VMware vSphere 4.1 deep dive - part 2

NetworkReceive Side Scaling (RSS) Support EnhancementsImprovements to RSS support for guests via enhancements to VMXNET3. Enhanced VM to VM CommunicationFurther, inter-VM throughput performance will be improved under conditions where VMs are communicating directly with one another over the same virtual switch on the same ESX/ESXi host (inter-VM traffic).This is achieved through networking asynchronous TX processing architecture which enables the leveraging of additional physical CPU cores for processing inter-VM traffic. VM – VM throughput improved by 2X, to up to 19 Gbps10% improvement when going out to physical network

Other Improvements – Network PerformanceNetQueue Support ExtensionNetQueue support is extended to include support for hardware based LRO (large receive off-load) further improving CPU and throughput performance in 10 GE environments. LRO supportLarge Receive OffloadEach packets transmitted causes CPU to react Lots of small packets received from physical media result in high CPU loadLRO merges packets and transmits them at onceReceive tests indicate 5-30% improvement in throughput40 - 60% decrease in CPU costEnabled for pNICs Broadcoms bnx2x and Intels NianticEnabled for vNIC vmxnet2 and vmxnet3, but only recent Linux guestOS3

IPv6—Progress towards full NIST “Host” Profile ComplianceVI 3 (ESX 3.5)IPv6 supported in guestsvSphere 4.0IPv6 support for ESX 4 vSphere Client vCentervMotionIP Storage (iSCSI, NFS) — EXPERIMENTALNot supported for vSphere vCLI, HA, FT, Auto DeployvSphere 4.1 NIST compliance with “Host” Profile (http://www.antd.nist.gov/usgv6/usgv6-v1.pdf)Including IPSEC, IKEv2, etc.Not supported for vSphere vCLI, HA, FT

Cisco Nexus 1000V—Planned Enhancements Easier software upgradeIn Service Software Upgrade (ISSU) for VSM and VEMBinary compatibilityWeighted Fair Queuing (s/w scheduler)Increased Scalability, inline with vDS scalabilitySPAN to and from Port ProfileVLAN pinning to PNICInstaller app for VSM HA and L3 VEM/VSM communicationStart of EAL4 Common Criteria certification4094 active VLANsScale Port Profiles > 512Always check with Cisco for latest info.

1GigE pNICs10 GigE pNICsNetwork Traffic Management—Emergence of 10 GigEiSCSIiSCSIFTvMotionNFSFTvMotionNFSTCP/IPTCP/IPvSwitchvSwitch10 GigE1GigETraffic Types compete. Who gets what share of the vmnic?NICs dedicated for some traffic types e.g. vMotion, IP Storage

Bandwidth assured by dedicated physical NICs

Traffic typically converged to two 10 GigE NICs

Some traffic types & flows could dominate others through oversubscriptionTraffic ShapingFeatures in 4.0/4.1vSwitch or vSwitch Port GroupLimit outbound trafficAverage bandwidthPeek bandwidthBurst SizevDS dvPortGroupIngress/ Egress Traffic ShapingAverage bandwidthPeak bandwidthBurst SizeNot optimised for 10 GEiSCSICOSvMotionVMs10 Gbit/s NIC

Traffic ShapingTraffic Shaping DisadvantagesLimits are fixed- even if there is bandwidth available it will not be used for other servicesbandwidth cannot be guaranteed without limiting other traffic (like reservations)VMware recommended to have separate pNICs for iSCSI/ NFS/ vMotion/ COS to have enough bandwidth available for these traffic typesCustomers don’t want to waste 8-9Gbit/s if this pNIC is dedicated for vMotionInstead of 6 1Gbit pNICs customers might have two 10Gbit pNICs sharing trafficGuaranteed bandwidth for vMotion limits bandwidth for other traffic even in the case where there is no vMotion activeTraffic shaping is only a static way to control trafficiSCSIunusedCOSunusedvMotionVMs10Gbit/s NIC

Network I/O ControlNetwork I/O Control GoalsIsolationOne flow should not dominate othersFlexible PartitioningAllow isolation and over commitmentGuarantee Service Levels when flows competeNote: This feature is only available with vDS (Enterprise Plus)

ParametersLimits and Shares Limits specify the absolute maximumbandwidth for a flow over a TeamSpecified in MbpsTraffic from a given flow will never exceed its specified limitEgress from ESX hostShares specify the relative importance of an egress flow on a vmnic i.e. guaranteed minimumSpecified in abstract units, from 1-100Presets for Low (25 shares), Normal (50 shares), High (100 shares), plus CustomBandwidth divided between flows based on their relative sharesControls apply to output from ESX host Shares apply to a given vmnicLimits apply across the team

