tag:blogger.com,1999:blog-49915822311213113532024-03-13T17:38:52.969+11:00Virtual NomadHeading to VCAP-DCDvmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.comBlogger87125tag:blogger.com,1999:blog-4991582231121311353.post-1615079267793186552018-04-17T21:12:00.001+10:002018-04-17T21:12:01.333+10:00Why Starwind Cloud VTL or getting backup data to cloud object storage in 30 minutes<div align="center" class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: center; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">So many cloud storage providers offer object-based storage nowadays. Unfortunately, backup software vendors are not fast enough with updating their products to allow companies to consume new storage tiers to existing backup infrastructure. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">With few Whys I am going to explain how StarWind VTL brings value to the companies by providing access to a new cost-effective cloud storage.<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Why backup?</span></b><span style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Alright, alright, I am kidding here. No doubts you know the purpose of data backup. Just wanted to remind you that people make mistakes, computer hardware fails, and natural disasters occur. So, it is better be safe than sorry. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Why tapes?</span></b><span style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 11pt;">Historically tapes have been very attractive backup media due to </span><span lang="EN-US" style="font-size: 11pt;">tape drive's reliability </span><span lang="EN-US" style="font-size: 11pt;"></span><span lang="EN-US" style="font-size: 11pt;">and low cost.</span><span style="font-size: 11pt;"> 10-20 years ago, the performance of tape libraries and the amount of backup data still allowed to meet the backup window. Even today tape backup may still be a viable choice for SMB companies.</span><span lang="EN-US" style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Also, tapes are perfect for long-term data archiving. On the contrary, archiving data on disks is not practical. Who would want to store data, let's say for 7 years, on disks paying for power, cooling and space? <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Scalability was another benefit you get with backup tapes. It is much easier to buy additional tapes to get extra disk space compared to disks where you would have to buy new disk enclosures, reconfigure storage arrays. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span lang="EN-US" style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Finally, tapes are mobile. Moving tapes offsite is a common practice to allow data restore in case of disaster recovery.<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 11pt;">It ought to be mentioned that very often tapes do compete with disk, but rather complement each other. For instance, the Disk-to-Disk-to-Tape approach is still a quite common backup technique. </span><span lang="EN-US" style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Why Virtual Tape Library?</span></b><span style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">According to Wikipedia, 'VTL is a data storage virtualization technology', or in other words is an abstraction layer which lets you quickly change the underlying backup media. It still logically presents the familiar tape libraries and tapes thus minimising the knowledge curve that usually comes with new technologies. This allows administrators to keep using familiar backup software and policies. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 11pt;">The important improvements VTL brings are performance and mobility. </span><span lang="EN-US" style="font-size: 11pt;">Even with explosive data growth, VTL manages to fit the backup job into a reasonable time-frame by accelerating it, so the process does not overlap with the production time window.</span><span style="font-size: 11pt;">While it is relatively easy to scale out physical tape drives to improve the backup time, they are not very efficient when you need to recover data very quickly. This is where VTL performance shines the most as its data access time is very low compared to physical tapes. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span lang="EN-US" style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">VTL brings backup data mobility and security to a new level. Moving data offsite over network minimizes the risk of sensitive data theft because the access to data can be easily controlled and audited. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span lang="EN-US" style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The geographical location of the offsite storage becomes less important. Virtual Tapes can be copied to offsite datacenter or even to the cloud as long as there is sufficient bandwidth. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Why Object based storage?</span></b><span style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">While VTL is a great concept for storing 'warm' backup data there is a fundamental issue with its scalability. This is mostly due to the VTL power and space footprints and high cost.<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The object storage on the contrary allows higher consolidation ratio, better deduplication ratio due to a single deduplication domain, very efficient scalability. Also, if you look at the object storage specs you may notice that in a way they resemble physical tapes - no random writes, very large I/Os. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Yes, object storage is not great for latency-sensitive applications, but that is not required for backup data.<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">All this make object storage a perfect storage tier for long-retention archival. Even in terms of TCO object storage is getting very close to physical tapes. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Why Starwind VTL?</span></b><span style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The answer is very obvious. The StartWind VTL is a universal gateway to the cloud and on-prem object-based storage. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The StarWind VTL solution could use AWS S3 Storage since 2017. In the latest release StarWind has added few other cloud storage providers. So, the full list looks the following:<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt; text-indent: -18.0pt; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 10pt;"><span style="mso-list: Ignore;">·<span style="font-size: 7pt; font-stretch: normal; font-style: normal; font-variant-caps: normal; font-weight: normal; line-height: normal;"> </span></span></span><!--[endif]--><span style="font-size: 11pt;">AWS S3 and Glacier<o:p></o:p></span></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt; text-indent: -18.0pt; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 10pt;"><span style="mso-list: Ignore;">·<span style="font-size: 7pt; font-stretch: normal; font-style: normal; font-variant-caps: normal; font-weight: normal; line-height: normal;"> </span></span></span><!--[endif]--><span style="font-size: 11pt;">Backblaze S2 Cloud Storage<o:p></o:p></span></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt; text-indent: -18.0pt; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 10pt;"><span style="mso-list: Ignore;">·<span style="font-size: 7pt; font-stretch: normal; font-style: normal; font-variant-caps: normal; font-weight: normal; line-height: normal;"> </span></span></span><!--[endif]--><span style="font-size: 11pt;">Microsoft Azure Cloud Storage<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 11pt;">So, essentially it is a software that provides that abstraction layer between your backup product and cloud storage providers, thus, achieving </span><span lang="EN-US" style="font-size: 11pt;">an effortless integration with the object storage without the need for installing several third-party software components.<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">StarWind VTL improves the classic 3-2-1 approach with a new 4-3-2-1-0 concept</span></b><span style="font-size: 11pt;"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span lang="EN-US" style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Traditional approach dictates to have <b>3</b> copies of data on <b>2</b> different media while storing <b>1</b> copy off-site<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span lang="EN-US" style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The screenshot from the StarWind Cloud VTL presentations depicts the new concept. It suggests using <b>4</b> copies on <b>3</b> different media with <b>2</b> copies stored offsite, achieved in <b>1</b>click operation and with 0 issues. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7vQnypJ2MChsWOp7v7zUIredO82XjhptjJnypTUyWmAEVlBW4zpEXyJ_sLPDOJ4pAOBj1fnYsSPZvH-550YaNJTBRvb0lgirGedWfq-19rwbOoFA6ui-8eZkA8GQrZkTMqxAZScq_gNnw/s1600/fig1.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><img border="0" data-original-height="527" data-original-width="935" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7vQnypJ2MChsWOp7v7zUIredO82XjhptjJnypTUyWmAEVlBW4zpEXyJ_sLPDOJ4pAOBj1fnYsSPZvH-550YaNJTBRvb0lgirGedWfq-19rwbOoFA6ui-8eZkA8GQrZkTMqxAZScq_gNnw/s640/fig1.png" width="640" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><i style="text-align: start;"><span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The diagram is a courtesy of StarWind </span></span></i></td></tr>
</tbody></table>
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Proactive support introduced in the latest build of the StarWind VTL is an icing on the cake. Here is the Proactive Support high level workflow:<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l2 level1 lfo2; tab-stops: list 36.0pt; text-indent: -18.0pt; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 10pt;"><span style="mso-list: Ignore;">·<span style="font-size: 7pt; font-stretch: normal; font-style: normal; font-variant-caps: normal; font-weight: normal; line-height: normal;"> </span></span></span><!--[endif]--><span style="font-size: 11pt;">telemetry collected & analysed with AI<o:p></o:p></span></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l2 level1 lfo2; tab-stops: list 36.0pt; text-indent: -18.0pt; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 10pt;"><span style="mso-list: Ignore;">·<span style="font-size: 7pt; font-stretch: normal; font-style: normal; font-variant-caps: normal; font-weight: normal; line-height: normal;"> </span></span></span><!--[endif]--><span style="font-size: 11pt;">failure pattern detected and logged<o:p></o:p></span></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l2 level1 lfo2; tab-stops: list 36.0pt; text-indent: -18.0pt; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 10pt;"><span style="mso-list: Ignore;">·<span style="font-size: 7pt; font-stretch: normal; font-style: normal; font-variant-caps: normal; font-weight: normal; line-height: normal;"> </span></span></span><!--[endif]--><span style="font-size: 11pt;">support prevents an issue from happening <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">According to StarWind presentation at Storage Field Day 15 "90% of issues are resolved with ProActive support before they actually happen"<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 11pt;">Hardware and System requirements for StarWind VTL are pretty low. </span><span style="font-size: 11pt;"><span> </span>Intel Xeon E5620, 4 GB of RAM and 1 GbE NIC is the minimum that lets you use the product. If you plan to install Veeam B&R on the same server, you will need to beef up the server specifications. The largest question would be the amount of disk space that will meet the requirements of the retention policy - how long the virtual tapes will be stored locally before offloading them to the cloud storage. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Let’s have a quick look at the components of the StarWind Cloud VTL solution: <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">VTL Server:</span></b><span style="font-size: 11pt;"><span> </span>the software responsible for emulating physical tape library<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Veeam Backup and Recovery: </span></b><span style="font-size: 11pt;">one of the best backup product I know<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Tape Library drivers: </span></b><span style="font-size: 11pt;">allow communication between backup server and VTL<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><b><span style="font-size: 11pt;">Backblaze storage bucket</span></b><b><span style="font-size: 9pt;">*</span></b><b><span style="font-size: 11pt;">: </span></b><span style="font-size: 11pt;">cloud object-based storage</span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<i style="text-indent: 36pt;"><span style="font-size: 9pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">* bucket is an object storage term, it is used to logically group objects. </span></span></i></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Now let's have look at Clout VTL topologies.<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">There are few ways to deploy this solution. The first diagram depicts the setup you would probably use in a Proof of Concept project. This solution does not consume a lot of resources and at the same time allows to test all the features of powerful combination of Veeam B&R and StarWind VTL. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">It is not recommended to use this setup for production environment <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt 27pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuMSKLRlKTluUdYZW2U3ReDqOvH2Dqp-RInMyvlM6lDa6aHrFw02mKTwNN2wum40elSMBioXgzlz0DmJT0ajQSLA2MQ6B3jZVPO7FB8-YJE_jbcG2jNl-K0aGZL4J_KrYwMwrcAnvIOswK/s1600/fig2.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><img border="0" data-original-height="356" data-original-width="885" height="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuMSKLRlKTluUdYZW2U3ReDqOvH2Dqp-RInMyvlM6lDa6aHrFw02mKTwNN2wum40elSMBioXgzlz0DmJT0ajQSLA2MQ6B3jZVPO7FB8-YJE_jbcG2jNl-K0aGZL4J_KrYwMwrcAnvIOswK/s640/fig2.png" width="640" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span lang="EN-GB" style="caret-color: rgb(68, 84, 106); color: #44546a; font-size: 11pt; font-style: italic;">Figure </span><span lang="EN-GB" style="caret-color: rgb(68, 84, 106); color: #44546a; font-size: 11pt; font-style: italic;">1 - </span><span lang="EN-GB" style="caret-color: rgb(68, 84, 106); color: #44546a; font-size: 11pt; font-style: italic;">Single Server Topology</span></span></td></tr>
</tbody></table>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; break-after: avoid-page; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span></div>
<div align="center" class="MsoCaption" style="-webkit-text-stroke-width: 0px; color: #44546a; font-size: 9pt; font-style: italic; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 10pt; text-align: center; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt 27pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt 27pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The second topology is not a reference architecture, but rather my attempt to show that components of the solution can be spread across multiple servers. This flexibility enables administrator to scale out/scale up the solution to meet the backup performance requirements. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ77wxiexzEylpEbeV2itjSV5ioqhPjoUBxwsX3lElqHggL2BUCj1DQfm2_fY7b7TkreDfaAEeIBsQtCSKQzjAmJBbYtoK4N6sHNn6tAAsPzDeUOqu-DrsYBKn1AuAbn0q_9apZ40fFwbU/s1600/fig3.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><img border="0" data-original-height="520" data-original-width="999" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ77wxiexzEylpEbeV2itjSV5ioqhPjoUBxwsX3lElqHggL2BUCj1DQfm2_fY7b7TkreDfaAEeIBsQtCSKQzjAmJBbYtoK4N6sHNn6tAAsPzDeUOqu-DrsYBKn1AuAbn0q_9apZ40fFwbU/s640/fig3.png" width="640" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span lang="EN-GB" style="caret-color: rgb(68, 84, 106); color: #44546a; font-size: 11pt; font-style: italic;">Figure </span><span lang="EN-GB" style="caret-color: rgb(68, 84, 106); color: #44546a; font-size: 11pt; font-style: italic;">2 - </span><span lang="EN-GB" style="caret-color: rgb(68, 84, 106); color: #44546a; font-size: 11pt; font-style: italic;">Distributed Topology</span></span></td></tr>
</tbody></table>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; break-after: avoid-page; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span></div>
<div align="center" class="MsoCaption" style="-webkit-text-stroke-width: 0px; color: #44546a; font-size: 9pt; font-style: italic; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 10pt; text-align: center; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">On the diagram above the Tape Library server is where all the 'magic' happens. The StarWind software emulates HP MSL tape library and drives. This virtual tape library is then presented to Veeam B&R Server as an iSCSI target. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">The virtual tapes can then be stored on any local or shared storage. Once the backup job is complete the virtual tapes can be replicated to Backblaze cloud storage (or another cloud storage provider). After successful replication the tape can either be deleted or stored locally to provide a faster recovery if needed. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="font-size: 11pt;">The installation </span><span lang="EN-GB"><span lang="EN-US" style="color: blue; font-size: 11pt;"><span lang="EN-US"><a href="https://www.starwindsoftware.com/resource-library/starwind-vtl-for-backblaze-and-veeam-installation-and-configuration-guidance">document</a> </span></span></span><span style="font-size: 11pt;">thoroughly covers all the steps and it took me less than 30 minutes to install all components and get first virtual tape replicated to Backblaze. <o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">To summarise, StartWind VTL provides the following benefits:<o:p></o:p></span></span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
</div>
<ul>
<li><span style="font-family: "Helvetica Neue", Arial, Helvetica, sans-serif; font-size: 11pt; text-indent: -18pt;">Disk to Disk to Cloud backup technique while </span><span lang="EN-US" style="font-family: "Helvetica Neue", Arial, Helvetica, sans-serif; font-size: 11pt; text-indent: -18pt;">ensuring the compliance with 3-2-1 backup rule</span></li>
<li><span style="font-family: "Helvetica Neue", Arial, Helvetica, sans-serif; font-size: 11pt; text-indent: -18pt;">Access to multiple cloud object-based storage providers</span></li>
<li><span style="font-family: "Helvetica Neue", Arial, Helvetica, sans-serif; font-size: 11pt; text-indent: -18pt;">Allows to get rid of the physical tapes</span><span style="font-family: "Helvetica Neue", Arial, Helvetica, sans-serif; font-size: 11pt;"> </span></li>
</ul>
<br />
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; margin: 0cm 0cm 0.0001pt; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<span style="font-size: 11pt;"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">I personally believe StarWind VTL will be in a high demand until backup software vendors enhance their applications to integrate with all cloud and on-prem object-based storage. This process could be accelerated by the development of a single unified API standard for object-based storage, but I am not sure if it is happening soon. <o:p></o:p></span></span></div>
<style class="WebKit-mso-list-quirks-style">
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:"";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;
mso-ansi-language:EN-GB;}
p.MsoCaption, li.MsoCaption, div.MsoCaption
{mso-style-priority:35;
mso-style-qformat:yes;
mso-style-next:Normal;
margin-top:0cm;
margin-right:0cm;
margin-bottom:10.0pt;
margin-left:0cm;
mso-pagination:widow-orphan;
font-size:9.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;
color:#44546A;
mso-themecolor:text2;
mso-ansi-language:EN-GB;
font-style:italic;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;
mso-ansi-language:EN-GB;}
@page WordSection1
{size:595.0pt 842.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;
mso-header-margin:35.4pt;
mso-footer-margin:35.4pt;
mso-paper-source:0;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:365759546;
mso-list-template-ids:1825322140;}
@list l1
{mso-list-id:442530797;
mso-list-template-ids:727351980;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:216.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:324.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:1061949029;
mso-list-template-ids:-550219378;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:216.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:324.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
-->
</style><br />
<div class="MsoNormal" style="font-size: medium;">
<br /></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com8tag:blogger.com,1999:blog-4991582231121311353.post-87877613228488544002017-11-06T21:06:00.000+11:002017-11-09T08:09:39.119+11:00Validating NSX VTEP connectivityThis post was inspired by recent incident at the customer environment where VMs were experiencing networking issues due to MTU size misconfiguration on the TOR switches.<br />
<br />
If you ever worked with NSX-V and Logical Switches you are aware that NSX configures VTEP vmnics with MTU equal to 1600 bytes. This allows to support VxLAN encapsulation.<br />
However, between every two VTEP interfaces is an L2 or L3 networking device that is potentially not configured to support baby Jumbo frames (that's another name for 1600 bytes packets).<br />
<br />
There are many posts explaining how to check MTU size and network connectivity between VTEP interfaces. It is a simple ping using esxcli:<br />
<br />
<i>esxcli network diag ping --netstack=vxlan --host vmknic_IP --df --size=1572</i><br />
<div>
<br /></div>
<div>
Now, imagine you have a small transport zones with 10 hosts and each host has 2 VTEP interfaces. </div>
<div>
You will need to run the <i>esxcli </i>command <b><span style="color: red;">360</span></b> times to validate all combinations of VTEP pairs. </div>
<div>
<br /></div>
<div>
