vSphere/vCenter 6.5 released

So post VMworld, I wrote a long article about what’s new for vSphere 6.5 which I was hoping would be published on SearchVMware.com…. unfortunately I’m still waiting on it to be published, last I heard the article was too long and they were splitting it up into two articles! ¬_¬”

Anyways, whilst I wait for the article to be published, I’ll give a quick summary of things I’ve learnt about the new vSphere/vCenter 6.5 that was released 2 days ago.

  • New HTML5 vSphere Client
  • Fully Integrated vSphere Update Manager and AutoDeploy with vCenter Server Appliance
  • Native High Availability for the vCSA
  • Native backup/restore for vCSA
  • Built-in monitoring web interface for the vCSA
  • Over 2x increase in scale and 3x in performance
  • Easy to migrate from Windows vCenter to vCSA
  • Client Integration Plugin for the vSphere Web Client is no longer required
  • The vCSA deployment installer can be run on Windows, Mac and Linux
  • The installer now supports install, upgrade, migrate and restore
  • vSphere API Explorer
  • VM Encryption / Encrypted vMotion
  • Secure Boot (for ESXi host and VM)
  • VMware Tools 10.1 and 10.0.12 (for older guest OSes that are out of support)
  • Multi-factor authentication with Smartcard or SecurID
  • VMFS-6 (4k drive support in 512e mode – emulating 512 sectors)
  • Automatic Space Reclamation – VAAI UNMAP now automatic and integrated it UI
  • VVOLs 2.0 plus VASA 3.0
  • vSphere HA is now known as vSphere Availability, enhancements to Admission Control
  • HA Orchestrated Restarts (adding in dependencies when HA restarts a VM)
  • Proactive HA (when host components are failing they are put into a quarantine mode)
  • Enhancements to DRS (VM distribution, CPU Over-commit, Network aware)
  • Predictive-DRS if vRealize Operations 6.4 is deployed (forecasted trends will kick off DRS)
  • vSphere Replication enhancements (now 5min RPOs like vSAN)

 

To find out more information, head along to the following:

 

In addition to the GA of vSphere/vCenter 6.5 there were a load of other releases on the same day:

 

I’m still waiting on the launch of vRealize Automation 7.2 and NSX 6.3….. those should be imminent as well!

As always, all downloads are available via the My VMware Portal.

Modifying VMware Site Recovery Manager – Windows 2012 UAC error

I first came across this issue when helping a customer uninstall Site Recovery Manager last year and wanted to blog about it but because I was pretty busy it totally slipped my mind….. until today!! I’ve been cleaning up the Solution Centre at MTI and tried to uninstall SRM for a new build…. and came across the same Windows User Access Control error. =)

srm02

Turns out that in Windows 2012. even when you go into User Accounts to turn off the UAC, it doesn’t disable it.

srm01

There’s a Microsoft Technet article which explains how to edit the Windows Registry in order deactivate UAC.

  1. Go to Start > Run, type regedit and click OK. The Registry Editor window opens.
  2. Navigate to HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > policies > system.
  3. Right-click EnableLUA and select Modify.
  4. In the Edit DWORD window, change the Value data from 1 to 0.
  5. Restart the Windows machine and re-run the SRM uninstall program.

srm03

VMworld 2015 Update

Recently I was asked to write a comment for SearchVMware’s Advisory Council September topic, which was about VMworld 2015 US and what was announced:
http://searchvmware.techtarget.com/feature/vSphere-integrated-containers-and-other-updates-excite-at-VMworld-2015

With VMworld 2015 Europe just around the corner, I decided that such a short comment wouldn’t do the US convention much justice, as such I decided to continue and expand on all the announcements and releases made.

The theme this year is “Ready for Any” an interesting tagline which I guess tries to emphasise how VMware have positioned themselves as a company with a portfolio that can accommodate anyone and anything….. Any Application, Any Device, Any Cloud! The whole theme brought together their existing key pillars in Hybrid Cloud, EUC, SDDC and wrapped in their new BU – Cloud Native Apps.

