The Unofficial Official VCP6-DCV Study Guide: by Josh Coen and Jason Langer
The Unofficial Official VCP6-DCV Study Guide: by Josh Coen and Jason Langer
The Unofficial Official VCP6-DCV Study Guide: by Josh Coen and Jason Langer
Brought to you by
HTTP://WWW.VIRTUALLANGER.COM
HTTP://WWW.VALCOLABS.COM
Table of Contents
Section
1
Configure
and
Administer
vSphere
6.x
Security
........................................................................
3
Objective
1.1
Configure
and
Administer
Role-Based
Access
Control
...................................................
3
Objective
1.2
Secure
ESXi,
vCenter
Server,
and
vSphere
Virtual
Machines
........................................
11
Objective
1.3Enable
SSO
&
Active
Directory
Integration
.....................................................................
18
Section
2:
Configure
and
Administer
Advanced
vSphere
6.x
Networking
.................................................
27
Objective
2.1:
Configure
Advanced
Policies/Features
and
Verify
Network
Virtualization
Implementation
.....................................................................................................................................
27
Objective
2.2:
Configure
Network
I/O
Control
(NIOC)
...........................................................................
37
Objective
2.3:
Configure
vSS
and
vDS
Policies
................................ .......................................................
40
Section
3:
Configure
and
Administer
Advanced
vSphere
6.x
Storage
.......................................................
45
Objective
3.1:
Manage
vSphere
Storage
Virtualization
.........................................................................
45
Objective
3.2:
Configure
Software-defined
Storage
..............................................................................
55
Objective
3.3:
Configure
vSphere
Storage
Multi-pathing
and
Failover
.................................................
61
Objective
3.4:
Perform
Advanced
VMFS
and
NFS
Configurations
and
Upgrades
..................................
65
Objective
3.5:
Setup
and
Configure
Storage
I/O
Control
.......................................................................
71
Section
4
Upgrade
a
vSphere
Deployment
to
6.x
...................................................................................
73
Objective
4.1
Perform
ESXi
Host
and
Virtual
Machine
Upgrades
.......................................................
73
Objective
4.2
Perform
vCenter
Server
Upgrades
................................................................................
81
Section
5:
Administer
and
Manage
vSphere
6.x
Resources
.......................................................................
87
Objective
5.1:
Configure
Advanced/Multilevel
Resource
Pools
............................................................
87
Section
6
Backup
and
Recover
a
vSphere
Deployment
..........................................................................
93
Objective
6.1
Configure
and
Administer
a
vSphere
Backup/Restore/Replication
Solution
...................
93
Section
7
Troubleshooting
a
vSphere
Deployment
..............................................................................
104
Objective
7.1
Troubleshoot
vCenter
Server,
ESXi
Hosts,
and
Virtual
Machines
...............................
104
Objective
7.2
Troubleshoot
vSphere
Storage
and
Network
Issues
...................................................
109
Objective
7.3
Troubleshoot
vSphere
Upgrades
................................................................................
113
Objective
7.4
Troubleshoot
and
Monitor
vSphere
Performance
......................................................
117
Objective
7.5
Troubleshoot
HA
and
DRS
Configurations
and
Fault
Tolerance
.................................
122
Section
8:
Deploy
and
Consolidate
vSphere
Data
Center
........................................................................
128
Objective
8.1:
Deploy
ESXi
Hosts
Using
Autodeploy
............................................................................
128
This
guide
follows
the
blueprint
for
the
VMware
Certified
Professional
6
Datacenter
Virtualization
Exam.
The
official
certification
page
can
be
found
at:
https://mylearn.vmware.com/mgrReg/plan.cfm?plan=64180&ui=www_cer
t
vCenter
Server
Permissions
-
The
permission
model
for
vCenter
Server
systems
relies
on
assigning
permissions
to
objects
in
the
object
hierarchy
of
that
vCenter
Server.
Each
permission
gives
one
user
or
group
a
set
of
privileges,
that
is,
a
role
for
a
selected
object.
For
example,
you
can
select
an
ESXi
host
and
assign
a
role
to
a
group
of
users
to
give
those
users
the
corresponding
privileges
on
that
host.
Global
Permissions
-
Global
permissions
are
applied
to
a
global
root
object
that
spans
solutions.
For
example,
if
both
vCenter
Server
and
vCenter
Orchestrator
are
installed,
you
can
give
permissions
to
all
objects
in
both
object
hierarchies
using
global
permissions.
ESXi
Local
Host
Permissions
-
If
you
are
managing
a
standalone
ESXi
host
that
is
not
managed
by
a
vCenter
Server
system,
you
can
assign
one
of
the
predefined
roles
to
users.
Out
of
the
box
VMware
vCenter
provides
several
default
roles
(that
cannot
be
deleted
nor
modified)
as
well
as
several
sample
roles
(which
can
be
deleted
and
modified):
Administrator
Read-Only
No Access
Tagging Admin
Describe
How
Permissions
are
Applied
and
Inherited
in
vCenter
Server
Permissions
are
assigned
in
VMware
vCenter
by
associating
a
role
(grouping
of
privileges)
to
an
object
the
vCenter
hierarchy,
for
example
a
Datastore
or
a
particular
virtual
machine.
vCenter
leverages
an
identity
source
defined
(typically
Active
Directory)
in
vCenter
Single-Sign
On
to
authenticate
users
or
groups.
Select the object in the vCenter object hierarchy to which you want to apply the permission.
Select
the
specified
role
from
the
drop
down
list
and
select
Add
under
the
Users
and
Groups
section
In
the
example
below
I
have
added
the
Lab\Domain
Admins
group
to
the
defined
administrators
Role
to
my
vCenter
ESXi6
cluster
Object:
VMware
vCenter
permissions
are
hierarchal,
meaning
permissions
will
flow
down
from
a
parent
object
to
a
child
object.
The
Propagation
of
permissions
is
enabled
by
default,
but
can
be
removed
by
clearing
the
Propagate
to
children
check
box:
If
a
user
belongs
to
multiple
groups
that
have
assigned
permissions
on
a
vCenter
object,
his/her
effecitve
permissions
will
be
the
culmination
of
both
permission
sets.
View/Sort/Export
User
and
Group
Lists
Using
the
VMware
vCenter
Web
Client,
you
can
View
the
Users
or
Groups
that
have
been
granted
permissions
to
the
object.
From
the
vCenter
Web
Client,
select
a
give
object,
click
on
Manage
in
the
action
pane,
then
select
the
Permission
tab.
The
example
below
is
displaying
the
permissions
at
the
root
of
my
vCenter,
VC02.lab.local:
Clicking
on
the
column
headers
allows
the
ability
to
Sort
each
column,
and
by
click
in
the
bottom
right
hand
corner
you
have
the
options
of
Exporting
the
list
of
assigned
permissions.
You
can
either
export
all
or
selected
permissions
to
a
.CSV
file
or
copy
them
to
your
clipboard:
Add/Modify/Remove
Permissions
for
Users
and
Groups
on
vCenter
Server
Inventory
Objects
To
remove
or
modify
permissions
on
inventory
object,
follow
these
steps:
Select
the
object
in
the
vCenter
object
hierarchy
to
which
you
want
to
Remove
or
Modify
the
permissions.
Click Manage in the action pane and select the Permissions tab
To
Modify
an
existing
permission,
highlight
the
user
or
group
and
click
the
Pencil
icon.
Make
the
nessacary
changes
To Remove an existing permission, highlight the user or group and click the Red X icon
From the Home screen in the vSphere Web client, select Roles under Administration
Select the role you want to Clone and click the Clone Role Action icon
From the Home screen in the vSphere Web client, select Roles under Administration
Select the role you want to Edit and click the Pencil icon
Determine
the
Correct
Roles/Privileges
Needed
to
Integrate
vCenter
Server
with
Other
VMware
Products
Global
permissions
are
applied
to
a
global
root
object
that
spans
solutions,
for
example,
both
vCenter
Server
and
vCenter
Orchestrator.
Use
global
permissions
to
give
a
user
or
group
privileges
for
all
objects
in
all
object
hierarchies.
Global
permissions
are
applied
to
a
global
root
object
that
spans
solutions,
for
example,
both
vCenter
Server
and
vCenter
Orchestrator.
Use
global
permissions
to
give
a
user
or
group
privileges
for
all
objects
in
all
object
hierarchies.
Taken
from
Page
122
of
vSphere
6.0
Security
Guide
Determine
the
Appropriate
Set
of
Privileges
for
Common
Tasks
in
vCenter
Server
Tables provided by VMware, Page 128 thru 129 of vSphere 6 Security Guide
10
Objective 1.2 Secure ESXi, vCenter Server, and vSphere Virtual Machines
For this objective the following resources where used:
o
VMware Certificate Authority Overview and Using VMCA Root Certificates in a Browser.
Knowledge
Enable/Configure/Disable
Services
in
the
ESXi
Firewall
In the right navigation pane, select Manage and click the Settings tab
11
Enable
Lockdown
Mode
Enabled via vSphere Web Client:
In the right navigation pane, select Manage and click the Settings tab
In
the
right
hand
pane
select
Edit
to
the
right
of
Lockdown
Mode
(you
may
need
to
scroll
down
to
this
option)
Click OK to complete
Normal The host is accessible only through the local console or vCenter Server
Strict
The
host
is
accessible
only
through
vCenter
Server.
The
Direct
Console
UI
service
is
stopped
New
to
lockdown
mode
in
vSphere
6
is
the
implementation
of
Exception
Users.
Users
added
to
the
execption
list
do
not
lose
their
permissions
or
privileges
when
an
ESXi
host
is
placed
into
Lockdown
Mode.
Exception
Users
can
only
be
added/configure
via
the
vSphere
Web
client.
12
From the DCUI (Direct Console User Interface) press F2 and log in
MAC
Address
Changes
With
this
policy
set
to
Accept
(Default),
ESXi
allows
the
changing
of
effective
MAC
address
to
something
other
than
the
initial
MAC
address.
When
set
to
Reject
ESXi
does
not
allow
for
those
changes
to
occur.
This
prevents
host
against
MAC
spoofing.
Forged
Transmissions
With
this
policy
set
to
Accept
(Default),
ESXi
does
not
compare
source
and
effective
MAC
addresses.
When
set
to
Reject
the
ESXi
host
does
compare
the
source
and
effective
MAC
addresses
of
the
client.
If
they
do
not
match
the
ESXi
host
drops
the
packet.
Promiscuous
Mode
With
this
policy
set
to
Reject
(Default)
guest
operating
systems
are
not
allowed
to
receive
all
network
traffic
on
the
wire.
When
set
to
Accept
the
guest
operating
system
can
receive
all
network
packets.
Helpful
when
doing
troubleshooting
with
a
tool
such
as
WireShark.
Note
however,
this
does
introduce
some
security
concerns.
13
Add
an
ESXi
Host
to
a
Directory
Service
In the right navigation pane, select Manage and click the Settings tab
In the right hand pane click Join Domain to the right of Authentication Services
In
the
Domain
Settings
dialog
provide
the
FQDN
of
the
desired
Active
Directory
Domain
and
provide
User
Credentials
with
the
appropriate
permissions
to
join
systems
to
the
domain.
Click
OK
to
complete
14
In
the
left
hand
navigation
pane
select
the
Host
Profile
(note,
if
a
Host
Profile
has
not
been
created,
create
one
now)
In the right hand navigation pane, select Manage and click the Settings tab
Select the Permission Rules folder and click the Green Plus Sign
In the right hand pane using the dropdown menu select the Permission
Click Next
15
the
vSphere
Security
documentation.
Below
is
a
run
down
listed
in
the
Virtual
Machine
Security
Best
Practices
section:
Disable copy and past operations between guest operating system and remote console
Prevent guest operating system process from sending configuration messages to the host
Create/Manage
vCenter
Server
Security
Certificates
Everyones
favorite
topic
when
comes
to
securing
your
VMware
vSphere
environment,
certificates.
Historically
managing
certificates
for
vCenter
and
ESXi
hosts
has
been
somewhat
of
a
challenge.
New
to
vSphere
6
is
the
VMware
Certificate
Authority
(VMCA)
feature.
The
VMCA
command
line
utility
can
be
used
to
replace
the
default
certificates
installed
with
each
ESXi
host
and
vCenter
server
(these
certificates
are
provided
via
the
VMCA
by
default).
Using
the
VMCA
you
can
manage
certificates
in
three
ways:
VMCA
Default
Provide
certificates
to
vCenter
and
ESXi
hosts
with
VMCA
being
listed
as
the
root
certificate
authority.
By
default
the
root
certificate
expires
after
ten
years.
Make
VMCA
an
Intermediate
CA
You
can
replace
the
VMCA
root
certificate
with
a
certificate
signed
by
your
enterprise
certificate
authority
or
a
third
party
certificate
authority.
Do
not
use
the
VMCA
The
use
of
the
VMCA
is
optional,
if
you
want
to
manually
issue
and
manage
all
the
needed
certificates
for
vSphere
components
that
is
still
an
available
option.
This
would
be
similar
to
managing
certificates
in
vSphere
5.5
and
older
versions
of
the
product.
To manage vCenter Server certificates (view or replace) the following utilities are available:
vSphere
Certificate
Manager
Utility
Perform
all
common
certificate
replacement
tasks
from
the
command-line
16
Certificate
Management
CLIs
Perform
all
certificate
management
tasks
with
dir-cli,
certool,
and
vecs-cli
This
is
a
LARGE
topic,
and
the
notes
above
only
scratch
the
surface.
