Skip to content

Tag: VMware

HomeLab: Using vCheck for vSphere Infrastructure Health Accessment

In this opportunity I come to show you how to download and use the vCheck tool that is used to validate the health status of the VMware vSphere infrastructure. This tool is developed by Alan Renouf as a mechanism to identify possible failures or misconfiguration in the vSphere implementation. To learn more about this tool I will use the vCheck documentation as a reference:

This script picks on the key known issues and potential issues scripted as plugins for various technologies written as Powershell scripts and reports it all in one place so all you do in the morning is check your email.

vCheck Github Page

In this area I present to you what is checked when using vCheck. To view the content, just click on the “+” icon.

What is checked in the vSphere version?

  • General Details
  • Number of Hosts
  • Number of VMs
  • Number of Templates
  • Number of Clusters
  • Number of Datastores
  • Number of Active VMs
  • Number of Inactive VMs
  • Number of DRS Migrations for the last days
  • Snapshots over x Days old
  • Datastores with less than x% free space
  • VMs created over the last x days
  • VMs removed over the last x days
  • VMs with No Tools
  • VMs with CD-Roms connected
  • VMs with Floppy Drives Connected
  • VMs with CPU ready over x%
  • VMs with over x amount of vCPUs
  • List of DRS Migrations
  • Hosts in Maintenance Mode
  • Hosts in disconnected state
  • NTP Server check for a given NTP Name
  • NTP Service check
  • vmkernel warning messages ov the last x days
  • VC Error Events over the last x days
  • VC Windows Event Log Errors for the last x days with VMware in the details
  • VC VMware Service details
  • VMs stored on datastores attached to only one host
  • VM active alerts
  • Cluster Active Alerts
  • If HA Cluster is set to use host datastore for swapfile, check the host has a swapfile location set
  • Host active Alerts
  • Dead SCSI Luns
  • VMs with over x amount of vCPUs
  • vSphere check: Slot Sizes
  • vSphere check: Outdated VM Hardware (Less than V7)
  • VMs in Inconsistent folders (the name of the folder is not the same as the name)
  • VMs with high CPU usage
  • Guest disk size check
  • Host over committing memory check
  • VM Swap and Ballooning
  • ESXi hosts without Lockdown enabled
  • ESXi hosts with unsupported mode enabled
  • General Capacity information based on CPU/MEM usage of the VMs
  • vSwitch free ports
  • Disk over commit check
  • Host configuration issues
  • VCB Garbage (left snapshots)
  • HA VM restarts and resets
  • Inaccessible VMs

It is important to mention that vCheck has support for other products as shown in the following image:

Source: Virtu-Al.Net

To get started you need to download the tool from the Github portal where it is continuously developed. To download vCheck directly click on the following link “Download”. Once the script is downloaded, it is necessary to unzip it.

The first time vCheck is run it will start the configuration process, this configuration allows you to create a template with the information that will be used for all future runs of the program. To modify these parameters again you can use the <-config> option as follows:

[blabla@blabla ~]$ pwsh #Powershell core on Linux :)
PowerShell 7.1.3
Copyright (c) Microsoft Corporation.

https://aka.ms/powershell
Type 'help' to get help.

PS /home/blabla/vCheck> ./vCheck.ps1 -config

In this area I demonstrate the vCheck configuration process. To see the configuration process, just click on the “+” icon.