There was a big emphasis on DevOps this year and VMware were very keen to show the tools that they are making available to help with Continuous Delivery. Project Photon (a lightweight, container-optimised linux distribution) and Lightwave (an authentication and certificate management system for containers) were announced earlier in the year alongside other tech previews such as Project Bonneville (containerising/packaging apps into vSphere). At VMworld they announced the evolution of these projects into two new product tech previews:

  • vSphere Integrated Containers – based on Project Bonneville, Project Photon (aka Photon OS) and Project Fargo (aka Instant Clone). vSphere Integrated Containers allows containerised applications to run seamlessly alongside existing VMware infrastructure – VIC isolates and starts up each container in a VM which uses the underlying resource management features of vSphere – and so can be deployed, managed and secured with a customers existing VMware tools.
  • VMware Photon Platform – Photon Platform is the evolution of Project Photon which is designed for DevOps teams planning on building a computing capacity solely for Cloud-native Apps. Two new components called Photon Controller and Photon Machine make up the Photon Platform. The former which will serve as a control plane for linux container-based deployments. The latter is a purpose-built platform optimised for container deployment, it contains a cutback ESX kernel (or ESX Microvisor) that provides common elements from ESXi and integrates Photon OS as the base OS layer for the container.

These two products now give IT more choice when considering DevOps – VIC allows IT to extend the existing infrastructure to accommodate container-based applications alongside traditional apps, and Photon Platform allows IT to build a complete computing platform solely for containers and cloud-native apps.

The other major announcement was the new name for EVO:RACK – EVO SDDC. Announced as a Tech Preview last year, it’s now ready to start shipping in early 2016 (Dell, VCE, Quanta are the initial partners). EVO SDDC is a complete software suite that simplifies the deployment of a whole datacentre (in a rack).  The goal of EVO SDDC is to simplify the time and effort it takes to architect, procure, deploy and manage the software and hardware infrastructure of an SDDC at data center scale. EVO SDDC Manager provides a highly automated process for deploying and configuring the hardware, the VMware software stack, managing the solution, and handling all updates and patches.

It sounds like a great solution for large Enterprise customers (or ISPs), but whether it will be commercially viable for T2 Enterprise or the mid-market will squarely rest on the entry price point! (Hopefully the reception will be better than it’s baby sister – EVO:RAIL).

One big announcement that seemed to excite everyone is the tech preview of Project Skyscraper – with the main features being Cross Cloud vMotion (seamlessly migrating running VMs between on-premise and vCloud Air) and Content Library sync (synchronising on-premise VM templates, vApps, ISOs with the content catalog in vCloud Air).
Imagine the possibilities this opens up! The ability to extend your datacentre seamlessly to the public cloud without any reconfiguration and even whilst the VMs are all still running! End Users no longer need to size for peak utilisation (like end of month reporting), rather they can easily burst out to the cloud and pay for what they consume! This is what the market has been waiting for – live migration to cloud (and back).

VMware Project A2 was announced as a Tech Preview to offer a mobile-centric approach to delivering and managing applications and devices for Windows 10 – using AirWatch Enterprise Mobile Management and AppVolumes application delivery. This integrated solution will enable customers to accelerate their adoption of Windows 10 with mobile-like management for their devices and applications.

Apart from those 4 announcements made during the General Sessions, the rest were minor product updates:

VSAN 6.1 included some great new features! VSAN Stretched Cluster allows the ability to create a stretched cluster between two or more geographically separated sites using the fault domain concept introduced in 6.0. End-users can now protect their VMs across sites with their VSAN 6.1 cluster. VSAN for ROBO provides end-users the ability to deploy a 2-node VSAN at ROBO sites, using your main DC as the witness site. VSAN replication with vSphere Replication has been enhanced with the RPO now lowered from 15mins to 5mins, giving you the option to create a stretched cluster providing sync replication and then using vSphere replication for async to another site. Support for SMP FT and new Flash technology has also been introduced, as well as greater vROPs integration.

