virtuallyGhetto

esxi

Project Nanosphere

by 5 Comments

The #NotSupported event at the VMworld Community Lounge ended with a very special presentation by our very own Randy Keener about a project that a few VMware engineers have been working on called Nanosphere. For those of you who could not make the session or attend VMworld this year, here is some additional information about what Project Nanosphere is all about.

What is Nanosphere?

First off, Nanosphere is not a product, it is a proof-of-concept. The idea is to make ESXi easier to deploy and manage for non-technical users in small environments (SOHO, remote/branch office, family) to get the same benefits of virtualization that enterprises have. Nanosphere provides an ultra-lightweight management layer on top of an ESXi host that will offer a basic set of features including self-configuration, VM provisioning, VM lifecycle management, and console access.Today, connecting to a VM console typically requires both server-side dependencies (a VDI broker, a Windows stack, or specialized guest customization) and client side dependencies (installing a special ActiveX browser plugin that works only on Windows, and only in IE or Firefox browsers). By deploying WSX on ESXi, it makes it possible to connect to any VM (any guest OS) with any modern browser (e.g. including iPad) without any special software.

What can Nanosphere do?

  • Network auto-configuration
    • Automatic network configuration without ever typing an IP address
  • Web Management Interface
    • Provision, Delete, Power On/Off Virtual Machines with pure HTML5 interface
  • Console access without special apps or plugins
  • Dead-simple installation
    • Just install a tiny VIB onto any ESXi host and you’re good to go. The VIB can also be integrated into a vanilla ESXi ISO image
During Randy’s session, a demo of the network autoconfiguration of Nanosphere and its web interface was given and here is how it works.Assuming you have a simple cable-model-like setup:

  1. The physical host has ESXi and Nanosphere installed.
  2. You "unbox" it (take it home from Staples) and plug it in on your home LAN, headless.
  3. It gets DHCP but you have no idea what the address is because it's headless.
  4. Nanosphere "phones home" to a broker running at nanosphere.cloudfoundry.com (custom application written on Cloudfoundry) to report its local LAN address (e.g. '192.168.0.4') and its UUID. The broker also records the WAN address.
  5. You use a plain browser on any device on the same LAN - we used an iPad - to connect to the same broker. It matches the WAN addresses and redirects the browser to the Nanosphere’s LAN address.
Here are a few screenshots of the Nanosphere web interface:

What's next for Nanosphere?

As mentioned earlier, nanosphere is still a proof-of-concept but the VMware engineers have some interesting ideas on where it could go and would love to get your feedback if the following use cases interests you.

  • Early adopters and hobbyists playing with ESXi for fun
  • VARs delivering Nanosphere-based servers in selected vertical markets
  • Nanosphere-based appliances delivering NAS and media streaming
  • Nanosphere-based servers for developing markets and nonprofit organizations
  • Hybrid public/Nanosphere clouds with bidirectional app portability
  • OEMs delivering Nanosphere-based servers through a retail channel
  • Value-added services like cloud backup and remote admin (including VMware GO)
Other work includes tracking ongoing WSX improvements. If any of these use cases interests you, please leave a comment below or if you have other ideas/feedback for Nanosphere, feel free to leave a comment as well.I think the Nanosphere project is a really cool initiative and hopefully we will get to see more in the future. I wanted to also give a big thanks to folks who worked on the Nanosphere project and made it possible to show off at the #NotSupported event: Steve Strassmann (VMware Staff Engineer), Shivam Tiwari (VMware Intern) and of course Randy Keener (VMware TechOps) for presenting on Project Nanosphere!

Detecting ESXi Remote Syslog Connection Error Using a vCenter Alarm

by 5 Comments

I was just cleaning up one of my development labs and found that one of my VCSA (vCenter Server Appliance) which I had configured with vSphere Syslog Collector was no longer capturing logs for several of my ESXi hosts. After looking at some of the ESXi logs, I realized that I had rebooted the VCSA at one point and that caused an interruption in syslog forwarding and then knew immediately that I just needed to reload the syslog configuration via ESXCLI as noted in this VMware KB to restore log forwarding.

After restoring my syslog configurations, I had remembered a neat little trick I learned from one of the VMware TAMs about creating a vCenter Alarm to alert you when an ESXi host is no longer able to reach a remote syslog server. I thought this might be very handy alarm to have in your vCenter Server in case you hit a similar issue or having some connectivity issues with your syslog servers. By default, there is not an event on syslog connectivity but you can create a vCenter Alarm based on an eventId which shows up as "esx.problem.vmsyslogd.remote.failure" in both /var/log/hostd.log as well as /var/log/vobd.log.

