Entries from Eric Sloof

Technical Overview of the latest version of vSAN, including vSAN Max.

This document contains the latest updates, aligned to NSX version 4.1.

Some highlights include:

Technology overview chapters:

• TEP HA (Ch3)
• VPC/Projects (Ch2)
• A/A Stateful Gateways (Ch4)
• Bare Metal edge hardware recommendation (Ch8)
• DPUs (Ch9)
• Update VRF route leaking (Ch4)

Design Chapter (Ch7):

• Projects
• 1 VC to many NSX
• MTU recommendation, Gateway vs. global MTU

With vSphere 8 and NSX 4, VMware has introduced support for SmartNICs or Data Processing Units (DPUs). The DPU implementation in vSphere is called vSphere Distributed Service Engine.

DPUs (SmartNICs) are network cards with built-in intelligence that can perform various network functions directly on the adapter through their own programmable processors. In addition to the networking accelerators, DPUs like NVIDIA BlueField also have general-purpose Arm processor cores that can run a full ESXi general system.

With the DPU technology, NSX services like routing, switching, firewall and monitoring are offloaded to the DPU from the host hypervisor. With these capabilities, it is possible to improve performance, free up resources on the host and isolate workload and infrastructure domains.

White paper: Optimizing Networking and Security Performance Using VMware vSphere and NVIDIA BlueField DPU with BWI 

When I’m teaching a VMware training course, I often use Excalidraw as a tool for creating online whiteboard sessions. There was a good use case for this tool during the COVID-19 period, when most training courses were delivered online through Zoom or WebEX.

But nowadays, when I’m teaching a training course at an onsite training facility, I’m still using Excalidraw as my whiteboard tool, even when I can use a normal whiteboard with real markers instead.

Compared to a real physical whiteboard, Excalidraw still offers some great benefits; like drag-and-drop, elaborate and sharing the created whiteboard sessions. Those tasks can be performed much easier when working with a virtual whiteboard.

Recently Oliver Draghi introduced a new plug-in, especially targeted at VMware architecture icons. He did a great job creating whiteboard elements like networks, routers, databases, racks and much more. This plug-in is freely available, you can use it in Excalidraw with a simple click of a button.

I’ve created a short video to demo this plug-in within an Excalidraw whiteboard session.

Links:

Excalidraw

Oliver Draghi on LinkedIn

VMware architecture icons

Excalidraw Libraries

This is a video taken by Rick Sloof at Wednesday, August 23 at the strip in Las Vegas. It was picked up by several big media companies, like the BBC and ABC News. At this day in 2023, the VMware Explore Party took place in the WynnXS Las Vegas.

Dimitri Desmidt over at VMware has created a great presentation about NSX Anti-Malware Detection.

Here's a list with the topics:

What’s new in NSX 4.0.1 NSX Malware Detection and Prevention

• What is it?
• How does NSX Malware Detection and Prevention work?
• Malware Detection and Prevention
• Gateway Malware Detection
• Distributed Malware Detection and Prevention
• NSX Malware Detection and Prevention - Reporting
• NSX Malware Detection and Prevention Requirements / Limitations / Scale

Advanced points:

• NSX Malware Detection and Prevention High-Availability
• Malware File DB Population
• NSX Malware Detection and Prevention Installation
• NSX Malware Detection and Prevention Upgrade
• Supported Windows versions and VMware Tools releases

vSphere Diagnostic Tool is a Python script that runs diagnostic commands on the vCenter Server Photon Appliance to return useful troubleshooting data while running within the confines of the local environment without upstream dependencies.

The motivation behind this tools is to provide multiple Pass/Fail tests to quickly facilitate the rapid isolation of issues encountered in the vSphere environment.

• vCenter Basic Info
• Lookup Service Check
• AD Check
• vCenter Certificate Check
• Core File Check
• Disk Check
• vCenter DNS Check
• vCenter NTP Check
• vCenter Port Check
• Root Account Check
• vCenter Services Check
• VCHA Check

General Improvements:

• VDT now supports 8.0 U1!
• VDT 1.1.5 will no longer support vCenter 6.7, although many checks will still work. 1.1.4 will remain available for anyone still needing it on the 6.x product line.
• Credentials are now validated at the start. The user is notified that checks requiring authentication will not run if password validation fails 3x times.
• The default timeout behavior has changed. It now prompts a user to skip the check or let it run, instead of requiring the --force flag.

VC Database Check:

• The VCDB check now shows statistics levels as well as tasks and event retention policies.
• The VCDB check output is now in line with the results from KB 1028356.

VC VMDIR Check:

• The vmdir check now includes ELM partner information and tests port connectivity over 389, 443, 2012, and 2020 to them. The old port check has been removed in favor of this.
• The vmdir check now looks for stale (native) PSC HA config in the likewise registry

VC Certificate Check

• Certificate expiry time is now displayed with each certificate message.
• he vmdir cert from 6.0 is no longer included in the list of certificate checks

Bug fixes:

• VDT now decodes to utf-8 instead of ascii to avoid parsing errors
• Updated KB references

Maintaining an agile data center infrastructure tends to be a source of headaches for IT leaders and administrators. It doesn't have to be.

Hyper converged infrastructure (HCI) evolves the way that compute, storage, and management are delivered and provisioned to help you cut operational and capital costs, increase information technology (IT) and business agility, and improve application performance.

Get this free guide to learn how to: 

• Modernize your data center 
• Understand why you need Hyperconverged Infrastructure 
• Deploy a multi cloud platform

Metric is essentially an accounting of systems in operation. To understand the counter properly, hence requires a knowledge of how the system works. Without internalizing the mechanics, you will have to rely on memorizing. In Iwan 'e1' Rahabok's case, memorizing is only good for exams. So grab a cup of your favorite drink, and take some time to truly understand the reasons behind the metrics. You will appreciate the threshold better when you know how it was calculated. 

vSphere ships with many metrics and properties. If we take object by object, and document metrics by metrics, it would be both dry and theoretical. You will be disappointed, as it does not explain how your real world problems are solved.

This book begins with you. It focuses on the problems you are trying to solve when running your operations. It looks at all the use cases and breaks down the metrics from there, which helps you appreciate why the metrics are layered in such a manner.

At 300+ pages, it’s not a light reading. To keep the book size manageable, Iwan has excluded some metrics. To see the full list, see VMware Operations Transformation, 4th Edition. This 900-page book is also open-source and free. 

https://www.vmwareopsguide.com/

This book, Performance Best Practices for VMware vSphere 8.0 Update 1, provides performance tips that cover the most performance-critical areas of VMware vSphere 8.0 Update 1. It is not intended as a comprehensive guide for planning and configuring your deployments.

This book consists of the following chapters:

• Chapter 1, “Hardware for Use with VMware vSphere,” provides guidance on selecting hardware for use with vSphere.
• Chapter 2, “ESXi and Virtual Machines,” provides guidance regarding VMware ESXi™ software and the virtual machines that run in it.
• Chapter 3, “Guest Operating Systems,” provides guidance regarding the guest operating systems running in vSphere virtual machines.
• Chapter 4, “Virtual Infrastructure Management,” provides guidance regarding infrastructure management best practices.

Download PDF