The VMware Labs flings monthly for October 2020

First of all I hope that everyone is staying safe en sound and keeping their social distance. Over here we’ve been back to a light lockdown again but at least most of the shops are still open. I just opened the flings site and the VMware engineers have been dam busy! This are the tabs I had after opening all of them.

If I count it right I have six new flings and another eight received updates, I can’t remember the last time we had so much activity on the flings front. The new flings include one of the most anticipated VMware products for the last years: ESXi on Arm!

New Releases

Sample Data Platform on VMware Cloud Foundation with VMware Tanzu for Kubernetes Provisioning

vSphere Pod Autoscaler

Workspace ONE Discovery

ESXi Arm Edition

Horizon Peripherals Intelligence

Storage Performance Tester

Updating Flings

vRealize Build Tools

VMCA Certificate Generator

USB Network Native Driver for ESXi

Demo Appliance for Tanzu Kubernetes Grid

Workspace ONE App Analyzer for macOS

App Volumes Migration Utility

True SSO Diagnostic Utility

HCIBench

New Releases

Sample Data Platform on VMware Cloud Foundation with VMware Tanzu for Kubernetes Provisioning

With this Fling, you will leverage your VMware Cloud Foundation 4.0 deployment and stand a sample data platform on a Tanzu Kubernetes Grid guest cluster in less than 20-minutes comprising of Kafka, Spark, Solr, and ELK.

Additionally, this Fling comes with a market data sample application (using real market data from dxFeed) that shows how all these data platform components work together.

vSphere Pod Autoscaler

This Fling is useful for vSphere PodVM users who want to perform auto-scaling on vSphere PodVMs based on memory utilization.

This python script is intended to implement the Horizontal Pod Autoscaler algorithm for podVM for the vSphere 7.0 with Kubernetes. The implementation follows the algorithm from the official Kubernetes documents: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/

This script will automatically scale the number of PodVMs in the environment. The script will perform the following actions:

  1. The script will retrieve the memory utilization of PodVMs in the environment
  2. The script will then allow users to provide the memory threshold for PodVMs
  3. The script will then calculate the desired number of replicas based on the memory threshold and utilization
  4. The script will automatically scale the PodVMs to the desired number of replicas calculated in step #3

Workspace ONE Discovery

VMware Workspace ONE UEM is used to manage Windows 10 endpoints, whether it be Certificate Management, Application Deployment or Profile Management. The Discovery Fling enables you to view these from the device point of view and review the Workspace ONE related services, which applications have been successfully deployed, use the granular view to see exactly what has been configured with Profiles, view User & Machine certificates and see which Microsoft Windows Updates have been applied.

Discovery provides you a view of the Managed device and can be used to help with troubleshooting.

ESXi Arm Edition

Hello ESXi-Arm Fling participants!

Over the past several years, you’ve seen us demonstrate our virtualization technology on the Arm platform across several use cases, everything from running mission critical workloads on a windmill, to running on the SmartNIC, to running on AWS Graviton in the cloud. We realized that the resilient platform created for the datacenter can be equally valuable in non-traditional environments. We’ve learned a lot from exploratory discussions with customers and Arm Silicon Partners.

Now we’d like to give our customers a chance to evaluate this technology in their own environments. This evaluation program is for the enterprise architects who are considering the viability of virtualizing Arm workloads, for the test/dev team looking for a way to spin up Arm environments, and for the tinkerers who simply want to explore running ESXi-Arm in a small form factor Edge environment. We’re interested to understand what features you will find most valuable, and how you will want to deploy this technology.

As there has been an update for this fling already here’s the changelog:

Changelog

October 22, 2020 – v1.1

Note: Upgrade is NOT possible, only fresh installation is supported. If you select “Preserve VMFS” option, you can re-register your existing Virtual Machines.

