Tag Archives: 6.0

Critical Patch for All-Flash vSAN with Deduplication (6.0 and 6.5)

VMware has released a critical patch for vSAN 6.0 and 6.5. This patch contains a fix for a highly critical vSAN issue that might cause IO read errors and in some cases severe symptoms such as inaccessible VMs, host failures, or stuck resyncs. The issue manifests itself only under highly specific operations and IO patterns.

The bug only affects All-Flash vSAN configurations with deduplication enabled.

Symptoms for this issues are the following messages in the Events tab:

  • "vSAN detected an unrecoverable medium or checksum error for component uuid on disk group uuid."
  • "vSAN detected and fixed a medium or checksum error for component uuid on disk group uuid."

The following versions are affected according to KB2151042 and KB2151081.

Name Patch Date Build
ESXi 6.5 Update 1 ESXi650-update1 2017-07-27 5969303
ESXi 6.5 Update 1 (Security only) ESXi650-update1 2017-07-27 5969300
ESXi 6.5d (vSAN 6.6 Patch) ESXi650-201704001 2017-04-18 5310538
ESXi 6.5 Express Patch 1a ESXi650-201703002 2017-03-28 5224529
ESXi 6.5 Patch 1 ESXi650-201703001 2017-03-09 5146846
ESXi 6.5 Patch 1 (Security Only) ESXi650-201703001 2017-03-09 5146843
ESXi 6.5a ESXi650-201701001 2017-02-02 4887370
ESXi 6.5 GA 2016-11-15 4564106
ESXi 6.0 Update 3a (Patch 5) ESXi600-201706001 2017-06-06 5572656
ESXi 6.0 Update 3a (Patch 5) (Security Only) ESXi600-201706001 2017-06-06 5485776
ESXi 6.0 Express Patch 7a ESXi600-201703001 2017-03-28 5224934
ESXi 6.0 Update 3 ESXi600-update3 2017-02-24 5050593
ESXi 6.0 Update 3 (Security Only) ESXi600-update3 2017-02-24 5047589
ESXi 6.0 Patch 4 ESXi600-201611001 2016-11-22 4600944
ESXi 6.0 Patch 4 (Security Only) ESXi600-201611001 2016-11-22 4558694

VMware states that all vSAN customers using All-Flash with deduplication enabled must upgrade to this patch immediately:

What's inside VMware vSphere 6.0 Update 3

VMware has released vSphere 6.0 Update 3. That update only contains minor changes, no noteworthy new features have been added. Together with 6.0 U3, the following product updates were released today:

If you want to get notified about updates and new products, subscribe to my vTracker RSS Feed. Read more »

vMA 6: Recover vi-admin Password and Remove Password Complexity

When you've installed the vSphere Management Assistant 6.0 (vMA) you very like came across its very strict password policy. With this requirements, the password recovery for vMAs is a common tasks. This post explains how to recover forgotten vMA passwords and how to use insecure, simple passwords for lab uses.vma-bad-password

Please provide a password for the vi-admin user.
BAD PASSWORD: to short
BAD PASSWORD: it is based on a dictionary word
BAD PASSWORD: is too simple
...Have exhausted maximum number of retries for service

Read more »

How to Increase VCSA External PSC Disk Space in vSphere 6

The vCenter Server Appliance 6.0 uses the Linux Logical Volume Management (LVM) that allows you to dynamically increase the disk size of the vCenter Server disks. For the vCenter server itself the process to increase the capacity is well documented in KB2126276. When you have an external Platform Services Controller, the tool mentioned in the KB is missing. You can't use "vpxd_servicecfg storage lvm autogrow" to increase the space automatically so you have to do it manually.

This post explains how to increase the disk space for an external platform service controller.

