Category: Tips

Error “Idm client exception: Error trying to join AD, error code [11]” when joining a VCSA to AD domain

This is not clear in the documentation, but if you receive the following error when adding your device to an Active Directory:

Error “Idm client exception: Error trying to join AD, error code [11]” when joining a VCSA to AD domain

 The root cause of this is because of incorrectly formatted entries in the details form.

When adding a vCenter appliance to an Active Directory domain, remember this the vCenter Appliance is not a Windows device but a PhotonOS device and as such you should use the following:

  • The fully qualified domain name not the NETBios name for the domain field.
  • The LDAP format for Organisation units not the Active Directory format
  • The Qualified Username not the Windows format

See below for an example:

 

 

Remember Remember, Edit your Host Profile before applying.

Well today I remembered something, well to be truthful, I remembered it five minutes after moving my new hosts into maintenance mode, applying my newly created host profile from my reference host, filling in the network details for all the port groups and VMkernel groups and clicking finish.

So what exactly did I remember? Well I remembered that before you apply a reference host profile to a host that is over 6000 miles away (well to be fair, even if it is under your desk or hosted on your desktop), always remember to remove the policy that relates to your primary management console. Why? I hear you ask.

rug Continue reading “Remember Remember, Edit your Host Profile before applying.”

Host Becomes disconnected

In my current role I have inherited a largish vSphere 4.1 environment, that has to put it nicely “evolved”.  We have been having host disconnection issues in one of the clusters, coupled with HA Configuration errors.  well today one host disconnected and absolutely refused to reconnect, bizarrely it kept telling us that the username/password combination was incorrect within vCenter.

So we jumped on the ILo and entered the SAME username and combination and low and behold we gained access to the promised land.  Now I know what you are thinking “CapLocks”, but no checked that.

My next troubleshooting step was to restart the management agents on the errant host but again this did not fix the error.

The I had a “lightbulb” moment, as we checked the network settings on the host. I saw that the gateway address was incorrect, it was configured with a correct gateway address but for the wrong subnet.  it was set to the vMotion network not the Management network. reset that and all of a sudden we could rejoin vCenter.

I then checked the rest of the Hosts in the Cluster and found the same basic configuration error, we reset the gateway across the cluster and low and behold now HA works as designed and no more configuration errors.

Moral of this story is “Check the Basics”

VMUG (VMware User Group) Advantage

I have to admit that this one slipped under my radar, but apparently this an offer from the VMUG to  provide cheaper access to certain VMware products.  so the first question is what is the VMUG? it is VMware’s independent, and global organization that supports the local VMware User Groups. it was re-organised in mid 2010 to become a more customer-led organisation and appointed a number of Local VMUG leaders to a council to promote their message which is to maximize their members’ use of VMware and partner solutions through knowledge sharing, training, collaboration, and events

WOW you say so how can join, Now membership to VMUG is free of charge (you can sign-up here). there are local VMUG’s that regularly hold meetings, for example the UK as the London VMUG, the Northern VMUG, and the Scottish VMUG. However the global VMUG introduced what it has called the ‘Advantage’ programme; this is a paid-for addition to your membership which gives you an opportunity to obtain certain VMware products and education offerings at a discounted price.

The full benefits are listed here (and include a 20% discount on instructor led training;30% discount on VMware Fusion and VMware Workstation; and 1 Years FREE subscription to all VMware eLearning Courses (worth $750)!

Now as an  incentive, membership prices have been discounted until May 21st, 2011:

  • Individual package: $170

  • Corporate package with 2 users: $165 per user

  • Corporate package with 3+ users: $160 per user

Standard VMUG Advantage Pricing (after May 21st) will be:

  • Individual package: $200

  • Corporate package with 2 users: $180 per user

  • Corporate package with 3 – 5 users: $170 per user

  • Corporate package with 6+: $160 per user

If this interests you, you can subscribe here.

Although this is  a nice addition to what the VMUG’s offer it is still not TechNet,  now many people may not realise this but VMware used to have a similar offering to TechNet called the VMTN subscription for £199 a year, this product went end of life with the release of VI3. My personal wish is that this be returned, and made available in a similar fashion to Microsoft’s TechNet.

Virtualisation 101 – VMotion

What Is It?

VMotion is arguably VMware’s “killer app” – the feature that gave VMware’s hypervisor product a USP edge over its competition.    It enables an ESX host to transfer a running virtual machine over to a different ESX host without incurring downtime.  

