New Release VMware NSX Books – Free Download

Following on from last years Free NSX books that were given away at VMworld 2017 and also available for download, there have been another 2 new releases that are now available for download.

VMware NSCross-vCenter NSX DesignX® Multi-site Solutions and Humair Ahmed with contributions from Yannick Meillier

Screen Shot 2018-08-03 at 11.15.02 pm

Screen Shot 2018-08-03 at 11.14.06 pm

With over 300 pages between the two books full of great content, they are two books well worth having in your collection.

Zerto – Not Just Short Term DR Retention Anymore

Last week I had the opportunity to participate in a session with Zerto at their global headquarters in Boston, MA. as part of Storage Field Day 16. This was a session I was really looking forward to after having been a partner for ~3 years and someone who really likes the technology.

The session started with the companies Chief Marketing Officer, Gil Levonai going over the core details of how the company has grown and how their block based Continuous Data Protection technology has evolved over the years.
Zerto Virtual Replication (ZVR) disaster recovery product that uses block based replication allowing it to be hardware agnostic. This means you can use any underlying storage vendor between sites. Zerto is building out their cloud portfolio to allow replication across multiple hypervisors and public cloud companies from vSphere and Hyper-V, through to AWS and Azure, and beyond. There are two main components that are required at both sites for the replication to work, the Zerto Virtual Manager (ZVM) and the Zerto Virtual Replication Appliance (ZVRA). The ZVM is a Windows VM that connects to vCenter/Hyper-V Manager to run the management WebGUI and present and coordinate the VMs and Virtual Protection Groups (VPGs) between sites. The ZVRAs are loaded on to each hypervisor as an appliance and is used to replicate the blocks across sites while compressing the data. One storage platform they do no support currently is VVOLs, however, they are a company that will develop for the technology as there is demand.
You can set your target RPO to a mere 10 seconds and retain your recoverable data in the short-term journal from 1 hour up to 30 days – meaning you can restore data from a specific time rather than when the backup was last run..
The VPGs are groups of VMs you want to be part of a failover group. This is where you can create a group for say a 3 tier app where you need each VM to restart in a certain order at certain intervals.

You can see the Gil’s talk here: https://vimeo.com/277582934

So, what was the technical discussion during this session? Mike Khusid (Product Management Leader) took us through their new Long Term Retention (LTR) piece that is currently under development to extend the capabilities of ZVR. This is  due to to be included in their next Major release, Zerto 7. This requirement for many enterprises is driven by the need to meet compliance standards and be able to retain data from 7 to 99 years. The benefit of this being included in Zerto’s Continuous Data protection means that you will have an available copy of data that was created ~3 minutes prior to being deleted, ensuring it will be recoverable within the set retention period.

This is certainly a great way for Zerto to extend their product set to be able to meet the compliance demands that many companies face. As a partner using Zerto, I know this will be a great piece to be able to pass on to our customers.

You can also catch Mike’s segment here: https://vimeo.com/277583291

Thank you Zerto for taking the time to present at Storage Field Day #16.

VMware Current Software Download and Release Notes

I haven’t blogged in a while, so I thought I would put together a quick list of the most current versions of VMware solutions available. Below you will find links to the download and to the release notes. These are the current versions as of this date. Hopefully someone will find this as a useful reference.

**Please note you will require a valid login/Contract to be able to access a number of these solutions for download.

Check out @texiwil Linux VMware Software Manager – Only requires a my.vmware.com login (Great option if you can’t access downloads through the site)
https://github.com/Texiwill/aac-lib/tree/master/vsm

vCenter
6.0u3e Download
6.0U3e Release Notes

6.5U2 Download 
6.5U2 Release Notes

6.7.0a Download 
6.7.0a Release Notes

ESXi
6.0U3a Download
6.0U3a Release Notes

6.5U2 Download
6.5U2 Release Notes

6.7.0 Download
6.7.0 Release Notes 

NSX-V
6.3.6 Download 
6.3.6 Release Notes 

6.4.1 Download 
6.4.1 Release Notes: 

NSX-T
2.2 Download
2.2 Release Notes

Horizon
7.5 Download
7.5 Release Notes 

7.4 Download  
7.4 Release Notes 
 

PowerCLI
10.1 Download/Release Notes

PowerNSX
Download/release notes 

vRealize Automation
7.4 Download
7.4 Release Notes

vRealize Operations Manager
6.7 Download
6.7 Release Notes 

vRealize Log Insight 
4.6.1 Downloads
4.6.1 Release Notes  

Site Recovery Manager 
8.1 Download  
8.1 Release Notes  

PowerCLI: Import-vApp OVA: Hostname cannot be parsed.

The other day I was rebuilding my lab using William Lam’s vGhetto vSphere Automated Lab Deployment script for vSphere 6.5. In the past I have run the 6.0 script successfully. As part of the script, there is an OVA of a host profile that William has made for the deployment, this is used for the configuration of the host.

This particular time I came across an error right after starting the process and immediately after connecting to the nesting host.  It was a bit of a strange error, pointing to the Import-vApp cmdlet but also saying, “Invalid URI: The hostname could not be parsed,” which sounded as though to be a DNS issue, I spent a little bit of time going through my DNS settings, making sure that the computer from which I was running the script was able to resolve the hostname. I moved off my MacBook using PowerCLI Core and tested from my Windows machine using PowerCLI 10.0, and received the same error.

I did some quick research and found nothing related to the specific error message and started to look at it piece by piece. I decided to pull apart the OVA file and try and run just the OVF – SUCCESS! There appears to be an issue with the OVA and the Import-vApp cmdlet in both PowerCLI Core and PowerCLI 10.0. I am yet to test the OVA in vSphere via the WebClient, but I suspect it may work as it should.

To pull apart the OVA, I recommend using 7ZIP and opening the .ova file and copy/paste the content.

  1. Download and Install 7ZIP
  2. Relaunch explorer
  3. right click OVA file -> 7ZIP -> extract to /<foldername>
  4. check for the VMDK, OVF and description file are all present
  5. Change your ESXI $NestedESXiApplianceOVA= to the .ovf file
  6. rerun script.

Configure PowerCLI and PowerNSX on macOS

A couple of months back, PowerShell Core on Mac and Linux became mainstream after success of its beta. This has allowed for modules to be extended to also be cross-platform for many products out there. The two main products I want to cover are the PowerCLI and PowerNSX and installing from the Powershell Gallery.

To get started, you will need to go to the PowerShell github repo and download the PowerShell install package that is right for your system.

Once the package is installed, Open up terminal and type pwsh to launch PowerShell.

The next Module you will need to install is PowerCLI 10.0 which is the full feature install.

In your PS terminal, insert the below

PS>Install-Module -Name VMware.PowerCLI -Scope CurrentUser

If you receive an invalid certificate error, you can bypass this by using the below.

PS>Set-PowerCLIConfiguration -InvalidCertificateAction Ignore
To confirm the Module is installed, you can run Get-Module VMware.PowerCLI 

Lastly, you will want to install PowerNSX, there is whole site full of information regarding PowerNSX and how to use it, 

 

The Easiest way to Install powerNSX is to run:
PS>Install-Module PowerNSX
PS>Import-Module PowerNSX
Again, to confirm installation, run Get-Module and check if PowerNSX is listed.  You should something like below.
Screen Shot 2018-04-06 at 12.39.20 am
That’s it, PowerCLI and PowerNSX are now installed.
To keep the versions up to date, you can run the Update-Module cmdlet.
PS>Update-Module VMware.PowerCLI
PS>Update-Module PowerNSX

VMware vExpert 5th Year in a Row

4 years ago, I decided to take the plunge at applying for my first year as a vExpert. I thought I was just shooting into the open air not thinking I would receive an award. I had only just started getting into virtualisation, having only done a small amount at work, but I was enjoying the technology so much I decided I would start blogging along my journey. Not long after starting that path, I started to attend our local VMUG chapter and then went on to be a leader for a couple of years. More and more I grew into the VMware virtualisation family.

It is with great honour today to accept my 5th year as a vExpert. This program has been running for 10 years now and is there to acknowledge those who provide back to the VMware community. This program has given me so much, in terms of resources and community support to get the most out of my virtualization journey and to continue to grow and learn more and more each day.

Why is this program so special? I’m glad you asked! The program is not only designed to acknowledge publicly those that spend their time blogging about why you should have High Availability turned on, but to use the vExperts as a valuable resources for testing Beta’s for VMware and providing feedback to improve the GA version.  As mentioned in the previous paragraph, the program enables each vExpert to engage in the community as one and this encourages one another to persist push the limits of their blogging, their knowledge and skills. The team we have are a reliable and trusted group who individually, but also together produce content to help the community in their own environments.

There are additional benefits we receive as vExperts, such as invites to internal VMware calls,  private BETA testing and licenses to be able to continue testing and producing content. These benefits only push you to work harder and create bigger and better content.

I love being part of this select group. and I want to thank Corey Romero and the vExpert/Community team at VMware for giving me and all this years vExperts the opportunity to be a part of the program once again.

