Clean VMware Update Manager on VCSA 6.5

Update Manager on VCSA 6.5

Conflicting VIBs during patching? Changing server vendors? Want to get rid of an old repository? All of the above?

I just ran into this scenario again, where a customer is changing from one server vendor to another. There was an Update Manager repository for the old server vendor, and those vendor-specific, conflicting patches for both critical and non-critical patches were included in the default baselines.

There is no nice way to remove individual patches or an entire repository worth of patches from the internal database. Instead, we must start from scratch. Take note of your settings, check your backups, take a snapshot, and reset Update Manager back to defaults.

Connect to vCenter Server Appliance 6.5 via SSH

Run the shell command to switch to the BASH Shell:

shell

Stop the VMware Update Manager Service:

service-control --stop vmware-updatemgr 

Run the following command to reset the VMware Update Manager Database:

/usr/lib/vmware-updatemgr/bin/updatemgr-util reset-db

Run the following Command to delete the contents of the VMware Update Manager Patch Store:

rm -rf /storage/updatemgr/patch-store/*

Start the VMware Update Manager Service:

service-control --start vmware-updatemgr

The only things left to do is to log out, log back in, and you’ve got a fresh Update Manager waiting for your configuration. Don’t forget to clean up your snapshot!

See KB2147284 if you have any other questions, or comment below.

Build Day Live with SuperMicro

First off, let me give you a quick rundown of what Build Day Live is. The vBrownBag crew takes a product or piece of equipment, and does a real-life day-1 build. It doesn’t always go right, there’s usually troubleshooting involved, and it’s a look at what an implementation engineer runs into.

vBrownBag at Supermicro

I will admit, before watching this Build Day Live, I was not terribly familiar with Supermicro’s offerings. I do know there are quite a number of manufacturers that use Supermicro under the hood, but I never took the time to look deeper at their servers. When I’m doing consulting by day, they’re not a vendor I normally work with.

Two things really caught my eye:  The modular design of the enterprise-ready Ultra series, and networking. Yes, I found out Supermicro does networking.

Ultra Modular

Jerry Dien talked about the modular design of their enterprise-class Ultra series: the single motherboard across the series, with different configurations of backplanes, risers, and form-factor of 1U or 2U to make completely different servers.

Depending on configuration, you can build 10 (1U) or 24 (2U) drive configurations, with SAS/SATA backplane, or NVMe (also called direct-attached).

It can be really nice to have that familiar server and management, with different configurations depending on your needs; consider: Datacenter or general compute clusters, versus application and desktop delivery (Horizon, Citrix), with similar management.

Networking

The other thing that I was completely blindsided by was their networking solutions, from 1GB to 100GB switches. It turns out they have some L2 and L3 switches, 10gig, 25gig, aggregation, and bare-metal switches that will ship without an OS.

Switches have both a web UI for the interface people, and CLI for those who prefer command-line. I haven’t seen what the web management interface looks like, but Alastair said he was able to figure out what he’s doing without much trouble.

With a quick search, I found their CLI guide which has syntax that looks pretty familiar to me.

There isn’t any centralized/unified management (yet), but they’re integrating it with their blade networking management systems, slated for later this year.


There was a lot covered in the Build Day Live, including their GPU enabled servers, their management software, and blades. Check it out, maybe you’ll pick something up too.

Quick and Dirty With vCheck

This is the second of [?] posts, participating in Blogtober in the virtualization community.

So, maybe you’ve heard how cool vCheck is, but you’re just not sure where to get started. If you aren’t sure what it is, check out this post by its creator, Alan Renauf.

Now that I have you at least semi-interested, let’s get started.

Install PowerCLI

Grab PowerCLI – you can grab it as a Powershell module now. It also auto-loads pieces as it needs, which is really convenient.

  1. Uninstall existing all PowerCLI versions
  2. Fire up Powershell
    1. Make sure you can access the Powershell Gallery
    2. Installs the modules as the current user (or run PS as admin, skip the “-Scope CurrentUser” option to install for all users)
Find-Module -Name VMware.PowerCLI
Install-Module -Name VMware.PowerCLI –Scope CurrentUser

For a more detailed look, check this blog post.

Downloading vCheck

Grab the latest version from the GitHub Repo: https://github.com/alanrenouf/vCheck-vSphere/releases

At the time of this writing, we’re grabbing the 6.24 release (August 24, 2017).

Unzip it to your favorite place for stuff like this. In this example, C:\Utilities\vCheck.

Configuration

In your Powershell window, navigate to where you unzipped vCheck.

You have to load some custom functions, you’ll need to “dot source” the utility file, which loads some functions for you to launch later if you want (export and import settings, for example).