When a VMware administrator initiates a VMotion migration the memory state of the chosen virtual machine is copied via a dedicated network link from the source host to target host;  when completed the target host registers the guest machine, attaches the virtual NICs to its own vSwitch(es) and takes control of the guest.

The handover happens so smoothly that network connections are maintained, rendering the process invisible to users, who at worst see the server pause for a second or two.

This feature effectively separates the physical hardware from the operating system, resulting in major benefits to business :-

  • A running virtual machine is no longer dependent on a single piece of hardware, reducing the risk of service outages should a hardware failure occur.
  • There is no need to perform planned hardware maintenance outside of working hours, reducing costs and improving responsiveness.
  • Workloads can be juggled across servers to best utilise the resources available: if an ESX host gets busy, guests can be moved off to a less busy hosts until balance is restored, improving efficiency.

What Do I Need to Deploy It?

Two ESXi/ESX hosts with compatible CPUs:    The target host must support the same processor features as the source host, otherwise the virtual guest could issue a command that the host cannot understand and result in the guest crashing.   For example you cannot migrate from an Intel server to an AMD server.  There are VMotion Compatibility Guides that group compatible server types together (see links below).   

New to vSphere, Enhanced VMotion Compatibility (EVC) can be enabled on a cluster to improve compatibility by checking with the hosts and calculating a CPU “mask” – a list of features supported by all hosts in the cluster.   As a last resort, and unsupported by VMware, a custom CPU mask can be defined manually (see the KB article linked to below for more details).

VMware Licensing:    Both hosts must be licensed with either Essentials+, Advanced, Enterprise or Enterprise+.

vCenter Server:   Source and target hosts must be managed by the same vCenter server (or linked vCenters), as migrations are initiated from the vCenter server, either from vSphere Client or the Move-VM cmdlet in Powershell.

VMotion Network:    A vmkernel interface (with an IP address separate from the Service Console or Management interface) must exist on both hosts for the express purpose of VMotion comms.

Because of the time-critical nature of the migration it must be a fast link (bandwidth >622Mbps, latency <5ms round trip) so Gigabit is required.  For resilience the vSwitch should have two or more NICs from different physical switches. 

Also note that VMotion data is NOT encrypted — and therefore insecure — so it is recommended that a dedicated VLAN and IP range be allocated for the VMotion interface.

Finally, if the VMotion network traverses a firewall then tcp port 8000 needs opening up.

Shared Storage:   The underlying files that make up the guest virtual machine must be accessible by both source and target host.  

Is VMotion Safe?

Generally VMotion is very safe, with any errors reported in the Task Pane and the migration aborted.  There are a few circumstances where VMotion isn’t possible :-

  • If the VM has a resource attached that is not available on the target – for example if a mapped CD ISO is stored on the source host’s local datastore.  (Storing ISOs on a shared LUN avoids this issue.)
  • If the VM has a physical SCSI controller attached, for example on virtual Microsoft Cluster nodes, or has a VMDirectPath device attached (which gives the guest direct access to a PCI device on the host).
  • Where the target host has insufficient resources to honour the guest’s requirements AND strict admission controls are in place for the cluster.

There are two priorities of VMotion available – High and Low.  This is about protecting performance of the guest, not of the migration.  A High Priority migration reserves sufficient CPU cycles on the target host to satisfy the guest’s requirements, otherwise it will abort the migration.  A Low Priority migration will go ahead regardless of target host CPU utilisation.

As VMotion transfers the memory state of the guest to the target host, a guest with 64Gb of RAM will take significantly longer to migrate than a guest with 1Gb of RAM. 

It is possible to run 4 concurrent VMotions on vSphere 4.1 hosts with Gigabit networking – if you’re lucky enough to have deployed 10Gb networking you can run up to 8 VMotions at the same time.

How Does VMotion Tie In With Other Features?

Putting a host into Maintenance Mode initiates the VMotioning of all running guests off that host.

DRS (Distributed Resource Scheduler) provides automated balancing of resources across all hosts in a cluster.   When enabled, vCenter analyses host utilisation every 5 minutes, and if a host is deemed significantly busier than the rest it will initiate VMotions of one or more guests off that host to lighten the load.

HA (High Availability) is a technology that monitors host availability, responding to failures to ensure a failed host’s virtual machines are brought online quickly on a working host.   It doesn’t use VMotion to achieve this.

