vmware certified professional on vsphere 4...

of 85 /85
Page 1 of 85 VMware Certified Professional on vSphere 4 Blueprint Last Updated: 02/06/10 > [email protected] Contents Section 1 Plan, Install and Upgrade VMware ESX/ESXi ........................................................................................................ 3 Objective 1.1 -- Install VMware ESX/ESXi on local storage ................................................................................................. 3 Objective 1.2 Upgrade VMware ESX/ESXi ........................................................................................................................ 6 Objective 1.3 Secure VMware ESX/ESXi ........................................................................................................................... 8 Objective 1.4 Install VMware ESX/ESXi on SAN Storage ................................................................................................ 10 Objective 1.5 Identify vSphere Architecture and Solutions ........................................................................................... 13 Section 2 Configure ESX/ESXi Networking ......................................................................................................................... 15 Objective 2.1 Configure Virtual Switches ....................................................................................................................... 15 Objective 2.2 Configure vNetwork Distributed Switches ............................................................................................... 18 Objective 2.3 Configure VMware ESX/ESXi Management Network .............................................................................. 19 Section 3 Configure ESX/ESXi Storage ................................................................................................................................ 20 Objective 3.1 Configure FC SAN Storage ........................................................................................................................ 20 Objective 3.2 Configure iSCSI SAN Storage .................................................................................................................... 22 Objective 3.3 Configure NFS Datastores ........................................................................................................................ 25 Objective 3.4 Configure and Manage VMFS Datastores ................................................................................................ 26 Objective 3.BONUS Understanding Storage Device Naming ......................................................................................... 27 Section 4 Install and Configure vCenter Server ................................................................................................................. 28 Objective 4.1 Install vCenter Server ............................................................................................................................... 28 Objective 4.2 Manage vSphere Client plug-ins .............................................................................................................. 31 Objective 4.3 Configure vCenter Server ......................................................................................................................... 32 Objective 4.4 Configure Access Control ......................................................................................................................... 34 Section 5 Deploy and Manage Virtual Machines and vApps ............................................................................................. 36 Objective 5.1 Create and Deploy Virtual Machines ....................................................................................................... 36 Objective 5.2 Manage Virtual Machines ........................................................................................................................ 40 Objective 5.3 Deploy vApps ........................................................................................................................................... 42 Section 6 Manage Compliance ........................................................................................................................................... 44 Objective 6.1 Install, Configure and Manage VMware vCenter Update Manager ........................................................ 44 Objective 6.2 Establish and Apply ESX Host Profiles ...................................................................................................... 47 Section 7 Establish Service Levels ...................................................................................................................................... 49

Upload: buitruc

Post on 04-May-2018

247 views

Category:

Documents


2 download

TRANSCRIPT

Page 1 of 85

VMware Certified Professional on vSphere 4 Blueprint

Last Updated: 02/06/10 > [email protected]

Contents

Section 1 – Plan, Install and Upgrade VMware ESX/ESXi ........................................................................................................ 3

Objective 1.1 -- Install VMware ESX/ESXi on local storage ................................................................................................. 3

Objective 1.2 – Upgrade VMware ESX/ESXi ........................................................................................................................ 6

Objective 1.3 – Secure VMware ESX/ESXi ........................................................................................................................... 8

Objective 1.4 – Install VMware ESX/ESXi on SAN Storage ................................................................................................ 10

Objective 1.5 – Identify vSphere Architecture and Solutions ........................................................................................... 13

Section 2 – Configure ESX/ESXi Networking ......................................................................................................................... 15

Objective 2.1 – Configure Virtual Switches ....................................................................................................................... 15

Objective 2.2 – Configure vNetwork Distributed Switches ............................................................................................... 18

Objective 2.3 – Configure VMware ESX/ESXi Management Network .............................................................................. 19

Section 3 – Configure ESX/ESXi Storage ................................................................................................................................ 20

Objective 3.1 – Configure FC SAN Storage ........................................................................................................................ 20

Objective 3.2 – Configure iSCSI SAN Storage .................................................................................................................... 22

Objective 3.3 – Configure NFS Datastores ........................................................................................................................ 25

Objective 3.4 – Configure and Manage VMFS Datastores ................................................................................................ 26

Objective 3.BONUS – Understanding Storage Device Naming ......................................................................................... 27

Section 4 – Install and Configure vCenter Server ................................................................................................................. 28

Objective 4.1 – Install vCenter Server ............................................................................................................................... 28

Objective 4.2 – Manage vSphere Client plug-ins .............................................................................................................. 31

Objective 4.3 – Configure vCenter Server ......................................................................................................................... 32

Objective 4.4 – Configure Access Control ......................................................................................................................... 34

Section 5 – Deploy and Manage Virtual Machines and vApps ............................................................................................. 36

Objective 5.1 – Create and Deploy Virtual Machines ....................................................................................................... 36

Objective 5.2 – Manage Virtual Machines ........................................................................................................................ 40

Objective 5.3 – Deploy vApps ........................................................................................................................................... 42

Section 6 – Manage Compliance ........................................................................................................................................... 44

Objective 6.1 – Install, Configure and Manage VMware vCenter Update Manager ........................................................ 44

Objective 6.2 – Establish and Apply ESX Host Profiles ...................................................................................................... 47

Section 7 – Establish Service Levels ...................................................................................................................................... 49

Page 2 of 85

Objective 7.1 – Create and Configure VMware Clusters .................................................................................................. 49

Objective 7.2 – Enable a Fault Tolerant Virtual Machine ................................................................................................. 54

Objective 7.3 – Create and Configure Resource Pools ..................................................................................................... 57

Objective 7.4 – Migrate Virtual Machines ........................................................................................................................ 60

Objective 7.5 – Backup and Restore Virtual Machines ..................................................................................................... 63

Section 8 – Perform Basic Troubleshooting and Alarm Management .................................................................................. 65

Objective 8.1 – Perform Basic Troubleshooting for ESX/ESXi Hosts ................................................................................. 65

Objective 8.2 – Perform Basic Troubleshooting for VMware FT and Third-Party Clusters............................................... 67

Objective 8.3 – Perform Basic Troubleshooting for Networking ...................................................................................... 69

Objective 8.4 – Perform Basic Troubleshooting for Storage ............................................................................................ 70

Objective 8.5 – Perform Basic Troubleshooting for HA/DRS and VMotion ...................................................................... 71

Objective 8.6 – Create and Respond to vCenter Connectivity Alarms ............................................................................. 74

Objective 8.7 – Create and Respond to vCenter Utilization Alarms ................................................................................. 76

Objective 8.8 – Monitor vSphere ESX/ESXi and Virtual Machine Performance ............................................................... 78

Appendix A – Configuration Maximums ............................................................................................................................... 82

Appendix B – CLI.................................................................................................................................................................... 84

Appendix C – Sources ............................................................................................................................................................ 85

Page 3 of 85

Section 1 – Plan, Install and Upgrade VMware ESX/ESXi

Objective 1.1 -- Install VMware ESX/ESXi on local storage

Identify minimum hardware requirements

o 64-Bit Server (AMD Opteron, Intel Xeon, or Intel Nehalem)

Up to 64 logical CPUs (cores or hyperthreads)

o 2GB RAM; 1TB Max

o 1+ Network Controller (Broadcom NetXtreme 570x & Intel Pro 1000); 10Gb supported

o 1+ SCSI adapter , Fibre Channel adapter, iSCSI adapter, or Internal RAID controller

o 1+ SCSI disk, Fibre Channel LUN, iSCSI disk, or RAID LUN with unpartitioned space

ATA & IDE (ESX only; cannot store VMs), SAS, SATA, SCSI, SANs

ESXi: 5GB disk

Download, prepare and validate installation media

1. Log on using your VMware store account

2. Download the ISO image for ESX from the VMware download page at:

http://www.vmware.com/download

3. Burn the ISO image onto DVD media

Determine appropriate ESX/ESXi configuration in a given situation

o Obtain required information for environment

System compatibility

I/O compatibility (Network and HBA cards)

Storage compatibility

Backup software compatibility

o Verify hardware against the VMware Hardware Compatibility Guide

Web site: http://www.vmware.com/resources/compatibility/search.php

PDF: http://www.vmware.com/resources/compatibility/pdf/vi_systems_guide.pdf

Page 4 of 85

Perform a custom installation

o Customize storage layout for given situations

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#pag

e=61

Choose Advanced Setup

/boot Ext3 1250MB (1.25GB) [Boot Partition]

/ Ext3 5000MB (5GB) [Root Partition]

(none) Swap 600MB [Swap Partition for Service Console]

/var/log Ext3 2000MB (2GB) [Log File Partition]

(none) Vmkcore 100MB [Vmkcore Partition for dump files]

/boot and vmkcore are physical partitions. /, swap, /var/log, and all the optional partitions are

stored on a virtual disk called esxconsole-<system-uuid>/esxconsole.vmdk. The virtual disk is

stored in a VMFS volume.

Note: The service console must be installed on a VMFS datastore that is resident on a host's

local disk or on a SAN disk that is masked and zoned to that particular host only. The name of

the service console file: esxconsole.vmdk Size: 1200MB

Configure ESXi from the direct console

o Boot from DVD or Log into the console and Press F2

Configure ESX/ESXi NTP

o Enter the IP address or host name of an NTP server; Open NTP on the firewall

(esxcfg-firewall -e ntpClient); Enable/Restart the NTP Service

1. Select ESX Host Configuration tab Time Configuration Properties

2. Check NTP Client Enabled

3. Click Options NTP Settings

4. Add NTP Server

5. Check Restart NTP service to apply changes

6. Click OK

Page 5 of 85

Manage ESX/ESXi licensing

o Compare/Contrast VMware vSphere editions

ESXi:

No Service Console (only vCLI access)

Capable of being USB Flash embedded (32MB footprint)

Jumbo Frames is only supported within the guest OS (no iSCSI Jumbo Frames)

No vSphere Web Access

o Manage license keys

http://www.vmware.com/files/pdf/licensing_howto_guide.pdf

License reporting and management are centralized. If you upgrade all your hosts, you no longer

need a license server or host-based license files. All product licenses are encapsulated in 25-

character license keys that you can manage and monitor from vCenter Server. Each host

requires a license, and each vCenter Server instance requires a license. You cannot assign

multiple license keys to a host or to a vCenter Server system. You can license multiple hosts with

one license key if the key has enough capacity for more than one host. Likewise, you can license

multiple vCenter Server instances with one license key if the key has a capacity greater than

one.

Page 6 of 85

Objective 1.2 – Upgrade VMware ESX/ESXi

Plan a VMware vSphere upgrade

o Backup/Restore ESX/ESXi host configuration

vCenter’s Host Profiles

ESX: File-based & Image-based Service Console backup/restore methods

ESXi: vicfg-cfgbackup --server <ESXi-host-ip> --portnumber <port_number> --protocol

<protocol_type> --username < username> --password <password> -s <backup-filename>

Recovery CD / Repair option on the CD

Note: Before you upgrade an ESX host, back up:

/etc/passwd, /etc/groups, /etc/shadow, and /etc/gshadow directories

custom scripts, .vmx files, and local images such as templates, exported virtual machines, and .iso files

o Understand Virtual Machine backup options

Consolidated Backup

Supports File-level and Image-level

Full & Incremental supported

Data Recovery (Linux virtual appliance w/ vSphere Client plug-in)

Supports up to 100 virtual machines and 100 backup jobs

Each selected VM is backed up once every 24-hours

First backup is Full & subsequent backups are Incremental

Each job can have a maximum of 2 destinations

Maximum simultaneous backup and restores tasks: 8

Use back-up agents in your Virtual Machines

o Determine if existing hardware meets upgrade requirements

http://www.vmware.com/files/pdf/vsphere-migration-prerequisites-checklist.pdf

Verify hardware against the VMware Hardware Compatibility List (HCL)

Page 7 of 85

Understand VMware ESX/ESXi upgrade scenarios

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_upgrade_guide.pdf

o Host Update Utility

Graphical utility for standalone hosts. This utility is intended for small deployments with fewer

than 10 ESX/ESXi hosts and without vCenter Server or vCenter Update Manager.

Note: Can only be used to upgrade ESX and perform automated host compatibility checks.

o Update Manager

Robust software for upgrading, updating, and patching clustered hosts, virtual machines, and

guest operating systems.

Perform upgrade to ESX 4.0

o Upgrade VMware ESX/ESXi

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_upgrade_guide.pdf

esxupdate: http://www.vmware.com/pdf/vsphere4/r40/vsp_40_esxupdate.pdf

o Upgrade virtual machine hardware & VMware Tools

http://download3.vmware.com/vsphere/vsphere-migration-part3.html

Upgrade VMware Tools BEFORE upgrading virtual machine hardware; (if not, the VM might lose

its network settings)

You can use the Update Manager (Upgrade Baseline) or a Manual Upgrade process by right-

clicking the VM from with the vSphere client

o Verify success of upgrade

Summary tab of the VM; Test the system to ensure that the update was completed successfully

o Understand upgrade roll back options

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_upgrade_guide.pdf#page=85

ESX:

1. Run the rollback-to-esx3 command in the ESX 4.0 service console

2. Reboot the server

3. Delete the ESX 4.0 service console VMDK folder from the VMFS datastore. The service

console VMDK folder name has the following format: esxconsole-<UUID>.

ESXi:

1. Reboot the host

2. When the page that displays the current boot build appears, press Shift+r to select the

standby build

3. Press Shift+y to confirm the selection and press Enter. The previous update rolls back.

The standby build becomes the boot build.

Page 8 of 85

Objective 1.3 – Secure VMware ESX/ESXi

Identify default security principles

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=163

o ESX uses the Pluggable Authentication Modules (PAM) structure for authentication when users access the ESX host using the vSphere Client. The default installation of ESX uses /etc/passwd authentication as Linux does, but you can configure ESX to use another distributed authentication mechanism.

By default, passwords are set to never expire.

The default minimum number of days between password changes is 0.

The default number of days in advance of password expiration that a reminder is sent is 7.

The minimum password length is set to nine. This means that the user must enter at least eight characters if they use only one character class (lowercase, uppercase, digit, or other). The password length algorithm allows shorter passwords if the user enters a mix of character classes.

Understand Service Console firewall operation

o By default, all incoming connections to the service console port of an ESX server are blocked. A firewall

on the ESX Server checks all incoming traffic and allows only traffic explicitly allowed in the firewall

configuration. The firewall can be configured in two ways, from the command line and from the vCenter

GUI.

o http://www.vmadmin.co.uk/index.php/resources/35-esxserver/51-esxfirewallcmd

o Service Console Security Level

High (default): Incoming ports blocked by default; Outgoing ports blocked by default

Medium: Incoming ports blocked by default; Outgoing ports not blocked by default

Low: Incoming ports not blocked by default; Outgoing ports not blocked by default

o Opening/Closing ports in the firewall using the vSphere Client

Select ESX Host Configuration tab Security Profile Properties

ESX Console (not in Blueprint guide):

Service Enable | Disable: esxcfg-firewall -e <SERVICE NAME> | esxcfg-firewall -d

<SERVICE NAME>

Port Open | Close: esxcfg-firewall -o <PORT>,<PROTOCOL>,<IN|OUT> | esxcfg-

firewall -c <PORT>,<PROTOCOL> ,<IN|OUT>

Set up user/group accounts

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=168

o vSphere Client: Connect to the Host Select the Host Users & Groups tab

o vCenter: Connect to the vCenter Home Administration Roles

Page 9 of 85

Determine applications needed for accessing the service console in a given scenario

o To access the service console there are roughly two options: (1) From the local terminal (monitor, keyboard); (2) Remote using a SSH (Secure Shell) Client. Linux and Mac have a SSH client by default. For Windows, Putty is a favored client for accessing SSH Servers.

Before you can access a VMware ESX server with a remote client you need to explicitly allow access.

Also, an account needs to be created. Remote root access is disabled by default, but can be enabled.

This however is not a best practice!!! The most secure way is to log in as a regular user and use sudo to

execute privileged commands.

