Trainsignal Vmware

VMware vSphere 5
Training
VMware vSphere 5 Training
Instructors: David Davis and Elias Khnaser
Getting Started with
VMware vSphere 5
Training Course
Getting Started with VMware vSphere 5 Training Course
In This Lesson:
About Your Instructors
Who Should Watch this Course?
What is VMware vSphere?
What We Cover in the Course
18+ years of IT experience
Implemented VMware products in the real-world
Worked with performance since 1990s, starting with Unix
performance tuning
Spoke at VMworld
North America
Europe

About Your Instructor David Davis
Author of hundreds of vSphere
articles on the web including
Virtualization Review magazine
Author of numerous
TrainSignals video training
courses including:
vSphere 4 and Pro Series
vSphere Troubleshooting
vSphere Performance
Obtained a number of
certifications and awards

About Your Instructor David Davis
About Your Instructor Elias Khnaser
Technology Officer for Sigma Solutions
I advise clients on
Server, desktop, and application
virtualization technologies
Cloud computing strategies
Automation of highly virtualized data
centers
I LOVE technical training
Ive been doing it for years
Technical author with many books and
CBTs sold to my credit elias@eliaskhnaser.com
Twitter: @ekhnaser
Linkedin.com/in/eliaskhnaser
About Your Instructor Elias Khnaser
Virtualize Everything!
Ive been working with Citrix technologies and teaching them
for 10+ years
Authored CBTs for Citrix MetaFrame XP, VMware Infrastructure
3, 3.5 and vSphere 4
Awarded VMware vExpert
Frequent speaker at industry conferences and user groups
Contributor and blogger for VirtualizationReview.com,
InformationWeek, Forbes.com, and EliasKhnaser.com
Author and co-author of several books including:

DA Books!
Anyone who wants to learn vSphere 5
Server admins interested in using VMware virtualization in their
datacenter
Anyone who wants to see new vSphere 5 features in action
No vSphere experience is required

Who Should Watch this Course?
The most advanced virtualization platform available
The server virtualization solution that is going to a save your
company money
The platform that makes you look like a hero!
The foundation for cloud computing
What is VMware vSphere?
Overview of VMware vSphere 5
Installing VMware ESXi 5
Installing vCenter 5
Installing vCenter 5 as a Linux Appliance (vCSA)
Using the vSphere 5 Web Client
What's New in vSphere 5
Navigating vSphere Using the vSphere Client
vCenter 5 Configuring Your New Virtual Infrastructure
Creating and Modifying Virtual Guest Machines
Installing and Configuring VMware Tools
Understanding and Using Tasks, Events, and Alarms

Virtual Storage 101 and Storage Terminology
vSphere Storage Appliance (VSA)
Creating a Free iSCSI SAN with OpenFiler
Administering VMware ESXi Server Security
vSphere Virtual Networking
Using the vSphere Distributed Virtual Switch (dvswitch)
Moving Virtual Machines with vMotion
Moving Virtual Storage with svMotion
Performance Optimization with Distributed Resource Scheduler
(DRS)
Implementing High Availability with VMware HA (VMHA)
Super High Availability with VMware Fault Tolerance (FT)

Upgrading from VMware vSphere 4 to vSphere 5
vSphere Command Line Interface (CLI) Options
vSphere Auto Deploy
Storage DRS
Policy-Driven Storage
Understanding the New vSphere 5 vRAM Pooled Pricing
Network I/O Control (NIOC)
Storage I/O Control (SIOC)
ESXi Firewall
VMware Data Recovery (VDR) 2
Administering vSphere Using an iPad
Lab Setup
Lab Setup
Learn virtualization, first hand
Prove that it works as advertised
Prove that it works for your companys applications
Prepare for a certification
Why Build a Lab?
Lab Setup
1. Virtual Virtualization Lab

2. Physical Virtualization Lab
Two Ways to Build a Virtualization Lab

Lab Setup
Required 64-bit CPU with Intel VT or AMD-V
Min 4GB of RAM
May not power on a 64-bit VM
Fault Tolerance (FT) wont work
Performance may suffer
Limitations to a Virtual Lab
Lab Setup
Required to use and test vSpheres advanced features
Likely not needed with just one ESXi host
Shared storage
Low-end SAN/NAS
Server turned into a NAS
Virtual Storage Appliance (VSA)

Importance of Shared Storage
Lab Setup
Workstation 7 and ESXi 5
Windows 7
Intel 64-bit CPU with VT enabled
i7-2630QM @ 2Ghz
6GB of RAM

Note:
VMware Workstation 7 supports running ESX/ESXi as a VM and
editing VM configuration files is no longer necessary
Running vSphere in Workstation
Lab Setup
Multiple labs were used in the creation of this course

Lab #1
Two Dell T610 Servers with 8GB of RAM and Xeon 5500
series CPUs + Iomega ix4-200D
vSphere 5 Lab Setup
Lab Setup
Lab #2
Samsung i7 Laptop with 6GB of RAM running VMware
Workstation
vSphere 5 Lab Setup
Lab Setup
Lab #3
Fujitsu blade servers

vSphere 5 Lab Setup
Lab Setup
What We Covered
Build a vSphere lab to learn vSphere or to create a vSphere
proof of concept (POC) for your company
There are multiple ways to build a vSphere lab
Virtual vSphere labs are the least expensive and most portable
but also the least functional and more prone to performance
issues
Physical vSphere labs vary greatly in cost but offer the most
opportunity to test advanced features without potential
performance issues

Course Scenario
Course Scenario
Who is the Wired Brain Coffee Company?
Multiple datacenters
Uses vSphere for server consolidation
Usually managed by one vCenter Server
A simple virtual infrastructure
Why do we use a scenario?
Useful for scenarios
Scenarios help you remember
Remembering means you retain what you learn so you can
use it later
Our Scenario
Overview of
VMware vSphere 5

In This Lesson:
vSphere 5 Overview
vSphere 5 Components
Packaging and Versions
Cloud Computing
Ecosystem

Virtualization hypervisor and associated suite of products
vSphere includes ESXi and is sold in kits and per-socket licenses
vCenter is sold separately but is required
No more ESX Server
ESXi is a type 1 hypervisor

vSphere 5 Overview
ESXi
vCenter
vSphere Client
vMotion
svMotion
Distributed Resource
Scheduler (DRS)
Storage DRS
DPM
VMHA
Fault Tolerance (FT)

vShield Zones
Data Recovery
Hot Add
Distributed Switch
VMFS
Thin Provisioning
Update Manager
Host Profiles

Graphic Thanks to
VMware.com
vSphere breaks down into these options:
vSphere Hypervisor FREE
vSphere Essentials Kit and Essentials Plus Kit
vSphere Acceleration Kits Std, Ent, Ent+
vSphere per CPU socket & vRAM entitlement
Standard
Enterprise
Enterprise Plus
Note: advanced is no longer available
PLUS vCenter
Foundations (up to 3 hosts)
Standard
See: http://www.vmware.com/products/vsphere/pricing.html

VMware vCloud products
vCloud Director (vCD)
vCloud Datacenter providers
Cloud Computing
vCloud Express
vCloud Request Manager
vCloud API
Image by VMware.com
VMware Partner Network
The VMware Ecosystem is strong
It includes:
Hardware vendors
Consulting companies
VMware View partners
Virtual appliance partners
Third-party software companies
Bloggers and community members
Book authors
Training providers
Ecosystem
Image by VMware.com
What We Covered
vSphere 5 Overview
Cloud Computing
Ecosystem

Installing
VMware ESXi 5
In This Lesson:
ESXi Installation Requirements
What Happened to ESX Server?
Downloading VMware ESXi 5
ESXi Initial Configuration
Installing the vSphere Client

VMware ESXi
Runs directly on your hardware
It is the operating system
Talks directly to your hardware including NIC and storage
controller
Requirements:
64-bit CPU with Intel VT or AMD-V enabled
2098MB of RAM is the minimum but likely youll want 8GB+
Gig-E or 10Gig-Ethernet controller

vSphere 5.0 supports booting ESXi hosts from the Unified
Extensible Firmware Interface (UEFI). With UEFI you can boot
systems from hard drives, CD-ROM drives, or USB media.
ESXi can boot from a disk larger than 2TB provided that the
system firmware and the firmware on any addin card that you
are using supports it.
Check hardware compatibility (HCL/HCG) at
www.vmware.com/go/hcl
For testing purposes only, it is possible to run ESXi in
Workstation or Fusion
VMware Fault Tolerance (FT) has more specific hardware
requirements
vSphere storage has its own set of requirements

ESX Server has been deprecated/discontinued
Redhat Linux-based service console required more frequent
updates and had a larger attack surface
Maintaining two platforms didnt make sense
Took longer to install and boot
Used more resources
ESXi type-1 hypervisor
Thinner
Less updates
More secure
Still has a very thin local CLI
Loads and installs super-fast
Performs all the advanced features of ESX
vSphere (with ESXi) is available with 60 day
evaluation from www.vmware.com/tryvmware
Or, if you have a registered license, just download the
ISO from www.vmware.com/download
ESXi is a 321MB CD ISO

1. Burn ISO to CD and put in drive
2. Make sure VT is enabled in server BIOS
3. Boot the CD
4. Answer installation questions, reboot, and you are ready to
use ESXi 5
5. Perform initial configuration (recommended)
6. Connect with vSphere Client!

1. Login with F2 and root password
2. Configure IP address, SM, DG, DNS servers, hostname, and
domain
3. Add to your DNS server
4. Add to vCenter by DNS name
5. Optional:
Configure NTP on the ESXi server
Connect ESXi server to SAN
Configure lockdown mode
Enable tech support mode and remote tech support mode

Note: New in ESXi 5, the root password is set at installation time

Available in either a Windows version or a new web-based
version
Only Windows version offers 100% of features today
vSphere Client is now downloaded from VMware.com
An ESXi host or vCenter server will direct you
vSphere Client is also found on vCenter installation media
Hardware requirements to run the Windows vSphere Client
are low
Windows version requires that you install the .NET client
Web-based version requires that you install Adobe Flash

