What’s New in VMware vSphere 6.5 – Technical Whitepaper
What’s New in VMware vSphere 6.5 – Technical…
This paper will discuss the new and enhanced features in vSphere 6.5 across various areas of technology.
Category Archives: ESXi
All about ESXi
Installing ESXi 6.0 on a HP BL460 Gen9
I would like to show you in some simple steps how to install ESXi on a HP BL460 Gen9.
First of all let us have a look at the hardware settings. As you may know with ESXi 6.0 UEFI is supported as for VM and for Hardware. So let us configure the system to boot with UEFI.
While the system is booting up and making some prechecks please press f9 to enter to the system utilities menu.
now that you have opened the settings, select “system configuration”
Then select “BIOS/Platform Configuration RBSU”
You see now the following options that can be made.
For my customers I usually select the following settings:
System Options -> USB Options -> Internal SD Card Slot [enable]
System Options -> Processor Options -> Intel HT [enable]
System Options -> Processor Options -> x2APIC Support [enable]
System Options -> Virtualization Options -> Virtualization Technology [enable]
System Options -> Virtualization Options -> Intel VT-d [enable]
System Options -> Virtualization Options -> SR-IOV [enable]
Boot Options -> Boot mode [UEFI Mode]
Boot Options -> UEFI Optimized Boot [enabled]
Power Management -> Power Profile [Maximum Performance]
Server Asset Options -> Server Information -> Server Name [Hostname]
Date and Time -> Date [set date]
Date and Time -> Time [set time]
Date and Time -> Time Zone [UTC+1]
Date and Time -> Daylight saving time [enabled]
If you need more information for the configuration settings, please write a comment on this post!
Save all settings with F10 and then press Y (or Z for Swiss and other keyboards). Now please reboot the system.
Now we are ready to install the Hypervisor. With HP server you have the possibility to attach an ISO with an advanced ILO license. If you haven’t a license, you can boot by CD or USB stick. In this post we will do it with ILO and an mounted iso file.
btw. you have also the possibility to install an HP customized ISO with hp drivers on it. I always recommend to install the “vanilla” iso and then add the drivers and tools by hand with the update managers.
Please open the ILO integrated remote console and select “virtual drives” in the menu bar.
select now the latest hypervisor ISO that you have:
Now that you have mounted the ISO please restart the system and while the system is booting select F11 for boot menu.
Select no the drive “ILO Virtual USB 2: HPE iLO Virtual USB CD/DVD ROM”:
The system begins now to boot from iso. You should see a screen like this:
when the ISO is loaded, you see the following message. Confirm this message with enter:
First of all you have to accept the EULA with F11:
Now you have to select the storage medium on witch you would like to install the Hypervisor. In our case we will install the hypervisor on an internal SD-Card with 8GB of space. The remote disks are SAN disks that were already zoned to this system.
Select the SD and press enter
In my case I received the following message:
This message appears because we had installed esxi 5.5 already on this system. I recommend to select “install” and not “upgrade”. This is the only way to have a clean installation of your system.
Next you have to select keyboard layout. This is an important step because you will have to set a root password in the following step. I always recommend to use the local keyboard layout or us English.
Please enter here your root password. Keep in mind to enter here a complex password. With this user you can do a lot of dirty things on the system so try to keep the system secure. btw. the password must have at least 7 characters
When passwords do match, you can press enter to continue.
Confirm now this message with F11. This indicates only that the volume will be deleted and repartitioned.
The installation has now begone:
After some minutes you will receive and information that the system has been installed successfully. Please confirm this information with “enter”. Now the system will be restarted.
After the system has booted, the system should look like this. You can now press F2 to configure the system.
Please select the right keyboard if need, enter the root as user and enter your custom password.
The first thing that we have to do is to configure the management network to manage the system with vCenter, PowerCLI or the VIClient.
You have now the following settings to set.
I always recommend to configure as much as possible to have no connection problems while configuring the esx host.
- Network Adapters: Please select the network adapter which you would like to use as management interface.
- Network Adapters: If you have configured VLAN tagging on your switch port, enter here the VLAN number of your VLAN
- IPv4 Configuration: Please do not use DHCP for your ESXi server. Enter static ip address, subnet and if needed also an gateway.
- IPv6 Configuration: If you don’t need IPv6 I would recommend to disable it. If you use it, please configure it.
- DNS Configuration: Enter your DNS servers and the hostname of the esxi server in short name. Do not use the FQDN.
- Custom DNS Suffixes: If you have DNS suffixes, please enter them by using commas to separate them.
Now that we have configured the network, we have to restart the system. After the system has restarted try first to ping the system. If you receive a ICMP response, the system may be ready to be connected. In my case I will now add the ESXi server to the vCenter.
Open the vCenter and rightclick the datacenter. Then select “add host”:
Now enter the hostname of your esxi system and click next:
Please provide root credentials and click next
Confirm the thumbprint by clicking on yes.
If the esxi host already had some VMs running on it, you would here see what VMs will be imported to the vCenter
Add a license to your ESXi host and click next.
For our customer we enabled the normal lockdown mode. I find the strict a little bit to hard 🙂
At the finish now you will see a summary of what objects will be added to the vCenter
Now you are ready customize your esxi host configuration and deploy your first vms.
If you have installed the vanilla version, please do not forget to install the HP VIBs. This can be done with the VUM.
vSphere 6.5 is here!
A new version, again. VMWare officially released today vSphere 6.5.
https://blogs.vmware.com/vsphere/2016/10/introducing-vsphere-6-5.html
Let me list here some of their new features. I will explain in the following posts the new features in detail.
- VCSA has now the Update Manager integrated
- Scalability
- HTML 5 vSphere Client (halleluja!)
- A lot of security features
- VM level encryption
- encrypted VMotion
- secure boot for ESXi and VMs
- …
- vSphere integrated containers
- Cloud integration
- Enhanced Host profiles
- enhancements in HA, DRS and FT
- PowerCli with autocomplete
You will hear from me 🙂
ESXI 5.5 and & BL460C G9 having problem with SDs
I recently have seen the following error on a customer environment:
In the IML I’ve found the following errors:
after searching a while for the problem, I rebooted the esx host and the error was gone. Some days later the error appeared again but this time on another host.
It’s already the 5. or 6. time this error appears irregular on the esx hosts.
So I decided to check the internet if somebody else also has this problem. I quickly have found someone with the same problem:
https://www.virtuallyboring.com/lost-connectivity-to-the-device-backing-the-boot-filesystem/
As I’ve read, there may be a problem with the ILO firmware 2.20. So we will try to update it to the last version and we will see how this goes on.
I’ll update this post as soon as I have news.
Backing up VMs from a standalone ESXi for FREE
People often ask me how they should backup their VMs from an standalone free ESXi server before maintenance of hardware or when they want to upgrade their ESXi to a newer version.
Well, for this I will list here some possibilities to backup your VM once or scheduled and for free:
ONCE:
Export to OVA: The easiest way is to use the vSphere Client and export the VM to OVA. The exported VM can then be saved on your client workstation where the vSphere Client is running. In the vSphere documentation you can read how to do it:
Veeam Backup free Edition: Veeam Backup free Edition is probably the most powerful solution to backup your VMs for free. In adtition of backing up VMs, you can also migrate the VMs between multiple ESXi server, work with tapes and other nice features. Please visit the Veeam site to get more information:
Trilead VM Explorer: from the Internet i’ve found this tool that some people can recommend. I have never installed neither tried it. Have a try and give me some feedback. I would appreciate it.
SCHEDULED:
ghettoVCB: ghettoVCB is a shell script which uses the API from VMWare to backup the VMs. It is not that easy to configure but when you have it configured once, it’s cool to work with it. The BIG advantage on this tool is, that you can schedule the script with an cronjob. So you have periodically backups of your system without having to interact. You will find more information on the VMWare community site:
https://communities.vmware.com/docs/DOC-8760
I will update this post when I’ve found more tools to backup VMs for free…
Network Port Diagram for vSphere 6.0
VMWare finally released a “BIG PICTURE” network port diagram at their knowledge base site:
This is really a MUST HAVE if you are working in environments with security firewalls between the systems. So go and take it.