  • Fix for https://flings.vmware.com/esxi-arm-edition/bugs/1098 (PSOD adding to VDS)
  • Support for Arm N1 SDP platform
  • Support for VMs on Neoverse N1 CPU
  • Pass-thru stability improvements to LS1046A and LX2160A platforms
  • Fix for vCenter/DRS incorrect CPU usage
  • Fix for VM crash when VM storage fills up
  • Stability fix for non-coherent DMA device support
  • Installer: tolerate RAM size within 4% of 4GB instead of 3.125 (for the otherwise unsupported RK3399 boards)
  • Serial port handling improvements (for unsupported/unknown boards, to be a bit more resilient of firmware configuration errors)
    • Documentation Updates:
      Moved and expanded iSCSI doc for Pi doc to main ESXi-Arm Fling doc
    • Added LS1046ARDB docs (including ref to it from main ESXi-Arm doc and Fling website)
    • Fixed Ampere server name and links (its HR330A/HR350A, not SR-something)
    • Added Arm N1SDP document (including ref to it from main ESXi-Arm doc)
    • Updated GuestOSes known to work with ESXi-Arm including new “Verified” section
    • Updated instruction to update EEPROM for Pi doc

Build 17068872
VMware-VMvisor-Installer-7.0.0-17068872.aarch64.iso

October 06, 2020 – v1.0 (Initial Release)

Build 16966451

VMware-VMvisor-Installer-7.0.0-16966451.aarch64.iso

Horizon Peripherals Intelligence

Horizon Peripherals Intelligence is an online self-serviced diagnosis service that can help increase the satisfaction when using peripheral devices with Horizon product by both the end users and the admin user. Currently, we support diagnosis for the following device categories – USB storage devices, USB printers, USB scanners, Cameras. We will continue to cover more device categories in the future.

Storage Performance Tester

Storage Performance Tester is a one-click storage performance test tool, which is able to collect IOPS, latency and CPU cycles per I/O for ESXi storage stack. This tool automates all the testing steps including the customized VMs deployment, I/O workload running, and storage performance analysis. It displays the performance metrics through multiple visualized graphical charts. The only thing that users need to do is enter one command and wait for the performance report of your server.

This tool is designed to be a developer-friendly tool help troubleshoot and identify storage performance issues. It could be used to validate the maximum performance of new storage hardwares/drivers and setups of vSphere/vSAN. For more details please check the guild located in the instructions

Updated Flings

VMCA Certificate Generator

The VMCA Certificate Generator is useful to create your own certificates using the VMCA in vCenter if you don’t have access to a purpose build system in your network.

Changelog

Version 1.0 Update

  • Added the open source license file.

vRealize Build Tools

vRealize Build Tools provides tools to development and release teams implementing solutions based on vRealize Automation (vRA) and vRealize Orchestrator (vRO). The solution targets Virtual Infrastructure Administrators and Solution Developers working in parallel on multiple vRealize-based projects who want to use standard DevOps practices.

Changelog

Version 2.8.8 Update

  • [MVN] Support SHA1 checksum generation for JS,TS,XML,vRA,vRANG project types.
  • [MVN] Include the pom.xml description content as description of the built vRO package artifact
  • [TS-AutoGen] Define a property for storing the version of the API for which this project is generated.
  • [TS-AutoGen] Store the API version as part of the vRO package description.
  • [vRA-NG] Adds support for import/export of custom resources and resource actions.
  • [TS] Typescript projects for vRO, now support syntax for specifying a description for a configuration element attribute.
  • [vRA-NG] Adds support for using project name when managing vRA-NG content.
  • [vROps] Adds support for vROps 8.1
  • [vROps] Change default authentication provider to Token-based Authentication
  • [TS] Extend vropkg tool to support Polyglot bundle
  • [TS] Support for skipping unmapped dependencies, e.g. –skipUnmappedDeps
  • [TS] Bumped up Typescript version to 3.8.3
  • [TS] Added support for tsconfig file override using the project option of the tsc executable.
  • [MVN] Updated vRBT infrastructure project with latest dependencies and improved installation robustness
  • [vROps] Fixes a problem with resource kind during alert definition import
  • [TS] Use fixed node package versions
  • [vROps] Support for policy assignment to custom groups
  • [vRA] Fixes a problem with vra-ng authentication always setting System Domain and users not being able to authenticate with different domain
  • [vROps] Removed sshHost from Installer. Use host instead.
  • [TS] Make dependency:go-offline execution conditional
  • [TS] All version of Node are supported from 10.x and above
  • [TS] npm repository is no longer needed [TS] Support for RequireJS imports/exports
  • [TS] Support for yaml configurations
  • [TS] Improved workflows and policy templates transpilation
  • [TS] Improved diagnostic messages
  • [TS] Improved handling of cycle references
  • [TS] Extended workflow support
  • [TS] Support for ES2017.String