What We Covered

In This Lesson:
What is vCenter Server?
vCenter Server Blueprint
vCenter Server Physical or Virtual?
vCenter Server Features
HW and SW Requirements
Database Requirements
Port Requirements
How to Evaluate vCenter 5?
vCenter is a centralized management application and framework
that serves as a proxy for managing ESXi hosts and their virtual
machines
vCenter is a requirement for enterprise features like:
VMware vMotion
VMware High Availability (HA)
VMware Distributed Resource Scheduler (DRS)
VMware Update Manager (UM)
And more
Core Services
VM provisioning, Task Scheduler, Events Logging, Host
and VM Configuration, Inventory, vApp, Alarms and
Events, Statistics and Logging
Distributed Services
Features like vMotion, HA and DRS
Additional Services
Plugins like Update Manager, vShield Zones, Orchestrator,
Data Recovery, Storage Monitoring, Hardware and
Service Status
Database Interface
Database connectivity
ESXi Host
Management
ESXi host management
Active Directory
Interface
Active Directory integration
vSphere API
SDK for developers
vCenter Server can be physical or virtual
Physical requires a dedicated machine
Physical is not at risk of vSphere outages
Virtual can be backed with other VMs
Virtual does not waste an entire server on VC
Virtual can participate in HA and be vMotioned
Virtual is at risk of vSphere outages
vCenter needs to be part of a domain
Assign static IP and hostname
Create the back-end database
Determine licensing options
Correct time and date
Server must be registered in DNS and you must be able to
resolve it from all ESXi hosts
vCenter should not be a domain controller
Account you are installing under should have:
Member of administrator group
Act as part of operating system
Log on as a service
vCenter Server Pre-installation
vCenter
ESXi
Management
VM
Management
Update
Manager
Converter
Enterprise
Templates
Access
Control
Hardware Requirements:
CPU 2 64-bit CPU or 1 64-bit dual-core CPU (2GHX or better)
Memory 4GB or more if DB running on vCenter Server
Storage a minimum of 4GB is needed; more if DB installed
Networking a 1GB or better
Software Requirements:
Windows Server 2003 Std, Ent or Datacenter 64-bit SP2
Windows Server 2003 R2 Std, Ent or Datacenter 64-bit SP1
Windows Server 2008 Std, Ent and Datacenter 64-bit SP2
Windows Server 2008 R2 Std, Ent and Datacenter 64-bit
Microsoft .NET 3.5 SP1 Framework
Microsoft Windows Installer 4.5 (If using SQL 2008 R2 Express)

Supported Databases:
IBM DB2 9.5 and 9.7
Microsoft SQL Server 2008 R2 Express
Microsoft SQL Server 2005
Microsoft SQL Server 2008 and 2008 R2
Oracle 10g R2 and 11g
Default DB:
Microsoft SQL Server 2008 R2 Express
Can be used in production for small environments of up to 5
hosts and 50 VMs
Ideal for demos and eval
Built-in DB calculator
Estimates disk space required based on number of hosts, VMs,
and amount of statics required
It is an estimator and no changes are made to the DB
Database Space Calculator
80/443 for Web access
902 for heartbeat, ESXi management and VM console
8080 / 8443 for Web services and HTTPS Web Services
389 for LDAP, can be changed, 1025 to 65535
636 for vCenter Linked Mode, can be changed, 1025 65535
60099 Web service change service notification port
10443 vCenter Inventory Service HTTPS
10109 vCenter Inventory Service Management
10111 vCenter Inventory Service Linked Mode Communications
Port Requirements
60 day evaluation at
www.vmware.com/tryvmware
Or, with registered license, just download the ISO from
www.vmware.com/download
Available as an ISO or ZIP file
What We Covered
Port Requirements

as a
Linux Appliance (vCSA)
In This Lesson:
What is the vCenter Server Appliance?
Pros and Cons to Using vCenter as an Appliance
Deploying the vCenter Server 5 Appliance (vCSA)
Testing vCSA with the vSphere Client
A new option in vSphere 5 for deploying vCenter Server
A Linux-based virtual machine, optimized for running
vCenter Server
No knowledge of Linux is required
No installation has to be performed
Fastest way to get vSphere 5 up and running
There is no additional cost to using this method (a vCenter
license is required)

Pros
Supports all traditional vCenter features like DRS, SDRS, HA,
host profiles, dvSwitch, etc.
No Windows license is required
No Windows install has to be done
No vCenter install has to be done
Deployment is simple & FAST
Cons
Doesnt support SQL as an external database
vCenter Server linked mode doesnt work
vCenter Server heartbeat doesnt work
No single-sign on using Windows session credentials
vSphere Storage Appliance (VSA) isnt compatible

Will need an already installed ESXi server and the vSphere
Client
Download files from VMware.com
.OVF files
Appliance data disk
Appliance system disk about 4 GB
Use the Deploy OVF option in the vSphere Client
Once up and running the default credentials are:
root/vmware
You can perform network and timezone configuration using the
text menu on the console
You will want vCSA to have a static IP address and DNS host
record on your DNS server
The only steps absolutely required to use vCSA is:
Test and Save the vCenter database settings (the vCenter
Inventory Service, on the console)
Start vCenter Services on the vCSA VM
However, recommended configurations are:
Set a static IP
Set the timezone
Change the root password
Configure Windows AD authentication
Size the embedded database for your vSphere infrastructure
Then restart the vCSA VM
What We Covered
Testing vCSA with the vSphere Client
Using the vSphere 5
Web Client
In This Lesson:
vSphere 5 Web Client Overview
Installing the Server for the Web Client
Authorizing the Web Client Server
A web-based version of the vSphere Client
Built with Adobe Flex (currently in use with VMware View
Administration tools)
The web-client is the future of vSphere administration
The current vSphere Client, built in C# will go away one day
Offers nice recent tasks and work in progress windows
Requires: Microsoft Internet Explorer 7 and 8 or Mozilla Firefox
3.5 and 3.6
Requires: Adobe Flash Player version 10.1.0 or later to be
installed in your browser
Also requires Adobe Flash to be installed on the server side
where you are authorizing the web client

No plugins work with the web-client (yet)
The web-client is not required by or related to the vCenter
Server Appliance (vCSA)
The web client (server) is required to view the vRAM pool
utilization report in the regular vSphere client
Installation of the vSphere client (server) is done from the
vCenter media
It can be installed on any system that meets the requirements
but I typically put it on the Windows vCenter Server
What We Covered
Installing the Server for the Web Client
Authorizing the Web Client Server

Whats New in
vSphere 5
Whats New in vSphere 5
In This Lesson:
vSphere 5 Platform Enhancements
vSphere Storage
vSphere Networking
vCenter 5.0
The New High Availability HA
vCenter Site Recovery Manager 5
vCloud Director 1.5
vShield 5.0

Convergence
Auto deploy and image builder
Unified CLI
VM enhanced capabilities
Support for up to 160 Logical CPUs
Up to 2TB physical RAM
Up to 512 VMs per host with a max of 2048 vCPUs
Host UEFI BIOS
Mac OS X 10.6 Snow Leopard guest OS support on Apple HW
Improved SNMP Support

Storage DRS (SDRS)
Profile Driven Storage
VMFS-5
vSphere APIs for Storage Awareness VASA
vSphere APIs for Array Integration VAAI
vSphere Storage Appliance VSA
iSCSI UI support
Storage I/O Control NFS support
Swap to SSD
Storage vMotion Snapshot support
VMware View Accelerator

vSphere Storage
Enhanced network I/O control
vNetwork Distributed Switch improvements
ESXi firewall

vSphere Networking
Traditional install
vCenter Linux Appliance
Solution installation and management
vSphere full client
vSphere web client
Enhanced logging support

vCenter 5.0
VM Hardware Version 8
Up to 32 vCPUs including multi-core support
Up to 1TB of vRAM
Up to 1 million IOPS
Support for client connected USB
USB 3
Non Hardware Accelerated 3D Graphics support
UEFI Virtual BIOS
Smart Card Readers
VMware Tools versions support matrix
GUI configuration of multicore vCPUs
Mac OS X 10.6 Snow Leopard guest OS support on Apple HW
VM Enhanced Capabilities
Centrally manage stateless hardware
PXE boots / streams image into local memory
Host configuration provided by answer file and / or host profiles
Image builder streamlines the creation of customized installation
media
Auto Deploy and Image Builder
vCenter Server
with Auto Deploy

Host Profiles

Image
Profiles

Enabled with Storage vMotion
Initial VM placement
Automated load balancing
Storage space utilization
Lowest latency
Affinity rules
VMDK Affinity
VMDK Anti-affinity
VM Anti-affinity
Storage DRS
datastore
cluster

2TB
datastores
500GB 500GB 500GB 500GB
Matches storage capabilities to VM storage requirements to
meet SLAs
Leverages VASA Storage APIs Array Awareness
Ideally leverage SDRS and Profile Drive Storage to reduce OpEx
while meeting SLAs
Profile Driven Storage
VMFS-5
Feature VMFS-3 VMFS-5
2TB+ VMFS volumes Yes
(using extents)
Yes
(64TB)
Support for 2TB+ physical RDMs No Yes
Unified block size (1MB) No Yes
Atomic test and set enhancements
(part of VAAI, locking mechanism)
No Yes
Sub-blocks for space efficiency 64KB (max ~3k) 8KB (max ~30k)
Small file support No 1KB
Space reclamation on thin
provisioned LUNs
No
(manual)
Yes
(enhanced VAAI)
Monitoring of space when using
thin provisioning
No Yes
(enhanced VAAI)
Server Virtualization is about consolidation, containment and
availability
Desktop Virtualization is about standardization and
customization
Desktops will always have exceptions
Not much CapEx savings, but significant OpEx savings
VMware View Accelerator
VMware vSphere
Fault Domain Manager FDM
Failure detection
Management Network and Storage Communications
One log file per server /etc/opt/vmware/fdm
No reliance on DNS
Eliminate common issues
IPv6 support
Enhanced UI
Enhanced deployment
VMware
ESX
VMware
ESX
VMware
ESXi
Resource Pool
Failed Server Operating Server Operating Server
vSphere replication
Hypervisor based replication
Bundled with SRM
File-level consistency (except planned migration)
Support for storage based replication
Automated failback
Planned migration
Application-consistent migration
New workflow applied to any plan
IPv6
VMware
vSphere
VMware
vCenter
Server
Site
Recover
y
Manager
VMware
vCenter
Server
Site
Recover
y
Manager
VMware
vSphere
Site A (Primary) Site B (Recovery)
Servers Servers
vCloud Director 1.5
Fast Provisioning (Linked Clones)
vApp Custom Guest Properties
3
rd
party distributed switch support
Most Agile Access to
Cloud Infrastructure
vCloud Messages
Microsoft SQL Server Support
Expanded vCloud API and SDK
vSphere 5 support
Secure Isolation and
Simple Management
vShield Edge VPN Integration
The Only Hybrid Cloud
Infrastructure
vShield 5
DMZ Application 1 Application 2
Edge
vShield Edge
Secure the edge of
the virtual datacenter
Security Zone
vShield App with
Data Security
Create segmentation
between silos of workloads
Sensitive Data Discovery
Endpoint = VM
vShield Endpoint
Offload anti-virus processing
Endpoint = VM
vShield Manager
Centralized Management
What We Covered
vSphere Storage
vSphere Networking
vCenter 5.0
vCloud Director 1.5
vShield 5.0

Navigating vSphere
Using the vSphere Client
In This Lesson:
vSphere Terminology (Lingo)
Performing VM Guest Remote Control
Navigating the vSphere Client with Hotkeys
Searching the Virtual Infrastructure
Sorting and Filtering in the vSphere Client
Exporting Data
Running Reports
vCenter Server
vSphere Client
ESXi
vMA
(Virtual) Data Center
VM (Virtual Machine)
Host / Guest
Datastore
Folder
Resource Pool
Cluster
Networks (virtual networks)