Configuration from vSphere Client LimitsMaximum bandwidth for traffic class/typeSharesGuaranteed minimum service levelvDS only feature!Preconfigured Traffic Classese.g. VM traffic in this example: - limited to max of 500 Mbps (aggregate of all VMs) - with minimum of 50/400 of pNIC bandwidth (50/(100+100+50+50+50+50)

Resource ManagementSharesNormal = 50Low = 25High = 100Custom = any values between 1 and 100Default valuesVM traffic = High (100)All others = Normal (50)No limit set

ImplementationEach host calculates the shares separately or independantlyOne host might have only 1Gbit/s NICs while another one has already 10Gbit/s onesSo resulting guaranteed bandwidth is differentOnly outgoing traffic is controlledInter-switch traffic is not controlled, only the pNICs are affectedLimits are still valid even if the pNIC is opted outScheduler uses a static “Packets-In-Flight” windowinFlightPackets: Packets that are actually in flight and in transmit process in the pNICWindow size is 50 kBNo more than 50 kB are in flight (to the wire) at a given moment

Excluding a physical NICPhysical NICs per hosts can be excluded from Network Resource ManagementHost configuration -> Advanced Settings -> Net -> Net.ResMgmtPnicOptOutWill exclude specified NICs from shares calculation, notfromlimits!

ResultsWith QoS in place, performance is less impacted

Current Teaming PolicyIn vSphere 4.0 three policiesPort IDIP hashMAC HashDisadvantagesStatic mappingNo load balancingCould cause unbalanced load on pNICsDid not differ between pNIC bandwidth

NIC Teaming Enhancements—Load Based Teaming (LBT)Note: adjacent physical switch configuration is same as other teaming types (except IP-hash). i.e. same L2 domainLBT invoked if saturation detected on Tx or Rx (>75% mean utilization over 30s period)30 sec period—long period avoids MAC address flapping issues with adjacent physical switches

Load Based TeamingInitial mappingLike PortIDBalanced mapping between ports and pNICsMapping not based on load (as initially no load existed)Adjusting the mappingBased on time frames; the load on a pNIC during a timeframe is taken into accountIn case load is unbalanced one VM (to be precise: the vSwitch port) will get re-assigned to a different pNICParametersTime frames and load thresholdDefault frame 30 seconds, minimum value 10 secondsDefault load threshold 75%, possible values 0-100Both Configurable through command line tool (only for debug purpose - not for customer)

Load Based TeamingAdvantagesDynamic adjustments to loadDifferent NIC speeds are taken into account as this is based on % loadCan have a mix of 1 Gbit, 10 Gbit and even 100 Mbit NICsDependenciesLBT works independent from other algorithmsDoes not take limits or reservation from traffic shaping or Network I/O Management into accountAlgorithm based on the local host onlyDRS has to take care of cluster wide balancing Implemented on vNetwork Distributed Switch onlyEdit dvPortGroup to change setting

NFS & HW iSCSI in vSphere 4.1 Improved NFS performanceUp to 15% reduction in CPU cost for both read & writeUp to 15% improvement in Throughput cost for both read & writeBroadcom iSCSI HW Offload Support89% improvement in CPU read cost!83% improvement in CPU write cost!

VMware Data Recovery: New CapabilitiesBackup and Recovery ApplianceSupport for up to 10 appliances per vCenter instance to allow protection of up to 1000 VMs

File Level Restore client for Linux VMsVMware vSphere 4.1Improved VSS support for Windows 2008 and Windows 7: application level quiescingDestination StorageExpanded support for DAS, NFS, iSCSI or Fibre Channel storage plus CIFS shares as destination

Improved deduplication performancevSphere Client Plug-InAbility for seamless switch between multiple backup appliances

Improved usability and user experienceVMware vCenter

ParaVirtual SCSI (PVSCSI) We will now support PVSCSI when used with these guest OS: Windows XP (32bit and 64bit) Vista (32bit and 64bit) Windows 7 (32bit and 64bit) /vmimages/floppiesPoint the VM Floppy Driver at the .FLP fileWhen installing press F6 key to read the floppy

ParaVirtual SCSI VM configured with a PVSCSI adapter can be part of an Fault Tolerant cluster.PVSCSI adapters already support hot-plugging or hot-unplugging of virtual devices, but the guest OS is not notified of any changes on the SCSI bus. Consequently, any addition/removal of devices need to be followed by a manual rescan of the bus from within the guest.

