vSphere 7.0 : DRS Re-Designed

Although vsphere 7.0 is a major enhancement in itself with lots of new features added like Kubernetes (Project Pacific), vCenter Server Profiles, vsphere Lifecycle Manager(vLCM), Certificate Management, Refactored vMotion etc.

But the one that caught my eye and is completely re-designed after a span of 15 years is DRS (Distributed Resource Scheduler).

How DRS used to work before vsphere 7.0?

DRS was released back in 2006 and since then it wasn’t changed that much. However, there were a couple of enhancements and changes in vSphere 6.7 (new Initial Placement, NVM Support and enhanced resource Pool reservations). The version of DRS till vsphere 6.7 was a Cluster centric Model. In simple words, the resource utilization was always balanced across the Cluster.

DRS till vsphere 6.7 was a Cluster centric Model.

It’s important to know that DRS regularly monitored the cluster’s balance state once every five minutes, by default, and took the necessary actions to fix any imbalance by live migrating the VM onto the new host using vMotion.

In this way, DRS ensured that each virtual machine in the cluster gets the host resources like memory and CPU, that it needs.

What has changed in DRS vsphere 7.0?

VMware shifted their focus from Cluster centric to Workload Centric Model. Meaning whenever VM runs on an ESXi Host, it calculates “VM DRS Score”. It is totally a new concept!

This score verifies if the VM is scoring enough or is it happy enough on that particular ESXi Host. Let’s see what it is!

VM DRS Score

  • VM DRS Score or also called as “VM Happiness” Score can be defined as the execution efficiency of a virtual machine.
  • Values closer to 0% (not happy) indicate severe resource contention while values closer to 100%(happy) indicate mild to no resource contention.
  • The VM DRS score “works” in buckets. These buckets are 0-20%, 20-40%, 40-60%, 60-80% and 80-100%.
  • A lower bucket score doesn’t directly mean that VM is not running properly. It’s the execution efficiency which is low.
  • DRS will try to maximize the execution efficiency of each virtual machine while ensuring fairness in resource allocation to all virtual machines in the cluster.

How VM DRS Score is calculated?

The calculation of VM DRS Score is per-VM or for a single workload on all the hosts within a cluster.

There are several metrics responsible for VM DRS Score –

  • Performance: DRS looks at CPU Ready Time, CPU Cache behavior and Swapped Memory of the VM.
  • Capacity of the ESXi Host: DRS looks at the headroom that an ESXi Host has and see if an application/workload can burst enough on the ESXi Host that it is running on. This parameter is also called as VM Burst Capacity.
  • Migration Cost: The cost of migration of a VM from one ESXi Host to another. So, you won’t be seeing lots of vMotion happening now! (Only if your DRS is set to Fully-Automated).

Most interesting part is VM DRS Score is calculated every min which gives you far more granular approach.

VM DRS Score is calculated every single min compared to older version where DRS monitored the Cluster’s state every 5 mins.

Cluster DRS Score

As you can see in the diagram, there is something called as Cluster DRS Score which is defined as the average DRS Score of all the virtual machines in the cluster.

Scalable shares:

Very Interesting Concept!

Scalable shares are configured on a cluster level and/or resource pool level.

What’s new is that when you set share level to “high”, it will make sure that VM’s in a Resource pool set to High shares really get more resource prioritization over lower share Resource pools.

In earlier DRS versions, it could possibly occur that VM’s in a Resource pool with shares to “Normal” could get the same resources as a High share Resource pool. Higher share value did not guarantee Higher resource entitlement. This issue is fixed with Scalable Shares.

This setting can be found under Cluster Settings > vSphere DRS > Additional Options > Scalable Shares.

Wrap Up:

We just touched the DRS part. We haven’t discussed about the improved vMotion (or Refactored vMotion) or Assignable Hardware which also plays a major part for DRS.

I hope this article was helpful.

Stay Tuned, and follow the Blog!

For more information on vsphere 7.0, please visit –

Set SCSI controllers to a VM HDD: vRO workflow

Hello All,

SQL servers on VMware infrastructure need to be built as per recommended guidelines. One of the major recommendations is to have specific SCSI controllers assigned to data HDD of a SQL server. The idea here is to have dedicated SCSI controllers for each data disk so that it does not pass all the data via a single SCSI controller.

Recently, I had come across a use case whereas a part of VM provisioning from vRA, I needed to point my SQL server VM disks 3/4/5 to different Para Virtual SCSI controllers.

Hard disk addition to a VM can be handled as part of blueprint or, XAAS request from vRA.

Steps for vRO Workflow to configure SCSI Controller:

Step 1: Shutdown the VM [Used inbuilt WF “Power off the virtual machine and wait“]

Step 2: Create 3 additional SCSI controllers [Copied in-build vRO action “createVirtualScsiControllerConfigSpec” 3 times with updated value of both controller.key and controller.busNumber as 1,2,3 respectively for SCSI controllers 1,2,3 ]

2020-03-15_17-14-41

Step 3: Reconfigure VM to have above SCSI controllers added

Step 4: Identify Hard disks by labels and point individual disk to new SCSI controllers

Both Step 3 and 4 will be handled by the below code:

var configSpec = new VcVirtualMachineConfigSpec();
var deviceConfigSpec = new Array();

deviceConfigSpec[0]= actionResult;
deviceConfigSpec[1]= actionResult1;
deviceConfigSpec[2]= actionResult2;

configSpec.deviceChange = deviceConfigSpec;

task = vm.reconfigVM_Task(configSpec);

System.sleep(5000);

var controller,controller1, controller2;
for each (var device in vm.config.hardware.device)
{
var label = device.deviceInfo.label;
if (label == “SCSI controller 1”)
{
controller = device;
System.log(“Found Controller 1 : ” + controller.key );
}
else if(label == “SCSI controller 2”)
{
controller1 = device;
System.log(“Found Controller 2 : ” + controller1.key );
}
else if (label == “SCSI controller 3”)
{
controller2 = device;
System.log(“Found Controller 3 : ” + controller2.key );
}
}
if(!controller && !controller1 && !controller2)
{
throw “ERROR: Controller not found”
}

var diskConfigSpecs = new Array();
for each (var device in vm.config.hardware.device)
{
var label = device.deviceInfo.label;
if (((device.deviceInfo.label).indexOf(“Hard disk 3”) > -1) && ((device.deviceInfo.label).indexOf(“Hard disk”) > -1))
{
System.log(“Found disk to Change Controller: ” + label);
var diskConfigSpec = new VcVirtualDeviceConfigSpec();
diskConfigSpec.device = new VcVirtualDisk;
diskConfigSpec.device = device;
diskConfigSpec.device.controllerKey = controller.key;
diskConfigSpec.device.unitNumber = 0;
diskConfigSpec.operation = VcVirtualDeviceConfigSpecOperation.edit;
diskConfigSpecs.push(diskConfigSpec);
}
else if (((device.deviceInfo.label).indexOf(“Hard disk 4”) > -1) && ((device.deviceInfo.label).indexOf(“Hard disk”) > -1))
{
System.log(“Found disk to Change Controller: ” + label);
var diskConfigSpec = new VcVirtualDeviceConfigSpec();
diskConfigSpec.device = new VcVirtualDisk;
diskConfigSpec.device = device;
diskConfigSpec.device.controllerKey = controller1.key;
diskConfigSpec.device.unitNumber = 0;
diskConfigSpec.operation = VcVirtualDeviceConfigSpecOperation.edit;
diskConfigSpecs.push(diskConfigSpec);
}
else if (((device.deviceInfo.label).indexOf(“Hard disk 5”) > -1) && ((device.deviceInfo.label).indexOf(“Hard disk”) > -1))
{
System.log(“Found disk to Change Controller: ” + label);
var diskConfigSpec = new VcVirtualDeviceConfigSpec();
diskConfigSpec.device = new VcVirtualDisk;
diskConfigSpec.device = device;
diskConfigSpec.device.controllerKey = controller2.key;
diskConfigSpec.device.unitNumber = 0;
diskConfigSpec.operation = VcVirtualDeviceConfigSpecOperation.edit;
diskConfigSpecs.push(diskConfigSpec);
}
}

var configSpec = new VcVirtualMachineConfigSpec();
configSpec.deviceChange = diskConfigSpecs;
task = vm.reconfigVM_Task(configSpec);
System.sleep(5000);