For
further
details
review
Section
3
-
vSphere
Security
Certificates
of
the
vSphere
Security
6.0
documentation.
Also
have
a
look
at
the
following
blog
post
VMware
Certificate
Authority
Overview
and
Using
VMCA
Root
Certificates
in
a
Browser.
17
Knowledge
Configure/Manage
Active
Directory
Authentication
Configuration of the VMware Single Sign-On service can only be completed via the vSphere Web Client, the
settings are not exposed/present in the vSphere thick client.
From within the vSphere Web Client Home screen, click Administration in the left hand navigation menu
Select the Identity Source Type and complete the remaining fields. (Example below is using Active
Directory (Integrated Windows Authentication)
18
Deploying vCenter Server with PSC is supported in one of two deployment methods and with varying topologies:
vCenter Server with an embedded PSC All services bundled with the Platform Services Controller are
deployed on the same virtual machine or physical server.
vCenter Server with an external PSC The services bundled with the PSC and vCenter Server are
deployed on different virtual machines or physical servers. You first must deploy the PSC on one virtual
machine or physical server and then deploy vCenter Server on another virtual machine or physical server.
NOTE - You cannot switch the models after deployment, which means that after you deploy vCenter Server with an
embedded Platform Services Controller, you cannot switch to vCenter Server with an external Platform Services
Controller, and the reverse.
Advantages of installing vCenter Server with an embedded PSC:
The connection between vCenter Server and the Platform Services Controller is not over the network, and
vCenter Server is not prone to outages because of connectivity and name resolution issues between vCenter
Server and the Platform Services Controller.
If you install vCenter Server on Windows virtual machines or physical servers, you will need fewer
Windows licenses.
You do not need a load balancer to distribute the load across Platform Services Controller.
There is a Platform Services Controller for each product which might be more than required. This
consumes more resources.
Less resources consumed by the combined services in the Platform Services Controllers enables a reduced
footprint and reduced maintenance.
The connection between vCenter Server and Platform Services Controller is over the network and is prone
to connectivity and name resolution issues.
19
If you install vCenter Server on Windows virtual machines or physical servers, you need more
Microsoft Windows licenses.
For additional details, FAQs, supported topologies,etc, have a look at the following VMware KB articles and blog
posts:
VMCA - By default, the VMware Certificate Authority is used as the CA for ESXi host certificates.
VMCA is the root CA by default, but it can be set up as the intermediary CA to another CA. In this mode,
users can manage certificates from the vSphere Web Client. Also used if VMCA is a subordinate
certificate.
Custom Certificate Authority - Some customers might prefer to manage their own external certificate
authority. In this mode, customers are responsible for managing the certificates and cannot manage them
from the vSphere Web Client.
Thumbprint Mode - vSphere 5.5 used thumbprint mode, and this mode is still available as a fallback
option for vSphere 6.0. Do not use this mode unless you encounter problems with one of the other two
modes that you cannot resolve. Some vCenter 6.0 and later services might not work correctly in thumbprint
mode.
If you want to the change the Certificate Mode from the default VMCA mode to either Custom or Thumbprint
complete the following:
From within the vSphere Web Client Home screen, click Hosts and Clusters in the right hand pane
In the left hand pane select the vCenter Server at the root of the tree
In the right hand pane select the Manage tab and select Settings
In the Filter box type in certmgmt to display only certificate management keys
Scroll down till you see the setting vpxd.certmgmt.mode, here you can change the value to custom or
thumbprint (you will see the default setting of vmca)
20
Log into the vSphere Web Client with administrative privileges (either [email protected] or a
user account with SSO administrative rights)
From the Home screen in the vSphere Web Client, select Administration in the left hand navigation
(Optional) Provide First name, Last name, email address, and Description
Click OK to complete
21
With the user account created we will need to add him/her to a SSO Group:
Log into the vSphere Web Client with administrative privileges (either [email protected] or a
user account with SSO administrative rights)
From the Home screen in the vSphere Web Client, select Administration in the left hand navigation
Select a Group from the list and click the Add Member icon
In the Add Principals dialog will be displayed, from the Domain drop down menu select vSphere.local
In the Users and Groups list search for the newly created account
22
Log into the vSphere Web Client with administrative privileges (either [email protected] or a
user account with SSO administrative rights)
From the Home screen in the vSphere Web Client, select Administration in the left hand navigation
Click the Disable User icon (red circle with a slash) to disable the account
23
24
Open LDAP
Local OS
For completeness, below are the steps to access the Add Identity Sources dialog:
From within the vSphere Web Client Home screen, click Administration in the left hand navigation
menu
25
Select the Identity Source Type and complete the remaining fields.
26
4096
1016
10,000
1016
60,000
128
16
64
1000
64
64
27
28
Click
the
Assign
port
group
button
>
select
the
dvPort
group
you
want
to
assign
the
VMkernel
adapter
to
>
click
OK
o Click
Next
>
ensure
there
is
no
impact
based
on
the
impact
analysis
o Click
Next
>
review
everything
and
click
Finish
Remove
ESXi
host
from
a
vSphere
Distributed
Switch
All
virtual
machines
and
VMkernel
ports
associated
with
the
host
you
are
removing
must
be
removed
off
the
vDS
o Log
into
the
vSphere
Web
Client
o Click
on
the
Networking
icon
o Right-click
on
the
vDS
you
want
to
remove
a
host
from
>
click
Add
and
Manage
Hosts
o Select
the
Remove
hosts
option
and
click
Next
o Click
the
green
plus
icon
labeled
Attached
hosts
o Select
the
host(s)
you
want
to
remove
from
the
vDS
>
click
OK
o Click
Next
>
click
Finish
o
29
30
31
32
allowed.
When
set
to
reject,
the
source
MAC
address
for
a
packet
is
compared
to
the
effective
MAC
address
of
the
network
adapter.
If
the
source
and
effective
MAC
addresses
do
not
match
then
the
packet
is
dropped
Configure
dvPort
group
blocking
policies
o Log
into
the
vSphere
Web
Client
o Click
the
Networking
icon
o Right-click
on
the
dvPort
group
you
want
edit
>
click
Edit
Settings
o Select
Miscellaneous
on
the
left
o Change
the
dropdown
for
Block
all
ports
to
Yes.
CHANGING
THIS
TO
YES
WILL
STOP
ALL
VIRTUAL
MACHINE
TRAFFIC
ON
THE
DVPORT
GROUP
o Click
OK
33
34
enter
for
Peak
Bandwidth
determines
the
maximum
amount
of
Kbits/sec
that
can
traverse
each
individual
port
Burst
Size
(defined
in
Kbytes/sec):
Ports
gain
a
burst
bonus
when
it
does
not
use
all
of
the
bandwidth
it
is
allocated.
When
the
port
needs
additional
bandwidth
then
defined
in
Average
Bandwidth,
it
can
use
its
burst
bonus.
The
Burst
Size
setting
will
limit
the
number
of
Kbytes
gained
by
the
burst
bonus
o Click
OK
Enable
TCP
Segmentation
Offload
support
for
a
virtual
machine
o TCP
Segmentation
Offload
(TSO)
is
supported
for
VMkernel
adapters
and
virtual
machines
o By
default,
TSO
is
enabled
for
VMXNET2
and
VMXNET3
network
adapters
o There
is
a
process
for
enabling
this
on
a
Linux
machine
or
a
Windows
machine
o Linux
Machine
Ensure
the
Linux
VM
is
using
a
VMXNET2
or
VMXNET3
adapter
Log
into
the
Linux
guest
and
open
a
terminal
window
Enable
TSO
by
running
the
following
command:
ethtool
-K
ethY
tso
on
Disable
TSO
by
running
the
following
command:
ethtool
-K
ethY
tso
off
where
Y
is
the
number
of
the
NIC
in
the
VM
o Windows
Machine
Ensure
the
Windows
VM
is
using
a
VMXNET2
or
VMXNET3
adapter
Log
into
the
Windows
machine
and
open
the
Network
and
Sharing
Center
Go
to
the
network
adapter
and
open
up
the
properties
Click
Configure
>
click
the
Advanced
tab
Set
the
Large
Send
Offload
V2
(IPv4)
and
Large
Send
Offload
V2
(IPv6)
properties
to
Enabled
or
Disabled
Restart
the
virtual
machine
Enable
Jumbo
Frames
support
on
appropriate
components
o Jumbo
Frames
need
to
be
set
up
at
many
different
levels
within
the
virtualization
and
physical
stack.
Since
were
talking
about
networking
in
this
section,
Ill
limit
this
to
enabling
jumbo
frames
on
the
distributed
switch
o Log
into
the
vSphere
Web
client
o Click
the
Networking
icon
o Select
a
distributed
switch
from
the
left
inventory
tree
>
click
Manage
and
then
Settings
on
the
right
o Select
Properties
and
click
the
Edit
button
located
on
the
right
>
click
Advanced
o Change
the
MTU
to
9000
>
click
OK
35
Determine
appropriate
VLAN
configuration
for
a
vSphere
implementation
o The
VLAN
configuration
is
going
to
be
based
on
your
requirements
as
there
is
no
blanket
VLAN
configuration
for
all
vSphere
deployments
in
the
world.
However,
most
environments
I
run
into
are
configured
as
follows:
All
uplink
ports
on
the
physical
switch
are
set
to
trunking
mode
and
all
required
VLANs
are
allowed
traverse
that
VLAN
trunk
Each
required
VLAN
should
have
a
corresponding
dvPort
group
with
the
VLAN
specified
o That
option
is
known
as
Virtual
Switch
Tagging
(VST)
in
which
packets
are
tagged
with
the
appropriate
VLAN
are
tagged
at
the
dvPort
group
o External
Switch
Tagging
(EST)
and
Virtual
Guest
Tagging
(VGT)
are
two
other
options.
Tagging
VLANs
at
the
external
switch
layer
and
tagging
VLANs
within
the
guest
OS,
respectively
Tools
36
37
Click OK
Disable
NIOC
o Log
into
the
vSphere
Web
client
o Click
the
Networking
icon
o Right-click
the
vDS
you
want
to
enable
NIOC
on
>
hover
over
Settings
>
click
Edit
Settings
o From
the
dropdown
next
to
Network
I/O
Control
select
Disabled
o Click
OK
38
Here
you
can
see
a
line
graph
that
shows
you
your
total
bandwidth
capability,
how
much
you
have
configured
and
how
much
you
have
available
o
o
Tools
39
40
initial
MAC
address
of
the
virtual
machine.
When
set
to
reject,
all
traffic
will
be
dropped
for
any
packets
where
the
MAC
does
not
match
the
initial
MAC
address
Forged
Transmits:
When
enabled,
Forged
Transmits
allow
you
to
change
the
MAC
address
from
within
the
guest
operating
system
and
that
traffic
will
still
be
allowed.
When
set
to
reject,
the
source
MAC
address
for
a
packet
is
compared
to
the
effective
MAC
address
of
the
network
adapter.
If
the
source
and
effective
MAC
addresses
do
not
match
then
the
packet
is
dropped
Configure
dvPort
group
blocking
policies
o Log
into
the
vSphere
Web
Client
o Click
the
Networking
icon
o Right-click
on
the
dvPort
group
you
want
edit
>
click
Edit
Settings
o Select
Miscellaneous
on
the
left
o Change
the
dropdown
for
Block
all
ports
to
Yes.
CHANGING
THIS
TO
YES
WILL
STOP
ALL
VIRTUAL
MACHINE
TRAFFIC
ON
THE
DVPORT
GROUP
o Click
OK
41
whenever
a
virtual
NIC
is
connected
to
the
vDS.
One
use
case
for
setting
this
to
No
is
if
you
are
running
Microsoft
NLB
in
unicast
mode
Select
Yes
or
No
for
the
Failback
policy.
Selecting
Yes
will
initiate
a
failback
when
a
failed
physical
adapter
that
comes
back
online.
Choosing
No
will
not
fail
traffic
back
to
a
failed
physical
adapter
once
it
comes
back
online
unless
the
active
physical
adapter
fails
Failover
order
has
three
options:
Active
uplinks:
Physical
adapters
listed
here
are
active
and
being
used
for
inbound/outbound
traffic.
The
utilization
of
multiple
active
uplinks
is
based
on
the
selected
load
balancing
algorithm.
These
adapters
will
always
be
used
when
they
are
connected
Standby
uplinks:
Physical
adapters
here
are
for
standby
purposes.
Standby
uplinks
will
only
be
used
when
an
active
adapter
fails
or
no
longer
has
network
connectivity
Unused
uplinks:
Physical
adapters
listed
here
will
not
be
used
Once
finished
configuring
these
options
click
OK
42
Click
OK
Enable
TCP
Segmentation
Offload
support
for
a
virtual
machine
o TCP
Segmentation
Offload
(TSO)
is
supported
for
VMkernel
adapters
and
virtual
machines
o By
default,
TSO
is
enabled
for
VMXNET2
and
VMXNET3
network
adapters
o There
is
a
process
for
enabling
this
on
a
Linux
machine
or
a
Windows
machine
o Linux
Machine
Ensure
the
Linux
VM
is
using
a
VMXNET2
or
VMXNET3
adapter
Log
into
the
Linux
guest
and
open
a
terminal
window
Enable
TSO
by
running
the
following
command:
ethtool
-K
ethY
tso
on
Disable
TSO
by
running
the
following
command:
ethtool
-K
ethY
tso
off
where
Y
is
the
number
of
the
NIC
in
the
VM
o Windows
Machine
Ensure
the
Windows
VM
is
using
a
VMXNET2
or
VMXNET3
adapter
Log
into
the
Windows
machine
and
open
the
Network
and
Sharing
Center
Go
to
the
network
adapter
and
open
up
the
properties
Click
Configure
>
click
the
Advanced
tab
Set
the
Large
Send
Offload
V2
(IPv4)
and
Large
Send
Offload
V2
(IPv6)
properties
to
Enabled
or
Disabled
Restart
the
virtual
machine
Enable
Jumbo
Frames
support
on
appropriate
components
o Jumbo
Frames
need
to
be
set
up
at
many
different
levels
within
the
virtualization
and
physical
stack.
