Jon Owings | CrashLoopBackoff

Some Xsigo Links

*Disclaimer I work for a Xsigo Partner, but I also think it is cool stuff. I do not get any compensation from any vendor for any blog post. My opinions are my own, unless I am copying them from someone.

I recently had someone on twitter ask if there were more Xsigo resources out there for research. He commented that it was really cool, but seemingly hard to find information. I tried to find good information that had some technical content (not just a press release). So I will post some links here and as I come across more I will update this post.

Straight from Xsigo.com
Xsigo Resources

Blog Posts
Xsigo – Try it out, I dare you! – Nigel Poulton (Awesome review and great comments)

Xsigo tips and tricks – Scott Lowe (Good technical content, some of this may have changed since new XMS’ have been released.)

Benefitting from IO Virtualization – Scott Lowe (Another good look at the product)

Maximizing I/O Virtualization – Scott Lowe (Again good concepts)

The Mini ESXi 4 Portable Server

Special thanks to Kevin Miller (@kevin_miller), for making sure I didn’t burn up anything and running out to Fry’s to get a new CPU when the orginal we ordered turned out to be not compatible.

List of the material used in final Version:

Intel DH57JG – Motherboard
Intel i5-661 Core Duo – Processor (special note: DO NOT get the i5-655k unlocked CPU in the picture, it was not compatible with any intel Motherboard)
Lian Li MINI ITX Case (6x9x12 in dimensions) supports Full size PSU
Rosewill silent PSU
Intel dual port PCIe 16x Gbe NIC
Stock intel heatsink and fan (Nexus fan in the picture was very cool, just too big to fit anything into the PCIe port.
2x Intel 80GB SSD
2x4GB OCZ Memory Kit

The server built amazingly fast using PXE boot and installing an ESXi image. Only thing that didn’t work that I wish it did was the on board NIC, 2 GigE ports will be more than enough for our purpose. This is not a lab machine but will run all the components I need to deploy a solution in an automated fashion. I really like VMware Fusion but if I try to run Windows 7, a Linux Server and a Windows 2003 server at the same time my awesome Mac Book Pro becomes useless. This is a lightweight and easy way to bring all of these components together for relatively low cost and if it can save half a day on an install it will pay for itself pretty fast.
I am running:
Windows 2003 ( a vCenter Template)
UDA20 – Ultimate Deployment Appliance that I fought with for a while and finally have it running reliably.
vSphere Mangement Assistant

As of this post working on building:
Windows 7 VM (for Powershell and other tools)
Maybe a free NFS/CIFS server for some easy file shares.
Linux Server (just in case I need it)

Now for some pics:

Before:

SSDs Mounted

Two 80 GB SSD’s are mounted in this space.

Everything going into the Case

Size relative to my hand

I do not have NBA player sized hands, hopefully this shows just how small the case is. This solution is a little more pricey for just a lab machine but if it travels I do not need a SATA disk failing because the server had a bumpy ride.

View Open Client 4.5 Beta 1.1 Now Out

I usually don’t just make announcements on this site. There are plenty of good news sites that let you know what is new and whatnot. I don’t remember if I saw this but I am behind on my reader feeds so forgive me if everyone already checked this out. The View Open Client is an open client (hence the name) to connect to VMware View Managed Desktop deployments if your OS is Mac or Linux and this is very good news. The java plugin or whatever you call it from the View web manager is annoying to me mainly because the java security is pesky. I know you can just change the settings in Java but I have had in the past where an update from Apple kills my previous settings.

All this to say someone today had never heard of the client and I had show him what was up. He was very happy to be introduced to the View Open client. So I thought it would be cool to spread the word a little more.

Here is the June 3, 2010 release with the fixes and changes from last version.

Here is the main google code site to get the download.

Enjoy the View Open Client!

vExpert 2010 – a High Five from VMware

Last Friday night I received an email from John Troyer at VMware inviting me to the vExpert 2010 program. It is an honor to be included with such a great list of people. I never know how to respond to be complimented. That is why I like high fives. It is like saying good job, but the only expected response is to high five back. No awkward thank you, or speeches needed. Just don’t leave me hangin’ and everything is understood.

I am extremely excited to get the VMware vExpert 2010, but since this is the internets, no one is here to high five.

So I will just say, “Thank you.”

Yo Gabba Gabba High Five

Really needed a reason to put this song in a post…

Update Manager and Isolated ESX Service Console Networks

Sometimes you may be required to run your vCenter server that has two network interfaces. One in the network it can be reached for remote desktop access and the other where it has access to the ESX servers in order to manage the VMware hosts. This is sort of a hybrid model of an isolated management network. Where only one host can reach the management ports. One thing to think about in this model is Update Manager by default will not like it. Everything may look ok, but trying to scan a host will fail. Luckily though it is an easy fix.

In the update manager configuration tab change the ip in the picture to the IP accessible by the ESX servers. Then remember to restart the Update Manager services. Now go back and run the ESX scan/stage/remediation.

B.Y.O.P – The Alternative Vblock

In college I often would be invited to a get together that could often include the letters BYOB, Bring Your Own Beer. Sometimes a cookout would be BYOM, Bring Your Own Meat (or meat alternative for the vegetarians). So today I want to leverage this to push my new acronym B.Y.O.P. Bring Your Own Pod. Lately I have been seeing people talk about Vblocks. If I can venture a succinct definition a Vblock is a pre-configured set of Cisco, EMC and VMware products tested by super smart people, approved by these people to work together, then supported by these organizations as a single entity. Your reseller/solutions provider really should already be doing this very thing for you. You may choose to buy just the network piece, or the hypervisor but your partner should be able to verify a solution to work from end to end and provide unified support.

So You can’t call it BYOPCVCEP

Why not Vblock? This might get me blacklisted by the Elders of the vDiva council, but VCE doesn’t exist to make your life in the datacenter easier, they exist to sell you more VMware, Cisco and EMC. Vblock for sure simplifies your buying experience. I believe they are all great products and may very well do just what you need. Without competition though the only winner is VCE. Do not by forced into a box by the giant vendors. Find someone that can help determine your end goal, provide you vendor neutral analysis of the building blocks needed to achieve your end goal. Then provide the correct vendors and unified support to Build Your Own Pod.

So What is the Alternative Vblock

Originally I was going to draw up a sweet solution of 3par, Xsigo and Dell R610’s and say, “Hey everyone! This is some cool stuff. Try to quiet the overwhelmingly loud voice calling from VCE and give this Alternative Vblock a try.” As I thought more and more about it I think doing that is contrary to my main point. I would like more to provide the discussion points or some possible products among others that can be used to Build Your Own Pod. I am a firm believer in getting what is right for your datacenter needs. So here is a few links to help begin the discussion.

Xsigo and Pod – Jon Toor
3par and iBlocks – Marc Farley

You might be a vDiva if…

I am avoiding a post where I have to think really hard about a topic. That makes me procrastinate and come up with even crazier ideas. I am writing this one down now. Most of these apply to me so if you are offended by any of them you are probably a vDiva.

You might be a vDiva if…

… you roll your eyes when someone talks about installing a PHYSICAL server.

… you are on twitter to see how many people you can get to look at your blog, but you never stoop so low to interact with the common folk.

… you are surprised when the guy at the table at the VMUG doesn’t know who you are.

… you constantly check your Google Analytics account to see how many views you have. (guilty)

… you refer to yourself as @… (your twitter account)

… you hunt down @jtroyer if you latest post takes too long to get on the v12n board.

… your require a signed rider agreement with your speaking topic for VMworld, saying you need 800 green M&M’s, a copy of Lord of the Rings in your hotel room, and direct phone access to Steve Herrod’s iPhone.

I probably ticked a bunch of people off. I am just having fun. Have a great day! Go ahead and add your own in the comments.

VMworld 2010 voting – Check out this VDI Session

I try to not “self promote” too much. A co-worker and I submitted a topic in the Desktop Virtualization track and I am giving in and spreading the word:

Thinning Down to Scale Out

Abstract:

Desktop Virtualization provides the ability run hundreds even thousands of desktops. Each small performance enhancement can make a difference when multiplied across an entire enterprise. This presentation will demonstrate the steps necessary to thin down your guest desktop image in order to provide overall better user experience.

Speaker: Kevin Miller, VeriStor Systems

We are not popular so this doesn’t qualify for the popularity contest that many other sessions have, plus my name doesn’t even show on the Session. One thing I will say is this will be a Practical technical session. You should leave saying, “here is some stuff I can do to improve my VDI setup.”