It’s a shame that dedupe was not included in 6.1 (currently it’s in beta alongside Erasure coding)

NSX 6.2 was released prior to VMworld, of the new features the ones linked to Cross vCenter NSX are the most interesting – allowing network services to be deployed across multiple vCenters. Universal Logical Switch (ULS) allows the creation of logical switches that can span multiple vCenters. Firewall policies assigned to VMs can now be moved across hosts belonging to different vCenters. NSX are also expanding their partner.

There are many enhancements in SRM 6.1 like the integration with NSX and policy driven protection. However, the most interesting feature is the support for Stretched Storage – the fact that customers with EMC VPLEX/HDS VSP/IBM SVC can now use SRM to automate the failover from Site A to Site B. It’s a great feature that now includes the ability to use vMotion to move VMs from Site A to Site B.

The announcement of SRM Air brings DR automation to vCloud Air DR – something that has been missing since vCloud Air DR launched last year. SRM Air protects and recovers large groups of VMs using centralised recovery plans, and allows you to conduct non-disruptive recovery plan testing.

VMware Horizon 6.2 will deliver better scalability and availability to virtual desktops, including the support for the new generation of NVIDIA GRID cards (vGPU 2.0). Additional functionality with RDS Apps including updates to the Cloud Pod Architecture.

There were addition product updates to VMware Integrated OpenStack (v2.0), vSphere APIs for IO Filtering (VAIO) as well as Project Capstone and Project Enzo – but we could be here all day talking about new updates so I’ll leave these for now since I barely touch these products in my current role! =)

VMworld 2015 breakout sessions now on YouTube

Unknown to most out there, VMworldTV has been busy uploading recordings onto their YouTube channel.

All the General Sessions are available to watch, and currently there are around 54 breakout session videos available – sessions such as:

Definitely worth watching if you have (a lot of) free time on your hands! =)

….. and with that, it’s only 3 more weeks till VMworld 2015 Europe!! =)

vSphere 6.0 update 1 and Virtual SAN 6.1 released (plus other goodies)

…. and so just a week after VMworld 2015 US, VMware have released vSphere 6.0 update 1 and a number of other product updates….. without ANY fanfare….. it was such a silent release that the first I heard about it was when all the community bloggers started posting up announcements!

Anyways, here are the products released today:

vSphere ESXi & vCenter Server 6.0 update 1 Download
vSphere ESXi 6.0 update 1 Release Notes
vCenter Server 6.0 update 1 Release Notes

Note: There has already been a KB released regarding the upgrade:
https://blogs.vmware.com/kb/2015/09/alert-important-information-before-upgrading-to-vsphere-6-0-update-1.html

In addition to vSphere and vCenter Server, all the other components of vSphere/vCenter received an update:
vSphere Update Manager 6.0 update 1
vSphere Replication 6.1

vSphere Data Protection 6.1
vRealize Orchestrator Appliance 6.0.3

The good news is that VUM is now integrated into the Web Client!! =)

SRM got an update as well:
Site Recovery Manager 6.1 Download
Site Recovery Manager 6.1 Release Notes

This brings some cool stuff to SRM like:

  • Policy-based management – offering New protection groups using vSphere storage policies for protection of VMs.
  • Support for Auto-mapping of stretched NSX networks (using Universal Logical Switches).
  • Support for stretched storage (like EMC VPLEX), that now includes the ability to use vMotion to move VMs from Site A to Site B.

Although no news on whether Site Recovery Manager Air (for vCloud Air DR) has been launched yet….. =(

Most importantly is the launch of Virtual SAN 6.1:
Virtual SAN 6.1 Download
Virtual SAN 6.1 Release Notes

This new update now:

  • Supports stretched VSAN clusters that span two geographic locations to protect data from site failures or loss of network connection (using the feature of Fault Domains).
  • Support for 2 node ROBO configurations.
  • Enhanced Replication (RPO of 5mins with vSphere Replication)
  • Support for SMP-FT
  • New hardware options (such as support for the new flash devices: Intel NVMe, Diablo UltraDIMM)