Step 5: Power on the VM [Used inbuilt WF “Start the virtual machine and wait“]

Final Workflow schema will look like:

2020-03-15_17-20-23

Step 6: Integrate with vRA by configuring the workflow to be triggered as part of your existing Machine Provisioning Subscription or, create a new one if you don’t have one already. [ If you want to know how, comment below and i will write another blog about it]

Thanks,

Welcome, vSphere7 and Tanzu mission control

vSphere7

We all were waiting for this day, Today VMware has announced a few major products with a single objective and that is to fule app modernization. There is no secret what these products are. Yes, you got it right. These are vSphere7, Tanzu Mission Control, and VCF4.0. Please find a brief overview of these new releases.

vSphere7, Runs Kubernetes clusters natively on the existing vSphere platform. VMware admins have got a few new constructs like namespaces, Kubernetes PODs, and containers to manage. (Honestly, I don’t want to claim to know these new constructs. So, you are on your own in case you also fall into the same category as mine.) Please refer to https://blogs.vmware.com/vsphere/2020/03/vsphere-7.html to know more about vSphere7. 

Tanzu mission control, There was certainly a buzz around Project pacific and Tanzu mission control. With tanzu mission control, you can Build, Run and Manage Kubernetes clusters running on vSphere, Public cloud or even on the bare metal server. with the help of the tanzu portfolio, you can leverage consistent operations of Kubernetes across any cloud platform of your choice. 

I am sure you will find plenty of blog posts around the new product portfolio by VMware. However, I am highlighting some of the key takeaways from the event.

  • After the announcement during VMworld 2019, I didn’t expect VMware to release vSphere7 very soon. I was expecting this release during VMworld 2020. Anyways, this is great news and worth welcoming one. 
  • I loved how new vSphere constructs for Kubernetes look into vSphere. For sure, this was a big change for vSphere but the way it is introduced to both developers and VMware admin is simply awesome. Both communities have native look and feel for the new feature. Vmware admins won’t be surprised when they will first see the Namespaces/PODs and Containers spinning up into vSphere. on the other side, developers will continue to work with Kubernetes as they have been working in the past. Please see this demo to understand more. https://www.vmware.com/products/vsphere.html 
  • Any cloud, any device, any app, VMware’s bet on being a leader in Hybrid/Multi-Cloud space was visible. When you look at VCF 4.0 or Tanzu mission control then you can feel what VMware was saying it all along for the last few years. after a decade long debates and discussions, it is clear that edge computing is a real phenomenon and multi-cloud or hybrid cloud is the reality. Having this kind of environment certainly poses a great challenge for security and operations. How do you keep up the security game at its best across all the spheres? how do you keep consistent operations across IT organizations? We have to still wait for some time to see the outcomes of VMware’s Any cloud, any device, any app strategy. Overall, It looks promising. 

That’s it from my side though on the recent release event. I would also like to share some of the HOL labs which you guys can go through and a blog post which I found very useful for ramping up on Kubernetes and containers. 

  • HOL Labs
    • HOL-2032-91-CNA – VMware Tanzu Mission Control Simulation
    • HOL-2013-01-SDC – vSphere 7 with Kubernetes – Lightning Lab
    • HOL-2044-01-ISM – Modernizing Your Data Center with VMware Cloud Foundation
  • Project Pacific for New Users bu @lnmei

Thanks,

PsTK1: Getting Started with ‘NetApp PowerShell Toolkit’

Welcome back, As promised earlier, I am back with the new blog series. So let’s get started.

Note: From, Hereon I will be using abbreviation PSTK for ‘NetApp PowerShell ToolKit’, as the same has been referred on NetApp documentation as well.

What is Netapp PowerShell ToolKit? 