Page 10 of 85

Objective 1.4 – Install VMware ESX/ESXi on SAN Storage

Configure LUN Masking

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_san_cfg.pdf#page=83

o LUN Masking is used to hide certain LUNs for the ESX hypervisor. All LUNs presented to the OS are

under normal circumstances visible (assuming the LUNs are presented on the storage array). When

installing ESX on a LUN you want to be sure you only see the partition you want to install ESX on,

otherwise you risk overwriting valuable VMFS partition with VM’s. Hiding LUNs during installation is

typically done on your storage array.

o esxcli corestorage claimrule add -r <claimrule_ID> -t <type> <required_option> -P <MASK_PATH>

Prepare SAN

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_san_cfg.pdf#page=33

o Fibre Channel SAN:

1. Connect the FC and Ethernet cables, referring to any cabling guide that applies to your setup.

2. Configure the storage array:

a) From the SAN storage array, make the ESX host visible to the SAN.

o If you are using VMotion, DRS, or HA, make sure that both source and target

hosts for virtual machines can see the same LUNs with identical LUN IDs.

b) From the SAN storage array, set up the ESX host to have the WWPNs of the host’s FC

adapters as port names or node names.

c) Create LUNs.

d) Assign LUNs.

e) Record the IP addresses of the FC switches and storage arrays.

f) Record the WWPN for each SP and host adapter involved.

3. Configure the HBA BIOS for boot from SAN.

4. Boot your ESX system from the ESX installation CD.

CAUTION! If you use scripted installation to install ESX in boot from SAN mode, you need to

take special steps to avoid unintended data loss.

o iSCSI SAN:

1. Connect network cables, referring to any cabling guide that applies to your setup.

2. Configure the storage system so that the ESX system has access to the assigned LUN. This could

involve updating ACLs with the IP addresses, iSCSI names, and the CHAP authentication

parameter you use on the ESX system. On some storage systems, in addition to providing access

information for the ESX host, you must also explicitly associate the assigned LUN with the host.

3. Ensure that the LUN is presented to the ESX system as LUN 0. The host can also boot from LUN

255. On storage systems that present volumes as multiple targets rather than multiple LUNs,

the volumes are always presented as LUN 0.

4. Ensure that no other system has access to the configured LUN.

5. Record the iSCSI name and IP addresses of the targets assigned to the ESX host.

Page 11 of 85

6. You must have this information to configure your iSCSI HBA.

Configure FC or iSCSI HBA BIOS

o iSCSI HBA Bios

1. During server POST, press Crtl+Q to enter the QLogic iSCSI HBA configuration menu.

2. Select the I/O port to configure.

3. Configure the HBA:

a) From the Fast!UTIL Options menu, select Configuration Settings Host Adapter

Settings.

b) Configure the following settings for your host adapter: initiator IP address, subnet

mask, gateway, initiator iSCSI name, and CHAP (if required).

4. Configure iSCSI Boot Settings:

a) From the Fast!UTIL Options menu, select Configuration Settings iSCSI Boot Settings.

b) Before you can set SendTargets, set Adapter Boot mode to Manual.

c) Select Primary Boot Device Settings.

o Enter the discovery Target IP and Target Port.

o You can leave the Boot LUN and iSCSI Name fields blank if only one iSCSI target

and one LUN are at the specified address to boot from. Otherwise, you must

specify these fields to ensure that you do not boot from a volume for some

other system. After the target storage system is reached, these fields will be

populated after a rescan.

o Save changes

d) From the iSCSI Boot Settings menu, select the primary boot device. An auto rescan of

the HBA is made to find new target LUNS.

e) Select the iSCSI target.

o NOTE: If more than one LUN exists within the target, you can choose a specific

LUN ID by pressing Enter after you locate the iSCSI device.

f) Return to the Primary Boot Device Setting menu. After the rescan, the Boot LUN and

iSCSI Name fields are populated, change the value of Boot LUN to the desired LUN ID.

5. Save your changes and restart the system.

Page 12 of 85

o Enable BIOS

1. Enter the BIOS Fast!UTIL configuration utility:

a) Boot the server

b) While booting the server, press Ctrl+Q

2. Perform the appropriate action depending on the number of HBAs.

3. In the Fast!UTIL Options page, select Configuration Settings and press Enter.

4. In the Configuration Settings page, select Host Adapter Settings and press Enter.

5. Set the BIOS to search for SCSI devices:

a) Set the BIOS to search for SCSI devices.

b) Press Enter to toggle the value to Enabled.

c) Press Esc to exit.

o Select the Boot LUN

1. Use the cursor keys to select the first entry in the list of storage processors.

2. Press Enter to open the Select Fibre Channel Device page.

3. Use the cursor keys to select the chosen SP and press Enter.

a) If the SP has only one LUN attached, it is selected as the boot LUN, and you can skip to

Step 4.

b) If the SP has more than one LUN attached, the Select LUN page opens. Use the arrow

keys to position to the selected LUN and press Enter.

4. Press Esc twice to exit.

5. Press Enter to save the setting.

Install VMware ESX/ESXi

o http://www.howcast.com/videos/187864-VMware-VSphere-ESXi-40-Install-and-Configure-Video

Determine boot LUN size in a given situation

o VMware recommends a partition of minimal 8GB in size for the optional partitions. Best practice is to

set the /var/log to a separate partition.

Page 13 of 85

Objective 1.5 – Identify vSphere Architecture and Solutions

Differentiate VMware platform products and editions

o Datacenter Products

VMware vSphere 4

VMware ESXi

VMware Server

o Management Products

VMware vCenter Server

VMware vCenter Server Heartbeat

VMware vCenter Orchestrator

VMware vCenter Site Recovery Manager

VMware vCenter Lab Manager

VMware vCenter Lifecycle Manager

VMware vCenter Converter

VMware vCenter Chargeback

VMware vCenter ConfigControl

VMware CapacityIQ

VMware vCenter AppSpeed

o Desktop products

VMware View 4

VMware ThinApp

VMware ACE

VMware Workstation

VMware Fusion (Mac)

VMware Player

Understand the various datacenter solutions (View, SRM, Lab Manager, etc.)

o Site Recovery Manager

VMware Site Recovery Manager is a pioneering disaster recovery management and automation solution

for VMware vSphere 4. Site Recovery Manager accelerates recovery by automating the recovery

process and simplifies management of disaster recovery plans by making disaster recovery an integrated

element of managing your VMware virtual infrastructure. Site Recovery Manager also ensures reliable

recovery by eliminating complex manual recovery steps and enabling non-disruptive testing of recovery

plans.

o VMware Server Heartbeat

VMware vCenter Server Heartbeat delivers high availability and disaster recovery for VMware vCenter

Server and all of its components – including the database and licensing server—with failover across the

LAN or WAN. The software supports physical-to-virtual (P2V), physical-to-physical (P2P) and virtual-to-

virtual (V2V) failover, ensuring consistent operation of VMware vSphere when VMware vCenter Server is

threatened by unplanned or planned downtime.

Page 14 of 85

o VMware Lab Manager

vCenter Lab Manager allows IT to provide non-IT users with on-demand access to shared virtual

resources. Application owners, development and testing teams, support and training organizations can

create, deploy and reconfigure multi-tier system configurations in seconds. Self-service management

with policy-based access control reduces administrative burden and infrastructure management costs,

and empowers businesses to deliver new or updated applications rapidly and with greater agility.

VMware vCenter Lab Manager streamlines application development and testing by giving every

engineer the equivalent of his or her own personal datacenter.

o Life Cycle Manager

VMware vCenter Lifecycle Manager provides a service catalog of virtual machine configurations to

automate provisioning tasks and standardize the way virtual machines are requested, deployed and

decommissioned. Lifecycle Manager helps IT administrators deploy virtual infrastructure more broadly,

gain more control and visibility, and optimize resource utilization for greater ROI.

o VMware Converter

VMware Converter reduces the amount of time spent on migrating to a virtual infrastructure by

enabling fast, reliable and non-disruptive conversions from physical to virtual machines, and from older

virtual machines to newer formats.

o VMware View

VMware allows you to use your virtual infrastructure to host desktops. Users can access their virtual

desktops from a wide variety of devices thick, thin or mobile—without any performance degradation.

Explain ESX/ESXi architecture

o http://download3.vmware.com/demos/esxi/VMware_ESXi.html

o VMware ESX(i) is based upon the virtualization concept of separating the operating system (OS) and the

underlying hardware by placing a hypervisor (bare-metal) in between. This hypervisor allows the

installation of multiple OS’s on the same hardware platform. Resources are managed by the hypervisor

and divided over the guest operating systems.

Compare and contrast Bare Metal vs. Hosted architecture

o Host based virtualization installs and runs the virtualization layer as an application on top of an

operating system and supports the broadest range of hardware configurations.

o Bare-Metal (hypervisor) architecture installs the virtualization layer directly on a clean x86 based

system. Because it has direct access to the hardware resources, rather than going through an operating

system, a hypervisor is more efficient and delivers greater scalability, robustness, and performance.

Page 15 of 85

Section 2 – Configure ESX/ESXi Networking

Objective 2.1 – Configure Virtual Switches

Understand Virtual Switch and ESX/ESXi NIC and port maximums

o A Virtual Switch (vSwitch) is a switch that lives on a single ESX host. This Virtual switch is connected to the

physical network as well as to other Virtual Switches via physical Ethernet connections. A vSwitch allows

for many servers (via port groups) and uplinks to be connected. Port groups are the virtual extension of

VLANs. Within a vSwitch you can create a port group with a VLAN ID allowing only the traffic between that

port group and the “physical” VLAN. Note: vSwitches can only perform traffic shaping on outbound traffic.

o Maximums

http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf#page=6

Virtual network switch ports per host (vDS and vSS ports): 4096

Port groups per standard switch: 512

Virtual network switch ports per standard switch: 4088

Standard switches per host: 248

Determine the vSwitch NIC teaming policy in a given situation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=40

o Load Balancing: In a load balanced configuration, multiple NICs are used to handle the traffic from a

vSwitch. Based upon a distribution logic (like port based, MAC based or IP based (the last one requires a

port channel on a physical switch, the others do not require switch configuration)) all traffic is distributed

across the uploads resulting in more usable bandwidth. When a NIC or uplink fails in a load balanced setup,

the remaining NIC handles all the traffic (after some detection and MAC address learning downtime).

o Failover: Used with multiple NICs where only one NIC is active at a given time. When a network error

occurs on the active NIC the secondary NIC can take over. This is used when there is no need for large

bandwidth or the underlying network is not redundant or capable to support redundant uplinks.

Determine the appropriate vSwitch security policies in a given situation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=47

o The virtual switch has the ability to enforce security policies to prevent virtual machines from

impersonating other nodes on the network. There are three components to this feature:

Promiscuous mode: If set to Accept, the guest adapters will detect all frames passed on the

vSwitch that are allowed under the VLAN policy for the port group that the adapters are connected

to (network sniffing). Default Value: Reject

MAC address Changes: If set to Reject and the guest OS changes the MAC address of the adapter to

anything other than what is in the .vmx configuration file, all inbound frames are dropped. Default

Value: Accept

Forged transmit blocking: If set to Reject, any outbound frame with a source MAC address that is

different from the one set on the adapter are dropped. Default Value: Accept

Page 16 of 85

Create/Delete Virtual Switches

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=18

1. Select ESX host

2. Select the Configuration tab

3. Click Networking Add Networking

4. Select Virtual Machine

5. Select the appropriate NICs

6. Enter a Name and optional VLAN ID

Create Ports/Port Groups

1. Select ESX host

2. Select the Configuration tab

3. Click Networking

4. Click Properties next to an existing vSwitch

5. Click Add

6. Select Virtual Machine

7. Enter a Name and optional VLAN ID

Assign Physical Adapters

1. Select ESX host

2. Select the Configuration tab

3. Click Networking

4. Click Properties next to an existing vSwitch

5. Select the Network Adapters tab Click Add

6. Follow the wizard to add an available NIC (one that is not in use by another vSwitch)

Modify vSwitch NIC Teaming and failover policies

1. Select ESX host

2. Select the Configuration tab

3. Click Networking

4. Click Properties next to an existing vSwitch

5. Select the vSwitch Click Edit

6. Select the NIC Teaming tab

7. Adjust the load balancing and / or failover settings

Page 17 of 85

Modify vSwitch security policy and VLAN settings

1. Select the Configuration tab

2. Click Networking

3. Click Properties next to an existing vSwitch

4. Select the vSwitch Click Edit

5. Select the Security tab

6. Adjust the security settings

Configure VMotion

o To configure VMotion, you need to add a VMkernel Port to one of your vSwitches. To add a VMkernel Port,

you can use the Create Port Groups section described earlier. Once the port group is added, you enable

VMotion:

1. Select ESX host

2. Select the Configuration tab

3. Click Networking

4. Click Properties next to an existing vSwitch

5. Select the VMotion port group click Edit

6. Make sure the VMotion checkbox is checked

Page 18 of 85

Objective 2.2 – Configure vNetwork Distributed Switches

Understand ESX Host and port maximums for dvSwitches (Enterprise Plus license only)

o A vNetwork Distributed Switch (dvSwitch) is a virtual switch that spans multiple ESX hosts. Unlike the

previously covered vSwitch (ESX local host switch), a dvSwitch has one configuration for all ESX hosts and

allows for new features like network statistics that VMotion along with the host. dvSwitches are created

and managed by the vCenter server.

Maximums

http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf#page=6

Virtual network switch ports per host (vDS and vSS ports): 4096

Distributed port groups per vCenter: 512

Distributed virtual network switch ports per vCenter: 6000

Distributed switches per vCenter: 16

Hosts per distributed switch: 64

Create/Modify a vNetwork Distributed Switch

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=28

1. Home Inventory Networking

2. Right click the Datacenter and choose New vNetwork Distributed Switch

3. Enter a Name and select the number of dvUplink ports per host

4. Add Hosts and associate the appropriate network adapters

5. Add port group

Create/Modify Uplink Group settings

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=33

Create/Modify dvPort Group settings

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=30

Add an ESX/ESXi Host to a vNetwork Distributed Switch

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=28

Add/Delete a VMkernel dvPort

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=34

Migrate Virtual Machines to a vNetwork Distributed Switch

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=38

o From the Inventory menu, select Distributed Virtual Switch Migrate Virtual Machine Networking

Page 19 of 85

Objective 2.3 – Configure VMware ESX/ESXi Management Network

Modify Service Console IP Settings

o esxcfg-vswif vswif0 -i <IP ADDRESS> -n <SUBNET ADDRESS>

Configure Service Console availability

o You can assign multiple NIC’s to the vSwitch where the Service Console is running on. When wired adequately to different switches, a higher level of availability is achieved for your Service Console.

o The second option is to create a second Service Console, preferable on different virtual and physical network segments. This option is a little more involved, as the second Service Console gateway needs to be configured via the advanced network settings.

Configure DNS and Routing settings for an ESX Host

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=53

1. Select ESX host

2. Select the Configuration tab

3. Click DNS and Routing Properties

4. Click Properties

5. Make changes under the appropriate tabs and reboot the host

Page 20 of 85

Section 3 – Configure ESX/ESXi Storage

Objective 3.1 – Configure FC SAN Storage

Identify FC SAN hardware components

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_san_cfg.pdf#page=15

o Storage Processor (SP): This is the controller that manages the disks, LUNs, and presents LUNs to your ESX hosts. The controller is managed from a web based console or by using a software suite.

o Fibre Channel (FC) Switches: The Storage Processors and the ESX hosts are connected by means of FC switches. Usually zoning is in place on a SAN switches. Zoning is similar to LUN masking, which is commonly used for permission management. LUN masking is a process that makes a LUN available to some hosts and unavailable to other hosts. Usually, LUN masking is performed at the SP or server level.

o Host Bus Adaptor (HBA): Within the ESX host, a HBA is used to connect to the SAN switch. The HBA needs to be supported by VMware and listed on the HCL. Configuration of SAN LUNs is done from the Virtual Center or from the command line of the ESX host.