Also loads of updates to the vRealize Suite of products:
vRealize Operations Manager 6.1.0 Download
vRealize Operations Manager 6.1.0 Release Notes
vRealize Log Insight 3.0 Download
vRealize Log Insight 3.0 Release Notes
vRealize Automation 6.2.3 Download
vRealize Automation 6.2.3 Release Notes
vRealize Code Stream 1.2.0 Download
vRealize Code Stream 1.2.0 Release Notes
vRealize Business Standard 6.2.3 & vRealize Business Advanced/Enterprise 8.2.3 Download
vRealize Business 6.2.3 Release Notes
vRealize Business Advanced/Enterprise 8.2.3 Release Notes

In addition, the new version of vCloud Director was released for Service Providers (no long available for end-users) which offers vSphere 6.0 and NSX 6.1.4 support, there are also some minor Org vDC template and vApp Enhancements.
VMware vCloud Director 8.0 for Service Providers Download
VMware vCloud Director 8.0 Release Notes

Horizon also got a minor update earlier this month:
Horizon 6 version 6.2 Download
Horizon 6 version 6.2 Release Notes

Upgrading to SRM 5.8 and vSphere Replication Appliance 5.8

There were new versions released earlier this month for a number of VMware products, and one of the things I like to do is keep my demo environment up to date! =)

Upon upgrading SRM from 5.5 to 5.8 and vRA from 5.5 to 5.8 (I’m using vSphere replication with SRM in my demo environment), I noticed that the usual process of upgrading the vRA from the admin page doesn’t work if you point it at the online repository!
srm2

From the Release Notes, it turns out that the downloadable ISO image is the only means of upgrading from vRA 5.5.x or 5.6 to 5.8!
You’re not able to use VUM or the VAMI (Virtual Appliance Management Interface – the vRA admin page) to do the upgrade! =(

So what you have to do is download the full vRA ISO image, mount the ISO to the vRA and then change the update repository to use CD-ROM updates:
srm3
srm4

 

NOTE: Ensure you follow the VMware Upgrade method to the DOT…….!!
The first update went wrong as I mounted the ISO file from my desktop to the vRA via the vSphere Client, and when it updated and rebooted it lost the connection to vCenter and I didn’t have the option to re-register the vRA…. >_<”
I pretty much had to delete the vRA and install a brand new one and I’m still none the wiser as to what went wrong during the upgrade!!

vRA Upgrade Procedure

  1. Download the vRA 5.8 ISO image and copy the ISO file to a datastore that is accessible from the vCenter Server where your vRA is currently deployed.
  2. In Web Client, right-click the vSphere Replication virtual machine and select Edit Settings.
  3. In Virtual Hardware, select CD/DVD Drive > Datastore ISO File.
  4. Navigate to the ISO image in the datastore.
  5. For File Type, select ISO Image and click OK.
  6. Check the box to connect at power on and follow the prompts to add the CD/DVD Drive to the vSphere Replication virtual machine.
  7. Restart the vSphere Replication virtual machine.
  8. In a Web browser, log in to the virtual appliance management interface (VAMI).
    If you are updating vSphere Replication 5.1+, go to https://vr_appliance_address:5480.
  9. Click the Update tab.
  10. Click Settings and select Use CDROM Updates, then click Save Settings.
  11. Click Status and click Check Updates.
    The appliance version appears in the list of available updates.
  12. Click Install Updates and click OK.
  13. After the updates install, click the System tab and click Reboot to complete the upgrade.
  14. Log out of the vSphere Web Client, clear the browser cache, and log in again to see the upgraded appliance.

 

Once you’ve upgraded the vRA to 5.8, you can now go ahead and upgrade your SRM server to 5.8…… simply run the SRM installer and follow the installation wizard!

Note: if you didn’t upgrade the vRA before trying to upgrade the SRM server, when the installer prompts to connect to the vCenter Server, you will get the following error:
srm1

 

BIG WARNING HERE: As soon as you upgrade your SRM to 5.8, you can only manage it via the Web Client…..!!!
And it is completely re-written……. took me a while to work out where all the settings were located!
Same with vRA 5.8, you can’t set replication within the old vSphere client.

