Florian Grehl

NSX-T: Client 'admin' exceeded request rate of 100 per second.

NSX-T has a default API rate limit of 100 requests per second, per client. This limit is sometimes already triggered when you are using the GUI with multiple people using the admin account. If you are using the API to get status information or configure your platform, you very likely know the error. When you exceed the limit, the following message is displayed.

Client 'admin' exceeded request rate of 100 per second.

This article shows a couple of methods to mitigate the limit.

Read More »NSX-T: Client 'admin' exceeded request rate of 100 per second.

NSX-T: How to create a Principal Identity

In NSX-T, you can't create local users. Except for the three default users admin, root, and audit, you have to connect to an LDAP server or integrate NSX-T with VMware Identity Manager to authenticate with additional users. Additionally to normal users, NSX-T has the concept of Principal Identities, which are certificate-based users that can create objects that only the user itself can modify or delete.

This article explains how to create and work with a principal identity.

Read More »NSX-T: How to create a Principal Identity

NSX-T 3.1 Enhancement - Shared ESXi and Edge Transport VLAN with a Single Uplink

With the release of NSX-T 3.1, improvements to inter-TEP communication within the same host have been implemented. The Edge TEP IP can now be on the same subnet as the local hypervisor TEP. This feature reduces the complexity for collapsed setups where the Edge VM runs on an ESXi host that is also part of the Geneve overlay transport zone.

The following tunnel configuration is now possible:

NSX-T 3.1 - Shared Transport VLAN

 

Read More »NSX-T 3.1 Enhancement - Shared ESXi and Edge Transport VLAN with a Single Uplink

Heads Up: VMFS6 Heap Exhaustion in ESXi 7.0

In ESXi 7.0 (Build 15843807) and 7.0b (Build 16324942), there is a known issue with the VMFS6 filesystem. The problem is solved in ESXi 7.0 Update 1. In certain workflows, memory is not freed correctly resulting in VMFS heap exhaustion. You might be affected when your system shows the following symptoms:

  • Datastores are showing "Not consumed" on hosts
  • Virtual Machines fail to vMotion
  • Virtual Machines become orphaned when powered off
  • Snapshot creation fails with "An error occurred while saving the snapshot: Error."

In the vmkernel.log, you see the following error messages:

  • Heap vmfs3 already at its maximum size. Cannot expand
  • Heap vmfs3: Maximum allowed growth (#) too small for size (#)
  • Failed to initialize VMFS distributed locking on volume #: Out of memory
  • Failed to get object 28 type 1 uuid # FD 0 gen 0: Out of memory

Read More »Heads Up: VMFS6 Heap Exhaustion in ESXi 7.0

Tanzu Kubernetes Licensing in vSphere 7.0 Update 1

With the release of vSphere 7.0 Update 1, VMware introduced a new licensing model for its Tanzu Kubernetes integration. Basically, the licensing has been changed from an ESXi-Host license to a Cluster license that looks familiar to the vSAN license which is in place for a couple of years. The change does only affect how you have to apply the license. The entity to pay for is still a physical CPU.

In vSphere 7.0 GA, the license required to enable Kubernetes (aka. "Workload Management") was an add-on license for ESXi Hosts named "vSphere 7 Enterprise Plus with Kubernetes". With the introduction of vSphere 7.0 Update 1, which is also referred to as 7.0.1, "vSphere add-on for Kubernetes" has been rebranded and split into 4 licenses Tanzu Basic, Tanzu Standard, Tanzu

Read More »Tanzu Kubernetes Licensing in vSphere 7.0 Update 1

Update ESXi 7.0 with VMKUSB NIC Fling to 7.0 Update 1

The USB Native Driver Fling, a popular ESXi driver by Songtao Zheng and William Lam that adds support for USB-based Network Adapters, has been updated to version 1.7. The new version has added support for vSphere 7.0 Update 1.

When you download the latest version, you notice that there are separate versions for 7.0 and 7.0 U1. Both versions are only compatible with their corresponding ESXi version, which makes direct updates a little bit more complex.

This article explains how to upgrade ESXi hosts with USB-based network adapters in a single step.

Read More »Update ESXi 7.0 with VMKUSB NIC Fling to 7.0 Update 1

Quick Tip: Reset Tanzu SupervisorControlPlaneVM Alarms

When you are working with the Kubernetes Integration in vSphere 7.0, you might come into the situation where the SupervisorControlPlaneVM has an active alarm. Those Virtual Machines are deployed and controlled by the WCP Agent and even as an Administrator, you are not allowed to touch those objects.
You can't power then off, reboot, or migrate them using vMotion. The problem is that you can't even clear alarms. One alarm I recently had was the "vSphere HA virtual machine failover failed" alarm, which you usually see when the ESXi hostd crashed, but the Virtual Machines are still running.Read More »Quick Tip: Reset Tanzu SupervisorControlPlaneVM Alarms

Thermal Throttling on Raspberry Pi 4 running ESXi-Arm

Cooling the Raspberry Pi 4 is highly recommended, not only when running the ESXi-Arm Fling. The Raspberry Pi 4 has an internal temperature sensor, which is used to ensure that temperature does not exceed 85°C. When the temperature is at about 82°C, the system automatically reduces the clock speed to prevent the system from overheating. This mechanism is also referred to as "Thermal Throttling".

Technically, it is not required to install heatsinks or small fans to prevent it from overheating. But if you want to have the system to run at full performance, you definitely want to install heatsinks and a fan. Of course, running the system as cool as possible will also increase its overall lifespan.

That's the theory - But is Thermal Throttling working with the ESXi-Arm? And how can you identify that the clock speed has been reduced? Let's find out...

Read More »Thermal Throttling on Raspberry Pi 4 running ESXi-Arm