Identify how ESX Server connections are made to FC SAN storage

o When you have a SAN connection over two fabrics, and your SAN has two storage processors, you have 4 paths to your storage. When transferring data between the host server and storage, the SAN uses a multipathing technique. Multipathing allows you to have more than one physical path from the ESX/ESXi host to a LUN on a storage system. If a path or any component along the path, HBA or NIC, cable, switch or switch port, or storage processor, fails, the server selects another of the available paths. The process of detecting a failed path and switching to another is called path failover.

Describe ESX Server FC SAN storage addressing

o http://searchstoragechannel.techtarget.com/generic/0,295582,sid98_gci1339563,00.html

o Storage processors aggregate physical hard disks into logical volumes, otherwise called LUNs, each with its own LUN number identifier. World Wide Names (WWNs) are attached by the manufacturer to the host bus adapters (HBA). As unique identifiers, Fibre Channel HBAs use WWNs.

Describe the concepts of zoning and LUN masking

o Zoning is the partitioning of a Fibre Channel fabric into smaller subsets to restrict interference, add security, and to simplify management. While a SAN makes available several LUNs, each system connected to the SAN should only be allowed to a controlled subset of the LUNs. Zoning is sometimes confused with LUN masking, because it serves the same goals. LUN masking, however, works on Fibre Channel level 4 (i.e. on SCSI level), while zoning works on level 2. This allows zoning to be implemented on switches, whereas LUN masking is performed on endpoint devices - host adapters or disk array controllers.

o LUN Masking is an authorization process that makes a Logical Unit Number available to some hosts and unavailable to other hosts. Usually, LUN masking is performed at the SP or server level.

Configure LUN masking

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_san_cfg.pdf#page=83

o esxcli corestorage claimrule add -r <claimrule_ID> -t <type> <required_option> -P

<MASK_PATH>

Page 21 of 85

Scan for new LUNs

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_san_cfg.pdf#page=55

1. Select ESX host 2. Select the Configuration tab 3. Click Storage Adapters Rescan

Determine and configure the appropriate multi-pathing policy

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=109

o The VMkernel multipathing plugin that ESX provides by default is the VMware Native Multipathing Plugin (NMP). The NMP is an extensible module that manages subplugins. There are two types of NMP subplugins, Storage Array Type Plugins (SATPs), and Path Selection Plugins (PSPs).

Path Selection Plugins (PSPs) run in conjunction with the VMware NMP and are responsible for choosing a physical path for I/O requests.

Most Recently Used (MRU): Selects the path the ESX host used most recently to access the given device. If this path becomes unavailable, the host switches to an alternative path and continues to use the new path while it is available.

Fixed: Uses the designated preferred path, if it has been configured. Otherwise, it uses the first working path discovered at system boot time. If the host cannot use the preferred path, it selects a random alternative available path. The host automatically reverts back to the preferred path as soon as that path becomes available.

Round Robin (RR): Uses a path selection algorithm that rotates through all available paths enabling load balancing across the paths.

Differentiate between NMP and third-party MPP

o The VMkernel multipathing plugin that ESX provides by default is the VMware Native Multipathing Plugin (NMP). The NMP is an extensible module that manages subplugins. There are two types of NMP subplugins: Storage Array Type Plugins (SATPs) and Path Selection Plugins (PSPs).

Storage Array Type Plugins (SATPs) run in conjunction with the VMware NMP and are responsible for array specific operations. ESX offers an SATP for every type of array that VMware supports. These SATPs include an active/active SATP and active/passive SATP for non-specified storage arrays, and the local SATP for direct-attached storage.

Path Selection Plugins (PSPs) run in conjunction with the VMware NMP and are responsible for choosing a physical path for I/O requests. The VMware NMP assigns a default PSP for every logical device based on the SATP associated with the physical paths for that device. You can override the default PSP.

Page 22 of 85

Objective 3.2 – Configure iSCSI SAN Storage

Identify iSCSI SAN hardware components

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=9

o iSCSI Target: This is the controller of the disk and the device that converts the underlying disk technology (for example SCSI) to iSCSI traffic on a network.

o Switch: The iSCSI target is connected to the network. The iSCSI initiators talk to the iSCSI target over this network layer. A regular Ethernet switch can be used, but a dedicated VLAN, or even better, a dedicated switch with jumbo frame support is recommended. Minimum speed must be gigabit.

o iSCSI initiator: The iSCSI initiator is the ESX host. On a host, a hardware (HBA) or software iSCSI initiator can be installed.

Determine use cases for hardware vs. software iSCSI initiators

o Software iSCSI initiator: The software iSCSI initiator uses code from the VMkernel and requires only regular NIC’s in your ESX host. It’s highly recommended that dedicated NICs be used, but using shared NICs across multiple VLANs is possible. The main benefit of an iSCSI software initiator is it’s already integrated into vSphere and provides the majority of the functionality needed for most environments.

o Hardware iSCSI initiator: The hardware initiator allows for some extra functionality and less of a performance penalty on the system processor than the software initiator because the handling of IP packets is not done on the host processor, but rather on the iSCSI hardware initiator. Also hardware initiators allow a boot from iSCSI SAN setup. Generally only the most demanding setups require a hardware initiator. But in those environments, a fibre channel SAN may be a better solution.

Configure the iSCSI Software Initiator

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=30

o With the software-based iSCSI implementation, you can use standard network adapters to connect your ESX/ESXi host to a remote iSCSI target on the IP network. The software iSCSI initiator that is built into ESX/ESXi facilitates this connection by communicating with the network adapter through the network stack.

o Create a VMkernel port for physical network:

1. Select a ESX host 2. Select the Configuration tab 3. Click Networking Add Networking 4. Select VMkernel 5. Select Create virtual switch 6. Select the NICs 7. Go to Port Group Properties and enter a friendly name under Network label 8. Enter the IP settings

o Enable the software iSCSI initiator:

1. Select a ESX host 2. Select the Configuration tab 3. Select Storage Adaptors 4. Select the iSCSI Initiator Properties 5. Click Enabled

Page 23 of 85

o If needed, enable Jumbo Frames. Jumbo Frames must be enabled for each vSwitch through the vSphere CLI. Also, if you use an ESX host, you must create a VMkernel network interface enabled with Jumbo Frames. (http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=35)

Configure Dynamic/Static Discovery

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=35

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Adaptors

4. Select the iSCSI Initiator Properties

5. Click the Dynamic Discovery or Static Discovery tab and add a server or target

Configure CHAP Authentication

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=37

o ESX supports the following CHAP authentication methods:

One-way CHAP: In one-way, or unidirectional, CHAP authentication, the target authenticates the initiator, but the initiator does not authenticate the target.

Mutual CHAP (software iSCSI only): In mutual, or bidirectional, CHAP authentication, an additional level of security enables the initiator to authenticate the target.

o CHAP Security Levels:

Do not use CHAP

Do not use CHAP unless required by target (software iSCSI only)

Use CHAP unless prohibited by target

Use CHAP (software iSCSI only) (required for Mutual CHAP)

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Adaptors

4. Select the iSCSI Initiator Properties

5. Click CHAP

Configure VMkernel port binding for iSCSI Software multi-pathing

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=32

Discover LUNs

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=60

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Adaptors

4. Click Rescan

Page 24 of 85

Identify iSCSI addressing in the context of the host

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_iscsi_san_cfg.pdf#page=10

o iSCSI Name: Identifies a particular iSCSI element, regardless of its physical location. The iSCSI name can use IQN or EUI format.

o IQN (iSCSI qualified name). Can be up to 255 characters long and has the following format:

iqn.yyyy-mm.naming-authority:unique name (e.g. iqn.1998-01.com.vmware:server015)

yyyy-mm is the year and month when the naming authority was established.

naming-authority is usually reverse syntax of the Internet domain name of the naming authority.

unique name is any name you want to use, for example, the name of your host. The naming authority must make sure that any names assigned, following the colon, are unique.

o EUI (extended unique identifier). Includes the eui. prefix, followed by the 16-character name. The name includes 24 bits for the company name assigned by the IEEE and 40 bits for a unique ID, such as a serial number.

eui.0123456789ABCDEF

o iSCSI Alias: A more manageable, easy-to-remember name to use instead of the iSCSI name. iSCSI aliases are not unique, and are intended to be just a friendly name to associate with the node.

o IP Address: An address associated with each iSCSI element so that routing and switching equipment on the network can establish the connection between different elements, such as the host and storage. This is just like the IP address you assign to a computer to get access to your company's network or the Internet.

Page 25 of 85

Objective 3.3 – Configure NFS Datastores

Identify the NFS hardware components

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=96

o NFS Share / Server, Switch, and VMkernel interface for NFS support

Explain ESX exclusivity for NFS mounts

o When your host accesses a virtual machine disk file on an NFS-based datastore, a .lck-XXX lock file is generated in the same directory where the disk file resides to prevent other hosts from accessing this virtual disk file. Do not remove the .lck-XXX lock file, because without it, the running virtual machine cannot access its virtual disk file.

o Note: Only NFS version 3 over TCP/IP is supported.

Configure ESX/ESXi network connectivity to the NAS device

o For the connectivity to a NFS device you need the same network configuration as you would for iSCSI, a VMkernel interface. To do so:

1. Select a ESX host

2. Select the Configuration tab

3. Select Networking Add Networking

4. Select VMkernel

5. Select Create virtual switch

6. Select the NICs

7. Go to Port Group Properties and enter a friendly name under Network label

8. Enter the IP settings

Create an NFS Datastore

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=98

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Add Storage

4. Select Network File System

5. Fill in Server Name/IP, Folder/Path, Datastore Name

NFS Capabilities (not in Blueprint guide)

o ESX can access a designated NFS volume located on a NAS server, mount the volume, and use it for its storage needs. You can use NFS volumes to store and boot virtual machines in the same way that you use VMFS datastores.

ESX supports the following shared storage capabilities on NFS volumes:

VMotion

VMware DRS and VMware HA

ISO images, which are presented as CD-ROMs to virtual machines

Virtual machine snapshots

Page 26 of 85

Objective 3.4 – Configure and Manage VMFS Datastores

Identify VMFS file system attributes

o http://www.vmware.com/products/vmfs/features.html

Determine the appropriate Datastore location/configuration for given virtual machines

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=69

Determine use cases for multiple VMFS Datastores

o http://www.yellow-bricks.com/2009/06/23/vmfslun-size/

Create/Configure VMFS Datastores

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=95

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Add Storage

4. Select Disk/LUN

5. Select a device to use for your datastore

6. Enter a datastore name

7. If needed, adjust the file system and capacity values

Attach existing Datastore to new ESX host

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Refresh

4. After the refresh, the disk should appear

Manage VMFS Datastores (Group/Unmount/Delete Datastores)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=101

o Note: You can unmount only the following types of datastores: NFS & VMFS datastore copies mounted without resignaturing.

Grow VMFS volumes

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=104

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage

4. Right click the Datastore that you need to increase, and click Properties

5. Click the Increase button and follow the wizard

o Only extents with free space immediately after them are expandable. As a result, rather than adding the new extent, you can grow the existing extent so that it fills the available adjacent capacity. An extent can be grown any number of times, up to 2TB minus 512B.

o You can add a new extent to any existing VMFS datastore. A datastore can have up to 32 extents.

o A VMFS can have a maximum volume size of 64TB minus 16K .

Page 27 of 85

Objective 3.BONUS – Understanding Storage Device Naming

In the vSphere Client, each storage device, or LUN, is identified by several names, including a friendly name, a

UUID, and a runtime name.

o Name: A friendly name that the ESX host assigns to a device based on the storage type and

manufacturer. You can modify the name using the vSphere Client. When you modify the name of the

device on one host, the change takes affect across all hosts that have access to this device.

o Identifier: A universally unique identifier assigned to a device. Depending on the type of storage,

different algorithms are used to create the identifier. The identifier is persistent across reboots and is

the same for all hosts sharing the device.

Example: naa.6090a02830bb6189f8ab9429000010e8

o Runtime Name: The name of the first path to the device. The runtime name is created by the host, is

not a reliable identifier for the device, and is not persistent.

Example: vmhba33:C0:T5:L0

The runtime name has the following format: vmhba#:C#:T#:L#, where

vmhba# is the name of the storage adapter. The name refers to the physical adapter on the

host, not to the SCSI controller used by the virtual machines.

C# is the storage channel number. Software iSCSI initiators use the channel number to show

multiple paths to the same target.

T# is the target number. Target numbering is decided by the host and might change if there is a

change in the mappings of targets visible to the host. Targets that are shared by different ESX

hosts might not have the same target number.

L# is the LUN number that shows the position of the LUN within the target. The LUN number is

provided by the storage system. If a target has only one LUN, the LUN number is always zero (0).

Page 28 of 85

Section 4 – Install and Configure vCenter Server

Objective 4.1 – Install vCenter Server

Identify hardware requirements

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=14

o vCenter Server: Minimum: 2 CPUs, 2GHz Processor, 3GB RAM, 2GB Disk Space

When you have up to 200 hosts, you can use a 32-bit Windows operating system, but a 64-bit Windows operating system is preferred. When you have 200-300 hosts, a 64-bit Windows operating system is required.

Up to 50 hosts and 250 Powered-On VMs: o 2 CPUs 4 GB RAM 3GB Disk Space

Up to 200 hosts and 2000 Powered-On VMs: o 4 CPUs 4 GB RAM 3GB Disk Space

Up to 300 hosts and 3000 Powered-On VMs: o 4 CPUs 8 GB RAM 3GB Disk Space 64-bit OS

TCP Ports: 80 (http), 443 (https), 389 (LDAP for DS), 636 (SSL for DS)

UDP Ports: 902 (ESX heartbeat)

Note: Server name should not exceed 15 characters

o vSphere Client: Minimum: 1 CPU, 266MHz Processor, 200MB RAM, 1GB Disk Space

Connects to vCenter Server via port 443; Connects to VM consoles via 902 & 903

Understand configuration maximums

o http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf#page=7

Hosts (32‐bit OS server): 200

Powered‐on virtual machines (32‐bit OS server): 2000

Registered virtual machines (32‐bit OS server): 3000

Concurrent vSphere client connections (32‐bit OS server): 15

Hosts (64‐bit OS server): 300

Powered‐on virtual machines (64‐bit OS server): 3000

Registered virtual machines (64‐bit OS server): 4500

Concurrent vSphere client connections (64‐bit OS server): 30

Hosts per datacenter: 100

Linked vCenter Server systems: 10

Concurrent Storage VMotion operations per host: 2

Concurrent Storage VMotion operations per datastore: 4

Concurrent provisioning operations per host & per datastore: 8

Concurrent operations per vCenter Server: 96

Determine availability requirements for a vCenter server in a given situation

o Linked vCenter Server systems

o Running vCenter, or a copy thereof, on a Virtual Machine within the HA Cluster

Page 29 of 85

Determine appropriate vCenter Server edition

o http://www.vmware.com/files/pdf/vsphere_pricing.pdf#page=8

o VMware vCenter Server Standard provides large scale management of vSphere deployments for rapid provisioning, monitoring, orchestration and control of virtual machines. Includes VMware vCenter Orchestrator & VMware vCenter Server Linked Mode

o VMware vCenter Server Foundation provides powerful management tools for smaller environments (up to three vSphere hosts) looking to rapidly provision, monitor and control virtual machines.

o VMware vCenter Server for Essentials integrated into the vSphere Essentials and Essentials Plus editions for small office deployments.

Determine database size requirements

1. Go to Administration vCenter Server Settings

2. Click Statistics

3. Choose a Interval Duration and click Edit

a. When you click Edit, you can change the interval, sample duration, and level. There are four

levels. Level 1 is the lowest and 4 is the highest. Level 4 logs nearly everything on the host. The

higher the level, the larger the database will be.