Since
were
talking
about
networking
in
this
section,
Ill
limit
this
to
enabling
jumbo
frames
on
the
distributed
switch
o Log
into
the
vSphere
Web
client
o Click
the
Networking
icon
o
43
o
o
o
Select
a
distributed
switch
from
the
left
inventory
tree
>
click
Manage
and
then
Settings
on
the
right
Select
Properties
and
click
the
Edit
button
located
on
the
right
>
click
Advanced
Change
the
MTU
to
9000
>
click
OK
Determine
appropriate
VLAN
configuration
for
a
vSphere
implementation
o The
VLAN
configuration
is
going
to
be
based
on
your
requirements
as
there
is
no
blanket
VLAN
configuration
for
all
vSphere
deployments
in
the
world.
However,
most
environments
I
run
into
are
configured
as
follows:
All
uplink
ports
on
the
physical
switch
are
set
to
trunking
mode
and
all
required
VLANs
are
allowed
traverse
that
VLAN
trunk
Each
required
VLAN
should
have
a
corresponding
dvPort
group
with
the
VLAN
specified
o That
option
is
known
as
Virtual
Switch
Tagging
(VST)
in
which
packets
are
tagged
with
the
appropriate
VLAN
are
tagged
at
the
dvPort
group
o External
Switch
Tagging
(EST)
and
Virtual
Guest
Tagging
(VGT)
are
two
other
options.
Tagging
VLANs
at
the
external
switch
layer
and
tagging
VLANs
within
the
guest
OS,
respectively
Tools
44
There
are
three
different
types
of
device
identifiers
used
that
make
up
part
of
the
storage
naming
convention.
Here
they
are
along
with
their
corresponding
device
ID
formats:
SCSI
INQUIRY
Identifiers:
these
will
be
unique
across
all
hosts
and
are
persistent.
The
host
uses
the
SCSI
INQUIRY
command
in
order
to
use
the
page
83
information
(Device
Identification)
to
generate
a
unique
identifier
naa.number
t10.number
eui.number
Path-based
Identifier:
When
a
device
is
queried
and
does
not
return
page
83
information,
the
host
generates
an
mpx.path
name.
Path
represents
the
path
to
that
particular
device.
This
is
created
for
local
devices
during
boot
and
is
not
unique
or
persistent
(could
change
upon
next
boot)
Example:
mpx.vmhba1.C0.T0.L0
Legacy
Identifier
:
ESXi
also
generates
an
legacy
name
as
an
alternative
with
the
following
format:
Vml.number:
The
number
are
digits
unique
to
the
device
and
can
be
taken
from
a
part
of
the
page
83
information
if
it
is
available
45
A
hardware
iSCSI
adapter
offloads
the
network
and
iSCSI
processing
from
the
host.
There
are
two
types
of
hardware
iSCSI
adapters;
dependent
hardware
iSCSI
adapter
and
independent
hardware
iSCSI
adapter
(ensure
these
are
listed
on
the
HCL)
Dependent
Hardware
iSCSI
Adapter
These
types
of
adapters
depend
on
VMware
networking
and
the
iSCSI
management
interfaces
within
VMware
Dependent
upon
the
hosts
network
configuration
for
IP
and
MAC
Independent
Hardware
iSCSI
Adapter
These
types
of
adapters
are
independent
from
the
host
and
VMware
Provides
its
own
configuration
management
for
IP
and
other
network
address
assignment
The
software
iSCSI
adapter
is
built
into
VMwares
code,
specifically
the
VMkernel.
Using
this
type
of
adapter
you
can
connect
to
iSCSI
targets
using
a
standard
network
adapter
installed
on
the
host.
Since
this
is
a
software
adapter,
network
processing
and
encapsulation
are
performed
by
the
host,
which
does
use
host
resources
Compare
and
contrast
array
thin
provisioning
and
virtual
disk
thin
provisioning
o
46
Zoning
and
LUN
masking
are
somewhat
similar
in
the
fact
that
they
are
used
for
access
control
between
different
objects
and
devices
that
may
or
may
not
need
to
communicate
with
each
other
Zoning
-
Use
single-initiator
zoning
or
single-initiator-single-target
zoning
(more
restrictive).
Each
vendor
will
have
different
zoning
practices/best
practices
Defines
which
Host
Bus
Adapters
(HBAs)
can
connect
to
which
targets
on
the
SAN.
Objects
that
arent
zoned
to
one
another,
or
are
outside
of
a
particular
zone
arent
visible
Reduces
the
number
of
LUNs
and
targets
presented
to
a
particular
host
Controls/isolates
paths
in
your
SAN
fabric
Prevents
unauthorized
systems
from
accessing
targets
and
LUNs
LUN
Masking
_exact
same
thing
as
zoning,
but
applied
only
for
LUN-host
mapping
Limits
which
hosts
can
see
which
LUNs
Can
be
done
at
the
array
layer
or
the
VMware
layer
Scan/Rescan
Storage
o
o
o
o
o
o
There
are
many
different
situations
in
which
storage
is
Scanned/Rescanned;
here
are
a
few
When
adding
a
new
storage
device,
storage
will
be
scanned/rescanned
afterwords;
a
scan
for
new
Storage
Devices
will
be
done
and
a
scan
for
new
VMFS
volumes
will
initiate
After
adding/removing
iSCSI
targets
Log
into
the
vSphere
Web
client
Click
on
the
Hosts
and
Clusters
icon
From
the
left
right-click
on
a
Datacenter,
Cluster
or
Host
>
select
Storage
Click
Rescan
Storage
You
will
see
two
options
Scan
for
Storage
Devices
and
Scan
for
new
VMFS
Volumes,
bith
are
checked
by
default.
Unselect
any
action
you
dont
want
to
perform
Click OK
47
From
the
storage
array,
create
a
LUN
to
act
as
a
boot
LUN
for
each
host
that
require
boot
from
SAN
Mask
each
LUN
to
their
respective
ESXi
hosts.
For
example
create
LUN01
and
mask
it
to
host01.
Create
LUN02
and
mask
it
to
host02
Determine
the
WWPN
for
a
front-end
port
on
the
SAN
that
has
access
to
the
boot
LUN
Configure
the
storage
adapter
on
the
host
to
boot
from
SAN.
Again,
this
will
be
vendor
specific
so
youll
need
to
check
out
the
documentation
for
your
specific
storage
adapter.
You
will
use
the
WWPN
that
you
recorded
earlier
as
part
of
this
configuration
iSCSI
o
o
o
o
o
o
From
the
storage
array,
create
a
LUN
to
act
as
a
boot
LUN
for
each
host
that
require
boot
from
SAN
Mask
each
LUN
to
their
respective
ESXi
hosts.
For
example
create
LUN01
and
mask
it
to
host01.
Create
LUN02
and
mask
it
to
host02
Determine
the
iSCSI
name
and
IP
addresses
for
the
targets
that
are
assigned
for
the
particular
ESXi
host
If
youre
using
an
independent
hardware
iSCSI
adapter
youll
need
to
follow
the
vendor
documentation
for
that
adapter
to
configure
it
for
boot
from
SAN.
This
configuration
will
include
using
the
IPs
you
recorded
earlier
as
sendtargets
in
order
to
discover
the
boot
LUN
You
can
also
use
the
software
or
dependent
hardware
iSCSI
adapters.
This
requires
that
the
dependent
adapter
(or
software
adapter)
support
iBFT,
or
iSCSI
Boot
Firmware
Table
When
booting
via
iBFT
the
ESXi
host
will
go
through
the
following
proess:
BIOS
finds
the
iSCSI
firmware
of
the
network
adapter
The
boot
firmware
will
connect
to
the
iSCSI
target
using
its
predefined
parameters
(this
is
set
earlier
according
to
vendor
documentation)
Once
the
connection
is
made
all
the
networking
and
boot
parameters
are
stored
in
the
iBFT,
which
then
gets
stored
into
memory
48
This
is
going
to
be
subjective
to
your
particular
storage
device,
but
the
basic
steps
are:
Create
a
storage
volume
Create
a
folder
on
that
storage
volume
Create
a
share
for
that
folder
Allow
the
IP
of
your
host(s)
to
access
the
storage
Give
the
IPs
of
your
host
read/write
access
to
the
share
you
created
49
Click
OK
50
51
Targets
o
Here you can add targets for the iSCSI initiator using dynamic or static discovery
52
o
o
o
o
o
o
o
o
53
Configuring
array
thing
provisioning
is
going
to
be
different
for
each
type
of
array
so
you
should
consult
the
vendor
documentation
in
order
to
configure
array
thin
provisioning
Use
Cases
Uniformity
--
once
you
provision
it
for
the
LUN,
it
wont
matter
if
the
virtual
disk
created
is
thick
or
thin,
it
will
always
be
thin
because
the
LUN
is
thin
provisioned
Less
overhead
--
when
integrated
with
storage
APIs
the
host
can
inform
the
array
when
datstore
space
is
freed
up
and
allow
the
array
to
reclaim
the
freed
blocks
Ease
of
use
--
allows
an
administrator
to
easily
monitor
space
usage
on
thin
provisioned
LUNs
Tools
54
Before
you
can
configure
Virtual
SAN
(VSAN)
there
are
a
few
things
you
must
do
in
order
to
properly
prepare.
You
need
at
least
three
hosts
to
for
a
VSAN
Cluster
Each
host
has
a
minimum
of
6GB
memory
Make
sure
the
devices/firmware
youre
using
is
listed
in
the
VMware
Compatibility
Guide
Ensure
you
have
the
proper
disks
needed
for
your
intended
configuration.
Youll
need
a
mix
of
SAS
and
SSD
drives
or
all
SSDs
if
doing
an
all
flash
configuration
Prepare
the
storage
devices
for
VSAN
use:
They
must
be
local
to
the
ESXi
host
No
preexisting
partitions
exist
on
the
devices
Each
disk
group
will
need
one
SAS
drive
and
one
flash
drive.
In
an
all
flash
configuration
youll
have
at
least
two
flash
drives,
one
for
caching
and
one
for
capacity
Ensure
you
have
enough
space
to
account
for
your
availability
requirements.
N+1
means
youll
need
double
the
devices
The
latest
format
(2.0)
of
VSAN
requires
1%
capacity
per
device
If
using
an
all
flash
configuration
youll
need
to
untag
the
flash
devices
that
will
be
used
for
capacity
so
they
do
not
show
up
as
flash
devices
VSAN
Network
o
55
Ensure
that
the
physical
adapter
youre
using
for
VSAN
is
assigned
as
an
active
uplink
on
the
port
group.
Ideally
this
would
be
a
dedicated
adapter,
but
it
can
be
shared
You
need
a
unique
multicast
address
for
each
VSAN
cluster
that
youre
running
on
the
same
layer
2
network
If
enabling
VSAN
on
an
existing
cluster:
From
the
inventory
tree
on
the
left,
select
the
cluster
you
want
to
enable
VSAN
on
On
the
right,
click
the
Manage
button
>
click
Settings
Under
Virtual
SAN
click
General
>
in
the
upper
right
click
the
Edit
button
56
o
o
Create/Modify
VMware
Virtual
Volumes
(VVOLs)
Creating
a
VMware
Virtual
Volume
o Creating
a
virtual
volume
is
a
multi-step
process.
Here
are
the
high
level
steps:
Register
Storage
Providers
for
the
Virtual
Volumes
Create
a
Virtual
Datastore
Verify
that
the
protocol
endpoints
exist
Change
the
PSP
for
the
protocol
endpoint
(this
step
is
optional)
Register
a
Storage
Provider
o
o
o
o
o
o
o
o
o
o
o
o
o
57
o
o
o
o
o
o
o
o
o
o
o
58
o
o
o
o
o
o
o
o
o
o
o
o
o
VSAN
will
never
put
more
than
one
replica
of
the
same
object
in
the
same
fault
domain
59
Tools
60
61
62
Here
are
some
things
that
the
VMware
NMP
or
third-party
MPP
are
responsible
for:
Provides
logical
and
physical
path
I/O
statistics
Loads
and
unloads
multipathing
plugins
Routes
I/O
requests
for
a
specific
logical
device
to
the
MPP
managing
that
device
Handles
I/O
queuing
to
the
physical
HBAs
Handles
physical
path
discovery
and
removal
Implements
logical
device
bandwidth
sharing
between
virtual
machines
o The
multi-pathing
modules
provide
the
following:
Manage
physical
path
claiming
and
unclaiming
Mange
creation,
registration
and
deregistration
of
logical
devices
Associate
physical
paths
with
logical
devices
Support
path
failure
detection
and
remediation
Processes
I/O
requests
to
logical
devices
Configure
Storage
Policies
o Log
into
the
vSphere
Web
client
o Click
on
the
VM
Storage
Policies
icon
o If
for
some
reason
you
see
zero
storage
policies
click
the
green
check
mark
and
page
icon
to
enable
VM
storage
policies
o If
you
want
to
create
policies
for
datastores
that
arent
managed
by
a
storage
provider
you
can
create
tags
for
datastores
to
define
their
capabilities.
To
assign
tags
to
a
datstore:
Browse
to
the
datastore
from
within
the
vSphere
web
client
Click
the
Manage
tab
>
click
Tags
Click
the
green
plus/tag
icon
to
create
a
new
tag
Type
in
a
name
and
description
Select
a
Category
if
a
category
does
not
exist
select
New
Category
Enter
in
a
category
name
and
description
>
select
whether
you
want
one
tag
per
object
or
many
tags
per
object
(known
as
cardinality)
Click
OK
>
click
OK
to
finish
tag
creation
Create
a
storage
policy
for
a
virtual
machine
o Log
into
the
vSphere
Web
client
o Click
the
VM
Storage
Policies
icon
o Click
the
icon
to
Create
a
new
VM
storage
policy
o Select
the
vCenter
server
in
which
you
want
to
create
the
storage
policy
on
from
the
dropdown
menu
o Type
in
a
name
and
description
>
click
Next
>
click
Next
o You
can
create
a
rule
based
on
data
services
(such
as
VSAN)
or
not.
Im
selecting
None
o Click
the
Add
tag-based
rule
button
o
63
o
o
o
o
o
o
o
Select
a
category
from
the
drop-down
list
>
select
a
tag(s)
that
you
want
to
apply
to
the
rule
Click
OK
You
can
add
another
tag-based
rule
or
you
can
even
add
another
rule
set
if
youd
like.
That
new
rule
set,
just
like
before,
can
be
based
on
data
services
Once
youve
added
your
rules/rule
sets
click
Next
There
will
be
two
options;
Compatible
and
Incompatible
>
select
Compatible
In
the
lower
pane
ensure
there
are
one
or
more
datastores
in
the
list
>
click
Next
Click
Finish
o
Enable/Disable
Virtual
SAN
Fault
Domains
o Log
into
the
vSphere
Web
client
o Click
the
Hosts
and
Clusters
icon
>
select
the
VSAN
cluster
from
the
inventory
tree
on
the
left
o On
the
right
click
the
Manage
tab
>
click
the
Settings
tab
o Under
Virtual
SAN
click
Fault
Domains
o Click
the
green
plus
icon
to
add
a
new
fault
domain
o Type
in
the
name
for
the
fault
domain
>
select
the
host(s)
that
you
want
to
put
into
the
fault
domain
o Click
OK
o To
disable
the
fault
domain
remove
all
hosts
to
another
fault
domain
or
completely
out
of
all
fault
domains
VSAN
will
never
put
more
than
one
replica
of
the
same
object
in
the
same
fault
domain
Tools
64
Objective 3.4: Perform Advanced VMFS and NFS Configurations and Upgrades
Knowledge
65
66
o
o
o
Click
Next
Select
the
host(s)
that
you
want
to
mount
the
new
datastore
to
>
click
Next
Click
Finish
67
Extend/Expand
VMFS
Datastores
o Log
into
the
vSphere
Web
client
o Click
the
Storage
icon
>
select
a
datacenter
from
the
inventory
try
on
the
left
o On
the
right
click
the
Related
Objects
tab
>
click
Datastores
o From
the
list
of
datastores
right-click
the
one
you
want
to
extend/expand
o Click
Increase
Datastore
Capacity
o Choose
the
device
you
want
to
use
to
expand
the
datastore
>
Click
Next
o From
the
Partition
Configuration
dropdown
choose
Use
all
available
partitions
o Click
Next
>
click
Finish
Place
a
VMFS
Datastore
in
Maintenance
Mode
Any
datastore
you
want
to
put
in
maintenance
mode
must
be
in
a
datastore
cluster
o Log
into
the
vSphere
Web
client
o Click
the
Storage
icon
>
select
a
datacenter
from
the
inventory
try
on
the
left
o On
the
right
click
the
Related
Objects
tab
>
click
Datastores
o From
the
list
of
datastores
right-click
the
one
you
want
to
place
into
maintenance
mode
o Select
Maintenance
Mode
>
click
Enter
Maintenance
Mode
o Youll
see
a
list
of
faults
(if
any)
under
the
Faults
tab.
Check
the
faults
and
resolve
them.
Any
listed
faults
need
to
be
resolved
prior
to
a
datastore
entering
maintenance
mdoe
o The
Migrations
Recommendations
tab
will
list
all
the
recommendations
and
are
applied
by
default.
You
can
choose
to
un-apply
them
by
deselecting
the
checkbox
o Click
Apply
and
Continue
Identify
available
Raw
Device
Mappings
(RDM)
solutions
o RDMs
come
in
two
flavors,
virtual
compatibility
mode
and
physical
compatibility
mode
o An
RDM
is
a
file
that
exists
inside
a
VMFS
volume
which
manages
all
the
metadata
for
the
raw
device
o Some
specific
use
cases
for
using
RDMs:
Storage
resource
management
software
SAN
management
agents
Replication
software
Microsoft
Failover
Clustering
o Many
times
this
type
of
software
in
order
to
access
the
SCSI
devices
directly.
Whenever
software
needs
direct
access
to
the
SCSI
device
the
RDM
needs
to
be
in
physical
compatibility
mode
68
69
There
are
a
few
big
use
cases
for
using
multiple
VMFS/NFS
Datastores
Datastores
sit
on
backend
storage
that
have
physical
disks
configured
in
a
particular
way.
If
you
have
a
requirement
where
some
applications
need
more
space,
or
need
to
be
faster
than
others,
creating
multiple
datastores
with
different
characteristics
will
solve
that
requirement
Disk
contention
could
be
a
problem,
having
different
datastore
will
allow
you
to
spread
those
workloads
over
different
physical
disks
HA
and
resiliency
--
having
multiple
datastores
allows
you
to
spread
your
VMs
across
them.
If
you
lose
a
datstore
all
of
your
VMs
wont
go
down,
only
VMs
located
on
that
particular
datastore
Tools
70
71
Tools
72
Knowledge
Identify
Upgrade
Requirements
for
ESXi
Hosts
Minimum hardware and system resources for ESXi 6.0:
Requires the NX/XD bit to be enabled for the CPU in the BIOS
To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD RVI) must be
enabled on x64 CPUs
SCSI disk or a local, non-network, RAID LUN with unpartitioned space for the virtual machines
For SATA a disk connected through supported SAS controllers or supported on-board SATA controllers
5.2GB (or larger) when booting from local disk, SAN or iSCSI LUN (4GB is used for scratch
partition)
If smaller disk or LUN is used, the installer attempts to allocate a scratch region on a separate lock disk. If a
local disk cannot be found the scratch partition, /scratch, is located on the ESXi host ramdisk.
Network I/O Control - Support for per-VM Distributed vSwitch bandwidth reservations to guarantee
isolation and enforce limits on bandwidth.
73
The upgrade to an existing vDS is non-disruptive requiring no outages for ESXi hosts or VMs. As a prerequisite the
vCenter Server needs to have been upgraded to version 6.0 as well as all hosts connected to the vDS need to be
running ESXi 6.0.
From the Home screen in the vSphere Web Client, select Networking in the right hand navigation
In the left hand pane select the vSphere Distributed Switch you want to upgrade
Right click on the vSphere Distributed Switch and select Upgrade, then Upgrade Distributed Switch
From the Upgrade wizard select the version of vSphere Distributed Switch you want to upgrade to (in the
pic below I have version 5.0 vDS that I am upgrading to version 6.0)
74
the vSphere Virtual Machine Administration guide covers the install/upgrade process for Windows, Linux, Mac
OS X, and finally Solaris virtual machines.
The below screenshots are quick grabs of how you can configure an individual virtual machine to check for
VMware Tools upgrades on power on, as well as the pre-defined VMware Update Manager virtual machine
baseline, VMware Tools Upgrade to Match Host.
Virtual Machine Settings
75
Description
This virtual machine (hardware version 11) is compatible with ESXi 6.0.
This virtual machine (hardware version 10) is compatible with ESXi 5.5 and
6.0.
This virtual machine (hardware version 9) is compatible with ESXi 5.1, ESXi
5.5, and ESXi 6.0.
This virtual machine (hardware version 8) is compatible with ESXi 5.0, ESXi
5.1, ESXi 5.5, and ESXi 6.0.
This virtual machine (hardware version 7) is compatible with ESX/ ESXi 4.0,
ESX/ ESXi 4.1, ESXi 5.0, ESXi 5.1, ESXi 5.5, and ESXi 6.0.
This virtual machine (hardware version 3) is compatible with ESX Server 2.x,
ESX/ESXi 3.5, ESX/ESXi 4.x, and ESXi 5.0. You cannot create, edit, turn
on, clone, or migrate virtual machines with ESX Server 2.x compatibility.
76
From the Home screen in the vSphere Web Client, select VMs and Templates in the right hand
navigation
Select the virtual machines (either individually or by object, Datacenter, Folder, etc)
Select Actions > All vCenter Actions > Compatibility > Upgrade VM Compatibility
Select the ESXi version for the virtual machine to be compatible with (screen shot below)
Click OK
77
For ease of this write up I am combing both of these objectives together. While the process for leveraging VMware
Update Manager to update your ESXi hosts hasnt changed much between vSphere 5.x to 6.0, be sure to review
Section 9, Upgrading Hosts in the vSphere Upgrade documentation. Below is quick list of things to keep in mind:
Both vCenter Server and vSphere Update Manager must have already been upgraded to vSphere 6.0
You can upgrade ESXi 5.0.x, ESXi 5.1.x, and ESXi 5.5.x hosts directly to ESXi 6.0
You cannot use VUM to upgrade hosts to ESXi 5.x if the host was previously upgraded from ESX 3.x or
ESX 4.x
Hosts must have more than 350MB of free space in the /boot partition to support the Update Manager
upgrade process
VMware Tools
Virtual Appliances
Log into the vSphere Client (not Web) with administrative privileges
From the Home screen in the vSphere Client, select Update Manager under the Solutions and
Applications section
On the Select ESXi Image page of the Import ESXi Image wizard, browse to the location of the ESXi
image
Click Next
Click Finish
Log into the vSphere Client (not Web) with administrative privileges
From the Home screen in the vSphere Client, select Update Manager under the Solutions and
Applications section
On the Baselines and Group tab, click Create above the Baseline Groups pane
Enter a unique name for the baseline group and an optional description
Click Finish
78
79
80
Update Sequence for vSphere 6.0 and its Compatible VMware Products (2109760)
Supported Host Operating Systems for VMware vCenter Server Installation (2091273)
Knowledge
Identify
Steps
Required
to
Upgrade
a
vSphere
Implementation
While the list of steps required to upgrade vCenter Server is pretty short (see below) there are few things to keep in
mind before starting the process. First is the outline of the steps, taken from Section 1, vSphere Upgrade
Process of the vSphere Upgrade documentation:
Verify that your system meets vSphere hardware and software requirements
If your vSphere system includes VMware solutions or plug-ins, verify that they are are compatible with the
vCenter Server or vCenter Server Appliance version to which you are upgarding
For additional details I would also suggest taking a looking at the following VMware
KB articles, both for the exam as well prior to doing a production vSphere 6 upgrade.
Update Sequence for vSphere 6.0 and its Compatible VMware Products (2109760)
Synchronize the clocks on all machines running the vCenter Server 5.x services
Verify that the system network name of the machine running vCenter Server 5.x services are valid, and are
reachable from other machines in the network
81
Verify that the host name of the virtual machine or physical server that you are installing or upgrading vCenter
Server on complies with RFC 1123 guidelines
If your vCenter Server service is running in a user account other than the Local System account, verify that the
user account in which the vCenter Server service is running has the following permissions:
Log on as a service
Act as part of the operating system (if the user is a domain user)
Verify that the LOCAL SERVICE account has read permission on the folder in which vCenter Server is
installed and on the HKLM registry
Verify that the connection between the virtual machine or physical server ad the domain controller is working
Resources PSC 10 Hosts/10
VMs (Tiny)
# of
16
2GB
8GB
16GB
24GB
32GB
CPUs
Memory
Supported operating system (See VMware KB Supported Host Operating Systems for VMware vCenter Server
Installation (2091273) )
64-bit system DSN for vCenter Server to connect to the external database
For environments with up to 20 hosts and 200 virtual machines you can use the bundled PostgresSQL
database. Larger installations require a supported database
vCenter Server supports Oracle and MS SQL Server. Check the VMware Product Interoperability
Matrixes for supported DB versions
Before you deploy the vCenter Server Appliance, synchronize the clocks of all virtual machines on the
vSphere network
82
PSC
(Tiny)
(Medium)
(Large)
(Small)
16
2GB
8GB
16GB
24GB
32GB
# of CPUs
Memory
If the environment will surpass the supported number of hosts and virtual machines (or if you would just prefer), the
vCenter Server Appliance supports ONLY Oracle for external connected databases.
NOTE For vCenter Server with an embedded Platform Services Controller (either Windows or Appliance), you
must add the hardware requirements for Platform Services Controller (PSC column in the tables) to the hardware
requirements for vCenter Server depending on the size of your environment.