USB Network Native Driver for ESXi

USB has become one the most widely adopted connection type in the world & USB network adapters are also popular among Edge computing platforms. In some platforms, there is either limited or no PCI/PCIe slots for I/O expansion & in some cases, an Ethernet port is not even available. Another advantage of a USB-based network adapter is that it can be hot-plugged into an system without a reboot which means no impact to the workload, same is true for hot-remove.

This Fling supports the most popular USB network adapter chipsets found in the market. The ASIX USB 2.0 gigabit network ASIX88178a, ASIX USB 3.0 gigabit network ASIX88179, Realtek USB 3.0 gigabit network RTL8152/RTL8153 and Aquantia AQC111U. These are relatively inexpensive devices that many of our existing vSphere customers are already using and are familiar with.

Changelog

October 26, 2020 – v1.7

  • Added support for ESXi 7.0 Update 1
  • USB NIC Bindings are now automatically persistent
  • 5GbE USB NICs now properly show Full vs Half Duplex

Note: This is ONLY for ESXi 7.0 Update 1, for ESXi 7.0/6.7/6.5, please ensure you are using the correct version of driver.

ESXi701-VMKUSB-NIC-FLING-40599856-component-17078334.zip

Demo Appliance for Tanzu Kubernetes Grid

The Demo Appliance for Tanzu Kubernetes grid includes all the things needed tolearn about and run a Tanzu Kubernetes Grid.

Changelog

Oct 28, 2020 – v1.2.0

  • Support for latest TKG 1.2.0 release
  • Support for TKG Workload Cluster upgrade workflow from K8s 1.18.8 to 1.19.1
  • Updated to latest version of Harbor (1.10.5), Docker Compose (1.27.4), Kubectl (1.18.10), Octant (0.16.1), TMC (6867ad54), TKG Crashd (0.3.1) CLI in appliance

TKG-Demo-Appliance-1.2.0.ova
MD5: 0f0c60358a867b432698144820f8e8b0

Workspace ONE App Analyzer for macOS

The Workspace ONE macOS App Analyzer will determine any Privacy Permissions, Kernel Extensions, or System Extensions needed by an installed macOS application, and can be used to automatically create profiles in Workspace ONE UEM to whitelist those same settings when deploying apps to managed devices.

Changelog

Version 1.1 Update

  • 10/27/2020 – Fixed bug that prevented Privacy Preferences from loading when default shell was set to zsh.

App Volumes Migration Utility

App Volumes Migration Utility allows admins to migrate AppStacks managed by VMware App Volumes 2.18, to the new application package format of App Volumes 4. The format of these packages in App Volumes 4 have evolved to improve performance and help simplify application management.

Changelog

1.0.6 Version Update

  • Create meta_json.zip in migrated appstacks.

HCIBench

HCIBench is THE tool to test the performance of your VSAN cluster. Always use your own metrics based on the actual requirements for your environment.

HCIBench stands for “Hyper-converged Infrastructure Benchmark”. It’s essentially an automation wrapper around the popular and proven open source benchmark tools: Vdbench and Fio that make it easier to automate testing across a HCI cluster. HCIBench aims to simplify and accelerate customer POC performance testing in a consistent and controlled way. The tool fully automates the end-to-end process of deploying test VMs, coordinating workload runs, aggregating test results, performance analysis and collecting necessary data for troubleshooting purposes.

HCIBench is not only a benchmark tool designed for vSAN, but also could be used to evaluate the performance of all kinds of Hyper-Converged Infrastructure Storage in vSphere environment.