Prepare/Configure vCenter Server database

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=71

o Databases Supported: Microsoft SQL Server (2005, 2008), Oracle (10g, 11g), DB2 (9, C) [in vSphere U1]

http://www.vmware.com/pdf/vsphere4/r40/vsp_compatibility_matrix.pdf#page=11

o Each vCenter Server instance must have its own database. vCenter Server instances cannot share the same database schema. Multiple vCenter Server databases can reside on the same database server, or they can be separated across multiple database servers.

o For Oracle, which has the concept of schema objects, you can run multiple vCenter Server instances in a single database server if you have a different schema owner for each vCenter Server instance, or use a dedicated Oracle database server for each vCenter Server instance.

o Even though vCenter Server is supported on 64-bit operating systems, the vCenter Server system must have a 32-bit DSN. This requirement applies to all supported databases. By default, any DSN created on a 64-bit system is 64 bit.

o For Microsoft SQL Server database servers, install the 64-bit database ODBC drivers on your Microsoft Windows system. When you install the 64-bit drivers, the 32-bit drivers are installed automatically.

Install vCenter Server using downloaded installer

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=99

o VMware allows you to download the vCenter installation media as an EXE file or an ISO file. The ISO file can be mounted or burned to DVD. The EXE file can run directly on an OS but has to be copied there.

Page 30 of 85

Install additional modules

o vCenter Guided Consolidation: http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=115

vCenter Guided Consolidation enables you to migrate from physical servers to virtual infrastructure using a wizard that identifies physical servers for consolidation, converts them to virtual machines, and places them onto ESX/ESXi hosts.

o vCenter Update Manager: http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=116

Using vCenter Update Manager, you can orchestrate steps of an upgrade process sequentially, based on compliance baselines at the host, virtual machine, and datastore level.

ESX host upgrade per cluster: 1

ESX host remediation per VUM server: 8

Virtual machine remediation per ESX host: 5

o vCenter Converter: http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=117

Using vCenter Update Manager, you can orchestrate steps of an upgrade process sequentially, based on compliance baselines at the host, virtual machine, and datastore level.

Concurrent import/export tasks (assumes no load on vCenter Server system): 16

Determine use case for vCenter Linked Mode Groups

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_vc_installation_guide.pdf#page=107

o Availability

When you link vCenter servers, each server can manage the entire infrastructure.

o Configuration Maximums

The number of ESX hosts, VMs, and users per vCenter server is limited. When running into those limits, you can add additional vCenter servers in Linked Mode. You can link a maximum of 10 vCenter servers.

o Note: The vCenter Server instances in a Linked Mode group can be in different domains if the domains have a two-way trust relationship. Each domain must trust the other domains on which vCenter Server instances are installed.

o Join/Remove Option:

Join this vCenter Server instance to an existing linked mode group or another instance

Isolate this vCenter Server instance from linked mode group

Page 31 of 85

Objective 4.2 – Manage vSphere Client plug-ins

Identify available plug-ins

o vCenter Guided Consolidation o vCenter Update Manager o vCenter Converter o vCenter Storage Monitor (default) o vCenter Hardware status (default) o vCenter Service Status (default)

Determine required plug-ins for a given application

o -

Ensure permissions to install plug-ins

o Admin rights to the server and vCenter

Enable plug-ins after installation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=43

1. Go to Plug-ins Manage Plug-ins

2. Right click the plug-in under Available Plug-ins and choose Enable

Page 32 of 85

Objective 4.3 – Configure vCenter Server

Identify the vCenter Server managed ESX Hosts and Virtual Machine maximums

o ESX: http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf#page=3

ESX hosts on 32-bit vSphere: 200

VMs on 32-bit vSphere (powered on / registered): 2000 / 3000

ESX hosts on 64-bit vSphere: 300

VMs on 64-bit vSphere (powered on / registered): 3000 / 4500

Linked vCenter Servers: 10

Concurrent vSphere Clients (32 / 64 bit): 15 / 30

ESX hosts per datacenter: 100

Concurrent Storage VMotions (Host / Datastore): 2 / 4

Concurrent operations per vCenter: 96

o VM: http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf

CPUs (Virtual SMP): 8

RAM: 255GB

Swap file size: 255GB

SCSI adapters: 4

SCSI targets per SCSI adapter: 15

SCSI targets: 60

Disk size: 2TB minus 512B

NICs: 10

Concurrent remote console connections to a virtual machine: 40

Join ESX/ESXi Hosts to vCenter Server

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=76

1. Right click the Cluster or Datacenter and select Add Host

2. Enter the managed host connection settings

3. (Optional – ESXi Only) Select Enable Lockdown Mode to disable remote access for the administrator

account after vCenter Server takes control of this host.

4. Confirm the Host Summary information

5. Select whether to assign a new or existing license key to the host

6. Specify what should happen to the resource pools on the host

Configure Guest OS Customization

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=175

o Home Management Customization Specification Manager

Page 33 of 85

Use Datacenters and Folders to organize the environment

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=72

o Datacenters can represent physical or logical datacenters in your IT environment. Please note that you cannot use VMotion to live migrate VMs from one Datacenter to another. For both folders and datacenters, it is possible to set user rights to allow or disallow certain user actions.

Configure/Use Scheduled Tasks

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=283

o Home Management Scheduled Tasks

o Note: The vSphere Client must be connected to a vCenter Server system to schedule tasks.

o Note: After a scheduled task is created, it will be performed even if the user no longer has permission to perform the task.

Configure/Use Resource Maps

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=231

Use Storage Reports/Storage Maps

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=227

o Reports and Maps are updated every 30 minutes

View/Manage Events

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=289

o Home Management Events

Configure vCenter Server settings

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=46

o Administration vCenter Server Settings

Configure vSphere Client settings

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=38

o Edit Client Settings

Page 34 of 85

Objective 4.4 – Configure Access Control

Create/Modify user permissions in vCenter

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=211

o Roles: Home Administration Roles

o User Permissions: <Select Object> Permissions tab

o The vpxuser user is a vCenter Server entity with root rights on the ESX/ESXi host, allowing it to manage activities for that host. The vpxuser is created at the time that an ESX/ESXi host is attached to vCenter Server. It is not present on the ESX host unless the host is being managed through vCenter Server.

Create/Modify user permissions in ESX Server

o The privileges and roles assigned on an ESX/ESXi host are separate from the privileges and roles assigned on a vCenter Server system. When you manage a host using vCenter Server, only the privileges and roles assigned through the vCenter Server system are available. If you connect directly to the host using the vSphere Client, only the privileges and roles assigned directly on the host are available.

o To edit local users and groups on an ESX host, connect directly to the ESX host instead of connecting to the vCenter server.

Restrict access to vCenter inventory objects

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=222

1. Select an Object (e.g. VM, Datacenter, Host, Folder)

2. Select the Permissions tab

3. Right click and select Add

4. Select the role you would like to assign in the right pane

5. Select the local or AD user / user group you would like to assign

6. (Optionally) Deselect the Propagate to Child Objects check box if you need user rights only on the object

and not on child objects

o VMware recommends several best practices for creating users and groups in your vSphere environment:

Use vCenter Server to centralize access control, rather than defining users and groups on individual hosts.

Choose a local Windows user or group to have the Administrator role in vCenter Server.

Create new groups for vCenter Server users. Avoid using Windows built-in groups or other existing groups.

Define vCenter predefined roles and their privileges

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=214

o No Access, Read Only, Administrator, Virtual Machine Administrator, Virtual Machine Power User,

Virtual Machine User, Resource Pool Administrator, VMware Consolidated Backup User,

Datastore Consumer, Network Consumer, Datacenter Administrator

Create/Clone Edit roles

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=215

o Roles: Home Administration Roles

Page 35 of 85

Assign roles to users and groups

1. Select an Object (e.g. VM, Datacenter, Host, Folder)

2. Select the Permissions tab

3. Right click and select Add

4. Select the role you would like to assign in the right pane

5. Select the local or AD user / user group you would like to assign

Describe how privileges propagate

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=218

o When you assign a permission to an object, you can choose whether the permission propagates down the object hierarchy. Propagation is set per permission, not universally applied. Permissions defined for a child object always override those propagated from parent objects. To disable propagation, uncheck the checkbox Propagate to Child Objects when assigning permissions.

Understand permissions as applied to user and group combinations

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=220

o Permissions assigned directly to an individual user override permissions assigned to a group that the user is a member of.

Page 36 of 85

Section 5 – Deploy and Manage Virtual Machines and vApps

Objective 5.1 – Create and Deploy Virtual Machines

Understand virtual machine hardware maximums

o http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf

CPU: 8

RAM: 255GB

SCSI Adapters: 4

SCSI Targets per Adapter: 15

SCSI Targets per VM: 60

Disk size: 2TB minus 512B

IDE Controllers: 1

IDE Devices: 4

Virtual NICs: 10

Parallel Ports: 3

Serial Ports: 4

VMDirectPath PCI / PCIe Devices: 2

VMDirectPath SCSI Targets: 60

Create a virtual machine

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=114

o Determine appropriate SCSI adapter

BusLogic Parallel is for older guest operating systems.

LSI Logic Parallel is the default adaptor when a VM is created (for most OSs)

LSI Logic SAS is available only for virtual machines with hardware version 7. Disks with

snapshots might not experience performance gains when used on LSI Logic SAS and LSI Logic

Parallel adapters.

VMware Paravirtual (Paravirtual SCSI (PVSCSI)) adapters are high-performance storage adapters

that can result in greater throughput and lower CPU utilization. Paravirtual SCSI adapters are

best suited for high performance storage environments. Paravirtual SCSI adapters are not

suited for Direct-attached storage (DAS) environments. VMware recommends that you create a

primary adapter (LSI Logic by default) for use with a disk that will host the system software

(boot disk) and a separate PVSCSI adapter for the disk that will store user data, such as a

database. PVSCSI does not support FT, Record/Replay, and MSCS Clustering. Boot disks are

supported in vSphere U1

Page 37 of 85

o Determine Virtual Disk type

VMDK (New or Existing) (Thin Provisioned Format or Thick Format)

Raw Device Mapping (Virtual or Physical Mode)

Virtual: Allows the RDM to behave as if it were a virtual disk, so you can use such

features as snapshotting, cloning, and so on.

Physical: Allows the guest operating system to access the hardware directly. Physical

compatibility is useful if you are using SAN-aware applications on the virtual machine.

However, a virtual machine with a physical compatibility RDM cannot be cloned, made

into a template, or migrated if the migration involves copying the disk.

o Install/Upgrade/Configure VMware Tools

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=122

1. Right click a VM in the vCenter client

2. Select Guest Install/Upgrade VMware Tools

3. Select either Interactive Tools Installation or Automatic Tools Upgrade

Create/Convert templates

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=167

o Right click the VM and choose Template Clone to Template (can be done when VM is powered on) or

Convert to Template (only available when VM is off, VM will be converted to template.).

Customize Windows/Linux virtual machines

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=176

Manage Customization Specifications

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=181

1. View Management Customization Specifications Manager

2. In the Customization Specification Manager, right-click a specification and select Edit.

3. Proceed through the Guest Customization wizard to change specification setting.

o vCenter Server saves the customized configuration parameters in the vCenter Server database. If the

customization settings are saved, the administrator, and domain administrator passwords are stored in

encrypted format in the database. Because the certificate used to encrypt the passwords is unique to

each vCenter Server system, reinstalling vCenter Server, or attaching a new instance of the server the

database, invalidates the encrypted passwords. The passwords must be re-entered before they can be

used.

o You can export customization specifications and save them as .xml files. To apply an exported

specification to a virtual machine, import the .xml file using the Customization Specification Manager.

Deploy a virtual machine from a template

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=170

Page 38 of 85

Deploy a virtual machine using VMware vCenter Converter Enterprise

o Perform Hot Clone: http://www.vmware.com/pdf/vsp_vcc_41_admin_guide.pdf#page=11

o Perform Cold Clone: http://www.vmware.com/pdf/vsp_vcc_41_admin_guide.pdf#page=13

o Perform System Reconfiguration:

http://www.vmware.com/pdf/vsp_vcc_41_admin_guide.pdf#page=18

o During the conversion process, physical disks are typically resized to conserve space on the datastore

while providing room for growth on the resultant virtual disk. The following formula is used to resize

converted disks: amount of space used on physical disk * 1.25 = resultant virtual disk size. Virtual disks

are set to a size of 4GB or larger.

o Cloning Modes:

Disk-Based Cloning: vCenter Converter supports disk-based cloning for cold cloning and for

importing existing virtual machines. Disk-based cloning transfers all sectors from all disks, and

preserves all volume metadata. The destination virtual machine receives the same volumes of

the same type as the volumes of the source virtual machine. Disk-based cloning supports all

basic and dynamic disks.

Volume-Based Cloning: vCenter Converter supports volume-based cloning for hot and cold

cloning and for importing existing virtual machines. In volume-based cloning, all volumes in the

destination virtual machine are basic volumes, regardless of the type in the corresponding

source volume. Volume-based cloning is performed at the file level or block level, depending on

your size selections. (If size is smaller than original volume, File Level is used. If size is the same

or larger, Block Level is used.)

Deploy a virtual machine using Guided Consolidation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=87

o Process:

Find: You search for and select the physical systems in your datacenter that you want analyzed.

Analyze: Selected physical systems are analyzed and performance data on each selected system

is collected. Generally, the longer the duration of the analysis phase, the higher the confidence

in the vCenter Server’s recommendations. To ensure a high level of confidence in a

recommendation, allow the duration of the analysis phase to encompass an amount of time that

includes representative peaks and troughs in the systems’ workload. Up to 100 systems can be

simultaneously analyzed. Analysis can run up to 1 month.

Consolidate: Performance data is compared to the resources available on the virtual machine

host systems. The selected physical systems are converted to virtual machines and imported

into vCenter Server on the recommended hosts where they are managed along with other

components of your virtual environment.

Page 39 of 85

o One important metric displayed in the Analysis tab is the Confidence metric. During the analysis phase,

performance data about each selected system is collected. This data is used to find a host with

resources that match the collected data to determine a recommendation for each candidate. The

recommendation indicates how well suited, based on the collected data, a candidate is to a particular

virtual machine host system. Confidence refers to the reliability of the recommendation and it is a

function of the duration of the analysis. Recommendations based on longer periods of analysis – and

therefore more performance data – receive a higher level of confidence.

Clone a virtual machine

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=172

Import a virtual machine from a file/folder

o http://www.vmware.com/pdf/vsp_vcc_41_admin_guide.pdf#page=40

1. Select ESX Host

2. Set the Configuration tab

3. Select Storage

4. Right click a Datastore and select Browse Datastore

5. Right click the VMX file and select Add to Inventory

Page 40 of 85

Objective 5.2 – Manage Virtual Machines

Configure/Modify virtual machines

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=142

o You can configure virtual machines using two tools in the vSphere Client: the Virtual Machine Properties

editor and the Add Hardware wizard. These dialog boxes also allow you to control advanced virtual

machine configuration options. You can also upgrade the virtual hardware of a virtual machine or

convert virtual disks from thin to thick using these dialog boxes.

o Add/Hot Add virtual machine hardware

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=157

1. Right click a VM and select Edit Settings

2. Click the Add button to add additional hardware

It is possible to add / modify certain aspects / remove some types of hardware while the VM is

running. This is called Hot Add. The limitations depend of the type of guest OS you are using.

You can Hot Add the following types of hardware:

USB Controller

Ethernet Adaptor

Hard Disk

SCSI Device

o Grow virtual machine disks

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=145

o Determine appropriate disk format

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=118

Thin Provisioned: Use the thin format to save storage space. The thin virtual disk starts small

and at first, uses just as much storage space as it needs for its initial operations. When the

virtual disk requires more space, it can grow to its maximum capacity and occupy the entire

datastore space originally provisioned to it.

Thick: Allocate a fixed amount of storage space to the virtual disk. The virtual disk in the thick

format does not change its size and from the very beginning occupies the entire datastore space

provisioned to it.

You can convert a thin provisioned disk to thick. After having been converted, the virtual disk

grows to its full capacity and occupies the entire datastore space provisioned to it during the

disk’s creation.

Connect virtual machines to devices

o http://www.vmware.com/pdf/vsp_4_vmdirectpath_host.pdf

o vSphere allows you to connect a physical device directly to a VM via VMDirectPath. This allows a VM to

directly access this device for optimal performance and compatibility. The PCI Device has to be on the

HCL. You can assign a PCI Device to either the VMkernel or as a pass through device, but not both.

