Friday, February 24, 2012

VCP5, my study notes

These days I pushed myself to study to become a VCP5 at last. So, after attending the appropriate (and mandatory) course 'VMWare vSphere 5.0 Install, Configure, Manage', and after spending many days in the lab disassembling and reassembing the whole virtualization solution, and going over my study books and almost every possible Internet resource, I (think I) am finally ready to sit for this exam.

Here follow the notes I have taken while studying. They are a bit crammed, many things are probably missing, maybe because I didn't feel I needed to write them down, many things are there but I suppose I knew them before. It doesn't matter. These are my personal study notes and that's the way it is. Of course if you, reader, wish to contribute and send me your opinion or suggest corrections/improvements, whatsoever, feel free to do so and I will be most happy of updating this blog post.

And in case these notes helped you, please, let me know and share you score!



ESXi general config:
  • ESXi supported platform: only 64 bit hosts with LAHF and SAHF instructions in long mode
  • Auto-Deploy order: PowerCLI image builder, Auto Deploy (anwer file accessed via NFS, SFTP, HTTP),Host Profiles
  • Requirements for kickstart ESXi: root password and install location
  • Protocols to access kickstart file for scripted install/upgrade: DVD,USB,NFS,HTTP,HTTPS,FTP
  • Evalutation period: 60 days
  • ESXi logs: hostd.log and vmkernel.log
  • ESXi memory footprint: less than 70 MB
  • Vpxa: vCenter agent on the ESXi
  • Hostd: daemon for direct VMWare vSphere Client connections
  • /var/log suggested size: 2000MB
  • Backup of ESXi: vicfg-cfgbackup
  • Lockdown mode: forces all operations to be performed through vCenter Server, using the vpxduser. Remote access for root is forbidden, but root can continue to use DCUI
  • ESXi shell: enable/disable local access to shell
  • SSH: enable/disable remote SSH
  • vNUMA: virtual non uniform memory allocation, enabled by default if more than 8 vCPU



VM:
  • VM overhead memory: determined by number of vCPU and configured memory
  • .vswp size: equal to the difference between the amount of physical memory assigned to the VM and the reservation it has
  • VM customization requirements: sysprep on vCenter and Perl on Linux
  • Shares: low, normal, high, custom
  • Expandable reservation: ask the parent if it has free resources
  • VM independent disks: no snapshots, no sDRS
  • Typical VM: Name, inventory location, resource pool, dtatastore, guest OS, NIC, Disk size and provisioning
  • Custom VM: same as typical VM + Hw version (7/8), vCPU, memory, SCSI controller
  • Quiescing virtual machine snapshot operation: Requires VMware tools, May alter the behaviour of applications within the virtual machine, Ensures all pending disk I/O operations are written to disk
  • Using templates: no possible if vSphere client is connected directly to the ESXi or if the template is orphaned


Scripting:
  • vCLI: vSphere command line
  • vMA: vsphere Management Assistant, it is a 64 bits virtual appliance (it contains vCLI)
  • PowerCLI: Powershell snap-in composed of 200 cmdlets