Has a HOME screen
Only displays what you have licensed
Different views when connected to vCenter vs ESXi host
Remembers last
connection view
Back functionality
Like a web browser

Make sure you install the VMware Tools
Console tab or pop-up window
Hot Keys
Ctrl-Alt = release mouse (no VMware Tools)
Ctrl-Alt-Ins = Ctrl-Alt-Del
Ctrl-Alt-Enter = to switch back and forth to full screen
Google for your VI
From the Home Screen or any vSphere client window
Search for VMs, hosts, datastores, networks, and folders
Linked mode is supported
Simple and advanced searching

Sort lists by clicking on column headings
Filter a list by keyword
You can also export a list in a variety of formats

List Export
HTML, HTML with CSS, XLS, CSV, or XML
OVF File, Events, Maps, and System Logs

Exporting Data
Host Summary
Performance
Running Reports
What We Covered
Exporting Data
Running Reports
vCenter 5 Configuring
Your New Virtual
Infrastructure
In This Lesson:
Planning the Virtual Infrastructure
Adding Datacenters, Folders, and Hosts
Configuring vSphere Licensing
Removing Getting Started Tabs
Configuring the ESXi Server Clock and NTP
vCenter Server Settings and Plugins
Reviewing System Logs, vCenter Sessions, and Service Status
Monitoring ESXi Host Health Hardware Status
Proper naming and organization of the virtual infrastructure is
critical
This structure will be used to delegate permissions to users and
groups
Develop a standard naming convention for ESXi hosts and guest
VMs
Organize by
Physical site
Company division
Purpose of infrastructure
Or other system that makes sense in your organization
vCenter inventory can contain:
Folder
Datacenter
Folder can contain:
Folder
Datacenter
Datacenter can contain:
Folder
Cluster
Host
Virtual Machine

GGLT-AAABBB##
Header portion:
GG geographical location
L location should be generic and not vendor or building
specific to facilitate moves, building name changes due to
mergers, out of business etc
T type
- required delimiter to signify the end of the header portion
Variable portion:
AAA function / service / purpose
BBB application
Unique ID:
## 2 digit sequence #

Naming Convention
CHEV-DC01
Chicago Datacenter, Virtual server, Domain Controller, sequence #1
CHEV-FS01
Chicago Datacenter, Virtual server, File Server, sequence #1
CHEV-EXH01
Chicago Datacenter, Virtual server, Microsoft Exchange, sequence #1
CHEP-ESX01
Chicago Datacenter, Physical server, VMware ESXi, sequence #1
CHTV-CTXJDE01 - ???

Naming Convention Examples
vSphere Network Virtualization Diagram
Bandon, OR
Dallas, TX Hilton Head, SC
What We Covered
Adding Datacenters, Folders, and Hosts
Configuring vSphere Licensing
Removing Getting Started Tabs
Configuring the ESXi Server Clock and NTP
vCenter Server Settings and Plugins
Reviewing System Logs, vCenter Sessions, and Service Status
Monitoring ESXi Host Health Hardware Status

Creating and Modifying
Virtual Guest Machines
In This Lesson:
Three Ways to Create Virtual Machines
Downloading VMs from Virtual Appliance Marketplace
VMware Guest OS Install Guide
Changing BIOS Settings in a Guest VM
Creating ISO Images of CD/DVD Install Media
Creating a Library of ISO Installation Media
Using the vSphere Datastore Browser
Using Secure Copy Protocol (SCP) with vSphere
Accessing ESXi Using SSH
Creating a New Virtual Machine with a Fresh OS Install
vSphere 5 EFI Firmware Option

1. Fresh OS install
2. Download and deploy (import) a virtual appliance
3. P2V conversion
http://www.vmware.com/appliances
Thousands of VMs available
Some are unlimited free use
where others are limited trials
Once downloaded, simply
deploy them in the vSphere
Client

Downloading VMs from Virtual Appliance
Marketplace
vSphere 5 supports more guest OSs than any other
virtualization product
Best resource for learning guest OS gotchas is the VMware
Guest OS Install Guide found at
http://www.vmware.com/pdf/GuestOS_guide.pdf
Another excellent tool is the vSphere 5 Virtual Machine
Administration Guide
A VM has a virtual BIOS, just like a physical server has a real
BIOS on the motherboard
Telling the BIOS to boot a guest OS Install CD/DVD can be tricky
To enter the Phoenix BIOS press F2 before the guest OS begins
booting
To boot an a CD/DVD, press ESC for the boot menu
In the BIOS you can set the boot order (CD then HD)
Note: while we typically call this BIOS, VMware calls it
firmware and you can select between the standard BIOS and
the new EFI firmware option
You can create an ISO with most CD/DVD authoring applications
For a quick and easy ISO authoring app, I recommend:
LC ISO Creator http://www.lucersoft.com/freeware.php
FREE ISO Recorder (XP and Vista/7 versions)
http://isorecorder.alexfeinman.com/W7.htm
Important to have an ISO library of commonly used OS and App
CD/DVD media
Benefits:
No media to worry about
No physical access to servers
No slow network transfers or mounts
Store this on your SAN so that all ESXi hosts can access it
Datastore browser allows you to access files that the ESXi
server can see in the VMFS
Access the datastore browser via:
Web browser directly to the ESXi server
vSphere Client
ESXi doesnt support FTP
You can use SCP to copy
files to and from an ESXi
server
There are lots of free SCP
tools available on the web
I am a fan of Veeams free
FastSCP
ESXi doesnt support telnet (it uses clear text authentication)
Enabling remote tech support mode on the ESXi server
enables a SSH server
From there, you can access the ESXi server via SSH with a
SSH client like PuTTY
This will give you access to manipulate files in the VMFS
datastores

Creating a new VM is easy but keep in mind the
consequences of doing so:
Cost of software license
Management overhead
Documentation
Training of junior administrators and support staff
Backups must be performed
3
rd
party software licenses based on # of servers

Creating a New Virtual Machine with a Fresh OS
To create a new VM, you need to know:
Name of the VM (recommend a standard)
Server and datastore to place the VM in
Operating system (32 or 64-bit)
Number of vCPUs
RAM
Disk size and type
You need to have the ISO file available in:
Local VMFS datastore on the server or SAN
Physical media on the server
Client device ISO file on your local computer or a
network share

Creating a New Virtual Machine with a Fresh OS
With vSphere 5, you can choose from traditional BIOS
firmware or new EFI firmware
New EFI firmware doesnt:
Work with Windows
Work with any kind of network boot
New EFI firmware does:
Allow you to use Mac OSX (on a ESXi host running on
an Apple platform)
Offers built in drivers for HW and a shell
Note that, also new in vSphere 5, ESXi servers can be
booted on systems that are using the EFI firmware,
allowing ESXi servers to be booted from hard drives, CD
drives, and USB devices
What We Covered
Downloading VMs from Virtual Appliance Marketplace
Creating a New Virtual Machine with a Fresh OS Install

Installing and
Configuring
VMware Tools
In This Lesson:
Why You Need VMware Tools
Installing VMware Tools in Windows
Configuring VMware Tools with VMware Toolbox
Installing VMware Tools in Linux
Searching and Sorting to Check VMware Status
Updating VMware Tools
VMware Tools are a set of drivers installed in each VM Guest OS
VMwares documentation says:
Installing VMware Tools in the guest operating system is vital.
Although the guest operating system can run without VMware
Tools, you lose important functionality and convenience.
To the novice, VMware Tools appear as a simple application
The VMware Tools service/daemon
Windows VMwareService.exe
Linux and Solaris vmware-guestd

VMware Tools provides:
Time sync between host and guest
Windows controls grabbing/releasing mouse
Contains the following drivers:
SVGA
vmxnet network driver for some guest OSs
BusLogic SCSI for some guests
Memory control driver for efficient memory allocation
between VMs
Sync driver to quiescence IO for backup
VMware mouse driver

VMware Tools provides:
VMware Tools Control Panel modifies settings, shrinks
virtual disks, and connects/disconnects virtual devices
Scripts can run when the power state of the VM changes if
you configure them
VMware User Process enables copy and paste of text
between guest and host
Windows VMwareUser.exe
Linux/Solaris vmware-user
VMware Tools Installers ISO images, installed when ESXi is
installed
Without VMware Tools the guest shutdown and restart
options in the vSphere Client do not work

Simple and easy
Make sure you read the VMware Guest Install Guide for info on
your specific Windows OS
Installing the VMware Tools in Windows

USE SUPPORTED LINUX GUEST OS
Use the RPM or TAR installer
RPM is preferred
For TAR file, run vmware-install.pl
Run vmware-config-tools.pl located in /usr/bin.
Tools are installed in /usr/lib/vmware-tools
Configuration files are in /etc/vmware-tools
Executables are in /usr/bin
To start the VMware Tools Toolbox, run vmware-toolbox

Installing the VMware Tools in Linux

What We Covered
Installing VMware Tools in Windows
Configuring VMware Tools with VMware Toolbox
Installing VMware Tools in Linux
Understanding
and Using Tasks,
Events, and Alarms
In This Lesson:
Understanding Tasks and Events
Configuring SNMP and SMTP Email in vCenter
Alerting You with vCenter Alarms
Tasks are initiated by you (or in some cases by system)
Events record Tasks and events that occur on the system
Alarm condition reached
Datastore out of space, etc
Tasks and Events are available at just about every level of the
inventory and on every type of object
You can filter and sort Tasks and Events
You can export Events
Checkout the Events Home
You can create Scheduled Tasks
Different types of SNMP in vSphere:
Outbound traps
Inbound statistics gathering
Here, we are talking about sending outbound traps to a
network mgmt station
Like SNMP, SMTP is used as an alarm trigger
vCenter does the sending, not the ESXi Server
Very simple SMTP configuration in vCenter
vCenter offers only the configuration of the SMTP server and
username
Alarms can alert you or take action on one of hundreds of
potential conditions in the VI
You could:
Receive SNMP trap
Receive SMTP Email
Start/Stop a VM
Execute a script
And more
You can also configure alarms based on Thin Provisioning and
the vNetwork Distributed Switch (vDS)!
What We Covered

