Tag Archives: 8 weeks of VCAP

My VCAP5-DCA Experience

Everyone does it right?  Spew out what they thought after writing the VCAP5-DCA exam.  Well, here I am again, being a follower :).

On December 19th, 2013 I made the 2.5 hour drive to Ottawa, Ontario to sit the VCAP5-DCA.  Honestly, the drive wasn't that bad!  We got a break in the snowfall and ice storm for a few days so I guess I scheduled it at the right time of year.  The only complaint I have is that I only passed a couple of Tim Horton's along the way, so the coffee intake was not the greatest – which is probably a saving grace in then end since there are no scheduled breaks during the exam to go to the bathroom.

I arrived at the Exam Centre roughly 45 minutes before my exam started.  I sat down in the food court of the building where the exam center was located, masked one more LUN and made my way up the elevator to sit my exam.  I walked into the Pearson testing Centre 30 minutes before my exam was scheduled to start, hoping to maybe get an early start.  That said, they cannot technically sit anyone any closer than 15 minutes from their start time, so I sat in a chair quietly staring at the floor for 15 minutes.

Ok, on to the exam itself.  Like everyone else has said the exam is fair.  Not once did I see it stray from the blueprint – which would be hard to do since the blueprint pretty much covers everything!  As far as the questions go all I can say is read them slowly.  I actually missed one task on the first question that I caught when I was reviewing a few things.  

I basically started at question 1 and worked my way straight through to the end.  Any question that I didn't finish or that I didn't feel like doing at that time I skipped and wrote down on my little magic erase board.  Let me tell you, when I got to question 26 I was a little worried as I had about 10 numbers written down on that board πŸ™‚  From there, I used the remaining time to go back through the questions and knock off the ones I skipped intentionally.  When they were done, I went on to the questions that I didn't quite understand that well and began working on them.  That's when my time ran out!!!  

Yes, time once again took it's toll on a VCAP test taker!  The 3.5 hours that they give you felt like 10 minutes to me.  I was working so hard and fast that I couldn't believe my eyes when the 5 minute warning came up.

As far as latency goes I only had one period of about 5 minutes where things were very slow to respond.  It didn't really play a factor in my not finishing the exam.  There were some other anomalies with my exam but I'll leave them to VMware's education support to look at!

I walked out of the room with an eery feeling – I knew I did well on most of the questions I finished, but I did leave a lot on the table.  I figured it could go either way!  And then, on January 3rd (which I thought was an impressive turn around for the holiday season) I got the email stating that I had passed with a score of 396!  Needless to say I was stoked!

So, as for tips there is nothing new that I can write down that isn't already written in the many VCAP experiences that are out there.  I'll outline a few that I thought were the most useful

  • Do the stuff that you know how to do first.  If you need to skip a question just scribble down the number and move on.  Time is of the essence, so don't sit around thinking about one given task too long.  Get done what you can!
  • Use the Adobe advanced find for the documents.  This will allow you to search all the documents at once!  Great time saver if you are looking for an advanced setting and you aren't sure what piece of documentation it is in.
  • Use the vSphere Client located on your FIRST screen!  DO NOT try and RDP into vCenter and use the client there – I did this for one question and it is deadly slow.
  • If you need to use a putty window and/or an RDP window just use it and leave it open.  Don't close it, you will just waste time trying to re-open it later.
  • Ugh, try and remember the administrator/root password.  They are all the same but given it's a new password it can be hard to type in multiple times!
  • The best tip I can give you is to know your stuff.  The more you know the easier this exam is.  The more you have done these things in a lab or in your day job it gets even easier.  You can use my 8 weeks of VCAP page (Big thanks to Tom Verhaeg for his help) to brush up on what I have done in the last 8 weeks.  The holy grail for the blueprint however, has to be Josh Coen and Jason Langers Unofficial VCAP5-DCA Study Guide!  Get it and print it and practice it!

That's about it for me with this one!  What's next?  Maybe DCD, but certainly a little family / down time is next in line!

