Tag Archives: VCAP5-DCA

Friday Shorts – Certs, Tools, Loads, VVOLs and #SFD7

It’s been quite a long time since my last “Friday Shorts” installment and the links are certainly piling up!  So, without further ado here’s a few tidbits of information that I shared over the last little while…

A little bit of certification news!

VMware LogoVMware education and certification has certainly taken it’s fair share of backlash in the last few months, and honestly it’s rightly deserved!  People don’t like when they invest in a certification, both in money and time, just to have an expiry date placed on all their efforts!  Either way, that’s old news and nothing is changing there.  What I was most concerned about was whether or not I would be able to skip my upgrade of my VCP and just take a VCAP exam instead, which would in turn re-up my VCP.  Then the announcement of no more VCAP was made – which through those questions of mine for a loop – but now, after this announcement it appears that their will be an upgrade/migration path for those current VCAP holders to work towards the newly minted VCIX.  Have a read and figure out where you fit in and start planning.   I already hold a VCAP5-DCA so by taking the design portion of the VCIX I would be able to earn my VCIX certification in full – sounds good to me!  Now we just need the flipping exams blueprints to come out so we all can get to studying! 🙂

New version of RVTools!

rvtoolsYup, the most famous peice of “nice to haveware” has an updated version.  I’ve used RVTools for quite some time now – as an administrator any piece of free software that I can get to help me with my job is gold!  RVTools saves me a ton of time when gathering information as it pertains to my virtual environment and my VMs.  If you haven’t used it definitely check it out – if you have, upgrade – you can see all of the new changes and download here!!

KEMP giving away LoadMaster!

kempKeeping on the topic of free tools let’s talk about KEMP for a moment!  They are now offering their flagship KEMP LoadMaster with a free tier!  If you need any load balancing done at all I would definitely check this out!  Now, there is going to be some limitations right, nothing in this world is completely free 🙂  Certainly it’s only community supported and you can only balance up to a maximum of 20 MB/s – but hey, may be a great solution for your lab!  Eric Shanks has a great introduction to how to get it up and going on his blog so if you need a hand check it out!  I’ve also done up a quick review a few months back on load balancing your LogInsight installation with KEMP.  Anyways, if you are interested in checking it go and get yourself a copy!

You got your snapshot in my VVOL!

As my mind wanders during the tail end of the NHL season I often find my mind racing about different things during the commercial breaks of Habs games – this time I said to myself, self, do snapshots work the same when utilizing the new VVOL technology.  Then myself replied and it said, hey self, you know who would know this answer, Cormac Hogan.  A quick look at his blog and low and behold there it was, a post in regards to shapshots and VVOLs.  If you have some time check it out – Cormac has  a great  way of laying things out in quick and easy to follow blog posts and this on is no exception.  In fact, before the first place team in the eastern conference returned from the tv timeout I had a complete understanding of it – now, back to our regularly scheduled programming.

 #SFD7 – Did you see it?

SFD-Logo2-150x150It appears that most if not all the videos from Storage Field Day 7 have been uploaded from the Silicon Valley internets into the wide world of YouTube!  There was a great list of delegates, vendors and presenters there so I would definitely recommend you check them out!  There were crazy hard drive watches, fire alarms, and best of all, a ton of great tech being talked about!  IMO the show could of done with just a few more memes though 🙂  With that said you can find all their is to know about Storage Field Day 7 over at GestaltIT’s landing page!

My VCAP5-DCA Experience

Everyone does it right?  Spew out what they thought after writing the VCAP5-DCA exam.  Well, here I am again, being a follower :).

On December 19th, 2013 I made the 2.5 hour drive to Ottawa, Ontario to sit the VCAP5-DCA.  Honestly, the drive wasn't that bad!  We got a break in the snowfall and ice storm for a few days so I guess I scheduled it at the right time of year.  The only complaint I have is that I only passed a couple of Tim Horton's along the way, so the coffee intake was not the greatest – which is probably a saving grace in then end since there are no scheduled breaks during the exam to go to the bathroom.

I arrived at the Exam Centre roughly 45 minutes before my exam started.  I sat down in the food court of the building where the exam center was located, masked one more LUN and made my way up the elevator to sit my exam.  I walked into the Pearson testing Centre 30 minutes before my exam was scheduled to start, hoping to maybe get an early start.  That said, they cannot technically sit anyone any closer than 15 minutes from their start time, so I sat in a chair quietly staring at the floor for 15 minutes.

