Posts Tagged ‘ESXi’

Tripwire Annoucement

February 19th, 2009

Press release from Tripwire.  I haven’t had time to take a look at the product yet but the announcement comes from a trustworthy and reputable source whom I respect.  I look forward to seeing some commentary either on the blog here or over at vwire.com.

TRIPWIRE ANNOUNCES FREE UTILITY TO HELP MANAGE VMWARE VMOTION, LAUNCHES NEW VIRTUALIZATION COMMUNITY
Tripwire OpsCheck addresses key virtual infrastructure operational issues; vWire.com offers an opportunity for virtual infrastructure professionals to share ideas and best practices

Portland, OR – Feb. 17, 2009 – Tripwire, Inc. today announced a major new initiative for virtual infrastructure (VI) professionals, which includes Tripwire OpsCheckTM, a free tool to manage VMware VMotion, and an online community for VI administrators. Tripwire OpsCheck assesses common configuration problems that may prevent VMotion from operating properly, and provides troubleshooting tips for configuring VMotion based on Tripwire OpsCheck test results. To download Tripwire OpsCheck, go to www.vwire.com.

To further support the needs of VI professionals, Tripwire has unveiled vWire.com, an online community built around the concerns of VI professionals. Virtualization administrators, engineers and architects are invited to join the community and conversation to share best practices, network, and gain new resources and tools. For more information about the forum, visit www.vwire.com.

“Virtualization professionals are faced with unknown territory, requiring new tools to manage the complexities and risks of virtual environments,” said Dan Schoenbaum, chief operating officer of products, Tripwire. “That’s why Tripwire is committed to developing utilities specifically for virtualization, such as OpsCheck and ConfigCheck, and to creating a forum where VI professionals can share their experiences and knowledge.”

Tripwire ConfigCheck, released in 2008, provides an immediate assessment of the configurations of a VMware ESX hypervisor, comparing them against VMware hardening security guidelines, and then providing remediation instructions if any are needed. ConfigCheck is also available for free and can be downloaded at www.vwire.com.

About Tripwire, Inc.
Tripwire helps over 6,500 enterprises worldwide reduce security risk, attain compliance and increase operational efficiency across virtual and physical environments. With its industry leading configuration assessment and change auditing software solutions, IT organizations achieve and maintain configuration control. Tripwire is headquartered in Portland, Ore. with offices worldwide. http://www.tripwire.com/.

VMGURU to release 4 chapters of VI3 book today

February 10th, 2009

Scott Herold of VMGuru.com and co-author of the book VMware Infrastructure 3: Advanced Technical Design Guide and Advanced Operations Guide has announced today the release of four of the book’s chapters in PDF format today.

I’ve read the previous version of this book a few years ago and I’m in the middle of reading the current version.  I HIGHLY recommend this book.  It is worth it’s weight in gold and the fact that the authors are going to begin giving it away for free to the virtualization community is baffling to me but yet at the same time it is a symbol of their generosity and commitment to providing the community with top notch technical and operations detail on VMware virtual infrastructure.

Generally speaking, many technical authors don’t make a pile of money writing books.  Be sure to thank the authors Ron Oglesby, Scott Herold, and Mike Laverick for their hard work and generosity.

More information about this book can be found here and here.  Stay tuned to VMGuru.com for the official release of these chapters which should happen sometime today.

Critical ESX/ESXi 3.5.0 Update 3 patch released

January 31st, 2009

VMware ESX/ESXi 3.5.0 Update 3 introduced a bug whereby planned or unplanned pathing changes in a multipathed SAN LUN while VMFS3 metadata is being written can cause communication to the SAN LUN(s) to hault, resulting in the loss of virtual disk access (.vmdk) for VMs.  The issue is documented in full in VMware KB article 1008130.

A patch is now available in VMware KB article 1006651 which resolves the issue above as well as several others.

For users on ESX/ESX 3.5.0u3, I highly recommend applying this patch as soon as possible.

Train Signal training discount through the month of February

January 31st, 2009

Train Signal is offering an astounding 25% off any virtualization product they sell through the month of February 2009.

Here is a short sample of their VMware ESX training video where instructor David Davis talks about templates and cloning virtual machines:

To take advantage of the 25% off, use the code BOCHENET at checkout.

I know first hand that the economy is tough.  Take advantage of this offer and get top shelf training for your dollar.  Train Signal offers a 90 day money back guarantee if you are not completely satisfied.