NetApp PowerShell Tool Kit (PSTK) is a PowerShell Toolkit packaged with 2 PowerShell Modules which are DataOntap and SANTricity. DataOntap module helps in managing NetApp Storage devices which are managed by the ONTAP management system- such as FAS, AFF, and NetApp Cloud, etc. SANTricity module is used to manage E-Series Storage array and EF-Series flash array.  In this blog series, I will be focusing only on the DataOntap PowerShell module. 

I am highlighting some of the specifications of PSTK here,

Platform: Windows only, Requires PowerShell 3.0 or above and .net 4.5 or above
Is it available on PSGallary? No, Not yet. This means that you can not download it from Install-Module cmdlet of PowerShell
PowerShell Core: No, It does not support PowerShell core yet. So you can’t use this on the Linux Platform yet.
# of cmdlets: 2300 or more for DataOntap Module and ~300 for SANTricity Module.

Documentation and Download link

Why should I learn PSTK?

If you are a Storage admin/Engineer then you would discover that working on PowerShell gives you greater flexibility and automation capabilities compare to any other shell environment. If you have already worked with PowerShell then it’s great. You can simply start using the PSTK module. If you haven’t worked with PowerShell then know this, PowerShell is the simplest scripting platform available for us. Invest some time and you will get it. 🙂

  • PowerShell is primarily a tool for administrators like us
  • PSTK is just a PowerShell module, so if you are already working on any other PowerShell module than you almost require zero additional skillsets to start working on PSTK or any other module in that case
  • The same script can help you to orchestrate things related to the different technology stack. For example, the same script can create a LUN with the help of the DataOntap PowerShell module and further creates a datastore in VMware with the help of PowerCLI (PowerShell Module for VMware vSphere)
  • Everything in PowerShell is an object
  • PowerShell’s command discoverability makes it easy to transition from typing commands interactively to creating and running scripts

How to Install?

Download the .msi installer file and click on install. Ensure you are running with PowerShell 3.0 or above version.

Import-Module

If you are running PowerShell 4.0 or above, By default module will be imported the moment you execute any of the commands which are part of that respective module. However, use below cmdlet if you want to import the module into the Powershell session.

importmodule

Get-Command cmdlet

Below cmdlet will list all the commands which are available to use from DataOntap Module.

If you are entirely new to the PowerShell then I would highly recommend you to refer PowerShell documentation to start your learning with Powershell.


Thanks,

 

 

Coming Soon: Blog Series, Netapp PowerShell Toolkit

PowerShell

Hello Everyone,

I used to consider myself a VMware engineer rather than anything else. Even though my core expertise was from the VMware Compute domain, I understood well in advance that if I want to be a good VMware engineer than I must also work on the Storage and Network piece of infrastructure.

In 2019, I have spent a good amount of time understanding and working on the Storage side of the world, given the role I have in my hand.

We use a data replication product that takes advantage of core Netapp functionalities like Linked Clone, DD copy, and Flex Vol, etc. to do the data replication from source to DR. In my current role, I am tasked to build, run/config and test the product and creates the operating procedures for Ops to follow. So obviously I do break, rebuild, re-config my lab infrastructure multiple times. That is where PowerShell comes into the picture.

Why I am Blogging about Netapp PowerShell Toolkit?

I was using the Netapp PowerShell toolkit for my own purpose and was never thinking of extending this knowledge to a larger audience. One day, I wanted to get some reports from another lab environment (obviously, I didn’t had the access required), I requested some help from our storage engineers. When I got the reports, it was all in a few screenshots or simply a text export. When you deal with a large amount of data, you would love to get it in a CSV or similar formats so that you can process it simply. If you have experienced PowerShell earlier than you could have figured it out by now what I am actually talking about. Yes, Its Get-Something|Export-csvThis is how easy when it comes to PowerShell. I felt like letting my friends know a few tips and tricks from PowerShell and they simply loved it.

For any system admin, be it Compute/Network or Storage, Challenges are the same. Everyone deals with data, Everyone needs to automate simple day to day tasks if not large scales of automation, and that is where PowerShell lets you win the battle. The same PowerShell NetApp toolkit helped me to write an orchestration that lets us migrate the protected workload from the one Storage controller to another one.

