hostasaurus's Posts

Just wanted to comment that Giznary's suggestion of using the datastore browser works great with one caveat; if the VM in question was originally thin provisioned, it will end up thick on the new... See more...
Just wanted to comment that Giznary's suggestion of using the datastore browser works great with one caveat; if the VM in question was originally thin provisioned, it will end up thick on the new datastore.  I'm not sure if that's also the case with the other methods proposed.
Hello, I was curious if there's a way to set an artificial limit on storage vMotions at the vCenter level rather than letting it choose based on network speed?  We're consolidating a bunch of spi... See more...
Hello, I was curious if there's a way to set an artificial limit on storage vMotions at the vCenter level rather than letting it choose based on network speed?  We're consolidating a bunch of spinning arrays to a flash array and the flash is so fast that we end up impacting performance too greatly on the old arrays if we let it start doing 4+ simultaneous vmotions, but at the same time, I don't want to have someone paid to sit and click migrate every couple minutes one vm at a time.  I was hoping to set it down to 1 simultaneous and then we can just queue up 50 migrations at a time. Thanks!
Another day, another Flash security vulnerability... Multiple flaws were found in the way flash-plugin displayed certain SWFcontent. An attacker could use these flaws to create a specially cra... See more...
Another day, another Flash security vulnerability... Multiple flaws were found in the way flash-plugin displayed certain SWFcontent. An attacker could use these flaws to create a specially craftedSWF file that would cause flash-plugin to crash or, potentially, executearbitrary code when the victim loaded a page containing the malicious SWFcontent. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,CVE-2015-0305, CVE-2015-0308)This update also fixes multiple information disclosure flaws inflash-plugin. (CVE-2015-0301, CVE-2015-0302, CVE-2015-0307)All users of Adobe Flash Player should install this updated package, whichupgrades Flash Player to version 11.2.202.429. and back on topic, just had another I hate the web client day.  EMC has dropped development of the VSI plugins for the c# client, the old plugin breaks if you add an XtremIO v3 array and the VSI plugin for web client doesn't seem to have any idea what PowerPath is, so if you use PowerPath, and XtremIO, you're screwed if you want to monitor your multipath status.
And you wonder why companies don't want Flash on their management networks... Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintos... See more...
And you wonder why companies don't want Flash on their management networks... Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit for CVE-2014-0502 exists in the wild, and recommends users update their product installations to the latest versions:
andreaspa wrote: This thought just popped up.. IF you are aiming for multi platform support, why not go for a completely new vSphere Client written in Java? Yes, Java has had it's fair sha... See more...
andreaspa wrote: This thought just popped up.. IF you are aiming for multi platform support, why not go for a completely new vSphere Client written in Java? Yes, Java has had it's fair share of security issues in the past, but I think this is the only way forward if you aim to provide support on multiple platforms. Much of your vSphere services are written in Java, so you have the knowledge for Java. Also, by going for Java instead of Web Client and C# client you will have two less languages to learn and maintain. Definitely not the way to go.  HTML is multi-platform last time I checked, so HTML5 is what I'd prefer if they're going to cram the web-only option down their paying customers throats. Java would be a nightmare.  It already is a nightmare for anyone running the cluster F of EMC and Cisco UCS and Cisco call manager in one enterprise.  EMC Unisphere requires selecting from a few specific ancient versions of Java to work correctly, Cisco UCS requires a different small selection of Java versions to manage it, Call Manager also requires Java but one that is not compatible with the other two.  The last thing we need is vmware moving to Java so we can have four different management machines all to accommodate each vendor's preferred version of Java.  It would be a big pig to run over a slow link as well, just like the current nightmarish web client.
I'd still like to hear an official response on how one manages a host directly when the host has become isolated, host web server is down, vcenter server is down, etc. using the web client.  The ... See more...
I'd still like to hear an official response on how one manages a host directly when the host has become isolated, host web server is down, vcenter server is down, etc. using the web client.  The web client's server component seems a lot more temperamental, in my experience, compared to whatever sits on the server listening for VI client connections, and that has lead to several instances of still being able to resolve issues with VI client that could not be resolved with web client.
Some ideas. Did you check the other performance counters at the same time to see if the spike corresponds with any increase in network activity?  That would tell you if something weird is goi... See more...
Some ideas. Did you check the other performance counters at the same time to see if the spike corresponds with any increase in network activity?  That would tell you if something weird is going on externally that's talking to all the guests.  If no spike, then at least you'll know it's some locally generated I/O probably caused by a scheduled task running on one or more servers. The graphs you posted are stacked and it looks like on them that most of the I/O is one guest around 4:10a and a different guest around 4:50a.  If one guest is taxing your array, it may have pushed latency up which affected everything and skewed the results. The time of day this is occurring is the time of day linux often runs the updates for the mlocate database, which can generate a lot of I/O as it recatalogs the filesystems. We have a scheduled task on our vCenter server to dump its MSSQL database at that time of day that causes a large spike in I/O since it's writing out 50+ GB. On our EMC array, we use tiering and the migration of data up and down the stack was causing a spike in latency during the window it ran.  I've found EMC engineers hit or miss and some miss things like that; any chance you're doing tiering and it's balancing at that time of day?  In our case, I made the window larger and lowered the priority so it was not as big an impact.