Virtual Storage 101
and
Storage Terminology
In This Lesson:
Storage 101 Virtual Disks and VMFS
Data Transfer
Comparing Storage Technologies
Storage Area Network (SAN) 101
Fiber Channel SAN Components
Addressing FC SAN LUNs
Understanding iSCSI Storage
Why You Need a SAN
Storage Terms You Must Know
What is in a Datastore?
ESXi Server Storage Options
VMFS Specs and Maximums
vSphere provides host-level storage virtualization, which
logically abstracts the physical storage layer from virtual
machines. VMware FC Documentation
VMs not aware
VM uses virtual disks
VDs can be managed easier
VMs use virtual SCSI controllers to see VD
Each VM, through the SCSI controller, can access VMFS
datastore, NFS datastore, or raw disk (RDM)
VMFS is the VMware File System, a specialized virtualization
clustered FS providing distributed locking
VMs VDs are stored in VMFS datastores
VMFS could be local, iSCSI, or FC
Centralized Storage is required for advanced features of
vSphere like vMotion, VMHA, FT, and DRS
Most of the time, that centralized storage is a SAN
Graphic thanks to VMware.com
Block Level Transfer
Presentation of storage that can be formatted and managed
as local drive
For example, a Windows host that has been presented a unit
of storage from a storage area network identifies the storage
as if it were a local disk and the host is permitted to format
the disk
File Level Transfer
Presentation of storage that has been formatted and is
managed from the host presenting the storage
For example, a Windows host with a mapped drive to a
shared directory does not have the ability to format the
associated drive letter allocation
Data Transfer
Data Transfer
iSCSI NFS
Fiber
Channel
Type Communication
Data
Transfer
Performance
Rating
Cost
NAS
SMB/NFS over TCP/IP via
standard NIC
(1Gbps or 10Gbs)
File level Low to High
Low
$
iSCSI
SCSI over TCP/IP via
standard NIC or iSCSI HBA
(1Gbps or 10Gbps)
Block level
Medium to
High
Medium
$$
Fibre
Channel
SCSI over Fibre Channel via
Fibre Channel HBA
(2, 4 or 8 Gbps)
Block level High
High
$$$
SAN could be iSCSI or Fiber Channel (FC)
FC SAN packages SCSI commands into FC frames
Servers connect to the SAN using HBA
HBA connect to FC switch Fabric
FC switch connects to Storage Processor (SP)
Zones configured in the FC switch define what HBA can
connect to what SP and what LUN
ESXi fully support SAN multipathing

ESXi Host
FC Host Bus Adapter (HBA)
FC Switch Fabric
Storage Processor
Logical Unit Numbers (LUNs)
FC Cables
ESXi natively supports Fiber Channel HBAs made by QLOGIC,
EMULEX, Brocade, Intel and others
Refer to the I/O Compatibility guide on the VMware Web site for
model numbers: www.vmware.com/go/hcl
Fiber Channel HBAs
Fiber Channel Connectivity
ESXi with 2 Single Port HBAs
FC Switched
Fabric
Storage
Device with 2
Dual Port
Storage
Processors
Storage Device with 2 Single Port Storage
Processors
ESXi with 2 Dual Port HBAs
FC SAN LUNs are addressed using a four-part name in the form of:
vmhba#:storage_processor#:LUN#:Partition#
There can be multiple paths to a LUN with redundant hardware
configurations
SP0
LUN8
FC Storage device
with 2 single port SPs.
LUN9
ESXi Host with two single
port HBAs.
vmhba1
vmhba2 SP1
vmhba1:0:8:1
vmhba1:0:9:1
vmhba2:1:8:1
vmhba2:1:9:1
Zoning is the process of allowing ESXi hosts to communicate with
a storage device through the Fiber Channel switched fabric
Zoning is performed from the management interface of the FC
switch
Zoning
WWN: 210000E08B8E5C9A
WWN:500601603022C194
Zone Name: SILO101a_CX3-80a
Zone Members:
210000E08B8E5C9A
500601603022C194
Zoning Sample
WWNs included in this
zone
WWNs of discovered nodes Names of existing zones.
Fiber Channel storage devices house physical hard drives that
make up RAID groups from which Logical Unit Numbers, or LUNs,
are carved
A LUN is a logical allocation of storage space carved from a set of
underlying physical drives that make up a RAID group
A relationship between the ESXi hosts and LUNs is created through
storage groups
Managing FC Storage
Sample SAN Management
RAID Groups are collections
of physical disks from which
LUNs are carved
Storage groups (host groups)
create relationships between
hosts and LUNs
iSCSI (Internet SCSI) is sending SCSI disk commands and data
over a TCP/IP network
Why use it?
Low cost
Use existing hardware Ethernet NIC, switch, and OS features
Supports almost all vSphere features
Downside performance? reliability?
iSCSI terms:
iSCSI hardware initiator a special iSCSI NIC card
iSCSI software initiator use your own NIC card and OS iSCSI
software
iSCSI Target the server running iSCSI

iSCSI uses IQN (iSCSI qualified name) to identify iSCSI Targets
and Initiators
It is laid out in this format:
date in year-month format
reversed domain
a unique org assigned name (ie: hostname)
For example:

2007-01.com.wiredbraincoffee:iscsi1
Justification for a SAN with vSphere:
Maintenance with zero downtime
Load balancing with vMotion and svMotion
Storage consolidation and central management
Disaster recovery
Simple array migrations and storage upgrades
Use of advanced features like
HA
FT
DRS
DPM
Why You Need a SAN
Datastore
VMware file system / logical volume
Can be NFS or VMFS and can be located on any supported
storage
Where your VMs are stored
Disk partition an area on a disk set aside for a datastore
Extent a disk area that can be added to a datastore
Fibre Channel (FC) high speed storage technology with FC
HBA, FC switch, FC SP, and disk
Internet SCSI (iSCSI) SCSI over TCPIP, server is initiator
and storage is the target
LUN (logical unit number) an address used to identify a
SCSI disk

Multipathing / Failover allows you to use more than 1
path, offers failover and redundancy
NAS (Network Attached Storage) networked disk
storage, ESXi uses NFS on NAS
NFS (Network File System) a file sharing protocol used
with ESXi server (and Unix/Linux)
Raw Device Mapping (RDM) a special type of storage disk
where ESXi controls disk access
Spanned Volume a dynamic volume spread across number
of extents
Volume
A disk volume
A logical storage unit

Virtual disk
Virtual memory
VM configuration file
Log files
Core dumps
Anything you add, like an ISO file
Local Disk with VMFS Datastore
SAN
iSCSI Software
iSCSI Hardware
Fiber Channel (FC)
NAS
NFS
VSA vSphere Storage Appliance
Checkout the vSphere SAN and I/O Compatibility Guide:
www.vmware.com/go/hcl

Optimized for storing VMs and high performance
Cluster file system multiple ESXi hosts
Not a lot of features when compared to NTFS or other FS
VMFS-5 is the latest VMFS version
You should have only one VMFS volume per LUN
Max disk size for a VM is 64TB
Best practice is to format LUNs with 8MB Block size
What We Covered
Data Transfer
Why You Need a SAN

vSphere Storage
Appliance (VSA)
In This Lesson:
vSphere Storage Appliance Overview
What Makes VSA Unique
VSA Cluster Design Options
VSA SAN Maintenance Mode
VSA Installation Gotchas

vSphere Storage Appliance = VSA
VSAs are commonly known as Virtual Storage Appliances
VSA is new with vSphere 5 and it allows you to create a storage
area network (SAN) using the local storage across ESXi servers
Shared storage (a SAN/NAS) it required to implement many of
VMwares core features like vMotion, VMHA, and DRS
Due to the cost barrier, many companies have been unable to
implement these features
The new VSA will allow all customers to affordably implement a
SAN and, thus, implement advanced vSphere features

Graphic Thanks to VMware.com
VSA is not included with any version of vSphere
Cost details:
$5995 per instance (up to 3 nodes)
Or vSphere Essentials Plus with the VSA $7995 (which is
40% off)
Note: your pricing may vary (try to negotiate)
Consider the alternatives and what makes VSA so beneficial
before you dismiss it and go with a low-end hardware SAN
Capex savings = no hardware SAN to buy
Opex savings = no dedicated SAN administration needed

A SAN that requires no
additional hardware
A software-based SAN,
from VMware, that is
fully supported for use
with advanced vSphere
features
Fully redundant (unlike a
standalone SAN)
Easy to install (unlike)
Bringing highly available
SAN features and
advanced vSphere
features to EVERYONE

VSA provides NFS-based storage
Each ESXi server has a special VSA VM on it
1:1 relationship between vCenter and VSA (and must be on the
same subnet)
ESXi servers should be fresh installs (vanilla configuration)
VSA SANs are either 2 nodes plus vCenter or 3 nodes
vCenter must not be running as a VM on the ESXi hosts in the
cluster
Multiple NICs are highly recommended for redundancy

vCenter Server

Manage

VSA Manager

VSA Cluster Service

VSA
Datastore 2
VSA
Datastore 1
Volume 1
(Replica)
Volume 2
VSA cluster with 2 members
Volume 1
Volume 2
(Replica)

vCenter Server

Manage

VSA Manager

Volume 1
Volume 3
(Replica)
Volume 2
(Replica)
Volume 3
Volume 1
(Replica)
Volume 2
VSA
Datastore 2 VSA
Datastore 3
VSA
Datastore 1
VSA cluster with 3 members
VSA SAN maintenance mode options are:
Entire VSA cluster
Single VSA node
If a node is taken out of the cluster, changed blocks are tracked
until the node is added again
If a new node is added, a full sync is done
Requirements to install VSA are quite particular:
No VMs on the ESXi servers (including vCenter)
You can have only 1 datastore on the server and it must be
a local disk (no SAN connections)
Only a short list of physical servers are supported (but it
should still run)
ESXi servers must have the same hardware configuration
6GB of RAM minimum per server
A RAID controller that supports RAID 10
Please check the VSA installation requirements prior to install
What We Covered
VSA Cluster Design Options

Creating a Free iSCSI
SAN with OpenFiler
In This Lesson:
Why Use OpenFiler?
Downloading OpenFiler
Installing OpenFiler
Configuring OpenFiler as an iSCSI SAN
Connecting vSphere to the OpenFiler iSCSI SAN
You need a SAN to perform advanced vSphere
functions like:
vMotion
svMotion
VMHA
FT
DRS
DPM
SAN is the best way to manage storage
Recommend a dedicated server
Recommend OpenFiler for testing and
developing
Why Use OpenFiler?
Available in 32-bit and 64-bit ISO installer
Alternatively, you can download OpenFiler as a pre-built
VMware virtual appliance with no installation
Download it from www.openfiler.com
Configure static IP address and DNS entry to it
Connect to it at:
https://<hostname>:446
Default username
and password are:
openfiler
password
* change default pass!
(note: root account
also works)
If using in a VM, create a second VMDK before boot
Configure NTP
Create partition and volume
Verify the IQN
Create filesystem and select iSCSI
Allow local network
Enable iSCSI
To configure a new ESXi Server to use iSCSI:
Add a software iSCSI adaptor
Configure the new iSCSI adaptor to:
Use dynamic discovery
Enter the IP or hostname of the OpenFiler server (add CHAP
credentials if necessary)
Perform a rescan
If its the first connection to the iSCSI SAN, use Add Storage
to create a VMFS datastore on the new iSCSI SAN

What We Covered
Why Use OpenFiler?
Administering VMware
ESXi Server Security
In This Lesson:
Basics of vSphere Security
Default vSphere Security Roles
Adding, Modifying, and Removing ESXi Users and Groups
Using Windows AD Users and Groups to Secure vSphere
Defining and Applying Roles and Permissions
vShield Overview
Securing Guest Virtual Machines
ESXi server has local Linux-like accounts
vCenter, installed on Windows, uses Windows Active Directory
(AD) accounts
vCenter, as a Linux appliance, can be configured to use
Windows AD accounts
Recommend using Windows AD users and groups to define
permissions to VC objects
All vSphere Client communications are encrypted
VLANs can be used to segment service console traffic

Users and groups are assigned roles
Roles are assigned to objects in the vSphere infrastructure
Combining user/group with a role is what created a permission
By default only root can login to ESXi and Win AD Admins on
vCenter server can login to vSphere Client
Assuming vCenter is installed in Windows
It is not possible to run vCenter for Windows on a Windows AD
domain controller
Permissions take effect immediately, no need to log out and back
in
Permissions are inherited in a hierarchical manor, just like alarms
Remember the PoLP!