Configuration process example

PS /home/blabla/vCheck> ./vCheck.ps1 -config
WARNING: 
GlobalVariables
# Report header [vCheck]: 
# Would you like the report displayed in the local browser once completed ? [$true]: 
# Display the report even if it is empty? [$true]: 
# Use the following item to define if an email report should be sent once completed [$false]: 
# Please Specify the SMTP server address (and optional port) [servername(:port)] [mysmtpserver.mydomain.local]: 
# Would you like to use SSL to send email? [$false]: 
# Please specify the email address who will send the vCheck report [me@mydomain.local]: 
# Please specify the email address(es) who will receive the vCheck report (separate multiple addresses with comma) [me@mydomain.local]: 
# Please specify the email address(es) who will be CCd to receive the vCheck report (separate multiple addresses with comma) []: 
# Please specify an email subject [$Server vCheck Report]: 
# Send the report by e-mail even if it is empty? [$true]: 
# If you would prefer the HTML file as an attachment then enable the following: [$false]: 
# Set the style template to use. [Clarity]: 
# Do you want to include plugin details in the report? [$true]: 
# List Enabled plugins first in Plugin Report? [$true]: 
# Set the following setting to $true to see how long each Plugin takes to run as part of the report [$true]: 
# Report on plugins that take longer than the following amount of seconds [30]: 
WARNING: 
Connection settings for vCenter
# Please Specify the address (and optional port) of the vCenter server to connect to [servername(:port)] [vcsa.local.lab]: vcenter-01v.pharmax.local
WARNING: 
General Information
# Set the number of days of DRS Migrations to report and count on [1]: 
# Set the number of days of Storage DRS Migrations to report and count on [1]: 
WARNING: 
Checking VI Events
# Set the number of days of VC Events to check for errors [1]: 
WARNING: 
Windows vCenter Error Event Logs
# Set the number of days of VC Events to check for errors [1]: 
# Set the number of days of VC Event Logs to check for warnings and errors [1]: 
WARNING: 
Windows vCenter Error Event Logs
# Set the number of days of VC Events to check for errors [1]: 
# Set the number of days of VC Event Logs to check for warnings and errors [1]: 
WARNING: 
vCenter Sessions Age
# Enter maximum vCenter session length in hours [48]: 
# Enter minimum vCenter session length in minutes (IdleMinutes) [10]: 
# Do not report on usernames that are defined here (regex) [DOMAIN\\user1|DOMAIN\\user2]: 
WARNING: 
vCenter License Report
# Display Eval licenses? [$true]: 
WARNING: 
HA configuration issues
# HA Configuration Issues, do not report on any Clusters that are defined here [Example_Cluster_*|Test_Cluster_*]: 
# HA should be set to ... [$true]: 
# HA host monitoring should be set to ... [$true]: 
# HA Admission Control should be set to ... [$true]: 
WARNING: 
HA VMs restarted
# HA VM restart day(s) number [5]: 
WARNING: 
DRS & SDRS Migrations
# Set the number of days of DRS Migrations to report and count on [1]: 
# Set the number of days of Storage DRS Migrations to report and count on [1]: 
WARNING: 
Cluster Slot Sizes
# Minimum number of slots available in a cluster [10]: 
WARNING: 
Datastore Consistency
# Do not report on any Datastores that are defined here (Datastore Consistency Plugin) [local*|datastore*]: 
WARNING: 
Clusters with DRS disabled
# Clusters with DRS Disabled, do not report on any Clusters that are defined here [VM1_*|VM2_*]: 
WARNING: 
QuickStats Capacity Planning
# Max CPU usage for non HA cluster [0.6]: 
# Max MEM usage for non HA cluster [0.6]: 
WARNING: 
s/vMotion Information
# Set the number of days to go back and check for s/vMotions [5]: 
# Include vMotions in report [$true;]: 
# Include Storage vMotions in report [$true;]: 
WARNING: 
DRS Rules
# Display VM affinity rules? [$true]: 
# Display VM anti-affinity rules? [$true]: 
# Display HOSTaffinity rules? [$true]: 
# Set DRS Rule name exception (regex) [ExcludeMe]: 
WARNING: 
Hosts Overcommit state
# Return results in GB or MB? [GB]: 
WARNING: 
Active Directory Authentication
# Show "OK" results? [$false]: 
# Expected Domain name [mydomain.local]: 
# Expected Admin Group [ESX Admins]: 
WARNING: 
NTP Name and Service
# The NTP server which should be set on your hosts (comma-separated) [pool.ntp.org,pool2.ntp.org]: 
WARNING: 
VMKernel Warnings
# Disabling displaying Google/KB links in order to have wider message column [$true]: 
WARNING: 
Syslog Name
# The Syslog server(s) which should be set on your hosts (comma-separated) [udp://syslogserver]: 
WARNING: 
Disk Max Total Latency
# Disk Max Total Latency Settings in Milliseconds [50]: 
# Disk Max Total Latency range to inspect (1-24) Hours [24]: 
WARNING: 
Lost Access to Volume
# Set the number of days of Lost Action Volume to report and count on [1]: 
WARNING: 
Check LUNS have the recommended number of paths
# Set the Recommended number of paths per LUN [2]: 
WARNING: 
ESXi Inode Exhaustion
# Set the ESXi filesystem free Inode threshold in percent [40]: 
WARNING: 
Host Profile Compliance
# Show detailed information in report [$true]: 
# Show compliant servers [$false]: 
WARNING: 
Hosts with Upcoming Certificate Expiration
# How many days to warn before cert expiration (Default 60) [60]: 
WARNING: 
Host Multipath Policy
# The Multipath Policy (PSP Plugin) your hosts should be configured to use [VMW_PSP_RR]: 
WARNING: 
Host Power Management Policy
# Which power management policy should your hosts use? For Balanced enter "dynamic" (this is the ESXi default policy), for High Performance enter "static", for Low power enter "low". [dynamic]: 
WARNING: 
Datastore Information
# Set the warning threshold for Datastore % Free Space [15]: 
# Do not report on any Datastores that are defined here (Datastore Free Space Plugin) [local]: 
WARNING: 
Number of VMs per Datastore
# Max number of VMs per Datastore [5]: 
# Exclude these datastores from report [ExcludeMe]: 
WARNING: 
Datastore OverAllocation
