Single Initiator Zoning, recommended or not?

March 4th, 2010 | 15 Comments

A question we receive a lot is what kind of zoning should be implemented for our storage solution? The answer is usually really short and simple: at least single initiator zoning.

Single initiator zoning is something we have always recommend in the field (VMware PSO Consultants/Architects) and something that is clearly mentioned in our documentation… at least that’s what I thought.

On page 31 of the SAN Design and Deploy guide we clearly state the following:

When a SAN is configured using zoning, the devices outside a zone are not visible to the devices inside the zone. When there is one HBA or initiator to a single storage processor port or target zone, it is commonly referred to as single zone. This type of single zoning protects devices within a zone from fabric notifications, such as Registered State Change Notification (RSCN) changes from other zones. In addition, SAN traffic within each zone is isolated from the other zones. Thus, using single zone is a common industry practice.

That’s crystal clear isn’t it? Unfortunately there’s another document floating around which is called “Fibre Channel SAN Configuration Guide” and this document states the following on page 36:

  • ESX Server hosts that use shared storage for virtual machine failover or load balancing must be in one zone.
  • If you have a very large deployment, you might need to create separate zones for different areas of functionality. For example, you can separate accounting from human resources.

So which one is correct and which one isn’t? I don’t want any confusion around this. The first document, the SAN Design and Deploy guide is correct. VMware recommends single initiator zoning. Of course if you want to do “single initiator / single target” that would even be better, but single initiator is the bare minimum. Now let’s hope the VMware Tech Writers can get that document fixed…

CPU/MEM Reservation Behavior

March 3rd, 2010 | 22 Comments

Again an interesting discussion we had amongst some colleagues (Thanks Frank, Andrew and Craig! Especially Craig as most text below comes from The Resource Master). The topic was CPU/Memory reservations and more specifically the difference in behavior of these two.

One would expect that both a CPU and Memory reservation would have the same behavior when it comes to claiming and releasing resources but unfortunately this is not the case. Or should we say fortunately?

The following is taken from the resource management guide:

CPU Reservation:
Consider a virtual machine with reservation=2GHz that is
totally idle. It has 2GHz reserved, but it is not using any of
its reservation. Other virtual machines cannot reserve these 2GHz. Other virtual machines can use these 2GHz, that is, idle
CPU reservations are not wasted.

Memory Reservation:
If a virtual machine has a memory reservation but has not yet accessed its full reservation, the unused memory can be reallocated to other virtual machines. After a virtual machine has accessed its full reservation, ESX Server allows the virtual machine to retain this much memory, and will not reclaim it, even if the virtual machine becomes idle and stops accessing memory.

The above paragraph is a bit misleading , as it seems to imply that a VM has to access its full reservation. What it should really say is “Memory which is protected by a reservation will not be reclaimed by ballooning or Host-level swapping even if it becomes idle,” and “Physical machine memory will not be allocated to the VM until the VM accesses virtual RAM needing physical RAM backing.” Then that pRAM is protected by the reservation and won’t be reclaimed by ballooning or .vswp-file swapping. If there is any .vswp memory at all as no .vswp is created when the reservation is equal to the provisioned memory.

Note, however, that even if pRAM is not allocated to the VM to back vRAM because the VM hasn’t accessed corresponding vRAM yet, the whole reservation is reserved, but the pRAM could still be used  This gets really confusing. But I think of it thus:

  1. Reservations can be defined at the VM level or the Resource Pool level.
  2. Reservations at the RP level are activated or reserved immediately.
  3. Reservations at the VM level are activated or reserved when the VM is powered on.
  4. An activated reservation is removed from the total physical Resource “Unreserved” accounting.
  5. Reserving and using a resource are distinct: memory or CPU can be reserved but not used or used but not reserved.
  6. CPU reservations are friendly.
  7. Memory reservations are greedy and hoard memory.
  8. Memory reservations are activated at startup, yet pRAM is only allocated as needed. Unallocated pRAM may be used by others.
  9. Once pRAM is protected by a memory reservation, it will never be reclaimed by ballooning of .vswp-swapping even if the corresponding vRAM is idle.

