Does VSAN work with Free ESXi?

I recently had to re-provision one of my VSAN lab environments using my recently shared ESXi 5.5 VSAN Kickstart. I usually specify a license key within the Kickstart so I do not have to license the ESXi host later. This actually got me wondering on whether VSAN would in fact work with Free ESXi aka vSphere Hypevisor? Being a curious person, I of course had to test this in the lab :)

Needless to say, if you want to properly evaluate VSAN, you should go through the supported method of using vCenter Server as it provides a simple and intuitive management interface for VSAN. More importantly, having the ability to create individual VM Storage Policies that can be applied on a per VMDK basis based on SLA’s for your given application or Virtual Machine.

Disclaimer: This is not officially supported by VMware, please use at your own risk

Since we do not have a vCenter Server, we will need to be able to fully configure VSAN without it. Luckily, we know of a way to bootstraping” VSAN onto an ESXi host without vCenter Server and I will be leveraging that blog post to test this scenario with Free ESXi.

Prerequisite:

  • 3 ESXi 5.5 hosts already installed and licensed with vSphere Hypervisor (Free ESXi) License
  • SSH Enabled

Step 1 - SSH to the first ESXi host and run the following ESXCLI command to create a VSAN Cluster:

esxcli vsan cluster join -u $(python -c ‘import uuid; print str(uuid.uuid4());’)

configure-vsan-for-free-esxi-0
Step 2 - Run the following ESXCLI command to make a note of the VSAN Cluster UUID (highlighted in green in the screenshot above) which will be needed later:

esxcli vsan cluster get

Step 3 - Enable VSAN Traffic for VMkernel interface you plan on using for VSAN traffic by running the following ESXCLI command:

esxcli vsan network ipv4 add -i vmk0

Step 4 - Run the following command to view a list of disks that are eligible for use with VSAN. You will need a minimum of 1xSSD and 1xMD

vdq -q

configure-vsan-for-free-esxi-1
Step 5 - Using the information from vdq, we will now create our VSAN Disk Group which will contain the SSD/MD’s to be used for VSAN. Use the following ESXCLI command and substituting in the SSD/MD Names (please refer to the screenshot above for an example):

esxcli vsan storage add -s [SSD] -d [MD]

Step 6 - To ensure you have properly configured a VSAN Disk Group, you can run the following ESXCLI command to confirm:

esxcli vsan storage list

configure-vsan-for-free-esxi-2
At this point, we now have a single ESXi host configured with VSAN Datastore, we can also confirm this by running the following ESXCLI command:

esxcli storage filesystem list

configure-vsan-for-free-esxi-3
Step 7 - Repeat Steps 3-6 on the remainder two ESXi hosts

Step 8 - Finally, we now need to join the remainder ESXi hosts to the VSAN Cluster. We will need the VSAN Cluster UUID that we recorded earlier and specify that in the following ESXCLI command on each of the remainder ESXi hosts:

esxcli vsan cluster join -u [VSAN-CLUSTER-UUID]

If we now login to all of our ESXi hosts using the vSphere C# Client, we will see a common VSAN Datastore that is shared among the three ESXi hosts. To prove that that VSAN is in fact working, we can create a Virtual Machine and ensure we can power it on as seen in the screenshot below. By default, VSAN has a “Default” policy which defines FTT (Number of host failures to tolerate) set to 1 and assuming you have at least 3 ESXi hosts, all Virtual Machines will be protected by default.

configure-vsan-for-free-esxi-4
Even though you can run VSAN using Free ESXi and leveraging the default VM Storage Policy that is built into VSAN for protecting Virtual Machines, you are only exercising a tiny portion of the potential that VSAN can bring when consuming it through vCenter Server. As mentioned earlier, you will not have the ability to create specific VM Storage Policies and assign them based on the specific SLAs and be able to easily monitor their compliance and remediation. The management of VSAN Cluster for adding additional capacity or serviceability is also quite limited without vCenter Server, though it can be definitely be done it is much easier with just a couple of clicks in the vSphere Web Client or a simple API call.

ESXi 5.5 Kickstart script for setting up VSAN

In my lab, when I need to provision a new or rebuild an existing ESXi host, I still prefer to use the true and tried method of an unattended/scripted installation also known as Kickstart. Below is a handy ESXi 5.5 Kickstart that I have been using to setup a basic VSAN environment. I figure this might come in handy for anyone looking to automate their ESXi 5.5 deployment and include some of the VSAN configurations like creating a VSAN Disk Group or enabling VSAN Traffic type on a particular VMkernel interface. For more details about this Kickstart, refer to the bottom of the file where I break down the file in more detail.