This one year of experience with Netapp Storage tells me that, there may be many more storage admins who might not be aware of NetApp PowerShell Toolkit. I intend to write this blog series to bring PowerShell capabilities and it’s advantages to Storage Engineers in their day to day work.

In the coming days, I would be writing about NetApp PowerShell Toolkit and it’s the usage. Here, I would share some tips and tricks to do NetApp Storage Orchestration via PowerShell toolkit.

I hope you would like this blog series. If you are currently working on NetApp storage, Please do comment below what you would like to read about? What are the current challenges you have as Storage admins? If you are using Netapp PowerShell Toolkit, How is your experience? until then stay tuned here will come back with first blog post in this blog series.

Please do subscribe and follow my blog if you haven’t done so far.


Thanks,

 

 

 

 

 

PSProvider and VMware datastore – PowerCLI

Hello everyone,

I am writing this short blog after a long time. While explaining in-out of PowerShell to some of my friends in person, I discussed about PSProviders. Most of the knowledge about PSProvider is information only and as a script writer we dont really bother about how powershell is playing with different resources (Variable/function/Filesystem/Registery Keys etc) which are used in PowerShell Session or a Script.

However as a VMware Admin I do use PSProvider in background alot in order to move the datastore item from,

  1. datastore to datastore
  2. Datastore to local drive (Windows Drive or Shared Drive) or vice versa

In this Post we will learn about Copy-DatastoreItem cmdlet and PSProviders.

What is PSProvider?

In Simple Term, PSProviders are special repository(data stored within Powershell)  to process the data as it recieves during PowerShell execution. This data is presented in their respective PowerShell drives which are known as PSDrive.

For Ex. See the below command output from Get-PSProvider

Get-Provider.PNG

by default, you get above psproviders which are registry, Alias, Environment, Filesystem, Function and variable. You can also see the respective drives associated to its PSProvider. This means that if you are creating any variable it will be stored in variable: , If you are creating a function then it will be stored in Function: 

check the below image, where i am going into respective drive and able to see the variable which i have created. 

CDVariable

In conclusion, whatever variable/function/etc which I create in powershell gets stored in their respective drives.

vimstore PSProvider. 

vimstore is a one of the PSProvider which you get after connecting to VMware vCenter via PowerCLI. Do this, Connect-VIServer vCenter-ip and then run get-PSProvider cmdlet and you will see additional PSProviders are available to you. These providers are something which provides VMware Inventory and datastore resources to the POwerCLI or PowerShell.
POwerCLIProviders

So, After connecting to vCenter via PowerCli you can see additional PSDrives are available to you, provided by 2 additional PSProviders. I can do cd vmstore: and can actually list the available datastore in the datastore inventory (Simillar to how we list the directories and files in a path) or can list the host inventory.

Once you are connected you can follow below commands to create a New-PSDrvive with ‘Vimdatastore’ PSProvider.

DatastoreDS

Now you have DS: drive which is available to you and you can basically navigate through the same way you do it for any other drive.

Use below command to move data from your local drive to the VMware datastore using PowerCLI. Please note that i am already in DS: , If you are in any other drive then give proper path using vimdatastore drive

copydatastore.PNG

Note: This method is quite helpful in case you are trying to move things around from datastore and you can automate the move operation. also this is an alternate to certificate error which you may receive while moving data from Web Client. For ex, Operation failed when I tried to upload the same ISO using web client.

CertError

Use PowerCLI vimdatastore Psprovider and copy-datastoreitem cmdlet to work around this.

 

Thanks

Jatin

 

 

 

 

 

 

 

 

 

Install-Module -Name VMware.Powercli, behind the proxies!

Are you trying to install PowerCLI from your corporate server? If yes, then you might have faced some sort of errors simillar to this-

nuget

Issue: 

Based on my experience this issue happens mainly because your powershell session is not able to talk to powershell gallery through Nuget package providers. This happens because of corporate proxy connection.

Or

Sometime you don’t have required package provider. In that case ensure FIPS compliant encryption is disabled.

