Newsletter: April 20, 2014

Hello all,

I had another good week working in the lab, trying to improve our product, which is always fun, but also working with developers and engineers.  So a pretty good week.  In the background has been the NFS issues where ESXi is dropping connections and Heartbleed (general and VMware).  So not only do I still have 7 or 8 sites to change my password, I also have a lot of upgrades to do in two labs!  Painful.  I am sure everyone is sick of hearing about Heartbleed – I know I am, but the NFS issue is serious too so if you don’t know about it check out my article.

So I think many of us will be still be busy this week with changing passwords of systems that have fixed their OpenSSL issues, but now we will also be doing a lot of VMware upgrades too!

BTW, all VMware KB articles have a number.  And you can use that number to build a friendly little URL of  No need to use those great huge URLs.


Various Update for dealing with Heartbleed- vC 5.5 U1, ESXi, vCNS, Fusion, View Feature Pack, View IOS, Workstation, View Windows Client
You can find the release notes for vC 5.5 U1a, ESXi 5.5, ESXi 5.5, vCNS 5.5.2, Fusion 6.0.3, View 5.3 FP2, View IOS clientWorkstation 10.0.2 and View 2.3.3.  These are not all of the updates but I think they are the key ones that will impact most people.  Some of the things that don’t need an update that are common are Log Insight, SRM, VIN, and vC Ops.  Thank goodness.  Full status on products can be seen here.

Update sequence for vSphere 5.5 and compatible products
This has not been updated recently but it is still a good guide to be aware of when you have a lot of VMware products and need to do updates.  Which I think we all do.  Find it – KB 2057795.

Oh my god, are you kidding, we have to do what?
After we upgrade vC we need to re-issue the cert, and change the password for local accounts like administrator@vsphere.local.  See more on this here.  This may be required elsewhere so watch the release notes for things.  Maybe now is the time to get good with that VMware vCenter Certificate Automation tool – you can find help with it here, here, and here.

ESXi Host Response and custom isolation address response
This is an interesting reminder that we need to think about every design.  We can have favorite designs – I know I do – but I need to think about the circumstances that I am going to use them in and make sure they are appropriate each time.  This blog has a good reminder on that.  He has some interesting links that can help on this subject in different types of environments.

vSphere 5.5 Upgrade and old NICs not working as expected
I knew before 5.5 was released we would see a lot of this in home labs, and in small business too.  The list of network adapters dropped from 5.5 was very large.  Here we have an interesting story of how it impacted someone in his home lab.  It is a good story to understand as some of us may be in a similar situation at some point.

VMware vCenter Converter Standalone 5.5.1
This is quite the product.  It has been around for a long time, and it has help start a lot of customers on the virtualization path.  So it is cool to see it out in an update.  It is not a Heartbleed update but actually with new features like VSAN support.  Release Notes are here.

A great vC Ops reference
Here is a link to a collection of very useful vC Ops info in the form of articles that have been written by someone who really knows and works with vC Ops.

The effects of VAAI on cloning with an all flash array
This is an interesting and well done blog on the effects – with and without VAAI on an all flash array.  The fact is that it shows a good methodology and there is good info to be had on results and process even if you do not have an all flash array.  There are some detailed command line examples that would be useful in other testing environments.

The Impact of VSAN on memory utilization in a home lab
I ran VSAN in a production like environment for a long time.  The amount of memory used by VSAN is relatively speaking small.  However, running in my home lab I realized it is not always small.  There is a good blog that details the actual usage of memory as it relates to VSAN which I think is very good to know when using VSAN in a home lab!

VSAN vCheck Plugins
William Lam has contributed his VSAN script to the most excellent vCheck tool that Alan created some time ago.  You can see his announcement of this but also be sure to check out the sample vCheck report to see what William has added to it.  Some most excellent VSAN information in the report.  Very cool indeed.  Get the updated vCheck script here.