# Datastore OverAllocation % [50]: 
# Exclude these datastores from report []: 
WARNING: 
Datastores with Storage IO Control Disabled
# Do not report on any Datastores that are defined here (Storage IO Control disabled Plugin) [local]: 
WARNING: 
sDRS VM Behavior not Default
# Exclude these VMs from report []: 
WARNING: 
VSAN Datastore Capacity
# Set the warning threshold for VSAN Datastore % Free Space [15]: 
WARNING: 
VSAN Configuration Maximum Disk Group Per Host Report
# Percentage threshold to warn? [80]: 
WARNING: 
VSAN Configuration Maximum Magnetic Disks Per Disk Group Report
# Percentage threshold to warn? [50]: 
WARNING: 
VSAN Configuration Maximum Total Magnetic Disks In All Disk Groups Per Host Report
# Percentage threshold to warn? [50]: 
WARNING: 
VSAN Configuration Maximum Components Per Host Report
# Percentage threshold to warn? [50]: 
WARNING: 
VSAN Configuration Maximum Hosts Per VSAN Cluster Report
# Percentage threshold to warn? [45]: 
WARNING: 
VSAN Configuration Maximum VMs Per Host Report
# Percentage threshold to warn? [50]: 
WARNING: 
VSAN Configuration Maximum VMs Per VSAN Cluster Report
# Percentage threshold to warn? [50]: 
WARNING: 
Checking Standard vSwitch Ports Free
# vSwitch Port Left [5]: 
WARNING: 
Checking Distributed vSwitch Port Groups for Ports Free
# Distributed vSwitch PortGroup Ports Left [10]: 
WARNING: 
vSwitch Security
# Warn for AllowPromiscuous enabled? [$true]: 
# Warn for ForgedTransmits enabled? [$true]: 
# Warn for MacChanges enabled? [$true]: 
WARNING: 
Snapshot Information
# Set the warning threshold for snapshots in days old [14]: 
# Set snapshot name exception (regex) [ExcludeMe]: 
# Set snapshot description exception (regex) [ExcludeMe]: 
# Set snapshot creator exception (regex) [ExcludeMe]: 
WARNING: 
Map disk region event
    # Set the number of days to show Map disk region event for [5]: 
WARNING: 
Created or cloned VMs
# Set the number of days to show VMs created for [5]: 
WARNING: 
Removed VMs
# Set the number of days to show VMs removed for [5]: 
WARNING: 
VMs with over CPU Count
# Define the maximum amount of vCPUs your VMs are allowed [2]: 
WARNING: 
VMs restarted due to Guest OS Error
# HA VM reset day(s) number due to Guest OS error [5]: 
WARNING: 
Guests with less than X MB free
# VM Disk space left, set the amount you would like to report on MBFree [1024]: 
# VM Disk space left, set the amount you would like to report on MBDiskMinSize [1024]: 
WARNING: 
Checking VM Hardware Version
# Hardware Version to check for at least [8]: 
# Adding filter for dsvas, vShield appliances or any other vms that will remain on a lower HW version [vShield*|dsva*]: 
WARNING: 
VMs in inconsistent folders
# Specify which Datastore(s) to filter from report [local]: 
WARNING: 
No VM Tools
# Do not report on any VMs who are defined here (regex) []: 
WARNING: 
VM Tools Issues
# VM Tools Issues, do not report on any VMs who are defined here []: 
WARNING: 
Removable Media Connected
# VMs with removable media not to report on []: 
WARNING: 
Single Storage VMs
# Local Stored VMs, do not report on any VMs who are defined here [Template_*|VDI*]: 
# Local Datastores, do not report on any VMs within these datastores [Local|datastore1]: 
WARNING: 
VM CPU %RDY
# CPU ready on VMs should not exceed [10.0]: 
WARNING: 
VM CPU Usage
# VM Not to go over the following amount of CPU [75]: 
# VM CPU not allowed to go over the previous amount for how many days? [1]: 
WARNING: 
Backup Garbage
# Names used in backup product snapshots. Defaults include VCB, Veeam, NetBackup, and Commvault [VCB|Consolidate|veeam|NBU_SNAPSHOT|GX_BACKUP]: 
WARNING: 
Find VMs with thick or thin provisioned vmdk
# Report on disk formats that are not "thin" or "thick", which format is not allowed? [thick]: 
# Specify Datastores to filter from report [local]: 
WARNING: 
Virtual machines with incorrect OS configuration
# VMs with incorrect OS Configuration, do not report on any VMs who are defined here [VM1_*|VM2_*]: 
WARNING: 
Virtual machines with less hard disks than partitions
# Do not report on any VMs who are defined here (regex) [VM1_*|VM2_*]: 
WARNING: 
Powered Off VMs
# VMs not to report on [Windows7*]: 
#VmPathName not to report on [-backup-]: 
# Report VMs powered off over this many days [7]: 
WARNING: 
Unwanted virtual hardware found
# Find unwanted virtual hardware [VirtualUSBController|VirtualParallelPort|VirtualSerialPort]: 
WARNING: 
Mis-named virtual machines
# Misnamed VMs, do not report on any VMs who are defined here [VM1_*|VM2_*]: 
WARNING: 
VM Network State
# Only show NICs that are set to Connect at Startup [$true]: 
WARNING: 
Reset VMs
# Set the number of days to show reset VMs [1]: 
WARNING: 
Snapshot activity
# Set the number of days to show Snapshots for [5]: 
# User exception for Snapshot removed [s-veeam]: 
WARNING: 
VMs with CPU or Memory Reservations Configured
# Do not report on any VMs who are defined here []: 
WARNING: 
VM Logging
# The number of logs to keep for each VM [10]: 
# The size logs can reach before rotating to a new log (bytes) [1000000]: 
WARNING: 
VM Tools Not Up to Date
# Do not report on any VMs who are defined here (regex) []: 
# Maximum number of VMs shown [30]: 
WARNING: 
NonPersistent Disks
# Exclude all virtual machines from report [^DV-|^MLB-]: 
WARNING: 
VMs Memory/CPU Hot Add configuration
# Should CPU hot plug be enabled [$true]: 
# Should Memory hot add be enabled [$true]: 
WARNING: 
VM - Display all VMs with CBT unexpected status
# Should CBT be enabled (true/false) [$false]: 
WARNING: 
Site Recovery Manager - RPO Violation Report
# SRM RPO Violations: Set the number of minutes an RPO has exceeded to report on [240]: 
# SRM RPO Violations: Only look for RPO events on VMs with these names: (regex) []: 
# SRM RPO Violations: Report on unresolved RPO violations only? [$true]: 
Specify Credential
Please specify server credential
User: 
User: 
User: 
User: administrator@vsphere.local
Password for user administrator@vsphere.local: ********