New product launch: iBac VIP for VMware Virtual Center

January 29th, 2009

Another VMware virtual infrastructure backup option. Options are good! This product works with both ESX as well as ESXi (requires VCB).

Licensing: One license ($5,495) covers all VMs and ESX hosts. Comparably speaking, another 3rd party virtualization management vendor charges approximately $500 per ESX/ESXi host CPU socket and also requires VCB for ESXi hosts. VCB licensing aside, in this comparison, iBac becomes attractive for infrastructures having 5+ 2-socket hosts, or 3+ 4-socket hosts (thankfully we don’t get dinged for multi core processors yet – who will be the first brave vendor, after Oracle, to license this way?)

From Idealstor:

“Idealstor, a leading developer of disk-to-disk backup solutions, announced today the release of iBac VIP for VMware Virtual Center. iBac VIP for Virtual Center was created to simplify VMware backups by offering a single license that backs up every virtual machine regardless of how many ESX hosts have been implemented.

Nandan Arora – Chief Technology Offer at Idealstor is quoted in this release

“Virtualization offers a unique set of tools that enables companies to consolidate servers but also to quickly provision new server instances as needed without having to incur the costs of implementing a physical server. Most software companies on the market today ignored this and released VMware backup solutions that are tied to the number of virtual machines, physical processors or ESX hosts running on the network. iBac VIP for Virtual Center was designed to turn this licensing model upside down. VIP for Virtual Center lets you backup any number of virtual machines regardless of the number of processors or ESX hosts being run.”Idealstor, a leading developer of disk-to-disk backup solutions, announced today the release of iBac VIP for VMware Virtual Center. iBac VIP for Virtual Center was created to simplify VMware backups by offering a single license that backs up every virtual machine regardless of how many ESX hosts have been implemented.

“iBac VIP was launched in 2008 and offers an enterprise backup solution for VMware virtual servers. The goal of iBac VIP was to offer an easy to use and easy to license backup solution for VMware virtual environments. The original release of iBac VIP was licensed based on the number of ESX hosts that were being run regardless of the number of VMs or processors on the host server. With the release of iBac VIP for Virtual Center, Idealstor seeks to further simplify VMware backups by offering backup administrators the options to choose between licensing the product per ESX host or Virtual Center. Suggested retail price for iBac VIP for Virtual Center is $5495.00.

iBac VIP ties into the VCB framework provided by VMware. Rather than having to run scripts or purchase expensive backup agents to backup each virtual machine, iBac VIP offers an easy use interface that allows backups administrators to efficiently manage their VMware backups. VIP backups can be managed from the proxy/backup server or from a remote machine running the VIP management console. Scheduling, advanced logging and email reports are available for all backup jobs. Recovery can be done at the file level or entire virtual machines can be recovered on the proxy or a specific ESX host.

“When we entered the VMware backup market we realized that most backup vendors were ignoring the flexibility and cost savings that were inherent to virtualization”, said Nandan Arora, chief technical officer at Idealstor. “Virtualization offers a unique set of tools that enables companies to consolidate servers but also to quickly provision new server instances as needed without having to incur the costs of implementing a physical server. Most software companies on the market today ignored this and released VMware backup solutions that are tied to the number of virtual machines, physical processors or ESX hosts running on the network. iBac VIP for Virtual Center was designed to turn this licensing model upside down. VIP for Virtual Center lets you backup any number of virtual machines regardless of the number of processors or ESX hosts being run. The only limitation is that the backup proxy server will need to be able to handle the load, but we feel that iBac VIP is affordable enough that if another proxy server needs to be added to handle the load, we will still be far more competitive than the existing players in the VMware backup space.”

About Idealstor
Idealstor manufactures removable/ejectable disk backup systems that are designed to augment or completely replace tape as backup and offsite storage media. The Idealstor Backup Appliance has been on the market for over 5 years offering a fast, reliable and portable alternative to tape based backup systems. Each Idealstor system uses industry standard SATA disk as the target for backup data and as offsite media. Systems range from 1 removable drive up to 8 and can be used by a range of businesses from SMB to corporate data centers. Disk capacities mirror that of the major SATA manufacturers. Uncompressed capacities of 200GB, 320GB, 400GB, 500GB, 750GB, 1TB and 1.5TB are currently available.”

