It is 9am Pacific Time on Tuesday, July 12th 2011 and I sure hope you’re tuned into the vmware Mega Launch so greatly titled “Raising the Bar, Part V”. If you’re not watching the live broadcast, stop right here and tune into it by clicking this link, then come back and read this post.

Spoiler alert… reading beyond this point talks about amazing updates and new features from vmware!

This by far has to be the most exciting launch in the history of vmware, not only are we getting an update to the vSphere product suite that has hundreds if not thousands of enhancements and new features, we’re also getting updates to other great products like vCloud Director, vShield and SRM.

In fact, there are so many changes and so much new great things to talk about I can’t do it all in one post. So I’ve decided that I will need to break these up into multiple posts, each with deep detail. I’ll release this posts as quickly as I can write them, but until I have them completed I want to provide you with some of the great core details from this mega launch.

So first off get ready for another new term from vmware, Cloud Infrastructure and Management. To sum it up, CIM basically includes vSphere (ESXi), vCenter, vShield and vCloud Director as a single package/methodology called CIM. These are all of the building blocks necessary to build a robust, elastic and efficient hybrid cloud. I have a feeling we’re going to hear a lot about how vSphere 5 along with the other above mention products are the industry best pieces for running a Cloud Infrastructure.

On a side tangent, there is so much discussion on the cloud you wouldn’t believe it. On an almost daily basis I’m meeting with customers to discuss their “Cloud Strategy”. Customers want Hybrid Cloud computing and with these latest updates that I’m going to discuss I think we’re finally at a place where we truly can have application and data mobility, moving our workloads fluidly across our own data-centers in an automated load balanced fashion, from compute to now storage, as well as being pushed out to external hosting (cloud) providers for extreme elasticity as well as fault tolerant (BC/DR) infrastructure.

Ok, so lets get started on all of these updates!

vSphere 5 (including ESXi 5.0)
First off, everyone should already know but if you do not, there is no longer Classic ESX with the traditional Service Console. vmware stated that version 4.1 would be their last release of the Classic ESX install and now with version 5.0 there is only ESXi.

Performance - There have been a number of enhancements to the core vmware enterprise hypervisor, in this latest release we’ll see huge performance improvements to the vmkernel but as well as in Virtual Machine density. ESXi hosts can support up to 512 virtual machines on 160 logical CPUs with up to 2TB of RAM, while Virtual Machines can now scale to 32 vCPUs with 1000GB of Memory and have been tested to push 1,000,000 IOPs. What this basically means is there shouldn’t be any performance related reason why you cannot virtualize any workload. The most demanding workloads are being virtualized such as Oracle RAC, Microsoft SQL, SAP and Exchange 2010.

Image Builder - this is a new utility built upon PowerCLI that allows you to create custom ESXi builds, it allows you to inject ESXi VIBs, Driver VIBs and OEM VIBs to create an installable or PXE boot-able (I’ll explain why shortly) ESXi image. If you’re unaware of what a VIB is, it stands for vmware Infrastructure Bundle and you can think of it almost as a RPM bundle.

Auto Deploy - Think UCS Service Profile but at the O/S level. There isn’t any hardware abstraction for moving an existing ESXi image between different hardware, but with Auto Deploy you can quickly and easily create stateless ESXi servers with no disk dependency. To sum it up, you PXE boot your server, the ESXi image is loaded into host memory from the Auto Deploy server, its configuration is applied using an answer file as well as host profile and that host is then connected/placed into vCenter. Hose something? A simple reboot will give you a fresh ESXi image in a matter of minutes. Need to expand your cluster? Bring up another host and add it to the cluster within minutes.

vCenter Virtual Appliance (VCVA) - Whoo Hoo! Looks like that Tech Preview of vCenter Server on Linux finally hit GA! vmware has released with vSphere 5 a virtual appliance of vCenter Server that is based on Linux! This also includes a feature rich browser based vSphere Client completely built on Adobe Flex, this is not a replacement for the traditional installed vSphere Client but it is a nice move forward in vSphere management. Ahhh, do you remember the MUI? :)

High Availability (HA) Completely Rewritten - Way too much to discuss here, but a complete rewrite to the core HA functionality has happened. HA can now leverages multiple communication paths between agents (referred to as FDM or Fault Domain Manager) including network and storage (datastore). HA agents no longer use a Primary/Secondary methodology, during cluster creation a single Master is chosen and each remaining host is a Slave.