The I/O Sharing ProblemLow priority VM can limit I/O bandwidth for high priority VMs Storage I/O allocation should be in line with VM prioritiesWhat you want to seeWhat you seeMicrosoftExchangeMicrosoftExchangeonline storeonline storedata miningdata miningdatastoredatastore

Solution: Storage I/O ControlCPU shares: LowMemory shares: LowCPU shares: HighMemory shares: HighCPU shares: HighMemory shares: HighI/O shares: HighI/O shares: LowI/O shares: High32GHz 16GBMicrosoftExchangeonline storedata miningDatastore A

Enabling Storage I/O ControlClick the Storage I/O Control ‘Enabled’ checkbox to turn the feature on for that volume.

Enabling Storage I/O ControlClicking on the Advanced button allow you to change the congestion threshold.

If the latency rises above this value, Storage I/O Control will kick in, and prioritize a VM’s I/O based on its shares value.Viewing Configuration Settings

Allocate I/O ResourcesShares translate into ESX I/O queue slotsVMs with more shares are allowed to send more I/O’s at a timeSlot assignment is dynamic, based on VM shares and current loadTotal # of slots available is dynamic, based on level of congestiondata miningMicrosoftExchangeonline storeI/O’s in flightSTORAGE ARRAY

14%21%42%15%Without Storage I/O Control (Default)Performance without Storage IO Control

14%22%8%500 shares500 shares750 shares750 shares4000 sharesWith Storage I/O Control (Congestion Threshold: 25ms)Performance with Storage IO Control

Storage I/O Control in Action: Example #2Two Windows VMs running SQL Server on two hosts250 GB data disk, 50 GB log diskVM1: 500 sharesVM2: 2000 sharesResult: VM2 with higher shares gets more orders/min & lower latency!

Step 1: Detect CongestionNo benefit beyond certain loadThroughput(IOPS or MB/s)Congestion signal: ESX-array response time > thresholdDefault threshold: 35msWe will likely recommend different defaults for SSD and SATAChanging default threshold (not usually recommended)Low latency goal: set lower if latency is critical for some VMsHigh throughput goal: set close to IOPS maximization pointTotal Datastore Load (# of IO’s in flight)

Storage I/O Control InternalsThere are two I/O schedulers involved in Storage I/O Control.

The first is the local VMI/O scheduler. This is called SFQ, the start-time fair queuing scheduler. This scheduler ensures share-based allocation of I/O resources between VMs on a per host basis.

The second is the distributed I/O scheduler for ESX hosts. This is called PARDA, the Proportional Allocation of Resources for Distributed Storage Access.

carves out the array queue amongst all the VMs which are sending I/O to the datastore on the array.

adjusts the per host per datastore queue size (aka LUN queue/device queue) depending on the sum of the per VM shares on the host.

communicates this adjustment to each ESX via VSI nodes.

ESX servers also share cluster wide statistics between each other via a statsfileNew VSI Nodes for Storage I/O ControlESX 4.1 introduces a number of new VSI nodes for Storage I/O Control purposes:A new VSI node per datastore to get/set the latency threshold.A new VSI node per datastore to enable/disable PARDA.A new maxQueueDepth VSI nodes for /storage/scsifw/devices/* has been introduced which means that each device has a logical queue depth/ slot size parameter that the PARDA scheduler enforces.

Host-LevelIssue QueuesArray QueueStorage ArraySFQSFQSFQQueue lengths varied dynamicallyStorage I/O Control ArchitecturePARDAPARDAPARDA

RequirementsStorage I/O Control supported on FC or iSCSI storage. NFS datastores are not supported.not supported on datastores with multiple extents.Array with Automated Storage Tiering capabilityAutomated storage tiering is the ability of an array (or group of arrays) to automatically migrate LUNs/volumes or parts of LUNs/volumes to different types of storage media (SSD, FC, SAS, SATA) based on user-set policies and current I/O patterns. Before using Storage I/O Control on datastores that are backed by arrays with automated storage tiering capabilities, check the VMware Storage/SAN Compatibility Guide to verify whether your automated tiered storage array has been certified to be compatible with Storage I/O ControlNo special certification is required for arrays that do not have any such automatic migration/tiering feature, including those that provide the ability to manually migrate data between different types of storage media

Hardware-Assist Storage OperationFormally known as vStorage API for Array Integration

vStorage APIs for Array Integration (VAAI) Improves performance by leveraging efficient array-based operations as an alternative to host-based solutionsThree Primitives include:Full Copy – Xcopy like function to offload work to the arrayWrite Same -Speeds up zeroing out of blocks or writing repeated contentAtomic Test and Set – Alternate means to locking the entire LUNHelping function such as:Storage vMotionProvisioning VMs from TemplateImproves thin provisioning disk performanceVMFS share storage pool scalabilityNotes:Requires firmware from Storage Vendors (6 participating)supports block based storage only. NFS not yet supported in 4.1

Array Integration Primitives: IntroductionAtomic Test & Set (ATS)A mechanism to modify a disk sector to improve the performance of the ESX when doing metadata updates.Clone Blocks/Full Copy/XCOPYFull copy of blocks and ESX is guaranteed to have full space access to the blocks.Default offloaded clone size is 4MB.Zero Blocks/Write SameWrite Zeroes. This will address the issue of time falling behind in a VM when the guest operating system writes to previously unwritten regions of its virtual disk:http://kb.vmware.com/kb/1008284This primitive will improve MSCS in virtualization environment solutions where we need to zero out the virtual disk.Default zeroing size is 1MB.