Allow the Client Integration Plug-In to start and on the Home page, click Upgrade
In the Supported Upgrade warning message, click OK to start the vCenter Server Appliance upgrade
wizard
Connect to the Target ESXi host on which you want to deploy the vCenter Server Appliance and
click Next
On the Connect to source appliance page enter the details of the appliance that you want to upgrade
Set up the vCenter Single Sign-On setting fro the newly deployed appliance and click Next
On the Select appliance size page of the wizard, select the vCenter Server Appliance size for the vSphere
inventory size and click Next
From the list of available Datatores, select the location where all the virtual machine configuration files and
virtual disks will be stored and, optionally, enable thin provisioning by selecting Enable Thin Disk Mode
Select the temporary network for communication between the vCenter Server Appliance that you want to
upgrade and the newly deployed vCenter Server Appliance, select the vCenter Server Appliance IP
allocation method and click Next
83
(Optional) Select the Enable SSH check box to enable SSH connections to the vCenter Server Appliance
On the Ready to complete page, review the settings for the vCenter Server Appliance upgrade and
click Finish to complete the process
vSphere 5.5 and earlier using Simple Install option: Machines will be upgraded to vCenter Server with
embedded Platform Services Controller.
If vCenter Single Sign-On was on a different machine than vCenter Server, the upgrade will be an
external deployment model. Machines running Single Sign-On will become external Platform
Services Controllers. Machines running vCenter Server will become vCenter Server with external
Platforms Services Controllers.
If vCenter Single Sign-On was on the same node as vCenter Server, the upgrade will product an
embedded deployment model. Machines will be upgraded to v Center Server with embedded
Platform Services Controller
If the custom installation included multiple replicating vCenter Single Sign-On servers, the
upgrade will product an external deployment model with multiple replicating Platform Services
Controller instances. Machines running Single Sign-On will become external Platform Services
Controllers. Machines running vCenter Server will become vCenter Server with external
Platforms Services Controllers.
84
85
The above diagrams provided by VMware in Section 1, vCenter Server Example Upgrade Paths in the vSphere
Upgrade documentation. Review for additional upgrade topologies. Also have a look at the following VMware KB
articles:
Identify/Troubleshoot
vCenter
Upgrade
Errors
Logs, logs, and more logs. Section 12, Collecting Logs for Troubleshooting a vCenter Server Installation or
Upgrade in the vSphere Upgradedocumentation covers this in detail. Below is a break down of the cliff notes
version
Log location for Windows Based vCenter Server
In the appliance shell, run the pi shell command to access the Bash shell
In the Bash shell, run the vc-supporrt.sh script to generate a support bundle
cat /var/log/firstboot/firstbootStatus.json
For additional log file details review the following VMware KB article:
86
The
first
resource
pool
created
under
the
root
resource
pool
is
a
child
resource
pool
(lets
call
this
RP1).
RP1
is
a
child
only
to
the
root
resource
pool.
Underneath
RP1
you
can
add
virtual
machines
into
it,
and
those
virtual
machines
will
get
their
resources
from
RP1
dependent
upon
their
shares,
limits,
reservations
or
dynamic
virtual
machine
entitlement.
A
new
resource
pool
can
be
added
to
RP1
(lets
call
this
new
resource
pool
RP2).
RP2
is
now
a
child
resource
pool
of
RP1,
making
RP1
a
parent
to
RP2,
but
still
a
child
resource
pool
of
the
root
resource
pool
The
parent/child
relationship
can
continue
further
as
you
nest
more
resource
pools
and
virtual
machines
inside
one
another.
Any
resource
pool
or
virtual
machines
created
at
the
same
level
as
another
resource
pool
will
be
known
to
each
other
as
a
sibling
87
The
more
nesting
of
virtual
machines
and
resource
pools
you
have
the
more
complex
it
will
be
to
understand
and
more
overhead
to
manage.
One
KEY
thing
to
remember;
never
use
resource
pools
as
an
organizational
tool,
meaning,
dont
use
resource
pools
as
a
way
to
logically
group
virtual
machines
(use
folders
for
this)
88
Create/Remove
a
Resource
Pool
o Log
into
the
vSphere
Web
client
o Click
the
Hosts
and
Clusters
icon
o From
the
inventory
tree
on
the
left,
right-click
the
DRS
enabled
cluster
that
you
want
to
create
a
resource
pool
for
>
click
New
Resource
Pool
o Enter
in
a
name
for
the
resource
pool
o Allocate
CPU
shares
for
the
resource
pool:
shares
are
only
relative
to
siblings
that
share
the
same
parent
resource
pool.
Choose
an
option
between
Low,
Normal,
High
or
Custom
o Enter
in
the
CPU
reservation
either
in
MHz
or
GHz
o If
you
want
the
reservation
to
be
expandable
check
the
Expandable
checkbox
o If
you
want
the
resource
pool
to
have
a
limit
enter
in
the
amount
you
want
to
limit
it
to
o Repeat
the
same
thing
for
the
memory
reservation
o Click
OK
o To
remove
the
resource
pool
right-click
the
resource
pool
and
select
Delete
>
click
Yes
to
delete
the
resource
pool
89
Configure
Resource
Pool
attributes
o Log
into
the
vSphere
Web
client
o Click
the
Hosts
and
Clusters
icon
o From
the
inventory
tree
on
the
left,
right-click
the
resource
pool
you
want
to
configure
attributes
on
>
click
Edit
Resource
Settings
o Here
you
can
edit
the
Name,
CPU
settings
and
Memory
settings
o When
finished
click
OK
Add/Remove
virtual
machines
from
a
Resource
Pool
o Log
into
the
vSphere
Web
client
o Click
the
VMs
and
Templates
icon
o From
the
inventory
tree
on
the
left,
find
a
virtual
machine
that
you
want
to
add
to
a
resource
pool
>
right-click
the
virtual
machine
and
click
Move
To
o Expand
the
datacenter
>
expand
the
Hosts
and
Clusters
>
expand
the
cluster
where
the
resource
pool
is
located
o Select
the
resource
pool
you
want
to
move
the
virtual
machine
into
>
click
OK
o To
remove
a
virtual
machine
from
the
resource
pool
repeat
the
same
steps
as
before
but
instead
of
selecting
the
resource
pool
to
move
the
virtual
machine
into
youll
select
the
cluster
where
you
want
to
move
it
to
Create/Delete
vFlash
Resource
Pool
o Log
into
the
vSphere
Web
client
o Click
the
Hosts
and
Clusters
icon
o From
the
inventory
tree
on
the
left
select
a
host
to
perform
the
vFlash
configuration
on
o In
the
right
pane
click
Manage
>
click
the
Settings
tab
o Almost
at
the
very
bottom
click
Virtual
Flash
Resource
Management
o On
the
right-hand
side
click
the
Add
Capacity
button
o Select
the
local
SSD
as
a
flash
cache
resource
o Click
OK
o Click
Virtual
Cache
Host
Swap
Cache
Configuration
o Click
the
Edit
button
>
specify
the
amount
of
host
swap
cache
you
want
to
use,
it
can
be
the
entire
SSD
if
you
want
90
91
resource
pool).
When
resources
are
allocated,
shares
only
matter
when
there
is
contention.
Contention
occurs
if
you
have
overcommitted
the
resources
in
your
DRS
cluster
(assigned
more
resource
then
you
have)
or
during
short-term
spikes
of
workloads,
which
is
normal.
Rule
of
thumb,
allocate
more
shares
to
your
higher
priority
workloads
and
dont
over
-commit
your
resources
unless
you
absolutely
have
to
Reservations
:
Again,
reservations
are
the
minimum
amount
of
resources
the
resource
pool
will
get.
When
you
set
a
CPU
or
Memory
reservation
for
a
resource
pool,
those
reservations
are
subtracted
from
the
parents
available
resources,
making
them
unavailable
to
other
siblings.
If
you
have
virtual
machines
that
you
need
to
guarantee
a
certain
amount
of
resources
for,
reserve
them
in
a
resource
pool
and
add
those
virtual
machines
to
the
resource
pool
Expandable
Reservations
:
Using
expandable
reservations
gives
you
flexibility.
If
a
virtual
machines
workload
incr
eases
and
its
resource
pool
cannot
allocate
more
resources
because
there
arent
any
available,
the
resource
pool
will
asks
its
parent
resource
pool
to
borrow
resources.
Resource
pools
that
have
virtual
machines
with
spiking
workloads
may
consider
enabling
expandable
reservations
Limits
:
Limits
is
the
maximum
amount
of
resources
a
resource
pool
can
have.
If
you
set
a
16GB
memory
limit
for
a
resource
pool,
it
will
never
receive
anymore
than
16GB.
There
arent
too
many
use
cases
to
limit
a
resource
pool,
but
one
use
case
maybe
a
workload
within
a
virtual
machine
that
will
utilize
any
and
all
resources
it
can
get
its
hands
on
and
you
cant
configure
it
otherwise,
setting
a
limit
on
the
resource
pool
is
an
option
you
may
want
to
entertain
Tools
92
Understanding Virtual Machine Snapshots in VMware ESXi and ESX (KB Article 1015180)
Knowledge
Identify
Snapshot
Requirements
Create/Delete/Consolidate
Virtual
Machine
Snapshots
For these two topics I am going to group other them together with a list of VMware KB articles that easily cover the
topics and provide a deeper level of the hows and whys of VMware snapshots. But for an overview a VMware
snapshot is:
Include the files and memory state of a virtual machines guest operating system
Includes the settings and configuration of a virtual machine and its virtual hardware
Is stored as a set of files in the same directory as other files that comprise a virtual machine
Should be taken when testing something with unknown or potentially harmful effects
Can take up as much disk space as the virtual machine itself. If multiple snapshots are possible, the amount
of disk space used increases with the number of snapshots in place
For a complete run down of VMware snapshots, have a look at the following VMware KB articles:
Understanding Virtual Machine Snapshots in VMware ESXi and ESX (KB Article 1015180)
Minimum requirement is vCenter Server 5.1, while vCenter Server 5.5 or later is recommended
VDP 6.0 supports the Linux-based vCenter Server Virtual Appliance and the Windows based vCenter
Server
93
Web browsers must be enabled with Adobe Flash Player 11.3 or later to access the vSphere Web Client
and VDP functionality
Deploy VDP appliances on shared VMFS5 or later datastores to avoid block size limitations
Make sure that all virtual machines are running hardware version 7 or later to support Change Block
Tracking (CBT) functionality
Install VMware Tools on each virtual machine that VDP will backup
Independent
System Requirements
VDP is deployed based disk capacity. The options are:
.5TB
1TB
2TB
4TB
6TB
8TB
Based on the disk/repository sizing the CPU/Memory resources minimum requirements are:
CPU
.5TB
1TB
2TB
4
x
2GHz
4
x
2GHz
4
x
2GHz
4GB
4GB
8GB
10GB
12GB
3TB
6TB
9TB
12TB
Memory
4GB
Disk
Space
873GB 1.6TB
4TB
6TB
8TB
94
This is an interesting objective as of vSphere 6.0 there is only a single version offering product. Just note that earlier
versions of VDP (5.x days) there were two versions of the product, VDP and VDP Advanced. With the release of
vSPhere 6 it appears VMware has consolidated the Advanced edition of the product into one. Lets review some
of the features in the product:
Integration with EMC Data Domain for additional scale, efficiency, and reliability
Agent support for application consistent backup and restores of Microsoft Exchange, SQL and Sharepoint
(used to be in the Advanced version)
For a deeper dive into the functions of features of VDP 6.0 have a look at the
VMware vSphere Data Protection 6.0 Technical Overview whitepaper.
95
96
vSphere replication supports both the Linux-based vCenter Appliance as well as the standard vCenter Server
Windows installation. Combinations of both are supported, IE Windows based vCenter at your primary site and the
Linux-based appliance at the DR target location.
Bundled with the vSphere Replication appliance are all the needed components required:
Authenticates user and checks their permissions to perform vSphere Replication operations
vSphere Replication server that provides the core of the vSphere Replication infrastructure
97
Configure NTP settings on both your vCenter Server and ESXi hosts
Minimum requirement is vCenter Server 5.1, vCenter Server 5.5 or later is recommended
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster you wish to
deploy VMware Data Protection to
Right click on the vSphere Cluster and select Deploy OVF Template
Provide the Source location for the installation. Options are either URL or Local File
Provide a Name and Location for the virtual appliance. Click Next
Select the Virtual Disk Format and Datastore location. Click Next
IP Protocol
Manual IP addressing
Select the check box to Power On the virtual appliance after deployment and click Finish
With the deployment of the appliance complete, if you pop open a console connection you will see a listing for the
next steps to complete the configuration of the device:
98
Type root in the User field and changeme in the Password field, and then click Login
For the vCenter Registration provide a Username and Password and related vCenter
Server information. Use the Test Connection to validate the settings. Click Next when completed
For Create Storage select either Create New Storage or Attach Existing VDP Storage. If using new
storage, select from the available storage capacities. Click Next
Provide the storage location/locations on the Device Allocation window. Click Next
For CPU and Memory assign the needed amount of RAM to the appliance. Click Next
On the Ready to Complete dialog choose to run the Run Performance Analysis on Storage
Configuration. Note, this is optional. Click Next
From the Home screen in the vSphere Web Client, select VDP in the right hand navigation
99
From the Backup Job Actions menu, select New to begin the Create a new backup job wizard
On the Job Type page, select the job type. For this example we are going to to select Guest
Images. Click Next
For the Data Type select either Full Image or Individual Disks
On the Backup Sources dialog select the vCenter object or objects you wish to schedule in the backup job.