PS C:\Utilities\vCheck\> . .\vCheckUtils.ps1

Now that you’ve got the functions loaded, you can do things like import/export your settings, add/remove plugins. For the initial config, there’s a nifty gui configuration you can use, just fire it up like this:

PS C:\Utilities\vCheck\> .\vCheck.ps1 -GUIConfig

You can list plugins, remove plugins you won’t use:

PS C:\Utilities\vCheck\> Get-vCheckPlugin --Installed
PS C:\Utilities\vCheck\> Remove-vCheckPlugin "Name Here"

Following, setup the scheduler (probably want to do this on a server) you loaded from the vCheckUtils.ps1 functions.

PS C:\Utilities\vCheck\> Schedule-vCheck

Give it a shot and see what it’s like:

PS C:\Utilities\vCheck\> .\vCheck.ps1

Rob Nelson has a more in-depth post if you’re looking for more.

#VMworld Announcements – Day 1

While VMware made some cool announcements today, I have a feeling there’s more to come. I think I’ve covered most of the important details, feel free to comment if I missed something.

Today’s announcements had 2 cellos open with an awesome 3d / VR artist providing some interactive visuals.

Pat Gelsinger entered and discussed science fiction merging with science fact, and how technology is leaving the nest and being the driver for progress.

Some interesting stats he gave:  200 years ago, 85%+ of the population was consumed with agriculture. Today, 9/10 jobs are about creating higher-value jobs, improving the quality of life, with technology being in the center of it all.

He had an appropriate quote about how the “3 R’s” used to be Reading, [w]riting, [a]rithmetic, but that is going through an evolution.

And now, it’s ‘Read, write code, arithmetic’

Cloud-to-Edge

Part of VMware’s strategic priorities include what they’re calling Cloud-to-Edge: Connecting people to services and applications. This included announcements around #VMware on #AWS, NSX, AppDefense, the Software-Defined Datacenter, and the partnership with HP:  Device-as-a-Service.

https://www.vmware.com/radius/innovation-data-center-edge-cloud/

VMware is showcasing independence by having the first announcement: VMware’s Unified Endpoint Management System includes partnership with HP which unrolls “Device-as-a-service” integration with VMware Workspace One and Airwatch.

CapitalOne discussed their use of DevOps and the transformation of IT, their use case for Airwatch, EUC and EUC.

They had a pretty amusing flashback to VMware’s first sales meeting video:

VMware Cloud on AWS

VMware Cloud on AWS is an on-demand service that enables you to run applications across vSphere-based cloud environments with access to a broad range of AWS services. Powered by VMware Cloud Foundation, this service integrates vSphere, vSAN and NSX along with VMware vCenter management, and is optimized to run on dedicated, elastic, bare-metal AWS infrastructure. With this service, IT teams can manage their cloud-based resources with familiar VMware tools. – More Here

There also was an announcement of version 2.2 of VMware Cloud Foundation and documentation.

VMware Cloud Services

VMware Cloud Services

All of the cloud announcements are based on NSX being the foundation for connectivity.

 

‘What vSphere was to the first 20 years of #VMware, NSX will be for the next decade.’
– Pat Gelsinger

Security

VMware announced the biggest news of the day, in my opinion, around AppDefense.

AppDefense provides an number of features, notably:

  • Application Control: Comprehensive view/grouping of VMs in the datacenter, their intended state and allowed behaviour
  • Runtime anomaly detection and response: Monitor the real time state of the OS and user applications – alert and control process, network, and kernel events
  • Process Analysis: Built-in process analysis engine gives overall process maliciousness as well as specific traits that are potentially suspicious
  • Orchestrate Remediation: Our infrastructure reach provides a more effective way to orchestrate remediation during a security incident

Read more on AppDefense from Gregg (The Saffa Geek):

VMware AppDefense Announced at #VMworld US

Stay tuned for more!

 

Almost Ready for VMworld 2017

VMworld 2017 is coming in just a few short days! I am planning to be a lot more active with blogging and live tweeting (@anthonyrhook) – so check it out while I’m there. There’s also 3 relevant posts from around the community on the bottom – read on!

If you’re still reading and don’t have a Twitter account: get one.

I’m getting ready for a week of learning, speaking, and a little bit of fun. Here’s my take on the whole thing.

Prepping for VMworld

Work

Don’t forget to set your out-of-office email for the week while you’re there. I don’t find a lot of time to catch up on emails and things while I’m there, so I try my best to have projects either closed or on hold. I did agree to following up on some work while on the plane while there, though.

Personal

I’m headed out for just shy of a week, so I have to make sure I have things squared away at home. I’m mowing the lawn tonight, and make sure all is set for my wife, daughter, and dogs. Change your light bulbs, make sure your security system is working, that kind of thing.

Wear comfortable shoes.

You’re going to be walking a lot. Whether it’s through the Solutions Exchange, to-and-from the events every day, or even just in-between sessions. I bought new shoes just for the occasion, and I’ve been breaking them in all week this week.

Hygiene is important. There’s a lot of people… in a hot place… stuffed indoors (yes, there’s AC). You smell what I’m stepping in, here?