After setting up the initial configuration we can start running the main script of the tool using the <vCheck.ps1 -Outputpath> command. The “Outputpath” option allows us to set where the report will be saved. When you run the command it will ask you for the vCenter login credentials. In my case I used the default administrator account but it is recommended to use an account with read-only privileges.

PS /home/blabla/vCheck> ./vCheck.ps1 -Outputpath vcheck-reports/                                   

Specify Credential
Please specify server credential
User: administrator@vsphere.local #vCenter credentials
Password for user administrator@vsphere.local: ********

In this area I show you the example of the vCheck collection process. To see the result of the process, just click on the “+” icon.

vCheck Report Processing

Begin Plugin Processing                                                                                                                                                                                                                                                                             [21:54:30] ..start calculating Connection settings for vCenter by Alan Renouf v1.20 [1 of 116]                                                                                                                                                                                                      [21:54:52] ..finished calculating Connection settings for vCenter by Alan Renouf v1.20 [1 of 116]                                                                                                                                                                                                   [21:54:52] ..start calculating General Information by Alan Renouf, Frederic Martin v1.3 [2 of 116]                                                                                                                                                                                                  [21:55:04] ..finished calculating General Information by Alan Renouf, Frederic Martin v1.3 [2 of 116]                                                                                                                                                                                               [21:55:04] ..start calculating Checking VI Events by Alan Renouf v1.2 [3 of 116]                                                                                                                                                                                                                    [21:55:05] ..finished calculating Checking VI Events by Alan Renouf v1.2 [3 of 116]                                                                                                                                                                                                                 [21:55:05] ..start calculating VC Services by Alan Renouf v1.1 [4 of 116]                                                                                                                                                                                                                           [21:55:05] ..finished calculating VC Services by Alan Renouf v1.1 [4 of 116]                                                                                                                                                                                                                        [21:55:05] ..start calculating Windows vCenter Error Event Logs by Alan Renouf v1.2 [5 of 116]                                                                                                                                                                                                      [21:55:05] ..finished calculating Windows vCenter Error Event Logs by Alan Renouf v1.2 [5 of 116]                                                                                                                                                                                                   [21:55:05] ..start calculating Windows vCenter Error Event Logs by Alan Renouf v1.2 [6 of 116]                                                                                                                                                                                                      [21:55:05] ..finished calculating Windows vCenter Error Event Logs by Alan Renouf v1.2 [6 of 116]                                                                                                                                                                                                   [21:55:05] ..start calculating Windows vCenter Warning Event Logs by Alan Renouf v1.2 [7 of 116]                                                                                                                                                                                                    [21:55:05] ..finished calculating Windows vCenter Warning Event Logs by Alan Renouf v1.2 [7 of 116]                                                                                                                                                                                                 [21:55:05] ..start calculating vCenter Sessions Age by Rudolf Kleijwegt v1.2 [8 of 116]                                                                                                                                                                                                             [21:55:05] ..finished calculating vCenter Sessions Age by Rudolf Kleijwegt v1.2 [8 of 116]                                                                                                                                                                                                          [21:55:05] ..start calculating vCenter License Report by Justin Mercier, Bill Wall v1.2 [9 of 116]                                                                                                                                                                                                  [21:55:05] ..finished calculating vCenter License Report by Justin Mercier, Bill Wall v1.2 [9 of 116]                                                                                                                                                                                               [21:55:05] ..start calculating HA configuration issues by John Sneddon v1.1 [10 of 116]                                                                                                                                                                                                             [21:55:06] ..finished calculating HA configuration issues by John Sneddon v1.1 [10 of 116]                                                                                                                                                                                                          [21:55:06] ..start calculating HA VMs restarted by Alan Renouf v1.3 [11 of 116]                                                                                                                                                                                                                     [21:55:06] ..finished calculating HA VMs restarted by Alan Renouf v1.3 [11 of 116]                                                                                                                                                                                                                  [21:55:06] ..start calculating DRS & SDRS Migrations by Alan Renouf, Jonathan Medd v1.3 [12 of 116]                                                                                                                                                                                                 [21:55:06] ..finished calculating DRS & SDRS Migrations by Alan Renouf, Jonathan Medd v1.3 [12 of 116]                                                                                                                                                                                              [21:55:06] ..start calculating Cluster Slot Sizes by Alan Renouf v1.2 [13 of 116]                                                                                                                                                                                                                   [21:55:06] ..finished calculating Cluster Slot Sizes by Alan Renouf v1.2 [13 of 116]                                                                                                                                                                                                                [21:55:06] ..start calculating Cluster Configuration Issues by Alan Renouf v1.1 [14 of 116]                                                                                                                                                                                                         [21:55:06] ..finished calculating Cluster Configuration Issues by Alan Renouf v1.1 [14 of 116]                                                                                                                                                                                                      [21:55:06] ..start calculating Datastore Consistency by Robert Sexstone v1.6 [15 of 116]                                                                                                                                                                                                            [21:55:07] ..finished calculating Datastore Consistency by Robert Sexstone v1.6 [15 of 116]                                                                                                                                                                                                         [21:55:07] ..start calculating Clusters with DRS disabled by Robert van den Nieuwendijk v1.3 [16 of 116]                                                                                                                                                                                            [21:55:07] ..finished calculating Clusters with DRS disabled by Robert van den Nieuwendijk v1.3 [16 of 116]                                                                                                                                                                                         [21:55:07] ..start calculating Cluster Node version by Raphael Schitz, Frederic Martin v1.1 [17 of 116]                                                                                                                                                                                             [21:55:07] ..finished calculating Cluster Node version by Raphael Schitz, Frederic Martin v1.1 [17 of 116]                                                                                                                                                                                          [21:55:07] ..start calculating QuickStats Capacity Planning by Raphael Schitz, Frederic Martin v1.7 [18 of 116]                                                                                                                                                                                     [21:55:07] ..finished calculating QuickStats Capacity Planning by Raphael Schitz, Frederic Martin v1.7 [18 of 116]                                                                                                                                                                                  [21:55:07] ..start calculating s/vMotion Information by Alan Renouf v1.2 [19 of 116]                                                                                                                                                                                                                [21:55:08] ..finished calculating s/vMotion Information by Alan Renouf v1.2 [19 of 116]                                                                                                                                                                                                             [21:55:08] ..start calculating More RAM than free space on Datastore by Olivier TABUT, Bob Cote v1.2 [20 of 116]                                                                                                                                                                                    [21:55:08] ..finished calculating More RAM than free space on Datastore by Olivier TABUT, Bob Cote v1.2 [20 of 116]                                                                                                                                                                                 [21:55:08] ..start calculating DRS Rules by John Sneddon v1.2 [21 of 116]                                                                                                                                                                                                                           WARNING: Retrieving VM group to VMHost group DRS rules with Get-DrsRule is obsolete. Use Get-DrsVMHostRule cmdlet instead                                                                                                                                                                           [21:55:08] ..finished calculating DRS Rules by John Sneddon v1.2 [21 of 116]                                                                                                                                                                                                                        [21:55:08] ..start calculating Clusters Without Host Profile attached by John Sneddon v1.0 [22 of 116]                                                                                                                                                                                              [21:55:08] ..finished calculating Clusters Without Host Profile attached by John Sneddon v1.0 [22 of 116]                                                                                                                                                                                           [21:55:08] ..start calculating Hosts Overcommit state by Alan Renouf v1.4 [23 of 116]                                                                                                                                                                                                               [21:55:09] ..finished calculating Hosts Overcommit state by Alan Renouf v1.4 [23 of 116]                                                                                                                                                                                                            [21:55:09] ..start calculating Hosts Dead LUN Path by Alan Renouf, Frederic Martin v1.2 [24 of 116]                                                                                                                                                                                                 [21:55:09] ..finished calculating Hosts Dead LUN Path by Alan Renouf, Frederic Martin v1.2 [24 of 116]                                                                                                                                                                                              [21:55:09] ..start calculating Host Swapfile datastores by Alan Renouf v1.2 [25 of 116]                                                                                                                                                                                                             [21:55:09] ..finished calculating Host Swapfile datastores by Alan Renouf v1.2 [25 of 116]                                                                                                                                                                                                          [21:55:09] ..start calculating ESXi with Technical Support mode or ESXi Shell enabled by Alan Renouf v1.3 [26 of 116]                                                                                                                                                                               [21:55:09] ..finished calculating ESXi with Technical Support mode or ESXi Shell enabled by Alan Renouf v1.3 [26 of 116]                                                                                                                                                                            [21:55:09] ..start calculating ESXi hosts which do not have Lockdown mode enabled by Alan Renouf v1.1 [27 of 116]                                                                                                                                                                                   [21:55:09] ..finished calculating ESXi hosts which do not have Lockdown mode enabled by Alan Renouf v1.1 [27 of 116]                                                                                                                                                                                [21:55:09] ..start calculating Active Directory Authentication by Bill Wall, Dan Barr v1.2 [28 of 116]                                                                                                                                                                                              [21:55:10] ..finished calculating Active Directory Authentication by Bill Wall, Dan Barr v1.2 [28 of 116]                                                                                                                                                                                           [21:55:10] ..start calculating NTP Name and Service by Alan Renouf, Dan Barr v1.3 [29 of 116]                                                                                                                                                                                                       [21:55:10] ..finished calculating NTP Name and Service by Alan Renouf, Dan Barr v1.3 [29 of 116]                                                                                                                                                                                                    [21:55:10] ..start calculating Host Configuration Issues by Alan Renouf, Dan Barr v1.2 [30 of 116]                                                                                                                                                                                                  [21:55:10] ..finished calculating Host Configuration Issues by Alan Renouf, Dan Barr v1.2 [30 of 116]                                                                                                                                                                                               [21:55:10] ..start calculating Host Alarms by Alan Renouf, John Sneddon v1.3 [31 of 116]
[22:33:17] ..Displaying HTML results

Once the command finishes, an< .html> file will be created with the result of the report. vCheck has the feature of being able to schedule the report to be sent by e-mail on a recurring basis.. So, you can have a weekly report of how is the health of your virtual infrastructure.

Here are several examples of report generated with vCheck

I hope you liked this tool. If you have any questions or comments about this post, leave them in comments. Regards.

HomeLab – Automated VMware Infrastructure Documentation

In this blog I will be talking about how to automate the creation of documentation reports of our virtual infrastructure. There are several commercial solutions to generate this type of report but I will be talking about “As Built Report” a free tool that uses powershell as a base to build the reports.

The “As Built Report” tool uses the VMware.PowerCLI modules that we explained previously in our blog. If you want to know more about PowerCLI follow this link here. An important fact about “As Built Report” is that it is not only used to generate reports on VMware but also supports the following products:

  • VMware vSphere, NSX & SRM
  • Cisco UCS Manager
  • Nutanix Prism Element
  • Pure Storage FlashArray
  • Rubrik
  • Zerto
  • Dell/EMC VxRail
  • Cohesity DataPlatform
  • etc…

First of all to use this tool we need to validate the requirements that in general consist of the following:

  • Windows PowerShell 5.1 o later
  • VMware.PowerCLI

To install the “As Built Report” powershell module use the command <Install-Module> followed by the module name AsBuiltReport.

PS /home/blabla> Install-Module -Name AsBuiltReport

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from 'PSGallery'?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): A
PS /home/blabla>   

An optional requirement is to build a configuration file that allows you to set the organization parameters that are used to generate the report. This process generates a JSON file which is used as a template so that you do not have to fill in repetitive information when generating reports. To view the configuration procedure, simply click on the “+” icon.

