vCloud Director and vCloud Networking and Security Product Update

In case you may have missed it, VMware made a couple big announcements today around vCloud Director and vCloud Networking and Security (vCNS).

VMware is committed to delivering an exceptional customer experience and—in response to feedback from you, our customers—we are moving toward more simplified packaging and unified licensing of our cloud stack. Driven by this commitment, we’re implementing an integrated approach to the packaging of all of the essential capabilities for building a software-defined data center.

As part of this key initiative, this month we’re announcing the End of Availability of the stand-alone editions of VMware vCloud® Director® and VMware vCloud® Networking and Security. This communication provides important information for you as a license holder of vCloud Director, vCloud Networking and Security, and/or VMware vShield.

End of Availability: VMware vCloud Director Stand-alone
VMware vCloud Director orchestrates the provisioning of software-defined data center services as complete virtual data centers that are ready for consumption in a matter of minutes. Virtual data centers provide virtualized compute, networking, storage, and security. Effective as of the general availability of vCloud Director 5.5 and the vCloud Suite® 5.5, VMware is making the following packaging changes to make this technology more easily accessible:

  • vCloud Director 5.5 will be available only as part of vCloud Suite 5.5.
  • VMware will retire the stand-alone SKUs for vCloud Director.
  • Existing customers can maintain their vCloud Director through either the entitlement program or while converting to vCloud Suite with the Fair Value Conversion Program.

Please take note that the last day to order vCloud Director Stand-alone is September 19, 2013.

Extended Support for vCloud Director 5.5
Generally, as per VMware Enterprise Application Support Policy, VMware will support the current release of software for 2 years from the general availability of the Major Release, or the latest released version for 12 months. However, VMware will provide extended support for vCloud Director 5.5 with support available for 4 years from general availability. Customers will be able to get telephone and Internet support for vCloud Director 5.5 until their current contract expires or until Q3, 2017, whichever is earlier.

The End of Support date for vCloud Director 5.1 remains as September 10, 2014.

For more information:
–    Read our Customer Announcement
–    Visit the VMware vCloud Suite page

End of Availability: VMware vCloud Networking and Security Stand-alone
VMware vCloud Networking and Security provides essential networking and security capabilities for the software-defined data center. Accordingly, VMware is making the following packaging changes to also make this technology more easily accessible:

  • vCloud Networking and Security 5.5 will be combined into a single edition. All features of vCloud Networking and Security 5.1 Standard and Advanced Editions have been integrated into one feature set.
  • vCloud Networking and Security 5.5 will be available only as part of vCloud Suite 5.5.
  • VMware will retire the stand-alone SKUs for vCloud Networking and Security.
  • Existing customers can maintain their vCloud Networking and Security investment through either the entitlement program or while converting to vCloud Suite with the Fair Value Conversion Program.

Please take note that the last day to order vCloud Networking and Security Stand-alone is
September 30, 2013.

Extended Support for vCloud Networking and Security 5.5
Generally, as per VMware Enterprise Application Support Policy, VMware will support the current release of software for 2 years from the general availability of the Major Release, or the latest released version for 12 months. However, VMware will provide extended support for vCloud Networking and Security 5.5 with support available for 3 years from general availability. Customers will be able to get telephone and Internet support for vCloud Networking and Security 5.5 until their current contract expires or until Q3, 2016, whichever is earlier.

The End of Support date for vCloud Networking and Security 5.1 remains as September 10, 2014.

For more information:
–    Review the FAQs
–    Read our Customer Announcement
–    Visit the VMware vCloud Suite page

If you have any questions about these announcements, please contact your sales representative or www.vmware.com/support.


Created on September 4, 2013 by Rick Scherer

Posted under Cloud, Networking, Security.

This blog has 1,344 views and no responses.

Tags: , , , ,

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Advisory – ESX 4.1 + HP FLEX-10 + Broadcom bnx2x = Bad News

Two local customers have ran into the same situation in the past month….both are running on a HP c-Class blade infrastructure leveraging Virtual Connect/FLEX-10 as well as on-board Broadcom 10G cards leveraging the bnx2x driver – this mixed with ESX(i) 4.1 is an almost lethal combination.