Example: A VM has 4 GB of vRAM installed and a 3 GB memory reservation defined. When the VM starts, 3 GB of pRAM are reserved. If the host had 32 GB of RAM installed and no reservations active, it now has 29 GB “unreserved”.

However, if the VM accesses only 500 MB of vRAM, only 500 MB of pRAM are allocated (or granted) to it. Other VMs could use 2500 MB of RAM that you would think is part of the reservation. They cannot reserve that 2500 MB however. As soon as the VM accesses 3 GB of vRAM and so has 3 GB of pRAM backing it, no other VMs can use that 3 GB of pRAM even if the VM never touches it again, because that pRAM is now protected by the 3 GB Reservation.  If the VM uses 4 GB, it gets the 3 GB guaranteed never ballooned or swapped, but the remaining 1 GB is subject to ballooning or swapping.

Simple huh ;-)

Re: Memory Compression

March 2nd, 2010 | 4 Comments

I was just reading Scott Drummonds article on Memory Compression. Scott explains where Memory Compression comes in to play. I guess the part I want to reply on is the following:

VMware’s long-term prioritization for managing the most aggressively over-committed memory looks like this:

  1. Do not swap if possible.  We will continue to leverage transparent page sharing and ballooning to make swapping a last resort.
  2. Use ODMC to a predefined cache to decrease memory utilization.*
  3. Swap to persistent memory (SSD) installed locally in the server.**
  4. Swap to the array, which may benefit from installed SSDs.

(*) Demonstrated in the lab and coming in a future product.
(**) Part of our vision and not yet demonstrated.

I just love it when we give insights in upcoming features but I am not sure I agree with the prioritization. I think there are several things that one needs to keep in mind. In other words there’s a cost associated to these decisions / features and your design needs to adjusted to these associated effects.

  1. TPS -> Although TPS is an amazing way of reducing the memory footprint you will need to figure out what the ratio of deduplication is. Especially when you are using Nehalem processors there’s a serious decrease. The reasons for the decrease of TPS effectiveness are the following:
    • NUMA – By default there is no inter node transparent page sharing (read Frank’s article for more info on this topic)
    • Large Pages – By default TPS does not share large(2MB) pages. TPS only shares small(4KB) pages. It will break large pages down in small pages when memory is scarce but it is definitely something you need to be aware off. (for more info read my article on this topic.
  2. Use ODMC -> I haven’t tested with ODMC yet and I don’t know what the associated cost is at the moment.
  3. Swap on local SSD -> Swap on local SSD will most definitely improve the speed when swapping occurs. However as Frank already described in his article there is an associated cost:
    • Disk space – You will need to make sure you will have enough disk space available to power on VMs or migrate VMs as these swap files will be created at power on or at migration.
    • Defaults – By default .vswp files are stored in the same folder as the .vmx. Changing this needs to be documented and taken into account during upgrades and design changes.
  4. Swap to array (SSD) -> This is the option that most customers use for the simple reason that it doesn’t require a local SSD disk. There are no changes needed to enable it and it’s easier to increase a SAN volume than it is to increase a local disk when needed. The associated costs however are:
    • Costs – Shared storage is relatively expensive compared to local disks
    • Defaults – If .vswp files need to be SSD based you will need to separate the .vswp from the rest of the VMs and created dedicated shared SSD volumes.

I fully agree with Scott that it’s an exciting feature and I can’t wait for it to be available. Keep in mind though that there is a trade off for every decision you make and that the result of a decision might not always end up as you expected it would. Even though Scott’s list makes totally sense there is more than  meets the eye.

Disable Tech Support on ESXi?

March 1st, 2010 | 17 Comments

We had an interesting discussion on one of the internal mailing lists this week. Someone asked what the general opinion was about disabling Tech Support. Of course some said disabling should not be a problem, but many also disagreed. The reason for this is simple: Support.