AsBuiltReport JSON Configuration File

The powershell cmdlet New-AsBuiltConfig allows you to generate a template that will be used as the basis of the report. This template sets the non-technical parameters of the report.

PS C:\WINDOWS\system32> New-AsBuiltConfig

---------------------------------------------
 <        As Built Report Information      >
---------------------------------------------
Enter the name of the Author for this As Built Report [jocolon]: Jonathan Colon
---------------------------------------------
 <           Company Information           >
---------------------------------------------
Would you like to enter Company information for the As Built Report? (y/n): y
Enter the Full Company Name: Zen PR Solutions
Enter the Company Short Name: ZENPR
Enter the Company Contact: Jonathan Colon
Enter the Company Email Address: jcolonf@zenprsolutions.com
Enter the Company Phone: XXX-XXX-XXXX
Enter the Company Address: Puerto Rico
---------------------------------------------
 <            Email Configuration          >
---------------------------------------------
Would you like to enter SMTP configuration? (y/n): n
----------------------------------------------
 <       As Built Report Configuration      >
----------------------------------------------
Would you like to save the As Built Report configuration file? (y/n): y
Enter a name for the As Built Report configuration file [AsBuiltReport]: HomeLab VMware Report
Enter the path to save the As Built Report configuration file [C:\Users\jocolon\AsBuiltReport]:

Name                           Value
----                           -----
Email                          {Port, Credentials, Server, To...}
Company                        {FullName, Contact, Phone, Email...}
UserFolder                     {Path}
Report                         {Author}


PS C:\WINDOWS\system32>

Once the process is completed, a JSON file will be created with the following content:

{
    "Email":  {
                  "Port":  null,
                  "Credentials":  null,
                  "Server":  null,
                  "To":  null,
                  "From":  null,
                  "UseSSL":  null,
                  "Body":  null
              },
    "Company":  {
                    "FullName":  "Zen PR Solutions",
                    "Contact":  "Jonathan Colon",
                    "Phone":  "787-203-2790",
                    "Email":  "jcolonf@zenprsolutions.com",
                    "ShortName":  "ZENPR",
                    "Address":  "Puerto Rico"
                },
    "UserFolder":  {
                       "Path":  "C:\\Users\\jocolon\\AsBuiltReport"
                   },
    "Report":  {
                   "Author":  "Jonathan Colon"
               }
}

The New-AsBuiltReportConfig command allows you to set the technical parameters of the report such as the verbose level and type of information collected.

PS C:\WINDOWS\system32> New-AsBuiltReportConfig VMware.vSphere -FolderPath C:\Users\jocolon\AsBuiltReport\ -Filename ReportConfig

Once the process is completed, a JSON file will be created with the following content:

{
    "Report": {
        "Name": "VMware vSphere As Built Report",
        "Version": "1.0",
        "Status": "Released"
    },
    "Options": {
        "ShowLicenseKeys": false,
        "ShowVMSnapshots": true
    },
    "InfoLevel": {
        "_comment_": "0 = Disabled, 1 = Summary, 2 = Informative, 3 = Detailed, 4 = Adv Detailed, 5 = Comprehensive",
        "vCenter": 3,
        "Cluster": 3,
        "ResourcePool": 3,
        "VMHost": 3,
        "Network": 3,
        "vSAN": 3,
        "Datastore": 3,
        "DSCluster": 3,
        "VM": 2,
        "VUM": 3
    },
    "HealthCheck": {
        "vCenter": {
            "Mail": true,
            "Licensing": true
        },
        "Cluster": {
            "HAEnabled": true,
            "HAAdmissionControl": true,
            "HostFailureResponse": true,
            "HostMonitoring": true,
            "DatastoreOnPDL": true,
            "DatastoreOnAPD": true,
            "APDTimeOut": true,
            "vmMonitoring": true,
            "DRSEnabled": true,
            "DRSAutomationLevelFullyAuto": true,
            "PredictiveDRS": false,
            "DRSVMHostRules": true,
            "DRSRules": true,
            "vSANEnabled": false,
            "EVCEnabled": true,
            "VUMCompliance": true
        },
        "VMHost": {
            "ConnectionState": true,
            "HyperThreading": true,
            "ScratchLocation": true,
            "IPv6": true,
            "UpTimeDays": true,
            "Licensing": true,
            "SSH": true,
            "ESXiShell": true,
            "NTP": true,
            "StorageAdapter": true,
            "NetworkAdapter": true,
            "LockdownMode": true,
            "VUMCompliance": true
        },
        "vSAN": {},
        "Datastore": {
            "CapacityUtilization": true
        },
        "DSCluster": {
            "CapacityUtilization": true,
            "SDRSAutomationLevelFullyAuto": true
        },
        "VM": {
            "PowerState": true,
            "ConnectionState": true,
            "CpuHotAdd": true,
            "CpuHotRemove": true,
            "MemoryHotAdd": true,
            "ChangeBlockTracking": true,
            "SpbmPolicyCompliance": true,
            "VMToolsStatus": true,
            "VMSnapshots": true
        }
    }
}

Finally, we generate the report using the <New-AsBuiltReport> command with the vCenter information parameters and referencing the JSON file we have created as templates.

PS C:\WINDOWS\system32> New-AsBuiltReport -Report VMware.vSphere -Target vcenter-01v.zenprsolutions.local -Username administrator@vsphere.local -Password XXXXX -Format Word,Text,HTML -OutputFolderPath 'C:\Users\jocolon\OneDrive\Desktop\' -EnableHealthCheck -AsBuiltConfigFilePath 'HomeLab VMware Report.json' -ReportConfigFilePath 'ReportConfig.json'

VMware vSphere As Built Report 'VMware vSphere As Built Report' has been saved to 'C:\Users\jocolon\OneDrive\Desktop\'.
PS C:\WINDOWS\system32>

Once the process of collecting the information from the vCenter is finished, the command saves the report as specified with the <OutputFolderPath> parameter. The following image shows the generated report in the <Word,Text,HTML> format.

Below I show you some images showing the result of the report collected from the vCenter <vcenter-01v>:

Summary

In this lab we learned how easy it is to create documentation about our virtual infrastructure by using freely available tools. “As Built Report” is a robust tool that facilitates the manual process of creating or updating our documentation.

vSphere 7 Update 2 NFS Array Snapshots Offload Support

The vSphere 7.0 U2 release provides the ability to use native snapshot when using the NFS protocol as the access mechanism. As described on the VMware blog:

NFS Improvements

NFS required a clone to be created first for a newly created VM and the subsequent ones could be offloaded to the array. With the release of vSphere 7.0 U2, we have enabled NFS array snapshots of full, non-cloned VMs to not use redo logs but instead use the snapshot technology of the NFS array in order to provide better snapshot performance. The improvement here will remove the requirement/limitation of creating a clone and enables the first snapshot also to be offloaded to the array.