Ok, on to the exam itself.  Like everyone else has said the exam is fair.  Not once did I see it stray from the blueprint – which would be hard to do since the blueprint pretty much covers everything!  As far as the questions go all I can say is read them slowly.  I actually missed one task on the first question that I caught when I was reviewing a few things.  

I basically started at question 1 and worked my way straight through to the end.  Any question that I didn't finish or that I didn't feel like doing at that time I skipped and wrote down on my little magic erase board.  Let me tell you, when I got to question 26 I was a little worried as I had about 10 numbers written down on that board 🙂  From there, I used the remaining time to go back through the questions and knock off the ones I skipped intentionally.  When they were done, I went on to the questions that I didn't quite understand that well and began working on them.  That's when my time ran out!!!  

Yes, time once again took it's toll on a VCAP test taker!  The 3.5 hours that they give you felt like 10 minutes to me.  I was working so hard and fast that I couldn't believe my eyes when the 5 minute warning came up.

As far as latency goes I only had one period of about 5 minutes where things were very slow to respond.  It didn't really play a factor in my not finishing the exam.  There were some other anomalies with my exam but I'll leave them to VMware's education support to look at!

I walked out of the room with an eery feeling – I knew I did well on most of the questions I finished, but I did leave a lot on the table.  I figured it could go either way!  And then, on January 3rd (which I thought was an impressive turn around for the holiday season) I got the email stating that I had passed with a score of 396!  Needless to say I was stoked!

So, as for tips there is nothing new that I can write down that isn't already written in the many VCAP experiences that are out there.  I'll outline a few that I thought were the most useful

  • Do the stuff that you know how to do first.  If you need to skip a question just scribble down the number and move on.  Time is of the essence, so don't sit around thinking about one given task too long.  Get done what you can!
  • Use the Adobe advanced find for the documents.  This will allow you to search all the documents at once!  Great time saver if you are looking for an advanced setting and you aren't sure what piece of documentation it is in.
  • Use the vSphere Client located on your FIRST screen!  DO NOT try and RDP into vCenter and use the client there – I did this for one question and it is deadly slow.
  • If you need to use a putty window and/or an RDP window just use it and leave it open.  Don't close it, you will just waste time trying to re-open it later.
  • Ugh, try and remember the administrator/root password.  They are all the same but given it's a new password it can be hard to type in multiple times!
  • The best tip I can give you is to know your stuff.  The more you know the easier this exam is.  The more you have done these things in a lab or in your day job it gets even easier.  You can use my 8 weeks of VCAP page (Big thanks to Tom Verhaeg for his help) to brush up on what I have done in the last 8 weeks.  The holy grail for the blueprint however, has to be Josh Coen and Jason Langers Unofficial VCAP5-DCA Study Guide!  Get it and print it and practice it!

That's about it for me with this one!  What's next?  Maybe DCD, but certainly a little family / down time is next in line!

8 weeks of #VCAP – The rest of Section 2 – Port Binding, CLI, and DPIO

Section 2 of the blueprint is a pretty big one, and some of the pieces warranted their own post – however there are a lot of small little skills that don’t really require a complete tutorial so I thought I would just slam them all in here!

Determine use cases for and apply Port Binding settings

vSphere offers three types of port binding in their vSwitch settings (Distributed Virtual Switch only)– all of which are explained below

  • Static – the port will be assigned immediately on connection to the vSwitch.  The VM will stay connected to this port even when it’s powered off.  The only way to free up the port is to explicitly remove the NIC from the VM.  Static Ports are managed through vCenter Server
  • Dynamic – Port is connected when the VM is powered on and then disconnected when the VM is powered off.  Dynamic ports are managed through vCenter Server.  This method has been depreciated in vSphere 5.x
  • Ephemeral – Both static and dynamic port binding has a set number of ports, in ephemeral, the ports are actually created and destroyed on the VM power on/power off event therefore requiring a bit more overhead.  That said, these are managed by the host, therefore, networking can still be connected/disconnected in the event that vCenter Server is unavailable.

Choosing a port binding method is pretty easy – Right click on your port group, chose edit settings and it should be front and centre in the General section.