Awesome, thanks Scott, that was the issue.  I had to run /usr/lib/vmware-vcli/apps/vm/vminfo.pl --verbose and then in the output file, search for AHCI.  I found one VM that had been created from ... See more...
Awesome, thanks Scott, that was the issue.  I had to run /usr/lib/vmware-vcli/apps/vm/vminfo.pl --verbose and then in the output file, search for AHCI.  I found one VM that had been created from scratch recently, instead of via our templates, and it got a SATA controller for no particular reason.  I removed that and things are back to normal. I'll definitely open a ticket about the issue; it's incredibly stupid of them to not update the SDK when they make changes like that.  If it had taken a critical application down I'd have been really pissed.
Just joining the chorus here; I think the client is absolutely horrible as well. More specific complaints, besides just the horribly bloated and slow performance. For those of us with EMC ... See more...
Just joining the chorus here; I think the client is absolutely horrible as well. More specific complaints, besides just the horribly bloated and slow performance. For those of us with EMC equipment, and EMC PowerPath for VMware, there are productivity-increasing plugins for the C# client that are not available for the web client, and there are configuration and information screens provided via plugins that are not available for the client.  So those of us with such a setup actually have to use both clients to fully manage the environment which is incredibly stupid.  Okay I need to do this, let's see, which of the two clients permits me to do that, hmm, try, fail, try the other one, success.  Next task, repeat.  One would have hoped that with EMC owning VMware, they wouldn't screw up EMC's own VMware-specific products, but I guess that was wishful thinking. No usable update manager, so no way to install PowerPath or other host-based plugins that install via update baselines. No usable update manager, so no way to actually upgrade hosts. We had a no flash on management systems policy for security reasons and had to reverse that just for this stupid client, since we had upgraded all the machine versions to 10. Many times, alerts that would cause a yellow or red flag on hosts or guests will not dynamically appear in the web client, or will not dynamically disappear if the issue has cleared; you have to refresh.  Of course, you don't want to refresh, since the damn interface is so slow, so data you're seeing may be out of date. Web client, hmm, can I use it from a mobile device over VPN?  ROFL, good luck trying that; it might load in 60 minutes. Need to see what LUNs a given host has defined, or looking to make sure a specific LUN is connected?  C# client: Host -> Configuration -> Storage -> Datastores and you get a nice presentable list with the display name of the datastores in question.  Web client: Host -> Manage -> Storage -> Storage Devices.  Oh, I'm connected to disk naa.6006016010602a0054d4043c34b5e211; great, that's really f'ing useful, I memorized all the device ID's of every LUN on all my arrays.  Well let me copy it out and see if I can search for it elsewhere; oh, can't f'ing copy from the web client, let me type it all out by hand then, I love doing that.  Can I at least make sure all the paths to the device are up?  Nope, web client doesn't know anything about PowerPath, so somehow it's connected but has zero paths.  Guess I get to jump back over to the C# client to see what it says.  For those of you who are looking for a solution to this, go to Home -> Storage -> the array that you want, click it, click Related Objects, click Hosts.  It will at least tell you if the storage you want is connected to the host you want. Kickstarting a guest and need its MAC address?  Okay, guest, summary, drop down the NIC, there it is.  Let me copy that out so I can paste it into my installer machine; oh, once again, can't f'ing copy text from the web client.  How backwards is that, you can copy useful things from a Windows program but not from a web page.  Guess I'll type it out by hand once again. Last but certainly not least; many of the screens contain data that is too wide to display on even a reasonably sized monitor, so you have to scroll left or right.  I don't like collapsing the alerts and tasks lists because I like to see what is going on.  Can I move them to the bottom where they were on the C# client?  Nope, they will be on your right and you're going to like it.
Ah, thanks for that info.  Very odd that it just stopped working; we did an upgrade to 5.5 at least a month before the issue began.  It is possible that the vmware tools were upgraded around the ... See more...
Ah, thanks for that info.  Very odd that it just stopped working; we did an upgrade to 5.5 at least a month before the issue began.  It is possible that the vmware tools were upgraded around the time it stopped working; could that have messed with the rCLI files?  Kind of grasping at straws now.  I may try to build a new management system from scratch and reinstall to see what happens.
I've got the perl CLI tools installed on a CentOS 5 x64 system and everything has been working fine.  We have a custom script that lets us reboot vm's from the command line.  It's primarily depen... See more...
I've got the perl CLI tools installed on a CentOS 5 x64 system and everything has been working fine.  We have a custom script that lets us reboot vm's from the command line.  It's primarily dependent on: /usr/local/lib/vmware-vcli/apps/vm/vminfo.pl to get the list of machines.  Starting a few days ago, that has begun returning: Can't load class 'VirtualAHCIController' at /usr/lib/perl5/site_perl/5.8.8/VMware/VIMRuntime.pm line 52. I've found reference to that class in /usr/lib/perl5/5.8.8/VMware/VIM25Stub.pm and I see no reason why it wouldn't be loaded, but am not positive what triggers its loading.  Anyone have ideas on what I should look at?