If you would like to see more details on creating ESXi Kickstart, make sure to check out my ESXi 4.x & 5.x examples here.

Line 6-9 This is generic Kickstart configurations specifying EULA, how to install, password, etc. You can refer to VMware’s scripted install documentation.

Line 11-25 This extracts the DHCP IP Address (static allocation) and re-creates the network configuration in Line 25 for statically assigning the IP Address to the ESXi host

Line 27 This starts the firstboot script and assumes “Busybox” as the interpreter which means basic shell commands

Line 30 I create a custom key which will be logged in syslog for our installation

Line 32-41 Basic ESXi configurations leveraging vim-cmd and ESXCLI

Line 43-45 Configure the VSAN default storage policy, please refer to this article for more details.

Line 47-38 Configure the VSAN Traffic type on vmk0

Line 35 This starts a second firstboot script, but now using “Python”

Line 50-51 Assign a license to ESXi host

Line 53 Importing the appropriate libraries that will be used in the Python script

Line 58 Using the same custom key that I created earlier for logging to syslog

Line 61-81 A method for creating VSAN Disk Group by inspecting vdq CLI and marking disks as local

Line 83-90 A method for creating VSAN Cluster, please refer to this article for more details.

Line 92-93 Invoking the two Python methods. You can either create a custom Kickstart for your “first” ESXi node if you decide to bootstrap your VSAN Cluster onto a single ESXi host. You can also use custom boot options to specify whether the ESXi host being provisioned is the first or additional nodes. This topic is a bit advanced, but if you are interested, take a look at this article here.

Quick Update - ESXi support for Apple Mac Pro 6,1

I know many of you have been asking about ESXi support for the latest Mac Pro 6,1 that was released from Apple late last year and I just wanted to give a quick update. VMware Engineering has been hard at work on getting this new platform certified and supported with ESXi, however, there were some unforeseen challenges that is currently preventing the current version of ESXi to run on the new Mac Pro.

VMware is working closely with Apple’s hardware team to resolve these issues and we expect to have a Mac Pro 6,1 supported with ESXi 5.5 in the future. In the meantime, if you wish to evaluate ESXi on the new Mac Pro (though not officially supported), you can sign up for the new vSphere Beta and run a Beta version of ESXi on the new Mac Pro.

Here is a screenshot of Mac Pro 6,1 running the Beta version of ESXi:

esxi-mac-pro-6.1-0
There are a couple of workarounds that is required for right now, which will all be resolved by GA. For more details, please refer to this VMTN thread.

How to generate specific support log bundles for vCenter & ESXi using vSphere API?

When an issue arises in your vSphere environment and you engage with VMware GSS, one of the first task you will mostly like be asked to perform is to generate a support log bundle and submit it. You can generate a support bundle using the vSphere Web/C# Client as seen in the screenshot below.

generating-support-bundle-vsphere-api-0
Last week I recieved a question from one of our development teams about generating support log bundles for both vCenter Server and ESXi hosts, but using the vSphere API instead of the UI. This functionality is available as part of the DiagnosticManager and the method you will want to call is GenerateLogBundles_Task() which allows you to specify which systems to collect support logs from. This by far is the easiest way if you just want to collect all logs and I will go into more detail in a bit on what I mean by this.

When invoking the GenerateLogBundles_Task(), support logs will be generated on each of the respective sub-systems which includes vCenter Server and the ESXi hosts. Once the log bundles have been created, the API will return a list of download URLs to the support log bundles. To demonstrate this functionality, I have created a sample vSphere SDK for Perl script called generateLogBundle.pl

The script assumes you want to collect ALL logs for both vCenter Server and ESXi hosts being managed by the given vCenter Server.

generating-support-bundle-vsphere-api-1
While working on the sample code, one thing I had noticed in the vSphere Web/C# Client is that you have the ability to select the specific logs to export.

generating-support-bundle-vsphere-api-2
I was looking through the vSphere API but I did not find a way to specify this level of granularity in the logs. I was of course curious and wondered if this was using some sort of private vSphere API (which I hoped was not the case). I decided to pull out one of my favorite tools when I get stuck with a question around the vSphere API which is Onyx. After manually generating the support log bundle and selecting a subset of the logs to export, I found out this process actually makes a call to a CGI script on the ESXi host called vm-support.cgi.