Idle Memory Tax

January 29th, 2009

Memory over commit is a money/infrastructure saving feature that fits perfectly within the theme of two of virtualization’s core concepts: doing more with less hardware, and helping save the environment with greenness. While Microsoft Hyper-V offers no memory over commit or page sharing technologies, VMware has understood the value in these technologies long before VI3. I’ve mentioned this before – if you haven’t read it yet, take a look at Carl Waldspurger’s 2002 white paper on Memory Resource management in VMware ESX Server.

One of VMware’s memory over commit technologies is called Idle Memory Tax. IMT basically allows the VMKernel to reclaim unused guest VM memory by assigning a higher “cost value” to unused allocated shares. The last piece of that sentence is key – did you catch it? This mechanism is tied to shares. When do shares come into play? When there is contention for physical host RAM allocated to the VMs. Or in short, when physical RAM on the ESX host has been over committed – we’ve granted more RAM to guest VMs than we actually have on the ESX host to cover at one time. When this happens, there is contention or a battle for who actually gets the physical RAM. Share values are what determine this. I don’t want to get too far off track here as this discussion is specifically on Idle Memory Tax, but shares are the foundation so they are important to understand.

Back to Idle Memory Tax. Quite simply it’s a mechanism to take idle/unused memory from guest VMs that are hogging it in order to give that memory to another VM where it’s more badly needed. Sort of like Robin Hood for VI. By default this is performed using VMware’s balloon driver which is the more optimal of the two available methods. Out of the box, the amount of idle memory that will be reclaimed is 75% as configured by Mem.IdleTax under advanced host configuration. The VMKernel polls for idle memory in guest VMs every 60 seconds. This interval was doubled from ESX2.x where the polling period was every 30 seconds.

Here’s a working example of the scenario:

  • Two guest VMs live on an ESX/ESXi host with 8GB RAM
  • Each VM is assigned 8GB RAM and 8,192 shares. Discounting memory overhead, content based page sharing, and COS memory usage, we’ve effectively over committed our memory by 100%
  • VM1 is running IIS using only 1GB RAM
  • VM2 is running SQL and is request the use of all 8GB RAM
  • Idle Memory Tax allows the VMKernel to “borrow” 75% of the 7GB of allocated but unused RAM from VM1 and give it to VM2.  25% of the unused allocated RAM will be left for the VM as a cushion for requests for additional memory before other memory over commit technologies kick in

Here are the values under ESX host advanced configuration that we can tweak to modify the default behavior of Idle Memory Tax:

  • Mem.IdleTax – default: 75, range: 0 to 99, specifies the percent of idle memory that may be reclaimed by the tax
  • Mem.SamplePeriod – default: 60 in ESX3.x 30 in ESX2.x, range: 0 to 180, specifies the polling interval in seconds at which the VMKernel will scan for idle memory
  • Mem.IdleTaxType – default: 1 (variable), range: 0 (flat – use paging mechanism) to 1 (variable – use the balloon driver), specifies the method at which the VMKernel will reclaim idle memory. It is highly recommended to leave this at 1 to use the balloon driver as paging is more detrimental to the performance of the VM

VMware recommends that changes to Idle Memory Tax are not necessary, or even appropriate. If you get into the situation where Idle Memory Tax comes into play, you need to question the VMs that have large quantities of allocated but idle memory. Rather than allocating more memory to the VM than it needs, thus wrongly inflating its share value, consider reducing the allocated amounts of RAM to those VMs.

ESXTOP drilldown

January 28th, 2009

Open up the service console on your ESX host and run the esxtop command.  You may already know that while in esxtop, interactively pressing the c, m, d, and n keys changes the esxtop focus to each of the four food groups:  CPU, Memory, Disk, and Network respectively, but did you know there are more advanced views for drilling down to more detailed information?

For example, we already know pressing the d key provides disk information from the adapter level which contains rolled up statistics from all current activity on the adapter:

1-28-2009 1-22-17 AM

 

Now try these interactive keys:

Press the u key to view disk information from the device level – this shows us statistics for each LUN per adapter:

1-28-2009 1-21-40 AM

Press the v key to view disk information from the VM level – the most granular level esxtop provides:

1-28-2009 1-22-39 AM

There’s also a key, when looking at CPU statistics, which will expand a VM showing the individual processes that make up that running VM.  Can you find it?  This will come in handy if you ever find yourself in the situation where you need to kill a VM from the service console.

If you would like to view the complete documentation for esxtop (known as man pages in the *nix world), use the command man esxtop in the service console.

ESXTOP is powerful tool whos capabilities extend quite a bit farther than what I’ve briefly talked about here.  I hope to see it in future versions of ESX (and ESXi).