Minimum, Maximum and Default values:
  • 1 LUN: 1 VMFS
  • Max VM per ESXi host: 512
  • Min number of cores per ESXi host: 2
  • Max logical CPU per ESXi host: 160
  • Max vCPU per ESXi host: 2048
  • Min RAM per ESXi host: 2GB
  • Max RAM per ESXi host: 2TB
  • Max number of swap files per ESXi host: 1 per virtual machine
  • Max ESXi host swap file size: 1TB in VMFS5
  • Max iSCSI LUNs per ESXi host: 256
  • Max NFS mounts per ESXi host: 256
  • Max Fiber Channel LUNs per ESXi host: 256
  • Max software FCoE adapters per ESXi host: 4
  • Max VMFS3 volume size: 64TB
  • Max virtual or physical RDM size on VMFS3: 2TB minus 512 bytes
  • Max file size on VMFS3 with 1MB block size: 256GB
  • Max file size on VMFS3 with 2MB block size: 512GB
  • Max file size on VMFS3 with 4MB block size: 1TB
  • Max file size on VMFS3 with 8MB block size: 2TB
  • Max VMFS5 extent: 2TB
  • Max VMFS5 volume size: 64TB (32 extents)
  • Max virtual RDM size on VMFS5: 2TB minus 512 bytes
  • Max physical RDM size on VMFS5: 64TB
  • VMFS5 block size: 1MB
  • Max file size on VMFS5: 2TB minus 512 bytes
  • Max VMDirectPath PCI/PCIe devices per host: 8
  • Max VMDirectPath PCI/PCIe devices per VM: 4
  • Max distributed vswitches per vCenter: 32
  • Default number of ports per standard switch: 120
  • Max host per vCenter: 1000
  • Max powered-one VMs per vCenter: 10000
  • Max registered VMs per vCenter: 15000
  • Max vCPU per VM: 32 (virtual SMP)
  • Max RAM per VM: 1 TB
  • Max floppy devices per VM: 2
  • Max vNIC per VM: 10
  • Max USB devices per VM: 20
  • Max USB3 devices per VM: 1



Storage:
  • RDM: raw device mapping
  • RDM on NFS: no
  • Virtual compatibility RDM benefits compared to physical RDM: VM cloning and template creation
  • Hardware compatibility RDM benefits: guest operating system can access the hardware directly
  • sVmotion of RDM: if virtual compatibility mode, the RDM becomes a VMDK (thin or thick). If hardware compatibility mode, only the mapping file is migrated
  • DAS: direct attached storage
  • Boot from SAN: no boot from DAS or NFS
  • DAS: no vmotion, no HA, no DRS
  • Supported NFS: version 3 on TCP (compatible with openfiler 2.99, incompatible with freenas 7)
  • SCSI NAA: Network Address Authority
  • SCSI Runtime name: vmhba n:c:t:l where N = hba, C = channel, T = target, L = LUN
  • IQN: iSCSI qualified name
  • iSCSI initiators: software, hw dependent or assisted, hw independent
  • iSCSI software initiator CHAP auth: one-way and mutual
  • iSCSI software CHAP level: initiator level or target level
  • iSCSI software initiator CHAP sec level: do not use CHAP, do not use unless required by target, use unless prohibited by target, use CHAP
  • iSCSI hw dependent initiator: one-way
  • iSCSI hw dependent CHAP level: initiator level or target level
  • iSCSI hw dependent CHAP sec level: do not use CHAP, do not use unless required by target, use unless prohibited by target, use CHAP
  • iSCSI hw independent initiator: CHAP one-way
  • iSCSI hw independent CHAP level: initiator level only
  • iSCSI hw independent CHAP sec level: do not use CHAP, use unless prohibited by target
  • LUN masking: at HBA level or storage process (SP) level
  • Zoning: at fiber channel switch level
  • WWN: World Wide Name
  • FCoE configuration: nothing, it appears as a hba adapter
  • CNA: Converged Network Adapter which contains hba + NIC
  • Storage multipathing policies: FIXED (better with active/active arrays), MRU (better with active/passive arrays), Round Robin (this last one makes load-balancing on all physical paths and I/O throughput/sec is optimized, so performance is increased)
  • NPIV: n_port ID virtualization, Fiber Channel facility allowing multiple virtuzal ports ot share one physical port. No FT or sVmotion with NPIV
  • PSA: Pluggable Storage Architecture (PSA) is an open modular framework that enables third-party storage multipathing solutions for workload balancing and high availability
  • To manage storage placement by using virtual machine profiles: Create user-defined storage capabilities, Associate user-defined storage capabilities with datastores, Create virtual machine storage profile, Associate a virtual machine with a profile


