WilliamLam.com

Search Results for: nested esxi

Instant Clone PowerCLI cmdlets Best Practices & Troubleshooting

by // Leave a Comment

I was fortunate to have been given early access to the VMFork (Instant Clone) PowerCLI cmdlets to help provide early feedback and usability improvements before it was released to customers. Having spent some time with the Fling, I have learned a thing or two about how Instant Cloning works and some of the caveats or gotchas while creating the customization scripts that are used as part of the Instant Clone workflows. I wanted to put together a quick reference on some of my findings as well as well as other recommendations from Engineering who have worked closely with the Instant Clone feature.

The idea is to have this as a living document which I will update as new tips and tricks are identified.

Best Practices

  • Ensure VMware Tools is installed inside the guestOS and also good time to ensure you are running the latest
  • Both Pre/Post Customization scripts are uploaded to /var/tmp by the Enable-InstantCloneVM cmdlet
  • Do not delete Child VMs directly on ESXi, manage it through vCenter Server. There is currently a known issue in which deleting Child VMs will also delete the Parent VM's disk
  • Additional custom variables can be passed to the post-customization script by adding to the -ConfigParams array of variables.
    • An example could be passing in two custom properties called "foo" and "bar" which would look like:

    @{foo = "val1";bar ="val2"}

    • To retrieve the variable "foo" and "bar" from within the post-customization script, you would issue the following commands:

    vmtoolsd --cmd "info-get guestinfo.fork.foo"
    vmtoolsd --cmd "info-get guestinfo.fork.bar"

  • A Forked Child VM will also have a duplicate MAC Address which needs to be updated as it is not automatically picked up.
      • You can either manually set it by retrieving the guestinfo.fork.ethernet0.address with the post-customization script.
      • An easier way would be to reload it based on the guestOS type. On a Linux system, you can use the modprobe command like the following (Submited by George Hicken):

    modprobe -r vmxnet3;modprobe vmxnet3

  • A Forked Child VM may also have identical kernel entropy pools which means semi-predictable RNG, possibly including TCP sequence numbers (Submited by George Hicken)
  • A Forked Child VM's system clock may also be out of date (until you call hwclock --hctosys or similar) which can cause problems with ordering of file timestamps (Submited by George Hicken)
  • Shared host keys if you are using a PKI system or identical asset identifiers in the case of Windows and any sort of AD infrastructure would also need to be either removed prior or updated after a Child VM is created (Submited by George Hicken)
  • Instant Cloning Nested ESXi has been a bit tricky due to a known issue with the VMware Tools for Nested ESXi. I have found that manually preparing the guest prior to Instant Cloning has yield better results. For more information on how to Instant Clone Nested ESXi, check out the blog post here
  • Powering off the Parent VM means that the VM is no longer quiesced and this also means that new Child VMs can not be instantiated until all existing Forked Child VMs have been powered off and the Parent VM has been re-quiesced
  • If you plan on downloading or installing additional software packages on the Parent VM, it is recommended that you perform that operation directly in the VM and not within the pre-customization script. I have noticed that if pre-customization takes too long, the quiesce operation eventually fails even though the operations within the pre-customization script executed successfully.
  • To ensure Forked Child VMs do not contain duplicate disk ID's from Parent VM such as setting up a VSAN environment using Instant Clone Nested ESXi, add the disks after Forked Child VMs have been created.
  • For additional OS Customization Scripts, be sure to check out the Instant Clone community customization script repository and consider contributing back scripts that you have developed.
  • When you hard reset or power off on a child VM it will respawn from the parent, soft resets will not respawn (Submitted by Alan Renouf)

Troubleshooting

  • Instant Clone guestOS logs are stored in /var/tmp/quiesce.logvmfork-logs
  • Consider enabling tracing within your customization scripts. An example of this for a shell script is using

    set -x

  • Add additional echo or print statements like Start/Stop of certain sections like Pre/Post which can aide in reviewing the Instant Clone logs as seen in the screenshot above
  • For Instant Cloning Nested ESXi guestOSes, I recommend taking a snapshot after you have prepared the guest and removed any system specific information. This allows you to quickly revert back to a known state for ease of debugging. I found this to be very useful to be able to start back a known clean state while developing the customization scripts for Instant Cloning Nested ESXi
  • A known issue that is mentioned in the documentation of the Instant Clone cmdlets is after enabling a ParentVM for Instant Cloning, is that it is no longer available for migration to another ESXi host. The reason for this is that after powering off the VM, the "parentEnabled" boolean flag is still set to "true" which prevents the migration. Currently, there is not a work around but hopefully this will be resolved in a future update of the cmdlets. You can see this by running the following PowerCLI snippet:

    (Get-VM "MyParentVM").ExtensionData.Config.ForkConfigInfo

 

Creating your own 3rd Party Content Library for vSphere 6.0 & vCloud Director 5.x

by // 21 Comments

If you recall a few weeks back, I had shared a custom vGhetto Content Library that I had created that contains a collection of my Nested ESXi and VSAN OVF Templates that anyone with a vSphere 6.0 or vCloud Director 5.x environment could subscribed to. This custom Content Library is also known as a 3rd Party Content Library and is one of the capabilities that I am most excited about with the new Content Library feature in vSphere 6.0. The reason I think this is such a cool capability is that I believe it opens up a wide range of use cases not only for our customers but also for our partner eco-systems enabling ease of content management and content distribution for VMware customers.

Just imagine, a vendor who might be providing Virtual Appliances (OVF/OVA), ISOs, VIBs, patches, workflows, blueprints, scripts, etc. can host a 3rd Party Content Library and as a customer you can easily subscribe to a particular repository. Once subscribed, you can either have the content automatically downloaded or synchronized on-demand. In fact, customers can also create their own 3rd party Content Library and distribute their own content within their own organization (local and remote sites) and even be able to share it with others in the VMware community.

Before I jump into the process of creating your own 3rd Party Content Library, I wanted to quickly go over the different options for publishing and subscribing to a Content Library. Below is a diagram to help you visualize the different options you have for publisher and subscriber sources.

vsphere-6.0-class-content-library-as-a-service
Here is the same information as shown in the diagram but in a table format:

Publisher Subscriber
vCenter Server vCenter Server
vCloud Director vCenter Server
3rd Party vCenter Server
3rd Party vCloud Director

Note1: Although the diagram technically shows a 5th scenario where a vCenter Server is the publisher and vCloud Director is the Subscriber, this particular flow is not entirely functional at the moment. Though it will work, it will only allow you to sync non-VM Templates and a different version of the script would be needed. This is a known issue and hopefully it will be resolved in a future update within vCloud Director.

Note2: For 2nd scenario where vCloud Director is a Publisher and vCenter Server is a Subscriber, On-Demand synchronization and overriding an existing OVF Library is currently not supported.

Here is the high level workflow for creating your own 3rd Party Content Library:

  1. Create directory structure layout for your content
  2. Create the JSON metadata index
  3. Publish the 3rd Party Content Library using HTTP(s)
  4. (Optional) Periodically update the JSON metadata index on new or updated content

Step 1 - Here is an example of what your directory structure layout should look like:

creating-third-party-content-library-0
Step 2 - To assist with the JSON metadata indexing, Eric Cao, one of the Content Library Engineers was kind enough to provide the following Python script called make_vcsp_2018.py which you will need to download onto a system which has the Python interpreter running

UPDATE (07/26/18) - You can also create 3rd party content library directly on Amazon S3 or Microsoft Azure Blob using the updated versions of the script make_vcsap_2018.py and  make_vcsap_2022.py respectively

UPDATE (05/29/17) - Thanks to Eric, the script now supports both Python2/3 as well as a new 4th optional command-line argument for performing md5check (Default: true)

Step 3 - The make_vcsp_2018.py script accepts two arguments: the first is the display name of the Content Library and the second argument is the path to the root directory of your Content Library. Here is an example:

python make_vcsp_2018.py vghetto-content-library /Users/lamw/desktop/vghetto-content-library

Once the script has finished building the metadata index, we can now take a look at our content and you will notice some additional files that have been added to your Content Library directory as seen in the screenshot below:

creating-third-party-content-library-1
You will notice two new files at the root directory of your 3rd Party Content Library. The first is the items.json which provides reference to all the files within the library and you will see that each subsequent directory will also contain an individual item.json file describing the content within the local directories. The lib.json is the 3rd Party Content Library endpoint and is what you will be specify when subscribing to a 3rd Party Content Catalog and by providing the absolute URL to this file when setting up a new Content Library.