Now that we know the eventId, we just need to create a vCenter Alarm which will notify us when it has a connectivity issue with it's configured syslog server.

Step 1 - Create a new alarm, in this example I am calling it "Syslog Connection Error" and you will need to specify the Alarm Type as "Host" and monitor for a specific event.

Step 2 - Next, click on Triggers and we will go ahead and paste in our eventId which is "esx.problem.vmsyslogd.remote.failure"

Step 3 - Lastly, you can configure an Action, if you wish to send an SNMP trap, run a command or send an email notification. In this example, we are just going to generate a regular vCenter Alarm event, so go ahead and just click OK to save the alarm.

To test the alarm, I just disabled the syslog-collector on the VCSA using "service syslog-collector stop" and you should see an alarm generate for any ESXi hosts forwarding it's logs to that particular syslog server.

So now when your ESXi hosts can not reach it's syslog server, you will automatically be notified and can look into the problem immediately. Now having an alarm is great ... but you might be wondering what about the need to reload the syslog configuration on all your ESXi hosts to restore syslog forwarding? This can definitely be a challenge/annoying, especially if the syslog server's connectivity is returned after some amount of time and you have hundreds of hosts.

Well luckily, you no longer have to worry about this, with the latest ESXi 5.0 patch03 that was just released, this problem has been addressed and ESXi syslog daemon will automatically start forwarding logs once connectivity has been restored to the syslog server. It is still definitely recommended that you have more than one syslog server in your environment and that they are properly being monitored. Also, do not forget with ESXi 5.0 you can now configure more than one remote syslog server, for more details take a look at this article here.

Note: After applying the patch, you will no longer be able to generate an alarm based on the eventId for syslog when using UDP. You will see something like "Hostd [290D5B90 verbose 'SoapAdapter'] Responded to service state request" in the hostd.log. The alarm will only be valid if you're using TCP or SSL protocol for syslog which have not been patched with latest p03.

If you are looking for a quick way to reload your syslog configurations, you can easily write a simple for loop to reload your ESXi hosts using the remote ESXCLI:

Here is another example using PowerCLI in-conjunction with ESXCLI:

How to Copy VMs Directly Between ESXi Hosts Without Shared Storage

by 90 Comments

There were some discussions earlier this week about copying Virtual Machines from one ESXi host to another ESXi host that reminded me of a very cool feature in the ovftool that could help with this task(which I thought I had written about already). As you probably have guessed by now, I am a big fan of the ovftool and have written several articles here, here and here. It still surprises me with the amount of features this little utility contains and this particular one is definitely a cool one!

If you have ever needed to copy a Virtual Machine from one host to another, it can be a challenge sometimes, especially if you do not have shared storage. You can of course leverage tools like VMware Converter or exporting the VM to a "middle man" system and then re-importing that VM into the destination host but it could take awhile or you have to run a Windows system. Well, if you are looking for a quick and easy way to copy a VM from one host to another, try using the ovftool.

In this example, I have two ESXi hosts called vESXi-03 and vESXi-04 and they both contain a single local datastore (no shared storage). I have a VM called vMA5 that is located on vESXi-03 and I would like to copy that directly to vESXi-04 without needing any additional storage.

Here is an example of using ovftool to probe the ESXi host to see the list of available VMs:

Note: A VM must be powered off for ovftool to transfered or exported.

Now that we have identified our VM, we just need to specify the source ESXi host and the destination ESXi host as well as the datastore using the -ds option. Here is an example of using ovftool to export the VM from one ESXi host to another ESXi host:

There are also other options that you can specify such as the network configuration and power options, please refer to the ovftool documentation for more details.

If you open up a vSphere Client connection to each of your ESXi hosts, you will see that the source host will have an export task and the destination host will have an import task as shown in the screenshot below:

Pretty nifty huh? 🙂

If anyone is interested in how this works, the system that is running ovftool acts as a proxy between your source and destination. The system running ovftool IS in the data path during the transfer but its only for the data to stream from source->client->destination. Nothing is stored on the client system and you do not need to have the storage capacity of what you are transferring. This is very nifty little feature that many people are not aware of with ovftool.