When Tech Support is disabled it removes the option to login to the console with “unsupported“. Please keep in mind that the console is the only way to get direct command line access to ESXi as SSH is disabled by default. This also means that in order to get access to the console you will need access to the physical host, or the IP KVM switch / DRAC / ILO for that matter. Hosts are usually located in a secured environment which removes the need for limiting console access in my opinion.

I can still imagine that people have a different opinion, but if you look at it from a support perspective you might change your mind. Troubleshooting an issue can get really complicated when there is no Tech Support access. I guess in a high secure environment you could treat ESXi as a stateless appliance and just install a new version when it fails. Personally I would prefer to find the root cause and try to prevent the same problem from occurring again.

Of course you can enable Tech Support again when needed but a reboot is required. This might cause the symptoms of the problem you were facing to disappear. It’s my recommendation to Keep Tech Support enabled.

[edit] Of course Alan “the king of powershell” Renouf jumped on this topic immediately and created a couple of lines of script which show you the current setting, disable it for all hosts or enable it for all hosts. Thanks Alan! [/edit]

VMware vCenter SRM 4.0.1 released

February 27th, 2010 | No Comments

VMware just released VMware vCenter SRM 4.0.1.

Site Recovery Manager 4.0.1
File size: 104 MB

You can find the download here. This patch fixes the following issues:

  • Test recovery times have been improved for ESX 4.0.1 hosts that use iSCSI arrays.
  • a problem that could cause a recovery plan to hang while powering-off virtual machines at the protected site if the virtual machine’s storage goes offline while the plan is running
  • Customization is now supported for virtual machines running Windows 7 and Windows 2008 R2.
  • a problem that could prevent IP customization from updating the /etc/hosts file on a protected virtual machine running Linux
  • a problem that could cause intermittent site disconnections when there was a firewall between the sites that was configured to close connections due to inactivity
  • a problem that could cause test and recovery networks to be swapped in a recovery plan after the SRM service was restarted
  • a problem that could cause datastore group calculation to fail with a “Not initialized” exception when encountering a virtual machine with an RDM device for which the lunUuid is not set
  • a problem that could cause a recovered virtual machine to be deleted if an administrator manually removed it from a protection group while a recovery plan was being run
  • a problem that could cause the SRM Installer to fail to update vCenter credentials when running in Repair mode
  • a problem that caused the Perl installation created by SRM to be incompatible with some Perl packages. This fix eliminates the need to create the temporary Perl installation mentioned in VMware Knowledge Base article 1014232.
  • a problem that could cause the SRM Service to hang when a Configure All operation configured more than 300 virtual machines
  • a problem that could cause recovery plan failures with hardware iSCSI HBAs connected to Clarriion arrays

VMware vCenter Update Manager 4.0 Update 1 Patch 1

February 27th, 2010 | No Comments

VMware just released VMware vCenter Update Manager 4.0 Update 1 Patch 1.

This patch resolves the following issues :

  • After upgrading Cisco Nexus 1000V VSM to the latest version, you might not be able to patch the kernel of ESX hosts attached to the vDS (KB 1015717)Upgrading Cisco Nexus 1000V VSM to the latest version upgrades the Cisco Virtual Ethernet Module (VEM) on ESX hosts attached to the vDS. Subsequently, from the same vSphere Client instance, you might not be able to use a host patch baseline to apply patches to the ESX vmkernel64 or ESXi firmware of hosts attached to the vDS. Applying patches to ESX vmkernel64 or ESXi firmware requires that you include the compatible Cisco Nexus 1000V VEM patch in the baseline. However, this patch might not be available for selection in the Update Manager New Baseline wizard or in the Update Manager patch repository.
  • Upgrade of Cisco Nexus 1000V version 4.0(4)SV1(1) to version 4.0(4)SV1(2) with Update Manager might fail for hosts with certain patch levels (KB 1017069)If you are using Cisco Nexus 1000V version 4.0(4)SV1(1), and the ESX patch bulletins ESX400-200912401-BG or ESXi400-200912401-BG are installed on the host, you might not be able to upgrade to Cisco Nexus 1000V version 4.0(4)SV1(2).
  • Scanning of hosts in a cluster and staging of patches to hosts in a cluster might take a long time to finishThe scanning and staging operations of hosts in a cluster run sequentially. If a cluster contains a lot of hosts, scanning and staging patches might take a long time to be completed. Scanning and staging of hosts in a cluster run concurrently on all of the selected hosts in the cluster.