VMFS5 - Oh my! 64TB datastores anyone with a single easy to use 1M block size? You got it! Along with VAAI 2.0 which includes two new block primitives, Thin Provision Stun (finally!) and Space Reclaim. NFS also doesn’t need to feel left out because we now have Full Clone, Extended Stats and Space Reservation for NFS datastores. We also have a new API called VASA, vStorage APIs for Storage Awareness which will provide a number of enhancements such as profile-driven storage (think EMC FAST-VP being integrated with vSphere). Quickly back to VAAI 2.0, Thin Provision Stun will protect your virtual machines if your datastore runs out of space and Space Reclaim will use SCSI UNMAP instead of WRITE ZERO to remove space, this will allow the array to release those blocks of data back to the free pool.

Storage DRS (SDRS) - DRS load balancing Virtual Machines across hosts is to SDRS performing Storage vMotion on VMDKs for better performance, capacity utilization, etc. This also includes initial placement as well as allowing affinity based rules for VMDKs. SDRS can monitor for capacity utilization as well as I/O metrics (latency) and dynamically balance your VMDKs across multiple datastores.

Storage vMotion - Snapshot support!  As well as being able to move around Linked Clones. There has also been some core enhancements to make things faster and more consistent.

vSphere Storage Appliance (VSA) - It is what it sounds like, a virtual storage appliance that allows SMB customers to use local disk on the ESXi host presented out as an NFS datastore to the vSphere Cluster. There is replication technology behind it so if you do lose an ESXi host you will not lose data nor will you lose connectivity to your virtual machines. This is meant for up to 3 ESXi hosts and is really tailored for the SMB or ROBO market.

There is so much more in vSphere 5, but like I said I wanted to just give a brief overview at this time.

Site Recovery Manager 5
Host Based Replication - New feature within SRM5, no longer is SAN storage/replication required for SRM. You can now replicate your data host based for disaster recovery scenarios in your virtual environment. Key takeaways, replication between heterogeneous datastores and it is managed as a property of the virtual machine. Powered-off VMs are not replicated, non-critical data (logs, etc) are not replicated. Physical RDMs are not supported. Snapshots work, snapshot is replicated, but VM is recovered with collapse snapshots. Fault Tolerant, Linked Clones and VM Templates are not supported.

Automated Failback - Replication is automatically reversed and with a single click you can failback your virtual machines from your disaster site to your production site. This is huge! You have no idea how much of a pain it is to failback a site with SRM, unless you’re using the EMC plug-in :)

Misc - Completely new interface, still within the vSphere Client as a plug-in but now you can manage it all from a single UI, no need to use two clients or a linked mode vCenter.

vCloud Director 1.5
Tons of new APIs within vCloud Director 1.5, including vCloud Orchestration via a vCenter Orchestrator module. Supported for Linked Clones is a huge leap forward, you can now deploy vApps in a matter of seconds with minimal storage consumption. Microsoft SQL is now supported as a back-end database which will make standing up a vCD instance in your lab a lot easier because you won’t need to worry about an Oracle database :). There is also support for federated multi-vClouds by linking vCD instances as well as enhanced vShield integration specifically around IPSec VPN.

Are you still awake? 1170+ words into this post and I’m still not complete….and this is just the brief overview! Whew!!  vmware you really outdid yourself!

vShield 5
vShield Edge - provides us with true multi-tenant site separation complete with VPN capabilities, DHCP, Stateful Firewall and now Static Routing within vShield Edge 5.0.

vShield App - gives us layer2/3 protection with VM-level enforcement now with group based policies found in vShield App 5.0 as well as enabling multiple trust zones on the same vSphere cluster. Layer 2 protection coupled with APIs enable automatic quarantining of compromised VMs.

vShield Data Security - is a new member of the vShield family that allows you to monitor virtual machines continuously and completely transparent to the VM for compliance such as PCI, PHI, PII and HIPAA to name a few.

vShield Manager - Enterprise roles found in Manager 5.0 now provide the separation of duties required by some security and compliance standards.

So there you have it…. a brief 1706 word blog post covering just the high-level details of the vmware mega launch. Like I said earlier, I’m going to try to focus in on some deep-dive details on some of the major topics above. But until then, read up as much as you can on the vmware website and hopefully relatively soon the bits will be available for public consumption so you can get all of this great fresh new code in your lab!

Posted under Cloud, SRM, Security, Storage, VMware HA, vCenter, vSphere

Another one of those posts today that most likely will not affect most, however there is a known issue with the vStorage APIs for Array Integration (VAAI) mixed together with EMC VMAX Storage Arrays. My best bud, Chad Sakac, wrote about this last week (over here).