Note: I still have no idea where the SRM alarms are set……. ¬_¬”

 

PS: One of the cool things about vRA 5.8 is the ability to replicated to the cloud! =)

 

Edit (15/10/14) – The alarms for SRM can be found under the alarms of the vCenter Server that you connected the SRM server to:
In web-client, select vCenter the vCenter Server and under the “Manage” tab, you will find a tab called “Alarm Definitions”. This is where all the SRM alarms are located. =)

srm alarms

Site Recovery Manager SSL error

Recently had to regenerate the SSL certificates on my vCenter Server Appliance as I had noticed they were originally created with localhost.localdom as the DNS name.

Quite easy to regenerate the SSL certs, just log onto the admin page of the vCSA (http://ip-address:5480) and log in as root. Click on the Admin tab and by Certificate regeneration enabled select Yes.
When you next reboot the vCSA, the SSL certs will be regenerated – just be sure to change it back to No after it’s complete otherwise it will regenerate a new certificate every time you reboot!
srmerror3

A problem I discovered after regenerating the SSL certificate of my vCSA was that I could no longer connect to Site Recovery Manager using vSphere Client.
It would try to connect and then fail with a Connection Error.
srmerror1

As I knew this was working prior to regenerating the SSL certificate, I guessed that SRM was still trying to authenticate with the vCenter Server using the old SSL certificate.

Checking through the SRM logs (\ProgramData\VMware\VMware vCenter Site Recovery Manager\Logs\) confirmed that my assumption was correct:
srmerror2

The SRM logs show a certificate error:
Failed to connect: std::exception 'class Vmacore::Ssl::SSLVerifyException' "SSL Exception: Verification parameters:
.......
The remote host certificate has these problems:
.......

Quickest way I could think of in order to solve my issue was to modify the installation of SRM to update the certificates.
Log into the SRM server, open up Programs and Features from the Windows Control Panel. Select the entry for VMware vCenter Site Recovery Manager and click Change.
At the SRM wizard, select Modify.
srmerror4

You won’t be able to change the vCenter Server details but you will be able to change the authentication method. Regenerate the certificate by selecting Automatically generate certificate.
Ensure you select Use existing database, otherwise you will lose all your protection groups and recovery plans.

Once the SRM installer was finished, I was able to reconnect to SRM using vSphere client.

Updating VMware vCenter Site Recovery Manager to 5.5

So after updating my vCenter Server Appliance to 5.5, the next obvious choice was to update Site Recovery Manager and the vSphere Replication Appliance.

Note: the way I’m upgrading my demo environment is not according to best practice…. it’s merely a quick way to document and try out the upgrade process!

If you’re planning an upgrade of your production environment, then there is a recommended order for the upgrades:

  1. Upgrade vCenter Server on the protected site.
  2. Upgrade SRM Server on the protected site.
  3. Upgrade the storage replication adapters (SRA) on the protected site.
  4. Upgrade the vSphere Replication appliance on the protected site.
  5. Upgrade any additional vSphere Replication server instances on the protected site.
  6. Upgrade vCenter Server on the recovery site.
  7. Upgrade SRM Server on the recovery site.
  8. Upgrade the storage replication adapters (SRA) on the recovery site.
  9. Upgrade the vSphere Replication appliance on the recovery site.
  10. Upgrade any additional vSphere Replication server instances on the recovery site.
  11. Configure the connection between the SRM sites and vSphere Replication appliances.
  12. Verify that your protection groups and recovery plans are still valid.
  13. Upgrade ESXi Server on the recovery site.
  14. Upgrade ESXi Server on the protected site.
  15. Upgrade the virtual hardware and VMware Tools on the virtual machines on the ESXi hosts.

When you upgrade Site Recovery Manager, there’s no real need to do anything to your database as the upgrade preserves all information in the current SRM DB (so basically preserving your protection groups, inventory mappings and recovery plans, plan run history, etc).
However, if you’re not running 5.1 or later then you will need to create a 64bit ODBC system DSN (SRM 5.0.x used a 32bit ODBC DSN). Any deployment of SRM earlier than 5.0 will require a two-step upgrade, first to 5.0.x then to 5.5.
(Note: Don’t upgrade vCenter Server directly from 4.1.x to 5.5, as this will cause the upgrade of SRM to fail when moving from 4.1.x to 5.0.x… this is because SRM 5.0.x cannot connect to vCenter Server 5.5)

Fortunately I’m going to step through an upgrade from SRM 5.1, so my ODBC is already in place!