Networking:
  • Vlance: old 10Mbps AMD NIC for 32 bit guests
  • VMXNET: only available if VMWare tools are installed
  • Best NIC: vmxnet3 paravirtualize adapter (HW version 7 at least)
  • VSS: vSphere Standard Switch
  • VDS: vSphere Distributed Switch
  • CDP: Cisco Discovery Protocol
  • NIC Trunking: 802.1q
  • NIC Teaming: 802.3ad
  • VSS security policies: Promiscous reject, Mac address change accept, Forged transmits accept
  • VSS traffic shaping: outbound only
  • VSS traffic shaping: avg bandwidth (Kb), max bandiwidth (Kb), burst size (KB)
  • VDS traffic shaping: egress and ingress
  • VDS security policies: same as VSS plus port blocking
  • VSS NIC Teaming – Load balancing: Originating port ID, sourced MAC hash, IP hash (this one good if Etherchannel is implemented on physical switches), use explicit failover
  • VSS NIC Teaming – Network failure detection: link status only and beacon probing
  • VSS NIC Teaming – Notify switches: yes/no (if yes, the VMkernel sends a RARP packet each time certain actions occur—for example, a virtual machine is powered on, experiences teaming failover, performs certain VMotion operations, and so forth. The RARP packet informs the switch of the MAC address of that virtual machine)
  • VSS NIC Teaming – Failback: yes/no
  • SplitRX: uses multiple physical CPU to handle and speed up VM network traffic
  • NETFLOW: network analysis tool (only in vDS), required to analyze traffic from a vDS
  • Network I/O control: Isolate and Prioritize (shares) VMtraffic, FT logging, iSCSI, NFS, Management traffic, vMotion. It does enforces limits and does load-balancing on dvUplinks

vMotion:
  • vMotion of VM across datacenters: only if powered-off or suspended
  • vMotion shared storage required: yes, the datastore must be available to all the hosts participating in the migration
  • Successful vMotion blocking by: VM connected to internal switch, ISO mounted, CPU affinity, swap inaccessible to destination host
  • NX/ND: same settings required for vMotion


sVmotion:
  • Svmotion: performed by vmkernel data mover ot VAAI (vmware API for array integration)
  • VM state for vMotion and sVmotion together: powered-off


HA:
  • HA restart condition: restart VM on another cluster node if current node has failed, restart VM if VMWare tools heartbeat stopped, restart VM if application fails (need VMWare tools + application monitoring agent)
  • HA slot: CPU + memory + overhead
  • VM restart priority: disabled, low, medium, high
  • Host isolation response: shutdown, power-off, leave powered-on
  • FDM: Fault Domain Manager (for HA)
  • HA hierarchy: 1 master, multiple slaves
  • HA nodes: max 5 (first 5) primary and max 27 secondary
  • Do not power on virtual machines if they violate availability constraints: strict admission control
  • Allow virtual machines to be powered on even if they violate availability constraints: guaranteed admission control


FT:
  • FT: Fault Tolerance, based on vlockstep technology to keep VM synchro
  • Max FT VM per host: 4
  • Max vCPU per FT VM: 1


DRS:
  • DRS: Distributed Resource Scheduler
  • DRS automation levels: disabled, partially automated, fully automated


DPM:
  • DPM requirements: ILO configuration and WOL (wake on lan)


sDRS:
  • SDRS: Storage DRS, used for long term load balancing of datastores, it requires Storage I/O control on all datastores


EVC:
  • EVC cluster requirements: CPU form single vendor, ESX 3.5u2 or later, vCenter, Intel VT, NX/ND, vMotion


vApp:
  • vApp IP allocation policies: fixed, transient, DHCP


vDR:
  • vDR: VMWare Data Recovery backup appliance: schedule, snapshot, deduplicate
  • VADP: vStorage API for data protection; it allows to backup VMs from a central backup server without backup agents
  • CBT: Changed Block Tracking, vDR use this technology for incremental backups of VMs
  • Deduplication processes: Integrity check, Recatalog and Reclaim


Performance monitoring:
  • VM constrained CPU indicator: %ready (%RDY)
  • VM constrained Memory indicator: memory balloon, guest swapping
  • Host constrained Memory indicator: host level swapping
  • Counters for diagnosing ESXi memory bottleneck: MEMSZ, METCTL, SWAP
  • Monitoring disk latency: Kernel commands latency <4ms and Physical device latency <15ms
  • VM constrained network indicators: dropped RX/RT packets



