Mind The Virtualization

Stop The Pain With Broken VMware Snapshots with Opvizor Snapwatcher

JanFebruary 25, 2015Leave a Reply

Most of us have dealt with some issues when utilizing VMware’s integrated vCenter Snapshots. Most of the time they work but now and then they start to fail or become invalid/inconsistent. This seem to happen more often if you keep a larger amount of snapshots.

Opvizor, a company founded in Austria, has just launched a free product to help VMware administrators detect broken snapshots hiding in their virtual environment. The product is called Snapwatcher and will be released as a free beta to the public today.

Based on a study by Opvizor, ~81% of all VMware vSphere environments are affected by broken snapshots. Oftentimes invalid snapshots occur without the administrators knowledge, when backup solutions prompt snapshot creation and deletion. If VMware cannot delete a snapshot, an invalid snapshot is created. A single delta-file can grow up to the same size as the original VMDK, which can take up terabytes of your expensive storage.

The above image shows a screenshot of Snapwatcher Beta. It provides a quick an easy overview of your snapshots within your vSphere environment. It will highlight the largest snapshots and overall snapshots can be sorted by name, host and Virtual Machine. The work history allows you to see how many snapshots have been fixed and how much space was recovered.

My favorite part is, you can set rules which will automatically color-highlight snapshots based on pre-defined conditions.
For example, if a certain usage on a datastore has been reached or if a snapshot reaches a certain size, the right snapshot can easily be highlighted. This makes every VMware admin’s live much easier. Who doesn’t want to start his day with a quick overview of his snapshots and make sure that everything is healthy? And even if something is broken, Snapwatcher allows you to quickly fix it.

Currently, Snapwatcher can fix:

Inconsistency between snapshots and VMware snapshot manager
Most lock related snapshot failures
Unlock files as required (detects the MAC of the host and remotely unlocks the file from the locking host)

Note: Snapwatcher can even figure out if a backup software is still running. This ensures that not all lock files will be unlocked.

During a quick presentation by Dennis Zimmer and Atif Siddiqui, they mentioned some very interesting details about data points and how they have been able to help customers:

Collected ~66.5 trillion data points
Millions of virtual machines are monitored
Hundred thousands of VMware vSphere hosts are monitored
One of there customers was able to recover 16 TB from invalid and inconsistent snapshots. Seriously, this customer must have been the happiest in the world after getting 16 TB back.

VMware VCSA – SSL Certificate Verification Failed

JanFebruary 24, 20153 Replies

Today, I changed the IP address of my VMware vCenter Server Appliance and was greeted by a SSL certificate verification failed error message after I tried to login to the vSphere web-client on the new IP address.

Apparently, the VCSA does not regenerate a new SSL certificate automatically after you changed the IP address and/or hostname.

In order to generate a new SSL certificate and automatically generate new certificates, if needed, follow the steps below:

Login to your VCSA Console (https://vcsa:5480)
Go to the Admin-Tab, set Certificate regeneration enabled to Yes and Save setting.
This will make sure a new SSL certificate will be generated every time you reboot your VCSA instance.
Last, go to the System-Tab and Reboot the VCSA instance to get a new certificate generated.Note: Rebooting VCSA can take up to 10 minutes.
Once the VCSA is back up and all services are started, you can login to the vSphere web-client. The SSL certificate error should no longer be present.

Cannot Connect To VMware Horizon Connection Server

JanFebruary 13, 20152 Replies

The last couple of days, I’ve spend with deploying a small VDI setup in my home lab and get it up and running.
After painful hours of setting up a Active Directory, DHCP, DNS, VMware Horizon Connection Server and Horizon Composer Server, I thought I am all ready to get connect to my amazingly slow VDI desktops, sitting on 7200RPM spindles.

I tried connecting with my VMware Horizon Client to my Connection Server and I was welcomed by a non-impressive error message: Error: Unable to resolve server address: nodename nor servername provided, or not known

One would think, this message means one of the following:

Wrong IP/DNS name provided
Some service is not running
Something is seriously screwed up

After doing some research on the error, I was able to resolve it by unchecking: Use Secure Tunnel connection to desktop

I Am A VMware vExpert 2015

JanFebruary 11, 20151 Reply

Roughly four years ago, beginning of 2011, I had heard the first time of VMware recognizing fellow virtualization enthusiasts as vExperts. From the day I had heard about it, I knew, I want to be part of it.

Back in 2011, my job did not allow me to focus, as much as I wanted, on computer, server and datacenter virtualization. So, I used my spare time studying the VMware documentations and help my colleagues with VMware related questions.

In August 2012, I then started my new job with Nimble Storage (I’m no longer with Nimble Storage) and became quickly the go-to guy for any virtualization questions, not just VMware. I covered Citrix XenServer, Microsoft Hyper-V, VMware ESXi and OpenStack. My passion, however, was with VMware’s vSphere Suite. Yes, there is Microsoft Hyper-V, yes there is Citrix XenServer and yes, even OpenStack is becoming popular nowadays. But, if we are honest, we know that VMware is the market leader in desktop, server and datacenter virtualization and we all know why. We just love their products, because they get the job done!

So while providing some virtualization classes to my ex-colleagues at Nimble Storage, someone mentioned the VMware vExperts program again. As soon as I heard vExperts, I decided, I have to become one and I have to start focusing on it.

Basically, this is how www.MindTheVirt.com was created. I created this blog to help fellow virtualization enthusiasts and people who are new to virtualization. Part of my goals was to become VMware vExpert 2015. And here we go! Check out the official VMware vExpert 2015 batch. I am proud to be one of many vExperts and I hope to keep this title for some years and share my knowledge with as many people as possible.

For the people who do not know what VMware vExperts are, please find the description below:

The VMware vExpert program is VMware’s global evangelism and advocacy program. The program is designed to put VMware’s marketing resources towards your advocacy efforts. Promotion of your articles, exposure at our global events, co-op advertising, traffic analysis, and early access to beta programs and VMware’s roadmap. VMware will provide you with a unique vExpert id that will allow insights into analytics to help understand customer trends to assist you and keep your advocacy activities on track.

The awards are for individuals, not companies, and last for one year. Employees of both customers and partners can receive the awards. In the application, we consider activities from the previous year as well as the current year’s activities in determining who gets awards. We look to see that not only were you active but are still active in the path you chose to apply for.

vSphere 6 vMotion Enhancements

JanFebruary 5, 2015Leave a Reply

Starting with vSphere 6, VMware provided some new enhancements to the existing vMotion capabilities. Let us look at the history of vMotion over the last couple vSphere versions:

vSphere 5.0
- Multi-NIC vMotion, which allows you to dedicate multiple NICs for vMotion
- SDPS – Stun During Page Send has been introduced. SDPS ensures that vMotion will not fail due to memory copy convergence issues. Previously, vMotion might fail if the virtual machine modifies memory faster than it can be transferred. SDPS will slow down the virtual machine to avoid such a case

vSphere 5.1
- vMotion without shared storage – vMotion can now migrate virtual machines to a different host and datastore simultaneously. Also, the storage device no longer needs to be shared between the source host and destination host

So, what are the new vMotion enhancements in vSphere 6? There are three major enhancements:

vMotion across vCenters

Simultaneously change compute, storage, networks and management
Leverage vMotion with unshared storage
Support local, metro and cross-continental distances

Requirements for vMotion across vCenter Servers:

Supported only starting with vSphere 6
Same Single-Sign-On domain for destination vCenter Server instance using UI; different SSO domain possible if you use the API
250 Mbps network bandwidth per vMotion operation

vMotion across vSwitches aka x-vSwitch vMotion)

x-vSwitch vMotion is fully transparent to the Guest.
Required L2 VM network connectivity
Transfers Virtual Distributed Switch port metadata
Works with a max of virtual switches

Long-distance vMotion

Allows cross-continental vMotion with up to 100ms latency (Round-trip delay time)
Does not require vVols
Use Cases:
- Permanent migrations
- Disaster avoidance
- SRM/DA testing
- Multi-site load balancing
vMotion network will cross L3 boundaries
NFC network, carrying cold traffic, will be configurable

What’s required for Long-distance vMotion?

If you use vMotion across multiple vCenters, then vCenters must connect via L3
VM network:
- L2 connection
- Same VM IP address available at destination
vMotion network:
- L3 connection
- Secure (dedicated or encrypted)
- 250 Mbps per vMotion operation
NFC network:
- Routed L3 through Management Network or L2 connection
- Networking L4-L7 services manually configured at destination

Long-distance vMotion supports Storage Replication Architectures

Active-active replicated storage appears as shared storage to the Vm
Migration over active-active replication is classic vMotion
VVOLs are required for geo distances