Long story short, if you’re running a VMAX with Enginuity 5875.135.91 or 5875.139.93 along with ESX(i) 4.1 hosts you may see some slowness when trying to do things like Storage vMotion, Deploy from Template, etc…basically things that leverage HardwareAcceleratedMove.

So how do you fix it?  First thing is you need to disable HardwareAcceleratedMove, instructions on how to do this can be found in VMware KB1033665. Next thing is to contact EMC Support and have the ePack that engineering released for this problem installed on your VMAX. Then finally, contact VMware support for their hotfix…rumor has it that a VMware support bundle should be released sometime soon. After you have the patch for VMAX as well as vSphere you should have no problem turning HardwareAcceleratedMove back on.

So to wrap this up….VAAI issue when mixed with VMAX, but it doesn’t affect all VAAI functionality, just XCOPY (HardwareAcceleratedMove) and even then it doesn’t affect every single operation. Get the patches, get them installed and get back on schedule!

Posted under Storage, vSphere

In a very random situation that most customers probably wouldn’t even encounter, we’ve came across a bug while importing an OVF that has a VMDK with a SCSI Address of X:15 (ie: SCSI 0:15, SCSI 1:15, etc). It appears that vSphere doesn’t take kindly to virtual machines being imported that have virtual disks addressed as X:15 and will issue the fatal error “Unsupported value ‘15′ for element ‘addressOnParent’. I’ve tested this with different SCSI Adapters thinking it was perhaps tied to LSI Parallel, this was not the case as it failed with all other adapters.

This issue actually came up initially while attempting to import an OVF into a Catalog within vCloud Director. A similar error appears stating “The following error was encountered while processing the OVF file you provided: Unsupported value ‘15′ for element ‘addressOnParent’.”

You can see the offending line within the actual OVF file shown below, this is tied back to the actual VMDK and what SCSI Bus it resides on, as shown in the picture below the OVF file.

I’ve raised the question to VMware Engineering and will hopefully be able to post their response to this issue shortly.

Posted under Cloud, vSphere

vmware has recently released a patch for their vSphere 4.0 product line, which affects both ESX and ESXi.

Details from vmware;

We are pleased to inform you that a new VMware ESX 4.0 Patch is available as of April 28, 2011.

Improvements included in this patch:

• An update for the Certificate Revocation List (CRL) to revoke an RSA key that HP uses for code signing certain software components
• Remediation of a denial of service possibility. By sending malicious network traffic an attacker could exhaust the available sockets which would prevent further connections to the host
• Refinements in handling of shared folders

Detailed information regarding resolved and known issues and enhancements can be found at ESX 4.0 Patch Release Notes

• http://kb.vmware.com/kb/1037260
• http://kb.vmware.com/kb/1037261

VMware ESX 4.0 Patch is available for download at:
Download VMware ESX 4.0 Patch http://www.vmware.com/patch/download/.

Thanks,

VMware vSphere Product Management Team

One of the patches included (ESX400-201104401-SG for ESX and ESXi400-201104401-SG for ESXi) resolves a couple different issues, one updates the Certification Revocation List (CRL) to revoke a key that HP uses for code-signing certain software components. HP server contains a new key pair and has re-signed the affected software components with the new key. What this means is that if you apply this patch on a HP server and you are using specific HP management agents (like the HP Management Agent for VMware ESX 4.x) you will need to download the software with the updated key and re-install it.

The other fix within the above mentioned patch resolves a potential denial of service attack against the vmkernel over it’s management interface. When an attacker exhausts all available sockets the ESX(i) host will become inaccessible via vCenter or the vSphere client. Virtual Machines will continue to run and have network connectivity, but the ESX(i) host may need to be rebooted in order to be able to connect to the machine again. The ESX(i) system might intermittently lose connectivity caused by applications that do not correctly close sockets. If this occurs, an error message similar to the following might be written to the vpxa log file:
socket() returns -1 (Cannot allocate memory)
An error message similar to the following might be written to the VMkernel log file:
socreate(type=2, proto=17) failed with error 55
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2011-1785 to this issue. More information on this patch can be found in KB 1037258 (ESX) and KB 1037259 (ESXi).

Another patch, specific to ESXi (ESXi400-201104402-BG), has also been released. The only information on this patch can be found in KB 1037553 which states “This patch improves the way shared folders are handled.”.

Posted under vSphere

The VMware Labs team released a little gem of something that I’ve been wanting to do for quite some time. Taking the full install of the vSphere Client and creating a ThinApp package out of it…that’s right, the entire application in one small and easy to use executable file. The details on the flings page says it best…

Run vSphere client 4.1 in a snap. No install, just download the EXE and double-click. Place the ThinApped vSphere client on any network share and it will automatically stream to any Windows PC with no installation, agents, drivers, or specialized servers required. Carry ThinApped vSphere client and your customization on USB stick and now your vSphere client is available on the GO!