Disk controller features and Queue Depth
This is an interesting article – like most that Duncan does, about queue depth and this is a good thing to think about when you are working with VSAN but also local caching as well.  Some great info and a good chart that is pretty interesting.  Several of my lab machines have controllers that are in the list with very poor showing!  Find Duncan’s article here.

Install VMware Tools on Win2K12 Server Core
This is an interesting one – when I saw it I wondered how you might install VMware Tools when there is no GUI.  Turns out that it is pretty easy.

Four issues found encountered deploying vC and SRM
The consultant or customer who did this hit four interesting issues.  I think I have seen several of them.  Definitely good reading in case you see these issues.  Find his article here.

vCenter 5.5 won’t start up
This is a worrisome article in that the vC VM crashed when the host under it crashed.  After all was running again the vC would not start.  A number of issues were found and dealt with but still no vC running.  It turned out that the best choice was to uninstall and install.  What a disaster.  That can cause a number of issues the least of which might be the loss of performance history.  But it would cause issues I think for vC Ops, which I think could be solved with a re-registration, and maybe the same for VIN.  But check out the details here.

Changing the IP of vC
This is something a little scary for me.  Not for any specific reason I remember but just instinctively.  I have been in this IT world for a long time.  But this article is about someone who changes the IP address of the vC.  It is worth noting that his vC is completely self contained which helps explained why it was successful.  But it is still some good info.  The author of this has another article on changing the hostname too which is interesting.

Setting up Multiple Sites within a Single vCenter SSO 5.5 Authentication domain
A very nicely done article about setting up SSO in two sites but with one authentication domain (vsphere.local).  I hope that this develops into a series with the other components of vC covered off.  But a very good article to check out if you are going to do something like have two sites for SSO.  BTW here is a little bit more on the install options.

Using secondary management network for vSphere Replication
I saw this yesterday and was immediately curious.  One of the things we all likely know is an issue with vSphere Replication in that it uses the management network to replicate.  Many of the customers I built, or visit, have management networks that don’t support that well.  Or sometimes at all.  So they have had to do some interesting routing to allow VR to replicate.  The idea in this article is to support a second management network just for the replication.  By being able to separate the traffic like that you can leave the actual management network alone, and you can more easily to WAN optimization, or encryption on the VR traffic.  So pretty cool.  I have not tested this but I think it should work.

Command-Line Installation and Upgrade of vCenter 5.5
This is a very odd manual I did not expect to see so I was surprised when – I think it was by William Lam – it was shared out over Twitter.  If you want to do command line install type stuff for vC you now have a guide.  It is not supported however, but if you succeed, than that vC is in fact supported.  Check it out here.

Protect your ESXi hosts against Heartbleed attacks
This article has a good idea.  Use your ESXi firewall to limit access to the mgmt IP that has the vulnerability to the specific range of IP that should have access.  But it was updated with the info that there are other ports that have the vulnerability.  So a little harder to protect.  So I am sharing this so if you think you have protected yourself against Heartbleed in the same way you now know better! Isolated management networks is a good idea in those companies that can support them, and updating is something we should all do and that will protect us best.

Horizon View Event Notifier Lab Fling
This sounds very useful indeed.  If you are not using a combination of View to forward to syslog, and watching log files in the OS to send to syslog, this is a wonderful tool to product alerts.  You can get alerted via email when certain events occur.  This does looks very cool.

Using Infrastructure Navigator for firewall rules
This is a most excellent use case for VIN.  I like VIN a lot and always have it in my lab whenever I can.  It always is useful to know what the actual use of a VM is before I shut it off!  But a guy I know – Hugo – has figured out to use it to help with firewall rules – which of course makes great sense.  Find his article here.

The little black book of vCAC
Here is the start of a good resource that will I hope grow and become a serious collection of good vCAC info – because of course we really need that!