So go vote and if we get to present the session I will give you a high five. Vote now because voting ends May 26.

Operational Readiness

One thing I am thinking about due to the VCDX application is operational readiness. What does it mean to pronounce this project or solution good-to-go? In my world it would be to test that each feature does exactly what it should be doing. Most commonly this will be failover testing, but could reach into any feature or be as big as DR plan that involves much more than the technical parts doing what they should. Some things I think need to be checked:

Resources

Are the CPU, Memory, Network and Storage doing what they should be? Some load generating programs like IOmeter can be fine to test network and storage performance. CPU busy programs can verify Resource Pools and DRS are behaving the way they should.

Failover

You have redundant links right? Start pulling cables. Do the links failover for Virtual Machines, Service Console, and iSCSI? How about the redundancy of the physical network, even more cable to pull! Also test that the storage controllers failover correctly. Also, I will make sure HA does what it is supposed to, instantly power off a host and make sure some test virtual machines start up somewhere else on the cluster.

Virtual Center Operations

Deploy new virtual machines, host and storage VMotion, deploy from a template, and clone a vm are all things we need to make sure are working. If this is a big enough deployment make sure the customer can use the deployment appliance if you are making use of one. Make sure the alarms send traps and emails too.

Storage Operations

Create new luns, test replication, test storage alarms and make sure the customer understands thin provisioning if it is in use. Make sure you are getting IO as designed from the Storage side. Making use of the SAN tools to be sure the storage is doing what it should.

Applications

You can verify that each application is working as intended within the virtual environment.

There must be something I am missing but the point is trying to test out everything so you can tell that this virtualization solution is ready to be used.

Firewalls are not Routers

I am no network super-genius but I do enough with networking to be able to get by. Two common mistakes I find many times are flat networks and firewalls as the default gateway. A flat network is when generally switches are connected to one another without any configuration. There is one broadcast domain which means every packet that the switch does not have an entry in the MAC address table, is sent out all the ports but the originating port. This repeats across all of the switches until the layer 2 destination is found. Now, this means your expensive Cisco switches are barely better than hubs. You don’t have collisions like you would on a hub and once the switch learns where the MAC address lives it keeps that information for a certain amount of time. Then again in this network setup the logs are most likely not monitored so if there where collisions and other errors it goes unnoticed.
That is not the title of this post though. Although related to a flat network using the firewall is a different issue. Using the firewall as the router works just fine when you have a flat network. You may never notice the problem in a small network, but as your network grew you noticed how problems can come up when there is just one big network. So someone smart said use vlans to segment the network, create smaller broadcast domains. Then when you try to fix or change the flat network with subnets and vlans can you find out the new vlans can not reach the rest of the original network.

The current flat network with switches and the firewall used as the default gateway or router.

The problem comes when you add subnets that are different than the interface ip of the firewall. Firewalls in general have issue with redirecting traffic bound for other networks back out of the same interface. So in the picture above traffic from vlan 1 that is using the firewall as the default gateway trying to reach the subnet on vlan 10. Since the host on vlan 1 does not know where that network lives it sends the traffic to the default gateway. Even if you added a static route to the firewall the traffic will often fail. That is because firewalls are not meant to route but rather send traffic between trusted and untrusted networks and vice-versa. So the question becomes how do you actually fix your flat network that has the firewall as the router. There is of course more complicated solutions to provide high availability using VRRP or HSRP.
First get a real layer 3 device. That is a router or a switch capable of routing between multiple vlans. The good news is many of your newer switches are capable of layer 3, it is included in many Dell and HP switches, it may still be an add-on with Cisco. I haven’t used a new switch in the last year that did not have layer 3.
Next important step is use the layer 3 device (switch or router) to route everything. Set a default route in the layer 3 device to send only outbound traffic to the firewall and bam everything works. Why is this so hard. Many times there is hundreds of servers and desktops already configured to use the firewall as their router. We will do a lot of work to avoid having to do a bunch of manual work.

Now you are using a router to route and the firewall to block bad things and maybe even do NAT. (note: If you are doing NAT be sure to add your new VLANs to your NAT rules so the new networks can reach the outside of your firewall.)