With 64 hosts the number of required ping tests reaches <b><span style="color: red;">16,128.</span></b> Well, that's obviously something that requires automation. </div>
<div>
<br /></div>
<div>
Hopefully, the future versions of NSX will have this validation step as part of NSX Health Check. </div>
<div>
Meanwhile, we can take advantage of Powershell to make our VTEP validation test a bit easier.</div>
<div>
<br /></div>
<div>
I didn't spend much time writing the script and had only my home lab for a test, so it definitely may have some bugs. </div>
<div>
<br /></div>
<div>
Here is the logic of the script:</div>
<ul>
<li>Connects to NSX/vCenter and validates that connection was established successfully</li>
<li>Builds array of Transport Zones and Hosts</li>
<li>Builds array of Hosts and their VTEPs</li>
<li>Iterate through each TZ-Host-VTEP and ping all other VTEPs in the transport zone. This is a full-mesh test. </li>
<li>The script uses pings with 2 different sizes – 64 and 1572 bytes. The first allows to check for connectivity issues and the larger packet validates that MTU size is configured correctly along the path between two VTEPs.</li>
<li>The results are displayed on the screen in real-time</li>
<li>Two reports are produced for each transport zone:</li>
<ul>
<li>Summary - a table with Source Host, Destination Host and the test result</li>
<li>Detailed - a table that contains Hosts, VTEP names and IP Addresses, test result for different packet sizes and the error message, if any. </li>
</ul>
</ul>
<div>
Script has been tested with vSphere 6.5 U1 and NSX 6.3.x<br />
<br />
Update (9/11/2017) - the script was updated to work with ESXi 6.0 and 6.5 versions.<br />
<br />
The following screenshot provides and example of successful tests:<br />
<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8cGe8ChY2H0yDmUOx1C920LF8BQ24gIX1tWyE3DxbeINy5W24lbmId71UB-7hym4lsLJgA7-SCeClwX5g8gRpI3CkIBYP9ZfPtHro-IjgEwNUIpRsnQU8bIH5ZxLVftVJb956-FU2MaYt/s1600/Screen+Shot+2017-11-04+at+12.12.23+am.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="682" data-original-width="1200" height="362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8cGe8ChY2H0yDmUOx1C920LF8BQ24gIX1tWyE3DxbeINy5W24lbmId71UB-7hym4lsLJgA7-SCeClwX5g8gRpI3CkIBYP9ZfPtHro-IjgEwNUIpRsnQU8bIH5ZxLVftVJb956-FU2MaYt/s640/Screen+Shot+2017-11-04+at+12.12.23+am.png" width="640" /></a><br />
<br />
<br />
<br />
This is an example of error messages when using packet size 1573<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzSGyIMkMpRC7lZE382pxMGWsYuUmfQ63nsMke00n6-TRcZ_UDNOQ-_Of3t54tCZM-SW_i7zA_fD6MPQfGsdYNGW_Rl3VZN25n9GBtOIQjlhAfQemiOyigvxviw9Vwug9swqs5dMO3u0zG/s1600/Screen+Shot+2017-11-04+at+12.28.48+am.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="576" data-original-width="1206" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzSGyIMkMpRC7lZE382pxMGWsYuUmfQ63nsMke00n6-TRcZ_UDNOQ-_Of3t54tCZM-SW_i7zA_fD6MPQfGsdYNGW_Rl3VZN25n9GBtOIQjlhAfQemiOyigvxviw9Vwug9swqs5dMO3u0zG/s640/Screen+Shot+2017-11-04+at+12.28.48+am.png" width="640" /></a><br />
<br />
<br />
As you can see the script can detect different types of issues.</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
here is a couple of reports' screenshots</div>
<div>
<br /></div>
<div>
<b>Summary Report</b></div>
<div>
<b><br /></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHllW3s7piuwr3YWXKacqEmxxdX9UTtn-EVqzjDf0cdqkgs2B8-cuk9Ep_vo-pokTMyYdeUjK_7mDoFIYMAyUbWqNkaN-jwSD_xJiFVtAT_09hY2e_QRJrUCYzxeHVqgvbF4e7wjbvFpW7/s1600/Screen+Shot+2017-11-06+at+8.36.15+pm.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="418" data-original-width="684" height="243" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHllW3s7piuwr3YWXKacqEmxxdX9UTtn-EVqzjDf0cdqkgs2B8-cuk9Ep_vo-pokTMyYdeUjK_7mDoFIYMAyUbWqNkaN-jwSD_xJiFVtAT_09hY2e_QRJrUCYzxeHVqgvbF4e7wjbvFpW7/s400/Screen+Shot+2017-11-06+at+8.36.15+pm.png" width="400" /></a></div>
<div>
</div>
<div>
<br /></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b>Detailed Report</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGUrMRrgM_OSPAKtnxn_qpwma-Fi3qie6BBQCI1HNZ9Z4NUWSj6MstcSbu5p_xfy4itrBiHB4OKURcJhsx6KpPzhiJqoHhUSKeiTzR19mJ9BZzzbdfKcaM4vHKSt0jd_bunaGsVJOrtboQ/s1600/Screen+Shot+2017-11-06+at+8.35.48+pm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="420" data-original-width="1418" height="188" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGUrMRrgM_OSPAKtnxn_qpwma-Fi3qie6BBQCI1HNZ9Z4NUWSj6MstcSbu5p_xfy4itrBiHB4OKURcJhsx6KpPzhiJqoHhUSKeiTzR19mJ9BZzzbdfKcaM4vHKSt0jd_bunaGsVJOrtboQ/s640/Screen+Shot+2017-11-06+at+8.35.48+pm.png" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
Here is the script code</div>
<div>
<br />
<br />
<script src="https://gist.github.com/vmnomad/a8d247649051a820465b091bb5458b75.js"></script></div>
<div>
<br /></div>
<div>
<br />
Feel free to provide feedback on any bugs you may encounter using this script. </div>
<div>
<br /></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-81739064660075390382017-08-27T17:26:00.000+10:002017-08-27T17:26:45.511+10:00Updating configuration of NSX Controllers and Edge appliancesIf you have been playing with NSX you may have noticed that you cannot edit settings of virtual appliances deployed by NSX, e.g. controllers or Edge appliances. That's how VMware want to ensure the best performance of NSX in your environment. However, there might be cases when you still need to adjust some NSX appliances' settings.<br />
<br />
In my case I needed to be able to change Memory Reservation settings. The thing is that all NSX appliances are deployed with 100% of memory reservation. My home lab grew up to almost 200Gb of RAM, but I still struggle with lack of memory especially when I run few nested deployments, each with its own NSX.<br />
<br />
I am a big fan on PowerCLI so I tried to use Set-VMResourceConfiguration command let, but that attempt wasn't successful.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSqdUsju9c8Q-LFSJ3K7R6BVfUH-Vo4klFn0QQc_zq34nGrMLCNBC5whBJChq2aMI6MAPlR_0fwHB9lN5gWdcxPMxbBvv1jLlTQGVA-QkzMfWE3Xib-NLr0Der05jflsT0YRBGqPZnUdYV/s1600/Screen+Shot+2017-08-27+at+11.47.12+am.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="159" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSqdUsju9c8Q-LFSJ3K7R6BVfUH-Vo4klFn0QQc_zq34nGrMLCNBC5whBJChq2aMI6MAPlR_0fwHB9lN5gWdcxPMxbBvv1jLlTQGVA-QkzMfWE3Xib-NLr0Der05jflsT0YRBGqPZnUdYV/s1600/Screen+Shot+2017-08-27+at+11.47.12+am.png" /></a></div>
<br />
as you can see in the screenshot this method is disabled.<br />
<br />
You can check all the methods disabled for VMs using this command<br />
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">(get-vm <i>VMname</i>).ExtensionData.disabledmethod</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ0IPZGTTfoQsK8e4G0e3m4xrYQ-btkkpK6dhpRUbU1Ug9J_Re763g2Gpif_bYyNf-EVaSt5f5z6u_1JQ7FUebAEERlpsdpAQMjtGXkHk0IevUubpWgUrLJ2tC3X775StT01AH8E1CqkaE/s1600/Screen+Shot+2017-08-27+at+11.49.15+am.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ0IPZGTTfoQsK8e4G0e3m4xrYQ-btkkpK6dhpRUbU1Ug9J_Re763g2Gpif_bYyNf-EVaSt5f5z6u_1JQ7FUebAEERlpsdpAQMjtGXkHk0IevUubpWgUrLJ2tC3X775StT01AH8E1CqkaE/s1600/Screen+Shot+2017-08-27+at+11.49.15+am.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="686" data-original-width="844" height="520" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ0IPZGTTfoQsK8e4G0e3m4xrYQ-btkkpK6dhpRUbU1Ug9J_Re763g2Gpif_bYyNf-EVaSt5f5z6u_1JQ7FUebAEERlpsdpAQMjtGXkHk0IevUubpWgUrLJ2tC3X775StT01AH8E1CqkaE/s640/Screen+Shot+2017-08-27+at+11.49.15+am.png" width="640" /></a><br />
<br />
<br />
As you can see the ReconfigVM_Task is in the <span style="font-family: inherit;">list</span> of disabled methods, which prevents any changes to the VM config.<br />
<br />
There is a way to enable this method, but it can only be done through vSphere MOB, but I personally find it really confusing and not user friendly. And I had no clue how to automate this process. So, I gave up on this.<br />
<br />
Then I thought there should be a way to change NSX appliances config through NSX RestAPI. And actually there is.<br />
<br />
Here is how you can change the memory reservation of NSX edges using curl. Update the values in bold before using.<br />
<br />
<b>1. Grab the NSX edge config and save it in XML file</b><br />
<span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span>
<i><span style="font-family: Courier New, Courier, monospace;"><span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="background-color: white;">curl -k -u '</span><span style="text-indent: 0px;"><span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><b>username:password</b></span></span></span><span style="background-color: white;">' -H "Content-Type: application/xml" -X GET </span>https://<span style="text-indent: 0px;"><span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><b>nsxFQDN</b></span></span></span><span style="background-color: white;">:443/api/4.0/edges/</span><b>Edge-ID</b><span style="background-color: white;">/appliances/</span></span></span><span style="font-size: 11pt; text-indent: 36pt;"><b>highAvailabilityIndex</b></span><span style="background-color: white; font-size: 11pt; text-indent: 36pt;"> > </span><b style="font-size: 11pt; text-indent: 36pt;">XXX</b><span style="background-color: white; font-size: 11pt; text-indent: 36pt;">.xml</span></span></i><br />
<span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<div style="font-family: calibri, sans-serif;">
<b><span lang="EN-AU">2. Update the </span><span style="font-size: 11pt;"><span lang="EN-AU">memory reservation in xml file.</span></span></b></div>
<div style="font-family: calibri, sans-serif;">
<b><span style="font-size: 11pt;"><span lang="EN-AU"><br /></span></span></b></div>
<span style="text-indent: 48px;"><span style="font-family: "courier new" , "courier" , monospace;"><i><memoryReservation></i></span></span><br />
<span style="text-indent: 48px;"><span style="font-family: "courier new" , "courier" , monospace;"><i><limit>-1</limit></i></span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><i><span style="text-indent: 48px;"><reservation></span><b style="text-indent: 48px;">YYY</b><span style="text-indent: 48px;"></reservation></span></i></span><br />
<span style="text-indent: 48px;"><span style="font-family: "courier new" , "courier" , monospace;"><i></memoryReservation></i></span></span><br />
<div style="font-family: calibri, sans-serif;">
<br /></div>
</div>
<div class="MsoNormal" style="font-family: Calibri, sans-serif; font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<span style="font-size: 11pt;"><span lang="EN-AU">3. <b>Update the edge config</b></span></span></div>
<div class="MsoNormal" style="font-family: Calibri, sans-serif; font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<span style="font-size: 11pt; text-indent: 36pt;"><br /></span></div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<i><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: 11pt; text-indent: 36pt;">curl -k -u '</span></span></i><i><span style="font-family: Courier New, Courier, monospace;"><span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="text-indent: 0px;"><span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><b>username:password</b></span></span></span></span></span></span></i><i><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: 11pt; text-indent: 36pt;">' -H "Content-Type:application/xml" PUT </span>https://</span></i><i><span lang="EN-AU" style="font-size: 11pt; text-indent: 36pt;"><span style="font-family: "courier new" , "courier" , monospace;"><b>nsxFQDN</b></span></span></i><i><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: 11pt; text-indent: 36pt;">:443/api/4.0/edges/</span><b style="font-size: 11pt; text-indent: 36pt;">Edge-ID</b><span style="font-size: 11pt; text-indent: 36pt;">/appliances/</span></span></i><i style="font-size: 11pt;"><span style="font-family: Courier New, Courier, monospace;"><span style="font-size: 11pt; text-indent: 36pt;"><b>highAvailabilityIndex</b></span></span></i><i style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: 11pt; text-indent: 36pt;"> -d "@</span><b style="font-size: 11pt; text-indent: 36pt;">XXX</b><span style="font-size: 11pt; text-indent: 36pt;">.xml"</span></span></i></div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<i><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: 11pt; text-indent: 36pt;"><br /></span></span></i></div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
As you can see you can change some settings of the Edge, but you cannot do the same with controllers. At least I couldn't find anything similar for controllers in NSX RestAPI guide. </div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<br /></div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
Also, it is not easy to automate. </div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<span style="font-size: 11pt;">Here is an example of how you can use PowerCLI to automate RestAPI calls</span><br />
<span style="font-size: 11pt;"><br /></span></div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<script src="https://gist.github.com/vmnomad/3c79d736059a2df9c2a49e2e992a55d9.js"></script>
</div>
<div class="MsoNormal" style="font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<br /></div>
And here what you can get from the output<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8XtTZpe81etybfLcIZvORulLB2gdRg61ca2TOJoJbvf5abAdFkGhUvHS1mol96Oi0LG0XV6ACNrWD8FOpzZP7GltLTvdfNYhYfZ4ucgDDU2tbfoOK7OsF5QyefoU_yiJpLnPUjXcIDxSA/s1600/Screen+Shot+2017-08-27+at+2.24.21+pm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="608" data-original-width="878" height="442" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8XtTZpe81etybfLcIZvORulLB2gdRg61ca2TOJoJbvf5abAdFkGhUvHS1mol96Oi0LG0XV6ACNrWD8FOpzZP7GltLTvdfNYhYfZ4ucgDDU2tbfoOK7OsF5QyefoU_yiJpLnPUjXcIDxSA/s640/Screen+Shot+2017-08-27+at+2.24.21+pm.png" width="640" /></a></div>
<br />
<br />
From here you can update anything you need and change the config using similar PowerCLI function.<br />
<br />
As you can see it is more time consuming way of doing things. and again, this is not applicable for NSX controllers.<br />
<br />
So I thought I should go back to the original idea of enabling ReconfigVM_task method and started searching for instructions when I found out (once again) that William Lam has already done this. In this <a href="http://www.virtuallyghetto.com/2016/07/how-to-easily-disable-vmotion-cross-vcenter-vmotion-for-a-particular-virtual-machine.html" target="_blank">post</a> he explains how you can disable vMotion for some of the VMs by disabling MigrateVM_task method. But the most amazing part of that post was that he created PowerCLI functions to enable/disable any methods without using vSphere MOB.<br />
<br />
From here it was really easy to create the following script which changes the memory reservation on any VMs - whether they are deployed by NSX or not.<br />
<br />
<script src="https://gist.github.com/vmnomad/d4aa02455776c07dd5079d046f5855f7.js"></script>
<br />
<br />
<div class="MsoNormal" style="font-family: Calibri; font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
The script grabs all VMs with 100% of memory reservations and changes this value to 99%. You can change this value to whatever you prefer. If ReconfigureVM method is disabled the script will re-enable it first. After the memory reservation is updated the script will change the ReconfigVM method back to disabled.<o:p></o:p></div>
<div class="MsoNormal" style="font-family: Calibri; font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
All you need to do is to update the vCenter name and credentials before you run the script.</div>
<div class="MsoNormal" style="font-family: Calibri; font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<br /></div>
<div class="MsoNormal" style="font-family: Calibri; font-size: 11pt; margin: 0cm 0cm 0.0001pt;">
<br /></div>
Here is the example of the script output<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhn3Zot2XkIqx2cNNF8uF0Tw91yBBNsl1wFNMxStMz6qNP6iNTd03ioxOnfWf2w5PVoZFC2rvZ_A6FfRR1m-k0RIn-LDqhTSzPZ60vAUAhxhO8M3QJws7sYSlU3zoJvDvoPcRAO-NaB_ylz/s1600/Screen+Shot+2017-08-26+at+10.57.56+pm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="236" data-original-width="1582" height="92" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhn3Zot2XkIqx2cNNF8uF0Tw91yBBNsl1wFNMxStMz6qNP6iNTd03ioxOnfWf2w5PVoZFC2rvZ_A6FfRR1m-k0RIn-LDqhTSzPZ60vAUAhxhO8M3QJws7sYSlU3zoJvDvoPcRAO-NaB_ylz/s640/Screen+Shot+2017-08-26+at+10.57.56+pm.png" width="640" /></a></div>
<br />
<br />
A word of caution - this is not officially supported way of changing the settings of NSX appliances. It works but it's at your own risk.vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com1tag:blogger.com,1999:blog-4991582231121311353.post-67079600032321399982017-05-08T08:07:00.000+10:002017-05-08T08:07:29.081+10:00Testing new vSphere 6.5 feature - DRS CPU overcommitment<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">I am currently working on a project where one of the customer's requirements is to use strict pCPU to vCPU ratio. Luckily, VMware introduced new feature called CPU over-commitment ratio in vSphere 6.5 which helps to meet the requirement. I spent an evening playing with this new feature and would like to share my experience. </span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">The VMware documentation is quite laconic when it discusses new DRS features. So, after reading the documentation I still had few questions on how CPU over-commitments works:</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<ol>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Does it count vCPUs against Physical or Logical Processors?</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">What is DRS behaviour when the ratio is violated?</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Is over-commitment ratio applied per host or per cluster?</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Will HA respect this ratio when restarting VMs after the host failure?</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Is ratio changed when host is placed into maintenance mode?</span></li>
</ol>
<br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">So, let's try to answer all these questions using my lab.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>1. Does it count vCPUs against Physical or Logical Processors?</b></span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Usually I run most of my tests in the nested labs using nested ESXi servers, but to answer this question I had to use one of my physical clusters which supports hyperthreading and thus provides physical and logical processors.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">The cluster consists of 2 x SuperMicro Servers and each of the servers runs on Xeon D-1528 CPU with 6 physical cores. So, in total I have 12 physical / 24 logical processors in the cluster.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlqPrQjpaQUpNJ93Bh09769qhmpTRTJMJz5D_zRbBiOpECa6NkZBjwIPgPk3zTq2-0iLYVq-ZGq6BuzqtuK7lSDvwM_HnW-XBr6eqEMrSMeGNccjZX3RXw7fJHbC8cZLdSv4N4Ra10rNPG/s1600/Screen+Shot+2017-05-06+at+11.03.51+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlqPrQjpaQUpNJ93Bh09769qhmpTRTJMJz5D_zRbBiOpECa6NkZBjwIPgPk3zTq2-0iLYVq-ZGq6BuzqtuK7lSDvwM_HnW-XBr6eqEMrSMeGNccjZX3RXw7fJHbC8cZLdSv4N4Ra10rNPG/s640/Screen+Shot+2017-05-06+at+11.03.51+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4CesLiHHDrYfKR2VumUSfnnq_o7OFrdEEn-bF7JqNbVJUuGV0fLM1Shn6yzu4L4ZBmraqG-iTZQnpHtFhbEHRT6SxL9-S_WNVldKPYIj-qrIHcV-VizIdhUbyxceh6-KvWhsTj-W4WzZ3/s1600/Screen+Shot+2017-05-06+at+11.04.03+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4CesLiHHDrYfKR2VumUSfnnq_o7OFrdEEn-bF7JqNbVJUuGV0fLM1Shn6yzu4L4ZBmraqG-iTZQnpHtFhbEHRT6SxL9-S_WNVldKPYIj-qrIHcV-VizIdhUbyxceh6-KvWhsTj-W4WzZ3/s640/Screen+Shot+2017-05-06+at+11.04.03+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Currently I am running 4 VMs with 11 vCPUs assigned in total. DRS is enabled and CPU overcommitment is configured to 100%. I am planning to power on a another VM with 2 vCPUs.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">If DRS counts over-commitment ratio using physical CPUs it should give me some kind of warning.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Here is the result of my attempt to power-on another VM.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj2Or6Xh8I4D7jOE8IxXBcYKjSi9CWI6-7CJed3bXy7TCT9nDyTq_d5pDODWZUI5ICNtndtidvzAxWjyzSAZukG7Dw8nCmZ5DvIrGQYD_4gypCur2cMspByiXsn9rGVwEzYZad2ei-hPXe/s1600/Screen+Shot+2017-05-06+at+11.06.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="236" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj2Or6Xh8I4D7jOE8IxXBcYKjSi9CWI6-7CJed3bXy7TCT9nDyTq_d5pDODWZUI5ICNtndtidvzAxWjyzSAZukG7Dw8nCmZ5DvIrGQYD_4gypCur2cMspByiXsn9rGVwEzYZad2ei-hPXe/s640/Screen+Shot+2017-05-06+at+11.06.55+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">As you can see it actually answers the second question too.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">We can tell now that DRS definitely counts only physical CPUs. Interestingly, in this case DRS behaves as HA Admission Control prohibiting VM power-on operation as it will violate CPU over-commitment ratio.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>3. Is over-commitment ratio applied per host or per cluster?</b></span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">To answer this question I used my nested lab. Here are quick specs of the test cluster:</span><br />
<ul>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">3 x ESXi servers</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">2 x CPU per server</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">3 x virtual machines configured with 2 vCPUs each</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">CPU over-commitment is set to 100%</span></li>