AppHa 1.1 now GA
I shared with you last newsletter that AppHA 1.1 was now GA.  When I saw this blog about it I had hoped we would learn more what AppHA is, and what it can do.  There is very little info on it on the Internet.  Especially practical stuff.  But the blog has very little info other than what is new.

Does Endpoint cost when using it with Deep Security?
This is another Hugo blog.  And he has a good point about Endpoint I had not thought of before.  Find his article – and the answer – here.

Why End to End monitoring is Critical
I had to explain this recently to someone.  We do not want to monitor Exchange, but rather the mail service.  Meaning we monitor Exchange and everything that Exchange needs to be considered running – so AD, DNS, the different Exchange components, and more.  I found this article to be helpful in my conversation.

vSphere 5.5, RDMs and Microsoft Clustering
A small change in the rules makes for a small change indeed in how you do MSCS.  Check out Cormac’s explanation of it here.

VCDX – D-day
This is an interesting series that someone has written about getting his VCDX.  Some good info and good suggestions.  Check it out here.  If I was still in PSO, I would be very happy indeed – and a little nervous too – to go after the VCDX – I really think it is the most exciting accreditation that a PSO guy can have today.  The way it is growing with more VCO and vCAC being adding into it is also a very good thing.

Visio stencils for VCDX
Here is a link to the page where the Visio stencils for VCDX – or anyone who needs VMware Visio stencils can find them.

Upgrading LSI HBA 9300-8i via UEFI
In this blog you can learn how to upgrade the LSI BIOS using an UEFI boot process.  I have used this recently to upgrade something else.  So it is good to see how you upgrade the LSI board in this blog because the info is good for other types of upgrades too.

Protecting applications on physical servers with VDPA
Jeff has done a very interesting blog on how you can use the agents that VDPA provides to protect SQL, Exchange and SharePoint on physical servers.  So this is very cool.  It is important to note that when you do that you do not get the operating system of those machines.  You only get the app and the data.    That is the key stuff of course but it is very good to know if you have to recover completely you will need to build a machine that includes the same OS and configuration.  I wonder though, if we could use this as a migration tool to move from physical to virtual?

ESXi, Dell VRTX, and Storage – or the lack there of!
I thought this was interesting when I saw it.  I too have seen the heavy push on this platform for Virtualization, and I know people who have or about to, purchase it.  So I thought it was a funny / sad sort of thing to see.  I used to know people at Dell that I could reach out to with this sort of thing and get it fixed but not any longer.  Too bad.  But at least you know the workaround!

HP StoreVirtual VSA – an Introduction
As a vExpert I have a license for a HP StoreVirtual.  I had used these great little storage appliance in both physical and virtual before HP bought them.  They were known than as LeftHand and we used them extensively at VMware as we developed SRM.  I thought they had the best UI and it was really quite easy to use compared to everything else in those days.  So I am quite excited to see what they are like – when I have some downtime that is.  But I found this introduction to them that was useful.

Introducing VMware vCloud Hybrid Service – DR: Making Cloud DR Simple and affordable
I saw this and I shook my head.  So little info.  Amazing how many words and so few details.  I than found this FAQ that helped a lot.  But there are some key things to understand.  This solution uses vSphere Replication – not the one you have but a special version of it – so think of the bandwidth you need or have and how many VMs can be moved using it?  Plus, there is no SRM support.  So how do you do your workflow for DR?  I think that this is a step in the right direction, but be very careful and test it well before you commit.  I suspect many of the medium size business I helped to get SRM going with them will be better off not using this option as they have something better – SRM and a failover site.  I also suspect that in a number of years that may not be true – meaning eventually SRM will be able to fail over to the cloud – right?!  When SRM can fail over to the cloud, and back, with full workflow support that will be a wonderful thing to have and will be I think very popular.