For details regarding these new fixes, please refer to the release notes.

VMware vCenter Update Manager 4.0 Update 1 Patch 1 is available for download.

VMware vCenter Update Manager 4.0 Update 1 is required for installation of this patch.

Want to be part of the vCloud Team?

February 26th, 2010 | 1 Comment

If you are based in EMEA and are up for a challenge you might want to check out the following job roles as the VMware vCloud Services Team is still looking for highly motivated and skilled people! Just drop me (duncan @ yellow-bricks.com) an email when you are interested and I will make sure your resume will end up in the right spot!

  • Senior Engagement Project Manager -TS Cloud Services
    As a VMware Cloud Services Engagement Program Manager within the Cloud Services team, you will be acting as a thought leader for a specific segment of Cloud Service Providers as well as Enterprise accounts developing on-premise clouds. You will manage VMware Cloud services engagements, have strong contacts within the accounts you support, and support the sales teams building pipeline for the customer segment for which you are responsible.
  • Senior Engagement Project Manager -TS Cloud Services
    As a VMware Cloud Services Engagement Program Manager within the Cloud Services team, you will be acting as a thought leader for a specific segment of Cloud Service Providers as well as Enterprise accounts developing on-premise clouds. You will manage VMware Cloud services engagements, have strong contacts within the accounts you support, and support the sales teams building pipeline for the customer segment for which you are responsible.
  • Consulting Architect-TS Cloud Services
    As a VMware TS Cloud Services Architect, you will provide customers technical leadership in the installation, configuration, and implementation of VMware-based cloud solutions. You will help to document best practices in developing and deploying VMware solutions, and feed them into our knowledge base for best practices by customers and partners. This group gives the architect the opportunity to work in most of the top Fortune 500 companies in the world.
  • Senior Consultant-TS Cloud Services
    As a VMware TS Cloud Services Consultant, you will provide customers technical leadership in the installation, configuration, and implementation of VMware-based cloud solutions. You will help to document best practices in developing and deploying VMware solutions, and feed them into our knowledge base for best practices by customers and partners. This group gives the consultant the opportunity to work in most of the top Fortune 500 companies in the world.
  • Senior Consultant-TS Cloud Services
    As a VMware TS Cloud Services Consultant, you will provide customers technical leadership in the installation, configuration, and implementation of VMware-based cloud solutions. You will help to document best practices in developing and deploying VMware solutions, and feed them into our knowledge base for best practices by customers and partners. This group gives the consultant the opportunity to work in most of the top Fortune 500 companies in the world.
  • Senior Consultant-TS Cloud Services
    As a VMware TS Cloud Services Consultant, you will provide customers technical leadership in the installation, configuration, and implementation of VMware-based cloud solutions. You will help to document best practices in developing and deploying VMware solutions, and feed them into our knowledge base for best practices by customers and partners. This group gives the consultant the opportunity to work in most of the top Fortune 500 companies in the world.
  • Senior Consultant-TS Cloud Services
    As a VMware TS Cloud Services Consultant, you will provide customers technical leadership in the installation, configuration, and implementation of VMware-based cloud solutions. You will help to document best practices in developing and deploying VMware solutions, and feed them into our knowledge base for best practices by customers and partners. This group gives the consultant the opportunity to work in most of the top Fortune 500 companies in the world.
Page 2 of 13112345...Last »
Subscribe to RSS Feed Follow me on Twitter!