Hardware AccelerationAll vStorage support will be grouped into one attribute, called "Hardware Acceleration". Not Supported implies one or more Hardware Acceleration primitives failed.Unknown implies Hardware Acceleration primitives have not yet been attempted.

VM Provisioning from Template with Full CopyBenefitsReduce installation timeStandardize to ensure efficient management, protection & controlChallengesRequires a full data copy100 GB template (10 GB to copy): 5-20 minutesFT requires additional zeroing of blocksImproved SolutionUse array’s native copy/clone & zeroing functionsUp to 10-20x speedup in provisioning time

Storage vMotion with Array Full Copy Function BenefitsZero-downtime migrationEases array maintenance, tiering, load balancing, upgrades, space mgmt ChallengesPerformance impact on host, array, networkLong migration time (0.5 - 2.5 hrs for 100GB VM)Best practice: use infrequently Improved solutionUse array’s native copy/clone functionality

VAAI Speeds Up Storage vMotion - Example42:27 - 39:12 = 2 Min 21 sec w/out(141 seconds)33:04 - 32:37 =27 Sec with VAAI141 sec vs. 27 sec

Copying Data – Optimized Cloning with VAAIVMFS directs storage to move data directly

Dramatic reduction in load on:

StorageScalable Lock ManagementA number of VMFS operations cause the LUN to temporarily become locked for exclusive write use by one of the ESX nodes, including:

Creating a new VM or deploying a VM from a template

Creating or deleting a file, including snapshots

A new VAAI feature, atomic_test_and_set allows the ESX Server to offload the management of the required locks to thestorage and avoids locking the entire VMFS file system.Atomic Test & SetOriginal file locking techniqueAcquire SCSI reservationAcquire file lockRelease SCSI reservationDo work on VMFS file/metadataRelease file lockNew file locking techniqueAcquire ATS lockAcquire file lockRelease ATS lockDo work on VMFS file/metadataRelease file lockThe main difference with using the ATS lock is that it does not affect the other ESX hosts sharing the datastore

VMFS Scalability with Atomic Test and Set (ATS)Makes VMFS more scalable overall, by offloading block locking mechanismUsing Atomic Test and Set (ATS) capability provides an alternate option to use of SCSI reservations to protect the VMFS metadata from being written to by two separate ESX Servers at one time.Normal VMware Locking (No ATS)Enhanced VMware Locking (With ATS)

For more details on VAAIvSphere 4.1 Documentation also describes use of this features in the ESX Configuration Guide Chapter 9 (pages 124 - 125)Listed in TOC as “Storage Hardware Acceleration”Three setting under advanced settings:DataMover.HardwareAcceratedMove - Full CopyDataMover.HardwareAcceratedInit - Write SameVMFS3.HarwareAccerated Locking - Atomic Test SetAdditional Collateral planned for release after GAFrequently Asked QuestionsDatasheet or webpage contentPartners include: Dell/EQL, EMC, HDS, HP, IBM and NetApp

RequirementsThe VMFS data mover will not leverage hardware offloads, and will use software data movement instead, in the following cases: If the source and destination VMFS volumes have different block size; in such situations data movement will fall back to the generic FSDM layer, which will only do software data movement. If the source file type is RDM and the destination file type is non-RDM (regular file) If the source VMDK type is eagerzeroedthick and the destination VMDK type is thin. If either source or destination VMDK is any sort of sparse or hosted format. If the logical address and/or transfer length in the requested operation are not aligned to the minimum alignment required by the storage device.