Changelog

Version 2.5.1 Update

  • Fixed non vSAN cluster testing issue
  • Fixed pre-validation storage policy issue
  • Added in-place upgrading capability, to do so, you can also upgrade HCIBench to the latest version by running the following command in HCIBench: tdnf install -y git && git clone https://github.com/cwei44/HCIBench.git && sh HCIBench/upgrade.sh
    MD5 Checksum: 1d14426f92b353e90469a8623ade2bc1 HCIBench_2.5.1.ova

Version 2.5.0 Update

  • Added support vSAN HCI Mesh testing, now you can test both local and remote vSAN datastores at the same time
  • Added support local storage including VMFS and vSAN-Direct testing
  • Added vSAN Debug Mode, allow user to collect vm-support bundle and vmkstats automatically when running testing against vSAN
  • Changed guest VMs name convention to {vm_prefix}-{datastore_id}-batch_num-sequence_num
  • Enhanced testing report format
  • Allow user to specify customized IP addresses for guest VMs
  • Allow user to configure CPU and Memory for guest VMs
  • Added best practice and network troubleshooting guide in the user manual
  • Bug fixes
  • MD5 Checksum: 817c2c788364f252e728d4253b3b96da HCIBench_2.5.0.ova

True SSO Diagnostic Utility

The True SSO Diagnostic Utility allows for validation of the various components needed for True SSO.

Horizon View True SSO uses Microsoft Enterprise Certificate Servers to issue certificates that are used when the user logs on to the desktop. The Horizon View Enrollment Server (ES) is responsible for sending a certificate request to certificate servers, and for monitoring the PKI configuration settings in the Active Directory.

Changelog

Version 2.2

  • The tool has been updated to allow performance-testing of the enrollment-server.

Nutanix Releases Xtract for VM’s

Today Nutanix has released the Xtract for VM’s product. With this tool you will finally be able to directly move your existing vSphere infrastructure to the Nutanix Cloud platform on AHV without any 3rd party tooling or workarounds.

Previously there where several ways to move from ESXi to AHV. The first way was to use 3rd party tooling like starwind to convert the disks. The other ways where completely manual by adding existing disks to new VM’s, use the cross hypervisor DR functionality or in place ESXi > AHV conversion if both clusters where already running on Nutanix. While these are tested and well documented scenario’s, there was no easy way to just test this and it could require a large maintenance window with a lot of manual actions. Rolling back could be a pita as well so it might end up being a costly effort.

In the spring Nutanix already announced Xtract, a tool that would solve all these headaches for you. With it you can schedule the migration and it will insert the required drivers and network settings for you. This results in a migration with hardly any downtime. You can setup the sync from ESXi to AHV wel advance so it is possible to test the complete migration procedure well in advance of the final cutover.

TLDR:

Release of new Nutanix tool called Xtract for Vm’s that efficiently and safely automates the move of your vm’s from ESXi to AHV.

 

Is updating @VMware ESXi at @Nutanix really that easy?

Do you want the short answer or the long answer?

Short: Yes!

Long: Absolutely!

The real story:

  • After doing several Acropolis (CVM) & NCC (Health check) upgrades before on my customer’s Nutanix clusters today was the first time to do an actual hypervisor upgrade. Since we run everything on VMware we wanted to go from 5.5u2 to 6.0u2. The first things to do is to check all compatibility charts and with Acropolis at 4.6.4 and NCC at 2.2.8 we had green lights all over the board.
  • What I always do first before doing anything is running a health check. Since NCC 2.2 you can run some of the checks parallel to save some time:
ncc health_checks run_all -parallel=4

2016-10-04-20_32_24-beheerders-desktop

  • After the check and make sure DRS is set on automated and vSphere HA is turned on as it should otherwise you won’t be updating anything!
  • Next up is heading to Prism, no we’re not doing any cli work when a GUI is better and just as fast!
  • The first thing to do is upload the software (Offline bundle zip file from VMware.com and json file from Nutanix.com)

2016-10-04-15_08_02-documents

  • Go to Software Upgrade

2016-10-04-20_47_38-beheerders-desktop

  • Select Upload the hypervisor Binary

2016-10-04-15_08_16-nutanix-web-console

  • Select the binary and the Json files and hit Upload Now

2016-10-04-15_08_37-nutanix-web-console

2016-10-04-15_08_59-nutanix-web-console

  • When this is done hit the arrow besides the upgrade button and select the pre-check (the real upgrade also does this but it is never wrong to check twice!)