</ul>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">So, I am running 6 vCPU in total on 6 CPUs in DRS cluster. Attempt to power on one more VM in this cluster will definitely fail as it will violate cluster level ratio. </span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Now, I vMotioned VM-2 to ESXi-1 which brought the pCPU to vCPU over-commitment ratio on that host to 200%. As you can see this vMotion didn't fail and no warning were generated.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcJBzdKwkEISP5SaTg5KkJUdHDYvYGngO_5HKscM8vHdQ2cAsUrh5ZyZyoOUbFIdnnrSpi_BhoVj9SQGouLqXmocyoGQtGB6483uAHqSZYHVdKnayft8Hw49g1b0wWuWR4KwMvu06jnJDF/s1600/Screen+Shot+2017-05-06+at+10.40.52+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcJBzdKwkEISP5SaTg5KkJUdHDYvYGngO_5HKscM8vHdQ2cAsUrh5ZyZyoOUbFIdnnrSpi_BhoVj9SQGouLqXmocyoGQtGB6483uAHqSZYHVdKnayft8Hw49g1b0wWuWR4KwMvu06jnJDF/s640/Screen+Shot+2017-05-06+at+10.40.52+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">DRS generate recommendations every 15 minutes and soon this cluster was balanced again, but that's part of DRS functionality that existed in previous versions of vSphere 6.5.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">So, we can tell that this over-commitment ratio is applied per cluster.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>4. Will HA respect this ratio when restarting VMs after the host failure?</b></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">It was the most tickling question for me. Taking into the consideration similarity of CPU over-commitment and HA Admission Control features I was wondering whether over-commitment ratio should be adjusted to take into the consideration host failure.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">I used the same lab setup you saw above in question 3. I verified that each host has been running one dummy VM.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTBmhRLBXBYOGsO0JPuPbDPJmLWqOqyBnAmbRjZnMeJcgUDQwb_WbMK-qAgDq8UFi9cCgV1jutzJ8Xgr0GG_iMbp6nFD3qVyiImtU3Vl3YIq5oLzhfNbo3yBCU7-RMg4Prwt604gR6PtxA/s1600/Screen+Shot+2017-05-06+at+10.50.08+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTBmhRLBXBYOGsO0JPuPbDPJmLWqOqyBnAmbRjZnMeJcgUDQwb_WbMK-qAgDq8UFi9cCgV1jutzJ8Xgr0GG_iMbp6nFD3qVyiImtU3Vl3YIq5oLzhfNbo3yBCU7-RMg4Prwt604gR6PtxA/s640/Screen+Shot+2017-05-06+at+10.50.08+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Then I restarted vesxi65-3 host and 2 minutes later the VM-3 was successfully restarted on vesxi65-1 server even though the CPU over-commitment ratio was equal to 150%.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7Kt7hWnRunzvVhBlK45Km_3MjLlpFgWDFejqjVElSIP305P7PvCfBTDLOkf93BqE8gu-kvXVsFEzJsFqhLGNccFlLQ6moPmo8OZ0STr8E4zW7CJCyIq_afnY5sdbVjRcQzizWRZ_MOaYq/s1600/Screen+Shot+2017-05-06+at+10.55.29+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="118" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7Kt7hWnRunzvVhBlK45Km_3MjLlpFgWDFejqjVElSIP305P7PvCfBTDLOkf93BqE8gu-kvXVsFEzJsFqhLGNccFlLQ6moPmo8OZ0STr8E4zW7CJCyIq_afnY5sdbVjRcQzizWRZ_MOaYq/s640/Screen+Shot+2017-05-06+at+10.55.29+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">This proves that HA restart has higher priority over CPU over-commitment ratio. This totally makes sense to me as VM's availability is more important that potential performance impact.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>5. Is ratio changed when host is placed into maintenance mode?</b></span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">I reverted my lab back to default settings and tried to place the host into maintenance mode which would result in 4 pCPU to 6 vCPU ratio which would violate configured CPU over-commitment ratio. </span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">The tasks didn't fail so I at first I assumed that there would be no problem.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicp1XUspBBn54ltkzjukH-b7xqJ5os_D2natU8nbOjLDhevL_Qfd5KmmAnYGwPKlxYXrVTemcBLyMGUZwFZ8J_MxBb7UTUO6vToUCWEYiybB074Z5n3-Xrj08J1u4U81xzU0m619YVJL5R/s1600/Screen+Shot+2017-05-06+at+10.16.24+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="51" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicp1XUspBBn54ltkzjukH-b7xqJ5os_D2natU8nbOjLDhevL_Qfd5KmmAnYGwPKlxYXrVTemcBLyMGUZwFZ8J_MxBb7UTUO6vToUCWEYiybB074Z5n3-Xrj08J1u4U81xzU0m619YVJL5R/s640/Screen+Shot+2017-05-06+at+10.16.24+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">5 minutes later that task was still running so I checked the DRS Faults and immediately found the following.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2rD5mGcDt4cr4v_lnHkHMjx7W01NXtzXE6T-iMoP0TOrNBNPArjUpVwy7TLrWPgjV_igUOh-XjsgG3eYG88POnPy_hiE64O9pPIL0UX15g42A2utyhDaWzbJIHY-Pk-tc4El_dPP2laqr/s1600/Screen+Shot+2017-05-06+at+10.15.53+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2rD5mGcDt4cr4v_lnHkHMjx7W01NXtzXE6T-iMoP0TOrNBNPArjUpVwy7TLrWPgjV_igUOh-XjsgG3eYG88POnPy_hiE64O9pPIL0UX15g42A2utyhDaWzbJIHY-Pk-tc4El_dPP2laqr/s640/Screen+Shot+2017-05-06+at+10.15.53+PM.png" width="640" /></span></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Clearly, DRS would always respect its own over-commitment rule when trying to generate vMotion recommendations. </span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">So, the main takeaways for today are:</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<ul>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Only physical CPUs are used in calculations - no hyper threading</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">CPU over-commitment works very similar to Admission Control by preventing VMs to power on if it will violate the configured ratio.</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">During HA failover the CPU overcommitment setting is ignored - makes sense as recovering VMs is more critical than respecting overcommitment ratio</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">The over-commitment ratio is applied at cluster level</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">DRS will prevent placing the host into maintenance mode if it breaks its rules. </span></li>
</ul>
<br />vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com10tag:blogger.com,1999:blog-4991582231121311353.post-47080812498190171412017-05-04T23:08:00.000+10:002017-05-04T23:08:39.876+10:00Creating replica seeds for vSphere ReplicationI have known for a while that vSphere Replication allows to use replica seeds to significantly save time of initial sync.<br />
<br />
<div>
This approach is recommended when there is not sufficient bandwidth between sites to complete replication in time. In this case it is recommended to create copies of the VM disks, transfer them to the destination site using external media, e.g. external USB hard drive. Once the files are copied to the target datastore vSphere Replication can be instructed to use them as replica seeds. The source and target disks will be scanned and only modified blocks of data will be transferred. <br />
<br />
There is an issue with this approach. According to VMware documentation the virtual machine has to be powered off before creating disk copies of the original VM. In most environments this kind of action require Request for Change and it can take quite a while before this request approved.<br />
<br />
As a workaround you can clone powered on VM, but the disks of the cloned VM will have new UUID. When vSphere Replication is instructed to use replica seeds it compares source and destination disks using two criteria - VMDK name and UUID. If one of them doesn't match in both disks you won't be able to configure vSphere Replication for this VM.<br />
<br />
Therefore, I thought it is a nice opportunity to simplify process of creating replica seeds for vSphere Replication with no outage for virtual machines.<br />
<br />
So, the whole process is quite simple:<br />
<br />
1. Clone running VM. The cloned VM will need to have the same name to keep the disk names identical. Since VMs will have the same name they will need to be placed into different folders.<br />
<br />
2. Run the script that will update the cloned VM's disk with original UUIDs.<br />
<br /></div>
<script src="https://gist.github.com/vmnomad/6240e6de0e177be1c1f2f45a042cc5ca.js"></script>vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com1tag:blogger.com,1999:blog-4991582231121311353.post-55175469702681320772017-03-28T22:45:00.000+11:002017-03-28T22:45:29.010+11:00Migration options with VMware<div style="color: #333333; font-family: 'Open Sans', sans-serif; font-size: 14px; margin-bottom: 20px; padding: 0px;">
I have been recently working on one large IT transformation project. While I have been involved in the design of vSphere, vSAN and NSX of the new environment my main focus was on the the migration strategy of the existing virtual workload. </div>
<div style="color: #333333; font-family: 'Open Sans', sans-serif; font-size: 14px; margin-bottom: 20px; padding: 0px;">
While going through numerous options I realised that if you run vSphere & SRM you already have tools that could cover most of the migration scenarios. </div>
<div style="color: #333333; font-family: 'Open Sans', sans-serif; font-size: 14px; margin-bottom: 20px; padding: 0px;">
So, I thought I would post a quick summary of the few migration options which will cover each solution's pros and cons and requirements.</div>
<div style="color: #333333; font-family: 'Open Sans', sans-serif; font-size: 14px; margin-bottom: 20px; padding: 0px;">
<a href="https://www.starwindsoftware.com/blog/virtual-workload-migration-with-vmware" target="_blank">Learn more</a></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-11758891189635378582017-01-14T12:35:00.002+11:002017-01-14T12:35:34.581+11:00Upgrade to ESXi 6 failed - Upgrade option is missing in the consecutive attemptsRecently I had an issue while upgrading the customer's environment from ESXi 5.5 to 6.<br />
<br />
This was very sensitive vSAN cluster with numerous issues so I had to manually upgrade hosts.<br />
One of the hosts failed during the upgrade process with an error "[Errno 28] No space left on device"<br />
<br />
After some troubleshooting I found that the /locker/packages folder contained 5.5.0 and 6.0.0 packages folder so I moved both these folders to a shared datastore to cleanup up some space.<br />
<br />
However, when I tried to run the upgrade for the second time the installer didn't provide <b>Upgrade</b> option. If you open the details of the disk where ESXi is installed, in my case SD card, you will see that the Installer cannot find ESXi there.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuUmMu8ZqgvO48tGoVRKwrr7AE1ve-ElvwRZxNMqA1dMUa1w4GYmIS3Icn6cUVI_frWC4I_kVNpbAE3eURx2wABRqFf78z_JXfC-yfks87NhdzuQUFGCQ5a3CCAozoWR9ihZTXZgSrcw5N/s1600/Screen+Shot+2016-12-23+at+1.29.52+am.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuUmMu8ZqgvO48tGoVRKwrr7AE1ve-ElvwRZxNMqA1dMUa1w4GYmIS3Icn6cUVI_frWC4I_kVNpbAE3eURx2wABRqFf78z_JXfC-yfks87NhdzuQUFGCQ5a3CCAozoWR9ihZTXZgSrcw5N/s640/Screen+Shot+2016-12-23+at+1.29.52+am.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
However, I could still boot ESXi host just fine. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Well, the thing is that ESXi contains two boot partisions with two symbolic links to boot partitions /bootbank and /altbootbank.</div>
<div class="separator" style="clear: both; text-align: left;">
When ESXi is updated/upgraded the new files are actually writtent to the /altbootbank partition and then the symlinks are updated so that /altbootbank partition becomes /bootbank partition and vice versa.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
That allows to rollback the ESXi update/upgrade if something goes wrong with the /bootbank. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
In my case the /altbootbank wasn't fully updated due to the failed upgrade process and it didn't containg the state.tgz file which is actually a collection of configuration files. Some othere files were missing too and the sizes of two partitions differ significantly. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
So, it looks like when the /altbootbank is corrupted and doesn't contain all files the Installer refuses to recognize installed ESXi.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Therefore, I deleted all files from the /altbootbank partition and copied the content of /bootbank over and on the next attempt I was suggested to upgrade the ESXi host. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com3tag:blogger.com,1999:blog-4991582231121311353.post-35070140979316578532016-10-13T15:12:00.002+11:002016-10-13T15:12:20.487+11:00Getting Protected site back online after using Forced Recovery Plan with SRMThis week I had a question from one of my customer on how to correctly test disaster recovery with SRM in the scenario as close as possible to a reality.<br />
<br />
Most of you probably know how you can run non-disruptive failover test with SRM which lets you verify the SRM recovery plan without any impact on the Production servers.<br />
<br />
You might also used SRM to test a planned failover where virtual machines are powered off at the Protected site and then recovered at the Recovery site.<br />
<br />
The good thing is that official documentation provides comprehensive instructions on how to run these tests.<br />
<br />
However, the provided information on how to correctly deal with forced recovery is a bit vague. This type of recovery is ran when the Protected datacentre is not available. And that's what our customer wanted to test to be 100% sure their infrastructure is covered for real disaster.<br />
<br />
Obviously, when your Protected Site is down and you have to recover your environment there are not many choices. You can only run Forced Recovery on the SRM server at the Recovery Site.<br />
<br />
But the documentation does not explain on how to deal with the situation when the Protected site comes back online.<br />
<br />
Here is what it says:<br />
<br />
"<span style="color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 12px;">After the forced recovery completes and you have verified the mirroring of the storage arrays, you can resolve the issue that necessitated the forced recovery. After you resolve the underlying issue, run planned migration on the recovery plan again, resolve any problems that occur, and rerun the plan until it finishes successfully. Running the recovery plan again does not affect the recovered virtual machines at the recovery site.</span>"<br />
<br />
When I read it first I had several questions:<br />
<br />
1. What direction should be the storage mirroring configured before running Planned Migration provided that we have already recovered VMs at the Recovery Site?<br />
2. How planned migration will be able to complete successfully when there are so many steps in the recovery plan that were already completed during the Forced Recovery? If you ever ran Planned Migration you know that any error will stop the Recovery Plan.<br />
3. Should I pause/stop the storage replication prior to running Planned Migration?<br />
<br />
So, I had no clear understanding of the sequence of actions for this scenario. That's where my home lab proved to be a very efficient investment.<br />
<br />
To make it as close as possible to real infrastructure I deployed HPE VSA to simulate array based replication. Both sites consist of 3 hosts running, the Protected Site runs a couple of CentOS VMs on a replicated datastore.<br />
<br />
So, here is sequence of steps I used in my lab to simulate disaster, to run forced recovery and to restore the status quo after bringing the Protected site back online.<br />
<br />
<i><span style="font-size: x-small;">Please note that there are many different DR scenarios and I don't have to test all of them. Also, running everything as nested lab I can't test different types of storages or replications so the output of Forced Recovery with HP 3PAR or EMC VMAX with synchronous replication might be different to what I got. </span></i><br />
<br />
1. The failure of Protected Site was simulated using firewall rules to deny all traffic between sites, including the replication traffic<br />
<br />
2. Logged into vCenter at the Recovery Site and ran Forced Recovery plan.<br />
<br />
The following screenshot depicts all the steps of the recovery plan and their status.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9aWDSj63ZTOAyxU3sLCB9tvnsHbQ0st0LpdvgwJ10hX6tHKJzhOiUSEh7WCayHYYK2Y8JvO_dxxsdu_JdocSM9cIrCBsDf5r-AIIPZZ5VCHg5-NedHBtZmXfWU6QnvgYLTxclzuFhWQDy/s1600/Screen+Shot+2016-10-12+at+9.55.20+pm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="352" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9aWDSj63ZTOAyxU3sLCB9tvnsHbQ0st0LpdvgwJ10hX6tHKJzhOiUSEh7WCayHYYK2Y8JvO_dxxsdu_JdocSM9cIrCBsDf5r-AIIPZZ5VCHg5-NedHBtZmXfWU6QnvgYLTxclzuFhWQDy/s640/Screen+Shot+2016-10-12+at+9.55.20+pm.png" width="640" /></a></div>
<br />
<br />
3. After confirming that all VMs were successfully restored at the Recovery Site I shutdown the VMs at the Protected Site.<br />
<br />
3. Removed the firewall rules to restore the connection between sites<br />
<br />
SRM servers give you some hints on how to restore the status quo.<br />
<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiM-qdAb7rpUC97JVJT7v95JRvIUF4lgaQwTeNm1Q5tUjNfNjY5ecUN4E6of59TWzYkvT5nvL8MYvUgi2uN9Vr0Juxiu9DwYyLeLjsuxs3KVK8yKPz1AfyIBVavHFO7kUAY25pLE1xETGL/s1600/Screen+Shot+2016-10-12+at+9.59.06+pm.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="328" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiM-qdAb7rpUC97JVJT7v95JRvIUF4lgaQwTeNm1Q5tUjNfNjY5ecUN4E6of59TWzYkvT5nvL8MYvUgi2uN9Vr0Juxiu9DwYyLeLjsuxs3KVK8yKPz1AfyIBVavHFO7kUAY25pLE1xETGL/s640/Screen+Shot+2016-10-12+at+9.59.06+pm.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Protected Site status</td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhATdidQu2s8_VbFiST1Qq9XIv8tA-v_m1kv8-x790zDlgdE6DbEkoCI3Y5lBFKkCjOH6rguElYhwgb1ZIEVwHa8IOBLxzdamp_2Vs37Vweg_cU6F2pi-ToDmeAmnOKr91fIuHPcFfrmRNg/s1600/Screen+Shot+2016-10-12+at+9.59.14+pm.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhATdidQu2s8_VbFiST1Qq9XIv8tA-v_m1kv8-x790zDlgdE6DbEkoCI3Y5lBFKkCjOH6rguElYhwgb1ZIEVwHa8IOBLxzdamp_2Vs37Vweg_cU6F2pi-ToDmeAmnOKr91fIuHPcFfrmRNg/s640/Screen+Shot+2016-10-12+at+9.59.14+pm.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Recovery Site status</td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinZ5ksU8ASBeroPoBvBHpVk1EkarjhJsY_FloVgyU1J1MkO24e-meuu_jTOSB7B4PlyQKWBpb8wC-7yxZMIp0lf7SozEfAWy7T8dXU4lnflTT90TVBr2KP_b6KfRdR4MzqvMr5tZCuc9NO/s1600/Screen+Shot+2016-10-12+at+9.59.43+pm.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="214" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinZ5ksU8ASBeroPoBvBHpVk1EkarjhJsY_FloVgyU1J1MkO24e-meuu_jTOSB7B4PlyQKWBpb8wC-7yxZMIp0lf7SozEfAWy7T8dXU4lnflTT90TVBr2KP_b6KfRdR4MzqvMr5tZCuc9NO/s640/Screen+Shot+2016-10-12+at+9.59.43+pm.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Replication status</td></tr>
</tbody></table>
As you can see SRM understands that the failover is not fully completed yet. Therefore the replication status of the device is 'Failover in Progress'<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXSdSq5R8IUtzstN73fK-F0aAYiZfOa-WlXPSFOyu5h9B2WBi8avsyBQlZG9DImFS6Ok5OdJUkbScNQPt07XxpL9jTrS5O9tD1nfCht2pJchrEWb97keL_OWcngLkuhMwfzqm-YEN517PV/s1600/Screen+Shot+2016-10-12+at+10.00.08+pm.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="274" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXSdSq5R8IUtzstN73fK-F0aAYiZfOa-WlXPSFOyu5h9B2WBi8avsyBQlZG9DImFS6Ok5OdJUkbScNQPt07XxpL9jTrS5O9tD1nfCht2pJchrEWb97keL_OWcngLkuhMwfzqm-YEN517PV/s640/Screen+Shot+2016-10-12+at+10.00.08+pm.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The Recovery Plan</td></tr>
</tbody></table>
<br />
As you can see the Recovery Plan looks different now compared to the one in Step 2. It actually tells you now to run the Planned Failover again.<br />
<br />
4. Ran the Planned Failover again as instructed<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkG9lsj__5qb1SI-FaIgXBiwEivkC6Hvq8Zk_d6Id4VQ7FZztUvRCK89-PNaFqWsgUuerZomzYqWuuE9HEkF9UjgaqdRnEL-c3NMg6UhOG2Q1Pbz-Zmi_RnRzG1-m5EJpT6CCTNKVkREk1/s1600/Screen+Shot+2016-10-12+at+10.24.00+pm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="338" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkG9lsj__5qb1SI-FaIgXBiwEivkC6Hvq8Zk_d6Id4VQ7FZztUvRCK89-PNaFqWsgUuerZomzYqWuuE9HEkF9UjgaqdRnEL-c3NMg6UhOG2Q1Pbz-Zmi_RnRzG1-m5EJpT6CCTNKVkREk1/s640/Screen+Shot+2016-10-12+at+10.24.00+pm.png" width="640" /></a></div>
<br />
<br />
Looks like SRM is smart enough to skip the steps that have already been done.<br />
Essentially, the following actions are conducted when running Planned Failover:<br />
<br />
* Protected VMs are shutdown at the Protected Site<br />
* Protected VMs are converted to Placeholder VMs<br />
* The protected datastores are unmounted at the Protected Site<br />
* The replicated LUNs are converted to read-only mode<br />
<br />
That brings both SRM servers to consistent state where all workload now runs at the Recovery site and replicated to the Protected Site.<br />
<br />
Now you can follow the regular routine and reprotect the workload and then move it back to the Protected site using the Planned Failover option.<br />
<br />
Hope that helps understand the logic of SRM Recovery after Forced Recovery.<br />
<br />vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com2tag:blogger.com,1999:blog-4991582231121311353.post-87575189865470993362016-09-09T12:28:00.000+10:002016-09-09T12:41:25.427+10:00Securing Remote Access with Sophos UTM<!--StartFragment-->
<!--EndFragment--><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Two-factor authentication is probably the best way to protect against remote attacks nowadays. You may take numerous precaution measures to protect your computer, but you can never be 100% sure your credentials are not compromised. <br /><br />Sophos UTM provides built-in support of two-factor authentication. And as with all other features in UTM, 2FA feature is implemented in a very user-friendly interfaces. <br /><br />In my previous <a href="http://vmnomad.blogspot.com/2016/09/remote-access-with-sophos-utm.html" target="_blank">blog post</a> I showed how easy to enable and configure different types of Remote Access with Sophos UTM. Today we will see how to secure the Remote Access with OTP. <br /><br />Additionally, we will review the installation of third-party SSL certificate from one of the providers that is trusted by your browser. Not that I expect some phishing attacks on my home lab, but it will stop the browser throwing the certificate error every time you access UTM User Portal. <br /><br />Ok, let's start with OTP configuration. <br /><br /> <br /><b>1. </b>Log into Sophos UTM and go to Definition & Users - Authentication Services </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgITYCtQU-vr_5HGO0wvJL7MoCs0OcOsTxi77sBadKAMawpUGaBI7iYds8mux9cfu_NHZU9ID0FeDgSkryVmVdvFIf5mPC2qvEohbo0E8d6GDqGaihc9l8jf0U7IRcXe-CQr0Vo-SNWwmOW/s1600/Screen+Shot+2016-09-08+at+4.26.07+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgITYCtQU-vr_5HGO0wvJL7MoCs0OcOsTxi77sBadKAMawpUGaBI7iYds8mux9cfu_NHZU9ID0FeDgSkryVmVdvFIf5mPC2qvEohbo0E8d6GDqGaihc9l8jf0U7IRcXe-CQr0Vo-SNWwmOW/s640/Screen+Shot+2016-09-08+at+4.26.07+PM.png" width="640" /></a></div>