The list of available logs to export is generated by making a GET request to the following URL: https://[ESXI-HOSTNAME]/cgi-bin/vm-support.cgi?listmanifests=1

generating-support-bundle-vsphere-api-3
The output is an XML file that contains the manifest of the available logs to export in the log support bundle. To specify the specific logs to collect, you must provide the “id” property as seen in the screenshot above. In this example, I would like to collect the following: System:Base, VirtualMachines:GuestState, Storage:VSAN and VirtualMachines:diskinfo

To generate a support bundle from the ESXi host that contains the above, you will need to issue a GET request using the following URL: https://[ESXI-HOSTNAME]/cgi-bin/vm-support.cgi?manifests=System:Base VirtualMachines:GuestState Storage:VSAN VirtualMachines:diskinfo

This will instruct the ESXi host to generate the log bundle that contains the following manifest log files. To include others, you just need to append to the URL. You can easily test this out by pasting this URL into a web browser and providing your ESXi credentials and the logs will be available for download. Going back to my original observation, this is actually how vCenter Server provides the ability to export specific logs from each of the ESXi hosts when generating a support bundle.

If you would like to use the vSphere API to provide this same capability, you just need to leverage the AcquireGenericServiceTicket() API method which is available as part of the SessionManager and specify the URL for the support bundle. This will allow you to request a support log bundle from within vCenter Server without having to go directly to each of the ESXi hosts manually. You can see a very similar implementation of this API by taking a look at my How to efficiently transfer files to a datastore in vCenter using the vSphere API and specifically the efficent-upload-files-to-datastore.pl sample code.

Quick Tip - How to BSOD/Panic a Virtual Machine in ESXi?

While catching up on my Twitter feed this morning, I saw an interesting question from Dominic Rivera. I remember a few years back I was troubleshooting an issue and required to panic a Virtual Machine, I did not recall the steps that GSS had walked me through but I figure if anyone would know, it would be my buddy Paudie who used to work in GSS. Sure enough, he had the answer which was using a nifty little tool on the ESXi Shell called vmdumper.

~ # vmdumper --help
vmdumper: [options] <world id> <unsync|sync|vmx|vmx_force|samples_on|samples_off|nmi|screenshot|backtrace>
-f: ignore vsi version check
-h: print friendly help message
-l: print information about running VMs
-g: log specified text to the vmkernel log

UPDATE: It turns out there is an even simpler thanks to Frank Buechsel who is also from GSS. Frank mentioned you can send an NMI request simply using either the vSphere Web/C# Client. In the vSphere Web Client, you just need to right click on the VM and go to All vCenter Actions->Export Systems Logs. To be able to perform this action, you will need the Global->Diagnostic privilege for the the given user.

Screen Shot 2014-07-15 at 7.09.44 AM
Next, expand the menu and select Send_NMI_To_Guest option.

Screen Shot 2014-07-15 at 7.10.14 AM
If you wish to perform this operation using the vSphere C# Client, you just need to select the VM and then at the top menu and click File->Export System Logs and you will have the option of sending the NMI request this way.

Screen Shot 2014-07-15 at 7.57.39 AM
Using the vmdumper utility, you can create a BSOD (Blue Screen of Death) for a Windows or Kernel Panic for Linux Virtual Machines by sending an NMI (Non-Maskable Interrupt) request.

To send an NMI or any other request, you need to first identify the VM’s World ID, this can be done using either ESXCLI or vmdumper utility itself.
Using ESXCLI:

esxcli vm process list | grep -A1 ‘^[VMNAME]‘

 bso-panic-vm-1
Using vmdumper:

vmdumper -l | grep [VMNAME]

bso-panic-vm-0
In the example above, I have a VM called vcenter55-2 running Windows 2008 R2 and the World ID is 23100118. To send the NMI request, you will now run the following command:

vmdumper [WORLD-ID] nmi

bso-panic-vm-2
If we now take a look at the VM Console, we will see that it successfully BSOD the Windows VM:

bso-panic-vm-3
Here is a screenshot for sending an NMI request to a Linux VM. It seems the Linux system handles the NMI in a much more graceful manner and the system was still responsive :)

bso-panic-vm-4
After learning about the vmdumper utility, I also performed a quick search online and found VMware KB 2005715 that provides some additional information. It looks like the KB only references ESXCLI as a way to locate the World ID, I will see if we can get the KB updated to also include vmdumper method of identifying the VM’s World ID.