8 weeks of #VCAP – The rest of Section 2 – Port Binding, CLI, and DPIO

Section 2 of the blueprint is a pretty big one, and some of the pieces warranted their own post – however there are a lot of small little skills that don’t really require a complete tutorial so I thought I would just slam them all in here!

Determine use cases for and apply Port Binding settings

vSphere offers three types of port binding in their vSwitch settings (Distributed Virtual Switch only)– all of which are explained below

  • Static – the port will be assigned immediately on connection to the vSwitch.  The VM will stay connected to this port even when it’s powered off.  The only way to free up the port is to explicitly remove the NIC from the VM.  Static Ports are managed through vCenter Server
  • Dynamic – Port is connected when the VM is powered on and then disconnected when the VM is powered off.  Dynamic ports are managed through vCenter Server.  This method has been depreciated in vSphere 5.x
  • Ephemeral – Both static and dynamic port binding has a set number of ports, in ephemeral, the ports are actually created and destroyed on the VM power on/power off event therefore requiring a bit more overhead.  That said, these are managed by the host, therefore, networking can still be connected/disconnected in the event that vCenter Server is unavailable.

Choosing a port binding method is pretty easy – Right click on your port group, chose edit settings and it should be front and centre in the General section.

Image 1

As far as use-cases go, really ephemeral only needs to be used in recovery purposes since they are a bit more demanding in terms of overhead.  Also, ephemeral does not maintain port-level permissions and controls when a VM is rebooted, since the port will be destroyed and recreated.  For the most part it’s best to use Static port binding – and since 5.0 offers an auto expand feature to dynamically grow the number of ports by a specified interval, you shouldn’t have to worry about running out of ports.

Command Line goodness

The networking section references the ability to use command line tools to manage both standard and distributed virtual switches.  Obviously I can’t go over every command and every switch.  Just be sure to know how to use esxcfg-vswitch, esxcfg-vmknic, esxcfg-route, the networking namespaces in esxcli, as well as some of the PowerCLI cmdlets around networking (Get-VirtualSwitch, Get-NetworkAdapter, Get-VMHostNetwork, etc).

Hint – for the PowerShell command line stuff you can quickly find the PowerCLI commands associated with networking (or anything for the matter) by utilizing the Get-VICommand cmdlet and passing a search string.  IE, to return all cmdlets containing ‘net’ you can use the following

Get-VICommand –Name *Net*

Determine use cases for and applying VMware DirectPath I/O

I’ve never used DPIO – that said, there it is on the blueprint so I’d better figure it out.  As for use cases, honestly I haven’t seen many.  For the most part utilizing the virtualized hardware seems to perform well enough, but if you need the tiny bit performance improvement it claims to provide there are a couple of steps to get it running.

First up we need to configure pass-through on the host itself.  This is done on the Configuration tab under ‘Advanced Settings’.  Simply select ‘Configure Pass-through’ and select the device you want to present to a VM.

dpio1

Once you are done this you will need to restart the host in order to complete the next step, so go ahead and do that.

As for presenting the pass-through device to the VM this is done just as you would do any other piece of hardware (In ‘Edit Settings’ of a VM).  Simply select PCI Device as your hardware and follow the wizard.  You should see your device that you had setup for pass-through earlier in the dropdown box as shown below.

dpio2

From here you will need to ensure that your guest OS has the correct drivers in order to install this hardware as it is presented directly to the VM.  Aside from creating a memory reservation on your VM there are also a ton of features that are unavailable when you utilize DPIO.  Things such as vMotion, HA, DRS, Snapshots, Hot add, Fault tolerance are all not supported – probably why there is such low adoption.

And I think that should just about wrap up networking.  There is some teaming information mentioned, but honestly I find this to be VCP level knowledge and I’m just going to assume you already know it πŸ™‚  Good Luck!

8 weeks of #VCAP – CDP and LLDP

Well, 8 weeks of VCAP has dwindled down into a serious 8 days of VCAP – and for now, how about a little bit of random information from the Networking section of the blueprint.