What’s New in vSphere 7 Update 2 Core Storage

In this blog I explain the configuration needed to test this new feature. To start we should validate the prerequisites to be able to implement this solution. According to the VMware documentation portal the prerequisites are as follows:

  • Verify that the NAS array supports the fast file clone operation with the VAAI NAS program.
  • On your ESXi host, install vendor-specific NAS plug-in that supports the fast file cloning with VAAI.
  • Follow the recommendations of your NAS storage vendor to configure any required settings on both the NAS array and ESXi.

The NFS configuration will be done in NetApp Ontap using the “NetApp NFS Plug-in for VMware VAAI” plugin that recently added native NFS snapshot offload support.

Note: The plug-in can be downloaded from the NetApp support portal at the following link “NetApp Support”.

© 2021 NetApp

Once we are in the NetApp support portal we must download version 2.0 of the plugin as shown in the following image. To install the plugin we need to unzip the downloaded file and rename the file inside the folder named vib20 with the extension .vib to the new name NetAppNasPlugin.vib.

© 2021 NetApp

In the next step I used the NetApp Ontap Tools to install the plugin but it can also be installed using VMware Lifecycle Manager.

To install the plugin go to [ONTAP tools => Settings => NFS VAAI tools] and in the “Existing version:” section press “BROWSE” to select where the “NetAppNasPlugin.vib” file is stored. Once the file is located press “UPLOAD” to load and install the plugin.

In this step we can see how to install the plugin to the ESXi servers by pressing the “INSTALL” button.

The following image shows that the installation of the plugin was successful. An advantage of the new version of the plugin is that no reboot of the ESXi server is required.

After installing the plugin we will proceed to validate that the Ontap Storage has support for VMware vStorage APIs for Array Integration (VAAI) features in the NFS environment. This can be verified with the command <vserver nfs show -fields vstorage>. As you can see the vStorage function is currently disabled in the SVM called NFS. To enable the vStorage function use the <vserver nfs modify -vstorage enabled> command.

OnPrem-HQ::> vserver nfs show -fields vstorage 
vserver vstorage 
------- -------- 
NFS     disabled  

OnPrem-HQ::> vserver nfs modify -vstorage enabled -vserver NFS 

OnPrem-HQ::> vserver nfs show -fields vstorage                 
vserver vstorage 
------- -------- 
NFS     enabled  

OnPrem-HQ::> 

The next requirement to be able to use native snapshot offload is the creation of an advanced setting in the VM configuration called snapshot.alwaysAllowNative. To add this value you have to go to the VM properties then to [VM Options => Advanced => EDIT CONFIGURATION].

The following image shows the value of the <snapshot.alwaysAllowNative> variable that according to VMware documentation must have a value equal to “TRUE”. You can use the following link as reference “VMware Documentation”

Now i start testing to validate that the native snapshot is working in Ontap. First i will create a snapshot with the <snapshot.alwaysAllowNative> function set to FALSE. Then i will make changes to the VM so that i can measure the speed of deleting and applying the snapshot changes to the base disk. In the example shown below the command <New-Snapshot> in PowerCLI was used to create a snapshot of the VM named RocaWeb

PS /home/rebelinux> get-vm -Name RocaWeb | New-Snapshot -Name PRE_Native_Array_Snapshot | Format-Table -Wrap -AutoSize  
                                                                                                                                                                                                                                               Name                      Description PowerState                                                                                                                                                                                               ----                      ----------- ----------                                                                                                                                                                                               PRE_Native_Array_Snapshot             PoweredOff                                                                                                                                                                                                                                                                                                                                                                                                                                              
PS /home/rebelinux> 

In this step a 10GB file was copied to grow the snapshot so that i can measure how fast the changes are applied to the base disk when the snapshot is deleted. In this example the file “RocaWeb_2-000001-delta.vmdk” represents the delta where the snapshot changes are saved. This represents a traditional VMware snapshot.

[root@comp-01a:/vmfs/volumes/55ab62ec-2abeb31b/RocaWeb] ls -alh
total 35180596
drwxr-xr-x    2 root     root        4.0K May 31 23:40 .
drwxr-xr-x    7 root     root        4.0K May 31 19:02 ..
-rw-------    1 root     root      276.0K May 31 23:40 RocaWeb-Snapshot15.vmsn
-rw-------    1 root     root        4.0G May 31 23:40 RocaWeb-a03f2017.vswp
-rw-------    1 root     root      264.5K May 31 23:40 RocaWeb.nvram
-rw-------    1 root     root         394 May 31 23:40 RocaWeb.vmsd
-rwxr-xr-x    1 root     root        3.4K May 31 23:40 RocaWeb.vmx
-rw-------    1 root     root       10.0G May 31 23:51 RocaWeb_2-000001-delta.vmdk #Delta (VMFS Based Snapshot)
-rw-------    1 root     root         301 May 31 23:40 RocaWeb_2-000001.vmdk
-rw-------    1 root     root      500.0G May 31 23:37 RocaWeb_2-flat.vmdk
-rw-------    1 root     root         631 May 31 23:37 RocaWeb_2.vmdk
[root@comp-01a:/vmfs/volumes/55ab62ec-2abeb31b/RocaWeb]

The following image shows the time it took to apply the snapshot changes to the base disk when the snapshot was removed. In summary the operation took 9 minutes in total using traditional VMware snapshot.

Note: Ontap simulator was used for this lab.

In this last example the <New-Snapshot> command was also used to create the snapshot but with the <snapshot.alwaysAllowNative> option set to “TRUE”. In that way i can test the use of Native Snapshot Offload in NFS. Here again, a 10GB file was copied to the VM to grow the snapshot, so i can measure how quickly changes are applied to the base disk when the snapshot is deleted.

PS /home/rebelinux> get-vm -Name RocaWeb | New-Snapshot -Name POST_Native_Array_Snapshot | Format-Table -Wrap -AutoSize
                                                                                                                                                                                                                                               Name                       Description PowerState                                                                                                                                                                                              ----                       ----------- ----------                                                                                                                                                                                              POST_Native_Array_Snapshot             PoweredOff                                                                                                                                                                                                                                                                                                                                                                                                                                             
PS /home/rebelinux> 

Here we can see that there is no “-delta.vmdk” file but there is a file named “RocaWeb_2-000001-flat.vmdk” with the same size of 500GB as the “RocaWeb_2-flat.vmdk” file. This allows us to confirm that the NFS Native Snapshot Offload feature is enabled in Ontap.