In older releases we had to work with this shitty table:
Thanks to VMWare and have fun with the diagram.
Install ESXi 6.0 on a DL380 G5 – yes it works
For a VMWare Horizon View POC in our environment we recieved an old HP DL380 G5 with nice specs: 2 phy. Quad-CPUs, 32GB RAM, RAID-Controller with write Cache, and quite everything redundant.
As SSDs are getting more and more beneficial, we bought 4 Kingston 300v SSD with 480GB of space and installed them in the OEM cases of the HP disks. Yes, this works!
For our tests this hardware is more than enough.
First of all I googled around to see if there was already someone who tried to install ESXi 6.0 on an old DL380 G5 as it isn’t a supported hardware. I’ve found this article from a guy that was having problems with the HP custom iso installing it on a G5 server:
http://htluo.blogspot.ch/2015/05/esxi-60-on-hp-dl380-g5.html
So I decided to have a try with the original ISO. After booting the Image I received an error message saying that I’m using unsupported hardware. Thank’s for the information but I know this already 😉 You can accept the information an run-through.
After the installation completed, I connected to the ESXi server with the VIClient. Everything looked well with the exception of the hardware. There was no hardware listed.
This is because the HP drivers are not integrated into the image. So I downloaded the needed VIBs from the HP VIB repository and installed them (the text in the brackets is not part of the command). For those who don’t know what a VIB is, have a look on this article:
|
1 2 3 4 5 6 |
cd /tmp wget http://vibsdepot.hp.com/hpq/latest/esxi-600-bundles/hp-esxi6.0uX-bundle-2.3-16.zip (CIM Providers for Monitoring) wget http://vibsdepot.hp.com/hpq/latest/esxi-600-bundles/hp-nmi-esxi6.0-bundle-2.3.14.zip (NMI No masakble driver Driver - Insight Management Log) wget http://vibsdepot.hp.com/hpq/latest/esxi-600-bundles/hp-ams-esxi6.0-bundle-10.2.0-8.zip (Agentless Management Service (AMS) - limited limited HP CIM Providers - only used for vCenter) wget http://vibsdepot.hp.com/hpq/latest/esxi-600-bundles/hp-HPUtil-esxi6.0-bundle-2.3-10.zip (Utilitys like ILO CMDs, RAID Controller CMDs) |
Before I could install the VIBs I had to put the ESX server in maintenance mode:
|
1 |
vim-cmd /hostsvc/maintenance_mode_enter |
If you receive a message like this, this is because there are VMs running on the system:
|
1 2 |
Enter maintenance mode mode failed 'vim.Task:haTask-ha-host-vim.HostSystem.enterMaintenanceMode-32575' |
So I had to check what VMs are running on the system and stop them. You can do this with the VI Client or with the shell:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
esxcli vm process list vcenter1 <strong>World ID: 36637</strong> Process ID: 0 VMX Cartel ID: 36636 UUID: 56 4d e9 93 4c 25 5b ff-27 a5 96 07 bc 35 52 75 Display Name: vcenter1 Config File: /vmfs/volumes/55e6de01-316d5c5d-d9ae-00237d251942/vcenter1/vcenter1.vmx view1 <strong>World ID: 36956</strong> Process ID: 0 VMX Cartel ID: 36955 UUID: 56 4d 2c 80 b8 a7 43 be-67 57 83 65 83 b3 22 ba Display Name: view1 Config File: /vmfs/volumes/55e6de01-316d5c5d-d9ae-00237d251942/view1/view1.vmx |
Now that we have the world id of the VM (similar to the PID), we can stop the VMs with those commands:
|
1 2 |
esxcli vm process kill --type=soft --world-id=36637 esxcli vm process kill --type=soft --world-id=36956 |
Retry now to run the enter maintenance mode command and check the state with this command:
|
1 |
vim-cmd /hostsvc/hostsummary | grep inMaintenanceMode |
The output should look similar to this:
|
1 |
inMaintenanceMode = <strong>true</strong>, |
As you can see, the ESX server is now in maintenance mode. So i could begin with the installation of the VIBs. For this I used the esxcli “software vib install”. It is important that you write the full path to the VIB file. Otherwise the command ends with an error:
|
1 2 3 4 |
