quota limit applies to the storage given to a VM. There is not really an equivalent for a data store. One can set alarms to notify/alert one when a certain percent-full or overcommit is hit. But I am not aware of a means to stop allocations or placement of VMs when a certain percent overcommit is hit. That is a common request that I do not believe is there now.
So basically “quota limits” simply means the amount of disk space assigned to a VM. I guess technically it’s a quota but once you assign the space to the VM you can’t control how much of it that it can use. If you create a 20 GB virtual disk for a VM the guest operating system is going to see all 20 GB of it regardless of whether it is a thick disk or thin disk. If you do overcommit your data stores by using thin disks you need to carefully monitor datastore free space using alarms and reporting. Currently in vSphere there is no way to set any type of quotas for snapshots, virtual disks or datastores.
So while alarms and permissions are greatly improved in vSphere there are really no quota limits that you can use. Perhaps in a future release VMware will put some type of quota controls in place. Thanks to John Troyer and Paul Manning from VMware for the clarification on this.
Nov 11 2009 5:23PM GMT
Posted by: Eric Siebert
Eric Siebert,
VMware,
PC-over-IP,
VMware View
VMware recently announced that the release of VMware View 4 is slated for later this month which will include a new display protocol called PC-over-IP (PCoIP), which should greatly enhance the user experience.
What is PCoIP?
PCoIP is a relatively new technology developed by a company called Teradici that VMware has chosen to partner with to use this technology in VMware View. Teradici has developed a breakthrough innovation in display compression and propagation over LAN and WAN networks that uses hardware chips on both the host and remote to offload the compression overhead.
Continued »
Oct 28 2009 6:32PM GMT
Posted by: Eric Siebert
Eric Siebert,
backup,
VMware
Virtual environments can change the way you back up your servers by providing an additional backup method where you back up the single large virtual disk file instead of the individual files inside the VM operating system. There is sometimes confusion, however, when using this method as if individual file restores are possible and how difficult it might be to restore them back to a VM.
There are two methods for backing up a VM, traditional backup methods that install an agent inside the OS and back it up file-by-file and image-level backups that back up the single virtual disk VMDK file. Image-level backups are usually done by backup applications that are designed to specifically back up virtual machines, like Veeam Backup and Replication. These applications use the snapshot feature that is built in to VMware to stop disk writes to the virtual disk so it can be safely backed up. Backup applications read the original virtual disk file which is now read-only as new disk writes get written to a newly created delta virtual disk file. Once the backup application has read all the blocks from the original virtual disk file the snapshot is committed, which takes the data from the delta virtual disk and writes it to the original virtual disk. Once this is complete the delta virtual disk is deleted.
Continued »
Oct 28 2009 6:21PM GMT
Posted by: Eric Siebert
Eric Siebert,
VMware,
vSphere
While navigating in the vSphere client the other day I noticed a new tab. When selecting a Datacenter object, a tab called IP Pools appeared. When clicking on this tab you had the option to view and add IP Pools. Having never seen this before my first thought was, what are IP Pools?
After doing some research I found out they were part of the new vApps feature in vSphere. I’ve heard a little about vApps but never looked at them in depth, so I thought I would take the time to research them and write about them.
We’ll come back to IP Pools in a bit. First we’ll cover what a vApp is and how they work in vSphere. VMware’s definition of a vApp is below: Continued »
Oct 27 2009 12:00AM GMT
Posted by: Hal Rottenberg
Virtualization,
Hal Rottenberg,
PowerCLI,
VMware
Screenshot of PowerWF
In case you haven’t heard, a little company called Devfarm Software has been working on a product called PowerWF (pictured, right). They had a great demo at VMworld 2009, and I was so impressed that I gave them five minutes at the end of my own breakout session to do a demo for my audience.
I’m a big PowerShell and PowerCLI nut, so why do I care about some graphical user interface (GUI) application? Well, there are two answers to that. One, PowerShell is an automation engine, not just the command-line shell. There are plenty of tools out there which use PowerShell behind the scenes to enable the user to automate tasks. Exchange 2007’s admin console and VESI (which I need to spend some time talking about soon) are just two examples. Just because I like to write scripts doesn’t mean I don’t respect the GUI. Continued »
Oct 16 2009 3:31PM GMT
Posted by: Eric Siebert
Eric Siebert,
VMware
I saw in a poll taken for a recent SearchServerVirtualization.com article that input/output, or I/O bottlenecks are the number one challenge for VMware users. This didn’t really surprise me because I/O bottlenecks are sometimes not that obvious and can be difficult to find and troubleshoot. Why is that? Because most users don’t understand how to look for them or how to interpret the data that is presented to them from monitoring utilities that would indicate a bottleneck. Some of the most common causes of I/O bottlenecks are improperly architected/configured hosts and network/storage devices, too many high disk I/O VM’s on a single host or LUN and excessive use of vSMP. Continued »
Oct 12 2009 3:11PM GMT
Posted by: Mak King
Mak King,
VMware,
command line
Lately I’ve been watching David Davis’s Train Signal video on vSphere while exercising at the gym, which has been beneficial on multiple levels. One of the points he makes in the vSphere Management Options video is that the vSphere graphical user interface (GUI) client is used 99% of the time for managing the environment. I couldn’t agree more — I have multiple shortcuts to different versions of the client on my desktop — it truly is a great tool. Yet, we still have that 1% of tasks that the GUI just cannot accommodate, for which we must use command-line tools at the Service Console.
In my experience with desktop support many people become so used to GUIs that they don’t want to consider any command line work, even for basic things like running ipconfig at the MS DOS prompt. Others feel that only purists use command line tools, bringing to mind a Hollywood image of some genius hacker hunched over a keyboard, surrounded by empty pizza boxes, writing code in a bunch of terminal windows in his own compiled operating system. Alas, that is not always the case (sometimes it’s take out Chinese boxes).
Continued »
Oct 5 2009 2:22PM GMT
Posted by: Eric Siebert
Eric Siebert,
P2V,
VMware
A recent VMware KB article reminded me of a best practice I have been preaching for years that involves cleaning up old server hardware on a virtual machine (VM) after doing physical-to-virtual (P2V) conversions. When you perform a P2V conversion you are taking the operating system and encapsulating it inside a virtual machine. When you power it up on a virtual host afterwards the operating system wakes up and finds out it’s in a different home that has different server hardware and consequently proceeds to automatically load the correct drivers for all the new server hardware. Once that process is completed you typically need to reboot so all the new drivers can be loaded properly. If you go in to the device manager you will see all the new hardware devices, but you won’t see the old hardware devices. The reason for this is not because Windows deletes them — it simply hides them so you can’t see them. Continued »