Step 4 - To publish the 3rd Party Content Library, you just need to host the content somewhere that supports HTTP(s), this can be as simple as using a regular Web Server to something like an Object Store such as Amazon S3.

Note: If you plan to use a non-traditional Web Server for hosting your 3rd Party Content, ensure that the root URL is the same for accessing all files and can not change. For example, you will not be able to host a 3rd Party Content Library using Dropbox as the root URL changes for each and every file.

Step 5 (Optional)- Periodically you will most likely want to add new content and files to your 3rd Party Content Library and as part of that process you will also need to update the metadata index. You can easily do so by re-running the make_vcsp_2018.py script against your existing 3rd Party Content Library. The script will only generate new metadata index for files that have been newly added and for any changes to existing files, the appropriate metadata files will only updated.

As you can see the process in creating and publishing a 3rd Party Content Library is pretty straight forward and simple. I hope to see more of our partners start to publish their own 3rd Party Content Libraries, I think it would be extremely beneficial for VMware customers and I look forward to hearing about them :). If you have created your own 3rd Party Content Library and would like to share the details, feel free to leave a comment and I will be aggregating a list below so that you can easily find them all in one place.

Published 3rd Party Content Libraries

Author Library Content Link
William Lam Nested ESXi & VSAN OVF Templates Subscribe to vGhetto Nested ESXi Template Content Library in vSphere 6.0
Alan Renouf Some sample OVF/OVAs Subscribe to Alan's Content Library in vSphere 6.0

Quick Tip - Using HTTP(s) proxy for connecting to 3rd party Content Library in vSphere 6.0

by // 11 Comments

A couple of weeks back I was asked by a customer who was interested in subscribing to my 3rd Party Content Library which hosted several of my Nested ESXi and VSAN OVF Templates. The problem was that in his environment, like many others, he did not have direct access internet access from within vCenter Server for the Content Library subscription to be created. The customer was wondering if the Content Library feature supported a proxy server which is a very common method for Enterprise customers to provide access to external sites requiring internet access. The Content Library Service does provide a way to configure a proxy server and below are the instructions for configuring both the VCSA and vCenter Server for Windows.

UPDATE (09/27/17): As of vSphere 6.5 Update 1, the Proxy Configurations for the Content Library has been pulled directly into the service itself and you no longer have to manually edit the Java wrapper.conf files. You can now access the proxy configurations by using the vSphere Web Client going to Administration->System Configuration->Services->Content Library Service->Transfer Service as shown in the screenshot below. For 6.0 and 6.5, you will need to continue to follow the instructions below on editing the wrapper.conf file.

vCenter Server Appliance (VCSA)

The configuration file that you will need to edit is /usr/lib/vmware-vdcs/wrapper/conf/wrapper.conf and below are the three lines to add:

wrapper.java.additional.20=-Dhttps.proxySet=true
wrapper.java.additional.21=-Dhttps.proxyHost=proxy.server.com
wrapper.java.additional.22=-Dhttps.proxyPort=8080

Once you have saved your changes, you will need to restart the Content Library service for the changes to go into effect by running the following command:

/etc/init.d/vmware-vdcs restart

The proxy server will now be used and assuming the proper ACL's have been added on the proxy server itself to allow traffic from your vCenter Server to the appropriate destination site, you should now be able to use the Content Library to subscribe to my 3rd Party Content Library.

vCenter Server for Windows

The configuration file that you will need to edit is C:\Program Files\VMware\vCenter Server\vdcs\wrapper\conf\wrapper.conf and below are the three lines to add:

wrapper.java.additional.20=-Dhttps.proxySet=true
wrapper.java.additional.21=-Dhttps.proxyHost=proxy.server.com
wrapper.java.additional.22=-Dhttps.proxyPort=8080

Once you have saved your changes, you will need to restart the Content Library service for the changes to go into effect by going to the Windows services panel.

content-library-service