Configure ESXi 6.5 Autostart

I’ve recently rebuilt my homelab, and as part of bring a nested lab, I like to have my nested host VMs to poweron automatically as I do for my VCSA. However, I configured (Or at least I thought I had) the Autostart option on sll 3 of the nested hosts. After sitting down powering on the physical host, I waited approximately 10 minutes for it all to boot up, which is about normal, unfortunately, I could not connect to anything but the physical ESXi host, to which I found all 3 VMs powered off all with AutoStart option on them.

As you can see above, all VMs have Autostart enabled on them with their start order, and yet they are all powered off. What I found was that there is a separate service for Autostart that need to be enabled before the start order will operate.

To enable:
Select Manage -> Autostart -> Edit Settings
Under Settings, select Enable = Yes -> Click Save

Once completed, restart your ESXi host to ensure the settings are operation.

Extended Unstun Times with VVOLs and Veeam Proxy Fixed in 9.5 Update 3

Recently Veeam released Veeam Backup and Replication 9.5 Update 3″ This update has brought a number of fixes and additional features that you can read about in Anthony Spiteri’s post VEEAM BACKUP & REPLICATION 9.5 UPDATE 3 – TOP NEW FEATURES

This particular release brings a welcomed fix for backing up VVOL backed VMs when using a proxy server. The symptoms occur when you backup a VM that is utilising VVOL storage and a proxy server with hotadd. The snapshot attempts to remove too soon before the HotAdded disk finishes its unbind process. When this occurs the VM can freeze anywhere from a number of seconds up to 80+ seconds.  These issues were not present when the backup proxy was on the same host as the VM that was backing up. The workaround prior to this release was to run in NBD mode which uses the host as a proxy and is a slower method.

So, what am I looking for? The most obvious symptom is when your VM freezes and can not perform any actions, however performance graphs, etc all should a healthy VM. The other is in your VM log file, you will find a line similar to below. this is a standard line in your log, the difference is the the length of time the process runs for.  In this sample: 56 seconds

Checkpoint_Unstun: vm stopped for 56223314 us

In Veeam B&R 9.5U3, you can now add a registry value to set a wait time to allow the unbind from the proxy to complete before the snapshot is removed. to do this, open up your Veeam B&R server -> Open RegEdit -> navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication\

Create a new REG_DWORD: HotaddTimeoutAfterDetachSec
Using decimal set your wait time (value) in seconds for how long you require.

Once added, you can restart your server\services for the settings to take affect. After testing overnight with a few Backup jobs, I re-enabled all jobs to run through proxies and  have not seen any issues yet.

 

PowerCLI migrate vSwitch port groups to vDS in a different vCenter

Over the 6 months I have been working hard on designing and implementing our latest infrastructure refresh and migration to another datacenter. This was a big task, especially when we had to migrate customer servers with minimal downtime. However, there were many more challenges we faced, however with the right planning in the design, these were fairly well handled.

One of the challenges was that we were using Standard vSwitches in the old 5.5/5.1 environment due to some 3rd party applications back when the environment was 4.1 which caused issues when using a vDS.
As we were building a new vCenter we decided the best method was to automate adding all the VM port groups along with their VLANs and LAG into the DvSwitch.
One thing I’ve learnt from Alan Renouf is “The best script you will ever write is one that you stole from somebody’s website” which doesn’t mean  steal it and claim it as your own, but if someone has a script that does exactly what you need, then use it, just make sure you give credit where credit is due.
It just so happened by luck that right around the time I was starting to think about the process, I saw a twitter post from Ben Liebowitz “PowerCLI Script to create a new vDS Portgroups” – Beauty, this was exactly what I was after (albeit some small changes to suit).

The next step was to get a script to match to do the initial export to CSV, after a quick google I came across a Luc Dekens script that he had written for someones request on the VMware Community Forums.  It was pretty straight forward and only require some lines removed so that the CSV only had the columns required for the import.  So once I had the scripts, it was down to testing the process on how to use them prior to prod.

  1. Edit the Export vSwitch Configuration script from Luc Dekens
  2. Run the script
  3. Open the CSV (Make sure the columns names line up with the import script)
    **As we are exporting from a vSwitch and importing to vDS, we will need to manually add a new column to the exported CSV called numports and place the correct number of ports in each row (by default 8) .
    **Also remove any multiples of portgroups (e.g. if you have multiple hosts with the same Portgroups as these will be also in the csv)
  4. Edit the Import script from Ben Liebowitz
    – Change the vDS name and LAG name to match your environment.
    – Update to the CSV path
  5. Run the import script.
  6. Confirm the ports have imported by looking at the vDS.