Download it for yourself from here today!

Posted under vCenter, vSphere

Just received notice this morning that EMC VNX Replicator has been approved for support for VMware Site Recovery Manager 4.0.x and 4.1.x. An excerpt of the message is below:

The EMC VNX Replicator 4.0.23 is now certified (re-test waiver) for SRM versions 4.0.x and 4.1.x. EMC has updated the 4.0.22 Celerra SRA to reflect new array support (VNX line), but have not had to change any of the code as the new array runs the same replication software as the old (Celerra line).

The SRA is available from the SRM 4.1.1 download page at
http://downloads.vmware.com/d/details/srm411/ZCVwYnRkZCpiZGpwKg.

Note that you must login to get the download page that contains the SRA files.

The updated SRM storage partner compatibility matrix is available at http://www.vmware.com/pdf/srm_storage_partners.pdf.

Posted under EMC, SRM

vmware Labs has released vCenter XVP Manager and Converter, their first stab into management of non-VMware virtualized environments. vCenter XVP Manager allows you to use the vSphere Client to manage Hyper-V Server 2008 hosts and their associated virtual machines, it also allows you to easily migrate those Hyper-V based virtual machines into VMware virtual machines.

The installation is pretty simple, you first install a server piece that could very well be installed on your vCenter Server, then you install a XVP Manager Plug-in into your vSphere Client which is done via the vSphere Client Plug-in Manager.

This product is currently only listed as a vmware Labs Fling, which means that it is not guaranteed that it will continue beyond it’s 1.0 Technical Preview status, but if people like it and push vmware for this type of functionality we may very well see it embedded within the core vCenter Server product.

For more information and to download vmware vCenter XVP Manager check out the vmware Labs website.

Posted under Hyper-V, vCenter

Yesterday, February 10th, VMware made available for general consumption U1 to their vSphere 4.1 product line. This update includes all prior patches as well as a number of new enhancements to the vSphere product suite.

This release provides the following improvements, I’ve included some notes along with the high-level updates:

VMware ESX/ESXi

• Support for up to 160 logical processors
  • Prepared for the release of the Westmere-EX processor
• Inclusion of additional drivers
  • 3ware and Neterion drives are now included
• Enablement of Intel Trusted Execution Technology (ESXi only)
  • More information on this can be found in KB 1033811 
• Additional guest operating system support
  • Provides support for RHEL 6, RHEL 5.6, SLES 11 SP1 for VMware, Ubuntu 10.10, and Solaris 10 Update 9 guest operating systems
• Bug and security fixes
  • A listing of resolved issues can be found in the release notes

VMware vCenter

• Additional guest operating system customization support
  • Windows 7 SP1, Windows Server 2008 R2 SP1, RHEL 6, RHEL5.5
• Additional vCenter Server database support
  • SQL 2008 R2, SQL 2005 SP3, Oracle 11g R2, DB2 9.7.2
• Bug and security fixes
  • A listing of resolved issues can be found in the release notes

VMware vCenter Update Manager

• The VMware vCenter Update Manager Utility to help users reconfigure the setup of Update Manager.
• Bug and security fixes.

VMware vCenter Orchestrator

• Bug Fixes

For additional details regarding the new fixes and improvements, please refer to the following release notes:
VMware ESX
VMware ESXi
VMware vCenter

VMware vSphere 4.1 Update 1 is available for download from the VMware website as well as through VMware Update Manager (for your ESX and ESXi hosts). Keep in mind, the only way you can switch from ESX to ESXi is to do a fresh install. I’d highly recommend using Host Profiles to make this migration quicker and easier.

Jason Boche has already noted one potential issue with using VMware Update Manager (VUM) to upgrade from 4.1 to 4.1 U1, check that out here.

Posted under vSphere

It makes me very proud to announce that I received my VCAP4-DCD Beta Exam results and much to my surprise (honestly) I passed!

Congratulations on passing the VMware Certified Advanced Professional on vSphere4 – Datacenter Design exam! You will receive an email notification from certification@vmware.com once your certification status has been confirmed and added to your VMware Education Transcript (allow 10 days).

Based on the following VMware Education diagram, currently holding the VCDX3 certification and passing the VCAP4-DCD exam upgrades you to the VCDX4 certification.

Thank you VMware for allowing me to be part of such a great education program. Now it’s time to celebrate a little!

Posted under Certification

Posted under Good Reading, vSphere