2016-10-04-15_10_49-nutanix-web-console

2016-10-04-15_10_58-nutanix-web-console

  • Enter the IP of the vCenter (not DNS!) and credentials

2016-10-04-15_11_36-nutanix-web-console

2016-10-04-15_12_20-nutanix-web-console

2016-10-04-15_12_28-nutanix-web-console

  • This won’t take long but if you get bored hit the Nothing do to button for a game of 2048 presented to you by our friends at Nutanix

2016-10-04-15_12_39-nutanix-web-console

  • You might need to re-open the Software Upgrade but but somewhere it will be done now

2016-10-04-15_17_53-nutanix-web-console

  • When this finishes successful it’s time to hit the real upgrade button

2016-10-04-15_18_47-nutanix-web-console

  • You know what to do here right?

2016-10-04-15_18_57-nutanix-web-console

2016-10-04-15_19_50-nutanix-web-console

2016-10-04-15_20_48-nutanix-web-console

  • The waiting game has started since there will be a lot of vMotion’s and reboots
  • This it might be time for this again

2016-10-04-15_12_39-nutanix-web-console

2016-10-04-15_21_01-nutanix-web-console

  • If you re-open the Software Upgrade bit it will show the versions of ESXi the cluster is now running

2016-10-04-15_21_45-nutanix-web-console

  • Aaaaaaand we’re done

2016-10-04-15_36_56-nutanix-web-console

So actually creating this post took longer then the preparation and actions for the upgrade themselves. For me that was 5 minutes work in preparation and about 20 minutes per host for the upgrade itself.

 

 

 

 

Back to basics: Daily checks

Something I still hear a lot that system engineers take their vSphere environment for granted and hardly check anything on a daily basis. I always point them at Alan Renouf‘s brilliant health check script while there are other ways to get your daily dose of health this one still rocks for me. You can remove unwanted plugins or make different selections of plugins for daily, weekly or monthly checks. Now and then I still hear people that had issues because of snapshots and there is no need for that anymore and hasn’t been for years! This script has saved me lots of times already + it helped me get management support for limiting other people’s access to the environment because they had no idea what they where doing.

Example of the output you can get:

2016-07-03 20_13_59-192.168.0.11 vCheck

 

Timecheck please!

Something I still see now and then, and have had big issues with in the past, is the time on ESXi hosts. Sometimes no ntp servers have been set or the ESXi hosts can’t connect to them. Other times ntp servers have been set but not the time so they’re still off. Normally this shouldn’t be a problem but since a VM always takes on the time of the hosts it is moving to during a vmotion this can cause issues on database servers.

In my last situation the ntp servers where correct but the time was off and somehow never properly synced to the ntp hosts. To fix this I created 2 scripts, one to check the ntp settings and current time and another to set the time.

$style = "<style>BODY{font-family: Arial; font-size: 10pt;}"
$style = $style + "TABLE{border: 1px solid black; border-collapse: collapse;}"
$style = $style + "TH{border: 1px solid black; background: #dddddd; padding: 5px; }"
$style = $style + "TD{border: 1px solid black; padding: 5px; }"
$style = $style + "</style>"
$esxihosts=Get-VMHost | Sort Name | Select Name,  @{N="NTPServer";E={$_ |Get-VMHostNtpServer}}, Timezone, @{N="CurrentTime";E={(Get-View $_.ExtensionData.ConfigManager.DateTimeSystem) | Foreach {$_.QueryDateTime().ToLocalTime()}}}, @{N="ServiceRunning";E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq "ntpd"}).Running}} 
$esxihosts | convertto-html -head $style -property  name,NTPServer,TimeZone,CurrentTime,ServiceRunning | out-file timecheck.html
start timecheck.html

Nothing fancy, you need to be connected to your vcenter in advance but it makes and opens a nice html file with your ntp settings and current time on your ESXi hosts.

This is the output it makes:

2016-05-24 20_23_21-Mozilla Firefox

Then it was time to make the other script, since sometimes it might take a few secs to set the time I decided to check my local time before every set of a time on an ESXi host.

Get-VMHost | Where-Object {
$t = Get-Date
$dst = $_ | %{ Get-View $_.ExtensionData.ConfigManager.DateTimeSystem }
$dst.UpdateDateTime((Get-Date($t.ToUniversalTime()) -format u))
}

Again nothing fancy but it does the trick perfectly.