[root@comp-01a:/vmfs/volumes/55ab62ec-2abeb31b/RocaWeb] ls -alh
total 49419672
drwxr-xr-x    2 root     root        4.0K Jun  1 00:07 .
drwxr-xr-x    7 root     root        4.0K May 31 19:02 ..
-rw-------    1 root     root      276.0K Jun  1 00:07 RocaWeb-Snapshot16.vmsn
-rw-------    1 root     root        4.0G Jun  1 00:07 RocaWeb-a03f2017.vswp
-rw-------    1 root     root      264.5K Jun  1 00:07 RocaWeb.nvram
-rw-------    1 root     root         393 Jun  1 00:07 RocaWeb.vmsd
-rwxr-xr-x    1 root     root        3.4K Jun  1 00:07 RocaWeb.vmx
-rw-------    1 root     root      500.0G Jun  1 00:09 RocaWeb_2-000001-flat.vmdk #No Delta (Array Based Snapshot OffLoad)
-rw-------    1 root     root         650 Jun  1 00:07 RocaWeb_2-000001.vmdk
-rw-------    1 root     root      500.0G Jun  1 00:03 RocaWeb_2-flat.vmdk
-rw-------    1 root     root         631 Jun  1 00:07 RocaWeb_2.vmdk
[root@comp-01a:/vmfs/volumes/55ab62ec-2abeb31b/RocaWeb] 

The following image shows the time it took to apply the snapshot changes to the base disk when the snapshot was removed using the NFS Native Snapshot Offload. In summary, you can see that applying the snapshot changes to the base disk took no time at all to finish.

Summary

NFS native snapshot offload operations are so fast because ONTAP references metadata when it creates a Snapshot copy, rather than copying data blocks, that why Snapshot copies are so efficient. Doing so eliminates the seek time that other systems incur in locating the blocks to copy, as well as the cost of making the copy itself.

HomeLab – How to enable VMware TPS for greater virtual machine consolidation

In this blog, I will be talking about how you can optimize RAM utilization in your “HomeLab”. The main objective of this tutorial is that you can achieve higher levels of consolidation while running your labs.

“Transparent Page Sharing” (TPS) is a method by which duplicate copies of memory pages are consolidated. In other words, the concept of TPS is somewhat similar to deduplication. This helps the ESXi server to free up repeated memory blocks of a virtual machine allowing for increased levels of consolidation.

Memory Deduplication

If you want to know a little more about TPS, its benefits and risks, you can access the following link “Transparent Page Sharing (TPS) in hardware MMU systems”. Although it is known that the use of TPS can be a security risk, it is my understanding that it may not pose a significant risk in a test environment such as ours. I provide a reference for this information:

In a nutshell, independent research indicates that TPS can be abused to gain unauthorized access to data under certain highly controlled conditions. In line with its “secure by default” security posture, VMware has opted to change the default behavior of TPS and provide customers with a configurable option for selectively and more securely enabling TPS in their environment. 

Disabling TPS in vSphere – Impact on Critical Applications

Note: I show you how to change this value using Powershell because it allows you to make the change to multiple servers at the same time.

To begin we must verify what value is currently configured on the ESXi servers. To accomplish this task i use the <Get-VMHost> command to extract the information of the servers connected to the vCenter. The result is then sent to the <Get-AdvancedSetting -Name Mem.ShareForceSalting> command which allows us to extract the value configured in the “Mem.ShareForceSalting” variable.

PS /home/blabla> Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object Entity,Name,Value,Type | Format-Table -Wrap -AutoSize

Entity                          Name                  Value   Type
------                          ----                  -----   ----
esxsvr-00f.zenprsolutions.local Mem.ShareForceSalting     2 VMHost
comp-02a.zenprsolutions.local   Mem.ShareForceSalting     2 VMHost
comp-01a.zenprsolutions.local   Mem.ShareForceSalting     2 VMHost

PS /home/blabla> 

In this particular example the ESXi servers are configured with a default value of #2. Using the VMware documentation as a reference this value indicates that the “Inter-VM” TPS feature is disabled.

To activate the TPS “Inter-VM” function you can use the command <Set-AdvancedSetting> with the value of #0. It is worth to mention that this command can be activated with the VMs powered on or without the server being in maintenance.

PS /home/blabla> Get-VMHost -Name esxsvr-00f.zenprsolutions.local | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 0        

Perform operation?
Modifying advanced setting 'Mem.ShareForceSalting'.
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y

Name                 Value                Type                 Description
----                 -----                ----                 -----------
Mem.ShareForceSalting 0                    VMHost               

PS /home/blabla> 

Once again you can validate with the <Get-AdvancedSetting> command if the configured value is the one i specified previously.

PS /home/blabla> Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object Entity,Name,Value,Type | Format-Table -Wrap -AutoSize

Entity                          Name                  Value   Type
------                          ----                  -----   ----
esxsvr-00f.zenprsolutions.local Mem.ShareForceSalting     0 VMHost
comp-02a.zenprsolutions.local   Mem.ShareForceSalting     2 VMHost
comp-01a.zenprsolutions.local   Mem.ShareForceSalting     2 VMHost

PS /home/blabla> 

For this test i turned on 23 virtual machines (Windows) to bring the server in contention mode so that i can see what benefits the TPS has. This result I show you below represents the memory statistics of the ESXi server obtained with the command <esxtop>. Here you can see the statistics before i configured the “TPS Inter-VM” function with the value #2. The variable that is in bold “PSHARE/MB” represents the value of shared memory that the server currently has, i.e. only TPS is being used in “Intra-VM” mode. This variable has a value of 1400/MB.

2:58:11pm up 50 min, 722 worlds, 23 VMs, 45 vCPUs; MEM overcommit avg: 1.10, 1.10, 0.99
PMEM  /MB: 65398   total: 2139     vmk,60782 other, 2358 free
VMKMEM/MB: 65073 managed:  1265 minfree,  7501 rsvd,  57572 ursvd,  high state
PSHARE/MB:    1648  shared,     248  common:    1400 saving

Now i move on to validate the benefit of having the “TPS Inter-VM” feature enabled. As you can see in the following result of the <esxtop> command there was a substantial saving (32097/MB) of memory. This allowed us to increase the consolidation ratios of our “HomeLab”.

3:36:46pm up  1:29, 1024 worlds, 23 VMs, 45 vCPUs; MEM overcommit avg: 1.05, 1.05, 0.95
PMEM  /MB: 65398   total: 2262     vmk,60078 other, 3057 free
VMKMEM/MB: 65073 managed:  1265 minfree,  9092 rsvd,  55980 ursvd, clear state
PSHARE/MB:   33038  shared,     941  common:   32097 saving

Hasta Luego Amigos!

HomeLab – vSphere 7 update 2 QuickBoot with Nested ESXi

In this bog, I will be validating if the “ESXi QuickBoot” feature works in Nested mode i.e. running ESXi in a VM. First of all you must know exactly how QuickBoot works and all the requirements it has. To do this I will use the VMWare portal documentation as a reference:

Quick Boot is a vSphere feature that speeds up the upgrade process of an ESXi server.  A regular reboot involves a full power cycle that requires firmware and device initialization.  Quick Boot optimizes the reboot path to avoid this, saving considerable time from the upgrade process.

Understanding ESXi Quick Boot Compatibility
© 2021 VMware

Requirements:

  • The manufacturer’s platform must be compatible
  • All device drivers must be supported

Limitations in vSphere 7.0

  • TPM is disabled

Limitations in vSphere 6.7:

  • TPM is disabled
  • There are no VMs with passthrough devices configured.
  • No vmklinux drivers loaded on ESXi.