VMFS Data Movement CaveatsVMware supports VAAI primitives on VMFS with multiple LUNs/extents, if they are all on the same array and the array supports offloading.VMware does not support VAAI primitives on VMFS with multiple LUNs/extents, if they are all on different arrays, but all arrays support offloading. HW cloning between arrays (even if it's within the same VMFS volume) won't work, so that would fall back to Software data movement.

vSphere 4.1 New Features: ManagementManagement related features

Management – New Features SummaryvCenter32-bit to 64-bit data migrationEnhanced ScalabilityFaster response timeUpdate ManagerHost Profile EnhancementsOrchestratorActive Directory Support (Host and vMA)VMware ConverterHyper-V Import.Win08 R2 and Win7 convertVirtual Serial Port Concentrator

Scripting & AutomationHost Profiles, Orchestrator, vMA, CLI, PowerCLI

SummaryHost ProfilesVMware OrchestratorVMware vMAPowerShellesxtopvscsiStatsVMware Tools

Host Profiles EnhancementsHost ProfilesCisco supportPCI device ordering (support for selecting NICs)iSCSI supportAdmin password (setting root password) Logging on the hostFile is at C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\Logs\PyVmomiServer.logConfig not covered by Host Profiles are: Licensing vDS policy configuration (however you can do non-policy vDS stuff) iSCSI Multipathing

Host Profiles EnhancementsLbtdLsassd (Part of AD. See the AD preso)Lwiod (Part of AD)Netlogond (part of AD)vSphere 4.1vSphere 4.0

Orchestrator Enhancementsprovides a client and server for 64-bit installations, with an optional 32-bit client.performance enhancements due to 64-bit installation

VMware Tools Command Line UtilityThis feature provides an alternative to the VMware Tools control panel (the GUI dialog box)The command line based toolbox will allow for administrators to automate the use of the toolbox functionalities by writing their own scripts

vSphere Management Assistant (vMA)A convenient place to perform administrationVirtual Appliance packaged as an OVFDistributed, maintained and supported by VMware Not included with ESXi – must be downloaded separatelyThe environment has the following pre-installed:64-bit Enterprise Linux OSVMware ToolsPerl ToolkitvSphere Command Line Interface (VCLI)JRE (to run applications built with the vSphere SDK)VI Fast Pass (authentication service for scripts)VI Logger (log aggregator)

vMAImprovements in 4.1Improved authentication capability – Active Directory support Transition from RHEL to CentOSSecurityThe security hole that exposed clear text passwords on ESX(i) or vCenter hosts when using vifpinit (vi-fastpass) is fixedvMA as netdump serverYou can configure ESXi host to get the netcoredump onto a remote server in case of crash or panic.Each ESXi must be configured to write the core dump.

For Tech Partner: VMware CIM APIWhat it is:for developers building management applications. With the VMware CIM APIs, developers can use standards-based CIM-compliant applications to manage ESX/ESXi hosts.The VMware Common Information Model (CIM) APIs allow you to:view VMs and resources using profiles defined by the Storage Management Initiative Specification (SMI-S)manage hosts using the System Management Architecture for Server Hardware (SMASH) standard. SMASH profiles allow CIM clients to monitor system health of a managed server. What’s new in 4.1www.vmware.com/support/developer/cim-sdk/4.1/cim_410_releasenotes.html

vCLI and PowerCLI: primary scripting interfacesvCLI and PowerCLI built on same API as vSphere ClientSame authentication (e.g. Active Directory), roles and privileges, event loggingAPI is secure, optimized for remote environments, firewall-friendly, standards-basedvCLIvSpherePowerCLIOther utility scriptsOtherlanguagesvSphere SDKvSphere ClientvSphere Web Service API

vCLI for Administrative and Troubleshooting TasksAreas of functionalityHost Configuration:NTP, SNMP, Remote syslog, ESX conf, Kernel modules, local usersStorage Configuration:NAS, SAN, iSCSI, vmkfstools, storage pathing, VMFS volume managementNetwork Configuration:vSwitches (standard and distributed), physical NICs, Vmkernel NICs, DNS, RoutingMiscellaneous:Monitoring, File management, VM Management, host backup, restore, and updatevCLI can point to an ESXi host or to vCentervMA is a convenient way for accessing vCLIRemote CLI now run faster in 4.1 relative to 4.0

Anatomy of a vCLI commandRun directly on ESXi Hostvicfg-nics--server hostname --user username --password mypasswordoptionsHostname of ESXi hostUser defined locally on ESXi hostRun through vCentervicfg-nics--server hostname --user username --password mypassword --vihost hostnameoptionsHostname of vCenter hostUser defined in vCenter (AD)Target ESXi host

Additional vCLI configuration commands in 4.1Storageesxcliswiscsi session: Manage iSCSI sessions esxcliswiscsinic: Manage iSCSI NICsesxcliswiscsivmknic: List VMkernel NICs available for binding to particular iSCSI adapter esxcliswiscsivmnic: List available uplink adapters for use with a specified iSCSI adapteresxclivaai device: Display information about devices claimed by the VMware VAAI (vStorage APIs for Array Integration) Filter Plugin.esxclicorestorage device: List devices or plugins. Used in conjunction with hardware acceleration.