Ports:
  • Port 22: SSH
  • Port 80: web, FT
  • Port 123: NTP
  • Port 389: LDAP
  • Port 443: vSphere Client to host, host to host
  • Port 636: Linked-mode
  • Port 902: host to host, vsphere client to vmconsole, heartbeat ESXi to vcenter server
  • Port 3260: iSCSI
  • Port 5480: vCenter web configuration
  • Port 8000: vMotion requests
  • Ports 8100 and 8200: FT traffic
  • Ports 8182 : HA traffic


Update Manager:
  • Update Manager: hosts, VM hardware, VMware Tools, Virtual appliances
  • Update Manager baselines: Host Patch, Host Extensions, Host Upgrade, VM Patch, Virtual Appliance Upgrade
  • Default VMs/VAs upgrade baselines: VMware Tools Upgrade to Match Host, VM Hardware Upgrade to Match Host, VA Upgrade to Latest
  • Update Manager can update virtual appliances but cannot update the vCenter Server Appliance.


vCenter server:
  • Vpxd: vCenter management daemon
  • Backup of vCenter: Database, SSL certificate, vpxd.cfg
  • To make vCenter server available: use heartbeat
  • To make vCenter appliance available: use HA
  • Additional modules installable from vCenter installer: ESXi Dump Collector, Web Client, Update Manager


vSphere client:
  • Hardware Status tab: based on CIM Data Feed in vCenter Service Status and vCenter Hardware Service in the Plug-in Manager
  • Resource pools: present on standalone ESXi or Cluster (vCenter managed) - a vApp is seen as a resource pool on standalone ESXi
  • General alarm actions: send email, send trap, run command
  • Specific VM and host alarm actions: power-on VM, power-off VM, suspend VM, reboot host, shutdown host
  • To export diagnostic log for ESXi: Select Home, Under Administration, click System Logs and click the export systemLogs button. Select the effected ESXi host. Select `Select All'. Select a location and click Finish / In the vSphere Client, select the affected ESXi host. Select File, Export and Export System Logs. Select a location and click Finish.


vCenter Linked mode:
  • Linked mode: allow multiple vCenter servers to share information and the admin to view and manage the inventories of the linked vCenter Server systems. Linked mode between ESX4 and 5 is not supported.
  • Linked Mode prerequisites: DNS, two-way trust between domains, the installer must be admin on all vCenter server machines, NTP must be set up., port 636 open


vSRM:
  • vSRM: vCenter Site Recovery Manager requirements: ESXi, a vCenter server at the protected site, a vCenter server at the recovery site, array-based replication


OVF:
  • OVF: Open Virtualization Format: open, secure, portable, efficient and extensible format for the packaging and distribution of software to be run in virtual machines. It allows a VM to be transported.
Other:
  • A few useful scrrenshots to better memorize things:
vCenter server appliance configuration interface

vCenter server installer options (such as Dump Collector, Web Client and Update Manager)

ESXi console

ESXi configuration options

ESXi logfiles

For any additional information on vSphere 5, visit http://www.vmware.com/

You could also check the following excellent resources:

8 comments:

  1. Just passed VCP5! Thank you for this!! It's been a great reference!! Thanks again!

    Larry

    ReplyDelete
  2. Thank you for the comments. I am glad to see this post helped!

    ReplyDelete
  3. Nice page really useful.

    And thanks for the mention.

    ReplyDelete
    Replies
    1. Thanks to you, or should I say 'Grazie!!'

      I am waiting now for VCAP 5 certification to be released!

      Keep in touch!

      Delete
  4. Thank you! This is a simple list to get a quick overview of some important configurations für a vmware newbie. Very helpful.

    Greetings from Switzerland.

    ReplyDelete
  5. Great Peoples Help others ,So Thanx a lot for your Help GOD Bless you.....

    ReplyDelete

Related Posts Plugin for WordPress, Blogger...