The VMware documentation includes a list of server manufacturers that support this technology for reference see the link in the VMware documentation “knowledge Base”.

For ESXi 7.0 or newer versions, you can check the “hardware” compatibility here:

In this lab I will test QuickBoot using Nested Virtualization. It is important to clarify that this is a test/dev scenario. To use this technology in production environments it is needed to activate the QuickBoot option from “VMware Update Manger” or the renamed “Lifecycle Manager”. If you are interested I leave a video here “Updates Installation with vSphere ESXi QuickBoot”.

[root@comp-01a:~] esxcli hardware platform get
Platform Information
   UUID: 0x27 0xa8 0x30 0x42 0xa3 0xf9 0x54 0xcf 0xe2 0xa3 0x10 0x1d 0xfd 0xb8 0x21 0xd0
   Product Name: VMware7,1
   Vendor Name: VMware, Inc.
   Serial Number: VMware-42 30 a8 27 f9 a3 cf 54-e2 a3 10 1d fd b8 21 d0
   Enclosure Serial Number: None
   BIOS Asset Tag: No Asset Tag
   IPMI Supported: false
[root@comp-01a:~]

The first step to activate QuickBoot is to validate the server compatibility. For this it is mandatory to connect via SSH to the ESXi server to execute the command <loadESXCheckCompat.py>. In this case the command confirmed that my platform is compatible.

[root@comp-01a:~] /usr/lib/vmware/loadesx/bin/loadESXCheckCompat.py
This system is compatible with Quick Boot.
[root@comp-01a:~]

Once the server is validated as compatible, we can activate the QuickBoot function with the command <loadESXEnable -e>.

[root@comp-01a:~] /bin/loadESXEnable -e
INFO: LoadESX Enabled
INFO: Precheck options:
INFO:   All prechecks are enabled.
[root@comp-01a:~]

The final step to activate the QuickBoot function would be to load the “QuickLaunch” configuration by using the command <loadESX.py>.

[root@comp-01a:~] /usr/lib/vmware/loadesx/bin/loadESX.py
DEBUG: LoadESX scripts are up to date.
INFO: Enabling QuickLaunch kernel preload
DEBUG: Using a ramdisk at /tmp/loadESX for intermediate storage
DEBUG: SYSTEM STORAGE IS ENABLED
INFO: Target version: 7.0.2-0.0.17867351
DEBUG: Install boot module "vmware_e.v00" with size 0x2ec40
DEBUG: Install boot module "vmware_f.v00" with size 0x1e3582f
DEBUG: Install boot module "vsan.v00" with size 0x25f08a8
DEBUG: Install boot module "vsanheal.v00" with size 0x80ebe0
DEBUG: Install boot module "vsanmgmt.v00" with size 0x18957cc
DEBUG: Install boot module "xorg.v00" with size 0x358c40
DEBUG: Install boot module "gc.v00" with size 0xe077
DEBUG: Install boot module "imgdb.tgz" with size 0x192800
DEBUG: Install boot module "state.tgz" with size 0x21a00
INFO: loadESX is ready ...
INFO: Performing QuickLaunch kernel preload...
[root@comp-01a:~] 

I am including two videos so you can see the speed of the QuickBoot technology when the server is rebooted.

VMware vSphere Normal Boot

VMware vSphere QuickBoot

VMware vSphere Native Key Provider

This is one of my favorite feature in vSphere 7 Update 2. VMware now provides the capability to use a new native key provider for encryption. Allowing us to use vSAN encryption, VM encryption and vTPM natively without the requirement to deploy a external Key provider. In the past this capability can only be provided by using a 3rd party solutions like Hytrust KeyControl. In this post i will explain how ease is to configure and deploy this awesome new feature.

Go to [Configure > Key Providers] to add the local key provider.

Select [ADD > Add Native Key Provider].

Provide a Name and press [ADD KEY PROVIDER].

Backup the Master keys.

Save the Native key Provider in a secure location. Optionally protect the key file with a strong password.

Verify the ESXi Server Host Encryption Mode is [Enable].

Test the configuration by encrypting an existing VM.

Change the default “VM Storage Policy” to [VM Encryption Policy].

Now the VM is encrypted with the Native Key Provider. Really Awesome Feature.

HomeLab – How to disable vSphere Cluster Services (vCLS)

In vSphere 7 update 1 VMware added a new capability for Distributed Resource Scheduler (DRS) technology consisting of three VMs called agents. The agent VMs form the quorum state of the cluster and have the ability to self-healing. So if you turn off or delete the VMs called vCLS the vCenter server will turn the VMs back on or re-create the VMs again. For HomeLab purposes this new feature consumes CPU resource, Memory and disk space which although minimal is not worth having a configuration that adds nothing to a test and development environment.

In this blog I will be showing how to remove this feature but it is important to emphasize not to implement this change in production environments. The following image show the minimum amount of vCLS VMs used in vCenter 7U1.

Note: vSphere DRS depends on the status of vCLS services as of vSphere 7.0 Update 1.

As you can see in my case the RegionA01-COMP cluster is composed of two ESXi servers where there are three vCLS VMs.

The first thing you need to do is to identify the cluster domain ID that is required to be able to add an advanced value in the vCenter configuration. This ID can be identified in two ways: From vCenter or using Powershell with PowerCLI.

vCenter: In this part you can get the cluster ID by navigating to the [Hosts and Clusters] tab then select the cluster you are going to edit where you can see that the ID is in the URL address of the browser.

PowerCLI: Using Powershell with the VMware.PowerCLI module you can obtain the cluster ID by invoking the <Get-Cluster> command. As shown in the result of the command you can see the value of the Id <domain-c81> for the cluster named RegionA01-COMP.

PS /home/rebelinux> Get-Cluster RegionA01-COMP | FL

ParentId                        : Folder-group-h23
ParentFolder                    : host
HAEnabled                       : True
HAAdmissionControlEnabled       : True
HAFailoverLevel                 : 1
HARestartPriority               : Medium
HAIsolationResponse             : DoNothing
VMSwapfilePolicy                : WithVM
DrsEnabled                      : True
DrsMode                         : FullyAutomated
DrsAutomationLevel              : FullyAutomated
CryptoMode                      : OnDemand
CollectiveHostManagementEnabled : False
Name                            : RegionA01-COMP
ExtensionData                   : VMware.Vim.ClusterComputeResource
Id                              : ClusterComputeResource-domain-c81

PS /home/rebelinux>

Once we have the cluster ID which in my case is <domain-c81> we proceed to add the configuration in vCenter by navigating to [Advanced Settings => Configure => Edit Settings].

In this screen add the <config.vcls.clusters.domain-domain-cID.enabled> value which in my case would be <config.vcls.clusters.domain-c81.enabled> with the value of “false” in the “Value” field.

Once the value is added the VMs of type vCLS will be removed from the cluster as you can see in the image as the VMs no longer exist.

In the following image you can see the tasks performed by vCenter to remove the vCLS VMs.

Hasta luego!!!