First up, CDP and LLDP

These are relatively easy to configure, however there are a few different modes that they can be run in, therefore I thought it would be best if I write them down in hopes that maybe I’ll remember them if any scenarios require me to configure them.

Basically the functionality of the two protocols is identical – they both provide discovery of ports connected to a virtual switch.  CDP however supports just Cisco physical switches whereas LLDP supports any switch supporting LLDP.  Another note, CDP can be enabled on both vSphere Standard Switches and vSphere Distributed Switches – LLDP – dvSwitch only!

So let’s have a look at the dvSwitch config first.  Like I mentioned earlier it’s pretty simple. From the properties tab of a vSphere Distributed Switch select ‘Advanced’.  From here its as simple as setting the status to Enabled, the type to either CDP or LLDP, and the Operation mode (explained below).

  • Listen – ESXi detects and displays information from the associated physical switch port, but all information in regards to the virtual switch is not available to the physical switch.
  • Advertise – ESXi presents information in regards to the virtual switch available to the physical switch, but doesn’t detect any information in regards to the physical switch port
  • Both – Does both advertise and listen.

dvswitch

Now that we are enabled we can view what information we receive inside of the Networking section of a hosts configuration tab.  To do so, simply expand out your physical uplinks and click the information icon (shown below).

lldp 

And that’s all there is for that – with the distributed switch anyways.  To get CDP working on a standard switch we are once again back into the command line interface.  Probably good to brush up on these commands anyways since its also mentioned in the blueprint.  So, Let’s say we wanted to configure CDP on a vSphere Standard Switch called vSwitch0 to a value of Both.  We could use the following command

esxcli network vswitch standard set –v vSwitch0 –c both

And that’s all there is to that – valid options for –c would be both, listen, advertise or down.  To view we could use the same process as above.

8 weeks of #VCAP – Syslog scenario by @tomverhaeg

Company policies state that every syslog capable device or server should send these logs to an appropriate syslog collector. Your colleague has already set up the VMware syslog collector on a separate machine, located at 10.10.20.45. You have been tasked with setting up the syslog clients on the ESXi hosts, and ensuring that syslogs arrive on the syslog server.

To configure the syslog collector on the ESXi hosts, we will be using the esxcli system syslog namespace. This allows us to set different options regarding the local and remote (which is what we want) syslog.

Let’s review the default config first by using the following command:

~ # esxcli system syslog config get

Default Rotation Size: 1024

Default Rotations: 8

Log Output: /scratch/log

Log To Unique Subdirectory: false

Remote Host: <none>

We see that no remote syslog is being used. Let’s configure one, using this command:

~ # esxcli system syslog config set –loghost=10.10.20.45

Now that we have configure a remote loghost, we need to reload the syslog daemon to apply the configuration changes. Esxcli can help us once again:

~ # esxcli system syslog reload

You might think that we’re ready now, but when we check our syslog, we don’t see syslog yet. Bummer! For this problem, I’ll reference to the ESXi firewall post (http://blog.mwpreston.net/2013/11/19/8-weeks-of-vcap-the-esxi-firewall/) as with the default security level, this outgoing traffic will be dropped. We need to enable the firewall rule for syslog (udp/514, tcp/1514).

~ # esxcli network firewall ruleset set -r syslog -e true

And reload our changes:

~ # esxcli network firewall refresh

And now, we see our host logs coming in. The VMware syslog collector stores it logs by default in C:\ProgramData\VMware\VMware Syslog Collector\Data

clip_image002

8 weeks of #VCAP – Fault Tolerance by @tomverhaeg

You might know VMware Fault Tolerance already, since the VCAP exam builds on the VCP knowledge. But still, it is in the blueprint, so it might be wise to go over it.

Fault Tolerance, often abbreviated as FT is a technique in which a shadow VM of a running VM is kept in lockstep with the primary. This basically means that all memory and CPU calculations on the primary VM also will be executed on the secondary VM.

In case of a host failover, a VM with fault tolerance enabled can switch over from the primary to the second VM in a matter of seconds, taking right over where the primary stopped. This allows for a better uptime of that VM and avoids the VM restart that HA would do.