Additional vCLI commandsNetworkesxcli network: List active connections or list active ARP table entries. vicfg-authconfig --server=<ESXi_IP_Adress> --username=root --password '' --authscheme AD --joindomain <ad_domain_name> --adusername=<ad_user_name> --adpassword=<ad_user_password>StorageNFS statistics available in resxtopVMesxclivms: Forcibly stop VMs that do not respond to normal stop operations, by using kill commands.# esxcli vms vm kill --type <kill_type> --world-id <ID>Note: designed to kill VMs in a reliable way (not dependent upon well-behaving system)Eliminating one of the most common reasons for wanting to use TSM.

esxcli - New Namespacesesxcli has got 3 new namespaces – network, vaai and vms[root@cs-tse-i132 ~]# esxcliUsage: esxcli [disp options] <namespace> <object> <command>For esxcli help please run esxcli –helpAvailable namespaces:corestorage VMware core storage commands.network VMware networking commands.nmp VMware Native Multipath Plugin (NMP). This is the VMware default implementation of the Pluggable Storage Architecture.swiscsi VMware iSCSI commands.vaai Vaai Namespace containing vaai code.vms Limited Operations on VMs.

Control VM Operations# esxcli vms vmUsage: esxcli [disp options] vms vm <command>For esxcli help please run esxcli –helpAvailable commands:kill Used to forcibly kill VMs that are stuck and not responding to normal stop operations.list List the VMs on this system. This command currently will only list running VMs on the system.[root@cs-tse-i132 ~]# esxcli vms vm listvSphere Management Assistant (vMA) World ID: 5588 Process ID: 27253 VMX Cartel ID: 5587 UUID: 42 01 a1 98 d6 65 6b e8-79 3b 2a 7c 9d 88 70 05 Display Name: vSphere Management Assistant (vMA) Config File: /vmfs/volumes/4b1e10ed-8ce9ce16-f692-00215e364468/vSphere Management Assistant (vM/vSphere Management Assistant (vM.vmx

esxtop – Disk Devices ViewUse the ‘u’ option to display ‘Disk Devices’.NFS statistics can now be observed. Here we are looking at throughput and latency stats for the devices.

New VAAI Statistics in esxtop (1 of 2)There are new fields in esxtop which look at VAAI statistics.

Each of the three primitives has their own unique set of statistics.

Toggle VAAI fields (‘O’ and ‘P’) to on for VAAI specific statistics.New VAAI Statistics in esxtop (2 of 2)Clone (Move) OpsVMFSLockOpsZeroing (Init) OpsLatenciesThe way to track failures is via esxtop or resxtop. Here you'll see CLONE_F, which is clone failures. Similarly, you'll see ATS_F, ZERO_F and so on.esxtop – VM Viewesxtop also provides a mechanism to view VM I/O & latency statistics, even if they reside on NFS.The VM with GID 65 (SmallVMOnNAS) above resides on an NFS datastore.

VSI# vsish/> cat /vmkModules/nfsclient/mnt/isos/propertiesmount point information { server name:rhtraining.vmware.com server IP:10.21.64.206 server volume:/mnt/repo/isos UUID:4f125ca5-de4ee74d socketSendSize:270336 socketReceiveSize:131072reads:7 writes:0 readBytes:92160 writeBytes:0 readTime:404366 writeTime:0 aborts:0 active:0 readOnly:1 isMounted:1 isAccessible:1 unstableWrites:0 unstableNoCommit:0}NFS I/O statistics are also available via the VSI nodes

vm-support enhancementsvm-support now enables user to run 3rd party scripts. To make vm-support run such scripts, add the scripts to "/etc/vmware/vm-support/command-files.d" directory and run vm-support. The results will be added to the vm-support archive.Each script that is run will have its own directory which contain output and log files for that script in the vm-support archive. These directories are stored in top-level directory "vm-support-commands-output".

Power CLIFeature Highlights:Easier to customize and extend PowerCLI, especially for reporting Output objects can be customized by adding extra propertiesBetter readability and less typing in scripts based on Get-View. Each output object has its associated view as nested property. Less typing is required to call Get-View and convert between PowerCLI object IDs and managed object IDs.Basic vDS support – moving VMs from/to vDS, adding/removing hosts from/to vDSMore reporting: new getter cmdlets, new properties added to existing output objects, improvements in Get-Stat.Cmdlets for host HBAsPowerCLI Cmdlet Reference now documents all output typesCmdlets to control host routing tablesFaster Datastore providerhttp://blogs.vmware.com/vipowershell/2010/07/powercli-41-is-out.html