No access
Read-only
Administrator
VM power user (sample)
VM user (sample)
Resource pool admin (sample)
VCB user (sample)
Datastore consumer (sample)
Network consumer (sample)
Adding, modifying, and removing ESXi users and groups
Using Windows AD users and groups to secure vSphere
Defining and applying roles and permissions on different levels
of the vSphere infrastructure
Tasks to Perform
vShield Zones
vShield App
vShield App with Data Security
vShield Edge
vShield Endpoint
vShield Manager
vShield Bundle
vShield Overview
Treat security of guest VM as you would
any other mission critical server
Install AV
Keep patches up to date
Limit login, especially administrator/root
Limit software install
Properly secure vSC Client, Web, and SSH
access
Keep vSphere / ESXi patches up to date
(use VMware Update Manager VUM)


What We Covered
Adding, Modifying, and Removing ESXi Users and Groups
Using Windows AD Users and Groups to Secure vSphere
Defining and Applying Roles and Permissions
vShield Overview

vSphere Virtual
Networking
In This Lesson:
Virtual Networking
Network Adapters
Virtual Standard Switches (vSS)
vSS Functionality
Similarities Between pSwitch and vSS
Differences Between pSwitch and vSwitch
Types of vSwitches
Virtual Switch Ports
What is a VLAN?
MAC Address Changes
Forged Transmits
The virtual networking features of ESXi are the cornerstone of
building an IP network for virtual machines that integrates
seamlessly with the existing physical server environment
Virtual Networking
The network adapters available for use in the virtual networking
architecture can be identified from the Configuration | Network
Adapters page

ESXi host performs a discovery to identify network IP addresses.
This facilitates understanding which networks an adapter is
connected to. Note the IP range can be inaccurate if no
addresses are found
Network Adapters
vSS are logical objects that reside in the vmkernel of each ESXi
host
Each virtual NIC connected to a virtual switch will have its own
MAC address
vSS can be bound to one or more physical network adapters
Each virtual standard switch can contain one or more
connection types or port groups that define the types of
communication expected through the virtual switch
vSS operate at Layer 2 and can provide VLAN tagging, security,
checksums, and segmentation offload units
vSS Functionality
Virtual standard switches are similar to physical switches in that
both:
Maintain MAC address tables
Look up each frames destination MAC upon arrival
Forward frames to one or more ports
Avoid unnecessary deliveries
Virtual switches are different from physical switches in that:
Virtual standard switches cannot be connected to other
virtual switches the way physical switches can be
Virtual standard switches do not require Spanning Tree
Protocol
Virtual standard switch isolation prevents loops in the
switching configuration
Forwarding table data is unique to each virtual
Internal only
Used for communication of two virtual
machines on the same ESXi host

Single adapter
A virtual switch bound to a single physical
adapter used for communication with
resources on the physical network

NIC team
a virtual switch bound to 2 or more physical
adapters used to provide redundancy and
bandwidth aggregation for communication
with resources on the physical network
Types of vSwitches
VMkernel
VMkernel
VMkernel
Virtual switches are made up of one more port groups or
connection types that dictate the type of traffic supported by
the virtual switch
The uplink ports of a virtual switch are the ports that are
associated with a physical network adapter
The two port group or connection types are:
Virtual machine
VMkernel
vMotion
Fault Tolerance Logging
Management traffic
VMkernel
The Management network connection type allows a virtual
switch to pass communication to and from the ESXi
management network
An IP address must be assigned to the Management network
Management Network Connection
VMkernel
Management
network
A Management network port labeled as vmk0 is added to
vSwitch0 during the installation of ESXi
Subsequent Management network ports will enumerate as:
vmk1
vmk2, etc.
Multiple Management network ports creates redundancy
through multiple points of entry at each IP address
Building a Management network port into a virtual switch with
multiple uplinks provides redundancy with a single IP address
configuration
Management Network Configuration
A virtual machine port group provides associated virtual
machines with access to other systems on physical networks by
providing a switch-to-switch connection between the virtual
switch and physical switch
Virtual Machine Port Group
VMkernel
Virtual Machine Cov
VMkernel
Production LAN
Communication
between physical and
virtual machines.
A VLAN is a logical configuration of a network on switch port to
segment IP traffic
What is a VLAN?
Using VLANs reduces hardware needs by allowing a switch to
segment IP traffic into multiple IP subnets on a port by port
configuration
VLANs
192.168.100.0/24
172.16.100.0/24
10.100.100.0/24
VLANs allow IP subnets to extend beyond the distance limitations
of the physical medium
A trunk port is a port that has knowledge of all VLANs configured
In the example here, the port that connects each switch to the
nearest route is configured as a trunk port
VLANs Across Geographies
192.168.100.0/2
4 172.16.100.0/24
10.100.100.0/24
192.168.100.0/2
4 172.16.100.0/24
10.100.100.0/24
192.168.100.0/2
4 172.16.100.0/24
10.100.100.0/24
Virtual switches in ESXi provide support for the 802.1q VLAN
tagging standard to allow virtual machines to be seen as part of
VLANs configured on physical switches
In the example, the Red VLAN and Orange VLAN both contain
physical and VMs that operate in their own independent
broadcast domains
VLANs Virtual to Physical
VLANs Virtual to Physical
VMkernel
Physical switch port
connected to uplink
NIC is a trunk port
A virtual switch can have multiple VLANs configured by creating
multiple port groups that have been assigned VLAN IDs to
correspond to the VLAN IDs configured on the physical switches
vSwitch2, shown below, is configured with two virtual machine
port groups named RedVLAN and OrangeVLAN with respective
VLAN IDs of 100 and 101
vSwitch VLANs
This setting denies incoming traffic to a VM when the MAC
address defined in the configuration file (.VMX) does not match
the MAC address inside the guest operating system
MAC Address Changes
ethernet0.addressType = "generated"
uuid.location = "56 4d 13 99 c9 e1 d9 41-e3 e7 c0 c1 b1 a6 2f
42"
uuid.bios = "56 4d e4 66 62 74 85 7a-83 9c f9 da d5
ethernet0.generatedAddress = "00:50:56:ac:b3:5a"
ethernet0.generatedAddressOffset = "0"
Dont match. Dont ACCEPT.
This setting denies outgoing traffic from a VM when the MAC
address defined in the configuration file (.VMX) does not match
the MAC address inside the guest operating system
Forged Transmits
ethernet0.addressType = "generated"
uuid.location = "56 4d 13 99 c9 e1 d9 41-e3 e7 c0 c1 b1 a6 2f
42"
uuid.bios = "56 4d e4 66 62 74 85 7a-83 9c f9 da d5
.ethernet0.generatedAddress = "00:50:56:ac:b3:5a"
ethernet0.generatedAddressOffset = "0"
Dont match. Dont
SEND.
What We Covered
Virtual Networking
Network Adapters
vSS Functionality
Types of vSwitches
What is a VLAN?
MAC Address Changes
Forged Transmits
Using the vSphere
Distributed Virtual
Switch (dvswitch)
In This Lesson:
vSphere Distributed Switch
Private VLANs pVLANs
Networking Policies
Configuration Tasks

Creates a centralized Virtual Switch that multiple ESXi hosts can
subscribe to
Reduces networking configuration and changes
Allows you to centrally manage networking for VMs across
multiple ESXi hosts
Consistent network configuration and stats as VMs are migrated
using vMotion
dvPort groups similar to standard vSwitch port groups but on
the vDS level
Increased capabilities security, traffic control, VLAN, and more
Ability to add 3
rd
party switch Nexus 1000V
Primary
Original VLAN that can be subdivided into multiple secondary
pVLANs
Secondary
They exist only inside the primary
Each secondary pVLAN has a VLAN ID
It associates each packets with an ID that the physical
switch can use to identify the mode (Promiscuous, Isolated,
or Community)
Promiscuous
May send and receive packets to any secondary pVLAN
Typically routers are attached to promiscuous ports
Isolated
May only send and receive packets from the promiscuous
pVLAN
Community
May send andreceive packets between any secondary pVLAN
and also with the promiscuous pVLAN
pVLANs Secondary Mode Nodes
Private VLANs
VLAN (vDS only)
Allows virtual networks to join physical VLANs
Port blocking (vDS only)
Sets blocking policies on dvPorts
Load balancing
Security
Traffic shaping
Networking Policies
Create a new dvswitch
Add hosts and vmnics to dvswitch
Create a dvPort group
Migrate legacy vSwitches and VM networks to dvswitch
Migrate VMKernel virtual adapters to dvswitch
View dvswitch
Mapping
Advanced configuration
Alarms
Configuration Tasks
What We Covered
Networking Policies
Configuration Tasks
Moving Virtual Machines
with vMotion
In This Lesson:
Why You Need vMotion
vMotion Requirements
vMotioning Virtual Machines

The most incredible feature of vSphere
vMotion is used to move RUNNING virtual machines off of one
ESXi server to another ESXi server
VMs disk files stay where they are (on shared storage)

Uses for vMotion:
Balance the load on ESXi Servers (DRS)
Save power by shutting down ESXi
using DPM
Perform patching and maintenance on
an ESXi server
Update Manager
HW maintenance
vSphere Essentials Plus, Standard, Enterprise, or
Enterprise Plus
Shared storage between ESXi servers iSCSI, FC, or NFS
VMkernel interface on both ESXi servers with vMotion
enabled
Works with standard switches or dvSwitches (should keep
the same network name)
CPU compatibility, or family compatibility if using
Enhanced vMotion Compatibility (EVC) on your cluster

What We Covered

Moving Virtual Storage
with svMotion
In This Lesson:
What is svMotion?
svMotion Requirements
svMotion and Thin Provisioning
Using svMotion
Migrating VMs with Snapshots New in vSphere 5

Move the storage of RUNNING virtual machines from one
datastore to another datastore
The running VM stays on the server that it is on
The memory for that VM never moves

What is svMotion?
What is svMotion?
Uses for svMotion:
Balance the datastore utilization
Space
Performance
Perform SAN maintenance or swap
out
vSphere Enterprise or Enterprise Plus is required
Moving a powered on VM with snapshots is not supported
Note that to use the option to change both host and
datastore, the VM must be powered off
Moving a large VMDK can take a long time, depending on your
network connection

When you migrate storage you have the option to change from
Thin to thick
Thick to thin
Why would you want to change to a thick virtual disk from a
thin virtual disk?