Image 1

As far as use-cases go, really ephemeral only needs to be used in recovery purposes since they are a bit more demanding in terms of overhead.  Also, ephemeral does not maintain port-level permissions and controls when a VM is rebooted, since the port will be destroyed and recreated.  For the most part it’s best to use Static port binding – and since 5.0 offers an auto expand feature to dynamically grow the number of ports by a specified interval, you shouldn’t have to worry about running out of ports.

Command Line goodness

The networking section references the ability to use command line tools to manage both standard and distributed virtual switches.  Obviously I can’t go over every command and every switch.  Just be sure to know how to use esxcfg-vswitch, esxcfg-vmknic, esxcfg-route, the networking namespaces in esxcli, as well as some of the PowerCLI cmdlets around networking (Get-VirtualSwitch, Get-NetworkAdapter, Get-VMHostNetwork, etc).

Hint – for the PowerShell command line stuff you can quickly find the PowerCLI commands associated with networking (or anything for the matter) by utilizing the Get-VICommand cmdlet and passing a search string.  IE, to return all cmdlets containing ‘net’ you can use the following

Get-VICommand –Name *Net*

Determine use cases for and applying VMware DirectPath I/O

I’ve never used DPIO – that said, there it is on the blueprint so I’d better figure it out.  As for use cases, honestly I haven’t seen many.  For the most part utilizing the virtualized hardware seems to perform well enough, but if you need the tiny bit performance improvement it claims to provide there are a couple of steps to get it running.

First up we need to configure pass-through on the host itself.  This is done on the Configuration tab under ‘Advanced Settings’.  Simply select ‘Configure Pass-through’ and select the device you want to present to a VM.

dpio1

Once you are done this you will need to restart the host in order to complete the next step, so go ahead and do that.

As for presenting the pass-through device to the VM this is done just as you would do any other piece of hardware (In ‘Edit Settings’ of a VM).  Simply select PCI Device as your hardware and follow the wizard.  You should see your device that you had setup for pass-through earlier in the dropdown box as shown below.

dpio2

From here you will need to ensure that your guest OS has the correct drivers in order to install this hardware as it is presented directly to the VM.  Aside from creating a memory reservation on your VM there are also a ton of features that are unavailable when you utilize DPIO.  Things such as vMotion, HA, DRS, Snapshots, Hot add, Fault tolerance are all not supported – probably why there is such low adoption.

And I think that should just about wrap up networking.  There is some teaming information mentioned, but honestly I find this to be VCP level knowledge and I’m just going to assume you already know it 🙂  Good Luck!

8 weeks of #VCAP – CDP and LLDP

Well, 8 weeks of VCAP has dwindled down into a serious 8 days of VCAP – and for now, how about a little bit of random information from the Networking section of the blueprint.

First up, CDP and LLDP

These are relatively easy to configure, however there are a few different modes that they can be run in, therefore I thought it would be best if I write them down in hopes that maybe I’ll remember them if any scenarios require me to configure them.

Basically the functionality of the two protocols is identical – they both provide discovery of ports connected to a virtual switch.  CDP however supports just Cisco physical switches whereas LLDP supports any switch supporting LLDP.  Another note, CDP can be enabled on both vSphere Standard Switches and vSphere Distributed Switches – LLDP – dvSwitch only!

So let’s have a look at the dvSwitch config first.  Like I mentioned earlier it’s pretty simple. From the properties tab of a vSphere Distributed Switch select ‘Advanced’.  From here its as simple as setting the status to Enabled, the type to either CDP or LLDP, and the Operation mode (explained below).

  • Listen – ESXi detects and displays information from the associated physical switch port, but all information in regards to the virtual switch is not available to the physical switch.
  • Advertise – ESXi presents information in regards to the virtual switch available to the physical switch, but doesn’t detect any information in regards to the physical switch port
  • Both – Does both advertise and listen.

dvswitch

Now that we are enabled we can view what information we receive inside of the Networking section of a hosts configuration tab.  To do so, simply expand out your physical uplinks and click the information icon (shown below).

lldp 

And that’s all there is for that – with the distributed switch anyways.  To get CDP working on a standard switch we are once again back into the command line interface.  Probably good to brush up on these commands anyways since its also mentioned in the blueprint.  So, Let’s say we wanted to configure CDP on a vSphere Standard Switch called vSwitch0 to a value of Both.  We could use the following command

esxcli network vswitch standard set –v vSwitch0 –c both

And that’s all there is to that – valid options for –c would be both, listen, advertise or down.  To view we could use the same process as above.