Random network drops, port flapping, dropped packets….not good for a virtual infrastructure. Luckily HP is aware of the issue and has released Advisory c02476622 which states;

The Broadcom bnx2x VMware ESX Driver Version 1.54 does not function with HP Virtual Connect Device Control Channel (DCC) and SmartLink features on ProLiant and Integrity server blades configured with the NC532m or the NC532i adapter running firmware version 2.2.6. After installing or upgrading VMware ESX/ESXi 4.1 the following functionality is either not installed or is lost:

  1. New installation – DCC and SmartLink functionality is unavailable in an HP Virtual Connect environment with the NC532m or NC532i Network Adapters after installing VMware ESX/ESXi 4.1.
  2. Upgrade installation – If the bnx2x Asynchronous Driver Update CD version 1.52 was previously installed on a VMware ESX/ESXi 4.0 host, DCC/SmartLink capabilities will be lost after upgrading to VMware ESX/ESXi 4.1, which will overwrite the bnx2x driver version 1.52 with version 1.54 that is included with the base VMware ESX/ESXi 4.1operating system.
  3. Network failover – ProLiant and Integrity server blades hosting VMware ESX/ESXi 4.1 may lose network failover capabilities that use the VMware ESX NIC teaming failover policy (vSwitch setting) “Link Status only.”

There is a work-around that leverages VMware Beacon Probing but honestly this has been a hit/miss type work-around.  In my opinion, stick with ESX 4.0 until HP works out the issue with the firmware/driver.


Created on November 11, 2010 by Rick Scherer

Posted under Networking, vSphere.

This blog has 7,775 views and 7 responses.

Tags: , , , , , , ,

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

NetXen HP NC522SFP Network Flooding

I had a very fun weekend. It started at 4am Saturday with a migration of ~125 virtual machines from an old AMD based environment to a new Intel Nehalem based environment. Who could’ve known that within a few hours all hell would’ve broken loose.

Enter in problem of network flooding from the NetXen based HP branded NC522SFP.  Because all of the 10GbE ports from the (9) new ESXi servers were creating thousands of pause frames on the Cisco Nexus 5020 switches, I thought originally that it was an issue on the switch.  Talks with Cisco revealed nothing.  We attempted to disconnect one of the connected ports (each ESXi host is dual connected into a pair of N5Ks using vPC) to remove a potential spanning tree loop….no dice.

A reboot of the host resolved the problem, things appeared to be running normally and we decided to let it be and wait until Monday.

10 hours goes by, it is now Sunday morning and the problem returns.  First host loses storage (we’re doing NFS over 10GbE here), then two more…until all 9 in this cluster are pretty much toast.  I decide to open a ticket with VMware.  Wouldn’t you know, there is a potential known bug and resolution.

Bug 496013

Description: Some NetXen based 10GbE cards using the unm_nic and nx_nic drivers sometime flood the network with pause frames causing the port to become disabled.

Resolution: NetXen believes upgrading the firmware to version 4.0.516 will resolve the problem.

I’ve gone ahead and patched 4 of the hosts with this new firmware, so far it has been stable (knock on wood).   I’ll let you know if something happens.

Checking which version of the firmware you’re running is simple. From a command-line (ESX or ESXi hidden CLI), type ethtool -i <vmnic#> (replace vmnic# with the alias to the vmnic you’d like to check).  You should see output similar to:

driver: nx_nic

version: 4.0.301

firmware-version: 4.0.406

bus-info: 0000:07:00.0

Update – Utility CD with firmware patch now included…

As you can see above, the firmware is out of date. To update the firmware you will need to boot from a Linux utility CD that has the appropriate driver, you then run a firmware update utility provided by HP.  To make this process easy I have created a bootable SLAX utility CD with the drivers pre-loaded. You can download the ISO from here (file temporarily removed). Once booted run the installer located in the root filesystem (ie: ./CP011471.scexe).

Let me know if you have any questions.


Created on January 11, 2010 by Rick Scherer

Posted under ESX 3.5 Tips, ESXi 3.5 Tips, Networking, Storage, vSphere.

This blog has 22,641 views and 40 responses.