Answer: Fault Tolerance (FT)

Using svMotion
With ESXi 5 / vSphere 5, you can now perform a svMotion on a
VM that has snapshots

Let me show you how

Migrating VMs with Snapshots- New in vSphere 5
What We Covered
What is svMotion?
Using svMotion
Migrating VMs with Snapshots New in vSphere 5

Performance
Optimization with
Distributed Resource
Scheduler (DRS)
Performance Optimization with DRS
In This Lesson:
Introduction to Distributed Resource Scheduler (DRS)
DRS Requirements
Creating a DRS Enabled Cluster
DRS/HA Cluster Settings
Understanding Resource Pools
Creating Resource Pools in Your DRS Cluster
The number of VMs grows
The utilization of those VMs grows
All this grows disproportionally
It constantly expands and contracts throughout the day, week,
or month
Over time, how are you going to balancing this constantly
fluctuating load?
Introduction to Distributed Resource Scheduler
(DRS)
Distributed resource scheduler is commonly known as DRS
It doesnt stand for dynamic resource scheduler
DRS understands the resources of the virtual infrastructure
CPU
Memory
Power
Storage
DRS ensures that a VM gets the resources it needs
DRS does not try to achieve load balancing
(DRS)
Hosts and Clusters provide the resources
The VMs consume the resources
Goals of DRS:
Prevent one VM from monopolizing all resources
Guarantee service levels
Offer most efficient use of server hardware
Make your life as a VMware admin easier
(DRS)
DRS is enabled on a cluster
Automation levels are:
Manual suggestions
Partially automated auto place on power on and suggestions
Fully automated you set the migration threshold
You can create migration rules to keep VMs together or apart
DRS can auto-place new VMs in the cluster
(DRS)
vSphere Enterprise or Enterprise Plus
Shared storage between hosts
All VMs in the cluster must be on that shared storage
DRS will use VMotion so it needs to work between hosts
Beware of CPU compatibility issues and if so, consider Enhanced
VMotion Compatibility (EVC)
Checkout the DRS tab and Resource Allocation tab on the
cluster as well as the cluster properties
DRS Requirements
Different ways to reserve resources:
Reservation reserve a certain amount of CPU or memory
Limit set an upper bound of resources to this VM
Assign shares give shares of CPU or memory resources
Shares set the priority of CPU and RAM for a VM
Set as high, normal, and low with 4:2:1 ratio
Or, you can set a custom weight
You can also set share values and IOPS per VM
These will be used with SIOC and SDRS (see other lessons
on those topics)
Additional Resources
What We Covered
Introduction to Distributed Resource Scheduler (DRS)
DRS Requirements
Creating a DRS Enabled Cluster
DRS/HA Cluster Settings
Creating Resource Pools in Your DRS Cluster
Implementing High
Availability with
VMware HA (VMHA)
Implementing High Availability with VMware HA
In This Lesson:
Why Do You Need High Availability (HA)?
VMHA Saving the Day
VMHA Master / Slave
Requirements for VMHA
Best Practices for VMHA
Quickly bring back up critical business applications in the event
of an ESXi server failure
Decrease downtime and improve availability
Examples of business critical applications:
Exchange / email
SQL server / database
Corporate file server and intranet / web

Lets say that you have an ESXi server hardware failure (bad
CPU or disconnected network cable)
Or, you could have an ESXi server software OS crash (unlikely)
VMHA powers all VMs running on that server on other servers in
the VMHA cluster and apps are up in the time it takes guest OS
to boot
VMHA monitors not only ESXi host failures but also guest OS
failures
Uniform HA protection for all VM guests and all applications, no
matter the OS or app
Smart failover to best ESXi host (requires DRS)
Supports up to 32 ESXi servers in a cluster
Enhanced isolation response

VMHA Saving the Day
1 Master host per cluster known as the Fault Domain Manager
Master (FDMS)
FDMS host is determined via an election process
FDMS host with the most mounted datastore has better election
chances
VMHA check for host failure using the management network and
via datastore heartbeat
FDMS host
Monitors the state of slave hosts
Monitors the state of all protected VMs
Manages the lists of cluster hosts and protected VMs
FDMS is vCenters management interface into the clusters
health state

VMHA Master / Slave
Shared storage for VMs running in HA cluster
All hosts should have access to all VM networks
Can use DRS with VMHA or just VMHA only
All hosts must be licensed for VMware HA
Create a VMHA enabled cluster
All hosts must have a static IP address
At least two hosts in the cluster
At least one management network, best practice says two

Keep an eye on cluster validity
Recommend you disable host monitoring as you make changes
to your network or dvSwitches
All networks and VMs on HA clusters must have compatible
networks
By default network isolation IP is the default gateway but you
can configure others
das.isolationaddressX where X can be a value between 1-10
Use network redundancy between ESXi servers
Configure redundant network paths:
ESX secondary SC port
ESXi secondary VMKernel port
Configure the restart priority for VMs based on your most critical
applications
Configure isolation response IP info
Configure VM Monitoring in HA cluster settings to have VMware
monitor the guest OS
Configure alarms to alert you on cluster changes
What We Covered
VMHA Saving the Day
VMHA Master / Slave
Super High Availability
with VMware
Fault Tolerance (FT)
In This Lesson:
Introduction to VMware Fault Tolerance (FT)
Requirements of FT
Constraints of FT
Testing to See If You Can Use FT with VMware Site Survey
Enabling VMware FT
Testing Failover with a Virtual Machine Using FT

FT provides continuous availability for a VM
Zero downtime
Takes VMHA to the next level
Works for all applications and 99% of guests operating systems
Does this by creating a live shadow copy of the running VM
then keeping them in lockstep using VMwares vLockstep
If an ESXi server fails, the shadow will take over and a new
shadow will be created in the cluster on another ESX server

Primary VM is called the Primary and the copied/lockstep VM
is the secondary
The virtual disk for the VM is on shared storage and never
moves
Continuous VMotion
CPUs on all FT ESXi servers must match and be from a
specific list of processors (see KB)
Hardware virtualization enabled in the BIOS
Recommended minimum # of 1GB NICs = 3
One NIC on each server must be enabled for FT logging
and vMotion
ESXi servers must be running same build
VMs on shared SAN, accessible by servers
Must be enabled in a HA cluster
vSphere Enterprise or Enterprise Plus
Requirements of FT
Single vCPU in each VM only (no SMP)
Requires specific hardware
Recommended minimum of 4 VMs running FT on an ESX server
Line of site between ESXi servers due to latency
Only thick disk is supported
Snapshots are not allowed (includes via VADP backup products)
Cannot invoke a svMotion on a VM with FT enabled
Linked clones are not allowed on a VM with FT enabled
Some guests not supported and some guests require shutdown
to enable
Constraints of FT
Checkout Eric Sloofs
(www.ntpro.nl) FT Checklist
Site Survey saves time by
automating this check
Run Site Survey on your cluster
to see if you can use FT
Testing to See If You Can Use FT with VMware
Site Survey
Image Thanks to www.LandSoCAL.com
Once requirements have been met, enabling FT is easy
Right-click on a VM
Go to Fault Tolerance
Click Turn On Fault Tolerance
Enabling VMware FT
What We Covered
Requirements of FT
Constraints of FT
Testing to See If You Can Use FT with VMware Site Survey
Enabling VMware FT
Testing Failover with a Virtual Machine Using FT

Upgrading from VMware
vSphere 4 to vSphere 5
In This Lesson:
Upgrade Steps
Upgrade to vCenter 5
Update Manager Upgrade
ESX/ESXi Upgrade
VM Upgrade
Verify that your ESX/ESXi servers will run vSphere 5
Verify that your licenses will upgrade to the level of vSphere
that you require
Beware of vRAM
Plan, plan, and plan some more
Review the upgrade guide which scenario are you?
Upgrade Prerequisites
1. Run vCenter Host Agent Pre-Upgrade Checker
2. Upgrade vCenter Server
3. Upgrade vSphere Client
4. Upgrade your licensing
5. Upgrade Update Manager
6. Upgrade ESX/ESXi hosts
7. Upgrade VM Tools and VM Hardware
8. Upgrade datastores to VMFS-5
Upgrade Steps
Requires VC downtime
No production down time
Database Schema will be upgraded
Upgrade to different vCenter server
Backup database
ODBC credentials
Uninstall UM and converter extensions
vSphere compatibility matrixes
Backup database
ODBC credentials
Uninstall UM client extensions
Requires host downtime
Host in Maintenance Mode
Host Upgrade Utility (GUI)
15 25 minutes for upgrade
ESX/ESXi Upgrade
Requires VM downtime
VMware Tools upgrade
VM Hardware upgrade to version 8
Automated upgrade via Update Manager
Manual upgrade
VM Upgrade
What We Covered
Upgrade Steps
ESX/ESXi Upgrade
VM Upgrade
vSphere Command Line
Interface (CLI) Options
In This Lesson:
Administering vSphere Using the CLI
Four vSphere CLI Options
Using ESXi Tech Support Mode
Using esxcfg and esxcli Commands
Getting Started with PowerCLI
Project Onyx
vCLI Basics
Installing and Using vMA

Faster (once you get used to it)
Scripting for frequent tasks or mass changes (aka automation)
Integration with other products
Because its cool
1. ESXi tech support mode /
remote TSM (SSH) formerly
known as the hidden ESXi
console
2. PowerCLI / PowerShell and
Project Onyx
3. vSphere CLI (vCLI) from
Windows
4. vSphere Management Assistant
(vMA)

www.VMware.com/go/sysadmintools

Tech support mode = ESXi console
Now supported
Remote tech support mode = remote ESXi console via SSH
Enable and connect with an SSH client
Both can be enabled on the ESXi console via DCUI or via the
vSphere client
Traditional ESXi configuration commands via TSM start with
esxcfg-*
However, esxcfg-* commands have now been depracated and
you should use esxcli instead
esxcli is all new in vSphere 5 and can do just about anything!
PowerCLI is using Microsoft PowerShell with vSphere
Download the Windows PowerCLI Installer
Gives you a command line
Download the free Quest PowerGUI
Gives you a GUI for PowerCLI as well as pre-created scripts
A free tool from VMware labs that shows you the PowerCLI
commands for the configs you perform, using the vSphere client
http://labs.vmware.com/flings/onyx
Project Onyx
vSphere CLI (vCLI) is a Windows application that gives you CLI
tools for ESXi / vSphere
It offers esxcfg and esxcli commands

Now, lets install it and Ill show you how it works
vCLI Basics
vSphere Management Assistant (vMA)
A Linux-based virtual appliance that has the vCLI already in it
vMA offers
esxcfg and esxcli command line administration for ESXi /
vSphere
fastpass authentication that allows you to authenticate
once and then perform multiple commands