These can be Datacenter, Clusters, groups of virtual machines, or individual virtual machines
On the Schedule page, select the schedule for the backup job and click Next
From the Retention Policy page, select a retention period and click Next
Review the settings on the Ready to Complete screen. Click Finish when ready
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster you wish to
deploy vSphere Replication to
Right click on the vSphere Cluster and select Deploy OVF Template
Provide the Source location for the installation. Options are either URL or Local File
Provide a Name and Location for the virtual appliance. Click Next
Select the Configuration size of the appliance (Either 2 or 4 vCPU). Click Next
Select the Virtual Disk Format and Datastore location. Click Next
IP Protocol
Review the binding to the vCenter Extension vService and click Next
Select the check box to Power On the virtual appliance after deployment and click Finish
One the deployment has succeeded Log Out and then back into the vSphere Web Client
Complete the above steps on your secondary/DR site and vSphere Replication is ready for use!
100
By default the vSphere Replication appliance will use self-signed certificates for authentication purposes. If you
wish to upload your own certificates for stronger security you will need to access and log into the virtual appliance
management interface (VAMI) of your replication appliance and complete the following:
Connect to the VAMI of the vSphere Replication appliance in a web browser (default URL
is :5480>:5480>:5480>https://<appliance-address>:5480)
Type the root user name and password for the appliance
Click the VR tab and click Security to review the currentl SSL certificate
Click Configuration
To enforce verification of certificate validity, select the Accept only SSL certificates signed by a trusted
Certificate Authority check box.
From the Home screen in the vSphere Web Client, select VMs and Templates in the right hand navigation
In the left hand pane select a Datacenter object, click the Related Objects tab in the right hand navigation
Either select a Single virtual machine or Multiple virtual machines using the Ctrl and Shift keys
Right-Click the virtual machine/virtual machines and click All vSphere Replication Actions > Configure
Replication from the menu
Use the RPO slider or enter a value to configure the maximum amount of data that can be lost in the case of a
site failure
Select a Guest OS Quiescing configuration, if applicable to the source virtual machine operating system
Source
ESXi
Host
101
6.0
6.0
From the Home screen in the vSphere Web Client, select vSphere Replication in the right hand navigation
Select the appropriate site/vCenter Server. Click on Monitor in the navigation bar
Choose the Incoming Replication tab, right-click the virtual machine to recover and select Recover
Select whether to recover the virtual machine with all the latest data, or to recover the virtual machine with the
most recent data from the target site
If the virtual machine contains hard disks for which you have not enabled replication, select a target destination
for the disk or detach the disk, and click Next
102
Click Finish
103
Objective 7.1 Troubleshoot vCenter Server, ESXi Hosts, and Virtual Machines
For this objective I used the following resources:
VMware KB Article 1003908 Troubleshooting a Failed VMware Tools Installation in a Guest Operating
System
VMware KB Article 1003999 Identifying Critical Guest OS Failures Within Virtual Machines.
Knowledge
Identify General ESXi Host Troubleshooting Guidelines
The vSphere Troubleshooting guide is the one stop shop for this section
Identify General vCenter Troubleshooting Guidelines
The vSphere Troubleshooting guide is the one stop shop for this section
Troubleshoot Common Installation Issues
Refer to Objective 1.3 and make sure your hosts meet the hardware requirements as well as the VMware HCL. If
using AutoDeploy refer to pages 20 thru 26 of the vSphere Troubleshooting guide and also VMware KB 2000988
(Troubleshooting vSphere Auto Deploy).
Monitor ESXi System Health
With the release of ESXi back in the VI 3.5 days it provided a new way to manage your hosts, the Common
Information Model (CIM). CIM allows for a standard framework to manage computing resources and presents this
information via the vSphere Client. For further information read the VMware White Paper The Architecture of
VMware ESXi as well as this VMware Support Insider blog post.
Locate and Analyze vCenter and ESXi Logs
ESXi Log Files and Locations
Log
Description
/var/log/auth.log
104
/var/log/dhclient.log
/var/log/esxupdate.log
/var/log/lacp.log
/var/log/hostd.log
/var/log/shell.log
/var/logsysboot.log
/var/log/boot.gz
/var/log/syslog.log
/var/log/usb.log
USB device arbitration events, such as discovery and passthrough to virtual machines
/var/log/vobd.log
/var/log/vmkernel.log
Vide acceleration
105
Description
vpxd.log
The main vCenter Server log, consisting of all vSphere Client and
WebServices connections, internal tasks and events, and
communication with the vCenter Server Agent (vpxa) on
managed ESXi/ESX hosts.
vpxd-profiler.log
vpxd-alert.log
cim-diag.log and
vws.log
drmdump
ls.log
vimtool.log
stats.log
sms.log
eam.log
106
jointool.log
vmkping Works like a ping command but allows for sending traffic out a specific vmkernel interface
esxcli network name space Used for monitoring or configuring ESXi networking
esxcli storage name space Used for monitoring or configuring ESXi storage
vmkfstools Allows for the management of VMFS volumes and virtual disks from the command line
Virtual Machine Does Not Power On After Cloning or Deploying From Template
107
Fault Tolerance requirements are covering in Objective 7.5 Troubleshoot HA and DRS Configurations and Fault
Tolerance. For the latency portion remember the following:
108
VMware KB Article 1001938 Host Requirements for Link Aggregation for ESXi and ESX
VMware KB Article 1008205 Using ESXTOP to Identify Storage Performance Issues for ESX/ESXi
Knowledge
Verify
Network
Configuration
Refer to each objective under Section Two. Focus on the core concepts and configuration of both vNetwork
Standard Switches and vNetwork Distributed Switches:
Port/dvPort Groups
VLAN Settings
Security Policies
For additional information read the VMware Information Guide VMware Virtual Networking Concepts. This
document is based on VI3 but still does a good job with the core functions of a vStandard Switch.
Verify
a
Given
Virtual
Machine
is
configured
with
the
Correct
Network
Resources
Instead of duplicating work, refer to VMware KB 1003893, Troubleshooting Virtual Machine Network Connection
Issues. More than enough information listed there.
109
Virtual Machine
Obtain the name and partition number of the device that backs the VMFS datastore that you need to check
#esxcli storage vmfs extent list
Run VOMA to check for VMFS errors. Provide the absolute path to the device partition that backs the
VMDS datastore, and provide a partition number with the device name:
# voma m vmfs f check d /vmfs/devices/disks/naa.600508e000000000b367477b3be3d703:3
For the full run down of VOMA command options review the table on page 66 of the vSphere Troubleshooting
documentation.
110
Threshold Description
DAVG
25
GAVG
25
KAVG
The following diagram (provided by VMware) provide a visual representation of the chart above:
111
Monitor/Troubleshoot
Storage
Distributed
Resource
Scheduler
(SDRS)
Refer to Section 6, Troubleshooting Resource Management in vSphere Troubleshooting 6.0 documentation (pages
47 thru 55).
112
VMware KB Article 2032892 Collecting Diagnostic Information for ESX/ESXi Hosts and vCenter
Server Using the vSphere Web Client
VMware KB Article 1011641 - Collecting Diagnostic Information for VMware vCenter Server
VMware KB Article 653 - Collecting Diagnostic Information for Vmware ESX/ESXi Using the vSphere
Client
VMware KB Article 1010705 - Collecting Diagnostic Information Using the vm-support Command in
VMware ESX/ESXi
VMware KB Article 1027932 - Collecting Diagnostic Information for VMware vCenter Server and
ESX/ESXi Using the vSphere PowerCLI
Knowledge
Identify
vCenter
Server
and
vCenter
Server
Appliance
Upgrade
Issues
For this section I am going to take the easy way out. Refer to Section 12 of the vSphere
Troubleshooting documentation. This section covers the following topics:
Errors and Warnings Returned by the Installation and Upgrade Precheck Script
VMware Component Manager Error During Startup After vCenter Server Appliance Upgrade
Microsoft SQL Database Set to Unsupported Compatibility Mode Causes vCenter Server Installation or
Upgrade to Fail
Click the vCenter Server that contains the ESX/ESXi hosts you
113
Select the Monitor tab in right hand navigation screen and choose System Logs
Optionally, select the Include vCenter Server and vSphere Web Client Logs.
Click Next
For additional diagnostic and log collection (either virtual appliance, ESXi hosts, or Windows vCenter) have a look
at the following VMware KB articles:
Gathering vCenter Server Log Bundles (VMware KB 1011641, Collecting Diagnostic Information for VMware
vCenter Server)
Gathering vCenter Server and ESXi Log Bundles (VMware KB 653, Collecting Diagnostic Information for
Vmware ESX/ESXi Using the vSphere Client)
Using vm-support command line tool (VMware KB 1010705, Collecting Diagnostic Information Using the vmsupport Command in VMware ESX/ESXi)
114
Leveraging PowerCLI (VMware KB 1027932, Collecting Diagnostic Information for VMware vCenter Server
and ESX/ESXi Using the vSphere PowerCLI)
vSphere Update Manager For me this is my favorite of the options. You should already have VUM installed
in your environment so the only work that really needs to be done is importing the ESXi 6.0 ISO into the
repository and creating an Upgrade baseline. Super easy.
Upgrade via ESXi Installer (ISO on USB/CD/DVD) In a small enough environment you might just be able
to create a boot image from the ESXi 6.0 ISO and place it on a CD/DVD/USB device and boot the ESXi host
from it. This would be labeled as an interactive upgrade. You will have to provide some inputs to complete
the upgrade
Perform Scripted Upgrade I myself havent used nor seen a lot of scripted upgrades in the field. It is
supported and could be a faster deployment method to multiple hosts over VUM.
vSphere Auto Deploy Using Auto Deploy you can reprovision the host and reboot it with a new image profile.
This profile would include the ESXi upgrade to 6.x. You will need to leverage vSphere Image Builder to build
the package
esxcli You can use the esxcli command-line utility to upgrade hosts to ESXi 6.x
Select the Settings tab in right hand navigation screen and choose General
The Edit vCenter Server Settings dialog will be displayed. Select Logging Settings
115
Description
Verbose (Verbose)
log entries
Trivia (Extended Verbose)
116
VMworld 2010 session TA6720, Troubleshooting using ESXTOP for Advanced Users
Knowledge
Describe
How
Tasks
and
Events
are
Viewed
in
vCenter
Server
View All Tasks
To display the tasks in the vCenter Server, select the root folder
Select Tasks
The screenshot below shows the Tasks tab of a virtual machine in my lab:
View Events
To display the tasks in the vCenter Server, select the root folder
Select Events
The screenshot below shows the Events tab for my lab cluster:
117
Description
SWR/s and Measured in megabytes, these counters represent the rate at which the
SWW/s
SWCUR
This is the amount of swap space currently used by the virtual machine
SWTGT
This is the amount of swap space that the host expects the virtual machine
to use
MCTL
MCTLSZ
MCTLTGT Maximum amount of memory that the host wants to reclaim via the
balloon driver
Description
%Used
%RDY
Percentage of time a group was ready to run but was not provided CPU
resources
%CSTP
118
Description
MbTX/s
MbRX/s
%DRPTX
%DRPRX
Description
DAVG
KAVG
GAVG
The total latency seen from the virtual machine when performing an I/O
request
ABRT/s
119
system BIOS
High Performance
Balanced (Default)
Low Power
Custom
In the right-hand navigation, select the Manage tab and select Settings
120
need to be of the same CPU manufacturer, you can not mix AMD with Intel and vise versa). With EVC mode
enabled and configured it is then possible to leverage vMotion to migrate virtual machines across hosts.
For troubleshooting EVC mode, it mostly commands down to if the CPU in the ESXi host is supported. They below
listing is pulled from VMware KB Article 1005764 EVC and CPU Compatibility FAQ.
ESXi 6.0 Supports these EVC Modes
Overview Charts Display multiple data sets in one panel to easily evaluate different resource statistics,
display thumbnail charts for child objects, and display charts for a parent and a child object
Advanced Charts Display more information than overview charts, are configurable, and can be printed or
exported to a spreadsheet
121
Knowledge
Identify HA/DRS and vMotion Requirements
HA Requirements
All hosts need to be configured with static IP addresses. If you are using DHCP, you must ensure that the
address for each hosts persists across reboots
There should be at least on management network in common among all hosts and best practices is to have
at least two. Management networks differ depending on the version of host you are using.
o
To ensure that any virtual machine can run on any host in the cluster, all hosts should have access
to the same virtual machine networks and datastores
vSphere HA supports both IPv4 and IPv6. A cluster that mixes the use of both of the protocol versions,
however is more likely to result in a network partition
Shared Storage
o
Place the disks of all virtual machines on VMFS volumes that are accessible by all hosts
Ensure the VMFS volumes on source and destination host use volume names, and all virtual
machines use those volume names for specifying the virtual disks
Processor Compatibility Processors of both the source and destination host must be of the same vendor
(AMD or Intel) and be of the same processor family. This requirement is more for the use of vMotion and
allowing a VM to execute its processes from one host to the other. vCenter provides advanced features to
make sure that processor compatibility requirements are met:
122
Enhanced vMotion Compatibility (EVC) You can use EVC to help ensure vMotion
compatibility for the hosts in a cluster. EVC ensures that all hosts in a cluster present the same
CPU feature set to virtual machines, even if the actual CPUs on the hosts differ. This prevents
migration with vMotion from failing due to incompatible CPUs.
CPU Compatibility Masks vCenter Server compares the CPU features available to a virtual
machine with the CPU features of the destination host to determine whether to allow or disallow
migrations with vMotion. By applying CPU compatibility mask to individual virtual machines,
you can hide certain CPU features from the virtual machine and potentially prevent migrations
with vMotion from failing due to incompatible CPUs.
