the Sky is the Limit
It’s only a few weeks until VMworld Europe will open its doors at Fira Gran Via in Barcelona.
If you plan to go there for the first time it’s good to have some basic tips at hand. On my first visit to VMworld Barcelona I was glad to have read a very useful blogpost by Vladan. He keeps it updated and it is still worth a look. Continue reading “VMworld Europe Survival Guide”
After installing VMware patches you might see a warning:
XXX esx.problem.hyperthreading.unmitigated.formatonhost not found XXX
Those patches which are addressed in VMware Security Advisory VMSA-2018-0020 migitate a vulnerability named L1TF. Because the patch will result in a performance impact, it is not activated by default. Administrators need to decide what is their main focus: performance or security.
If one decides to have more performance and neglects the potential threat, then it is possible to suppress the warning. Just set advanced option UserVars.SuppressHyperthreadWarning from 0 to 1 and the warning will disappear. This should only be done after reviewing KB 55806.
Connect to the vCenter Server using either the vSphere Web or vSphere Client. Switch to “Hosts and Clusters” view and select an ESXi host in your inventory.
Select an ESXi host in the inventory.
Click the Manage (5.5/6.0) or Configure (6.5/6.7) tab and then switch to “Settings”.
Move to System > Advanced System Settings and enter in the filterbox: VMkernel.Boot.hyperthreadingMitigation.
Select the setting and click the Edit pencil icon. Change the default value (false) to true and click OK.
In order to take effect, the host needs to reboot.
Using PowerCLI is recommended if you have more than one host.
Connect-VIServer vc.mydomain.com
Check current values.
Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.hyperthreadingMitigation | Select Entity, Name, Value
The next command will activate the migitation on all hosts without confirmation (be careful!).
Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.hyperthreadingMitigation | Set-AdvancedSetting -Value 1 -Confirm:$false
In order to take effect, the host needs to reboot.
VMware KB 57374 – L1TF related “esx.problem.hyperthreading.unmitigated” vCenter Server Updates
VMware KB 55806 – L1 Terminal Fault – VMM
Browsing through logs of many different devices can be a cumbersome duty. It is much better to aggregate logs from different devices on a dedicated syslog server. To make this possible, a syslog server needs to be registered on the device.
I will show here how to configure a Brocade FibeChannel switch that it will send logs to a syslog server.
Register IP address of syslog server on switch.
syslogadmin --set -ip <syslogserver>
To check status, use the show command.
syslogadmin --show -ip
To revert settings and deregister syslog server from switch use command:
syslogadmin --remove -ip <syslogserver>
Timesync with a NTP source is crucial in order to correlate events precisely. Therefore we need to register a NTP server on the (principal) switch.
tsclockserver <IP>
Choosing the local timezone is best in interactive mode.
tstimezone --interactive
The importance of backup and recovery solutions today is beyond any discussion. Going back 10 years this was a rather neglected topic. But today no-one can afford data loss or services being unavailable. So the importance of backup solutions leveled up with that of production systems. Time windows for RPO and RTO have become smaller and smaller and the effort and cost to achieve that have become higher. If you’re planning a backup strategy, you need to find a good balance between speed, reliability and cost. Low cost NAS boxes are slow and not very reliable. Running an instant recovery from them can turn into a pain. Premium storages are fast and reliable, but also quite expensive. Backup data is in most cases very redundant, which means there’s a high capacity and cost saving potential in deduplication and compression. Continue reading “Exagrid Backup Appliance”