Page 41 of 85

Configure virtual machine options (Options tab)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=149

General Options: Change the virtual machine name and guest operating system settings in the

General Options in the Virtual Machine Properties dialog box.

Advanced Options: The virtual machine options define a range of virtual machine properties

such as name, vApp functionality, its behavior with the guest operating system and VMware

Tools, and other Advanced options.

Power Management Options: Power Management allows you to determine how the virtual

machine responds when the guest operating system is placed on standby.

VMware Tools Options: You can change the power controls, the time VMware Tools scripts

run, the upgrade check option, and the time synchronization option with the VMware Tools

settings for a virtual machine.

Configure appropriate virtual machine resource settings (Resources tab)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=154

o In the Virtual Machine Properties dialog box, you can adjust the host resource allocation for the selected

virtual machine. You can change CPU, memory, disk, and advanced CPU resources.

Page 42 of 85

Objective 5.3 – Deploy vApps

Determine whether a vApp is appropriate for a given situation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=103

o A vApp is a container, like a resource pool, and can contain one or more virtual machines. In addition, a

vApp also shares some functionality with virtual machines. A vApp can power on and power off, and can

also be cloned. vApps can be created on folders, hosts, resource pools, DRS-enabled clusters, and within

other vApps.

o The vApp metadata resides in the vCenter Server's database, so a vApp can be distributed across

multiple ESX/ESXi hosts. This information can be lost if the vCenter Server database is cleared or if a

standalone ESX/ESXi host that contains a vApp is removed from vCenter Server. You should back up

vApps to an OVF package in order to avoid losing any metadata.

Define Open Virtual Machine Format (OVF)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=99

o OVF is a file format that allows for exchange of virtual appliances across products and platforms. OVF

files are compressed, allowing for faster downloads. The vSphere Client validates an OVF file before

importing it, and ensures that it is compatible with the intended destination server. If the appliance is

incompatible with the selected host, it cannot be imported and an error message appears. You can

deploy an OVF template from a local file system accessible to the vSphere Client machine, or from a web

URL.

Import/Export a Virtual Appliance

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=99

o Import: File Deploy OVF Template

o Export: File Export Export OVF Template

Build a vApp

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=104

o Right click on a Cluster and select New vApp

-or- File New vApp

Create/Add virtual machines to a vApp

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=105

o You can create new, or drag and drop an existing VM

Edit vApp Properties

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=106

o Right click a vApp and select Edit Settings

Export vApps

o File Export Export OVF Template

Page 43 of 85

Clone a vApp

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=111

o Right click a vApp and select Clone (the vApp has to be shut down for this option to be selectable)

-or- Inventory vApp Clone

Page 44 of 85

Section 6 – Manage Compliance

Objective 6.1 – Install, Configure and Manage VMware vCenter Update Manager

Determine installation requirements and database sizing

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=21

o http://www.vmware.com/support/vsphere4/doc/vsp_vum_40_sizing_estimator.xls

Windows XP SP2, Sever 2003 or Server 2008

MS SQL or Oracle (dedicated DB recommended)

Two or more logical cores, each with a speed of 2GHz

2GB RAM. When VUM is installer on the same server as vCenter Server a minimum of 4GB of

RAM is needed.

Preferably a Gigabit connection, but 10/100Mb will suffice

o TCP Ports: 8084 (SOAP), 9084 (patch store), 9087

o If your deployment system is relatively small one containing up to 5 hosts and 50 virtual machines, you

can use a SQL Server 2005 Express database, which you can install during the Update Manager

installation.

Install Update Manager Server and Client components

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=27

o You can install the Update Manager server component on the same computer as vCenter Server or on a

different computer. After you install the Update Manager server component, to use Update Manager,

you must install the Update Manager Client plug-in and enable it on the vSphere Client.

Configure update manager settings

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=41

o Home Solutions and Applications Update Manager Configuration tab

Configure patch download options

o <See Previous Section>

Create baselines

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=51

o Home Solutions and Applications Update Manager Baselines and Groups tab

o Baselines contain a collection of one or more patches, service packs and bug fixes, or upgrades. Baseline

groups are assembled from existing baselines and might contain one upgrade baseline per type and one

or more patch baselines or a combination of multiple patch baselines. When you scan hosts, virtual

machines, and virtual appliances, you evaluate them against baselines and baseline groups to determine

their level of compliance.

Page 45 of 85

Attach baselines to vCenter inventory objects

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=61

o Select Object Update Manager tab Click Attach

o Although you can attach baselines and baseline groups to individual objects, it is more efficient to attach

them to container objects, such as folders, hosts, clusters, and datacenters. Attaching a baseline to a

container object transitively attaches the baseline to all objects in the container.

Scan ESX hosts and virtual machines

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=67

o ESX: Home Inventory Hosts and Clusters Right click a Host or Datacenter Scan for Updates

Select the types of updates to scan for Scan

o VM: Home Inventory VMs and Templates Right click a VM, Appliance, Datacenter, or Folder

Scan for Updates Select the types of updates to scan for Scan

o You can configure Update Manager to scan virtual machines, virtual appliances, and ESX/ESXi hosts by

manually initiating or scheduling scans to generate compliance information.

Remediate ESX hosts and virtual machines

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=73

o ESX: Home Inventory Hosts and Clusters Right click an Object Remediate Select the

Baselines and Baseline Group to apply Select the Hosts <options> Finish

o VM: Home Inventory VMs and Templates Right click an Object Remediate Select the

Baselines and Baseline Group to apply Select the VMs <options> Finish

o You can remediate virtual machines, virtual appliances, and hosts using either user-initiated remediation

or regularly scheduled remediation. You can remediate virtual machines and appliances together.

o For ESX/ESXi hosts in a cluster, the remediation process is sequential. When you remediate a cluster of

hosts and one of the hosts fails to enter maintenance mode, Update Manager reports an error and the

process stops and fails. The hosts in the cluster that are remediated stay at the updated level. The ones

that were to be remediated after the failed host are not updated.

o For multiple clusters under a datacenter, the remediation processes run in parallel. If the remediation

process fails for one of the clusters within a datacenter, the remaining clusters are still remediated.

Stage ESX/ESXi Host updates

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=76

o Home Inventory Hosts and Clusters Right click a Host, Datacenter, or Cluster Stage Patches

Select the path Baseline to stage Select the Hosts <options> Finish

o Staging patches for ESX/ESXi hosts allows you to download the patches from the Update Manager server

to the ESX/ESXi hosts, without applying the patches immediately. Staging patches speeds up the

remediation process because the patches are already available locally on the hosts. All staged patches,

whether installed or not during a remediation, are deleted from the host after remediation completes.

Page 46 of 85

Analyze compliance information from a scan

o http://www.vmware.com/pdf/vsp_vum_40_admin_guide.pdf#page=69

o Update Manager scans objects to determine how they comply with baselines and baseline groups you

attach. You can review compliance by examining results for a single virtual machine, virtual appliance,

template, or ESX/ESXi host or for a group of virtual machines or hosts.

Page 47 of 85

Objective 6.2 – Establish and Apply ESX Host Profiles

Create/Delete Host Profiles (Enterprise Plus license only)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=207

o Home Management Host Profiles Click Create Profile

o Host profiles eliminates per-host, manual, or UI-based host configuration and maintain configuration

consistency and correctness across the datacenter by using host profile policies. These policies capture

the blueprint of a known, validated reference host configuration and use this to configure networking,

storage, security, and other settings on multiple hosts or clusters. You can then check a host or cluster

against a profile’s configuration for any deviations.

Import/Export Host Profiles

o You can import/export a profile from/to a file that is in the VMware profile format (.vpf).

o Import: Click the Create Profile Select the option to Import a profile

o Export: Select the Profile from the profile list Right-click the profile and select Export Profile

Edit Host Profile Policies

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=210

o Select the Profile from the profile list Click Edit Host Profile

o Select the Profile from the profile list Click Profile Editor

o A policy describes how a specific configuration setting should be applied. The Profile Editor allows you

to edit policies belonging to a specific host profile. You can view and edit host profile policies, select a

policy to be checked for compliance, and change the policy name or description.

Associate an ESX host with a host profile

o Host Profiles main view, select the Profile Click Attach Host/Cluster

o Profiles can also be attached to a cluster. In order to be compliant, all hosts within an attached cluster

must be configured according to the profile.

Check for Compliance

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=214

o Home Inventory Hosts and Clusters Right-click the Host and select Host Profile Check

Compliance

o -or- From the Host Profiles list, select the Profile Hosts and Clusters tab Select the Host or Cluster

Click Check Compliance Now

o After a host or cluster is configured with the reference host profile, a manual change, for example, can

occur, making the configuration incorrect. Checking compliance on a regular basis ensures that the host

or cluster continues to be correctly configured.

Page 48 of 85

Apply Host Profiles

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=212

o Note: The host must be in maintenance mode before a profile is applied to it.

o Home Inventory Hosts and Clusters Right-click the Host and select Host Profile Apply Profile

o -or- From the Host Profiles list, select the Profile Hosts and Clusters tab Click Apply Profile

Analyze configuration compliance information from a scan

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=214

Page 49 of 85

Section 7 – Establish Service Levels

Objective 7.1 – Create and Configure VMware Clusters

Create new cluster

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=19

1. Home Inventory Hosts and Clusters

2. Right-click a Datacenter and select New Cluster

3. Complete the New Cluster wizard

o All virtual machines and their configuration files must reside on shared storage. So that you can power

on the virtual machines using different hosts in the cluster, the hosts must be configured to access that

shared storage.

o Each host in a VMware HA cluster must have a host name assigned and a static IP address associated

with each of the virtual NICs. Hosts must be configured to have access to the virtual machine network.

VMware recommends redundant network connections for VMware HA.

For ESX, set up redundant service console networking.

For ESXi, set up redundant VMkernel networking.

Add ESX/ESXi hosts to a cluster

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=76

o Right-click on a Cluster Select Add Host

Configure High Availability basic/advanced settings

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=21

o Right-click a Cluster Select Edit Settings Click VMware HA

o If Enable Host Monitoring is selected, each ESX/ESXi host in the cluster is checked to ensure it is

running. If a host failure occurs, virtual machines are restarted on another host. Host Monitoring is also

required for the VMware Fault Tolerance recovery process to work properly.

If you need to perform network maintenance that might trigger host isolation responses,

VMware recommends that you first suspend VMware HA by disabling Host Monitoring. After

the maintenance is complete, reenable Host Monitoring.

o Admission Control can either allow or prevent VMs from being powered on if they violate availability

constraints. VMware HA provides 3 policies for enforcing admission control, if it is enabled:

Host failures cluster tolerates

Percentage of cluster resources reserved as failover spare capacity

Specify a failover host

Page 50 of 85

Enable/Configure VM Monitoring

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=23

o Right-click a Cluster Select Edit Settings VMware HA Click VM Monitoring

o After failures are detected, VMware HA resets virtual machines. This helps ensure that services remain

available. To avoid resetting virtual machines repeatedly for nontransient errors, by default virtual

machines will be reset only three times during a certain configurable time interval. After virtual

machines have been reset three times, VMware HA makes no further attempts to reset the virtual

machines after any subsequent failures until after the specified time has elapsed. You can configure the

number of resets using the Maximum per-VM resets custom setting.

o Occasionally, virtual machines that are still functioning properly stop sending heartbeats. To avoid

unnecessarily resetting such virtual machines, the VM Monitoring service also monitors a virtual

machine's I/O activity. If no heartbeats are received within the failure interval, the I/O stats interval (a

cluster-level attribute) is checked. The I/O stats interval determines if any disk or network activity has

occurred for the virtual machine during the previous two minutes (120 seconds). If not, the virtual

machine is reset. This default value (120 seconds) can be changed using the advanced attribute

das.iostatsInterval.

o You can configure the level of monitoring sensitivity. Highly sensitive monitoring results in a more rapid

conclusion that a failure has occurred. Low sensitivity monitoring results in longer interruptions in

service between actual failures and virtual machines being reset. Select an option that is an effective

compromise for your needs:

High Failure Interval: 30 seconds Reset Period: 1 hour

Medium Failure Interval: 60 seconds Reset Period: 24 hours

Low Failure Interval: 120 seconds Reset Period: 7 days

Configure Distributed Resource Scheduler basic/advanced settings (DRS)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=43

o Right-click a Cluster Select Edit Settings Click VMware DRS

o Automation Level: Whether the host power state and migration recommendations generated by

VMware DPM are executed automatically or not depends upon the power management automation

level selected for the feature. Options are: Manual, Partially Automated, Fully Automated:

Manual: vCenter will suggest migration recommendations for virtual machines.

Partially Automated: Virtual machines will be automatically placed onto hosts at power on and

vCenter will suggest migration recommendations for virtual machines.

Fully Automated: Virtual machines will be automatically placed onto hosts at power on, and

will be automatically migrated from one host to another to optimize resource usage.

Page 51 of 85

o Rules: You can control the placement of virtual machines on hosts within a cluster, by using DRS affinity

and antiaffinity rules. If two rules conflict, the older one will take precedence, and the newer rule is

disabled.

An affinity rule specifies that two or more virtual machines be placed on the same host.

An antiaffinity rule is limited to two virtual machines, and it requires that these two virtual

machines not be placed on the same host.

o Power Management: The VMware Distributed Power Management (DPM) feature allows a DRS cluster

to reduce its power consumption by powering hosts on and off based on cluster resource utilization.

VMware DPM monitors the cumulative demand of all virtual machines in the cluster for memory and

CPU resources and compares this to the total available resource capacity of all hosts in the cluster. If

sufficient excess capacity is found, VMware DPM places one or more hosts in standby mode and powers

them off after migrating their virtual machines to other hosts.

Configure Distributed Power Management (DPM)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=60

o Right-click a Cluster Select Edit Settings VMware DRS Click Power Management

o VMware DPM can use one of three power management protocols to bring a host out of standby mode:

Intelligent Platform Management Interface (IPMI), Hewlett-Packard Integrated Lights-Out (iLO), or

Wake-On-LAN (WOL). Each protocol requires its own hardware support and configuration. If a host

does not support any of these protocols it cannot be put into standby mode by VMware DPM. If a host

supports multiple protocols, they are used in the following order: IPMI, iLO, WOL.

o Options are: Off, Manual, Automatic:

Off: The feature is disabled and no recommendations will be made.

Manual: Host power operation and related virtual machine migration recommendations are

made, but not automatically executed. These recommendations appear on the cluster’s DRS tab

in the vSphere Client.

Automatic: Host power operations are automatically executed if related virtual machine

migrations can all be executed automatically.

Configure Enhanced VMotion Compatibility (EVC)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=47

o Right-click a Cluster Select Edit Settings Click VMware EVC

o You can use EVC to help ensure VMotion compatibility for the hosts in a cluster. EVC ensures that all

hosts in a cluster present the same CPU feature set to virtual machines, even if the actual CPUs on the

hosts differ. This prevents migrations with VMotion from failing due to incompatible CPUs.

o Note: EVC requires that applications follow CPU vendor recommendations on CPU feature detection.

Applications that do not follow the CPU vendor recommendations cannot be supported with EVC.

Page 52 of 85

Configure swap file location

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=31

o Right-click a Cluster Select Edit Settings Click Swapfile Location

o By default, the swap file (.vswp) is created in the same location as the virtual machine's configuration

file. A swap file is created by the ESX/ESXi host when a virtual machine is powered on and deleted when

it is powered off. If this file cannot be created, the virtual machine cannot power on.

Store the swapfile in the same directory as the virtual machine: Stores the swapfile in the

same directory as the virtual machine configuration file

Store the swapfile in the datastore specified by the host: Stores the swapfile in the location

specified in the host configuration. If the swapfile cannot be stored on the datastore that the

host specifies, the swapfile is stored in the same folder as the virtual machine.

Analyze HA host failure capacity requirements

o You can calculate the amount of CPU and memory resources that are needed for a host failure. When

doing so you need to take the following into account:

Resources in use

Total amount of resources available

Amount of CPU resources available on the host with the largest amount of MHz

Amount of CPU resources available on the host with the most RAM

o You can configure VMware HA to tolerate a specified number of host failures. With the Host Failures

Cluster Tolerates admission control policy, VMware HA ensures that a specified number of hosts can fail

and sufficient resources remain in the cluster to fail over all the virtual machines from those hosts.

When you account for 1 host failure, this can be the host with the most RAM, CPU etc. So you

need to make sure that you always have the largest amount of RAM and the largest amount of

CPU resources available in the cluster to accommodate for a host failure. This can be calculated

by using the total amount of resources minus the amount of resources in use.

Page 53 of 85

Analyze HA admission control

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=13

o vCenter Server uses admission control to ensure that sufficient resources are available in a cluster to

provide failover protection and to ensure that virtual machine resource reservations are respected.

o Including VMware HA, there are three types of admission control:

Host: Ensures that a host has sufficient resources to satisfy the reservations of all virtual

machines running on it.

Resource pool: Ensures that a resource pool has sufficient resources to satisfy the reservations,

shares, and limits of all virtual machines associated with it.

VMware HA: Ensures that sufficient resources in the cluster are reserved for virtual machine

recovery in the event of host failure.

o Admission control imposes constraints on resource usage and any action that would violate these

constraints is not permitted. Examples of actions that could be disallowed include:

Powering on a virtual machine.

Migrating a virtual machine onto a host or into a cluster or resource pool.

Increasing the CPU or memory reservation of a virtual machine.

Determine use cases for DRS automation levels and migration thresholds

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=49

Determine use cases for DPM policies

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=63

Page 54 of 85

Objective 7.2 – Enable a Fault Tolerant Virtual Machine

Identify FT restrictions

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=34

o Snapshots. Snapshots must be removed or committed before Fault Tolerance can be enabled on a

virtual machine. In addition, it is not possible to take snapshots of virtual machines on which Fault

Tolerance is enabled.

o Storage VMotion. You cannot invoke Storage VMotion for virtual machines with Fault Tolerance turned

on. To migrate the storage, you should temporarily turn off Fault Tolerance, and perform the storage

VMotion action. When this is complete, you can turn Fault Tolerance back on.

o DRS features. A fault tolerant virtual machine is automatically configured as DRS-disabled. DRS does

initially place a Secondary VM, however, DRS does not make recommendations or load balance Primary

or Secondary VMs when load balancing the cluster. The Primary and Secondary VMs can be manually

migrated during normal operation.

o Physical Raw Disk mapping (RDM). If you want to use Raw Disk Mapping (RDM) for your virtual disks,

only virtual RDMs are supported.

o vCPU: Only single processor VMs are supported

o Virtual Disks: No thin provisioned disks (auto upgraded to thick disk)

o Physical/Remote Devices: No support for virtual devices backed by a physical or remote device (USB,

Sound, CD-ROM, Floppy, etc.)

Evaluate FT use cases

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=32

o You can enable Fault Tolerance for most mission critical virtual machines. A duplicate virtual machine,

called the Secondary VM, is created and runs in virtual lockstep with the Primary VM. VMware

vLockstep captures inputs and events that occur on the Primary VM and sends them to the Secondary

VM, which is running on another host. Using this information, the Secondary VM's execution is identical

to that of the Primary VM. Because the Secondary VM is in virtual lockstep with the Primary VM, it can

take over execution at any point without interruption, thereby providing fault tolerant protection.

o Fault Tolerance provides a higher level of business continuity than VMware HA. When a Secondary VM

is called upon to replace its Primary VM counterpart, the Secondary VM immediately takes over the

Primary VM’s role with the entire state of the virtual machine preserved. Applications are already

running, and data stored in memory does not need to be re-entered or reloaded. This differs from a

failover provided by VMware HA, which restarts the virtual machines affected by a failure.

o This higher level of continuity and the added protection of state information and data informs the

scenarios when you might want to deploy Fault Tolerance.

Applications that need to be available at all times, especially those that have long-lasting client

connections that users want to maintain during hardware failure.

Custom applications that have no other way of doing clustering.

Page 55 of 85

Cases where high availability might be provided through custom clustering solutions, which are

too complicated to configure and maintain.

o Another key use case for protecting a virtual machine with Fault Tolerance can be described as On-

Demand Fault Tolerance. In this case, a virtual machine is adequately protected with VMware HA during

normal operation. During certain critical periods, you might want to enhance the protection of the

virtual machine. You can use On-Demand Fault Tolerance to protect the virtual machine during a critical

time period and return the resources to normal during non-critical operation.

Set up an FT network

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=36

o On each host that you intend to add to a VMware HA cluster, you must configure two different

networking switches so that the host can also support VMware Fault Tolerance. Multiple gigabit

Network Interface Cards (NICs) are required. For each host supporting Fault Tolerance, you need a total

of two VMkernel gigabit NICs: one dedicated to Fault Tolerance logging and one dedicated to

VMotion. The VMotion and FT logging NICs must be on different subnets. Additional NICs are

recommended for virtual machine and management network traffic.

1. Select a ESX host

2. Select Configuration tab

3. Select Networking Add Networking

4. Select VMkernel

5. Select Create a Virtual Switch

6. Select Use this port group for VMotion or Use this port group for fault tolerance logging

7. Provide an IP address and Subnet mask

o To enable Fault Tolerance for a host, VMware recommends that you complete this procedure twice,

once for each port group option to ensure that sufficient bandwidth is available for Fault Tolerance

logging.

Verify requirements of operating environment

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=33

o VMware HA must be enabled on the cluster. Host Monitoring should also be enabled -- if it is not, when

Fault Tolerance uses a Secondary VM to replace a Primary VM no new Secondary VM is created and

redundancy is not restored.

o Host certificate checking must be enabled for all hosts that will be used for Fault Tolerance.

Host certificate checking is enabled by default and SSL certificates are used to encrypt network

traffic. However, ESX uses automatically generated certificates that are created as part of the

installation process and stored on the host. The default location for your certificate is

/etc/vmware/ssl/ on the ESX host.

o Each host must have a VMotion and a Fault Tolerance Logging NIC configured.

o At least two hosts must have processors from the same compatible processor group.

o All hosts must have the same ESX/ESXi version and patch level.

o All hosts must have access to the virtual machines' datastores and networks.

o All hosts must have processors from the FT-compatible processor group.

Page 56 of 85

o All hosts must be certified by the OEM as FT-capable.

o The host configuration must have Hardware Virtualization (HV) enabled in the BIOS.

o Virtual machine files must be stored on shared storage.

o Virtual machines must be stored in virtual RDM or virtual machine disk (VMDK) files that are thick

provisioned with the Cluster Features option.

o Virtual machines must be running on one of the supported guest operating systems.

o Note: In addition to non-fault tolerant virtual machines, you should have no more than 4 fault tolerant

virtual machines (primaries or secondaries) on any single host.

Enable FT for a virtual machine

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=37

o Hosts and Clusters Right-click the VM Fault Tolerance Turn on Fault Tolerance

o When Fault Tolerance is turned on, vCenter Server unsets the virtual machine's memory limit and sets

the memory reservation to the memory size of the virtual machine. While Fault Tolerance remains

turned on, you cannot change the memory reservation, size, limit, or shares. When Fault Tolerance is

turned off, any parameters that were changed are not reverted to their original values.

Test an FT configuration

o There are two built-in methods to test FT. Right-click the VM and choose either:

Test Failover: Primary and Secondary VMs switch roles

Test Restart Secondary: After restarting it, you can check its consistency compared to the

original

Upgrade ESX hosts containing FT virtual machines

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=41

o When you upgrade hosts that contain fault tolerant virtual machines, ensure that the Primary and

Secondary VMs continue to run on hosts with the same ESX/ESXi version and patch level.

1. Using VMotion, migrate the fault tolerant virtual machines off of two hosts

2. Upgrade the two evacuated hosts to the same ESX/ESXi build.

3. Disable Fault Tolerance on the Primary VM.

4. Using VMotion, move the disabled Primary VM to one of the upgraded hosts.

5. Re-enable Fault Tolerance on the Primary VM that was moved.

6. Repeat Step 1 to Step 5 for as many fault tolerant virtual machine pairs as can be accommodated on the

upgraded hosts.

7. Using VMotion, redistribute the fault tolerant virtual machines.

Page 57 of 85

Objective 7.3 – Create and Configure Resource Pools

Determine Resource Pool requirements for a given situation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=35

o Resource pools allow you to delegate control over resources of a host (or a cluster), but the benefits are

evident when you use resource pools to compartmentalize all resources in a cluster. Create multiple

resource pools as direct children of the host or cluster and configure them. You can then delegate

control over the resource pools to other individuals or organizations.

o Using resource pools can result in the following benefits:

Flexible hierarchical organization

Isolation between pools, sharing within pools

Access control and delegation

Separation of resources from hardware

Management of sets of virtual machines running a multitier service

Evaluate appropriate shares, reservations, and limits in a given situation

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=37

o Shares: Number of CPU or memory shares the resource pool has with respect to the parent’s total.

Sibling resource pools share resources according to their relative share values bounded by the

reservation and limit. You can select Low, Normal, or High, or select Custom to specify a number that

assigns a share value.

o Reservation: Guaranteed CPU or memory allocation for this resource pool. A nonzero reservation is

subtracted from the unreserved resources of the parent (host or resource pool). The resources are

considered reserved, regardless of whether virtual machines are associated with the resource pool.

Defaults to 0.

o Expandable Reservation: Indicates whether expandable reservations are considered during admission

control. If you power on a virtual machine in this resource pool, and the reservations of the virtual

machines combined are larger than the reservation of the resource pool, the resource pool can use

resources from its parent or ancestors if this check box is selected (the default).

o Limit: Upper limit for the amount of CPU or memory the host makes available to this resource pool.

Default is Unlimited. To specify a limit, deselect the Unlimited check box.

Evaluate virtual machines for a given Resource Pool

o When you select a resource pool and go to the Resource Allocation tab, you will see all associated VMs.

This view displays the Reservation, Limit, and Share values for each VM.

Page 58 of 85

Create Resource Pools

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=37

o File New Resource Pool (or click New Resource Pool in the Commands panel of the Summary tab).

vCenter Server creates the resource pool and displays it in the inventory panel. A yellow

triangle appears if any of the selected values are not legal values because of limitations on total

available CPU and memory.

o Note: If a host has been added to a cluster, you cannot create child resource pools of that host. You can

create child resource pools of the cluster if the cluster is enabled for DRS.

Set CPU resource shares/reservations/limits

o Right-click the Resource Pool Click Edit Settings

Set memory resource shares/reservations/limits

o Right-click the Resource Pool Click Edit Settings

Define Expandable Reservation

o Indicates whether expandable reservations are considered during admission control. If you power on a

virtual machine in this resource pool, and the reservations of the virtual machines combined are larger

than the reservation of the resource pool, the resource pool can use resources from its parent or

ancestors if this check box is selected (the default).

o The system considers the resources available in the selected resource pool and its direct parent resource

pool. If the parent resource pool also has the Expandable Reservation option selected, it can borrow

resources from its parent resource pool. Borrowing resources occurs recursively from the ancestors of

the current resource pool as long as the Expandable Reservation option is selected. Leaving this option

selected offers more flexibility, but, at the same time provides less protection. A child resource pool

owner might reserve more resources than you anticipate.

Add virtual machines to pool

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=38

o Drag the virtual machine (or machines) to the resource pool object. If a virtual machine is powered on,

and the destination resource pool does not have enough CPU or memory to guarantee the virtual

machine’s reservation, the move fails because admission control does not allow it. An error dialog box

explains the situation. The error dialog box compares available and requested resources, so you can

consider whether an adjustment might resolve the issue.

o Note: Before you power on a virtual machine or create a resource pool, check the CPU Unreserved and

Memory Unreserved fields in the resource pool’s Resource Allocation tab to determine whether sufficient

resources are available.

Page 59 of 85

Describe resource pool hierarchy

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=35

o A resource pool can contain child resource pools, virtual machines, or both. You can create a hierarchy

of shared resources. The resource pools at a higher level are called parent resource pools. Resource

pools and virtual machines that are at the same level are called siblings. The cluster itself represents the

root resource pool. If you do not create child resource pools, only the root resource pools exist.

o Each child resource pool owns some of the parent’s resources and can, in turn, have a hierarchy of child

resource pools to represent successively smaller units of computational capability.

Page 60 of 85

Objective 7.4 – Migrate Virtual Machines

Identify compatibility requirements

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=187

o ESX Hosts:

Each host must be correctly licensed for VMotion.

Each host must meet shared storage requirements for VMotion.

Configure hosts for VMotion with shared storage to ensure that virtual machines are

accessible to both source and target hosts.

Each host must meet the networking requirements for VMotion.

VMotion requires a Gigabit Ethernet (GigE) network between all VMotion-enabled

hosts. Each host enabled for VMotion must have a minimum of two Ethernet adapters,

at least one of which must be a GigE adapter.

Note: vCenter's CPU compatibility checks compare the features available on the source and

target host CPUs. A mismatch in user-level features blocks migration.

o Restrictions:

You cannot use migration with VMotion to migrate virtual machines using raw disks for

clustering purposes.

You cannot use migration with VMotion to migrate a virtual machine that uses a virtual device

backed by a device that is not accessible on the destination host.

You cannot use migration with VMotion to migrate a virtual machine that uses a virtual device

backed by a device on the client computer.

Migrations with VMotion are not allowed unless the destination swapfile location is the same as

the source swapfile location. In practice, this means that virtual machine swapfiles must be

located with the virtual machine configuration file.

You cannot migrate a virtual machine with snapshots with Storage VMotion.

Cite the three methods of virtual machine migration

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=186

o Cold Migration: Moving a powered-off virtual machine to a new host. Optionally, you can relocate

configuration and disk files to new storage locations. Cold migration can be used to migrate virtual

machines from one datacenter to another.

o Migration with VMotion (“Hot / Live Migration”): Moving a powered-on virtual machine to a new host.

Migration with VMotion allows you to move a virtual machine to a new host without any interruption in

the availability of the virtual machine. Migration with VMotion cannot be used to move virtual

machines from one datacenter to another.

You can migrate suspended virtual machines from one datacenter to another.

Page 61 of 85

o Migration with Storage VMotion: Moving the virtual disks or configuration file of a powered-on virtual

machine to a new datastore. Migration with Storage VMotion allows you to move a virtual machine’s

storage without any interruption in the availability of the virtual machine.

Understand/Apply

o Migration with VMotion allows virtual machine working processes to continue throughout a migration.

The entire state of the virtual machine as well as its configuration file, if necessary, is moved to the new

host, while the associated virtual disk remains in the same location on storage that is shared between

the two hosts. After the virtual machine state is migrated to the alternate host, the virtual machine runs

on the new host.

The state information includes the current memory content and all the information that defines and

identifies the virtual machine. The memory content includes transaction data and whatever bits of the

operating system and applications are in the memory. The defining and identification information

stored in the state includes all the data that maps to the virtual machine hardware elements, such as

BIOS, devices, CPU, MAC addresses for the Ethernet cards, chip set states, registers, and so forth.

When you migrate a virtual machine with VMotion, the new host for the virtual machine must meet

compatibility requirements in order for the migration to proceed.

o Migration with VMotion happens in three stages:

When the migration with VMotion is requested, vCenter Server verifies that the existing virtual

machine is in a stable state with its current host.

The virtual machine state information (memory, registers, and network connections) is copied

to the target host.

The virtual machine resumes its activities on the new host.

o If any error occurs during migration, the virtual machines revert to their original states and locations.

Determine migration use cases

o There can be several reasons why you would want to migrate a VM from one host to another. Some

scenarios are:

Perform Host hardware and/or software maintenance

Load balancing (automated with DRS)

Fault Tolerance

Power saving (DPM)

Disaster recovery

Compare and contrast migration technologies

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=186

Page 62 of 85

Migrate a virtual machine using VMotion

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=197

1. Right-click a VM

2. Select Migrate

3. Select Change Host

4. Set the Cluster to migrate to

5. Select the appropriate Resource Pool

6. Select the Priority (High Priority migration is the default and is recommended. High Priority reserves the

resources the VM needs on the source and destination hosts before the migration begins)

Migrate a virtual machine using Storage VMotion

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=198

1. Right-click a VM

2. Select Migrate

3. Select Change Datastore

4. Select the appropriate Resource Pool

5. Select the destination Datastore. If you would like to separate the VM’s files (config, hard disks, etc.),

you can select the Advanced option which allows you to pick a datastore for each type of file.

6. Select the Disk Format you would like to use (Thick, Thin, or Same as Source)

Cold migrate a virtual machine

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=196

o <Combination of the last two topics. You will choose Change both Host and Datastore for step 3>

Page 63 of 85

Objective 7.5 – Backup and Restore Virtual Machines

Describe different back-up/restore procedures and strategies

o File Level

Use traditional backup software running inside a virtual machine. Backups run within a virtual

machine allow for traditional full, incremental, and differential backups.

Use VMware Consolidated Backup (VCB). Provides the same flexibility of running traditional full,

incremental, and differential backups in a Windows virtual machine but avoids the

disadvantages of running a backup agent in the virtual machine.

o Image Level

Use VMware Converter

Use VMware Consolidated Backup (VCB)

Use the VMware Data Recovery appliance

Use a third-party product

Create/Delete/Restore Snapshots

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=203

o Inventory Virtual Machine Snapshot Snapshot Manager

-or- Inventory Virtual Machine Snapshot Take Snapshot

-or- Right-click the virtual machine and select Snapshot Take Snapshot

o Note: While snapshots do provide a "point in time" image of the disk that backup solutions can use,

snapshots should not be used for your own virtual machine backups. Large numbers of snapshots are

difficult to manage and take up large amounts of disk space. Backup solutions, like VMware Data

Recovery, use the snapshot mechanism to "freeze" the state of a virtual machine and make a copy.

However, the Data Recovery backup method has additional capabilities that mitigate the limitations of

snapshots.

Page 64 of 85

Install Backup and Recovery Appliance

o http://www.vmware.com/pdf/vdr_10_admin.pdf#page=11

o VMware Data Recovery uses a plug-in to the VSphere Client and a backup appliance to store backups to

destinations such as hard disks. You can store backups on any virtual disk supported by ESX. You can

use technologies such as storage area networks (SANs) and network attached storage (NAS) devices.

Data Recovery also supports Common Internet File System (CIFS) based storage such as SAMBA.

1. File Deploy OVF Template

2. Select Deploy from File, and then browse to VmwareDataRecovery.ovf

3. Review and accept the OVF details and EULA

4. Select the Location, Host, and Cluster for the appliance

5. Select a Datastore to store the virtual machines files

o The default credentials for logging into the appliance, via the console, are Username: root, Password:

vmw@re. Use the passwd command to change the password for the root account to a strong password

of your choosing.

Install vCenter Data Recovery plug-in

o http://www.vmware.com/pdf/vdr_10_admin.pdf#page=12

1. Run the plug-in installer VMwareDataRecoveryPlugin.msi

2. Follow the prompts of the installation wizard

3. Start the vSphere Client, and log in to a vCenter Server

4. Select Plugins Manage Plugins and make sure that the Data Recovery plug-in is enabled

o Note: The Data Recovery plug-in connects to the backup appliance using port 22024. If there is a firewall

between the client and the backup appliance, port 22024 must be open before Data Recovery can be

managed with the vSphere Client.

Create a backup job with vCenter Data Recovery

o http://www.vmware.com/pdf/vdr_10_admin.pdf#page=17

1. Home Solutions and Applications VMware Data Recovery

2. Click New Backup Job

3. Select individual virtual machines or containers that contain virtual machines to be backed up and click

Next

4. Accept the default times or specify alternate backup windows and click Next

5. Accept the default retention policy or specify an alternate retention policy and click Next

6. Review the summary information for the backup job and click Next

Page 65 of 85

Section 8 – Perform Basic Troubleshooting and Alarm Management

Objective 8.1 – Perform Basic Troubleshooting for ESX/ESXi Hosts

Understand general ESX Server troubleshooting guidelines

o -

Troubleshoot common installation issues

o After installation your ESX server does not boot

You have installed ESX on to a LUN instead of the local hard drive (possibly overwriting VMFS

partitions). Solve by reinstalling, and before starting the installation, hide the LUNs presented to

the server

You intentionally installed ESX to a LUN (boot from SAN) but ESX does not boot. Solve by

adjusting the HBA BIOS to boot from LUN and by selecting the correct LUN.

You have selected the wrong boot device in the BIOS of the server

o After installation you cannot reach the server via the network

http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_esx_server_config.pdf#page=65

The configuration of your Service Console is incorrect (ESX Only)

esxcfg-vswif -l (Provides a list of the service console’s current network interfaces.

Check that vswif0 is present and that the current IP address and netmask are correct.)

esxcfg-vswitch -l (Provides a list of the current virtual switch configurations. Check that

the uplink adapter configured for the service console is connected to the appropriate

physical network.)

esxcfg-nics -l (Provides a list of the current network adapters. Check that the uplink

adapter configured for the service console is up and that the speed and duplex are both

correct.)

The wrong NIC was chosen for the Service Console during the install

esxcfg-vswitch -L <new vmnic> <service console vswitch> (Changes the uplink for the

service console.)

Routing is not configured

There is no Default Gateway defined for the Service Console Network

The Firewall on ESX does not allow you to connect

Page 66 of 85

Monitor ESX Server system health

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=81

o Hosts and Clusters Choose Host Hardware Status tab

o You can use the vSphere Client to monitor the state of host hardware components, such as CPU

processors, memory, fans, and other components. You can monitor a host’s health status either by

connecting the vSphere Client directly to a host, or by connecting to a vCenter Server system. You can

also set alarms to trigger when the host health status changes.

o When you connect the vSphere Client directly to a host, you can view the health status from the host’s

Configuration tab.

o When you are connected to a host through vCenter Server, you must use the Hardware Status tab

rather than the Configuration tab to monitor the host health.

Understand how to export diagnostic data

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=66

When connected to vCenter:

1. File Export Export System Logs -or- Administration Export System Logs

2. Select the ESX host(s) you would like to export log files from

3. Choose a location to download the logs to

When connect directly to an ESX host:

1. File Export Export System Logs

2. Choose a location to download the logs to

o When you export log file data, the vm-support script creates a file of the selected data and stores it in a

location you specify. The default file type is .txt if no other extension is specified. The file contains Type,

Time, and Description.

Page 67 of 85

Objective 8.2 – Perform Basic Troubleshooting for VMware FT and Third-Party Clusters

Analyze and evaluate VM population for maintenance mode considerations

o Virtual machines cannot run when a host is in maintenance mode. To ensure a consistent user

experience, vCenter Server migrates virtual machines to other ESX/ESXi hosts within a cluster before the

host is put in maintenance mode. All remaining hosts in the cluster must have enough resources

available to handle the increased load.

Understand manual Third-Party failover/failback processes

o -

Troubleshoot Fault Tolerance partial or unexpected failovers

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_availability.pdf#page=42

o Partial Hardware Failure Related to Storage: This problem can arise when access to storage is slow or

completely down for one of the hosts. When this occurs there are many storage errors listed in the

VMkernel log. To resolve this problem you must address your storage-related issues.

o Partial Hardware Failure Related to Network: If the logging NIC is not functioning or connections to

other hosts through that NIC are down, this can trigger a fault tolerant virtual machine to be failed over

so that redundancy can be reestablished. To avoid this problem, dedicate a separate NIC each for

VMotion and FT logging traffic and perform VMotion migrations only when the virtual machines are less

active.

o Insufficient Bandwidth on the Logging NIC Network: This can happen because of too many fault

tolerant virtual machines being on a host. To resolve this problem, more broadly distribute pairs of fault

tolerant virtual machines across different hosts.

o VMotion Failures Due to Virtual Machine Activity Level: If the VMotion migration of a fault tolerant

virtual machine fails, the virtual machine might need to be failed over. Usually, this occurs when the

virtual machine is too active for the migration to be completed with only minimal disruption to the

activity. To avoid this problem, perform VMotion migrations only when the virtual machines are less

active.

o Too Much Activity on VMFS Volume Can Lead to Virtual Machine Failovers: When a number of file

system locking operations, virtual machine power ons, power offs, or VMotion migrations occur on a

single VMFS volume, this can trigger fault tolerant virtual machines to be failed over. A symptom that

this might be occurring is receiving many warnings about SCSI reservations in the VMkernel log. To

resolve this problem, reduce the number of file system operations or ensure that the fault tolerant

virtual machine is on a VMFS volume that does not have an abundance of other virtual machines that

are regularly being powered on, powered off, or migrated using VMotion.

o Lack of File System Space Prevents Secondary VM Startup: Check whether or not your /(root) or

/vmfs/<datasource> file systems have available space. These file systems can become full for many

reasons, and a lack of space might prevent you from being able to start a new Secondary VM.

Page 68 of 85

o Other Fault Tolerance Troubleshooting Issues:

Hardware Virtualization Must Be Enabled

Compatible Secondary Hosts Must Be Available

Secondary VM on Overcommitted Host Degrades Performance of Primary VM

Very Large Virtual Machines Can Prevent Use of Fault Tolerance

Secondary VM CPU Usage Appears Excessive

Page 69 of 85

Objective 8.3 – Perform Basic Troubleshooting for Networking

Verify VM is connected to the correct port group

1. Select the VM

2. Select the Summary tab

3. The associated Port Groups as listed under the Resources section

Verify port group settings are correct

1. Select ESX Host

2. Select the Configuration tab

3. Select Networking

4. Click the Message Box located to the left of the Port Group’s name

Verify that the network adaptor is connected within the VM

1. Right-click the VM

2. Select Edit Settings

3. Select the Network Adaptor in question

4. Verify that the Connected checkbox is cheeked

Verify VM network adaptor settings

1. Right-click the VM

2. Select Edit Settings

3. Click the Network Adaptor in question

4. Review/Edit the configuration

Verify physical network adaptor settings

1. Select ESX Host

2. Select the Configuration tab

3. Select Network Adapters

Verify vSphere network management settings

1. Select ESX Host

2. Select the Configuration tab

3. Select Networking

4. Click the Properties link located to the right of the Service Console port group

1. Right-click the Cluster

2. Select Edit Settings

3. Verify that HA is enabled

4. Select VMware HA

5. Verify that Enable Host Monitoring is enabled

Page 70 of 85

Objective 8.4 – Perform Basic Troubleshooting for Storage

Identify storage contention issues

o Use the Disk performance graphs (Performance tab) to examine disk usage and potential congestion for

each ESX host.

Identify storage over-commitment issues

o With Thin Provisioning, the virtual disk starts small and at first, and uses just as much storage space as it

needs for its initial operations. When the virtual disk requires more space, it can grow to its maximum

capacity and occupy the entire datastore space originally provisioned to it. If you thin provision too

many VMDK disks on one datastore (over-commit), you run the risk of exhausting all space and

potentially crashing all VM’s tied to that datastore.

Identify iSCSI software initiator configuration issues

1. Select a ESX host

2. Select the Configuration tab

3. Select Storage Adaptors

4. Select the iSCSI Initiator Properties

o Verify that the initiator name is a qualified iSCSI name and matches the storage system setup

o If CHAP is configured, ensure that it is enabled on the ESX/ESXi host and matches the storage system

setup

o Verify that the Dynamic Discovery addresses are correct

o Ensure that the subnet mask and gateway address are set correctly on the iSCSI storage and the iSCSI

initiator in the ESX/ESXi host.

o Ensure that the iSCSI adaptor is enabled and the port (3260) is allowed through the ESX firewall

o The software iSCSI initiator in ESX/ESXi requires that a VMkernel network port have access to the iSCSI

storage. The software initiator uses the VMkernel for data transfer between the ESX/ESXi system and

the iSCSI storage.

Interpret Storage Reports and Storage Maps

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=227

o <Object> Storage Views tab

Page 71 of 85

Objective 8.5 – Perform Basic Troubleshooting for HA/DRS and VMotion

Explain the requirements of HA/DRS and VMotion

o All Hosts in an HA Cluster must have access to the same shared storage locations used by all virtual

machines on the cluster. This includes any Fibre Channel, iSCSI, and NFS datastores used by virtual

machines.

o All Hosts in a HA cluster should have an identical virtual networking configurations (vSwitches, Port

Groups, etc.). Port Group naming is CASE SENSITIVE -- NAMES MUST BE IDENTICAL ACROSS ALL HOSTS!

o Each Host in a HA cluster must have a host name assigned and a static IP address associated with each of

the virtual NICs. All hosts in an HA cluster must resolve the other hosts using DNS names.

o A Gigabit Ethernet NIC with a VMkernel port defined and enabled for VMotion on each host

o CPUs must be from the same vendor, must be in the same family, and must share a common set of CPU

instruction sets and features.

Per-VM CPU Identification (CPUID) Masking and/or Cluster level EVC can be enabled to help get

around this limitation

You can use VMware’s bootable CPU Identification (CPUID) utility to boot a server and

determine what CPU features it supports

o VMs:

Must not be connected to any physical device (e.g. CD/DVD) or internal-only virtual switch

Must not have its CPU affinity set to a specific CPU

Must not have a physical mode RDM

Verify VMotion functionality

1. Right-click a VM

2. Select Migrate

3. Select Change Host

4. Set the Cluster to migrate to

5. Select the appropriate Resource Pool

6. Select the Priority (High Priority migration is the default and is recommended. High Priority reserves the

resources the VM needs on the source and destination hosts before the migration begins)

Verify DNS settings

1. Select an ESX host

2. Select the Configuration tab

3. Select DNS and Routing

Page 72 of 85

Verify the service console network functionality

o http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=

1003728

o http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1003

486&sliceId=1&docTypeID=DT_KB_1_1&dialogID=52680897&stateId=0%200%2052682475

o Ping each Host, by name, from the vCenter server

o Ping each Host and vCenter from ESX: ping <server>

o Ping each Host and vCenter from ESXi: vmkping <server>

The vmkping command sources a ping from the local VMkernel port

Interpret the DRS Resource Distribution Graph and Target/Current Host Load Deviation

o Select the Cluster Summary tab

Target/Host deviation is located under the section VMware DRS

Target Host Load Standard Deviation: A value derived from the migration threshold

setting that indicates the value under which load imbalance is to be kept.

Current Host Load Standard Deviation: A value indicating the current load imbalance in

the cluster. This value should be less than the target host load standard deviation

unless unapplied DRS recommendations or constraints precluded attaining that level.

Click View Resource Distribution Chart

CPU: If the VM is receiving the resources it’s entitled to, the box is green. If the box is

not green for an extended time, you might want to investigate what is causing this

shortfall.

Memory: The virtual machine boxes are not color-coded, because the relationship

between consumed memory and entitlement is often not easily categorized.

Troubleshoot VMotion using topology maps

o Select a VM Maps tab

If any of the hosts have a red X next to them, then this particular VM cannot be VMotioned to it.

The most common cause for this issue is that the host cannot access all of the networks or

datastores the VM is attached to. The Tasks & Events tab may provide additional info.

Troubleshoot HA capacity issues

o Select the Cluster Select the Summary tab Current Capacity is located under the VMware HA

section

Click Advanced Runtime Info for Slot information

o Note: HA Admission control is used to ensure failover capacity within the cluster. Admission control

settings are defined within each Cluster.

Page 73 of 85

Troubleshoot HA redundancy issues

o For redundancy, you should have 2 or more NICs attached to your VMotion network. Each NIC should

be connected to a separate physical switch.

o Select an ESX host Select the Configuration tab Networking

Verify the status of each NIC on your VMotion port group

Page 74 of 85

Objective 8.6 – Create and Respond to vCenter Connectivity Alarms

List vCenter default connectivity alarms

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=263

o Cannot Connect to Network: Monitors network connectivity on a vSwitch.

o Cannot Connect to Storage: Monitors host connectivity to a storage device.

o Host Connection and Power State: Monitors host connection and power state.

o Host Connection Failure: Monitors host connection failures.

o Host Connection State: Monitors host connection state.

o Host Storage Status: Monitors host connectivity to storage devices.

vSphere Update 1 added the following:

Network Connectivity Lost (replaces “Cannot Connect to Network”): Monitors network connectivity on

a vSwitch.

Network uplink redundancy degraded: Monitors network uplink redundancy degradation on a

virtual switch.

Network uplink redundancy lost: Monitors loss of network uplink redundancy on a virtual

switch

List possible actions for connectivity alarms

o Send a Notification Email: SMTP sends an email message.

o Send a Notification Trap: SNMP sends a notification trap.

o Run a Command: Performs the operation defined in the script you specify.

o Enter Maintenance Mode: Puts the host in maintenance mode.

o Exit Maintenance Mode: Puts the host out of maintenance mode.

o Enter Standby: Suspends the guest operating system on the virtual machine.

o Exit Standby: Resumes the guest operating system on the virtual machine.

o Reboot Host: Reboots the host.

o Shutdown Host: Shuts down the host.

For a given alarm, analyze and evaluate the affected virtual infrastructure components

o Using vCenter, you can evaluate the status of and troubleshoot all components

Page 75 of 85

Create a vCenter connectivity alarm

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=252

o You create an alarm by using the Alarm Settings dialog box. You can open this dialog box by selecting

the object in the inventory and using any of the following methods:

Select File New Alarm

Select Inventory <object_type> Alarm Add Alarm

Right-click the object and select Alarm Add Alarm

Select the Alarms tab Click the Definitions button Right-click in the pane, and select New

Alarm

Select the object in the inventory and press Ctrl+A

o Note: After an alarm is created, it will be enabled even if the user who created it no longer has

permissions.

Relate the alarm to the affected components

o Select vCenter Click the Alarms tab Click Triggered Alarms Click the alarm in question

Page 76 of 85

Objective 8.7 – Create and Respond to vCenter Utilization Alarms

List vCenter default utilization alarms

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=263

o Datastore Usage on Disk: Monitors datastore disk usage.

o Host CPU Usage: Monitors host CPU usage.

o Host Memory Usage: Monitors host memory usage.

o Virtual Machine CPU Usage: Monitors virtual machine CPU usage.

o Virtual Machine Memory Usage: Monitors virtual machine memory usage.

List possible actions for utilization alarms

o Common:

Send a Notification Email: SMTP sends an email message.

Send a Notification Trap: SNMP sends a notification trap.

Run a Command: Performs the operation defined in the script you specify.

o Host Only:

Enter Maintenance Mode: Puts the host in maintenance mode.

Exit Maintenance Mode: Puts the host out of maintenance mode.

Enter Standby: Suspends the guest operating system on the virtual machine.

Exit Standby: Resumes the guest operating system on the virtual machine.

Reboot Host: Reboots the host.

Shutdown Host: Shuts down the host.

o VM Only:

Power on VM: Powers on the VM.

Power off VM: Powers off the VM.

Suspend VM: Suspends the VM.

Reset VM: Resets the VM (the equivalent of pressing the reset button).

Migrate VM: Migrates the VM to another host via VMotion.

Reboot Guest on VM: Reboots the VM by using VMware Tools to initiate an orderly reboot.

Shutdown Guest on VM: Shutsdown the VM by using VMware Tools to initiate an orderly

shutdown.

Page 77 of 85

For a given alarm, analyze and evaluate the affected virtual infrastructure resource

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=258

1. Select the Object

2. Click the Performance tab

3. If advanced graphing is required, click Advanced

a. Select the appropriate item from the Switch To dropdown box

b. If needed, click Chart Options to modify the selected graph

o http://communities.vmware.com/docs/DOC-9279

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_resource_mgmt.pdf#page=79

ESX: esxtop -a -b <filename>

ESX or ESXi: resxtop --server <host name or IP>

Create a vCenter utilization alarm

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=252

o You create an alarm by using the Alarm Settings dialog box. You can open this dialog box by selecting

the object in the inventory and using any of the following methods:

Select File New Alarm

Select Inventory <object_type> Alarm Add Alarm

Right-click the object and select Alarm Add Alarm

Select the Alarms tab Click the Definitions button Right-click in the pane, and select New

Alarm

Select the object in the inventory and press Ctrl+A

o Note: After an alarm is created, it will be enabled even if the user who created it no longer has

permissions.

Relate the alarm to the affected resource

o Select vCenter Click the Alarms tab Click Triggered Alarms Click the alarm in question

Page 78 of 85

Objective 8.8 – Monitor vSphere ESX/ESXi and Virtual Machine Performance

Identify critical performance metrics (e.g., CPU ready, queue depth, etc.)

o http://communities.vmware.com/docs/DOC-9279

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=277

o CPU Usage, CPU Ready

o Memory Usage, Memory Balloon, Memory Active, Memory Swap In Rate, Memory Swap Out Rate

o Disk Usage, Disk Read Rate, Disk Write Rate

o Network Usage, DroppedTx, DroppedRx

o VMware Tools includes a library of functions called Perform DLL. This DLL allows you to access key host

statistics inside a guest VM. You access these functions via the Windows Performance Monitor or WMI.

Explain memory metrics (ballooning, shared, etc.)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=340

o http://www.vmware.com/pdf/Perf_Best_Practices_vSphere4.0.pdf#page=23

o Page Sharing: ESX uses a proprietary technique to transparently and securely share memory pages

between virtual machines, thus eliminating redundant copies of memory pages. Page sharing is used by

default regardless of the memory demands on the host system.

o Ballooning: If the virtual machine’s memory usage approaches its memory target, ESX uses ballooning

to reduce that virtual machine’s memory demands. Using a VMware-supplied vmmemctl device driver,

installed in the guest operating system as part of VMware Tools suite, ESX can cause the guest to

relinquish the memory pages it considers least valuable. Ballooning provides performance closely

matching that of a native system under similar memory constraints. To use ballooning, the guest

operating system must be configured with sufficient swap space.

An absence of ballooning suggests that ESX is not under heavy memory pressure and thus

memory overcommitment is not affecting performance. (Note that some ballooning is quite

normal and not indicative of a problem.)

If ballooning is high, this might not be a problem if all VMs have sufficient memory. But, if

ballooning is high AND the guest OS is swapping, then the VM is constrained by memory.

o Swapping: If ballooning fails to sufficiently limit a virtual machine’s memory usage, ESX also uses host-

level swapping to forcibly reclaim memory from a virtual machine. Because this will swap out active

pages, it can cause virtual machine performance to degrade significantly.

Check for guest swap activity within that virtual machine. This can indicate that ballooning

might be starting to impact performance (though swap activity can also be related to other

issues entirely within the guest).

Look at the value of Memory Swap Used (Average) in the vSphere Client Performance Chart.

Memory swapping at the host level would indicate more significant memory pressure.

Page 79 of 85

If multiple VMs are being constrained by memory, then not only will you see high ballooning

activity and the guest OS paging, you will also see the VM itself being swapped in and out by the

VMkernel.

o Memory Active: Amount of memory actively used, as estimated by VMkernel. Active memory is based

on the current workload of the virtual machine or host.

If amount of active memory is continuously high, this could lead to VMs that are memory-

constrained.

Explain CPU metrics (ready/wait time, etc.)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=331

o http://www.vmware.com/pdf/Perf_Best_Practices_vSphere4.0.pdf#page=19

o CPU Ready: Refers to the interval when a VM is ready to execute instructions but cannot, because it

cannot get scheduled onto a CPU.

A good ready time value varies from workload to workload. To find a good ready time value,

collect ready time data over time for each virtual machine. Once you have the data, estimate

how much of the observed response time is ready time.

o CPU Usage:

VM: Amount of actively used virtual CPU, as a percentage of total available CPU. This is the

host's view of the CPU usage, not the guest operating system view. It is the average CPU

utilization over all available virtual CPUs in the virtual machine. For example, if a virtual

machine with one virtual CPU is running on a host that has four physical CPUs and the CPU

usage is 100%, the virtual machine is using one physical CPU completely.

If CPU utilization is continuously high, then the VM is constrained by CPU. However, the

host might have enough CPU for other VMs to run.

Multiple VMs are constrained by CPU if there is high CPU utilization in the guest OS and

there are relatively high CPU ready values for the VMs.

Host: Actively used CPU of the host, as a percentage of the total available CPU. Active CPU is

approximately equal to the ratio of the used CPU to the available CPU.

available CPU = # of physical CPUs × clock rate

100% represents all CPUs on the host. For example, if a four-CPU host is running a virtual

machine with two CPUs, and the usage is 50%, the host is using two CPUs completely.

o It is a good idea to periodically monitor the CPU usage of the host. This can be done through the

vSphere Client or by using esxtop or resxtop. Below we describe how to interpret esxtop data:

If the load average on the first line of the esxtop CPU Panel is equal to the number of physical

processors in the system, this indicates that the system is overloaded.

The usage percentage for the physical CPUs on the PCPU line can be another indication of a

possibly overloaded condition. In general, 80% usage is a reasonable ceiling and 90% should be

a warning that the CPUs are approaching an overloaded condition. However, organizations will

have varying standards regarding the desired load percentage.

Page 80 of 85

Explain network metrics (usage, packet drops, etc.)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=348

o Network Usage: Sum of the data transmitted and received during the collection interval.

o DroppedRx: Number of receive packets dropped during the collection interval.

o DroppedTx: Number of transmit packets dropped during the collection interval.

Dropped network packets indicate a bottleneck in the network.

Explain storage metrics (latency, queuing, etc.)

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=350

o Disk Usage: Aggregated disk I/O rate. For hosts, this metric includes the rates for all virtual machines

running on the host during the collection interval.

o Disk Read Rate: Rate at which data is read from each virtual disk on the virtual machine or each LUN on

the host.

o Disk Write Rate: Rate at which data is written to each virtual disk on the virtual machine or each LUN

on the host.

o To determine disk performance problems, monitor two disk latency data counters:

Kernel Disk Command Latency: The average time spent in the VMkernel per SCSI command.

High numbers (greater than 2-3ms) represent either an overworked array or an

overworked host.

Physical Device Command Latency: The average time the physical device takes to complete a

SCSI command.

High numbers (greater than 15-20ms) represent a slow or overworked array.

Compare and contrast Overview and Advanced Charts

o http://www.vmware.com/pdf/vsphere4/r40_u1/vsp_40_u1_admin_guide.pdf#page=274

o Overview performance charts enable you to view CPU, memory, network, disk, and storage metrics for

an object at the same time. All overview charts for an object appear in the same panel in the

Performance tab. This allows you to do side-by-side comparisons of resource usage for clusters,

datacenters, datastores, hosts, resource pools, and virtual machines. You can perform the following

tasks with the overview performance charts:

View all charts for an object in one panel. The single-panel view enables you to make side-by-

side comparisons of different resource statistics, for example, CPU usage and memory usage.

View real-time and historic data.

View thumbnail charts for child objects. Thumbnail charts provide a quick summary of resource

usage for each child object of a datacenter, datastore, cluster, or host.

Open the overview charts for a child object by clicking the object name in the thumbnail section.

Page 81 of 85

o Advanced performance charts enable you to see data point information for a plotted metric, export

chart data to a spreadsheet, and save chart data to a file. You can customize the advanced chart views.

Note: You cannot view datastore metrics in the advanced charts. They are only available in the overview

charts.

You can view CPU, memory, disk, and network statistics for an object in the advanced

performance charts. These charts support additional data counters not supported in the

overview performance charts.

Create an Advanced Chart

1. Display the object in the inventory

2. Select the Object and click the Performance tab

3. Click Advanced

4. Click Chart Options

5. In Chart Options, select a Metric Group for the chart

6. Select a Time Range for the metric group

7. Select the Chart Type

8. In Objects, select the inventory objects to display in the chart

9. In Counters, select the data counters to display in the chart

10. Click Save Chart Settings

11. Enter a Name and click OK

Determine host performance using guest Perfmon

o VMware Tools includes a library of functions called Perform DLL. This DLL allows you to access key host

statistics inside a guest VM. You access these functions via the Windows Performance Monitor or WMI.

o The new Performance objects – VM Processor and VM Memory – allow you to view actual CPU and

memory utilization alongside observed CPU and memory utilization of the guest OS.

Page 82 of 85

Appendix A – Configuration Maximums

http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf

vSwitch

Virtual network switch ports per host (vDS and vSS ports): 4096

Port groups per standard switch: 512

Virtual network switch ports per standard switch: 4088

Standard switches per host: 248

Distributed Switch

Virtual network switch ports per host (vDS and vSS ports): 4096

Distributed port groups per vCenter: 512

Distributed virtual network switch ports per vCenter: 6000

Distributed switches per vCenter: 16

Hosts per distributed switch: 64

Virtual Machines

CPUs (Virtual SMP): 8

RAM: 255GB

Swap file size: 255GB

SCSI adapters: 4

SCSI targets per Adapter: 15

SCSI targets per VM: 60

Disk size: 2TB minus 512B

IDE Controllers: 1

IDE Devices: 4

Virtual NICs: 10

Parallel Ports: 3

Serial Ports: 4

VMDirectPath PCI / PCIe Devices: 2

VMDirectPath SCSI Targets: 60

Concurrent remote console connections to a virtual machine: 40

Page 83 of 85

vCenter

Hosts (32‐bit OS server): 200

Powered‐on virtual machines (32‐bit OS server): 2000

Registered virtual machines (32‐bit OS server): 3000

Concurrent vSphere client connections (32‐bit OS server): 15

Hosts (64‐bit OS server): 300

Powered‐on virtual machines (64‐bit OS server): 3000

Registered virtual machines (64‐bit OS server): 4500

Concurrent vSphere client connections (64‐bit OS server): 30

Hosts per Datacenter: 100

Hosts per Cluster: 32

Linked vCenter Server systems: 10

Concurrent VMotion operations per host: 2

Concurrent VMotion operations per VMFS3 datastore: 4

Concurrent Storage VMotion operations per host: 2

Concurrent Storage VMotion operations per datastore: 4

Concurrent Provisioning operations per host & per datastore: 8

Concurrent operations per vCenter Server: 96

ESX

Volume size: 64TB minus 16K

Extents size: 2TB minus 512B

Extents per volume: 32

Volumes per host: 256

Virtual machines per volume: 256

LUN ID: 255

HBAs per host: 8

Targets per HBA: 256

Logical processors per host: 64

Virtual CPUs per host: 512

Virtual CPUs per physical core: 20 (25 in vSphere U1)

Size of RAM per host: 1TB

RAM allocated to service console: 800MB (300MB min)

Page 84 of 85

Appendix B – CLI

Enable/Disable a Firewall Service: esxcfg-firewall -e esxcfg-firewall -d

Open/Close a Firewall Port: esxcfg-firewall -o esxcfg-firewall -c

List Firewall Rules: esxcfg-firewall -q

List Firewall Services: esxcfg-firewall -s

Backup ESXi Config: vicfg-cfgbackup --server

Upgrade VMware ESX/ESXi: esxupdate query | info | scan | test | update

ESX Upgrade Rollback: rollback-to-esx3

LUN Masking: esxcli corestorage claimrule add –r

Modify ESX Service Console IP: esxcfg-vswif vswif0 -i <ip> -n <subnet>

List Service Console Interfaces: esxcfg-vswif -l

Change Service Console NIC: esxcfg-vswitch -L <new vmnic> <service console vswitch>

List vSwitch Configurations: esxcfg-vswitch -l

List Network Adaptors: esxcfg-nics -l

Ping from ESX/ ESXi ping <server> vmkping <server>

Shutdown ESX: shutdown -h now

Page 85 of 85

Appendix C – Sources

http://www.vmware.com

http://www.b3rg.nl/vcp-4.0.html

http://www.simonlong.co.uk/blog/vcp-vsphere-upgrade-study-notes/

Mastering VMware vSphere 4 / Scott Lowe – 1st ed.

VMware vSphere 4 - Student Manual

Personal hands-on experience