In case anyone at vmware is actually listening, it's zero day vulnerabilities like the below, that take advantage of Flash, which lead to companies establishing policies of not having Flash on th... See more...
In case anyone at vmware is actually listening, it's zero day vulnerabilities like the below, that take advantage of Flash, which lead to companies establishing policies of not having Flash on their secure networks: Internet Explorer bug lets hacker control your PC - Apr. 28, 2014 Yet, then they're forced to reverse those policies because of your poor decision to build the 5.5 admin interface in Flash. 
Just one additional gripe that perhaps has a solution I haven't found yet; is there a way to move the right pane to the bottom and let the center pane span all the way over to the right?  I like ... See more...
Just one additional gripe that perhaps has a solution I haven't found yet; is there a way to move the right pane to the bottom and let the center pane span all the way over to the right?  I like having the alarms and tasks fully visible, so unpinning it and letting it collapse is less than ideal, and I also like to be able to actually see all the data on the performance monitoring screens without having to scroll the stupid middle window over, which is what happens with that right side bar there wasting space.
Thanks for that mention of the vm tools.  We forgot to update our linux repositories to reference 5.5 after upgrading and vmware hasn't deployed the newer tools to the 5.1 repo.  Just updated and... See more...
Thanks for that mention of the vm tools.  We forgot to update our linux repositories to reference 5.5 after upgrading and vmware hasn't deployed the newer tools to the 5.1 repo.  Just updated and tested and their 5.5 repo is indeed serving up the 9.4 branch.
I happened to run into this same issue last night, but with CentOS 6.5 VM's.  Fortunately for me a reboot of one of the two fixed it, but it was as if the vswitch was not forwarding ARP's specifi... See more...
I happened to run into this same issue last night, but with CentOS 6.5 VM's.  Fortunately for me a reboot of one of the two fixed it, but it was as if the vswitch was not forwarding ARP's specific to one or the other guests. Since we had an outage as a result I unfortunately didn't have time to play with tcpdump or other diagnostic tools to try and figure out exactly what was occurring.  It was very odd since both guests could talk to other guests on the same network, and the default gateway, just not each other.  The guests were on the same subnet but different hosts.
The web client really sucks.  It is painfully slow completing day to day tasks for large vcenter installs.  We had to re-do our management net security policy just to appease vmware too since we ... See more...
The web client really sucks.  It is painfully slow completing day to day tasks for large vcenter installs.  We had to re-do our management net security policy just to appease vmware too since we had forbade Flash on those systems.  It's even more of a pain if you're using third party products that were written for the desktop client, such as the EMC PowerPath and Storage Viewer plugins.  We have a constantly changing environment and it's really annoying to have to flip between the two for various tasks, but it's even more frustrating when you are clicking away in desktop client and then go back to the web client and you have to wait a few seconds for clicks to do anything, or you have to refresh the whole screen because the guest that you know is powered off won't show you the menu options that it should for a powered off guest, etc.  Did I say I hate the web interface? lol
Perfect; thanks.  I can go to my cluster and related objects and schedule every single VM for upgrade at next reboot.  This is the first good thing the new interface has done for us lol.
Yep, unfortunately PowerCLI is powerless in this case because the best it can do is rely on the UpgradeVM_Task function from the API which has not been updated for 5.5 to support the new feature ... See more...
Yep, unfortunately PowerCLI is powerless in this case because the best it can do is rely on the UpgradeVM_Task function from the API which has not been updated for 5.5 to support the new feature of scheduling the update to occur at the VM's next reboot.  With the current UpgradeVM_Task function, if the power state is anything other than poweredOff, it fails.  I want to set the upgrade to occur like the 5.5 web interface allows, and let it happen when the vm's are rebooted on their own maintenance schedules.  Thanks for the pointers though.
Just curious if, via the completely ridiculous web interface that makes you want to kill yourself, it is possible to set your vm's to be scheduled for hardware compatibility upgrade on next reboo... See more...
Just curious if, via the completely ridiculous web interface that makes you want to kill yourself, it is possible to set your vm's to be scheduled for hardware compatibility upgrade on next reboot like you can individually by editing and checking the schedule for next reboot box.  I don't want to take the vm's offline, I want to just mark all 600+ vm's in our vcenter cluster to be upgraded at next reboot.  This process is horribly slow with the stupid flash-based interface.  I'll have to pay someone to sit there pointing and clicking for a complete day to go through them all.
This is easy to test for.  You must test from a host running OpenSSL 1.0.1 though or it will not work: openssl s_client -connect ESXHOST:443 -tlsextdebug If you see: TLS server extension... See more...
This is easy to test for.  You must test from a host running OpenSSL 1.0.1 though or it will not work: openssl s_client -connect ESXHOST:443 -tlsextdebug If you see: TLS server extension "heartbeat" (id=15), len=1 in the output, then it's running OpenSSL 1.0.1, and based on the fact that the fix only came out yesterday, then it is therefore vulnerable.  I just tested a 5.5 build 1331820 host and it did respond with the heartbeat extension, so 5.5 is vulnerable.