<div>
<br /></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>2.</b> Open One-Time Passwords tab and enable the service </span></div>
<div>
<ul><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
<li>Check that 'Auto-create OTP tokens for users' setting is enabled </li>
<li>Check that OTP is enabled for User Portal </li>
<li>Check that OTP is enabled for SSL VPN Remote Access </li>
</span></ul>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJmJNCmcfCwEYuRP0NSNPs-d7XIEjxqnNh4sT2suusT6vJFwP_5LHdxDQ0LOmqACjJ-Q8Bl3hcV26xYJxKefF3wQILTChirT3bQCXu8sCQPVBBunalskpfVlUTEW8flQVbd0ghvTTFOTwU/s1600/Screen+Shot+2016-09-08+at+4.27.46+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="262" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJmJNCmcfCwEYuRP0NSNPs-d7XIEjxqnNh4sT2suusT6vJFwP_5LHdxDQ0LOmqACjJ-Q8Bl3hcV26xYJxKefF3wQILTChirT3bQCXu8sCQPVBBunalskpfVlUTEW8flQVbd0ghvTTFOTwU/s640/Screen+Shot+2016-09-08+at+4.27.46+PM.png" width="640" /></a><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /><br /><b>3.</b> That's it. See how simple it is?<br /></span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Now let’s have a look at how we get it working. <br /><br /><b>1.</b> Install Google Authenticator app on your mobile. </span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /><b>2.</b> Login to the user portal with your credentials. Note, you can't use OTP yet.</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><b>3.</b> You will immediately see the QR code which you will need to scan with Google Authenticator</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOcHS5ILPojkuqvIpi2c3XXnhVDUUUPYXEdb-7-EVCR-dNJvHhTTDdMxhkXBuEixuZokcfcnp0eh_5IsizJKgB4zQaPJfoMBIjk1n3_FzLhxfZV1UsYFo8aeXE81dvw2oF0MtrQr72BEgr/s1600/Screen+Shot+2016-09-08+at+4.32.51+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="386" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOcHS5ILPojkuqvIpi2c3XXnhVDUUUPYXEdb-7-EVCR-dNJvHhTTDdMxhkXBuEixuZokcfcnp0eh_5IsizJKgB4zQaPJfoMBIjk1n3_FzLhxfZV1UsYFo8aeXE81dvw2oF0MtrQr72BEgr/s640/Screen+Shot+2016-09-08+at+4.32.51+PM.png" width="640" /></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br />4. Once Google Authenticator successfully reads the QR code press <b><span style="color: blue;">Proceed with login</span></b> button which will bring you to the login page again</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">5. In the password field you have to type your password directly followed by passcode displayed by Google Authenticator. </span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">6. </span><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Now you can see the details of your OTP in the User Portal </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj10sRg8ifgtSeykucw6YgJVJqvPeDZrKXZq5o-GQkY9S-eJ3CiVQ0peMfh_ZGkSQZ1cB-KJwG7pLM9cbb-gSIP4vF8d79vMd0GurUZQ8T9pDhWMhVBSBAf5AsQ8AqjTMDawan3hIx00jej/s1600/Screen+Shot+2016-09-08+at+4.37.57+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="442" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj10sRg8ifgtSeykucw6YgJVJqvPeDZrKXZq5o-GQkY9S-eJ3CiVQ0peMfh_ZGkSQZ1cB-KJwG7pLM9cbb-gSIP4vF8d79vMd0GurUZQ8T9pDhWMhVBSBAf5AsQ8AqjTMDawan3hIx00jej/s640/Screen+Shot+2016-09-08+at+4.37.57+PM.png" width="640" /></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Use the same combination of Password+Passcode when you authenticate with SSL VPN client <br /><br />One last thing. In case you loose your phone or you brake it, or the phone is reset and Google Authenticator is not there anymore you won't be able to authenticate to Sophos UTM.</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">For this type of situations you might wanna have some pre-generated authentication codes stored somewhere in a safe and secured place. </span><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">To get these codes:</span></div>
<div>
<ul>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Go to One Time Password tab again. </span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Click the Edit button on your username entry</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Expand the Advanced Settings and press the green Plus button to generate one time passwords.</span></li>
</ul>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRkkWg4EWBGBBZwlNkj0bD_CnD3lcJROWhv5yO9MbFvP7uVr0EfdRPhK8IZ6SZMHjpHIxEqyLXr6-_0Kkuov5HkXSrMibcKGLIVdUuOadWX_rdiXpwZSJcKJzWj3d0vzGh-tgg3FEKaZtG/s1600/Screen+Shot+2016-09-09+at+10.49.44+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="460" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRkkWg4EWBGBBZwlNkj0bD_CnD3lcJROWhv5yO9MbFvP7uVr0EfdRPhK8IZ6SZMHjpHIxEqyLXr6-_0Kkuov5HkXSrMibcKGLIVdUuOadWX_rdiXpwZSJcKJzWj3d0vzGh-tgg3FEKaZtG/s640/Screen+Shot+2016-09-09+at+10.49.44+AM.png" width="640" /></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /> <br /><br /> <br /><br />Now let's talk about 3rd party certificate installation.<br /><br />You will need your own domain name. When you request a certificate the Certificate Authority will normally require you to validate the domain name ownership by sending verification code to the email address of the domain owner or by asking you to create a DNS records for that domain. <br /><br />1. Generate a pair of keys </span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">openssl genrsa -aes256 -out myUTM.key 2048</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8ta-s6wl6H8mzarmt84rKFFHE1BDhZ3KtZ4gmoKy3g21MrKHz26Ary-0o-Ks49b-Q6bjUntLXWIVcZuDzmhc_8Cw2TPnVdXX9EFMul4fls_qqbqljj7FsxMa6Vu8e3eD0EFM7zp2Ygl30/s1600/Screen+Shot+2016-09-08+at+11.46.37+AM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="92" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8ta-s6wl6H8mzarmt84rKFFHE1BDhZ3KtZ4gmoKy3g21MrKHz26Ary-0o-Ks49b-Q6bjUntLXWIVcZuDzmhc_8Cw2TPnVdXX9EFMul4fls_qqbqljj7FsxMa6Vu8e3eD0EFM7zp2Ygl30/s640/Screen+Shot+2016-09-08+at+11.46.37+AM.png" width="640" /></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">2. Generate Certificate Signing Request </span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "\22 courier new\22 " , "\22 courier\22 " , monospace;">openssl req -new -key myUTM.key -out myUTM.csr</span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">This command will require additional input of information, including the domain name record of your UTM to be used as a Common Name in the certificate. </span><br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpHRC3DiidKP5ZadKzYNypL-GmMt59pTptSqOiBCPWYtQKCwNGhS7a4Hu1ZoSiWyszuoayZtPSKmH6pcxjrNRCNmWarRarddCeAUBtXzGQTXe_SPJU_ta3TgcPRFxxh-qkJao2PCZ4WAPC/s1600/Screen+Shot+2016-09-08+at+11.50.18+AM.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" height="412" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpHRC3DiidKP5ZadKzYNypL-GmMt59pTptSqOiBCPWYtQKCwNGhS7a4Hu1ZoSiWyszuoayZtPSKmH6pcxjrNRCNmWarRarddCeAUBtXzGQTXe_SPJU_ta3TgcPRFxxh-qkJao2PCZ4WAPC/s640/Screen+Shot+2016-09-08+at+11.50.18+AM.png" width="640" /></a><br />
<br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br />3. Upload CSR to a third party Certificate Authority</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">4. Download the signed certificate from the CA</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">5. Using the certificate from the CA and the key file generate PKCS12 file.</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "\22 \\22 courier new\\22 \22 " , "\22 \\22 courier\\22 \22 " , monospace;">openssl pkcs12 -export -in Cert.pem -inkey myUTM.key -out myUTM.p12</span></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Please note that you have to use .pem format. Don't use .p7b or .cer format of the certificate, otherwise you will get the following error</span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjV0ZVnZ-S_g6exC7CRf3YmLD4MWNDxIP-qu44UAu4QBQRZ_t5LBhTb_-a34VLkLs5Okc-0G8fNlq5Z8ZJtXHrUNazR5TvMkIZPT6qVvvbeUYYptKz4PygQOfS8WAzAvNqze5rSHewj6yz/s1600/Screen+Shot+2016-09-09+at+11.30.40+AM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="46" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjV0ZVnZ-S_g6exC7CRf3YmLD4MWNDxIP-qu44UAu4QBQRZ_t5LBhTb_-a34VLkLs5Okc-0G8fNlq5Z8ZJtXHrUNazR5TvMkIZPT6qVvvbeUYYptKz4PygQOfS8WAzAvNqze5rSHewj6yz/s640/Screen+Shot+2016-09-09+at+11.30.40+AM.png" width="640" /></a></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">6. Upload the PKCS12 certificate to the Sophos UTM</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPhmlYAqbcLOvdIdENyjVjlLAW2DItoIaQ5YDy5E8UZmKyKsz88vGudgT0NpsombTJGYqBHpehdUzE9eScodYPE0AyNgI2OlFnWFChoaU8iiGSWLpDyw2nILVgPqGcC9WqdIMXwejYaoqh/s1600/Screen+Shot+2016-09-09+at+9.16.50+AM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="366" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPhmlYAqbcLOvdIdENyjVjlLAW2DItoIaQ5YDy5E8UZmKyKsz88vGudgT0NpsombTJGYqBHpehdUzE9eScodYPE0AyNgI2OlFnWFChoaU8iiGSWLpDyw2nILVgPqGcC9WqdIMXwejYaoqh/s640/Screen+Shot+2016-09-09+at+9.16.50+AM.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">7. And finally configure UTM to use the new certificate for Web pages<br /><br /> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJb0zcLKGTTMCHM6DnOE-cqTA4V5wm0wUHqdo5YhmTNXzUXKPFwSalVyhm-OmfdmLTDWvHNssZsPzWMENlZP2n-MbCnVFez7WRcXET8IlVTJLWmkerB4Tln4Rm4taYMsSCJaDupyt1OAwH/s1600/Screen+Shot+2016-09-09+at+11.49.25+AM.png" imageanchor="1" style="font-family: -webkit-standard; margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJb0zcLKGTTMCHM6DnOE-cqTA4V5wm0wUHqdo5YhmTNXzUXKPFwSalVyhm-OmfdmLTDWvHNssZsPzWMENlZP2n-MbCnVFez7WRcXET8IlVTJLWmkerB4Tln4Rm4taYMsSCJaDupyt1OAwH/s640/Screen+Shot+2016-09-09+at+11.49.25+AM.png" width="640" /></a><br /></span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">As you see Sophos UTM again proves to be an ideal virtual networking solution for a home lab. </span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-78289720594949998132016-09-07T14:52:00.001+10:002016-09-09T12:40:18.753+10:00Organising remote access to your home lab with Sophos UTM<!--StartFragment-->
<!--EndFragment--><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">The Sophos UTM is way more than just a virtual router appliance. It is a swiss-knife with so many useful features. I have been using Sophos UTM for about 3 years. Two of them I used UTM in a production environment and it proved to be a very solid and reliable networking solution. <br /><br />The good thing about Sophos UTM that makes it an ideal candidate for home networking is that you can get a free Home Edition license with plenty of features. You can grab your copy <a href="https://www.sophos.com/en/products/free-tools/sophos-utm-home-edition.aspx" target="_blank">here</a>.<br /><br />Today I will be showing how easy and quick it is to configure remote access to your homelab with Sophos UTM.<br /><br />The virtual appliance offers you a plenty of Remote VPN options:</span><br />
<br />
<ul>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">SSL</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">PPTP</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">L2TP over IPsec</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">IPsec</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">HTML5 VPN</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Cisco VPN</span></li>
</ul>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br />I generally prefer to use SSL and HTML5 VPN. </span><br />
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">The former provides the best performance and is very secure, but it requires a client to be installed on your computer. The most popular OpenVPN SSL client for Mac is <a href="https://tunnelblick.net/" target="_blank">Tunnelblick</a>. It never let me down.<br /><br />The latter is HTML5 VPN. I normally use it as a backup method of remote access into my home lab when I can't use my Mac, e.g. in a customer's office. It doesn't require a client and runs just fine in your favourite browser. However, as you might have already guessed, it is not fast. Also, there are very few protocols that can be used via HTML5 VPN portal. With all that said it is still an awesome client-less remote access option.<br /><br /><br />So, let's have a look at how you configure SSL and HTML5 VPN on Sophos and how to configure Tunnelblick SSL client on your Mac.<br /><br />Here is a simplified diagram of my home lab network topology </span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxIrwnfQ-MNCjWcsus_Pz4N6Nx7ObMYCShDE8yawAxt-ttDw9tvmbGQv1Li7vi3zG0zilkVTrOfsvtTPRbagpvyrWhOpvt7cOj5NP1JyISqYZ39dqlrPFB13eoZ2_hFAAHK3Nl7sC4XbK4/s1600/Screen+Shot+2016-09-07+at+2.46.48+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="115" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxIrwnfQ-MNCjWcsus_Pz4N6Nx7ObMYCShDE8yawAxt-ttDw9tvmbGQv1Li7vi3zG0zilkVTrOfsvtTPRbagpvyrWhOpvt7cOj5NP1JyISqYZ39dqlrPFB13eoZ2_hFAAHK3Nl7sC4XbK4/s640/Screen+Shot+2016-09-07+at+2.46.48+PM.png" width="640" /></span></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /><br /><br />We will start with <b>HTML5 VPN</b> configuration.<br /><br /><br />1. Go to the Remote Access options and Enable HTML5 VPN Portal<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdM1xms-Y7xU79MEDk1xi-Udm8HLcTAJD2CeUfAhoKs9e1ZR9CRiv0c2Etkn5cD22t3XuzDAtthymXlijy2shbWVUz9fAOQumkDr6PGJZcpsG_LKC6cr9_XAtUk44d8hIzsy-4R4uo1cKy/s1600/Screen+Shot+2016-09-07+at+11.10.26+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="167" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdM1xms-Y7xU79MEDk1xi-Udm8HLcTAJD2CeUfAhoKs9e1ZR9CRiv0c2Etkn5cD22t3XuzDAtthymXlijy2shbWVUz9fAOQumkDr6PGJZcpsG_LKC6cr9_XAtUk44d8hIzsy-4R4uo1cKy/s640/Screen+Shot+2016-09-07+at+11.10.26+AM.png" width="640" /></a><br /><br />2. Click the <b><span style="color: blue;">New</span></b> <b><span style="color: blue;">HTML5 VPN Portal Connection</span></b> button and configure the following settings:</span><br />
<ul><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
<li>Name of the Portal</li>
<li>Connection Type - choose your protocol</li>
<li>The host you want to access via the HTML5 VPN</li>
<li>The users allowed to log into this remote access.</li>
</span></ul>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjG1wcIz0Pa6W02RA5wAFywMPRG-0eioj3lKw6cY38GDIRcAo5RkV1S6afoeXb_oT4Uu-G1ncdkR2PoRup1QmqO3MAl9bYmZ7cwTKwk5xXOHYHLrMz4PBBMTQTGjNc22_3MzsUFEaW2qXxc/s1600/Screen+Shot+2016-09-07+at+1.37.28+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="247" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjG1wcIz0Pa6W02RA5wAFywMPRG-0eioj3lKw6cY38GDIRcAo5RkV1S6afoeXb_oT4Uu-G1ncdkR2PoRup1QmqO3MAl9bYmZ7cwTKwk5xXOHYHLrMz4PBBMTQTGjNc22_3MzsUFEaW2qXxc/s320/Screen+Shot+2016-09-07+at+1.37.28+PM.png" width="320" /></a></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">I usually go with RDP and my Jump Host. </span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">3. Now go to Management - User Portal configuration:</span></div>
<div>
<ul>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Enable the End User portal</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Configure the Allowed Networks or Hosts that will be able to access the Portal web page.</span></li>
</ul>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTjnd-y8aDa9Ecm0KTkF4wkwsphz1U7sRn11SnbDfb6ynxBHMV5NFBAFh2YRWBJw7zsC8NLRCWdzre5bSfWl2WnUo8uIaV-idT-NKZVKgHsTlcTdRzOA36z05SJIWr9rrNoWt_lMcFTDy_/s1600/Screen+Shot+2016-09-07+at+11.20.24+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTjnd-y8aDa9Ecm0KTkF4wkwsphz1U7sRn11SnbDfb6ynxBHMV5NFBAFh2YRWBJw7zsC8NLRCWdzre5bSfWl2WnUo8uIaV-idT-NKZVKgHsTlcTdRzOA36z05SJIWr9rrNoWt_lMcFTDy_/s640/Screen+Shot+2016-09-07+at+11.20.24+AM.png" width="640" /></span></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /><br />Since I usually don't know what my remote IP Address will be (unless I work in the office) I prefer to rely on Dynamic DNS. I have been using <a href="http://noip.com/">noip.com</a> as a dynamic DNS solution and I have no reasons to complain about them.</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">4. The last step would be configuring port forwarding on your Internet modem/router so that you could access the Sophos UTM on the Internet. That's how it looks on my NetComm modem.</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7PzRGM8Imi7dkgVPQDiGlBqfRmiJnyUzoXZOhbf9dP_-5tuAF2xQdD_Ov8Uc6sXPIMuy2eX_zASxlKqhVplI4mDfjR1iATmAdJ1GiwMmz33kiIqINY-2oxMZDEEvDB9X47bM6ksynF5Lu/s1600/Screen+Shot+2016-09-07+at+11.39.14+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="82" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7PzRGM8Imi7dkgVPQDiGlBqfRmiJnyUzoXZOhbf9dP_-5tuAF2xQdD_Ov8Uc6sXPIMuy2eX_zASxlKqhVplI4mDfjR1iATmAdJ1GiwMmz33kiIqINY-2oxMZDEEvDB9X47bM6ksynF5Lu/s640/Screen+Shot+2016-09-07+at+11.39.14+AM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /><br />Check your modem's documentation on how to configure PAT/NAT.<br /><br />Tip: If your modem often renews public IP Address you could use Dynamic DNS as well.<br /><br />Now you are all set and ready to go, so let's see how it works<br /><br />1. Open your browser and enter the public IP Address of your modem or Dynamic DNS name.</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">2. Enter the credentials</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgclmO5KR65GV5Dotm-q_5l10-zJk5DGCK4u46DFjG7giTBXAizmGMAaiWWkZ9S7z7phqm0u_8p-0FRCzA2-lAwaZqB1elKF_vXo5MvBUQvL2nQPoLz4savxQl_mYJ4E5Vazh9NG9yqNpHq/s1600/Screen+Shot+2016-09-07+at+11.44.25+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="257" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgclmO5KR65GV5Dotm-q_5l10-zJk5DGCK4u46DFjG7giTBXAizmGMAaiWWkZ9S7z7phqm0u_8p-0FRCzA2-lAwaZqB1elKF_vXo5MvBUQvL2nQPoLz4savxQl_mYJ4E5Vazh9NG9yqNpHq/s400/Screen+Shot+2016-09-07+at+11.44.25+AM.png" width="400" /></span></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">3. Click <span style="color: blue;"><b>HTML5 VPN Portal</b></span> button<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiq06G2xhU6YCYW5FY9BHIYlPOKNFsAfqV3WwqOfZlm6p0XkvtOPgciyXFoXc7scOh3_qm3vWXLchxuK166Ek9DCF3Dm97ob_EAg_TL80l-uH-SenTWZKyqvU0LdtOPgrlXtxCYmckrxBs-/s1600/Screen+Shot+2016-09-07+at+11.44.59+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="323" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiq06G2xhU6YCYW5FY9BHIYlPOKNFsAfqV3WwqOfZlm6p0XkvtOPgciyXFoXc7scOh3_qm3vWXLchxuK166Ek9DCF3Dm97ob_EAg_TL80l-uH-SenTWZKyqvU0LdtOPgrlXtxCYmckrxBs-/s640/Screen+Shot+2016-09-07+at+11.44.59+AM.png" width="640" /></a><br /><br /><br /><br /><br /><br />4. That's where you can see the JumpHost you configured in Step 2.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWvW9VJPEM-pVBMCZZKv-yUXC3Pi34ulpi10P_qWLUGx5QWLF1CVsVwlnzbyYm_RzeqwEFY5_5UNmELHGqc5pyDZ7Jt4q72cpwphso6_WI3se4qPu77P9vaBkmtjnNdwPfzm-_2J3ArBKe/s1600/Screen+Shot+2016-09-07+at+11.45.33+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="125" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWvW9VJPEM-pVBMCZZKv-yUXC3Pi34ulpi10P_qWLUGx5QWLF1CVsVwlnzbyYm_RzeqwEFY5_5UNmELHGqc5pyDZ7Jt4q72cpwphso6_WI3se4qPu77P9vaBkmtjnNdwPfzm-_2J3ArBKe/s320/Screen+Shot+2016-09-07+at+11.45.33+AM.png" width="320" /></a><br /><br />5. Press Connect button and Enjoy clientless RDP access via HTML5.<br /><br /> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnpaeocyqMB7ogWFPa-s3376WtcHVPvxRWoM3791PDsaM5y94knXAB1fVfGX8eWIVO_xsI_3iVpJCDiv9E25QNPH36Frtc6dEQpQBHKsWCz_bVokQxsR3m3tlK9l-nd88Fs6nB03OWInpB/s1600/Screen+Shot+2016-09-07+at+1.50.47+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnpaeocyqMB7ogWFPa-s3376WtcHVPvxRWoM3791PDsaM5y94knXAB1fVfGX8eWIVO_xsI_3iVpJCDiv9E25QNPH36Frtc6dEQpQBHKsWCz_bVokQxsR3m3tlK9l-nd88Fs6nB03OWInpB/s320/Screen+Shot+2016-09-07+at+1.50.47+PM.png" width="320" /></a><br /><br /><br /><br />Now let's go through the configuration of <b>Remote Access via SSL</b><br /><br />1. Enable the End User Portal.<br /><br />We already did it in the step 3 of the HTML5 VPN Remote Access configuration procedure.<br /><br />2. Go to Remote Access - SSL</span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcyXH__GKwzSx3UI_MbZPC5Aun0mIr0u1XPZdlG1Unnsb_LRJYFVPX2enuZoUaWaQlTAETrSfnkbF8StOmRwhiJzi1mCf5NExD4ANeGff8MuQgN8GTJedtBXsaBbEcN5dH6_A-kaZYNucI/s1600/Screen+Shot+2016-09-07+at+10.51.28+AM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcyXH__GKwzSx3UI_MbZPC5Aun0mIr0u1XPZdlG1Unnsb_LRJYFVPX2enuZoUaWaQlTAETrSfnkbF8StOmRwhiJzi1mCf5NExD4ANeGff8MuQgN8GTJedtBXsaBbEcN5dH6_A-kaZYNucI/s200/Screen+Shot+2016-09-07+at+10.51.28+AM.png" width="200" /></span></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">3. Press New Remote Access Profile button and configure the following settings</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<ul><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
<li>Name of the Profile</li>
<li>Users allowed to use SSL Remote Access</li>
<li>Networks that will be available when SSL VPN is established.</li>
<li>Make sure the Automatic Firewall Rules checkbox is ticked.</li>
</span></ul>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