Tags: , , , , , , , , ,

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 4.00 out of 5)
Loading...

Cisco Nexus 1000V Beta (Upgrade Spoiler!)

I was just invited by Cisco to be part of the BETA for the next release of the Nexus 1000V.  I’ll provide more details about the BETA after I install and test it out, but here are some teasers;

  • Virtual Service Domains: Supporting Layer 4-7 services such as VMware vShield
  • Security features for virtual desktop: IP Source Guard, Dynamic ARP Inspection, DHCP Snooping
  • VSM VMotion on its own VEM
  • Automated VSM Installer:  Configures VSM, vCenter Server Extension, System Port Groups
  • L3 Connectivity Between VSM and VEM: More flexible deployment
  • XML API
  • And guess what…?!   You can be part of the BETA too! Check out this link and sign up to be part of the distributed virtual switch revolution!


    Created on September 21, 2009 by Rick Scherer

    Posted under Networking, vSphere.

    This blog has 2,880 views and no responses.

    Tags: , ,

    1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
    Loading...

    Fast Network Throughput in ESX

    Doing some speed tests of IP based storage gave me some good results. First I enabled Jumbo frames on my dedicated IP storage Ethernet card, then I set the MTU on the vSwitch and the VMKnic to 9000 (Scott Lowe has a great write-up on doing this on his website). I then mounted a NFS volume as Datastore and did a copy of a VMDK file which currently resides on a 7200rpm SATA 3 drive to the mounted NFS volume.

    I copied the 8GB file in under 2 minutes and my average MbTX/s was around 525Mb (65MBps) – keep in mind, this was a copy from a local SATA disk (low IOPS) and I was able to get around 65MBps — not bad!

    The biggest thing to remember, VMDK access needs low latency…not high throughput — this is why NFS has become so popular for VMDK storage.


    Created on April 7, 2009 by Rick Scherer

    Posted under Networking, Storage.

    This blog has 4,711 views and no responses.

    Tags: , , , ,

    1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
    Loading...

    VMware VI3 Network Communication Diagram

    Jason Boche posted this network diagram on VI3, it shows exactly what ports VC, ESX and other services needed for a functioning enterprise use.   This diagram is extremely helpful in troubleshooting network issues and also in helping put your companies security department at ease.  Thanks Jason!

    vi3-network_diagram.jpg
    Click to Enlarge


    Created on December 15, 2008 by Rick Scherer

    Posted under ESX 3.5 Tips, ESXi 3.5 Tips, Networking, Security, VMware.

    This blog has 85,080 views and 3 responses.

    Tags: , , , , ,

    1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
    Loading...

    Virtualizing your DMZ

    Today I got into a heated discussion with a “Virtualization Expert” at Gartner today about the risks associated with virtualizing your DMZ, primarily into the same environment as your non-DMZ servers.

    Read More…


    Created on December 5, 2008 by Rick Scherer

    Posted under Networking, Security, VMware.

    This blog has 27,298 views and 34 responses.

    Tags: , , , , , ,

    1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4.33 out of 5)
    Loading...

    Changing VLAN of a Port Group

    In the event you need to change the VLAN of any of your Port Groups here is some good instruction on doing just that. Remember, VLANs are configured at the Port Group level and not the vSwitch level. This allows you to trunk as many VLANs you need to your vSwitch’s then create dedicated Port Groups for each of those Virtual LANs.

    Read More…


    Created on September 12, 2008 by Rick Scherer

    Posted under ESX 3.5 Tips, ESXi 3.5 Tips, Networking, VMware.

    This blog has 12,027 views and one response.

    Tags: , ,

    1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
    Loading...

    Changing Service Console IP Address in ESX 3.5

    Actually this is not that difficult, but remember you will require console access to the server. Be sure to put the machine in Maintenance Mode then Disconnect it from Virtual Center. Then connect to the console of the ESX host;

    Read More…


    Created on September 12, 2008 by Rick Scherer

    Posted under ESX 3.5 Tips, ESXi 3.5 Tips, Networking, VMware.

    This blog has 109,653 views and 10 responses.

    Tags: , , , , ,

    1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
    Loading...