8 weeks of #VCAP – Syslog scenario by @tomverhaeg

Company policies state that every syslog capable device or server should send these logs to an appropriate syslog collector. Your colleague has already set up the VMware syslog collector on a separate machine, located at 10.10.20.45. You have been tasked with setting up the syslog clients on the ESXi hosts, and ensuring that syslogs arrive on the syslog server.

To configure the syslog collector on the ESXi hosts, we will be using the esxcli system syslog namespace. This allows us to set different options regarding the local and remote (which is what we want) syslog.

Let’s review the default config first by using the following command:

~ # esxcli system syslog config get

Default Rotation Size: 1024

Default Rotations: 8

Log Output: /scratch/log

Log To Unique Subdirectory: false

Remote Host: <none>

We see that no remote syslog is being used. Let’s configure one, using this command:

~ # esxcli system syslog config set –loghost=10.10.20.45

Now that we have configure a remote loghost, we need to reload the syslog daemon to apply the configuration changes. Esxcli can help us once again:

~ # esxcli system syslog reload

You might think that we’re ready now, but when we check our syslog, we don’t see syslog yet. Bummer! For this problem, I’ll reference to the ESXi firewall post (http://blog.mwpreston.net/2013/11/19/8-weeks-of-vcap-the-esxi-firewall/) as with the default security level, this outgoing traffic will be dropped. We need to enable the firewall rule for syslog (udp/514, tcp/1514).

~ # esxcli network firewall ruleset set -r syslog -e true

And reload our changes:

~ # esxcli network firewall refresh

And now, we see our host logs coming in. The VMware syslog collector stores it logs by default in C:\ProgramData\VMware\VMware Syslog Collector\Data

clip_image002

8 weeks of #VCAP – Fault Tolerance by @tomverhaeg

You might know VMware Fault Tolerance already, since the VCAP exam builds on the VCP knowledge. But still, it is in the blueprint, so it might be wise to go over it.

Fault Tolerance, often abbreviated as FT is a technique in which a shadow VM of a running VM is kept in lockstep with the primary. This basically means that all memory and CPU calculations on the primary VM also will be executed on the secondary VM.

In case of a host failover, a VM with fault tolerance enabled can switch over from the primary to the second VM in a matter of seconds, taking right over where the primary stopped. This allows for a better uptime of that VM and avoids the VM restart that HA would do.

There are a few host requirements for running FT:
-> You need to have a cluster where HA is enabled

-> All hosts needs to access the same (shared) datastores

-> There needs to be physical processor support

-> VMkernel ports need to be configured for vMotion and FT logging

There are also some VM requirements for running FT:

-> The VM can only have one (1) vCPU, so no vSMP

-> The VM disks need to be eager zeroed thick provisioned

-> No non re-playable devices (CD ROM, USB devices etc).

-> No snapshots

Configuring the VMkernel port for FT logging

Conform VMware best practices for FT, it it wise to use a dedicated NIC for FT logging (preferably even 10 gigabit), but configuring FT logging is as easy as selecting a checkbox on a VMkernel port:

clip_image002

Enabling FT on a VM

Enabling FT is rather simple, right-click the VM -> Fault Tolerance -> Turn on Fault Tolerance. You might get a popup saying that a reservation (memory) will be created for the full memory allocation of this VM, and that the disk will be eager zeroed out.

clip_image004

After it walks through the process of enabling fault tolerance, you get a nice blue icon in your inventory:

clip_image006

After powering on the FT VM, on the summary page, you also see some info about the FT status:

clip_image008

Testing VMware FT

Now that we have a running FT VM, we might as well test it. We have 2 options for testing it:

Test failover – The primary VM does a failover to the primary VM, and then spawns up a new secondary VM.

Test restart secondary – The secondary VM is re-spawned and the FT configuration is protected again.

clip_image010

After doing a failover of the primary VM, a new secondary VM will be spawned, so the status after doing the failover might be like this:

clip_image012

Troubleshooting VMware FT

So, all is happy, but since we’re doing the VCAP exam, we might expect some troubleshooting.

On the summary page of the host, you can see if the host is configured and ready for FT. If it isn’t, the reason why will also be mentioned:

clip_image013

In the image above, there isn’t a VMkernel port configured for FT logging. So go into your networking and check that FT logging box.

Also, when the VM mentions something like this, the secondary VM is not running, so do a restart or migrate secondary:

clip_image014