1. On the SRM server, start the installer.
SRM1

2. Choose where you wish to install the new version of SRM.
SRM2

3. Choose to install vSphere Replication if you’re using it (Which I am).SRM3

4. Enter the vCenter Server credentials (the installer will notice SRM is already installed and pick up the IP address of the vCenter Server).
SRM4

5. Accept the SSL certificate warning.
SRM5

6. Once the installer connects to your vCenter Server, it will identify that you already have a registered extension for SRM. Click Yes to overwrite the old extension.
SRM6

7. Select the type of authentication to be used (in my case I’m letting SRM auto-generate a self-signed certificate).
SRM7

8. Enter the Organisation and OU in order for SRM to generate the certificate.
SRM8

9. Enter an administrator’s email address in order to obtain SRM generated alerts.
SRM9

10. The installer will pick up the ODBC connection and request you to enter the existing SRM DB user information.
SRM10

11. Select Use existing database, choosing the other option will wipe everything from your existing SRM deployment!
SRM11

12. Click Install to kick off the upgrade.
SRM12

13. Once installation is complete, you will need to upgrade the vSphere Client Plug-in for SRM. You will need to uninstall the old SRM plug-in from within Windows Control Panel->Programs.
SRM13

14. Once complete. Fire up vSphere Client and install the new plug-in via Plugins->Manage Plug-ins
SRM14

 

Job done…… now to upgrade the existing vSphere Replication Appliance…. You can upgrade the vRA either using vSphere Update Manager, via the online repository, or via an offline repository (like an ISO image).
Unfortunately like the VCA, I couldn’t find an 5.5 update using the online repository so had to mount the vRA 5.5 ISO image to the vRA and update via CDROM.

1. Log into the vRA management console (https://vra-IP:5480 or http://vra-IP:8080 if its vRA 5.0.x) and select the Update tab. Select Settings and then choose Use CDROM Updates and click Save Settings.
vra1

2. Click on Status and it should display any update files it has found in the mounted ISO image. Click Install Updates.
 vra2

3. Once update is complete, you will need to reboot the vRA…. don’t forget to unmount the ISO image…..
vra3 

 

Voila….. it’s as easy as that!

Retaining Resource Pools using Webclient

So a few days ago I posted up an article about what happens if you disable DRS in a vCD environment…..

Well I stumbled across this article in VMware’s knowledgebase:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032893

“Great”…… I thought….. “I can use the snapshot functionality within Webclient to capture the resource pools!”……the only problem is, upon deeper digging I stumbled across a blog entry by Frank Denneman:
http://frankdenneman.nl/2013/04/08/saving-a-resource-pool-structure-web-client-feature-not-suitable-for-vcd-environments/

Turns out that VMware knowledgebase article is great for standard vSphere environments, but it won’t work with vCloud environments….. >_<”
And this is all down to the old MoRef IDs I mentioned in my previous article about using SRM to protect your vCloud!
https://thevirtualunknown.wordpress.com/2013/07/02/protecting-your-cloud-vcloud-srm/

Unfortunately it seems that the ‘RP snapshot’ feature just captures the old tree structure of your resource pools and rebuilds a new tree structure, it doesn’t capture the old MoRef IDs which are so important as they are used to correlate objects between vCD and the underlying vSphere/vCenter layer… change the MoRef IDs and vCD won’t recognise the object as it won’t exist in the vCD DB.

Man…. VMware really need to sort out this MoRef issue! ;oP

SRM & datastore names

By default, when doing a failover with SRM the VMFS Datastores will be labeled with a “snap-xxxxxxx-name” because they will have been re-signatured during the failover process.

This can cause issues for applications that may utilise the datastore name (for example some backup applications).

To stop the renaming of the datastores edit the Advanced Settings of each SRM server using vSphere Client, then navigate to storageProvider -> storageProvider.fixRecoveredDatastoreNames and ensure that the check box is ticked.

Image