esxcli software vib install -d /tmp/hp-nmi-esxi6.0-bundle-2.3.14.zip esxcli software vib install -d /tmp/hp-HPUtil-esxi6.0-bundle-2.3-10.zip esxcli software vib install -d /tmp/hp-ams-esxi6.0-bundle-10.2.0-8.zip esxcli software vib install -d /tmp/hp-esxi6.0uX-bundle-2.3-16.zip |
The output should look similar to this:
|
1 2 3 4 5 6 |
Installation Result Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective. Reboot Required: true VIBs Installed: Hewlett-Packard_bootbank_hpnmi_600.2.3.14-2159203 VIBs Removed: VIBs Skipped: |
As you can see in the message, the system requires a reboot after the installation. So we can now reboot the system with the reboot command.
After the reboot we can connect us with the VIClient to the esx server and now we should see all the hardware and sensors installed on the system:
So then, I wish you happy virtualizing with your new ESXi server and do not forget to configure the rest such as ntp, ssh, portgroups, vm settings and so on.
P.S. this server is running now about 4 weeks without any problems or PSOD
Check Lockdown Mode Powershell Script
For security reasons one of my customer has Lockdown mode activated on all them ESXi server. Unfortunately, with vSphere 5.5 at least, there is no way to configure the lockdown mode on the host profile. So you have to do it manually on each ESXi server that you add to the vCenter.
Then when an administrator want’s to manage something with SSH or vSphere Client directly to the ESXi host, they have first to disable the Lockdown mode. Often they forget to enable the Lockdown mode again.
For this reason I created this script whitch is scheduled on the vCenter Server with the Windows Task Scheduler. It checks every ESXi host if it has the Lockdown Mode enabled and when not, it enables it.
As an “nice to have”, it sends after every schedule an email with the hosts that were configured. If no ESXi server was configured, it sends an email saying everything is ok.
You just have to edit the 6 first variables with your system informations and it works.
Please be aware that I haven’t implemented any error handling in the script. It’s just an quick and dirty script for my own.
Feel free to use it and share it
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
#custom vars +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ $vCenterServer = 'localhost' $Subject = 'Daily LockDownMode-Test' $Recipient = 'your@emailaddress.com' $BCC = 'yoursecond@emailaddress.com' $EMailDomain = 'emailaddress.com' $SMTPServer = 'smtp.emailaddress.com' #global vars +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [array]$global:AllHosts #functions +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #function to load the VMware Snapin function LoadSnapin { param ( $Snapin) process { If ((Get-PSSnapin $Snapin -ErrorAction SilentlyContinue) -eq $null) { Write-Host Loading Snapin $Snapin Add-PSSnapin $Snapin -WarningAction SilentlyContinue } } } #function to connect to the vCenter Server function ConnectVI { param ( $vCenterServer) Write-Host 'Connecting to vCenter' $vCenterServer Connect-VIServer $vCenterServer -WarningAction SilentlyContinue } #function to disconnect to the vCenter Server function DisconnectVI { param ( $vCenterServer) Write-Host 'Disconnecting from vCenter' $vCenterServer Disconnect-VIServer $vCenterServer -Confirm:$false -WarningAction SilentlyContinue } #function to get all ESXi Server in the environment function Get-LockDownModeState { Write-Host 'Getting all ESX-Hosts from your environment' $global:AllHosts = Get-VMHost | Get-View #Troubleshooting Output #$AllHosts | Select Name, @{N='LockDownActivated';E={$_.Config.AdminDisabled}} } function Set-LockDownModeState { Write-Host 'Getting all ESX-Hosts witch has no LockDown enabled' $AllhostsToSet = $AllHosts | ?{$_.Config.AdminDisabled -like "false"} #Troubleshooting Output #$Allhoststoset | select Name if (!