There are a few host requirements for running FT:
-> You need to have a cluster where HA is enabled

-> All hosts needs to access the same (shared) datastores

-> There needs to be physical processor support

-> VMkernel ports need to be configured for vMotion and FT logging

There are also some VM requirements for running FT:

-> The VM can only have one (1) vCPU, so no vSMP

-> The VM disks need to be eager zeroed thick provisioned

-> No non re-playable devices (CD ROM, USB devices etc).

-> No snapshots

Configuring the VMkernel port for FT logging

Conform VMware best practices for FT, it it wise to use a dedicated NIC for FT logging (preferably even 10 gigabit), but configuring FT logging is as easy as selecting a checkbox on a VMkernel port:

clip_image002

Enabling FT on a VM

Enabling FT is rather simple, right-click the VM -> Fault Tolerance -> Turn on Fault Tolerance. You might get a popup saying that a reservation (memory) will be created for the full memory allocation of this VM, and that the disk will be eager zeroed out.

clip_image004

After it walks through the process of enabling fault tolerance, you get a nice blue icon in your inventory:

clip_image006

After powering on the FT VM, on the summary page, you also see some info about the FT status:

clip_image008

Testing VMware FT

Now that we have a running FT VM, we might as well test it. We have 2 options for testing it:

Test failover – The primary VM does a failover to the primary VM, and then spawns up a new secondary VM.

Test restart secondary – The secondary VM is re-spawned and the FT configuration is protected again.

clip_image010

After doing a failover of the primary VM, a new secondary VM will be spawned, so the status after doing the failover might be like this:

clip_image012

Troubleshooting VMware FT

So, all is happy, but since we’re doing the VCAP exam, we might expect some troubleshooting.

On the summary page of the host, you can see if the host is configured and ready for FT. If it isn’t, the reason why will also be mentioned:

clip_image013

In the image above, there isn’t a VMkernel port configured for FT logging. So go into your networking and check that FT logging box.

Also, when the VM mentions something like this, the secondary VM is not running, so do a restart or migrate secondary:

clip_image014

8 weeks of #VCAP – Host Cache Scenario by @tomverhaeg

Big thanks to Tom Verhaeg ( BLOG / TWITTER ) for another awesome practice scenario for the VCAP5-DCA

You recently acquired some SSD drives for in your hosts. You’re not running vSphere 5.5 yet so vFRC is not an option. You read something about swap to host cache, and you think it might be wise to configure your SSD drive for usage as host cache.

Well, the process of configuring this isn’t that hard. The swap to host cache will be used as a last resort and a replacement of swapping to “disk”. Remember that vSphere has 4 main memory management techniques:

1) Transparent page sharing: Eliminates redundant copies of memory pages by removing them from memory and creating a reference instead.

2) Memory ballooning: In times of contention, the balloon driver (comes with VMware Tools) will ask the guest OS for unused memory and returns this back to vSphere

3) Memory compression: After ballooning runs out, try compressing the memory (basically gzipping it).

4) Swap to disk / host cache: Swap memory to a disk of some sort.

So, the swapping itself comes last in a process of memory management. While it’s still not wanted, swapping to an SSD is still better than to storage or slow local storage.

You configure this by offering up a (portion of a) n SSD tagged datastore as host cache. Go to Configuration -> Host cache configuration

clip_image002

All devices that are being recognized as SSD drive will show up here. You can right click the datastores and set the amount of disk space that you are willing to spend on host cache. If you haven’t formatted a datastore yet, but do have an SSD in place, you can use the Add storage wizard mentioned above.

clip_image003

Once you’ve configured this, you can browse the datastore which you have (partially) allocated to Host cache. On your datastore, you will find a hashed folder, and in that folder a folder named hostCache.

Something like this: 5241d252-0687-cf96-f89a-10ddb1eabcf5/hostCache

In this folder, you will find as much .vswp files as the total number of GB’s that you have allocated to host cache.

Hurray!