</span>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtjUebnQpI0e6r7V1FoKeKJ5qEZdNRqDSaMgYdlRmkyETjQ4knRvzJQTXIXCiNzIX5gSfRIo0ROHlE55n8i_48_jrndLXEzlPy4AOe1bC8en5vJworff7vNbT_7CjJdCv3j_qXQwgWim6Q/s1600/Screen+Shot+2016-09-07+at+11.51.31+AM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtjUebnQpI0e6r7V1FoKeKJ5qEZdNRqDSaMgYdlRmkyETjQ4knRvzJQTXIXCiNzIX5gSfRIo0ROHlE55n8i_48_jrndLXEzlPy4AOe1bC8en5vJworff7vNbT_7CjJdCv3j_qXQwgWim6Q/s400/Screen+Shot+2016-09-07+at+11.51.31+AM.png" width="228" /></a></span></div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">4. Go to Advanced Setting and enter your Dynamic DNS record into the Override Hostname field. Alternatively, if you use static Public IP address you can enter it here.</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoaXUBqrOPYqrns89tzXm2LIYNsQmgxLz1g5h6VKwjH7pdRBxTZJqiDDiqV3smY7ligdRVJOlWoTTgWlPGXutHjtQ6L3z4-iSocIYfB0hUdVSI-f-9Sox4UhEfj9C1z4BNNbS_mLQDE_74/s1600/Screen+Shot+2016-09-07+at+12.11.15+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoaXUBqrOPYqrns89tzXm2LIYNsQmgxLz1g5h6VKwjH7pdRBxTZJqiDDiqV3smY7ligdRVJOlWoTTgWlPGXutHjtQ6L3z4-iSocIYfB0hUdVSI-f-9Sox4UhEfj9C1z4BNNbS_mLQDE_74/s640/Screen+Shot+2016-09-07+at+12.11.15+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br />5. Again, configure Port Forwarding to the External Interface of the Sophos UTM on your home modem/router.<br /><br />That's it. The configuration of Remote Access SSL is complete on the Sophos UTM.<br /><br />Now let's see how we configure the OpenVPN SSL client on your Mac or Windows.<br /><br /> 1. Download and install Tunnelblick<br /><br />2. Go to your browser and enter the public IP Address of your modem or Dynamic DNS name.<br /><br />3. Enter your credentials<br /><br />4. Open Remote Access tab<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjo0mZhePq3O2qfhPX1YrU_Fb0WxVwvY000lFaJZjdTQ46vW7DqLLcQL9kU7C1XHg3Lkn4uTAVzyLBb1E_nNSZIBKBl3HzzLoq-k-N1fo9Cvk423snLqjLBaN3KOC75JzmFQmyktaDFmzqP/s1600/Screen+Shot+2016-09-07+at+11.59.51+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="239" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjo0mZhePq3O2qfhPX1YrU_Fb0WxVwvY000lFaJZjdTQ46vW7DqLLcQL9kU7C1XHg3Lkn4uTAVzyLBb1E_nNSZIBKBl3HzzLoq-k-N1fo9Cvk423snLqjLBaN3KOC75JzmFQmyktaDFmzqP/s320/Screen+Shot+2016-09-07+at+11.59.51+AM.png" width="320" /></a><br /><br />5. For Windows the installation is very straightforward. Download and install the VPN client. That's it. </span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">6. For Mac you will need to download the ZIP file that contains all configuration files for the Tunnelblick<br /><br />7. That's what you will see inside the zip archive</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEVCUYy4P8BPEpO_9HaJQ6rx1jj5kVaU_7eQtLb87oQTcfrchp0foLQSqHUPErSaYk24XaRZaHjFmQyNgNS1KOIN4vgzyHofQDdYObXTEh3eCf9mH37ULRkl7w2TxVFA-BbMLxC8r11FzC/s1600/Screen+Shot+2016-09-07+at+12.14.07+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="149" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEVCUYy4P8BPEpO_9HaJQ6rx1jj5kVaU_7eQtLb87oQTcfrchp0foLQSqHUPErSaYk24XaRZaHjFmQyNgNS1KOIN4vgzyHofQDdYObXTEh3eCf9mH37ULRkl7w2TxVFA-BbMLxC8r11FzC/s320/Screen+Shot+2016-09-07+at+12.14.07+PM.png" width="320" /></span></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">8. Right-click the .ovpn file and open it with Tunnelblick<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhS1S7c82ide6n5J-VcqKPL-7M3DxQ3iQK6yFKo05s28t1NCvm_oBzTXlriU5Gd5nQjHxGdWs1NFhIMQM27uq-3KaBEyuKHQIgXpR_Rm0f0EEEMdcRwM77pwjoDCjrBis1ceo9aLeKNfsQg/s1600/Screen+Shot+2016-09-07+at+12.12.53+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhS1S7c82ide6n5J-VcqKPL-7M3DxQ3iQK6yFKo05s28t1NCvm_oBzTXlriU5Gd5nQjHxGdWs1NFhIMQM27uq-3KaBEyuKHQIgXpR_Rm0f0EEEMdcRwM77pwjoDCjrBis1ceo9aLeKNfsQg/s640/Screen+Shot+2016-09-07+at+12.12.53+PM.png" width="640" /></a></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">9. After the new .ovpn profile is installed you can initiate a VPN tunnel from the Tunnelblick</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmlNrN5E18eDfUY9XvlckxQcJsOZ4_tHSR6nKD-2fP31DC4WgO9P6xiDLX2HDaDNKMR7X1o9VG_24A6XDwgtAUlzZ2L02HxNncOAAkMLLMLbhOLB0J-nBb-HeFVhAEBOcEg_AcMJhg_SWo/s1600/Screen+Shot+2016-09-07+at+12.16.17+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="118" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmlNrN5E18eDfUY9XvlckxQcJsOZ4_tHSR6nKD-2fP31DC4WgO9P6xiDLX2HDaDNKMR7X1o9VG_24A6XDwgtAUlzZ2L02HxNncOAAkMLLMLbhOLB0J-nBb-HeFVhAEBOcEg_AcMJhg_SWo/s320/Screen+Shot+2016-09-07+at+12.16.17+PM.png" width="320" /></a><br /><br />9. Enter admin credentials</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHkTjknEbAeTaZbzp80huiAllyCfUGIAAHz4eHwL1u-xh_12isN26RCRj_yIAHytxG7ggIbEbkxxL-llJY-DvL91EqTxJRbOtt9OMzSRnqb2U2kaRyiH4xmbxC6AH1HojbmU39kbBYQSwZ/s1600/Screen+Shot+2016-09-07+at+12.16.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="296" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHkTjknEbAeTaZbzp80huiAllyCfUGIAAHz4eHwL1u-xh_12isN26RCRj_yIAHytxG7ggIbEbkxxL-llJY-DvL91EqTxJRbOtt9OMzSRnqb2U2kaRyiH4xmbxC6AH1HojbmU39kbBYQSwZ/s640/Screen+Shot+2016-09-07+at+12.16.55+PM.png" width="640" /></a></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">10. Confirm the Tunnelblick is connected</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAdCY57APvSQ-7DZdHiGF3Mul19XKVFiaa7X5HHsBCjOl2CqV9NGFdxpfHp6a8EjizrE8UrT9iAnzg6mcTuVQjDk4OLFnNa-fHMiHxRr6VJBCZC3Rj1DlleaVq3M4l9nHTtnu7wmWrCiUN/s1600/Screen+Shot+2016-09-07+at+12.17.26+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><img border="0" height="148" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAdCY57APvSQ-7DZdHiGF3Mul19XKVFiaa7X5HHsBCjOl2CqV9NGFdxpfHp6a8EjizrE8UrT9iAnzg6mcTuVQjDk4OLFnNa-fHMiHxRr6VJBCZC3Rj1DlleaVq3M4l9nHTtnu7wmWrCiUN/s200/Screen+Shot+2016-09-07+at+12.17.26+PM.png" width="200" /></span></a></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">11. Ping anything on the home lab network from your computer to confirm everything is working fine<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnQX3BMv_qfhMsgrc8rSMmkftQawc3uoCsmE4RLoMxklBADcrUJ-4KaaxbM7m15CEWqkDcgnndIth7SSvGndFcYAXSA_YBxIE2JMR7l7F7JodliviuREu89FMCh5vvnFeEblzqeq4o9Xh_/s1600/Screen+Shot+2016-09-07+at+12.22.31+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="61" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnQX3BMv_qfhMsgrc8rSMmkftQawc3uoCsmE4RLoMxklBADcrUJ-4KaaxbM7m15CEWqkDcgnndIth7SSvGndFcYAXSA_YBxIE2JMR7l7F7JodliviuREu89FMCh5vvnFeEblzqeq4o9Xh_/s400/Screen+Shot+2016-09-07+at+12.22.31+PM.png" width="400" /></a><br /> </span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">As you can see it doesn't take more than 5-10 minutes to setup 2 different types of Remote Access and no deep knowledge of networking or VPN is required. It just works. </span></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-27749968877149405402016-07-28T08:22:00.003+10:002016-07-28T08:22:46.410+10:00Isolating vSphere Replication TrafficOne of the new great features of vSphere Replication 6 is traffic isolation, which significantly enhances security and facilitates QoS using Network I/O Control feature.<br />
<br />
Even though TCP/IP stacks are not useful for moving vSphere Replication traffic to separate network it is not too difficult to achieve the same result using static routes.<br />
<br />
In <a href="https://www.starwindsoftware.com/blog/vsphere-replication-traffic-isolation" target="_blank">this post</a> I will show the different types of vSphere Replication traffic flows and will explain how to achieve full isolation of the replication traffic from management network.vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-91717260035939978012016-07-14T23:49:00.000+10:002016-07-14T23:51:27.349+10:00Automating configuration of a scratch location with PowerCLIQuite often the modern ESXi servers come with no local storage and ESXi is normally installed on SD card.<br />
<br />
<div>
As per VMware <a href="https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1033696" target="_blank">KB1033696</a> the SD card can't be used to store scratch partition. The main purpose of the scratch partition is to store logging files and to provide space for vm-support output.<br />
<br /></div>
<div>
So, the normal practice is to use shared storage (VMFS/NFS) as a scratch location. The problem is that the configuration of the scratch location is not automated in the existing vSphere. So you have to manually create folder for each of the ESXi host and configure each ESXi host to use that folder.<br />
This can be quite time-consuming and boring tasks when you have to do it for hundred of servers.</div>
<div>
To make things worse Host Profiles do not let you configure scratch location too.</div>
<div>
<br /></div>
<div>
I had some time last week and thought it was a good chance to have fun with PowerCLI and automate the scratch configuration for ESXi hosts.</div>
<div>
<br /></div>
<div>
So here is overview of what the script does:</div>
<div>
<br /></div>
<div>
<ol>
<li>Connects to vCenter</li>
<li>Collects the list of ESXi hosts in the cluster. Very often storage is not shared across multiple compute clusters so I decided to use cluster, not a datacenter, as a configuration target.</li>
<li>Checks if there is a designated scratch folder for each of the clusters and creates if it doesn't exist</li>
<li>Checks if the ESXi host configured with scratch location and if it points to the right datastore and folder.</li>
<li>If ESXi is not configured yet or points to the wrong directory the correct setting will be applied.</li>
<li>Provides a list of the ESXi servers to be rebooted for the configuration change to take effect</li>
</ol>
</div>
<div>
<br /></div>
<div>
There are a couple of thing you have to do before running the script:<br />
<ul>
<li>Identify the datastore to be used to store scratch folders</li>
<li>In that datastore create a folder where the script will create a scratch folder per each host </li>
</ul>
</div>
<div>
<br /></div>
<div>
The syntax is as following:</div>
<div>
<br /></div>
<div>
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">.\scratch.ps1 -vCenter <i>vCenter_Name</i> -cluster <i>Cluster_Name</i> -datastore <i>Datastore_Name</i> -folder <i>Folder_Name</i></span></div>
</div>
<div>
for example</div>
<div>
<br /></div>
<div>
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">.\scratch.ps1 -vCenter <b>lab-vc-01.lab.local</b> -cluster <b>HA</b> -datastore <b>ISO</b> -folder <b>Scratch</b></span></div>
</div>
<div>
* <span style="font-size: x-small;"><i>I had to add folder as input parameter because I couldn't make the script land into the correct folder with New-PSdrive commandlet</i></span></div>
<div>
<br />
You can go even further by taking advantage of Windows Task Scheduler to run this script on a daily basis to ensure all servers are consistently configured.<br />
<br />
Let me know how it worked for you.</div>
<div>
<br />
<script src="https://gist.github.com/vmnomad/0255d3a4b6397bfd11a09e6df7b2be0d.js"></script></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com3tag:blogger.com,1999:blog-4991582231121311353.post-783091068076868852016-07-08T12:39:00.000+10:002016-07-08T12:39:23.774+10:00vSphere Distributed Switch and Nexus 1000v comparison <br />
Choosing between VMware and Cisco virtual switch products is not an easy tasks as it includes not only side-by-side feature comparison, but also numerous aspects of duty separations, operational overhead, current skill set and expertise. And not all of them can be compared directly. <div>
<br /></div>
<div>
Apart from all that it can be simply a political decision to a question "Who is going to manage virtual networks?". </div>
<div>
<br /></div>
<div>
In this <a href="https://www.starwindsoftware.com/blog/comparing-vsphere-distributed-switch-and-cisco-nexus-1000v-switch" target="_blank">article</a> I am trying to provide essential information on things to help you make the right decision for your infrastructure.</div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-45054171844778445822016-06-11T23:24:00.000+10:002016-06-11T23:26:36.260+10:00Bulk IP Address change with PowerCLIRecently I was given an interesting task on IP Renumbering of more than a hundred VMs.<br />
Along the IP Address change the VMs had to be moved to a new PortGroup.<br />
<br />
Doing it manually can be pretty tiresome and boring. The PowerCLI is a perfect option for this task as it relies on leveraging of VMware Tools. Therefore, loosing network connectivity to the VM due to the IP Address change or after the VM is moved to another Portgroup won't impact the functionality of the script.<br />
<br />
Prior running the script you will need to prepare the CSV file with the list of VMs to be updated and the following information for each VM: ServerName, Username, Password, NewPortgroup, OrigIP, NewIP, NewMask, NewGateway<br />
<br />
Here is how my Inventory.csv file looks like.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWpEPOUv91wMHW5pzbdta2N6t0bi7wU4c8gsTvQQNZ1QKyZBvIXz-QZS8W9mjeDxfq70QlJlprcqFrh6PJZNc5zLud7dK26RcWhRzGMhrGduJzb7-GJ1TwihK5MMW3cnNL7zBukd8NII1X/s1600/Screen+Shot+2016-06-11+at+10.54.19+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="72" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWpEPOUv91wMHW5pzbdta2N6t0bi7wU4c8gsTvQQNZ1QKyZBvIXz-QZS8W9mjeDxfq70QlJlprcqFrh6PJZNc5zLud7dK26RcWhRzGMhrGduJzb7-GJ1TwihK5MMW3cnNL7zBukd8NII1X/s640/Screen+Shot+2016-06-11+at+10.54.19+PM.png" width="640" /></a></div>
<br />
<br />
When running the script you will need to provide the path to CSV file and the name of your vCenter<br />
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">ChangeIP.ps1 -Inventory <span style="color: blue;">c:\Scripts\inventory.csv</span> - VC <span style="color: blue;">lab-vc-01.lab.local</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEic1F_GZQWxgnrVoFRTaN9JNy1H_mvsfh2eREP_00QTPjckJb7iBvWsjhm2wCI1NjLrVycCkwtoZmZo0yu955aA0x_7MB_uLHYJThP7sgPTMI2g3dwtlNojj10bIwWLYgPL4KK43sb6ymEJ/s1600/Screen+Shot+2016-06-11+at+10.57.38+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="44" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEic1F_GZQWxgnrVoFRTaN9JNy1H_mvsfh2eREP_00QTPjckJb7iBvWsjhm2wCI1NjLrVycCkwtoZmZo0yu955aA0x_7MB_uLHYJThP7sgPTMI2g3dwtlNojj10bIwWLYgPL4KK43sb6ymEJ/s640/Screen+Shot+2016-06-11+at+10.57.38+PM.png" width="640" /></a></div>
<br />
<br />
And here is the script text. Hopefully there are enough comments to help you read the script so that you could adjust it to your needs.<br />
<br />
<script src="https://gist.github.com/vmnomad/d7435db244ea0ce09d7faa0baf1dde41.js"></script><br />
<br />vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-16806098024346344092016-05-28T11:19:00.002+10:002016-05-28T11:19:45.466+10:00NUMA and Cluster-On-DieNUMA implementation has gone through several phases of Development in vSphere. At first, it was only responsible for initial placement of VMs, then its functionality was extended with dynamic balancing. In vSphere 5 VMware has presented support of Wide-VMs by exposing NUMA architecture to virtual machines.<div>
<br /></div>
<div>
New CPUs have presented additional feature - Cluster-on-Die - of splitting physical CPU sockets into NUMA domains. </div>
<div>
<br /></div>
<div>
The Full article can be read <a href="https://www.starwindsoftware.com/blog/numa-and-cluster-on-die" target="_blank">here</a></div>
<div>
<br /></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-14920606658555811882016-05-19T09:02:00.001+10:002016-05-19T09:14:16.249+10:00C# Client is dead, long live the Web Client<!--StartFragment-->
<!--EndFragment--><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">Yep, C# client will no longer be available in the next releases of vSphere. <br /> <br />VMware have been giving a pretty clear signals in the last major vSphere releases that C# client would be gone soon, but nobody knew when exactly it was going to happen. However, when SRM and VUM were moved to web client in vSphere 6 it was obvious C# client's days are numbered. <br /><br />Probably it could have been done a couple of years ago, but first Web client wasn't good enough due to performance issues. It also lacked integration with other VMware solutions and there was no replacement of C# client for standalone ESXi hosts. <br /><br />Today VMware have moved its plugins (SRM, VUM) to the Web client and other VMware partners are sailing in the same direction. It also presented new embedded HTML5 Host client for ESXi hosts, which has feature parity with C# client for standalone hosts. <br /><br />Here are some of web client benefits compared to C# client: <br /></span><br />
<ul><span style="font-family: "arial" , "helvetica" , sans-serif;">
<li>Scalability – WC handles more objects and more concurrent admin access</li>
<li>Bookmarking URLs - WC allows you to quickly return to specific objects or views and share them with others (such as in a support ticket)</li>
<li>Recent Objects - WC lets you navigate quickly between things you’re working on</li>
<li>Work-In-Progress - WC lets you save your work and come back to it later, even from another computer!</li>
<li>Enhanced Linked Mode – WC can call up all your inventory in one view</li>
<li>Remembers user customizations to UI – WC enables column selections and widths on grids, portlets on summary pages</li>
<li>Latest feature support – WC is the only interface to support all new features </li>
</span></ul>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
<br />As a short-term goal I think VMware will be focusing on fixing Client Integration Plugin which causes most of the issues with Web client - people having issues with OVF import, browsing datastores. It also doesn't work on Mac. <br /><br />The long term goal would be to have a single ultimate client for vSphere and ESXi hosts. That's what actually VMware is doing right now by trying to replace Flash Web client with HTML5. You can already have a preview of H5 Web Client for vSphere - it exists as a Fling. <br /><br />It has to be noted that The C# client will be kept in all current platforms. <br /><br />You can read the official announcement <a href="http://blogs.vmware.com/vsphere/2016/05/goodbye-vsphere-client-for-windows-c-hello-html5.html" target="_blank">here</a> and that's where you can leave your feedback. </span>vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-29512625124981635132016-04-29T15:06:00.000+10:002016-04-29T15:06:01.542+10:00VMware Virtual SAN Network Design Guide v2.0 is just released<div style="color: black; margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span lang="ru-RU">VMware has just released the document that covers network aspects of
Virtual SAN design.</span><span lang="en-AU"> </span></span></div>
<div lang="ru-RU" style="margin: 0in;">
<br /></div>
<div style="color: black; margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span lang="ru-RU">Actually, the guide has been re-released as there was v1.0 before (hence the new one goes under v2.0),
but as far as I am aware it was removed from the VMware web site due to some
inaccuracies</span><span lang="en-AU"> in it. So for a while people lacked
validated design information on one of the key aspect of VSAN setup. I remember
there were quite a few discussions on how to provide network
redundancy and load-balancing for VSAN traffic and nobody could get a formal
answer. </span></span></div>
<div style="color: black; margin: 0in;">
<br /></div>
<div style="color: black; margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">The
guide is very comprehensive and even provides mutlicast configuration examples
on Cisco and Brocade switches. </span></div>
<div style="color: black; margin: 0in;">
<br /></div>
<!--StartFragment-->
<!--EndFragment--><br />
<div style="color: black; margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">You can
check the guide <a href="http://www.vmware.com/files/pdf/products/vsan/VMware-Virtual-SAN-Network-Design-Guide.pdf" target="_blank">here</a></span></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-60627409904740577192016-04-27T12:35:00.002+10:002016-04-27T12:35:33.235+10:00Check out the new VSAN 6.2 Hands-On-Lab<span style="font-family: Arial, Helvetica, sans-serif;">VMware has just released new "HOL-SDC-1608 What's New with Virtual SAN 6.2" Hands-On-Lab</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<span style="font-family: Arial, Helvetica, sans-serif;">It covers all new functionality the VMware brought in new VSAN 6.2, e.g. compression and deduplication on AF, new SPBM settings, new ESXCLI VSAN namespace, etc.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE8rdVScH8EXhNTuy_dmjTWx1IL7S1RJXRSmNSHsab79BTGxYZqo5_cHu6Kut36tgfXWKHwLbyvmCkZBCK9VKKOKhAaH0Jey_ksJB7B8ot2EsDSNGAhs1md8bwQiTvnK7Lp8X5SYsfDpu4/s1600/Screen+Shot+2016-04-27+at+12.25.23+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: Arial, Helvetica, sans-serif;"><img border="0" height="367" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE8rdVScH8EXhNTuy_dmjTWx1IL7S1RJXRSmNSHsab79BTGxYZqo5_cHu6Kut36tgfXWKHwLbyvmCkZBCK9VKKOKhAaH0Jey_ksJB7B8ot2EsDSNGAhs1md8bwQiTvnK7Lp8X5SYsfDpu4/s400/Screen+Shot+2016-04-27+at+12.25.23+PM.png" width="400" /></span></a></div>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">However, the HOL assumes you have basic knowledge of VSAN. For instance, networking design isn't covered here. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Interestingly, the networking configuration in this HOL still contains 2 VSAN VMK interfaces whereas generally it is recommended to have only 1 VMK and provide HA by NIC teaming and Load Balancing with LACP.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Even though I have VSAN 6.2 deployed in my home lab I still skimmed through the VSAN 6.2 HOL and I can tell it is pretty useful as I have learnt something new.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">You can find it here - <a href="http://labs.hol.vmware.com/HOL/catalogs/catalog/123" target="_blank">VSAN 6.2 HOL</a></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-2423467969354387622016-04-21T11:46:00.000+10:002016-04-21T11:46:15.090+10:00Migration from Windows vCenter 5.5 to vCenter Server Appliance 6.2 - Part 3 - Upgrade ESXi hosts with ESXCLI<span style="font-family: "arial" , "helvetica" , sans-serif;">My servers have ILO , but that's not working good as it is based on Java - all kinds of problems with java in browsers, especially on Mac. So I usually avoid using it even though I pretty often used it before to mount ISO on servers over the network for ESXi installation and upgrade.<br /><br />Given my issues with ILO I opted for an easier upgrade option - using powerful esxcli command</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>1. Upload image to the datastore</b></span><br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>2. Check the profiles list in your depot file</b><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8BQ76HHpdkGS_dYc3VhEvdEAwH0y2XFEpCByg2svLUzkFjjmNtBEp0zRxB-vUT5dIujg7YQxQs0XBav1eBGLMml86Em6DAzkEM1KEeH3lufuxaQHKYyws73BWdEeiT1pcDqZRTFSFw2-v/s1600/Screen+Shot+2016-04-14+at+1.06.33+PM.png"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8BQ76HHpdkGS_dYc3VhEvdEAwH0y2XFEpCByg2svLUzkFjjmNtBEp0zRxB-vUT5dIujg7YQxQs0XBav1eBGLMml86Em6DAzkEM1KEeH3lufuxaQHKYyws73BWdEeiT1pcDqZRTFSFw2-v/s640/Screen+Shot+2016-04-14+at+1.06.33+PM.png" /></a><br /><br /><br /><b>3. You can check the each profile's details</b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">That will show you the VIBs it includes and even the corresponding KB<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6iIhjF2dXVnMU7PfTg7xLoe4sY9gVlGfT6Vr2QfrLyJv8JSJba33mhW6mg5DULvB0FEebFyCSLXI7HVpxAAaWdsqYuJ-AlvaeBKJNTIjx2hTbmIZGqDoL5jvlxUGDkKrZbaIrLSuVojmG/s1600/Screen+Shot+2016-04-14+at+1.11.39+PM.png" imageanchor="1" style="clear: left; font-family: -webkit-standard; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="102" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6iIhjF2dXVnMU7PfTg7xLoe4sY9gVlGfT6Vr2QfrLyJv8JSJba33mhW6mg5DULvB0FEebFyCSLXI7HVpxAAaWdsqYuJ-AlvaeBKJNTIjx2hTbmIZGqDoL5jvlxUGDkKrZbaIrLSuVojmG/s640/Screen+Shot+2016-04-14+at+1.11.39+PM.png" width="640" /></a><br /><br /><b>4. Once you choose required profile just run the following command</b><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW2qt_HMRg8hGytWzXqDy2VA57cKF8A7-V91u9kHLDLxo66HN86KA9kZVsLsYJWrpLJ6IxbmIS5lm38L225hjAHVsAq3NEKuDPBcgPI9x30wxLOF85fX_lB4pO1T4y4yNTGDNxWObwY6lv/s1600/Screen+Shot+2016-04-14+at+1.07.24+PM.png"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW2qt_HMRg8hGytWzXqDy2VA57cKF8A7-V91u9kHLDLxo66HN86KA9kZVsLsYJWrpLJ6IxbmIS5lm38L225hjAHVsAq3NEKuDPBcgPI9x30wxLOF85fX_lB4pO1T4y4yNTGDNxWObwY6lv/s640/Screen+Shot+2016-04-14+at+1.07.24+PM.png" /></a><br /> <br /><br />As you can see the host was upgraded successfully, but it has to be restarted.</span><br />
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<!--EndFragment--></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-56019841248908277322016-04-19T16:13:00.001+10:002016-04-27T21:09:26.153+10:00How to deploy VSAN 6.2 Witness Virtual Appliance to VMware Fusion 8.1<span style="font-family: "arial" , "helvetica" , sans-serif;">Since I moved to vSphere 6 U2 I started to plan my VSAN deployment. The problem I have is that there are only two physical servers in my home lab and I have no physical server to host VSAN Witness appliance. I am trying to make it run on my Synology DS415+ (crazy, but seems to be doable), but I need to upgrade RAM on Synology first.</span><br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">As a temp solution I thought I could run VSAN 6.2 Witness on my Mac. William Lam has already posted a great <a href="http://www.virtuallyghetto.com/2015/09/how-to-deploy-and-run-the-vsan-6-1-witness-virtual-appliance-on-vmware-fusion-workstation.html" target="_blank">post </a>on how to Deploy and Run VSAN 6.1 Witness in VMware Workstation/Fusion, but I faced a small issue when following it. </span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">First it warned me that there is OVF specification and hardware compliance mismatch. </span></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrZjO_-NifapdoZDrGwQzP9idLqJ6qYQV-8PJBiO5PdKyTdUEBhE89TWq3dKmpqvVvgvRJggiZITyxmMQOugjdfkXM8wfkxsZjDDt5OUdLYiFK7WGOCP-lcvJ9_cUg1aAvABNgr7oDWEYK/s1600/Screen+Shot+2016-04-19+at+11.43.06+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="448" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrZjO_-NifapdoZDrGwQzP9idLqJ6qYQV-8PJBiO5PdKyTdUEBhE89TWq3dKmpqvVvgvRJggiZITyxmMQOugjdfkXM8wfkxsZjDDt5OUdLYiFK7WGOCP-lcvJ9_cUg1aAvABNgr7oDWEYK/s640/Screen+Shot+2016-04-19+at+11.43.06+AM.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
And after that it failed to proceed with error "Line 821: Unexpected element 'Propery'"</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcmQ60dK_R5CfUw5w7DvwLVQhlLC4AQyJM9_G1l3kVLcwi_P9S851oue3JyX1XSWGfHOzypoAhY7btmK15IUn_-xu68r4YKhORnEWTDnT7eb9GruZYYrxHyvlrbvAHus95RSlj77SeciLk/s1600/Screen+Shot+2016-04-19+at+11.43.23+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="510" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcmQ60dK_R5CfUw5w7DvwLVQhlLC4AQyJM9_G1l3kVLcwi_P9S851oue3JyX1XSWGfHOzypoAhY7btmK15IUn_-xu68r4YKhORnEWTDnT7eb9GruZYYrxHyvlrbvAHus95RSlj77SeciLk/s640/Screen+Shot+2016-04-19+at+11.43.23+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Line 821 referred to the line we have to adjust in Step 3 as per William's guideline. I don't really know whether OVF file for VSAN 6.1 Witness was different or it is a newer version of VMware Fusion that can't parse the OVF file, but here is what I did to make it work. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: x-small;"><i>Just a small note - all credits for the following procedure go to <a href="http://www.virtuallyghetto.com/" target="_blank">William Lam</a>. I only adjusted a couple of steps in his procedure to make it work for VSAN 6.2 Virtual Witness Appliance running in VMware Fusion 8.1.</i></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">1. Extract content of the OVA file using VMware OVF tool.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">/Applications/VMware\ OVF\ Tool/ovftool VMware-VirtualSAN-Witness-6.0.0.update02-3620759.ova VMware-VirtualSAN-Witness-6.0.0.update02-3620759.ovf</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">2. Create a copy of OVF file in case something goes wrong. It is a quicker option than extracting OVA content again</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">3. Open OVF (you can even use default textEdit utility) and adjust the appliance size by moving the text marked in Red</span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;"><Configuration <span style="color: red;">off:default="true"</span> off:id="normal"></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">to the following string</span><br />
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;"><Configuration <span style="color: red;">off:default="true"</span> off:id="tiny"></span></div>
</div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">3. Go to line 821 and delete the following text - marked in the screenshot</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaNScV3x8xNx4sA6f8t8oAg-6uFV38HyCS3Ek4h6RvuYd5nbMnw-TuvX_YmlUTWg5tio2RyDWbFsa4DULiNBSisAZT5QsUDTpFhPasvr6IJX8q68oxerzKd5SeKQYdKPKlQFnXUP2xIo3l/s1600/Screen+Shot+2016-04-19+at+2.17.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaNScV3x8xNx4sA6f8t8oAg-6uFV38HyCS3Ek4h6RvuYd5nbMnw-TuvX_YmlUTWg5tio2RyDWbFsa4DULiNBSisAZT5QsUDTpFhPasvr6IJX8q68oxerzKd5SeKQYdKPKlQFnXUP2xIo3l/s640/Screen+Shot+2016-04-19+at+2.17.16+PM.png" width="640" /></a></div>
<br />
<br />
<i>Btw, even though textEdit doesn't show line numbers you can still press Cmd+L and type the line number you want to go to. </i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-OwnG1xTwwMCCsK_pSPkFUkCHpLA_r7qMmUoenVbKTKCtzmaMWCGZTAKTyjuIjrCialqiynwwRqjuO7EYPaNorX7izCwtkLyxdg6mRE8rpeZOY0sjYF7jLwGNPi4UgNTO6bh84JXsR5Is/s1600/Screen+Shot+2016-04-19+at+2.17.08+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="132" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-OwnG1xTwwMCCsK_pSPkFUkCHpLA_r7qMmUoenVbKTKCtzmaMWCGZTAKTyjuIjrCialqiynwwRqjuO7EYPaNorX7izCwtkLyxdg6mRE8rpeZOY0sjYF7jLwGNPi4UgNTO6bh84JXsR5Is/s400/Screen+Shot+2016-04-19+at+2.17.08+PM.png" width="400" /></a></div>
<br />
You can save and close OVF file now.<br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">4. Create new SHA1 checksum for updated OVF file</span><br />
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); font-size: small; margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new" , "courier" , monospace;">openssl sha1 VMware-VirtualSAN-Witness-6.0.0.update02-3620759.ovf</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgU8D2NuNC3eiKkBZxjx52mFvo3_2MfiwUtYrJGVIphQmLR0VLPnj6a8k4oQ-rkuUAPj_npKpYEurZihNfRaHushMnOdBSyAejb8cG4m8pkCghl_uIzM67xERhqQ8RqLlFQxoOVQa92RT2P/s1600/Screen+Shot+2016-04-19+at+2.18.56+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="68" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgU8D2NuNC3eiKkBZxjx52mFvo3_2MfiwUtYrJGVIphQmLR0VLPnj6a8k4oQ-rkuUAPj_npKpYEurZihNfRaHushMnOdBSyAejb8cG4m8pkCghl_uIzM67xERhqQ8RqLlFQxoOVQa92RT2P/s640/Screen+Shot+2016-04-19+at+2.18.56+PM.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">5. Update the OVF file checksum in manifest file</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirIbaDL21PC3hWZguua5SfvaWIfNQagp0hkKypeNJa3QhF_ARc_uSOlWkdJzRf3wXlzOTS84C9yLWd0uolRR7CaWY3dnGcXB_DAcBgoMhUzVYVysyC0PDgHLOyWpeIZJg0yMIZkIOwUYVn/s1600/Screen+Shot+2016-04-19+at+2.20.43+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="435" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirIbaDL21PC3hWZguua5SfvaWIfNQagp0hkKypeNJa3QhF_ARc_uSOlWkdJzRf3wXlzOTS84C9yLWd0uolRR7CaWY3dnGcXB_DAcBgoMhUzVYVysyC0PDgHLOyWpeIZJg0yMIZkIOwUYVn/s640/Screen+Shot+2016-04-19+at+2.20.43+PM.png" width="640" /></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">6. Now you can import VSAN 6.2 Witness, but don't press Finish yet.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeuE6Nw0MGbzzBnBHUNCbgmtF0cyRyKRZye1L1CJv3qEWyfBfoEPUBFUpmHyfVN-Iw1WcTfDPwTU7lQAZm-vioRUfAo1YpmpmXrI2yBEyOXqfcaTJGx2g_T8YFmOELXnVi_w_Uxm58-lJm/s1600/Screen+Shot+2016-04-19+at+2.21.32+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="504" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeuE6Nw0MGbzzBnBHUNCbgmtF0cyRyKRZye1L1CJv3qEWyfBfoEPUBFUpmHyfVN-Iw1WcTfDPwTU7lQAZm-vioRUfAo1YpmpmXrI2yBEyOXqfcaTJGx2g_T8YFmOELXnVi_w_Uxm58-lJm/s640/Screen+Shot+2016-04-19+at+2.21.32+PM.png" width="640" /></a></span></div>
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">7. Get to the VM's locations and open the package to get to the .VMX file</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlw7iZVnzHE2POfoYdNHe1v-DJbVrtLvX4X0thmOjimESTGh66nudn9qh-RyB5MJjBs0GD28bPHL7Ll8td4WU0uO6fBOtRfLbxWLLDcygtRTjSk9IfGuBk2M6V2m7s9epX6kVsTGI52hTQ/s1600/Screen+Shot+2016-04-19+at+2.22.15+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="134" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlw7iZVnzHE2POfoYdNHe1v-DJbVrtLvX4X0thmOjimESTGh66nudn9qh-RyB5MJjBs0GD28bPHL7Ll8td4WU0uO6fBOtRfLbxWLLDcygtRTjSk9IfGuBk2M6V2m7s9epX6kVsTGI52hTQ/s640/Screen+Shot+2016-04-19+at+2.22.15+PM.png" width="640" /></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">8. Open the .VMX file - again, textEdit works just fine, add the following code and replace the password</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="terminal" style="background-color: #eeffe6; border: 1px dashed rgb(128, 128, 128); margin-bottom: 1.5em; outline: 0px; padding: 10px; vertical-align: baseline;">
<span style="font-family: "courier new", "courier", monospace; font-size: x-small;">guestinfo.ovfEnv = "<?xml version='1.0' encoding='UTF-8'?><Environment xmlns='http://schemas.dmtf.org/ovf/environment/1' xmlns:oe='http://schemas.dmtf.org/ovf/environment/1'><PropertySection><Property oe:key='vsan.witness.root.passwd' oe:value='Password123'/></PropertySection></Environment>"</span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">9. Once you save the file you can run the Witness Appliance.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div>
<br /></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com4tag:blogger.com,1999:blog-4991582231121311353.post-84629560621806826122016-04-16T14:51:00.002+10:002016-04-16T14:52:01.634+10:00Migration from Windows vCenter 5.5 to vCenter Server Appliance 6.2 - Part 4 - Moving to external PSC<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">We got to the last step of our short journey. In this post I will be deploying new PSC appliance and then will reconfigure my vCSA to use external PSC instead of embedded once. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">For the lab of my size Embedded PSC is a preferable option, however I am going to deploy another vCSA and a couple of nested ESXi servers later to be able to test more interestings scenarios in the lab. And for that I will need my vCSA to use External PSC.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>1. Create a DNS A record for new PSC.</b></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">That's an official prerequisite when deploying new PSC or vCSA. Without DNS record the installation process will fail. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<!--StartFragment-->
<!--EndFragment--></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>2. Deploy new PSC</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-KJoTgvdPa-cq9mse_pCmDrEe0YJrpPqf3R9hftMOuzGeUJNFpBDxQU-9alQt95AGJGnx-tX6Uqw9bGoSkPxQuKF6U0a7D1NOA1xnmqGO59ouv0GnBpAaLBf7OaSqDHPYDgpqHYRNaS8o/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="408" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-KJoTgvdPa-cq9mse_pCmDrEe0YJrpPqf3R9hftMOuzGeUJNFpBDxQU-9alQt95AGJGnx-tX6Uqw9bGoSkPxQuKF6U0a7D1NOA1xnmqGO59ouv0GnBpAaLBf7OaSqDHPYDgpqHYRNaS8o/s640/1.png" width="640" /></span></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>2. Select Datacenter</b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU-AfKnybxh2C-NTDI3r42nGRFpYBeeHDQYgdQKfj8uxNFt_JMHayz8FKMxL80ndK7N1uqMWedAt97GoVTmQXJtjtCM9rv0j42e5yY-ZKF-254EmJLcJYuF017XO0JR1gDxhdQLej5Y_XU/s1600/2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="407" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU-AfKnybxh2C-NTDI3r42nGRFpYBeeHDQYgdQKfj8uxNFt_JMHayz8FKMxL80ndK7N1uqMWedAt97GoVTmQXJtjtCM9rv0j42e5yY-ZKF-254EmJLcJYuF017XO0JR1gDxhdQLej5Y_XU/s640/2.png" width="640" /></span></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>3. Choose
Deployment option - link to PSC Descision tree</b><!--EndFragment--></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span>
<span style="font-family: arial, helvetica, sans-serif;">Btw, there is a great <a href="http://blogs.vmware.com/vsphere/2016/04/platform-services-controller-topology-decision-tree.html" target="_blank">PSC Deployment decision tree </a>which helps you to decide on the best PSC deployment option </span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5FA1LJFb4zdyZ1WNcgENtJxJXkUzjYY2yZJGMLDlS-HgeBmBxlrNLY0AItlfa5xwrjFlQwhrJIdmr2Bbyh3_tbsORM6WIzxv1cw7yr5TSUGYy4KV4zBgs5Qoe4TVbFWHg5-u19BOxSinp/s1600/3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="406" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5FA1LJFb4zdyZ1WNcgENtJxJXkUzjYY2yZJGMLDlS-HgeBmBxlrNLY0AItlfa5xwrjFlQwhrJIdmr2Bbyh3_tbsORM6WIzxv1cw7yr5TSUGYy4KV4zBgs5Qoe4TVbFWHg5-u19BOxSinp/s640/3.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>4. Join
to existing SSO domain</b><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP0kM18TbUOF7fCh6k0vwqh-ZctqYDDZI1oStns0h0zOoLGWYG2v2ACzNHZ4erCuLy9pwVmF8cCQFCDRU63Xtatq5-JAiveqzHtRGGO3XQ4S4eSdSCRQn7udhcXTEXacxdchRTaeV6B8xU/s1600/4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="406" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP0kM18TbUOF7fCh6k0vwqh-ZctqYDDZI1oStns0h0zOoLGWYG2v2ACzNHZ4erCuLy9pwVmF8cCQFCDRU63Xtatq5-JAiveqzHtRGGO3XQ4S4eSdSCRQn7udhcXTEXacxdchRTaeV6B8xU/s640/4.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>5. Choose
Site</b><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEs25D_cEx0cVgcNMTnviabUqsSxi3JT9Rub0Nc1vpFzZWnEzttNahVTMPC1tT2bJ8iHnVxFXol92PqjKc2JniI1TURHXsspBskeJ7ylmNzFI-xFPfSO-bfRFaVVHGn2rAJneclHGTmgbq/s1600/5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="408" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEs25D_cEx0cVgcNMTnviabUqsSxi3JT9Rub0Nc1vpFzZWnEzttNahVTMPC1tT2bJ8iHnVxFXol92PqjKc2JniI1TURHXsspBskeJ7ylmNzFI-xFPfSO-bfRFaVVHGn2rAJneclHGTmgbq/s640/5.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>6. PSC
comes in one size only</b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinlBCfVVn98fwzqY6-mfReMoiZiErnsQm8ezugcTEZKqK9hiO3HQMkN-zhXBJyGbOmFFAUUaqfja_aVAGe2yss631nk88O_Hk8fKrtrzbqlm4vzGDYteQpGsp44okrmx8bjrAWIUti4nyZ/s1600/6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="406" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinlBCfVVn98fwzqY6-mfReMoiZiErnsQm8ezugcTEZKqK9hiO3HQMkN-zhXBJyGbOmFFAUUaqfja_aVAGe2yss631nk88O_Hk8fKrtrzbqlm4vzGDYteQpGsp44okrmx8bjrAWIUti4nyZ/s640/6.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>7. Select the datastore for PSC</b><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJ4tepxJvVFJBnjYC-kL_LYDRO4gMBsw1kb8t0G-q5BhNvgN40QDyDtGV0WggUnMmrMmhk1aV_YJK_pRf76FhZduwn2nb1xGF72o8cAyjH0CGY_mslT5sj3tdh6NTUJhw7ahnWJPEmGElx/s1600/7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="410" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJ4tepxJvVFJBnjYC-kL_LYDRO4gMBsw1kb8t0G-q5BhNvgN40QDyDtGV0WggUnMmrMmhk1aV_YJK_pRf76FhZduwn2nb1xGF72o8cAyjH0CGY_mslT5sj3tdh6NTUJhw7ahnWJPEmGElx/s640/7.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>8. Configure
Networking</b><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKDO03a6I-SldoYVcfJCJ3gIcg6uJpZiiyEbzjbb14DbEaHkpQsI35HSKn12qdrs59fTzOhztwkHFqHB5r0RIPxcXopQVNu9VQZ5uPcVtNITwi3Q89rPwGdnhCai_JPDa4Qzbkxe93frl_/s1600/8.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="412" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKDO03a6I-SldoYVcfJCJ3gIcg6uJpZiiyEbzjbb14DbEaHkpQsI35HSKn12qdrs59fTzOhztwkHFqHB5r0RIPxcXopQVNu9VQZ5uPcVtNITwi3Q89rPwGdnhCai_JPDa4Qzbkxe93frl_/s640/8.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span></div>
<div style="margin: 0in;">
<!--StartFragment-->
<!--EndFragment--></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;"><b>9. Review Summary and
Click Finish</b></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx3BOoktdVsktUh1H9s2aFPrCVaAz_pGEoKV_odBZvZBXz1mtrAicjyKJC0q8h9TpukEMKbXTJP2AC20Owwys7dWTkGAuUKE9YM7nBsi0Itnzbadd6ZlOE2yeGnxqTjmJfMqae51N21_ky/s1600/9.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="410" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx3BOoktdVsktUh1H9s2aFPrCVaAz_pGEoKV_odBZvZBXz1mtrAicjyKJC0q8h9TpukEMKbXTJP2AC20Owwys7dWTkGAuUKE9YM7nBsi0Itnzbadd6ZlOE2yeGnxqTjmJfMqae51N21_ky/s640/9.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>10. SSH
to the new appliance and check the replication status</b><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">You don't really want to repoint you vCSA to external PSC that failed to replicate current configuration from the embedded PSC or has some issues with services health </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3FyRAY-gZbFAib7tCmEhzjw-36YPp6itL7n2vPmxGJpRBNsxSicJwIYnbO6GyfSgHQyfI8xDpPYwJSk9i7PkFkh4z5Sbe3xri0HJ8jMocOhHN-UPokqljbh5BOYpGV1zGOkft1c4Q3cQN/s1600/10.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="98" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3FyRAY-gZbFAib7tCmEhzjw-36YPp6itL7n2vPmxGJpRBNsxSicJwIYnbO6GyfSgHQyfI8xDpPYwJSk9i7PkFkh4z5Sbe3xri0HJ8jMocOhHN-UPokqljbh5BOYpGV1zGOkft1c4Q3cQN/s640/10.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>11. Check
the new PSC status in the Web client</b><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI__fp0RYxQoCq-yh1KNHsw-eD-oVO5KFY213_YlVfHjWPYyujvD9KH2OOHM2eefI2V2MW8iXujqP0YU6pK78stuM1mreuoqiXDsv8fsOYCGkDUPPC8vBvSnwfFHCtT3tmKPFKOfqMxCXv/s1600/11.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI__fp0RYxQoCq-yh1KNHsw-eD-oVO5KFY213_YlVfHjWPYyujvD9KH2OOHM2eefI2V2MW8iXujqP0YU6pK78stuM1mreuoqiXDsv8fsOYCGkDUPPC8vBvSnwfFHCtT3tmKPFKOfqMxCXv/s640/11.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>12. Join
new PSC to the domain</b> </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I almost overlooked this aspect, but I accidentaly
remembered that I had read something about it in William Lam's <a href="http://www.virtuallyghetto.com/2015/06/all-replicated-platform-services-controller-should-be-joined-to-active-directory.html" target="_blank">blog</a><!--EndFragment--></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8RPdoFSDy90SXPGHPKeuX_oTSrOxf3v_ecQRkEwn-FMlAaZOCvyguhFdoPLAkwVPgaIOUdbCTOzbvxyXBqCcEY7vjeGMzwkxlcI-rFmHVae4ucAWf2FS4Y_JNvf7t0OzFh4KYfUnzy9Hp/s1600/12.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="312" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8RPdoFSDy90SXPGHPKeuX_oTSrOxf3v_ecQRkEwn-FMlAaZOCvyguhFdoPLAkwVPgaIOUdbCTOzbvxyXBqCcEY7vjeGMzwkxlcI-rFmHVae4ucAWf2FS4Y_JNvf7t0OzFh4KYfUnzy9Hp/s640/12.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><b><span lang="en-AU">13. Repoint vCenter</span><span lang="ru-RU"> </span><span lang="en-AU">to
new external PSC </span></b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span lang="en-AU"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPghBpQXyQ-oMbHwr1IcCkuVkI1F-5HZMsmqRvcR0qfV1wg4ijVzNUgR5GzxA6RFlgB4lM7TeYRFatdOXkZePysJNMib8Vf-boQoG89gt1C0BRpgpztg5t_4ye_QNGEqM9II3W0WG4ELc7/s1600/13.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPghBpQXyQ-oMbHwr1IcCkuVkI1F-5HZMsmqRvcR0qfV1wg4ijVzNUgR5GzxA6RFlgB4lM7TeYRFatdOXkZePysJNMib8Vf-boQoG89gt1C0BRpgpztg5t_4ye_QNGEqM9II3W0WG4ELc7/s640/13.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">and we are done here. The goal is achieved. </span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Now I can get to configure and test new VSAN 6.2 and plenty of other new features of vSphere 6.</span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<!--EndFragment--><br />
<!--EndFragment-->vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-40229645371689978032016-04-16T14:42:00.000+10:002016-04-16T14:52:01.631+10:00Migration from Windows vCenter 5.5 to vCenter Server Appliance 6.2 - Part 2 - Upgrade vCSA 5.5 to vCSA 6.0 U2<span style="font-family: "arial" , "helvetica" , sans-serif;">Interrestingly, the process of vCSA upgrade is similar to vCenter Server to vCSA migration. </span><br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">First new appliance is deployed and then data is copied over from the old appliance. That is actually a significantly safer of option of upgrade as at any point of the upgrade process you can roll back by simply powering back on your existing vCenter.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Before you start the upgrade procedure you need to complete the following:</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<b><span style="font-family: "arial" , "helvetica" , sans-serif;">1. Install Integration Plug-In from the vCSA ISO file</span></b></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<b><span style="font-family: "arial" , "helvetica" , sans-serif;">2. Create temp Ephermal PortGroup. </span></b></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">This will be used as a temp network by new vCSA 6 to connect to the current vCSA to copy data across. Once the copy is over the new vCSA will take network settings of the old vCSA and this network connection will be dropped. Make sure new vCSA can talk to existing vCSA from this temp network.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br />Once you complete these prerequisites download and mount vCSA ISO file and run open vcsa-setup.html<br /> <br /><br /><b>1. Press Upgrade button</b></span><br />
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="542" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHlQQP5MzW_bb2LxEtwOmOXbvMF-1KLUmPK34qqhpa4Oo5Y9af-uYvTHXgejQBXIo6LTbZCSXra-6dQUhNg-16PZGjOCAFIAlUvZowZI63XJg6VqBN_PQkq8YeUvV4-_Y-vR3TKQnpROQ7/s640/1.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><br /><b><br /></b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>2. Confirm your current vCenter version allows to upgrade to vCenter 6.0</b></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKpZ6cJ-oif07VX1WiAWme2Z063kkh5DvAYZa5fAcU_ftcPLwiTHPwMFIfdgcEXDrs1JTRursCW5vCnyVIUH8KM9q9oCWNYDRDoP6ogG6LCtTe-XOanjrghaSlUoJvOTGV-zP_EWlAbpFY/s1600/2.png" style="clear: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="450" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKpZ6cJ-oif07VX1WiAWme2Z063kkh5DvAYZa5fAcU_ftcPLwiTHPwMFIfdgcEXDrs1JTRursCW5vCnyVIUH8KM9q9oCWNYDRDoP6ogG6LCtTe-XOanjrghaSlUoJvOTGV-zP_EWlAbpFY/s640/2.png" width="640" /></a><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><br /><br /><b>3. Accept EULA</b></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQA-OsZ77eyhWBvvKplu9-xXJPf1WuiMSONIpjL3_w79gSDWUnakHf-5dxrNrgJMMv1lnjwIuATCjAVTDk67_8DJLUGQ5HgV3KzJnnrhK3HUiVWmiJLEMmqRutvFOoRD5__CouvxtYzPz6/s1600/3.png" style="font-family: Arial, Helvetica, sans-serif;"><img border="0" height="408" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQA-OsZ77eyhWBvvKplu9-xXJPf1WuiMSONIpjL3_w79gSDWUnakHf-5dxrNrgJMMv1lnjwIuATCjAVTDk67_8DJLUGQ5HgV3KzJnnrhK3HUiVWmiJLEMmqRutvFOoRD5__CouvxtYzPz6/s640/3.png" width="640" /></a><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><br /><br /><b>4. Provide FQDN and credentials for the ESXi server you want to deploy new vCSA to</b><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_kGwqspWtmIYYWrmxgtWJj6zl9CNfIlUn8hs9FXJObteh2ev8S03QcNYEsGnAwN3qTdrQJFjttvyJYjKYDTbkCXGSWIXVlOsyfM8rkSyWt7vQ-Mcr0NzJYKL-5aAivzlylS2PImmaZryq/s1600/4.png"><img border="0" height="408" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_kGwqspWtmIYYWrmxgtWJj6zl9CNfIlUn8hs9FXJObteh2ev8S03QcNYEsGnAwN3qTdrQJFjttvyJYjKYDTbkCXGSWIXVlOsyfM8rkSyWt7vQ-Mcr0NzJYKL-5aAivzlylS2PImmaZryq/s640/4.png" width="640" /></a><br /><br /><br /><b>5. Specify name for new vCSA - that's only the VM's name.</b><br />Optionally you can enable ssh on the appliance.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKqHLX5PmQTQJfwBQNNdSoqVL8PKZyJDgyzoBHJRcg8YSAffPvUPDBqbALgPNNgGyIiVv4Up3FjTK_8R0G33Nu1vs6JN9Z6aQKzHkYBpKOWVN8S3vAzvM-ygQ4Xl9d-D_WtYE6n_B_VN7A/s1600/5.png"><img border="0" height="408" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKqHLX5PmQTQJfwBQNNdSoqVL8PKZyJDgyzoBHJRcg8YSAffPvUPDBqbALgPNNgGyIiVv4Up3FjTK_8R0G33Nu1vs6JN9Z6aQKzHkYBpKOWVN8S3vAzvM-ygQ4Xl9d-D_WtYE6n_B_VN7A/s640/5.png" width="640" /></a><br /><br /><br /><b>6. Enter details of vCSA 5.5 and the host where it resides</b><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkxenHf1DEGQw4p_csL731oDpoam-Y6qMcAQF_L0ONApe8q69rvyNbNlh9uhiq6-3o1QHV0O8mAB0d6MgCZCc-CwnqqtY3s8MVe7s1Y2DyJ2jSgkVjmqqkIiLbiEEVSDynHHYT0-yXEinh/s1600/6.png"><img border="0" height="412" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkxenHf1DEGQw4p_csL731oDpoam-Y6qMcAQF_L0ONApe8q69rvyNbNlh9uhiq6-3o1QHV0O8mAB0d6MgCZCc-CwnqqtY3s8MVe7s1Y2DyJ2jSgkVjmqqkIiLbiEEVSDynHHYT0-yXEinh/s640/6.png" width="640" /></a><br /><br /><br /><b>7. And I bumped into the first problem</b><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjG8I8cZNyzOKVtXaZIP6T4a6GLq5i3wHPbnTY_GsQYbgbqaNHyomdHGaTdNH-sRMhfvmmc-dFPykNZsfpqhOFW3-G_7wQzsY8sqsOTLAn1DPB0VhwKqU4nHiLqopDDCyKtnt7oC34fuMnx/s1600/7.png"><img border="0" height="410" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjG8I8cZNyzOKVtXaZIP6T4a6GLq5i3wHPbnTY_GsQYbgbqaNHyomdHGaTdNH-sRMhfvmmc-dFPykNZsfpqhOFW3-G_7wQzsY8sqsOTLAn1DPB0VhwKqU4nHiLqopDDCyKtnt7oC34fuMnx/s640/7.png" width="640" /></a><br /><br /><br /><b>8. Luckily I quicky found the solution in VMware Communities. </b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">The problem was in extra sequence in Postgres schema which had to be removed.</span><br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Run the following command in the vCSA shell and restart the upgrade procedure.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><span style="font-size: x-small;"><i>/opt/vmware/vpostgres/current/bin/psql -U postgres -d VCDB -c "drop sequence if exists vpx_host_cnx_seq cascade"</i></span><br /><br /><br /><b>9. Select Appliance Size</b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span></div>
<div>
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="408" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYQR1BoUZ1uJAZkoS5UUDEmRpq2fVUoJeBJ0YqDZ1-ccjAkgLxgfE2-TZnOhaX_ORffFazeS7GqtDvogt-JRH6_j9nB24SE4g0LS5MpVtODRRmOvbsE-hg3AxSLqdVzOKUfBGqI9q78TFH/s640/9.png" width="640" /></span></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><b>10. Select datastore where you want to place new vCSA 6 U2</b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="410" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitTueZqf5aSrOFoJsx5BLGHZPiadnVKFXJd-PC6EW7CHKaTkFIrhKd1zx-5jC809m9nxxcMy_ih8McmwSCa6eG1UKcCDaq3_xtwiS8BV6nVqwgSM3RlaEh2ovgiDGHYjX-MDQ_FAT5zCPD/s640/10.png" width="640" /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><b><br /></b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>11. Configure temp network setting. </b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I created a Temp portgroup on the same vlan where vCSA 5.5 resides and took advantage of my dhcp server</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="404" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglt__l_ikXgs0DZibwYHVdTow1B9psv5G_glwLaq_fya6MnEDwkrEbT1wrF_veZW88BHwM1BqQxlf-k1kMGUMHXit1loollBHnZoPrA_RbSJBXGRuA2iqo2j5iJPp3XUyivHSJ_8Y9Qj8P/s640/11.png" width="640" /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /><br /><b>12. Confirm upgrade wizard settings</b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="410" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbMaZXYOaaJ01_Q6ygtIDK8KmuQ5CCjtCQm8d17jclzQv0yBTRIlZ2qTp-hcupvusREBn6u6jMen5glCHKw9PGVlSaV77qD4cwZoQrt0QM1zzqZEeWs9eKV2iKHsf744SypKYXQwxSVM7h/s640/12.png" width="640" /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>13. And the upgrade process failed with message 'Internal error occurs during export'.</b></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I read vSphere Release notes and found similar error that suggested to use static IP address instead of DHCP config for temp network in step 11. Once I re-ran the upgarde wizard again with adjusted settings it all worked just fine</span></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>14. Then I spotted there was something wrong with vFRC config.</b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span>
<span style="font-family: arial, helvetica, sans-serif;">ESXi was reporting no disk space for vFRC.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif; text-align: center;"><br /></span>
<img border="0" height="288" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxohZB5sIHf6LJBRoidH12rzViW-8rWDsS5b2v5qJOIe2SZkPyr2DSuPxgvWhnZkebKAMl3p-QK05e3EXbi2ab0-N-F9y8P8K_VL5azCbJMnP8l4ZaD3EwRvAN21HpvPHn8Ai505CzL68g/s640/13.png" style="font-family: arial, helvetica, sans-serif; text-align: center;" width="640" /><br />
<span style="font-family: Arial, Helvetica, sans-serif; text-align: center;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif; text-align: center;">But when I tried to remove the SSD and add it again the task failed with error that there are VMs using vFRC.</span></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br />I checked VMs' settings, but it looked like these were not configured for vFRC even though they were.</span></div>
<div>
<br /><img border="0" height="450" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0HeS4049oV2_SfmZZpMd8OkabpKVMm_d7n7LeI9XqrzO45NzQjHZePNqRL3LxSqw8YMElqkn9KYgBxsOhW9H8F-kyX422FZbePjVewZV5roxmpe-oAIIl61e2tRWgZfpPuHLB8PFSCZlo/s640/14.png" style="font-family: arial, helvetica, sans-serif; text-align: center;" width="640" /><br /><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="237" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO-e9Waz983OXdWNgLclv-1T_f5FOk6M8fK1gYU13IPOCVfaEXVTeF5BVGMYb716gSb-JHarA1HFuqW-R_ys1iNe0hpRvJ3Trv0LDiOjG2iHAsCdjv85vMtns_AnBp5QI1Ozy7wNDxEXVf/s400/15.png" width="400" /></span></div>
<div>
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;">So
I had to shutdown VMs and re-add SSD disk as VFRC capacity which fixed the issue.</span></div>
</div>
</div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-21053706508163804392016-04-16T14:31:00.000+10:002016-04-16T14:52:01.627+10:00Migration from Windows vCenter 5.5 to vCenter Server Appliance 6.2 - Part 1 - Convert vCenter Server 5.5 to vCSA 5.5 <span style="font-family: "arial" , "helvetica" , sans-serif;">I have been postponing too long to upgrade my home lab on vSphere 5.5 to vSphere 6.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">I have used all kinds of reasons to postpone it - getting ready for VCAP5-DCA exam, testing StarWind, playing with vRA and vROps, but I am out of excuses now.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I have also thought it would be good to move from vCenter server to vCenter Appliance. It is quite obvious that VMware strongly pushes customers to vCSA and it is currently on par with vCenter server feature-wise. The only feature vCSA is missing now when comparing with vCenter Server is high availability, which can be partially provided with FT, but it has its own limitations. Definitely, vCenter Server on Windows Server Cluster looks a bit more reliable solution right now. Although, VMware has already let us sneak peak on HA features of future build of vCSA. Can't find this VMworld Session right now, but you can google it. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Another thing I wanted to play with in vSphere 6 is Enhanced Linked Mode with 2 vCSAs. To be able to use ELM I need External Platform Services. </span><span style="font-family: "arial" , "helvetica" , sans-serif;">My current vCenter DB is hosted on external SQL server.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Unfortunately, there is no supported or direct upgrade path from vCenter Server to vCenter Appliance yet, but it is still doable. What I am planning to do is not a proper solution for production environment, but works just fine to home lab/Dev/Stage environments.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Here is high level overview of the entire process. If you are prefer a step-by-step procedure just follow the links below.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
1. Convert vCenter Server 5.5 to vCSA 5.5 </span></h3>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I will be doing this using awesome and popular VMware Fling - <a href="https://labs.vmware.com/flings/vcs-to-vcva-converter" target="_blank">VCS to VCVA Converter</a>.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: x-small;"><i>*It is not supported solution, but the fling has very positive feedback. I hope VMware will integrate it in the next vSphere build.</i></span><br />
<h3>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
2. <a href="http://vmnomad.blogspot.com/2016/04/moving-windows-vcenter-5.5-to-vcsa-6-part-2.html" target="_blank">Upgrade vCSA 5.5 to vCSA 6.2</a></span></h3>
<h3>
<span style="font-family: "arial" , "helvetica" , sans-serif;">3. </span><a href="http://vmnomad.blogspot.com/2016/04/moving-windows-vcenter-5.5-to-vcsa-6-part-3.html" target="_blank"><span style="font-family: "arial" , "helvetica" , sans-serif;">Upgrade ESXi hosts to the latest build</span> with ESXCLI</a></h3>
<h3>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
4. <a href="http://vmnomad.blogspot.com/2016/04/moving-windows-vcenter-5.5-to-vcsa-6-part-4.html" target="_blank">Reconfigure vCSA with embedded PSC to vCSA with external PSC</a></span></h3>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">In this post we will be migrating vCenter Server to vCenter Server Appliance. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br />Here are the things I did prior running the conversion:</span><br />
<ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Uninstalled and unregistered the following products to ensure clean and simple migration: </span></li>
<ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">vSphere Replication </span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Infrastructure Navigator </span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">vRealize Operations </span></li>
</ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Disabled vSphere Update Manager service </span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Downloaded the same build of vCSA appliance as my current vCenter</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Downloaded Fling appliance and checked all pre-requisites are met</span></li>
</ul>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">You will need the following information during the conversion:</span></div>
<div>
<div>
<ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">SSO Administrator Password</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">vCenter server local administrator password</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">DB Server name and port</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">vCenter DB name</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">vCenter DB Username and password</span></li>
</ul>
</div>
</div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">If you run vCenter on Windows 2012 Server you will need to adjust WinRM security settings by executing the following commands as Administrator:</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;"><i>winrm quickconfig</i></span></span><br />
<i style="font-size: 11pt; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;">winrm set winrm/config/service/auth @{Basic="true"}</span></i></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-size: 15px;"><i>winery</i></span><span style="font-size: 11pt;"><i> set winrm/config/service @{AllowUnencrypted="true"} </i></span></span><br />
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">1. Deploy Converter Appliance</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">2. During the OVF Import task click Yes to the warning<span style="mso-spacerun: yes;"> </span>saying this OS identifier is not supported
and that it will be marked as 'Other Linux 64-bit'</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAVlfmcRlHuTt6b4bvTsCzHOinVdL-OVPaX2Sxze-TuYU1OKPAMOJ1tEe9pe4jxAgZyNQrWm5pFIolGE64JOT6x0-j1KBt1-Ji6YNNw30seHPQIftPANi0iVyji-FzxUqoa5_o1CjbfQLO/s1600/1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="337" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAVlfmcRlHuTt6b4bvTsCzHOinVdL-OVPaX2Sxze-TuYU1OKPAMOJ1tEe9pe4jxAgZyNQrWm5pFIolGE64JOT6x0-j1KBt1-Ji6YNNw30seHPQIftPANi0iVyji-FzxUqoa5_o1CjbfQLO/s640/1.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<!--StartFragment-->
<!--EndFragment--></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<div style="font-size: 11pt;">
<b><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b></div>
<div style="font-size: 11pt;">
<b><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b></div>
<b><span style="font-family: "arial" , "helvetica" , sans-serif;">3. Power on the converter</span></b></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIGyFpG6_dWDWDL1d68V7TnUt-AaDX0Ga-l-tPT8adPHz_XoBLvNoFmZcNs6krcr7Vf8Qus8RQLYohuomOWQSZVbsvSb-OwRnVdnZY_VkRDiWi3twPXy4aqfVoNDonVzeOGzraFU-m_wn7/s1600/2.png" imageanchor="1" style="font-style: italic; margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="560" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIGyFpG6_dWDWDL1d68V7TnUt-AaDX0Ga-l-tPT8adPHz_XoBLvNoFmZcNs6krcr7Vf8Qus8RQLYohuomOWQSZVbsvSb-OwRnVdnZY_VkRDiWi3twPXy4aqfVoNDonVzeOGzraFU-m_wn7/s640/2.png" width="640" /></span></a></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">4. Deploy vCSA </span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">Use the same IP and hostname as of the current
vCenter when importing OVF, but <span style="color: red;">DO NOT POWER</span> <span style="color: red;">ON</span> vCSA yet. </span></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">Take a snapshot of
it in case problems arise during the migration and you need to reset the
appliance to a clean state.</span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">5. Proceed with migration Wizard</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">Enter vCenter Server's IP
address and Local Windows Administrator password. I tried domain admin
account, but it didn't work</span></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4kUwF3GCntZjKLF8NIG_Sh-DYkkyN3gENbK2TTxL_5gIJ_wEZCADo3idc1h8IHtp7B5TdF8gx0_UJ08Jl2T6UEkSX9Shn_An30EP0i3HW_7ArWYIeIZxV9rlyaHRXXqOuMwiRhrXQH6gP/s1600/3.png" imageanchor="1" style="font-style: italic; margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="560" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4kUwF3GCntZjKLF8NIG_Sh-DYkkyN3gENbK2TTxL_5gIJ_wEZCADo3idc1h8IHtp7B5TdF8gx0_UJ08Jl2T6UEkSX9Shn_An30EP0i3HW_7ArWYIeIZxV9rlyaHRXXqOuMwiRhrXQH6gP/s640/3.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">6.</span><span style="font-weight: bold;"> </span><span style="font-weight: bold;">Once the copy process from vCenter to Converter is
over you will be asked to shut down current vCenter and power on new vCSA. </span></span><br />
<div style="font-size: 11pt;">
<span style="font-size: 11pt; font-weight: bold;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">Don't login to vCSA yet.</span></span></div>
</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="558" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj99WNMo16taaimWZQHa3a2w7SekYrXc4aKXQkzmgbtihsmoMUCAPAPLwR9HCj_b1rAZympVDEvpkd_3xpfyyUXVv7Ulkgjj891OxVgemhENsNCN7iTT-orSHARyTTaruov4mdxNwCWZWOz/s640/4.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">7. Open vCSA
console and wait until you see the following screen.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif4cRDfZ4lA17oQ-nOsTmOR8GXnQa8oL5BBTRXmGmHdsdkGUndNc22UnfXkHGb300kYTh2KR2XqDzIo7Ni6MvH3_kyNbIUAtQzbHx5VWn2-cKpMFPXhLBPhtbCYWwf-uCtva9mu-uPu9Vi/s1600/5.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="448" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif4cRDfZ4lA17oQ-nOsTmOR8GXnQa8oL5BBTRXmGmHdsdkGUndNc22UnfXkHGb300kYTh2KR2XqDzIo7Ni6MvH3_kyNbIUAtQzbHx5VWn2-cKpMFPXhLBPhtbCYWwf-uCtva9mu-uPu9Vi/s640/5.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;">For some reasons static IP configured in OVF deployment wizard of vCSA didn't apply. Instead it was taking DHCP address. So I had to create DHCP reservation with IP Address of vCenter Server.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-style: italic;">Update: After I completed all steps of migration I found another workaround in Fling comments ''</span> Boot of the vcsa : we encountered the problem of off parameters injection. OVF injection needs the vcenter for first boot, but as the address is the same as vcenter, only one shold be booted up at a time. We have here a problem of chicken and egg that we solved with first booting the VCSA with network disconnected, then shutdown the server and finaly, connect the vcsa network through ESXi connection.<span style="font-style: italic;">)</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>8. Accept
SSH key</b><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTF-54xXRJYg-NYbL95c4s1YYZxyBTWUYAPEY8h-EfnbSROlUZ3i93H_9CXaI-HOCncElJUsiLEAYAV_sP1wEhrL1QsJdCSWxKNG8scgXBpPgQLve2Tm0TKMLe6ryRhGuKNeu6gSz2BhdB/s1600/6.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="558" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTF-54xXRJYg-NYbL95c4s1YYZxyBTWUYAPEY8h-EfnbSROlUZ3i93H_9CXaI-HOCncElJUsiLEAYAV_sP1wEhrL1QsJdCSWxKNG8scgXBpPgQLve2Tm0TKMLe6ryRhGuKNeu6gSz2BhdB/s640/6.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">9. Enter default password for root account in vCSA</span><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpfdiYDz2KS5I1Ja6W49CeY8wyIIHYjaBz0hDKd1zTsQ2GLn6uw3IZF9gJswchiWTiM9kSME7bPR8e3Qx1gm8-yXzcFqRAMYGyv3ekt989UGkxNEV_DokuKoQDHCh166iy9bDpLZxsM9FR/s1600/7.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="562" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpfdiYDz2KS5I1Ja6W49CeY8wyIIHYjaBz0hDKd1zTsQ2GLn6uw3IZF9gJswchiWTiM9kSME7bPR8e3Qx1gm8-yXzcFqRAMYGyv3ekt989UGkxNEV_DokuKoQDHCh166iy9bDpLZxsM9FR/s640/7.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-style: italic;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">At this stage Converter appliance will start copying saved data to vCSA</span><br />
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<!--StartFragment-->
<!--EndFragment--></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">10. Enter DNS suffix</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxw3sGdH4JbD-f0rV2sdTruqvtmQGZTATwscyHk5wbrQluRwVoIiEVdOZsmOcinuLN4_PWd8FEEGaHJPYMPAWtCrhnWgQUYjYxolriepq29wRqFBJ-V9fodSbJ0VastZ6JCzxWogaaXaoE/s1600/8.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="560" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxw3sGdH4JbD-f0rV2sdTruqvtmQGZTATwscyHk5wbrQluRwVoIiEVdOZsmOcinuLN4_PWd8FEEGaHJPYMPAWtCrhnWgQUYjYxolriepq29wRqFBJ-V9fodSbJ0VastZ6JCzxWogaaXaoE/s640/8.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: small;"><b>11. Log in to vCSA and complete configuration of the appliance</b></span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSf7GLriWSjMJzhIdxDHUHokTw18gLX91kDZpN33Bl_oqerYUoV_mj5GxdlTC9db8JIV6bS4lJHfbcFflK_WDhdh681-YP3pqnC-YObITJ3ARtvm7Yb22xA78SCotiFH_39_GjpqO4qgjP/s1600/9.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSf7GLriWSjMJzhIdxDHUHokTw18gLX91kDZpN33Bl_oqerYUoV_mj5GxdlTC9db8JIV6bS4lJHfbcFflK_WDhdh681-YP3pqnC-YObITJ3ARtvm7Yb22xA78SCotiFH_39_GjpqO4qgjP/s640/9.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">12. Choose Custom configuration</span></div>
<div style="font-size: 11pt; margin: 0in;">
<!--StartFragment-->