For further information see pages 63 thru 64 of the vSphere Resource Management documentation
vMotion Requirements
The virtual machine configuration file for ESXi hosts must reside on a VMware Virtual Machine File
System (VMFS)
vMotion does not support raw disks or migration of applications clustered using Microsoft Cluster Service
(MSCS)
vMotion requires a private Gigabit Ethernet (minimum) migration network between all of the vMotion
enabled managed hosts. When vMotion is enabled on a managed host, configure a unique network identity
object for the managed host and connect it to the private migration network
You cannot use migration with vMotion to migrate a virtual machine that uses a virtual device backed by a
device that is not accessible on the destination host
You cannot use migration with vMotion to migrate a virtual machine that uses a virtual device backed by a
device on the client computer
For further information see page 56 of the vSphere Resource Management documentation and pages 123 thru 124 of
the vCenter Server and Host Management documentation
Verify vMotion/Storage vMotion Configuration
See above sections for DRS and vMotion requirements. Key areas of focus will be proper networking (VMKernel
interface for vMotion), CPU compatibility and shared storage access across all hosts.
Verify HA Network Configuration
On legcacy ESX hosts in the cluster, vSphere HA communications travel over all networks that are
designated as service console networks. VMkernel networks are not used by these hosts for vSphere HA
communications
On ESXi hosts in the cluster, vSphere HA communications, by default, travel over VMkernel networks,
except those marked for use with vMotion. If there is only one VMkernel network, vSphere HA shares it
with vMotion, if necessary. With ESXi 4.x and ESXi, you must also explicitly enable the Management
Network checkbox for vSphere HA to use this network
123
Host failures the cluster tolerates (default) You can configure vSphere HA to tolerate a specified number
of host failures. Uses a slot size to display cluster capacity
Percentage of cluster resources reserved as failover spare capacity You can configure vSphere HA to
perform admission control by reserving a specific percentage of cluster CPU and memory resources for
recovery from host failure
Specify failover hosts You can configure vSphere HA to designate specific hosts as the failover hosts
Over sized VMs with high CPU/memory reservations. This will affect slot sizes
Lack of capacity/resources if you using Specify Failover Hosts, IE not enough hosts set as failovers
See Section 5 Troubleshooting Availablity in the vSphere Troubleshooting documentation that outlines common
failover scenarios for each of the three Admission Control Policies. For further reading on the three admission
control policies see page 22 thru 28 of the vSphere Availability documentation.
Troubleshoot HA Redundancy Issues
Like all other components in a vSphere design, you want design redundancy for a clusters HA network traffic. You
can go about this one of two ways or both. The use of NIC of teaming (two physical NICs preferably connected to
separate physical switches) is the most common method used. This will allow either of the two links to fail and still
be able to communicate on the the network. The second option is the setup and creation of a secondary management
network. This second interface will need to be attached to a different virtual switch as well as a different subnet as
the primary network. This will allow for HA traffic to be communicated over both networks.
Interpret the DRS Resource Distribution Graph and Target/Current Host Load Deviation
The DRS Resource Distribution Chart is used to display both memory and CPU metrics for each host in the cluster.
Each resource can be displayed in either a percentage or as a size in mega bytes for memory or mega hertz for CPU.
In the chart display each box/section represents a VM running on that host and the resources it is currently
consuming. The chart is accessed from the Summary tab at the cluster level under the section for VMware DRS.
Click the hyperlink for View Resource Distribution Chart.
124
The target/current host load deviation is a representation of the balance of resources across the hosts in your cluster.
The DRS process runs every 5 minutes and analyzes resource metrics on each host across the cluster. Those metrics
are plugged in an equeation:
(VM entitlements)/(Host Capacity)
This value returned is what determines the Current host load standard deviation. If this number is higher then the
Target host load standard deviation your cluster is imbalanced and DRS will make recommendations on which
VMs to migrate to re-balance the cluster.
This is just my basic understanding of how DRS works. For complete down in the weeds explanations I would
recommend reading this post as well as this one from Duncan Epping @ Yellow-Bricks.com.
Troubleshoot DRS Load Imbalance Issues
DRS clusters become imbalanced/overcomitted for several reasons:
A cluster becomes invalid if vCenter Server is unavailable and you power on virtual machines using a
vSphere Client connected directly to a host
A cluster becomes invalid if the user reduces the reservation on a parent resource pool while a virtual
machine is in the process of failing over
If changes are made to hosts or virtual machines using a vSphere Client connected to a host while vCenter
Server is unavailable, those changes take effect. When vCenter Server becomes available again, you might
find that clusters have turned red or yellow because cluster requirements are no longer met.
Virtual machine disks must be in persistent mode or be raw device mappings (RDMs). For virtual
compatibility mode RDMs, you can migrate the mapping file or convert to thick-provisioned or thinprovisioned disks during migration as long as the destination is not an NFS datastore. If you convert the
mapping file, a new virtual disk is created and the contents of the mapped LUN are copied to this disk. For
physical compatibility mode RDMs, you can migrate the mapping file only.
The host on which the virtual machine is running must have a license that includes Storage vMotion
The host on which the virtual machines is running must have access to both the source and target datastore
125
Identify the Root Cause of a DRS/HA Cluster or Migration Issue Based on Troubleshooting Information
Use information from above topics to help isolate the issue based on HA/DRS requirements as well pages from the
reference documents listed.
Verify Fault Tolerance Configuration
Identify Fault Tolerance Requirements
When VMware Fault Tolerance was originally announced back in the ESXi/ESX 4.x days it received a lukewarm
reception. While the concept of protecting tier 1 workloads with a synchronous/shadow VM, the requirment of
supporting a single vCPU virtual machine limited the use case of the feature. In vSphere 6 VMware has lifted the
vCPU limitation from 1 vCPU to up 4 vCPU (based on licensing). With this increase I would assume this feature
will now be leveraged in environments.
Beyond the increase of support for multi processor, there are other requirements/features you should know for the
exam:
Physical CPUs must be compatible with vSphere vMotion or Enhanced vMotion Compatibility (EVC)
Physical CPUs must support hardware MMW virtualization (Intel EPT or AMD RVI
While FT provides a higher level of availability, there are a few features that are NOT supported if a VM is
protected via Fault Tolerance:
Storage vMotion
Linked Clones
126
I/O filters
127
128
Set
up
your
DHCP
server
to
point
to
the
TFTP
server
on
which
the
TFTP
configuration
exists
o On
your
DHCP
server
specify
the
following
options:
Option
66:
the
IP
address
of
the
TFTP
server
Option
67:
the
boot
file
name,
undionly.kpxe.vmw-hardwired
o Set
up
your
ESXi
servers
to
network
or
PXE
boot
o Set
up
the
image
profile
(if
one
doesnt
exist)
and
write
a
rule
that
assigns
that
image
profile
to
hosts
Explain
PowerCLI
cmdlets
for
Autodeploy
o PowerCLI
cmdlets
are
Powershell
cmdlets
that
pertain
directly
to
Autodeploy
and
are
used
to
configure
image
profiles,
deployment
rules,
and
other
various
Autodeploy
tasks.
In
order
to
use
them
youll
need
to
install
vSphere
PowerCLI
(includes
the
Autodeploy
cmdlets)
o Add-EsxSoftwareDepot:
this
cmdlet
will
add
a
depot
to
the
PowerCLI
environment.
You
can
specify
a
public
URL
(VMware
hosts
a
public
repository);
also
known
as
a
remote
depot.
You
can
specify
a
zip
file
which
contains
images
as
well;
known
as
a
ZIP
file
o Get-EsxImageProfile:
this
cmdlet
will
return
a
list
of
image
profiles
that
you
loaded
into
the
environment
using
the
Add-EsxSoftwareDepot
cmdlet
o New-DeployRule:
this
cmdlet
will
create
a
new
deployment
rule
for
auto
deploy.
During
rule
creation
you
will
specify
an
image
profile.
You
can
also
specify
patterns
for
the
rule,
such
as
a
vendor.
For
example,
if
you
specify
Dell
as
the
vendor
then
this
rule
will
only
apply
to
ESXi
servers
that.
You
can
also
specify
an
IP
range
using
the
ipv4
parameter.
The
range
you
specify
here
means
this
deployment
rule
will
only
apply
to
ESXi
hosts
with
IP
addresses
in
the
specified
range
o Add-DeployRule:
this
will
add
the
specified
rule
to
the
working
rule
set
and
the
active
rule
set.
You
can
specify
the
NoActivate
parameter
to
only
add
it
to
the
working
rule
set
and
NOT
the
active
rule
set
o Get-DeployRule:
this
cmdlet
will
return
a
list
of
all
the
deployment
rules
along
with
the
associated
patterns
and
items
o Copy-DeployRule:
this
cmdlet
will
copy
a
deployment
rule
to
use
as
a
template
to
create
a
new
deployment
rule.
Deploy/Manage
multiple
ESXi
hosts
using
Autodeploy
o Once
youve
set
up
and
prepared
the
auto
deploy
environment
youre
ready
to
deploy
ESXi
hosts
using
Auto
Deploy.
The
first
boot
of
an
ESXi
server
that
hasnt
not
yet
been
provisioned
using
Auto
Deploy
will
go
through
a
different
process
during
the
first
boot
than
subsequent
reboots
o During
the
first
boot
youll
turn
the
host
on
and
it
will
contact
the
DHCP
server
to
get
an
IP
address
and
it
will
download
the
iPXE
from
the
TFTP
server.
The
Auto
Deploy
server
o
129
will
then
provision
the
host
using
the
image
specified
by
the
Auto
Deploy
rule
engine.
If
a
host
profile
is
specified
in
the
rule
set
then
it
will
also
get
deployed
Once
the
host
is
booted
for
the
first
time
its
added
to
vCenter
and
vCenter
will
then
store
the
hosts
image
profile,
the
host
profile
(it
there
is
one)
and
location
information.
Subsequent
reboots
of
the
ESXi
host
will
then
be
reprovisioned
by
vCenter
You
can
reprovision
a
host
with
a
new
image
profile
by
changing
the
rule
that
is
associated
with
the
host
to
use
a
new
image
profile
Tools
130
In
the
Host
Profiles
view,
select
the
host
profile
you
want
to
edit
Click
the
Actions
menu
>
click
Edit
Settings
Here
you
can
edit
the
name
and
description
of
the
host
profile
>
click
Next
On
the
Edit
Host
Profile
page
youll
have
a
ton
of
options
that
you
can
select,
deselect,
and
specify
further
settings
on
Once
youve
made
your
edits
click
Next
Click
Finish
131
Attach/Apply
a
Host
Profile
to
an
ESXi
host
or
cluster
o Log
into
the
vSphere
Web
client
o Click
the
Host
Profiles
icon
o Select
the
host
profile
that
you
want
to
attach
from
the
host
profile
list
o Click
the
second
to
the
last
icon
to
Attach/Detach
a
host
profile
to
hosts
and
clusters
o Select
the
host,
hosts,
cluster
or
clusters
you
want
to
attach
the
host
profile
to
o Click
the
Attach
button
to
move
them
over
to
right-most
pane
o Click
Next
o If
the
host(s)
or
cluster(s)
require
additional
customizations
then
youll
need
to
enter
them
in
the
provided
spot
for
each
setting
that
requires
customization
o Click
Finish
Perform
compliance
scanning
and
remediation
of
an
ESXi
host
using
Host
Profiles
Check
Host
Profile
Compliance
o
o
o
o
o
Remediate
a
Host
using
Host
Profiles
o
o
o
o
o
o
o
Tools
132
133
On
the
options
page
click
Advanced
options
and
click
the
Synchronize
tab
Select
synchronize
changes
You
can
choose
to
power
on
the
source
machine
once
the
conversion
is
done
in
the
post-conversion
tab
o You
can
also
select
to
Power
on
the
destination
virtual
machine
once
the
conversion
is
complete
o Once
you
get
to
the
summary
tab
review
all
the
details
and
submit
the
conversion
job
Modify
server
resources
during
conversion
o During
the
conversion
of
the
physical
machine
you
have
the
options
to
change
resource
such
as:
Extend
an
existing
volume
Remove
an
existing
volume
Add
a
new
volume
Change
the
memory
configuration
Change
the
number
of
CPUs,
sockets
or
cores
Add
or
remove
network
adpaters
o This
process
is
pretty
straight
forward
when
going
through
the
wizard
Interpret
and
correct
errors
during
conversion
o During
the
conversion
errors
can
happen
at
different
points
of
the
process.
Here
are
a
few
common
ones
that
you
might
run
into:
A
virtual
machine
fails
to
boot
after
conversion.
A
lot
of
things
can
cause
this,
such
as
the
scsi
controller
selected
during
the
conversion
process.
If
the
virtual
machine
blue
screens
you
can
also
try
running
a
Windows
repair
Conversion
fails
at
2%.
Check
firewall
settings,
ensure
you
have
the
proper
IP
address
and
DNS
names,
and
that
those
DNS
names
resolve
properly
o Check
the
VMware
Converter
Standalone
log
files.
Here
are
the
locations:
Windows
Vista,
7
and
2008:
c:\users\all
users\application
data\vmware\vmware
converter
enterprise\logs
Windows
8
and
2012:
c:\programdata\vmware\vmware
vcenter
converter
standalone\logs
o
o
o
Tools
134
VMware KB Article Advanced Configuration Options for VMware High Availability in vSphere 5.x
(2033250)
Knowledge
Explain Advanced vSphere HA Settings
Enable/Disable Advanced vSphere HA Settings
Since both these topics pretty much go hand in hand I am going to cover them jointly. VMware vSphere allows you
to add to or change the default behavior of the cluster HA settings. While the default settings maybe appropriate for
the majority of environments, depending on your specific implementation setting changes may be needed. I hope it
goes without saying that vSphere HA will need to be enabled on the given cluster to make any changes.