So What Is Storage VMotion?

Storage VMotion is a separate feature for Enterprise or Enterprise+ hosts that provides the ability to move a running guest’s data files from one datastore to another.  This feature is fantastic for SAN migrations or maintenance work.   Migrations can also convert VMDK files between Thin and Thick formats.

One word of caution:  Storage VMotion of guests with RDM (Raw Disk Mapping) disks attached will by default convert the RDMs into VMDK files!   If RDMs are deployed, use the Advanced mode in the migration wizard.

Storage VMotion won’t work for guests with snapshots in place, or if any disks are non-persistent. 

One final tip:  If taking advantage of Storage VMotion it is worth checking whether your SAN is VAAI capable, in which case the vCenter can talk with the SAN to offload some disk actions such as this,  improving performance.

Where Do I Go From Here?

Introduction to VMotion:  http://www.vmware.com/products/vmotion/features.html

Configuring VMotion Networking:  http://www.youtube.com/watch?v=VaGtMtYA6H0

VMotion Compatibility Guide for Intel processors: 

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1991

VMotion Compatibility Guide for AMD processors:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1992

Modifying the CPU mask:  

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1993

It is all a question about which path to take.

Planning storage is a simple thing,  you go to your Storage Admin’s and say, I need x amount of LUNs of this size please for my ESX servers and they NO, we only do xGB size LUN’s, or they breath thought their teeth like a motor mechanic or plumber and say, Storage doesn’t grow on trees you know, we don’t have much left, are you sure you really need all that space, etc.

But I digress. 🙂

Continue reading “It is all a question about which path to take.”

Sales people – think of us Bloggers

I’ve always respected the value that technology bloggers bring to their readers/followers and have embraced them in my marketing strategies for vendors that I have and do work with.  However, it has recently struck me how few sales people know about the key bloggers in their sphere, and how few engage in Social Media (SoMe) activities, such as Twitter. Whilst it’s very common for the technical community not only to engage in SoMe but also know the key bloggers, it is still an under-utilised “tool” in the world of sales.  This got me thinking, who is responsible for providing the intel on bloggers to sales?

Well, the obvious answer is, of course, marketing.  And we need to educate sales folks to understand the value and importance of bloggers.  I wonder how many times a sales person has spoken to a prospective, or indeed current, customer without knowing they are a blogger and perhaps provided some snippet of information that could be broadcast globally without their knowing it?!

I conducted a small, totally unscientific, statistically invalid sample research to validate my thoughts, and with one exception, none of the sales folks were aware of any of their customer’s or partner’s that wrote a blog.  While they’d heard of the likes of Brian Madden and Doug Brown, they were not aware of people (either customers or partners) they had previously met writing a blog. The stats speak for themselves:

  1. 25% are aware of vinternals for example,
  2. 0% are aware of virtualisedreality however,
  3. 75% are on twitter

As stated, this was a very small sample but I do believe it generally represents a vendor’s sales force’s limited knowledge of bloggers. And in my experience generalisations are generally true!

What is the morale of the tale? As with any engagement, always know who you are talking to, as a sales person you should do your research before engaging with customers – there is a wealth of knowledge out there; Google, LinkedIn, etc.  There are a number of vendors that embrace bloggers extremely well – I won’t mention them, because they know who they are! –in my experience it is the exception not the rule.

I recommend marketing should provide sales a monthly, or even fortnightly, overview of key blogs that contain mentions and content of their respective solutions.  This way, sales can peruse coverage and become au fait with influential bloggers that may well be their customer – or hopefully might be in the future.

Vendors are generally great at maintaining their own blog and I am sure their sales people read these, or perhaps blogs that are written by their colleagues.  For any vendor reading this blog, I wholeheartedly encourage you to not only have a very clear understanding of the key influential bloggers in your respective market, but also to ensure you embrace them and treat them as important, if not more so, than some of your key press and analyst contacts.

Jane Rimmer is owner of hiviz-marketing , a strategic marketing consultancy servicing the IT industry.

How-to run XenServer on top of vSphere

As most of the readers here know, vSphere is so powerful it is able to virtualise itself. What is even more amazing is that it is able to virtualise the competition. Yes that’s right, you can run XenServer on top of vSphere including running some nested guests, without any problems.  Below I’ll walk you through the basic setup for doing this. Continue reading “How-to run XenServer on top of vSphere”