The process is simple, so let’s break this down into some of the areas you can edit .

In the export script, all you need to edit is the lines that control what information is exported to the CSV. Just remove the lines you do not require. for example I do not need the IP address, so I would remove the below line.

@{N="IP";E={if($vNicTab.ContainsKey($pg.Name)){$vNicTab[$pg.Name].Spec.Ip.IpAddress}}}

The csv will export to the directory you have set in PowerCLI when running the script. Below is what the csv will turn out like, however note that I have also added the numports in as well.

ESX,pgName,vlanID,numports
HyperVisor-Hostname,PortGroup_1,3005,8
HyperVisor-Hostname,Portgroup_2,3005,8
HyperVisor-Hostname,Portgroup_13,3007,8
HyperVisor-Hostname,Portgroup_34,3007,8

etc.

Now for the Import.
In the import script, make sure that you change the name of the vDS, ActiveUplink and the location of the CSV – So he following lines.

# Set the VDS Name to variable
$vds = "dvSwitch"
# Import the CSV of VLAN IDs, Portgroups, and # of ports
$vdsPortgroup = Import-Csv \path\to\New_Portgroups.csv
get-vdswitch $vdsname | Get-VDPortgroup $portgroup.pgName | Get-VDUplinkTeamingPolicy | Set-VDUplinkTeamingPolicy -UnusedUplinkPort dvUplink1, dvUplink2, dvUplink3, dvUplink4

get-vdswitch $vdsname | Get-VDPortgroup $portgroup.pgName | Get-VDUplinkTeamingPolicy | Set-VDUplinkTeamingPolicy -ActiveUplinkPort LAG

That’s it. Very straight forward set of scripts to run. I prefer to run these individually as there is the step in the middle with the csv file. Aside from that I would like to thank both Ben Liebowitz and Luc Dekens for their community support for sharing their scripts.

Install and Configure NSX Manager

I’m starting to become a bit of a fan of VMware NSX and getting excited with all the new features that came out of VMworld 2017. I recently rebuilt my lab and one of the parts I need to install is, you guessed it, NSX. So I figured I would write a series of basic “Getting Started” guides.  To start with, we will go through installing the NSX Manager, the brain of the solution. Now for the install, I just attached the NSX Manager Appliance to a vSwitch for the moment, but you will need to ensure that you have a Distributed Virtual Switch configured to utilise NSX as it is a required component. I will be installing NSX Manager 6.3.3 (The latest as of this post)

NSX is more than just networking, it is also part of the endpoint services that was previously vShield in the vCloud Networking and Security Suite (vCNS). Implementing NSX allows you to extend the feature set taking you to the next level of virtual networking.

I will be going over the install and configuration of some of the other components in the next few posts following this one.

Installing NSX Manager:

The NSX Manager OVA can be downloaded from my.vmware.com
Once downloaded, ensure the Client Integration tools are installed and then open up the VMware Webclient. (For Client Integration Tools SSL FireFox issue  see this post)

Right click cluster and select “Deploy OVF Template” à Navigate to the NSX Manager OVF file à Accept the configuration

Accept the EULA

Input details for configuration

-Password
– IPv4/IPv6 details
– DNS
– NTP
– SSH
– VMware Customer Experience Improvement Program

 

 

 

 

 

 

 

Accept all and deploy

 

 

 

Once deployed. Open up a web browser and navigate to the IP/hostname that you set for your NSX Manager.

Login with admin and the password you set for deployment.

Navigate to “General” and edit the time settings à set your timezone à Save and log off and back on again for settings to take affect

Navigate down to “NSX Management Service” àSelect Edit on “Lookup Service URL:” and enter your PSC FQDN. (Enter vCenter if using embedded PSC) Enter SSO username and password and click OK

Select edit on “vCenter Server” and enter your vCenter server address followed by vCenter Service account or SSO.

Once all lights are green, log off and log into vCenter with the account used to attached NSX to vCenter.

If you log in as another accout, you will not be able to see the Network and Security tab as you will not have been granted permission to it. (Note that my SSO is vSphere.local for this lab)

Log in as the account that You will see the Networking and Security section available in the Action menu, Home screen and the left hand Navigation menu. Select Network and Security -> click on NSX Managers -> select NSX Manager you wish to adjust -> Manage -> Users.

Click the green Plus sign -> Choose either to add a group or individual user (Suggest making an NSX Group to make control easier) -> Select the Level of Access and click OK.

Log off and log in as the user you jut granted permission to.  (Note that I am using readysetvirtual.local for my lab domain and standard user)