Read more »

ESXi 5.5 & 6.0 August 2016 Patch

VMware has published patches for ESXi 5.5 and 6.0:

VMware ESXi 5.5
Release date: August 4, 2016
Patch: ESXi550-201608001
Build: 4179633
Links: KB2144371 | Download

VMware ESXi 6.0
Release date: August 4, 2016
Patch: ESXi600-201608001
Build: 4192238
Links: KB2145667 | Download

Both patches are only available in the patch section, not as installable. A patch for vCenter Server 5.5 has also been released:

 

ESXi 6.0 May 2016 Patch (Build 3825889)

VMware has published a patch for ESXi 6.0

Product: VMware ESXi 6.0
Release date: May 12, 2016
Patch: ESXi600-201605001
Build: 3825889
Links: KB2136186 | Download

The update resolves 7 issues including two PSOD and a CBT problem with the following symptoms: Read more »

Ping from specific VMkernel adapter in vSphere 6

When troubleshooting network problems on ESXi hosts you want to specify the outgoing VMkernel adapter. As explained here you can ping from a specific VMkernel adapter with the -I parameter. In vSphere 6.0, or with VXLAN activated, this might not work as expected and displays the following error.

[root@esx:~] ping -I vmk1 10.1.1.1
Unknown interface 'vmk1': Invalid argument

The problem is related to the multiple TCP/IP Stack features introduced in vSphere 6.0. To ping from specific VMkernel adapters that are not in the default Stack (defaultTcpipStack) you have to manually specify the NetStack with the -S parameter.

Read more »

VMware NSX 6.2 Beginners Guide - From Zero to Full Deployment for Labs

NSXVMware NSX is the SDDC technology of the future. What ESX was once for Servers, NSX is now for Networks. I highly encourage everyone to make yourselves familiar with this technology. NSX with all its features is quite complex, but the entry point is quite simple and requires only basic vSphere and networking skills. This beginners guide explains how to deploy NSX in your homelab even with limited physical ressources by downsizing NSX Manager and NSX Controller VMs. The guide starts at zero and quickly explains how to deploy NSX and connect your first Virtual Machine to a VXLAN based logical switch that is able to communicate to the physical world through an NSX Edge Gateway.

What do you need to create the Lab?

  • vCenter 6 with some physical ESXi Hosts
  • vSphere Distributed Switch (dvSwitch)
  • NSX Manager Appliance (Download: NSX 6.2.2)
  • There is no special physical Switch requirement

Read more »

Script to add vSphere 6 VMCA Root Certificate to Trusted Certs Store

When running vSphere 6 deployments in default (recommended) mode, VMware Certificate Authority is its own root certificate authority. Everything fine and secure with this configuration, but your browser displays a warning because the root certificate is not trusted.
there-is-a-problem-with-this-security-certificate

I've written a little script (VBS) that pulls the CA certificate from a vCenter Server and adds it to the local trusted root certificates store. When the root CA is trusted, browser warnings are gone.
script-vmca-certificate

Read more »

Resilient vSphere 6.0 PSC deployment without Load Balancer

With vSphere 6.0 VMware has separated their vCenter Server into two components - vCenter Server and Platform Services Controller. They also created a list of topologies they recommend  for deployments. The deployment they recommend for high availability includes an External Load Balancer where vCenter Servers are pointed to. An alternate solution is to have multiple Platform Services Controllers and vCenters pointed directly to them. There is no need to have one PSC for each vCenter. Each PSC can manage up to 4 vCenters, so with 2 PSC you can manage 8 vCenters, with 3 you can manage 10 vCenters, which is the configuration maximum at the moment.

psc-deployment-with-or-without-loadbalancer

Platform Services Controller with or without Loadbalancer?

The solution with a Load Balancer sounds nice, and I'm sure it's operable, but it has some drawbacks:

  • It requires a third-party Load Balancer (Compatible Load Balancers are NSX-v, Citrix NetScaler and F5 Network Big-IP)
  • Configuration is complex
  • Troubleshooting is even complexer
  • Does not scale (1 PSC can handle 4 vCenters, with a Load Balancer (which is used for redundancy) 2 PSC are required to handle 4 vCenters)

Read more »