If you are really really curious…. Additional commands (not supported)http://www.petri.co.il/vmware-esxi4-console-secret-commands.htm

vCenter improvementBetter load balancing with improved DRS/DPM algorithm effectivenessImproved performance at higher vCenter inventory limits – up to 7x higher throughput and up to 75% reduced latencyImproved performance at higher cluster inventory limits – up to 3x higher throughput and up to 60% reduced latencyFaster vCenter startup – around 5 minutes for maximum vCenter inventory sizeBetter vSphere Client responsiveness, quicker user interaction, and faster user loginFaster host operations and VM operations on standalone hosts – up to 60% reduction in latencyLower resource usage by vCenter agents by up to 40%Reduced VM group power-on latency by up to 25%Faster VM recovery with HA – up to 60% reduction in total recovery time for 1.6x more VMs

88Enhanced vCenter Scalability

vCenter 4.1 installNew option: Managing the RAM of JVM

vCenter Server: Changing JVM SizingThe same change should be visible by launching "Configure Tomcat" from the program menu (Start->Programs->VMware->VMware Tomcat).

vCenter: Services in WindowsThe following are not shown as servicesLicence Reporting manager

Remote Console to VMFormally known as Virtual Serial Port Concentrator

OverviewMany customers rely on managing physical hosts by connecting to the target machine over the serial port. Physical serial port concentrators are used by such admins to multiplex connections to multiple hosts. Provides a suitable way to remote a VM’s serial port(s) over a network connection, and supporting a “virtual serial port concentrator” utility.Using VMs you lose this functionality and the ability to do remote management using scripted installs and management. Virtual Serial Port ConcentratorCommunicate between VMs and IP-enabled serial devices. Connect to VM's serial port over the network, using telnet /ssh. Have this connection uninterrupted during vmotion and other similar events.

Virtual Serial Port ConcentratorWhat it isRedirect VM serial ports over a standard network linkvSPC aggregates traffic from multiple serial ports onto one management console. It behaves similarly as physical serial port concentrators. BenefitsUsing a vSPC also allows network connections to a VM's serial ports to migrate seamlessly when the VM is migrated using vMotionManagement efficienciesLower costs for multi-host managementEnables 3rd party concentrator integration if required

Example (using Avocent)ACS 6000 Advanced Console Server running as a vSPC. There is not a serial port or virtual serial port in the ACS6000 console server. ACS6000 console server has a telnet daemon (server) listen to connections coming from ESX. ESX will make one telnet connection for each virtual serial port configured to send data to ACS6000 console server. The serial daemon will implement the telnet server with support to all telnet extensions implemented by VMware.

VMware vSphere 4.1 deep dive - part 2

Configuring Virtual Ports on a VM

Configuring Virtual Ports on a VMEnables two VMs or a VM and a process on the host tocommunicate as if they were physical machines connected by a serial cable. For example, this can be used for remote debugging on a VMvSPC, which will act as proxy.

Configuring Virtual Ports on a VMExample (for Avocent):Type ACSID://ttySxx in the Port URI, where xx is between 1 to 48. It defines which virtual serial port from the ACS6000 console server this serial port will connect to.1 VM 1 port.ACS6000 has 48 ports onlyType telnet://<IP of Avocent VM>:8801

Configure VM to redirect Console LoginCheck your system's serial supportCheck operating system recognizes serial ports in your hardwareConfigure your /etc/inittab to support serial console loginsAdd the following lines to the /etc/inittab# Run agetty on COM1/ttyS0s0:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS0 vt100

Configure VM to redirect Console LoginActivate the changes that you made in /etc/inittab# init qIf you want to be able to login via serial console as the root user, you will need to edit the /etc/securetty configuration file.Add ttyS0 as an entry in the /etc/securetty consolettyS0 vc/1 vc/2

Configure serial port as the system consoleUse options in /etc/grub.conf to redirect console output to one of your serial portsEnables you to see all of the bootup and shutdown messages from your terminal.The text to add to the config file is highlighted :

Accessing the Serial Port of the Virtual MachineOpen a Web connection to the AvocentACS6000Click on the Portsfolder and click SerialPortsBased on the SerialPort connection configured in the VirtualMachine, you should see Signals of CTS|DSR|CD|RI

Accessing the Serial Port of the Virtual MachineClick in the SerialViewer link and a console will open

Enter password of avocent and hit the Enterkey to establish the connectionPerformance Monitoring

UI > Performance > Advanced vSphere 4.1vSphere 4.0Additional Chart Options in vSphere 4.1 around storage performance statistics:Datastore, Power, Storageadapter & Storage path.