VMware is doing expert level NSX certification – or rather they are working on it
NSX coming to market has been a little odd in comparison to other VMware products.  I have been around VMware to see most of its offerings and NSX has been a little different.  When they would not provide access to it for partners I was quite worried.  Getting it into the HOL was good but I was wondering what was going on.  So when I saw  this, and this with people talking about an expert level NSX certification I thought that was quite interesting.  I think it is a step in the right direction and we will see more like it in the future.

Veeam to offer advanced data protection with NetApp
This is a great read.  Very cool in how Veeam is going to be able to work with NetApp snapshots.  You can do a backup with Veeam that directly connects to NetApp block or NFS to read and do the backup.  Very cool.  But for the full story and details check out this blog.  Very nice job Veeam!

Odd things in my lab #1 – vC Install and local storage datastore and no objects
I installed vC 5.5 U1 Windows today with no issues. But after the install in the vSphere Web Client there was some oddities. It could not display a local drive datastore that was created during ESXi install. Plus, when creating tags no objects were seen. And when trying to look at a datastore the spinning at the top would not go away. So things were odd. A restart (of the vC VM) solved all this and normal behavior returned. I was not able to set Runtime or SMTP in the vSphere Web client. I have seen that before. Not sure why but it worked fine via C# client.

Odd things in my lab #2 – Win8 U1 prompt during install for account
I was building out a Win8 U1 template but I could not get past the requirement to do an MS account. But I figured it out – say you don’t have account and it will take you to a spot to create one. And at the bottom of that screen will be an option to not log in with a Microsoft account. Now continue as normal.

Inside the Hekaton: SQL 2014 database engine deconstructed
Not sure how I got on this topic recently, but I did.  And I found this article to be very interesting about a single new feature of significant interest in SQL 2014 – in memory database tables.  To learn more check this out.

Switch between Full and Server Core in Windows Server 2012 using PowerShell 3.0
This is quite interesting.  I love the concept of Server Core, but I have not had a chance to use it before.  In fact I wonder if I could put vC on it?  But I think it is very cool that you can switch between the full UI and Core so easily.  Check it out.

Deploying SRM on NetApp Clustered Data ONTAP
If you are going to do SRM with NetApp where you have clustered ONTAP than this guide is exactly what you need to give you the best chance of success.  SRM is in many ways ‘simple’ but that is possible due to a lot of hidden complexity in storage.  That is what is often the most complex so the guides that vendors provide to help are very important.  NetApp does an excellent job at those guides.

Siri vs Cortana vs Google Now – the ultimate voice control showdown
This is an interesting review of these three similar services.  If you are curious you can find it here.

ITBits: Mac Remote Desktop Software roundup
Someone asked me a day or two ago about the ability to RDP to Mac’s.  Here is a link to a list and comparison of the available options.  For connecting from a Mac to a RDP desktop the best tool I have seen is Jump.  I use it and think it is great – it even sync’s now via iCloud or Dropbox among your different Macs.  It does cost but of course I do believe good and great software should not be free.

Nutanix 4.0 Features Overview (Beyond Marketing)
Andre does a nice blog on the new features of NOS 4.0.  Most impressive new features.  Nutanix has come far and fast indeed.  I like very much the sound of things.  As well, the Nutanix bible has been updated for the new features and you can find it here.

Book Review – Networking for VMware Administrators
I have this book on my desk in my home office.  Of course I am a long way from it now in Nashua.  So I knew this book was good enough to buy, but I have not had time to check it out.  But this review makes me wish I had brought it with me!  Definitely a worthwhile purchase for any of us VMware admins.

A guide to the text editor Sublime
A number of people I know use Sublime (I like TextMate myself) and when I saw this guide to help with it I figured it might be useful.  The guide looks very helpful, and I think I may look at Sublime myself!

If you can’t beat them, join them: Microsoft Introduces OneGet
This is really something.  Many of us are aware of the tools in Linux like apt-get.  Microsoft has just added very similar functionality like that and it is called OneGet.  Check this out.

Thanks for reading – or skimming this far!


=== END ===

Leave a Reply