Now, lets install it and Ill show you how it works

What We Covered
Project Onyx
vCLI Basics

vSphere Auto Deploy
vSphere Auto Deploy
In This Lesson:
What is Auto Deploy?
Auto Deploy Components
Auto Deploy First Boot Process
Infrastructure Requirements
Installation and Configuration Tasks
Test and Repair Rules Compliance
Auto Deploy PowerCLI
Setting Up Syslog Server
Setting Dump Collector

vSphere Auto Deploy
Auto Deploy allows you to quickly provision one or more
stateless physical hosts with ESXi. Furthermore, Auto Deploy
allows you to match certain criteria in the physical host to rule
sets and deploy the appropriate ESXi image that has all the
hardware drivers
Auto Deploy allows you to automatically add ESXi hosts to
vCenter and apply host profiles
vSphere Auto Deploy
Auto Deploy Server
Rules
Active Rule Set
Working Rule Set
Image Profiles
Default Image Profiles
Custom Image Profiles
Host Profiles
Answer Files
vSphere Auto Deploy
Stateless host PXE boots and gets an IP address from DHCP
DHCP points the host to the TFTP server via option 66
The host contacts TFTP server and downloads a gPXE
configuration file as specified in option 67
gPXE config file instructs the host to make HTTP boot request to
Auto Deploy server
Auto Deploy queries the rules engine for information about host
An Image Profile and a Host Profile is attached to the host
based on a rule set
ESXi is installed into host RAM, is added to vCenter and is
configured
vCenter maintains the Image Profile and Host Profile for each
host in its database
vSphere Auto Deploy
DHCP
Option 66: FQDN or IP address of TFTP Server
Option 67: undionly.kpxe.vmw-hardwired
Router Configuration
PXE
TFTP
vSphere Auto Deploy
Install and configure Auto Deploy
Install TFTP server
Configure DHCP
Configure DNS
Install and configure Dump Collector
Install and configure Syslog Server
vSphere Auto Deploy
vCenter 5 setup files
VMware PowerCLI
TFTP server (we are using WinAgents TFTP)
Windows Server 2008 DHCP and DNS
ESXi 5 offline bundle
A host capable of running ESXi 5
What You Are Going to Need
vSphere Auto Deploy
Make changes to a rule:
Copy-DeployRule -DeployRule Staging1 ReplaceItem Prod
Verify host accessibility:
Get-VMHost -Name esx6.wiredbraincoffee.com
Test and bind to a value:
$tr = Test-DeployRuleSetCompliance
esx6.wiredbraincoffee.com
Remediate Host:
Repair-DeployRuleSetCompliance $tr
vSphere Auto Deploy
Get-Help cmdlet_name
Get-Help cmdlet_name Detailed
Get-DeployCommand
New-DeployRule
Get-DeployRule
Copy-DeployRule
Add-DeployRule
Remove-DeployRule
Set-DeplyRule
Get-DeployRuleset
vSphere Auto Deploy
Switch-ActiveDeployRuleset
Get-VMHostMatchingRules
Test-DeployRulesetCompliance
Repair-DeployRulesetComplaince
Apply-ESXImageProfile
Get-VMImhostProfile
Repair-DeployImageCache
Get-VMHostAttributes
Get-Deploymachine Identity
Set-DeplyMachineIdentity
vSphere Auto Deploy
Esxcli:
Esxcli system syslog
Host Profiles:
Select the host and go to View | Management | Host
Profiles
For a new profile, click Create Profile, or right-click a
profile you want to modify and select Edit Profile
In the Edit Profile dialog, set up the syslog server host
profile
Select Advanced configuration option
vSphere Auto Deploy
Esxcli:
esxcli system coredump network set --interface-name vmk0
--server-ipv4 192.168.2.52 --server-port 6500
esxcli system coredump network set --enable true
esxcli system coredump network get
Host Profiles:
Under Network Configuration
Expand Network Coredump Settings and click Edit
Enter the server port and IP address and the host NIC to use
and click the check box to enable ESXi Dump Collector
Click OK to save the host profile settings
Setting Up Dump Collector
vSphere Auto Deploy
What We Covered
Setting Dump Collector

Storage DRS
Storage DRS
In This Lesson:
Storage DRS Explained
Datastore Clusters Explained
SDRS Initial Placement
SDRS Load Balancing
Datastore Maintenance with SDRS
SDRS Affinity Rules
Configuring and Using Storage DRS
Storage DRS
Today (without SDRS)
When you create a new VM, you have to manually try to find
a datastore with available space and low latency
From there, you are essentially hoping for the best storage
results for the VM
Periodically, you do your best to check to see if VMs are
receiving low latency and you try to monitor datastores for
low space
This is best effort VM to storage management
This is inefficient and it is costing all parties time and money
All this manual intervention leaves lots of room for potential
application outages and slowdowns
You are using DRS for CPU and RAM but it does nothing for
storage
Storage DRS
With the New Storage DRS
VMs (and their VMDKs) are automatically placed on the
datastore with the lowest latency and most space available
VMs are automatically balanced by being svMotioned to a
better datastore if they arent receiving the latency they
need
This will save the VMware Admin and SAN Admin lots of time
(and the company, money). SDRS saves opex.

Storage DRS
Like SDRS, datastore clusters are new in vSphere 5
Without SDRS in use, a datastore cluster is a group of
datastores
With SDRS, a datastore cluster is the unit used to load balance
VM storage across, just like a DRS cluster

Graphic Thanks
to VMware.com
Storage DRS
Initial placement on the correct datastore in the datastore
cluster happens at:
Creation time
When a clone is created
When a VM is relocated
SDRS VMDK affinity and anti-affinity rules are available

Storage DRS
SDRS is triggered based on-
High latency
Low space
Space is continuously collected and the default threshold is 80%
utilization
I/O latency is evaluated every 8 hours based on last 24 hour
trend and the default threshold is 15ms
Storage DRS does do a cost/benefit analysis
SDRS works with SIOC

SDRS Load Balancing
Storage DRS
When a datastore is put into maintenance mode, all registered
VMs VMDKs are evacuated
Templates, ISOs, and unregistered VMs remain

Storage DRS
SDRS Affinity Rules
Storage DRS
It will take at least 16 hours of I/O statistics before SDRS will
make its first recommendation based on latency, so dont expect
it to make recommendations immediately
You can create a scheduled task to modify SDRS settings
(perhaps during a backup period, to prevent unnecessary
migrations)
SDRS is available with a vSphere Enterprise Plus license only
For questions about using SDRS with your SAN features (auto-
tiering, replication, dedup, and thin provisioning), see Duncans
post-
SDRS Notes
Storage DRS
What We Covered
SDRS Load Balancing
SDRS Affinity Rules
Configuring and Using Storage DRS
Policy-driven Storage
In This Lesson:
Policy-driven Storage Explained
Storage Vendor Profiles and VASA
Configuration of Policy-driven Storage

Today, when you create a new datastore, the process of
selecting what SAN LUN it will be stored on is manual
Also, when you perform the more common task of creating a
new VM, the process of selecting what datastore they will be
stored on is manual
VMware Admins have to work with SAN Admins to perform all
these tasks
Even if you are the SAN admin, it still takes additional work
Multiple steps for vSphere and SAN Admins can be saved by
using policy-driven storage, resulting in significant time and
money (opex)
Policy-driven storage allows you to:
Define storage capabilities (ie: capacity, performance,
availability, redundancy)
Custom
Learned from SAN hardware (via VASA)
Associate storage capabilities with datastores
Create storage profiles (Gold/Silver/Bronze)
Associate a VM with a profiles
All this allows vSphere to place a VM on a datastore that
meets its needs automatically - and it allows you to report
and find if VMs are on the right storage
Policy-driven Storage is now Profile-driven Storage
Name Change Alert
Storage capabilities come from either VASA or they are user-
defined
vSphere Storage APIs Storage Awareness = VASA
VASA-capable arrays are setup as vSphere Storage Providers
VASA-capable arrays then tell vSphere:
Their capabilities
Their performance (useful for SDRS)

Note to self: find out if my storage supports VASA

1. Obtain storage capabilities
VASA (vCenter Storage Providers)
Create user-defined storage capabilities
2. Create a VM Storage Profile
3. Assign user-defined storage capabilities to datastores
4. Assign VMs a storage profile
When created
On each VMs Properties, Profiles tab
Configuring Policy-driven Storage
What We Covered
Configuration of Policy-driven Storage

Understanding the New
vSphere 5 vRAM Pooled
Pricing
In This Lesson:
Why is vSphere 5 vRAM Pooled Pricing So Important?
3 Major Changes with vSphere 5 Licensing
vRAM Pooled Pricing in Action
vSphere 5 vRAM Entitlements
Requirements to Access vRAM Pooled Pricing Reports
vSphere 5 License Validator Script
Using vSphere License Advisor
4 Ways to Reduce Your vRAM Pool Utilization
A significant change to vSphere licensing
Places a soft limit on virtual machines when a pool-wide limit is
reached (with vCenter Standard)
You will be violating your end user license agreement (EULA)
and receive a warning if you exceed the pool with vSphere
Standard, Enterprise, or Enterprise Plus
You will be violating your end user license agreement (EULA)
and will not be able to power on a VM if you exceed the pool
with vSphere Essentials and Essentials Plus (vCenter
Foundations)
This change should affect how you provision your VMs and it
may affect your cost
Why is vSphere 5 vRAM Pooled Pricing So
Important?

1. vSphere is still sold per CPU socket
2. vSphere advanced edition is gone AND vSphere CPU core
and physical RAM capacity per host restrictions are gone
3. Each vSphere edition now comes with a vRAM entitlement
that is pooled by vCenter, per version
vRAM pooled pricing is based on configured vRAM in use by
Powered On virtual machines
vSphere Hypervisor Free Edition = 32GB per server
vSphere Essentials and Essentials Plus = 32GB
vSphere Standard = 32GB
vSphere Enterprise = 64GB
vSphere Enterprise Plus = 96GB
Again, vSphere 5 is still sold on a per CPU socket license (or in a
kit) but now each edition has specific vRAM entitlements that
will be pooled, per vCenter, per version of vSphere
A new version of vSphere is available, vSphere Desktop Edition,
that is sold based on a per VDI user desktop basis.