Listing of Advanced Options
Option
Description
das.isolationaddress[...]
135
das.isolationshutdowntimeout
das.slotmeminmb
das.slotcpuinmhz
das.vmmemoryminmb
das.vmcpuminmhz
136
das.ignoreinsufficienthbdatastore
das.heartbeatdsperhost
fdm.isolationpolicydelaysec
das.respectvmvmantiaffinityrules
137
das.maxterminates
das.terminateretryintervalsec
das.config.fdm.reportfailoverfailevent
138
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Click Add and type the name of the advanced option in the text box
Set the value of the option in the text box in the Value column
Repeat the following two steps for additional options you would like to add. Click OK when completed.
The screenshot below displays the Edit Cluster Settings window and for an example I have the advanced options
for das.slotmeminmb and das.slotcpuinmhz (values are 512 and 500 respectively):
139
For a complete listing of all the available vSphere HA settings have a look at VMware KB Article 2033250
Advanced Configuration Options for VMware High Availability in vSphere 5.x (Note, at the time of this blog post
there is not an equivalent VMware KB article for vSphere 6.x)
Explain How vSphere HA Interprets Heartbeats
vSphere HA utilizes the concept of master and slave hosts to build out an HA cluster. These hosts communicate with
each other using heartbeats. The master host is responsible for detecting the failure of slave hosts in the cluster. The
hosts communicate with network heartbeats every second with the master host monitoring the slave hosts. If the
master host stops receiving heartbeats from a slave host the master host will check to see if the slave host has
exchange heartbeats with a datastore (Datastore Heartbeating) and will also verify if the management IP of the slave
host responds to ICMP ping requests. If all checks have not succeeded that slave host is considered to have failed
and its virtual machines will be restarted.
Identify Virtual Machine Override Priorities
140
Each virtual machine in a vSphere HA cluster is assigned the cluster default settings for VM Restart Priority, Host
Isolation Response, VM Component Protection, and VM Monitoring. You can specify specific behavior for each
virtual machine by changing these defaults. If the virtual machine leaves the cluster, these settings are lost.
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Use the + button to launch the Select a VM popup. Select the virtual machine or machines to which to
apply the overrides
Change the virtual machine settings for VM restart priority, Response for Host Isolation, etc.
In the example screen shot below, I selected the virtual machine VCP and made changes to both the VM restart
priority and Response for Host Isolation options:
141
PDL PDL (Permanent Device Loss) is an unrecoverable loss of accessibility that occurs when a storage
device reports the datastore is no longer accessible by the host. This condition cannot be reverted without
powering off virtual machines
APD APD (All Paths Down) represents a transient or unknown accessibility loss or any other
unidentified delay in I/O processing. This type of accessibility issue is recoverable
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
142
PDL Failures A virtual machine is automatically failed over to a new host unless you have configured
VMCP only to Issue Events
APD Events The response to APD is more complex and accordingly the configuration is more finegrained. After the user-configured Delay for VM failover for APD period has
elapsed, the action taken depends on the policy you selected. An event will be issued and the virtual
machine is restarted conservatively or aggressively. The conservative approach does not terminate the
virtual machine if the success of the failover is unknown, for example in a network partition. The
aggressive approach does terminate the virtual machine under these
conditions. Neither approach terminates the virtual machine if there are insufficient resources in the cluster
for the failover to succeed. If APD recovers before the user-configured Delay for VM failover for APD
period has elapsed, you can choose to reset the affected virtual machines, which recovers the guest
applications that were impacted by the IO failures.
143
Knowledge
Identify Distributed Resource Scheduler (DRS) Affinity Rules
With Distributed Resource Scheduler (DRS going forward) enabled on your vSphere cluster you can manage the
placement of virtual machines within that cluster. The use of an affinity rule allows for this level of control. There
are two types of of rules:
VM-Host Affinity - Used to specify affinity or anti-affinity between a group of virtual machines and a
group of hosts. An affinity rule specifies that the members of a selected virtual machine DRS group can or
must run on the members of a specific host DRS group. An anti-affinity rule specifies that the members of
a selected virtual machine DRS group cannot run on the members of a specific host DRS group.
VM-VM Affinity - Used to specify affinity or anti-affinity between individual virtual machines. A rule
specifying affinity causes DRS to try to keep the specified virtual machines together on the same host, for
example, for performance reasons. With an anti-affinity rule, DRS tries to keep the specified virtual
machines apart, for example, so that when a problem occurs with one host, you do not lose both virtual
machines
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand
navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Provide a Name for the group and for the Type dropdown select Host Group
Click OK to finish.
144
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Provide a Name for the group and for the Type dropdown select VM Group
Click OK to finish.
145
Now with hour host and virtual machine groups defined we can create some actual affinity rules. For our first
example we will create a VM to Host rule:
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Provide a Name for the rule and check the Enable Rule check box
From the VM Group and Host Group select you created groups accordingly
Must run on hosts in group Virtual machines in VM Group must run on hosts in Host Group
Should run on hosts in group Virtual machines in VM Group should, but are not required, to
run on hosts in Host Group
Must not run on hosts in group Virtual machines in VM Group must never run on hosts in
Host Group
Should not run on hosts in group Virtual machines in VM Group should not, but might, run
on hosts in Host Group
Click OK
146
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Provide a Name for the rule and check the Enable Rule check box
147
Screen shot below over competed VM to VM Affinity (separate virtual machines) rule:
C
Identify Distributed Resource Scheduler (DRS) Automation Levels
Configure Distributed Resource Scheduler (DRS) Automation Levels
Going to bundle these two topics together as they are some closely aligned. VMware vSphere DRS supports three
levels of automation for virtual machine initial placement and migration. I put automation in quotes, as you will
see in the table below the first option, manual, isnt so automated.
Automation Level
Action
148
Manual
Partially Automated
Fully Automated
Configuring DRS can take place during the vSphere Cluster object creation, or if not enabled during creation can be
enabled after the fact. To enable DRS post cluster creation complete the following steps:
From the Home screen in the vSphere Web Client, select Hosts and Clusters in the right hand navigation
In the left hand pane select expand your Datacenter object and select the vSphere Cluster
Click OK
149
150
.vmx
.vmxf
.nvram
.log
.vmdk
-flat.vmdk
-delta.vmdk
.vswp
.vmss
.vmsd
.vmsn
.ctk
The.vmx
file
has
entires
in
it
that
define
the
make
up
of
the
virtual
machine.
Heres
an
example
of
what
one
looks
like
config.version
=
"8"
virtualHW.version
=
"7"
floppy0.present
=
"FALSE"
numvcpus
=
"6"
memSize
=
"12288"
sched.cpu.units
=
"mhz"
tools.upgrade.policy
=
"manual"
ethernet0.virtualDev
=
"vmxnet3"
ethernet0.dvs.switchId
=
"d4
e0
15
50
78
31
6a
1b-dd
fe
50
28
23
1d
38
47"
displayName
=
"clt-vcenter01-p.labclt.local"
annotation
=
"VMware
vCenter
Server
Appliance|0A|0AVersion
5.5
of
VC
running
on
SLES
11"
guestOS
=
"sles11-64"
151
DirectPath
I/O
allows
a
virtual
machine
to
access
the
physical
PCI
functions,
meaning,
the
guest
operating
system
of
the
virtual
machine
will
have
direct
access
to
the
PCI/PCIe
devices.
These
devices
would
be
connected
to
the
ESXi
host
where
the
virtual
machine
resides
o You
can
have
up
to
6
PCI
devices
that
a
virtual
machine
can
access
o Direpatch
I/O
does
not
support
the
following:
You
cant
hot-add
to
the
virtual
machine
(CPU/Memory)
There
is
no
HA
support
There
is
no
FT
support
Snapshots
are
not
supported
No
vMotion
o DirectPath
I/O
is
enabled
on
the
virtual
machine
by
selecting
the
PCI
device
that
you
want
to
pass
through
to
the
virtual
machine
Enable/Disable
Advanced
virtual
machine
settings
o Log
into
the
vSphere
Web
client
o Click
the
VMs
and
Templates
icon
o From
the
inventory
tree
on
the
left
find
a
virtual
machine
you
want
to
enable/disable
advanced
virtual
machine
settings
on
o Right-click
the
virtual
machine
>
click
Edit
Settings
o Click
the
VM
Options
tab
o The
below
screenshot
has
a
list
of
the
available
advanced
settings
o
152
The
most
prevelant
advanced
setting
is
probably
the
Swap
file
location
Tools
153
Click
OK
Configure
Content
Library
authentication
o Log
into
the
vSphere
Web
client
o On
the
left
click
vCenter
Inventory
Lists
o Click
Content
Libraries
o In
the
right-pane
in
the
Objects
tab,
find
the
content
library
that
you
want
to
enable
authentication
on
o Click
the
Actions
menu
>
click
Edit
Settings
o Click
the
checkbox
that
says
Enable
user
authentication
for
access
to
this
library
o Enter
in
a
password
and
confirm
it
>
click
OK
o
NOTE:
If
you
have
other
sites
that
have
subscribed
to
this
content
prior
to
enabling
authentication
you
will
need
to
go
re-configure
those
subscribed
content
libraries.
If
you
dont,
youll
see
this
error
the
next
time
the
subscribee
tries
to
synchronize
content
154
155
o
o
o
o
o
Click
Next
You
need
to
add
storage
for
your
content
library.
You
can
choose
to
enter
in
a
local
system
path
or
a
location
to
a
NFS
share,
or,
you
can
use
an
existing
datastore.
Ill
be
using
an
existing
datastore
Click
Next
once
youve
made
a
selection
Click
Finish
To
remove
a
content
library
select
the
content
library
you
want
to
remove
>
156
Tools
157
158
The
VCC
user
interface
comes
in
the
form
of
a
vCenter
plugin
and
is
available
in
the
vCenter
Web
Client
o The
VCC
server
is
an
appliance
that
you
deploy
in
your
private
datacenter
and
handles
communication
to
vCloud
Air
o VCC
nodes
are
responsible
for
data
transfer
between
your
private
datacenter
and
your
vCloud
Air
instance
o Here
are
some
requirements
youll
have
to
meet
before
you
can
install
VCC
in
your
private
datacenter.
You
dont
need
to
worry
about
VCC
being
installed
in
your
vCloud
Air
instance
as
VMware
has
already
taken
care
of
that.
This
requirements
come
from
the
latest
VCC
Install/Configure
document
that
was
mentioned
above:
vSphere
4.0
update
3
and
higher
is
required
If
youre
doing
the
datacenter
extension
piece
with
VCC
youll
need
to
have
vShield
Manager
in
the
environment,
version
5.1.2
or
higher
vSphere
client
4.0
update
3
or
higher
IE
8
or
IE
9
is
supported
Chrome
22
or
23
is
supported
Ports
80,443,8190
and
5480
are
required
Configure
vCenter
Server
connection
to
vCloud
Air
o Download
and
install
the
VCC
OVA
into
your
environment.
This
is
a
standard
OVA
deployment,
which
Ill
assume
you
know
how
to
do.
If
not
please
reference
the
aforementioned
VCC
Install/Configure
document
o Once
youve
powered
on
VCC
navigate
to
it
with
a
web
browser
and
the
VCC
name
or
IP:
https://<vcc
name-or-ip:5480
o Log
in
with
username:
admin
and
password
vmware
o Do
the
general
configuration
once
you
log
in
o Use
the
vCenter
tab
to
configure
the
vSphere
Web
Client
extension
o The
Nodes
tab
is
where
youll
configure
the
connection
the
nodes
that
are
deployed
o Next
youll
need
to
deploy
a
VCC
node
in
your
vSphere
environment.
To
do
this
youll
deploy
the
OVA
for
VCC
o In
the
same
Nodes
tab
you
can
connect
VCC
to
the
cloud
nodes.
Register
a
new
node,
select
the
cloud
tyoe
and
enter
in
the
IP/FQDN
o You
will
also
need
to
register
the
node
that
has
been
deployed
in
your
private
datacenter
in
the
same
fashion
o If
you
havent
registered
the
VCC
extension
in
the
vSphere
Web
Client,
do
that
now
by
going
to
the
vCenter
tab
in
the
VCC
admin
interface
and
entering
the
configuration
information
o Once
all
of
this
is
done
youll
be
able
to
log
into
the
vSphere
Web
client
and
see
the
VCC
icon
on
the
home
page
o
159
160
o
o
o
o
o
o
o
Once
the
replication
wizard
opens
select
Replicate
to
a
cloud
provider
>
click
Next
Select
the
target
site
to
the
cloud
provider
that
you
just
set
up
>
select
the
virtual
datacenter
you
want
to
replicate
to
>
click
Next
Select
the
storage
policy
you
want
to
use
from
the
drop-down
menu
>
click
Next
Select
a
see
vApp
from
the
list
and
click
Next
>
you
can
select
quiesce
option
you
want
to
use
for
the
source
virtual
machine
(optional)
Click
Next
>
select
the
RPO
you
want
for
the
virtual
machine
by
moving
the
slider
bar.
You
can
select
between
15
minutes
and
24
hours
>
click
Next
Click
Finish
Youve
now
successfully
configured
replication
for
an
object
in
vCloud
Air
Disaster
Recovery
Services
Tools
161