Packing

If you’re headed to VMworld, remember that you’re going to get a backpack while you’re there. You also have the opportunity to pick up a TON of swag: t-shirts, water bottles, and I’m also going to take a wild guess that fidget spinners will be the craze this year. Consider bringing an empty suitcase for all the swag you may want to bring back.

Flying

Make sure to drink water while you’re traveling, this is a general rule of thumb for any flights. You’re headed to a hot desert, you may have some adult beverages when you get there, and you’ll want to avoid any hangovers if you can.

Drink water

Actually, while you’re at it, drink a lot of water during the conference too.

Check for Uber or Lyft codes at the airport for some percentage off the ride from the airport to your hotel, there’s usually big banners. Can’t miss ’em.

Partner Exchange 2017

PEX 2017 beings Sunday with partner bootcamps. Check now to see if any relevant sessions are available. With the Partner Exchange pass, you have exclusive access into the Partner Exchange Lounge open all week, starting on Sunday at 9:00AM. The lounge is a great place to relax, refuel, recharge your devices, and request a meeting room.

VMworld 2017

Allow yourself extra time to get to places. Book your sessions in the Content Catalog now, if you haven’t. Even if they’re full, add them to your favorites list, and a lot of the time you can get in anyway. Learn all the things, and meet all the people.

You have an opportunity to meet the people that literally write the books on these technologies.

Speaking

I’m giving a #vBrownBag TechTalk, Wednesday, August 30th, 10:45 in the VMvillage.  Even thought the Content Catalog says the session is full, I’m sure they’ll be room. There’s TechTalks all week, and they’ll be streamed online as well, so see if there’s topics you like, and show up!

 

The week gets long, and it’s hard to remember everything you may have learned, and the people you met. Take notes, and have a blast!

Here are some other takes from people around the community:

Catch Me at VMworld US 2017!

Getting ready for VMworld and Partner Exchange 2017

https://sddc.life/blog/VMworld-Tips/

See you at VMworld!

VMware to retire the “thick-client”

VMware has announced it will finally not be releasing a thick client (C# client) for the next version of vSphere.  The last few releases have lacked new features for the aging thick-client, while new features were added to the web client.  It was only a matter of time before it was finally retired.

Fear not:  the HTML5 web client will be fully-featured come release time.  Grab and test the current HTML5 Web Client VMware Fling in your lab to help improve the HTML5 client before release:

https://labs.vmware.com/flings/vsphere-html5-web-client

The next version details like version numbers (6.1?  6.5?  7?) and release date are still unknown.

VMware Official Post:  http://blogs.vmware.com/vsphere/2016/05/goodbye-vsphere-client-for-windows-c-hello-html5.html

vSphere CPU ready time

Bored, nothing to do, and checking out your performance metrics?  First off, use VMware vRealize Operations (vROps, formerly vCOps), and take up a new hobby in all your spare time; thank me later.  Still need to take a look because you’re troubleshooting a slow VM?  Concerned about if you’re oversubscribing your CPUs?  High kernel times?

Why can't I hold all of these metrics

A basic explanation of CPU Ready Time is: how long is your virtual machine is waiting in line to use the CPU on the host?  There is a very acceptable percentage (in general, under 10%, more on that below), however oversubscribing will definitely cause you (or clients) headaches.  An example of when you have this problem is a generally slow VM, but task manager/TOP isn’t showing something eating up all your CPU, and all other metrics look fine.  Extreme cases will make the VM’s clock slow.  Perhaps high kernel time?  Josh at vmtoday has an image of this example on his very relevant post.

When you look at these graphs and see high numbers, don’t necessarily worry.  There’s a pretty easy formula to figure out what you’re looking at.  In the example I’m using below, I’m using the performance chart for the VM, realtime, which has a metric rollup time of 20 seconds.  Here’s how I got it to that, and what it looks like:

 

Performance Options
Performance Options

Realtime CPU Ready
Realtime CPU Ready

If you’re looking at graphs of different timeframes, you want to use a separate number in the formula:

  • Realtime: 20 seconds – We’re using this one in my example
  • Past Day: 5 minutes (300 seconds)
  • Past Week: 30 minutes (1800 seconds)
  • Past Month: 2 hours (7200 seconds)
  • Past Year: 1 day (86400 seconds)

(CPU summation value / (<Chart Interval in Seconds> * 1000)) * 100 = % CPU ready

It’s probably hard to see, but I’m interested in the VM average of 547 at a realtime (20 second) interval.  I toss those numbers into the formula:

(547 / (20 seconds * 1000)) * 100 = 2.73% CPU Ready

With only 2.73% CPU ready time, I can see this VM isn’t having any CPU problems.

Some different resources concur that up to 10% is acceptable, but something over 10% should require some reviewing.  Keep in mind the time-frame you’re looking at this:  realtime during high production times may not be the most accurate for an overview.  If that’s the case, check out a daily or weekly average instead.

Additional resources on this topic including all about using CPU affinity: