Nested Home Lab – Part 12 – Distributed Virtual Switch

As we discussed in Part 2, for our basic lab, we wanted to separate out the networking  in to three parts:

Use Example IP Range
VM and Management
VSAN (vlan 30)
vMotion (vlan 40)

We have already set-up our physical host’s network in preparation to create our distributed switch.

So what we are looking to do here is create our distributed switch, create the port groups (tag them), and add our VMkernel interfaces. Easy Right?

Creating a Distributed Switch

  1. Log in using an account that has permission to configure the environment.Lic-1
  2. Select Home and Hosts and Clusters.AH-1
  3. Click on networking icon, right click on your Datacenter, Select Distributed Switch, Click New Distributed Switch.
  4. Enter in a name for your new switch. Click Next.DS-3
  5. Select Distributed Switch: 6.0.0.  Click Next.
  6. Set the number of uplinks to 2 and un-tick create a default port group. Select Next.DS-5
  7. Check that our setting are correct and select FinishDS-6

And thats the switch created.

Adding your port groups

We’re going to be creating two port groups, vMotion with a VLAN tag of 40, and VSAN with a VLAN tag of 30.

  1. Right click on the Distributed Switch. Select Distributed Port Group. Select New Distributed Group…
  2. Give the port group a name. In this case vMotion. Select Next.DS-8
  3. Set VLAN type to VLAN and the VLAN ID to 40. Leave all the other options as defaults.
  4. Double check the settings you specified are correct and click Next.DS-10
  5. Go back and create a Virtual SAN VLAN, but with a VLAN tag of 30.DS-11
  6. You should now have a vSwitch that looks like this:DS-12

For a basic lab, as we are creating, the networking is quite simple. However virtual networking has come a very long way and with the introduction of NSX it is now effecting the whole data centre. I would recommend you read Networking for VMware Administrators by Chris Wahl and Steven Pantol. While the book doesn’t cover NSX (understandable as its a whole discipline in itself) it is very good and I would highly recommend it. 

Nested Home Lab – Part 11 – Clusters and hosts

Short post today.
In this post we will create a new cluster. Once that’s done you can add the hosts using the steps outlined in Part 7.

1. Log in using an account that has permission to configure the environment.

2. Select Home and Hosts and Clusters.

3. Right click the datacenter we created in Part 7 and select New Cluster.

4. Give the cluster a name. In this case I have user Site1. Leave the other settings off or on Default and click OK.

5. You should now have a new Cluster called Site1.

You can now follow the same steps from Part 7 that we used to add our primary host.

Nexenta – File Services for VSAN

Where I work we are heavily invested in NetApp and 3PAR. Software vendors that also make the hardware for their software to run on. For a large organisation its attractive, one number to dial when SHTF. However with the rise of software defined everything, we are seeing a shift away from that. VMware, clearly one of the market leaders in the software defined space brought out VSAN, and I really, really, like it. Its evolving very fast to meet customer requirements. Support for all flash, stretched clustering, and ROBO set-ups (which I’m really interested in) to name a few. However missing in this mix of awesomeness is file sharing. If Software defined storage is really to take on the big players it needs to really offer more than a place to put virtual disks. Sure you can run a file server VM but that adds an extra layer of complexity. Where’s the integration?

nexenta_logoIn comes Nexenta with NexentaConnect for VMware Virtual SAN.  Now Nexenta has been on the edges of my radar for a while. I knew they were heavily focused on storage, software defined storage to be exact, but I’d never really looked any deeper. My big focus for the last year has been to push VSAN into the company I work for. I could see the cost savings, the ease of use. In the end, after a successful POC, it was a combination of the two that sold it. During the next two to three years it could save the company a huge amount of money.

Back to Nexenta: NexentaConnect has me very interested. Time to get it in the home Lab.

So having worked with it over the weekend, I have made the following (preliminary) observations:

  1. It does what is says on the tin.
  2. Its very strict with its requirements (I tried to cheat and it failed).
  3. Installing the plugin is a manual task, which some Admins might not like.
  4. The whole process of deploying the first OVA’s to having my first shared volume took just less than an hour.

Once you need the minimum requirements, its quite easy to get going with NexentaConnect and its also easy to pull out if you no longer require it.

There are three main components: The vCenter plugin, the connect manager, and the IO engine. The vCenter plugin is very well integrated and fronts the connect manager, which in turn controls the IO engine. The IO engine is a Virtual Storage Appliance (VSA) that gets deployed into your VSAN cluster..

When you create you first share, whether it be NFS or SMB, an IO engine is deployed to the VSAN datastore. I found deployment of the IO engine to be very fast in my LAB. You can also apply different pre-created VSAN storage policies to each share. Once the IO engine was deployed adding additional share was even faster.

As I don’t currently have a full physical lab, I couldn’t in good conscience do any real performance testing, but it was very quick even in a nested virtual environment.

This product will really shine in smaller shops, which are often overlooked, or ROBO offices. VSAN coupled with a product like this could help a smaller business through the awkward period of transitioning from a small to medium business and at that stage why take it out? That’s not to say that larger organisations shouldn’t take a look and implement if it fits their strategy.

The product as a whole is very interesting and I really do like it. There have been several write ups and youtube videos from several big bloggers detailing various bits of the set-up. Cormac Hogan did a great write-up here and so has Rawlinson Rivera of Punching Clouds.

Its great to see real innovation like this coming from the industry and I highly recommend heading over to Nexenta’s website and take a look.

Nested Home Lab – Part 10 – Initial Host Network Config

In today’s post we’ll look at configuring the first networking for your host.  
1.      Open up a console to your first nested ESXi Host and press F2 to start the login
2.       Login with username root and the password you defined when you were installing the host.
3.       Scroll down to Configure Management Network and press enter

4.       Scroll down to IPv4 Configuration and press enter.
5.       Enter in the IP address details that you have assigned for this host and press enter.
6.       Scroll down to DNS Configuration and press enter.
7.       Enter in the DNS details that you have assigned and enter in the FQDN and press enter.
8.       Back on the Configure Management Network page press Esc to accept the changes
9.       Press Y to accept the changes.
10.   It’ll take a few seconds but once its reconfigured you should be able to ping the host.

Now you need to configure the other two hosts.

vExpert 2015


This morning I woke up to find out that I have been awarded the vExpert Status for 2015. I did come across this information at 6 am and had to double check to make sure.

For me its a really great honour and something I’ve wanted for a while.

Before i sign off I want to say thank you to the vExpert team for assigning this award to me and congratulations to all the new vExperts out there.

I guess the next thing is to make sure I keep it in the 2016 nominations.

Brief interlude… VCAP5-DCD

Its been  about a month since I last posted here, I’ve been busy studying for the VCAP5-DCD and been on holiday.
About four months ago I decided to give it another go. Having tried the 5.1 DCD exam previously and failed, i had a clear idea of the amount of work involved. I didn’t really want to wait for the VCIX exams to be released as I wanted the option of going for the VCDX5 in early 2016.
The first thing I did was go to Google and read all the reviews of the exam I could find. A common theme amongst all the posts was make the blueprint your bible, and it’s true. In there you will find exactly what you need to know. Read it from cover to cover, then read it again.
Its a tough exam. Really tough. I’m not going to rehash what other (more capable) bloggers have covered about the exam suffice to say that I finished with about 20 minutes to spare, took a couple of deep breaths and went through the questions again. This was a huge help as I tweaked one of my designs and saw a glaring error in one of the drag-and-drop questions.

Resources I used:

Tips for the Exam:

  • Read the questions twice. Everything you need to complete the required task will be in the question.
  • Eat and drink before the exam. I get cranky when I’m hungry. Be aware that if you need to go to the toilet the exam timer doesn’t stop.
  • If something is taking a long time, flag it for review and move on.
  • Make sure you understand the below (it is a design exam after all).
    • Requirements (both functional and non-functional)
    • Risks
    • Constraints
    • Assumptions
  • Make sure you know the differences between conceptual, logical, and physical designs.
  • Get to the test centre a few minutes early and try to relax, difficult I know but try.
Passing is a great feeling. Don’t worry if you don’t get it on your first try, its annoying and expensive, but treat it as a learning experience.
Oh and remember, organise your time, both for study and during the exam.

Nested Home Lab – Part 9 – Deploying a Nested ESXi Host

Carrying on with our VSAN enabled nested environment, we’ll be deploying our new hosts using the VCSA and the web client and not the C# client. Reason? Well we will be setting specific parameters for the vCPU to pass through the virtualization extensions. otherwise we will need to do this by editing the VMX file.
Now that we have the networking in place that we configured in the previous post we’ll go on to deploy three ESXi VM’s.
Each host should have the following spec:
  • 2 X CPU or cores (Min requirement for ESXi)
  • 6GB Ram (Min requirement for VSAN)
  • 2 X Nics on the VM Network
  • 2 X Nics of the LAN Network
  • 1 X 10g HDD disk (ESXi install)
  • 1 X SSD disk for the caching tier.
  • 1 X HDD for data Tier.


The VSAN disk configuration of my nested ESXi servers is:
  • 1 X 40GB SSD
  • 1 X 100GB HDD
This configuration worked for me ask I was able to run a couple of smaller VM’s in my nested environment. I was also able to add a second 100GB HDD to continue to test VSAN functionality, such as striping and disk policies.

Installing a nested ESXi host.

1.   Log in using an account that has permission to configure the environment.

 2.  Select Home and the Hosts and Clusters

3.   Select the Hosts and Clusters icon and then select your primary host, right click and Select New Virtual Machine and New Virtual Machine.

4.   Select the Create New Virtual Machine and Click Next.

5.   Give the Virtual Machine a name and select the Datacenter we created in Part 7 and Click Next.

6. Select your physical host for the Compute Resource and Click Next.

6. Select the disk you want to run the ESXi host on and Click Next. If you have both a SSD and a HDD look to put the primary disk on the HDD. Once ESXi boots it runs mostly in memory.

7. Select Compatable With: ESXi 6.0 and later and Click Next.

7. Guest OS Family set to Other and Guest OS Version: Version ESXi 6.x and Click Next.

8. Ok so a fair bit to do here:
8.1. Set the VM to have two cores and one CPU. This will save on licensing if you have a VMUG advantage subscription. In addition you need to tick the Hardware Virtualization check box to pass through the additional virtualization features of the CPU. If you don’t you’ll get an error during install.
8.2. 6 GB Ram as the minimum supported with VSAN enabled nodes.
8.3. Your first HDD reduce to 10GB
8.4. Add three additional Nic’s. Set them in this order. NIC 1 and NIC2 on the VM Network, NIC 3 and NIC4 on the LAN Network. Ensure that you set you NIC type to VMXNET3.
8.5. Add two disks. One SSD and One HDD. The SSD can be small,10GB, if required. and the HDD should be at least 50GB. If you don’t have an SSD, have a look at the end of this post and I’ll include a link to instructions which will show you how to “fool” ESXi into thinking you have a SSD when you don’t.
8.6. Add the ESXi ISO to the new CD/DVD Drive, check the Connect Check box.
8.6. Click Next,

9. Review your changes and click Next.

A brief pause here to look at what we’ve built. One ESXi VM with the components necessary for to to be a part of a VSAN cluster. 

10. Power on the VM. Right Click the VM and select Power On.

11. Open a console to the VM. (Click Launch Remote Console).

12. Boot Strapping and kernel goodness loading

11. More goodness

12. Press Enter

13. Press F11

14. Select the small 10GB disk (not the SSD).

15. Choose your keyboard type and press Enter.

16. Enter in your root password and confirm.

17. Scanning

18.1 This error will appear if you have not set the Hardware Virtualization Flag in the CPU settings of the VM and you’ll need to go back and set it.

 18.2 Example of the Settings.

19. Press F11.

20. Installing.

21. Press Enter 

22. VM rebooting.

There we go one working ESXi VM. Now we are going to need another two of these to make up the three minimum required for VSAN.
To mark a disk as SSD; This is one way to do it and this is another I’ve tried both methods and they work. I personally prefer William Lam’s method.

Nested Home Lab – Part 8 – Primary Host networking

So in the previous post we added our primary host to the vcsa we built in part 4. Before we build our first virtualized ESXi host we need to add a single standard virtual switch. The foundation for this is discussed in part 2, please take a moment to read it as we’ll be using some of those details.

We want the primary network layer to look like the diagram below. two standard switches. vSwitch0 will already have been created by default and you’ll have a few VM in the VM Network already. The second, vSwitch1, will have only one port group, which I have called LAN. This port is going to be trunked to all VLANs. In addition we’ll also set the configuration for VM Network so that nested ESXi servers pass traffic from their nested VM’s correctly.

Configuring the networking for the VM Network port group.

1.     Log in using an account that has permission to configure the environment.

 2.     Select Home and the Hosts and Clusters

3.     Select the Hosts and Clusters icon and then select your primary host.

4. In the right hand pane:
4.1 Click Manage.
4.2 Click Networking.
4.3 Click Virtual Switches.
4.4 Click the “VM Network” port group and click the edit icon.

5. In the Edit Settings windows:
5.1 Select Security
5.2 Tick the boxes to override Promiscuous Mode and Forged Transmits.
5.3 Set Promiscuous Mode and Forged Transmits to Accept.
5.4 Click OK.

That’s the VM network setup. Now we want to setup a new vSwitch with a single port with the same security settings as above.

1. Carrying on from above. Select the icon to create a new standard vSwitch.

2. Select Virtual Machine Port Group for a Standard Switch. Click Next

3. Select New standard switch. Select Next

4. Select Next.

5. Click Next. This warning is just to let you know that the switch doesn’t have any physical NIC’s associated with it, which is fine for our lab.

5. Name the virual port group (I chose LAN) and set the VLAN ID to 4095. VLAN 4095 is the promiscuous vlan. Click Next

6. Select Next.

7. A new standard virtual switch has been created. You still need to configure the security settings of the switch following the process above.

We now have everything we need to install the virtual ESXi servers (post 8) and VSAN (post 9).

Nested Home Lab – Part 7 – Creating a Datacenter and Adding a host.

In today’s post we’ll look at adding your primary ESXi host (this is the host that holds your nested environment) to the vCenter server and configuring it up. 
Just before we add the primary host we’ll be needing a Datacenter.
1.     Log in using an account that has permission to configure the environment.
2.     Select Home and the Hosts and Clusters
3.     Right click on the VCSA we created and select New Datacenter.

4.     Give it a logical name and click OK.

Now to add the primary host.
1.     Right click the newly created Datacenter and select Add Host.
2.     Add in the hostname or IP address of the Primary host and select Next.
3.     Enter in the Username (most likely root) and the password you use to administer this host. Click Next.
4.     Check the host summary and click Next. Note that I already have some VM’s created and they have shown up in the Virtual Machines pane.
5.     Select a license key, if you have one installed. Click Next.
6.     Leave lock down mode disable for now. In later posts we’ll be ssh’ing into the hosts to do a few things and have a poke around. It’s usually my preference to leave lockdown mode disabled unless I have a specific reason not to do so.
7.     Select your Datacenter and click Next.
8.     Review the host detail and select Finish.
OK so now we’ve added the first host we’ll want to setup networking (next post) for our nested hosts. Just before we get into that, have a look the Mac learning fling here and William Lam’s blog post about it here. I would recommend getting that installed.

Nested Home Lab – Part 6 – Adding your first user

Now we have a working PSC and a working VCSA, and the whole set-up enabled for domain authentication. Next we should add a user (you) and if your using ESXi as your hypervizor then next post we’ll add your ESXi host to the VCSA, adding the host won’t be necessary if you’re using workstation.

But first it is important to know, you don’t technically need a directory service but most places will have one and usually it’ll be Microsoft’s Active Directory that’s why I’m including it in these posts.

So before you begin the below make sure you have an Active Directory account created for yourself.

1. If you aren’t already logged in, browse to the vSphere client, accepting any security errors (https://vcsa.domain:9443/vsphere-client), and login using administrator@your.vmwaredomain. In my case I left the SSO domain name as the default. administrator@vsphere.local

2. Select Home and then Hosts and Clusters

3. Select your VCSA server
3.1 Manage
3.2 Permissions
3.3 Then click the “+” icon.

4. Select Add

5. Select your Domain
5.1 Type in the name of the user account or group you want to search for.
5.2 Select the name
5.3 Select Add
5.4 Select OK

6. Once your user is added assign a role and select OK.

You should now see your user or group added to your VCSA. Depending on your permissions you should now be able to login do various bits and pieces.

Permissions can be added to items below the VCSA but it is important to note that permission propagate down the tree. So adding a user to the cluster will give that user rights to the cluster and all objects controlled by the cluster (unless explicitly denied), however this will not give you rights to the VCSA.