August 3 Updates:
vRAM Entitlements were increased
Cap the amount of vRAM counted per VM at 96GB
Calculate a 12 month average of configured vRAM rather
than a high water mark

vSphere web
client (server)
must be
installed
Traditional
Windows-based
vSphere Client
must be used
Go to Home
Licensing
Reporting
(tab)
Requirements to Access vRAM Pooled Pricing
Reports
http://www.virtu-al.net/2011/07/14/vsphere-5-license-entitlements
A free tool from VMware that advises you on vSphere
license usage
Especially important if planning an upgrade from
vSphere 4 to 5
Tiny Windows install that connects to a single
vCenter server
The tool does not recognize multiple vCenter servers
in linked mode
Requires that the Java runtime engine (JRE) be
installed
Offers the ability to export data



1. Rightsize the memory on each of your virtual machines
2. Power off virtual machines that are unused
3. Understand application memory utilization and find ways to
reduce it
4. Remember that all hosts in your enterprise with vSphere
licenses count toward the pool (including VMHA hosts who
are in standby mode and even remote servers if you are using
vCenter linked mode)
Tips:
vSphere licenses are per socket and not per core
You could implement chargeback to charge the groups in your
company who use the most memory
Standardize on the same license of vSphere

What We Covered
Why is vSphere 5 vRAM Pooled Pricing So Important?
Requirements to Access vRAM Pooled Pricing Reports
Network I/O Control
(NIOC)
In This Lesson:
What is Network I/O Control?
New in vSphere 5 NIOC
Configuring Network I/O Control
Provide QoS for network traffic by type
Requires vSphere Enterprise Plus and use of vDS

Graphic Thanks to
VMware.com
New feature in vSphere 4.1
AKA NetIOC or NIOC
QoS for the virtual network
Uses shares, which you are already used to using in vSphere with
resources pools
Ensures best performance for critical vSphere infrastructure
services when there is high network utilization
NFS
iSCSI
FT
vMotion
For more information, see vSphere Network I/O Best Practices
http://www.vmware.com/resources/techresources/10119

User-defined network resource pools
Enables multi-tenancy deployment
Bridges virtual and physical infrastructure QoS by using per
resource pool 802.1p tagging
New in vSphere 5 NIOC
What We Covered
Whats New in vSphere 5 NIOC?
Storage I/O Control
(SIOC)
In This Lesson:
Why You Need Storage I/O Control (SIOC)
How SIOC Works
SIOC Requirements
Enabling SIOC in vSphere
Monitoring SIOC Performance
General consensus is that most virtualization performance issues
are caused by latency in shared storage
Storage I/O Control provides Quality of Service (QoS) to
ensure that all VMs get the storage performance the require
In summary, SIOC is necessary so that one VM doesnt slow
down another (regarding storage resources)
How SIOC Works
Graphics Thanks to VMware.com
Datastores must be managed by a single vCenter server
FC, iSCSI, and NFS are supported (RDMs are not)
Support for NFS is new in vSphere 5!
Datastores with multiple extents are not supported
vSphere 4.1 or later (vSphere 5 to use NFS)

SIOC Requirements
SIOC is enabled per datastore
Once enabled, ESXi monitors the latency of that datastore
To enable SIOC:
Go to the ESXi Server
Configuration tab
Storage
Select the Datastore
Click Properties

Set the number of shares and maximum number of IOPS per
VM
Default is Normal/1000
Unlimited IOPS
Note:
If the limit you want to set for a virtual machine is in terms of
MB per second instead of IOPS, you can convert MB per second
into IOPS based on the typical I/O size for that virtual machine.
For example, to restrict a backup application with 64KB IOs to
10 MB per second, set a limit of 160 IOPS.

To set the shares and maximums
Go to the Datastores view in the vSphere Inventory
Select the Virtual Machines tab
or
Go to the Properties of each VM
Resources tab
Monitor SIOC Latency and IOPS in the Datastore Inventory,
Performance tab

What We Covered
How SIOC Works
SIOC Requirements
Monitoring SIOC Performance
ESXi Firewall
ESXi Firewall
In This Lesson:
ESXi Firewall Defined
Configuration Files
Rule Set Add
Service Behavior
ESXI Shell Firewall Configuration
ESXi Firewall
The ESXi Firewall is a new service-oriented, stateless firewall
used to protect the management interface of ESXi
The firewall can be configured either from a GUI through the
vSphere client or via the command-line using esxcli
ESXi Firewall
Rule set configuration files
Service configuration files
Configuration Files
ESXi Firewall
Rule Set Add
Option Description
<service id='nnnn'> Numeric identifier for the service. If the configuration file contains only
one service, you do not need a service ID. Use <service></service>
<id> Usually the name of the service
<rule id='nnnn'> Numeric identifier for the rule
<direction> Port direction (inbound or outbound)
<protocol> Protocol for the port (tcp or udp)
<porttype> Type of port, destination or source (dst or src)
<port> Port number or range of ports. To enter a range, use <begin> and
<end> tags
<enabled> Status of the service when the rule set is applied (true or false)
<required> Whether the ruleset is required and cannot be disabled (true or false)
/etc/vmware/firewall/
ESXi Firewall
<ConfigRoot>
<service id='0000'>
<id>serviceName</id>
<rule id = '0000'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<porttype>dst</porttype>
<port>80</port>
</rule>
<rule id='0001'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<porttype>src</porttype>
<port>
<begin>1020</begin>
<end>1050</end>
</port>
</rule>
<enabled>true</enabled>
<required>false</required>
</service>
</ConfigRoot>
Example: Rule Set Configuration File
ESXi Firewall
Start automatically if any ports are open and stop when all ports
are closed
Start and stop with host
Start and stop manually
Service Behavior
ESXi Firewall
ESXi Shell Firewall Configuration
Command Description
esxcli network firewall get Returns the enabled or disabled status of the firewall and lists
default actions
esxcli network firewall set --defaultaction Update default actions
esxcli network firewall set enabled Enable or disable the ESXi firewall
esxcli network firewall load Load the firewall module and rule set configuration files
esxcli network firewall refresh Refresh the firewall configuration by reading the rule set files
if the firewall module is loaded
esxcli network firewall unload Destroy filters and unload the firewall module
esxcli network firewall ruleset list List rule sets information
esxcli network firewall ruleset set --allowedall Set the allowedall flag
esxcli network firewall ruleset set --enabled Enable or disable the specified rule set
esxcli network firewall ruleset allowedip list List the allowed IP addresses of the specified rule set
esxcli network firewall ruleset allowedip add Allow access to the rule set from the specified IP address or
range of IP addresses
esxcli network firewall ruleset allowedip remove Remove access to the rule set from the specified IP address
or range of IP addresses
ESXi Firewall
What We Covered
Configuration Files
Rule Set Add
Service Behavior
ESXI Shell Firewall Configuration

VMware Data Recovery
(VDR) 2
In This Lesson:
Introduction to VMware Data Recovery (VDR) 2
New VDR Features in vSphere 5
Limitations of VDR
Installing VDR
VDR Initial Configuration
Backup and Restore with Data Recovery
VDR is a VMware virtualization-specific backup and recovery
application for VMware vSphere 4 and 5
Easy to deploy as an appliance, integrates with vCenter, and
administered from vCenter
Provides backup and restore of guest Virtual Machines
Advanced features like:
De-duplication
File level restore
Incremental/differential backup
Included with vSphere Editions Essentials Plus, Standard,
Enterprise, and Enterprise Plus

Appliance and plug-in
No physical server and no COS to install
Fully integrated with vCenter
Works if VMs are on or off
Uses snapshots for anytime BU
Supports VSS for Windows BU
Uses VADP (vSphere API for Data Protection) framework

Can backup entire vSphere infrastructure in a few clicks
No agents and works on any OS
Complete management of backup and recovery through the
vSphere Client
Included with vSphere
Deduplication and compression are automatic

In vSphere 4.1, VDR 1.2 offered:
Linux file level restore
VSS in Win 2008 and Win 2008 R2 at the app level
Up to 10 appliances per vCenter (and up to 100 VMs per
appliance)
VDR log can be sent to the syslog server

In vSphere 5, VDR 2.0 offers:
Now uses Cent OS 5.5 64-bit better scalability and stability
Swap files not included in backups anymore
Integrity checks and reclaim operations can be scheduled,
resumed, and run in the background
Overall performance of backups and other operations has
been improved
Email reporting has been added

Backup datastore recommended to be no more than 1TB of
de-dup data and 2 destination total (500MB if CIFS)
8 concurrent VMDK backups
Maximum of 100 VMs can be backed up per VDR appliance
You can add another VDR appliance
Maximum of 10 VDR appliances per vCenter Server
Maximum of 1000 VMs per vCenter that can be backed-up
with VDR
Does not provide a method to get backup data onto tape or
offsite

Limitations of VDR
60 Day evaluation is available with vSphere
Or, you must be using Essentials Plus, Standard, Enterprise,
Enterprise Plus, or purchased a la carte with Essentials
Download VDR on the same page that you download vSphere
VDR is a single file in ISO format
Either burn to media, mount the ISO, or unzip the ISO to gain
access to the files inside
Deploy the VDR appliance from the OVF file
Install the VDR vSphere Client plug-in with the Windows
installer

Installing VDR
You must add a storage destination before powering up VDR
You can add a VMDK virtual disk destination or network share
A VMDK, kept with the VM, is my favorite
Once you create a VMDK destination, format and mount it
VMware recommends using a thick VMDK for performance
reasons
Powering on VDR is like powering on any VM
After initial power on, use the CLI to change the root password
Default username and password:
root
vmw@re
Once powered on and password is changed, do the following
from the web interface:
Set a static IP address (can also do using CLI)
Set the correct time zone
Reboot
Double check configurations once it comes back
To power off the VDR appliance properly, use the web interface
or CLI

Graphics Thanks to VMware.com
What We Covered
Limitations of VDR
Installing VDR
Administering vSphere
Using an iPad
In This Lesson:
Features of the vSphere Client for iPad
Requirements for the vSphere Client for iPad
Installing vCenter Mobile Access (vCMA)
Installing vSphere Client for iPad
Search for vSphere hosts and VMs
Monitor the performance of vSphere hosts and VMs
Manage virtual machines with the ability to start, stop and
suspend
View and restore virtual
machines snapshots
Reboot vSphere hosts or put
them into maintenance mode
Diagnose vSphere hosts and
virtual machines using built-in
ping and traceroute tools
Features of the vSphere Client for iPad
vSphere and vCenter already in place
vCenter Mobile Access (vCMA) virtual
appliance available from the VMware
Labs:
http://labs.vmware.com/flings/vcma
Network connection to the vCMA
Via LAN or Internet VPN
vSphere Client for iPad
Via iTunes store

Note: this is all free except your
vSphere and vCenter infrastructure

vCMA is a free virtual appliance from VMware Labs
It allows you to manage your virtual infrastructure from mobile
devices, like smartphones and iPads
Via web browser and the vSphere Client for iPad
Download the OVF file and Deploy it, through the vSphere Client
http://labs.vmware.com/flings/vcma

A free Apple iPad client for
administering vSphere
Requires local LAN access or VPN
access to the vCMA
Just like any iPad app, downloaded
through iTunes and installed on the
iPad
Search in iTunes for vSphere
Client or go to-
http://itunes.apple.com/us/app/vm
ware-vsphere-client-
for/id417323354?mt=8&ls=1
To connect:
Get the IP address (or DNS name) of the vCMA VM
Enter that IP address (or DNS name) in the Settings on the
iPad, for the vCMA, when you first launch the client
Connect to the vSphere infrastructure using the vSphere Client
for iPad by entering your vCenter server name, username, and
password
Youre ready!

What We Covered
Benefits of the vSphere Client for iPad

Trainsignal Vmware

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Trainsignal Vmware

Uploaded by

Copyright:

Available Formats

VMware vSphere 5

You might also like