For detailed steps please refer below

  1. Ensure you are running with PSVerion 5 or above. run $psversiontable to check the ps version. 
  2. Ensure you have required package providers
    • Open powershell as an administrator and Run this Get-PackageProvider
    • If you see output as below then you are good. check the step 2.
    • MicrosoftTeams-image
    • If you do not see any package provider than there could be a possibility that FIPS is enabled on your system.
      • Disable FIPS
        • open gpedit.msc
        • Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options
        • In the Details pane, double-click System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing and Disable it.

Important: if you do not have default package provider as shown above (more specifically PowerShellGet) then you will not be able to use commands such as install-module/ Find-Module /Update-Module /Save-module etc. 

2. Check the PSRepository

  • Ensure that Powershell gallery is register as PSRepository.
  • Run This command
    • Get-PsRepository
    • PSRepo1.PNG
    • If you see above warning then it means that there is no PSRepo exists.
    • Register PSRepository. 
      • Run this to register a PSRepository.
      • if you recieve below error, then your corporate proxy server is not allowing PSRepository to communiate with your system.
      • PSrepoErr
    • bypass connections via a proxy server.
      • You would require proxy server details (ProxyServerName and Port number)
      • Create a powershell profile by following steps, If its not there. check the below snap and follow exactly the samae
        • New-item -itemtype file -Path $Profile
        • Test-Path $profile
        • notepad $profile
        • Profile
      • With this pase below lines of code in your profile, save and close it. Change your proxy server address and port number
      • This will allow communication to PSgallery after you restart your PSSession.

  • Again run get-Psrepository and you have PSGallery available and registered as ps repository

PSRepApp

3. Now you have Packagemanager and PSRepository. 

4. Run Install-module -name VMware.PowerCLI -Force

5. This will require Nuget and as you have allowed PSgallery communication via proxy, It will first install Nuget and then it will install VMware.Powercli. 

Summary:

Coporate systems do have proxy and sometime FIPS compliance enabled. These 2 security standards stops commincation to PSgallery. Disable FIPS if its enabled and not required and then allow communication to PSgallery via proxy server as explained above.

 

-Jatin Purohit

 

Automate VMFS6 Upgrade – Update-VMfsdatastore cmdlet

By now you must be switching onto vSphere 6.5. During this time you would have also figured it out that there is no online upgrade for VMFS5 to VMFS6, which means that there is a little bit of planning would require to upgrade your VMFS datastores to VMFS6 version.

As of now, the most common approach (and I believe the only approach) is to-

  • Create a temporary VMFS5 datastore
  • Migrate VM, files, and folder from source datastore to temporary datastore
  • Unmount source datastore and delete the source datastore
  • Re-create a new VMFS6 datastore with the same LUN
  • Move back all the VMs and its folder to new VMFS6 datastore

A lot of manual pieces of work right! if its a matter of 5-10 datastore then there should not be any problem in upgrading datastores manually. However, almost all enterprise infrastructures work with hundreds or even thousands of datastores and you certainly need an automated way to do the upgrade.

Update-VMfsdatastore 

PowerCLI has introduced this cmdlet with PowerCLI 6.5, and all the steps which I explained to you earlier are done by this cmdlet.

The “Script”

The above script is just a snippet from my actual production script, You can modify this to suit your environment and need.

Key Take Aways

    • There should be an update required from VMware to allow users to define max number of VMs to storage vMotion at a time. This will eventually speed up the upgrade process. As of now update-vmfsdatastore migrates one VM at a time.
  • During my tests in POC, It was observed that upgrade was failing on datastores which had vmkdump files stored on it, skip any datastore which has vmkdump files, You can skip those datastores by doing something like this-
  • After migrating all active or registered VMs from the source datastore, if swap files or delta.vmdk (snapshots of a virtual disk) files are found, the datastore will not be upgraded.

Visit PowerCLI reference to know more about this cmdlet and its usage.

Hope you have enjoyed this post. Would love to hear back your feedback, challenges and use case regarding VMFS6 upgrade.

Thanks,