110Performance GraphsAdditional Performance GraphViews added to vSphere 4.1Host – Datastore, Management Agent, Power, Storage Adapter, Storage PathVM – Datastore, Power, Virtual Disk110

Storage Statistics: vCenter & esxtopNot available in this timeframe: Aggregation at cluster level in vCenter (possible through APIs)*Network-based storage (NFS, iSCSI) I/O breakdown still being researched** Not applicable to NFS; datastore is the equivalent ESXTOP publishes throughput and latency for LUN, if datastore has only one LUN then LUN will be equal datastore

Update ManagerCentral automated, actionable VI patch compliance management solution

Define, track, and enforce software update compliance for ESX hosts/clusters, 3rd party ESX extensions, Virtual Appliances, VMTools/VM Hardware, online*/offline VMs, templates

Cluster level pre-remediation check analysis and report

Framework to support 3rd party IHV/ISV updates, customizations: mass install, /update of EMC’s PowerPath module

Enhanced compatibility with DPM for cluster level patch operations

Performance and scalability enhancements to match vCenterOverviewvCenter Update Manager enables centralized, automated patch and version management .

Define, track, and enforce software update compliance and support for :

Automate and Generate Reports using Update Manager Database Views ESX/ESXi VMVirtual ApplianceVMToolsVM H/WVMToolsVM H/WOnline/offline ; Templates3rd party extensionsvCenter Update Manager

Deployment ComponentsvCenterServerVI ClientUpdateManagerServerUpdate Manager Components:Update Manager Server + DB2. Update Manager VI Client Plug-in 3. Update Manager Download ServiceVirtualizedInfrastructureExternal Patch FeedsConfidential

New Features in 4.1Update Manager now provides management of host upgrade packages.Provisioning, patching, and upgrade support for third-party modules.Offline bundles.Recalled patchesEnhanced cluster operation.Better handling of low bandwidth and high latency networkPowerCLIBetter support for virtual vCenter

NotificationsAs we have already seen with the notification Schedule, Update Manager 4.1 contacts VMware at regular intervals to download notifications about patch recalls, new fixes and alerts. If patches with problems/potential issues are released, these patches are recalled in the metadata and VUM marks them as recalled. If you try to install a recalled patch, Update Manager notifies you that the patch is recalled and does not install it on the host. If you have already installed such a patch, VUM notifies you that the recalled patch is installed on certain hosts, but does not remove the recalled patch from the host.Update Manager also deletes all the recalled patches from the Update Manager patch repository.When a patch fixing the problem is released, Update Manager 4.1 downloads the new patch and prompts you to install it.

NotificationsNotifications which Update Manager downloads are displayed on the Notifications tab of the Update Manager Administration view.An Alarm is Generated and an email sent if the Notification Check Schedule is configured

Update Manager shows the patch as recalledNotifications - Patch Recall Details

NotificationsAlarms posted for recalled and fixed PatchesRecalledPatches are represented by a Flag

VUM 4.1 Feature - Notification Check ScheduleBy default Update Manager checks for notifications about patch recalls, patch fixes and alerts at certain time intervals.Edit Notifications to define the Frequency (hourly, daily, weekly, Monthly) and the Start time ( minutes after hour ), the Interval and the email address of who to Notify for recalled Patches

VUM 4.1 Feature - ESX Host/Cluster Settings When Remediating objects in a cluster with Distributed Power Management (DPM), High Availability (HA), and Fault Tolerance (FT) you should temporarilydisable these features for the entire cluster.VUM does not remediate hosts on which these features are enabled. When the update completes, VUM restores these featuresThese settings become the default failure response. You can specify differentsettings when you configure individual remediation tasks.

VUM 4.1 Feature - ESX Host/Cluster SettingsUpdate Manager can not remediate hosts where VMs have connected CD/DVD drives.CD/DVD drives that are connected to the VMs on a host might prevent the host from entering maintenancemode and interrupt remediation.Select Temporarily disable any CD-ROMs that may prevent a host from entering maintenance mode.

Baselines and GroupsBaselines might be upgrade, extension or patchbaselines. Baselines contain a collection of one or more patches, servicepacks and bugfixes, extensions or upgrades.Baseline groups are assembled from existingbaselines and might contain one upgradebaseline per type and one or more patch and extensionbaselines, or a combination of multiple patch and extension baselines.Preconfigured BaselinesHosts – 2 BaselinesVM/VA – 6 Baselines

Baselines and GroupsUpdate Manager 4.1 introduces a new Host Extension BaselineHost Extension baselines contain additional software for ESX/ESXi hosts. This additional software might be VMwaresoftware or third-partysoftware.

VMware vSphere 4.1 deep dive - part 2

More Related Content

What's hot (15)

Similar to VMware vSphere 4.1 deep dive - part 2 (20)

More from Louis Göhl (19)

VMware vSphere 4.1 deep dive - part 2