<!--EndFragment--></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFfru6EtuM1RadmUCgomWj_EjLymViDbbaDUKjAcVpUMYlN3ZkZhejAGdUHEe1IJbJn1uW54Hcaef-jH2GErHBjKKSf00BUzTMc9FDTF7To72Nfrc3cGYbj9zRYBAWj7uyW9RLVo_0WlXn/s1600/10.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="448" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFfru6EtuM1RadmUCgomWj_EjLymViDbbaDUKjAcVpUMYlN3ZkZhejAGdUHEe1IJbJn1uW54Hcaef-jH2GErHBjKKSf00BUzTMc9FDTF7To72Nfrc3cGYbj9zRYBAWj7uyW9RLVo_0WlXn/s640/10.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-style: italic;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>13. Choose embedded DB type</b></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNrpxPVRhkLdqbzPp8NNbnlHrekt3oa3P5b67ISvGxXwdIRW9BpnlTeYCyYrB5XwXJN_YxQme_gjd9ipIVt2CohJNjMyb2lpoifUuugDSon1kKEw_-OJRYjnMm_o3DA2YmZ5djjnKkVhOS/s1600/11.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="448" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNrpxPVRhkLdqbzPp8NNbnlHrekt3oa3P5b67ISvGxXwdIRW9BpnlTeYCyYrB5XwXJN_YxQme_gjd9ipIVt2CohJNjMyb2lpoifUuugDSon1kKEw_-OJRYjnMm_o3DA2YmZ5djjnKkVhOS/s640/11.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">14. Configure password for the embedded database</span><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisuVwIy2DUQIdhDLGKjz3y82JmR2WEWEyLrcpRmrtwomNoqaqF7B52awroetIkswsmHSrHVGP4KM6BptVhVgBUkW9ubWpX3pc9ZZgXV13hHZRgCgET93UOlru34yifyBJr5ef04yooTmoF/s1600/12.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisuVwIy2DUQIdhDLGKjz3y82JmR2WEWEyLrcpRmrtwomNoqaqF7B52awroetIkswsmHSrHVGP4KM6BptVhVgBUkW9ubWpX3pc9ZZgXV13hHZRgCgET93UOlru34yifyBJr5ef04yooTmoF/s640/12.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">15. Enable AD integration</span><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmVla0r5uZMQAp-sQhw5XzdzJJz08npJ6Cd0c5pIkRTBQBxE4ZwyZjW0c_MoKwhX37Sx1Po-oViA2pLlGlZV97N_t31d1jY_BGIUnLBUlohWYp9gVO_vzC4-AJCzOUntOcCRsAqgObSTna/s1600/13.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmVla0r5uZMQAp-sQhw5XzdzJJz08npJ6Cd0c5pIkRTBQBxE4ZwyZjW0c_MoKwhX37Sx1Po-oViA2pLlGlZV97N_t31d1jY_BGIUnLBUlohWYp9gVO_vzC4-AJCzOUntOcCRsAqgObSTna/s640/13.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNPTVa7PbGyqXPOwNkIjkLFBtyhHUE0M8NmIcPYEfgt4jh4Igo1NtI4S4QjWBWLVB1ql_03HxOfs_MZaLsFegZcqPUOEY3Kjt0v8U2BLECU1z3jPjqqCf70umSMnTB-EfClyCUKFFZRs2F/s1600/15.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><img border="0" height="442" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNPTVa7PbGyqXPOwNkIjkLFBtyhHUE0M8NmIcPYEfgt4jh4Igo1NtI4S4QjWBWLVB1ql_03HxOfs_MZaLsFegZcqPUOEY3Kjt0v8U2BLECU1z3jPjqqCf70umSMnTB-EfClyCUKFFZRs2F/s640/15.png" width="640" /></span></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">16. Once you are done you can switch back to Converter
console and click OK</span><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="556" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2t0iqTP3MLQS0lJ2R7VJEoSd-fwlnr03FSZOBuDN05w2S6cSCwAPbhtwSeMTHBvsmBWbQ-ZkBg943hkZSQ4ELqr7oF9GkGnceC8aRk-hPK4yf1lxrzqUSUChsbffzhC7ytsy4kxVCv88S/s640/16.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt; font-weight: bold;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">17.</span><span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt; font-weight: bold;"> </span><span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;">Accept Certificate</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt; font-weight: bold;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="558" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE-P7_oXHPspajYzrGMLUK3qwtPoCIWOpv6CeX6ftagKQOucno3zw6aM3onWwbUyIPjqx7uv2yT_0FA5K4fpidrQx4_ATLzTlngYpR7lKRjc1vOlx0FarEBP5zKdzKKqrWMpsFdios-JRH/s640/17.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">18. Enter SSO Admin password</span><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="562" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCaH6mubIrS_k0kDCdtawqgo7tpmP3uLj0Ca_VCA1FicIzGytRXo2-r5HrnsPesPrRHZxqNdMEvtXyb2GFc_xET4aKa1h96MO-Bl_hsiR7nzyKzp6axghHMfbLRWGBmqCnIPNHZVLM-FTX/s640/18.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">19. Confirm domain name is correct</span><!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="560" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyzo2LTLLzldyY_iW-eRvek8Zy8AwZD6Yxx7WVIZdV3vSGlXr18tZw2CgzPF2dYifBQVrz00tOKcUsfgZ0ICMHQ-yY0Rk5L2ronE1IN57kDhiCRw4Sloh1sogQ4CR1nEnK9xIudqqf6quj/s640/20.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<!--EndFragment--></div>
<div style="margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;">20. Enter vCenter DB details</span><!--EndFragment--></span><br />
<div style="font-size: 11pt;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-weight: bold;"><br /></span></span></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="558" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNr02JCE6K5BlBaBLG1HaPpzZlT9IdIeUd43_hOZUefcAMygzmz912YgU-65-AXzugMtwQvgchsn3iSM74TL3HO3elTUpDZB_Mf3O64MCwuXYLbnGaoBCrKG_7FlPVG8HxI2PvLbfK-BLZ/s640/21.png" width="640" /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;">Grab
a cup of coffe and enjoy a break - the DB migration can take a while,
especially if you chose to migrate stats,events and tasks.<!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="560" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh42lAIlyp0fgzLe5emHJWBcSCnp56sv09jlrpw2mtyBPfNuv_JcARU9KAf_27H0EW0kB8llgMTs_U3rx3cC2Nt1JaDi-pRFlRgguJHwjjxo7yvkbtsefgDaXbIFEyB8Eu6VByCQ_n0DAr0/s640/22.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<!--StartFragment--><span style="font-family: "arial" , "helvetica" , sans-serif;">An
hour later I got database migration completed and could open Web Client from new vCSA, but faced
another issue<!--EndFragment--></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="clear: left; float: left; font-family: "arial" , "helvetica" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="424" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhggY4OeoOtbAvxxl7OXEltL78cBXm22Fk6AHIpb3TNgs5CA_2CHBiX63DhYx_JhE2vTy5uj8wp0rkG4kegeCPJk6KLqYnKCCk6zx_Jl4TNWMz5KSJsLHefZOJ2K0xV4ffUNIWue9qYU4Uj/s640/23.png" width="640" /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif; font-weight: bold;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">I checked the vCSA
network settings and noticed that it was still using DHCP and vCSA was still
getting the correct IP address of old vCenter Server, but looks like it didn't accept the DNS server address from DHPC. </span><span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;">Once I changed the IP
Address config to static vCSA managed to reconnect both ESXi hosts</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">I also had to
upgrade virtual hardware of vCSA to version 10 so that I could configure it to
use vFlash Read Cache.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<!--StartFragment-->
<!--EndFragment--></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">That completes the
almost smooth migration from Windows vCenter Server to vCenter Server
Appliance. </span></div>
<!--EndFragment--></div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com3tag:blogger.com,1999:blog-4991582231121311353.post-13598257166759456832016-04-12T12:33:00.002+10:002016-04-12T12:33:16.140+10:00Why I prefer to disable vSphere HA Admission Control<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<!--StartFragment-->
<!--EndFragment--><br />
<span style="font-family: Arial, Helvetica, sans-serif;">According to vSphere Documentation "vCenter Server uses admission control to ensure that sufficient resources are available in a cluster to provide failover protection and to ensure that virtual machine resource reservations are respected."<br /><br />Admission Control guarantees enough capacity is available for virtual machine failover and it works at 3 different levels - Host, Resource Pool, Cluster. Only the Cluster level Admission Control is manageable and that's what I want to talk about. <br /><br />Even though the idea behind Admission Control is pretty simple this mechanism is a complex topic and according to the best book about vSphere HA by Duncan Epping and Frank Denneman "Admission Control is more than likely the most misunderstood concept.. and because of this it is often disabled". <br /><br />To achieve its goal the admission control can use the following actions: <br /><ul>
<li>Restrict Powering on a virtual machine. </li>
<li>Disallow Migrating a virtual machine onto a host or into a cluster or resource pool. </li>
<li>Restrict Increasing the CPU or memory reservation of a virtual machine. </li>
</ul>
In simple words vCenter uses Admission Control to have enough resources to power on VMs in case one or more of the hosts fail, but not to guarantee VMs have the same set of resources.<br /><br />To achieve this goal Admission Control can use 3 different mechanisms. Let's discuss what diffuculties vSphere admin may have with each of them. <br /><br /></span><h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Host Failures Cluster Tolerates</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;"><br />Slot size will be the main factor defining when vCenter won't let you power on another VM. This admission control type gets skewed very easily by having one large VM with all RAM reserved. <br /><br />Yes, you can define custom slot size, but deciding on the right size of the custom slot isn't a trivial task. If you set it too low you can't be sure you have enough reserved resources for host failure. If you set it too high you will end up with fewer number of slots you can use for your VMs. So you can end up with cluster with plenty of available resources, but won't be able to deploy new VM. Also, most of the vSphere environments constantly grow and change. therefore, slot size have to adjusted accordingly.<br /><br />One can calculate average VM size and use these values for custom slot size. However, while vCenter will reserve enough slots to tolerate failure of configured number of hosts it won't guarantee that either of your host will have enough resources to power on your largest VM. </span><div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">HA Cluster is smart enough to ask DRS to shuffle VMs around to make space for your large business critical server. But, there is still no guarantee of successful restart of this VM. Moreover, we all know that DRS is part of vCenter. So if vCenter was located on the failed ESXi host there will be no DRS to take care of resource defragmentation in the cluster. <br /><br /></span><h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Percentage of Cluster Resources Reserved</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;"><br />This Admission Control seems to be smarter and more flexible than the first one. vCenter doesn't use fixed slot size any more. This is what most vSphere admins recommend to use, but nobody stresses out that in order to have this policy work you need to set CPU/RAM reservation per every single VM in the cluster. <br /><br />So here is what vCenter does: <br /><ol>
<li>Calculate how much resources it has in the cluster </li>
<li>Calculate total reserved virtual machines resources </li>
<li>Calculate available resources by distracting the reserved resources from available resources. </li>
<li>Ensure that there is more available resources than percentage of reserved resources for failover (that's the percentage you configure) </li>
</ol>
<br />As you can see it is not based on assigned resources to VM. This equation works with RESERVED resources only. <br /><br />So if you need to end up with properly working admission control you need to assign reservation on each of the VMs. Otherwise, you may end up with situation like in the following screenshot where we you can see that the cluster runs almost 300 VMs, but Admission Control thinks you have 98% of Cluster Failover Capacity. <br /></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiot7OFVVem-Gvbaf7KjtuWYhXM0Ffq2pDVFY7a7SAo0OqirYyilI5RlYVR7iwurp7LFGqYvvP87EieJjAMyyzOyWu7-ItugFVAiAI4lAfDIe7kswYocsIReUmSWHyKH3qvDXY_IKw_wDVX/s1600/Screen+Shot+2016-04-12+at+11.29.20+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="273" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiot7OFVVem-Gvbaf7KjtuWYhXM0Ffq2pDVFY7a7SAo0OqirYyilI5RlYVR7iwurp7LFGqYvvP87EieJjAMyyzOyWu7-ItugFVAiAI4lAfDIe7kswYocsIReUmSWHyKH3qvDXY_IKw_wDVX/s640/Screen+Shot+2016-04-12+at+11.29.20+AM.png" width="640" /></a><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">This is very common situation where people don't use reservations at all or use Resource Pool reservations (which are not taken into consideration by Admission Control). In this case Admission Control uses default 32MHz and Memory overhead in its calculation and your cluster will run out of resources way before admission control kicks in and prohibits powering on new VMs. <br /><br />Well, you can say - let's use VM reservations then to make admission control work properly, but I have to disagree for the following reasons:<br /><br /><ul>
<li>Reserverd RAM can't be re-allocated to other VMs even if it's not used at all. That's valid for Windows VMs as they zeroize all RAM pages during the boot. Linux VMs don't touch RAM pages until they really want to use them, thus, these 'untouched' memory pages can be still re-allocated to other VMs. </li>
<li>It also leads to higher administrative and operational overhead. Imagine micro-managing correct reservations for thousand of VMs and then keeping these reservations up to date. </li>
<li>VMware Performance Best Practices recommend using Resource Pool Reservations instead of VM level reservations</li>
</ul>
<br />On top of that you have to remember to change percentage every time you change number of hosts. And if you have unbalanced cluster you need to have different percentage reservation for CPU and RAM. <br /><br />This approach doesn't solve the problem of resource defragmentation either. DRS still needs to kick in if the host doesn't have enough resources to restart VM. And again, if vCenter is down there is no DRS. Which means there will be no defragmentation and some large critical VMs won't power on.<br /> </span><h3>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></h3>
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Dedicated Failover host</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;"><div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
This is the least preferred option according to multiple blogs and books on HA Admission Control, but I strongly disagree with such opinion. <br /><br />First of all it is very simple and doesn't require a lot of planning. it is pretty much 'You get what you see' </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">The main reason why people recommend against using the dedicated failover hosts is that these hosts are not utilised until other hosts fail. Although t</span><span style="font-family: Arial, Helvetica, sans-serif;">hat's actually applicable to other Admission Control mechanisms as you still have to reserve resources for failover - which means you keep those reserved GHz and GB unused. </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">This approach doesn't have issues with resource defragmentation and doesn't need DRS. So if vCenter fails with failed host you still get your large VMs restarted.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br />This Admission Control type comes with some drawbacks:</span></div>
<div>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">When you have hosts in this hot-standby mode the ratio of vCPU/pCPU gets worse as less physical CPUs participate in servicing vCPUs, which can impact CPU Ready time. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Another problem could be if this server is a part of VSAN cluster. That would be too much waste of resources. </span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;">As you can see none of the Admission Controls is ideal. None of them fit all sizes. And each mechanism requires thorough planning, testing and regular revisions. <br /><br />On the contrary to what Duncan and Frank said I prefer to disable HA Admission Control because I understand how it works . Instead, I think it is sufficient to have a good monitoring system in place to control vSphere utilisation level and see resource usage trends so that you can do capacity planning in advance. vRealise Operations suite is a good example of such monitoring system. </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br />I am not trying to say it is useless in all situations, but there were very few companies where I saw Admission Control correctly configured and looked after properly, and all of these few companies used Dedicated Failover host. <br /><br />And the bigger problem was that people blindly relied on HA Admission Control even though it doesn't work correctly without per VM reservation or without right-sizing the slot size.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"> </span><br /> </div>
</div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com0tag:blogger.com,1999:blog-4991582231121311353.post-32575372462311614662016-04-05T10:41:00.004+10:002016-04-07T09:45:42.127+10:00StarWind Virtual SAN review - Part 7 - Final Thoughts<a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><span style="font-family: "arial" , "helvetica" , sans-serif;">I spent a quite interesting couple of weeks with StarWind product. Once you know it better you can definitely see how flexible this product is and how many scenarios it perfectly fits in. Given the fact that it has very low system requirements, e.g. you can run it without RAID array and you can use second-hand servers, StarWind Virtual SAN becomes a really tempting choice. </span><br />
<a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Even though StarWind aims its product at SMB/ROBO segment of the market it still delivers great performance and high availability for your storage. Moreover, StarWind R&D constantly brings in new features and are pretty open to Virtual SAN community suggestions.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">There are some new features and improvements that will be brought in future builds according to the roadmap:</span><br />
<ul><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a>
<li>Node majority for StarWind HA. Using node majority instead of heartbeat channels to solve potential split-brain issues in storage cluster. Additional data-less voting node for the case of even number of replication partners.</li>
</span></ul>
<i style="font-family: Arial, Helvetica, sans-serif;"><span style="font-size: x-small;">* hopefully, there will be a choice between both options.</span></i><br />
<ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">VTL: integration with system deduplication for tape images.</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Caching: cache statistics information in UI and cache management functionality for changing cache size and cache mode for existing device.</span></li>
</ul>
<i style="font-family: arial, helvetica, sans-serif;"><span style="font-size: x-small;">* that is one of the feature I lacked while running performance tests.</span></i><br />
<ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Global deduplication: shared deduplication base for multiple LSFS devices.</span></li>
</ul>
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: x-small;">* I assume it will increase deduplication ratio and at the same time will decrease RAM allocation for hash tables</span><br />
<ul>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">LSFS extend device functionality. Change size of existing LSFS device.</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">LSFS device maximum size is to be increased to 64TB</span></li>
</ul>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
</span>
<br />
<div>
<a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=4991582231121311353" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
On top of that I would really like to see the following functionality:</span><br />
<ul><span style="font-family: "arial" , "helvetica" , sans-serif;">
<li>be able to change cache size on the fly and some kind of built-in health checks.</li>
<li>It would be also great to get some kind of dashboard that will show current alerts - e.g. failed Sync link; potential issues - e.g. low disk space; performance stats - e.g. disk latency, IO size. </li>
<li>Shorter LSFS mounting time</li>
<li>Simultaneous resync for multiple devices. Currently only one device can be re-synced at a time after partner node’s reboot. </li>
</span></ul>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
</span>
<br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "arial" , "helvetica" , sans-serif;">And my biggest wish is that StarWind get all their documentation updated to the latest builds. It would be also great to have a cookbook which deep-dives into technical explanation of all great features the product and describes the most common deployment scenarios. </span></span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
<br />StarWind Virtual SAN is a permanent tenant in my home lab now and I will definitely be tracking the progress of this product in future versions.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "arial" , "helvetica" , sans-serif;"></span><br /></span>
<br />
<div style="font-family: Times;">
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<a href="http://vmnomad.blogspot.com.au/2016/04/starwind-virtual-san-on-esxi-review-part-1.html" target="_blank"><span lang="ru-RU">StarWind Virtual SAN on ESXi review - Part 1</span><span lang="ru-RU"> </span><span lang="en-AU">- Overview</span></a></div>
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<a href="http://vmnomad.blogspot.com.au/2016/04/starwind-virtual-san-on-esxi-review-part-2.html" target="_blank"><span lang="ru-RU">StarWind Virtual SAN on ESXi review - Part 2</span><span lang="en-AU"> - Networking/iSCSI Topology</span></a></div>
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<a href="http://vmnomad.blogspot.com.au/2016/04/starwind-virtual-san-on-esxi-review-part-3.html" target="_blank"><span lang="ru-RU">StarWind Virtual SAN on ESXi review - Part 3</span><span lang="en-AU"> - Disk and Cache Types</span></a></div>
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<a href="http://vmnomad.blogspot.com.au/2016/04/starwind-virtual-san-on-esxi-review-part-4.html" target="_blank"><span lang="ru-RU">StarWind Virtual SAN on ESXi review - Part 4</span><span lang="en-AU"> - Installation Guide Notes</span></a></div>
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<a href="http://vmnomad.blogspot.com.au/2016/04/starwind-virtual-san-on-esxi-review-part-5.html" target="_blank"><span lang="ru-RU">StarWind Virtual SAN on ESXi review - Part 5</span><span lang="en-AU"> - Performance tests</span></a></div>
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<a href="http://vmnomad.blogspot.com.au/2016/04/starwind-virtual-san-on-esxi-review-part-6.html" target="_blank"><span lang="ru-RU">StarWind Virtual SAN on ESXi review - Part 6</span><span lang="en-AU"> - Failure Scenarios</span></a></div>
<div style="font-family: Calibri; font-size: 11pt; margin: 0in;">
<br /></div>
</div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
</span>
<br />
<div style="font-family: arial, helvetica, sans-serif;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">This review has been sponsored by StarWind, but I have to admit that I genuinely liked this product.</span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">
</span></div>
</div>
vmnomadhttp://www.blogger.com/profile/02515151385546400290noreply@blogger.com3