$Allhoststoset) { #Troubleshooting Output #$AllHostsEnabled = $AllHosts | Select Name, @{N='LockDownActivated';E={$_.Config.AdminDisabled}} | fl Write-Host 'All hosts have the Lockdown Mode activated' Send-MailMessage -Body "All Hosts have the Lockdown Mode activated" -from $env:computername"@$EMailDomain" -SmtpServer $SMTPServer -Subject $Subject -To $Recipient -Bcc $BCC -Priority Low #exit 0 } else { Write-Host 'Each ESX-Server will be configured now' foreach ($ESX in $AllHostsToSet) { #Troubleshooting Output #Write-Host $ESX ($ESX).EnterLockdownMode() [array]$Bodyoutput += $ESX.Name } $Bodyoutput Send-MailMessage -Body "Those Server have been configured: $Bodyoutput" -from $env:computername"@$EMailDomain" -SmtpServer $SMTPServer -Subject $Subject -To $Recipient -Bcc $BCC -Priority High } } # Main ++++++++++++++++++++++++++++++++++++++++++++++ LoadSnapin 'VMware.VimAutomation.Core' ConnectVI $vCenterServer Get-LockDownModeState Set-LockDownModeState DisconnectVI $vCenterServer exit 0 |
Why is the network loadbalancing policy so important?
Last week I returned from my vacation and had allready a lot of tasks waiting for me.
One of them was to add some new ESXi-server to a persistent cluster.
No problem, I thought. This will be a quick task after my vacation.
After looking on the persistent esxi hosts, i’ve seen that they use LACP/etherchannel as network configuration, a lot of VLAN tags and so on.
With this information I went to our network provider and gave him the needed information.
After a hour I recieved an email with the confirmation that the network was ready.
So I installed the ESXi server, added two vmnics and changed the load balancing policy to “routed based on IP hash” what mean’s that with this configuration you can use LACP. (see KB2006129)
Now I began to test the network by removing one vmnic and trying to ping the VMs on the ESXi server.
Every time I removed one vmnic, I loosed the connection to the VMs on the ESXi server. So i tried all possible configurations on the ESXi server but I never had a successful fail over on the network.
After trying everything on my site I was quite sure that the network guys did not configure the switchs as I’ve told them.
So I went there and we looked at the configuration. They did forgot to activate LACP/etherchannel on the ports. They had no port-channel configured. This was also the reason why I loosed each time the connection to the VMs when I removed one vmnic.
After they changed the configuration I tested it again and I neither loosed one ping when the network had to make a switch over. This is how it is proposed to run!
While I was troubleshooting my problem I’ve found some interesting posts from other guys and from VMWare which I would like to share with you. They helped me to find out my problem.
and here my favorite one (only in German available):
http://www.admin-magazin.de/Das-Heft/2010/05/Redundante-Netzanbindung-mit-VMware-ESX
Hope this can help someone 🙂
Lockdown Mode is not my friend
Last week I was troubleshooting some backup problems with a VM. For this reason, I wanted to access the ESXi directly with the VI client. After typing the root credentials, I received the following error message:
the vSphere client could not connect to … You do not have permission to login to the server: …
I thought that maybe someone played around with the permissions on the command line. So I enabled SSH for the ESXi server:
After this, I tried to login with SSH and received the following error message:
Access denied
After retrying with a lot of different users and passwords, I remembered that there is some kind of restriction mode to access the single esxi servers. Oh yes, the LOCKDOWN MODE -.-
After checking the options in the vCenter Server I saw it: The lockdown mode was enabled!
I then disabled it by login in to the vCenter Server and disabled it in the esxi configuration security profile by unchecking the box:
Right after disabling it, I could connect to the ESXi server with SSH and the VI Client:
So please remember to check the lockdown mode if you don’t want to lose too much time troubleshooting login problems 🙂