If you apply GPO’s to servers for ease of administration and security, you may want an easy way if all your servers are in the appropriate group(in this case “Virtual Servers”) and compare this list to a list of all running Windows machines. The following script will do this:
########################################################################
# Title: VM Groupmembership Script
# Filename: vmgroup.ps1
# Created by: Douglas Smith
# Date: 7/14/2010
# Version: 0.1
# Description: *This script requires the Quest AD cmdlets be installed.*
########################################################################
#### Pass through paramaeters ###################################################
param (
[string]$vcserver,
)
#### Variables ##############################################################
$Date = Get-Date
#### Functions ##############################################################
#### Begin Script ############################################################
#### Validate Input Variables ####################################################
If ($vcserver -eq "") {
$wscript = new-object -comobject wscript.shell
$msgbox = $wscript.popup("You MUST enter the name or IP of your vSphere server",0,"Access Denied",1)
exit
}
#### Check if Snapin loaded, if not load #############################################
if ((Get-PSSnapin -Name VMware.VimAutomation.Core -ErrorAction SilentlyContinue) -eq $null )
{Add-PSsnapin VMware.VimAutomation.Core -ErrorAction SilentlyContinue}
if ((Get-PSSnapin -Name Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue) -eq $null )
{Add-PSsnapin Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue}
#### Connect to vSphere
$VIServer = connect-VIServer $vcserver
$adlist = get-qadgroupmember "Virtual Servers" -type computer | Select-Object name |
Sort-Object name | ForEach-Object{$_.name.tolower()}
$vms = Get-Vm | Where-Object {$_.powerstate -eq "PoweredOn"} |
Where-Object {$_.name.length -gt 10} |
Where-Object {$_.guest.osfullname -like quot;*indows*"} | Select-Object name |
Sort-Object name | ForEach-Object{$_.Name.ToLower()}
$vmcount = $vms.count
$AddMachine = Compare-Object $vms $adlist -syncwindow $vmcount |
Where-Object {$_.sideindicator -eq "<="} | Sort-Object InputObject
$RemoveMachine = Compare-Object $vms $adlist -syncwindow $vmcount |
Where-Object {$_.sideindicator -eq "=>"} | Sort-Object InputObject
#### Create Spreadsheet
$excel = New-Object -comobject Excel.Application
#$excel.visible = $True #### Use for troubleshooting purposes
$excel.DisplayAlerts = $False
$excelfile = $excel.Workbooks.Add()
$WorkSheet = $excelfile.worksheets.item(1)
$Worksheet.Name = "Add to Group"
$Worksheet.Cells.Item(1, 1) = "Machines that need to be added to the
Group"
$WorkBook = $Worksheet.UsedRange
$WorkBook.Interior.ColorIndex = 8
$WorkBook.Font.ColorIndex = 11
$WorkBook.Font.Bold = $True
$Row = 2
$Addmachine | ForEach-Object {
$Worksheet.Cells.Item($Row, 1) = $_.InputObject
$Row ++
}
[void]$WorkBook.EntireColumn.AutoFit()
$WorkSheet = $excelfile.worksheets.item(2)
$Worksheet.Name = "Remove from Group"
$Worksheet.Cells.Item(1, 1) = "Machines that need to be removed from the
Group"
$WorkBook = $Worksheet.UsedRange
$WorkBook.Interior.ColorIndex = 8
$WorkBook.Font.ColorIndex = 11
$WorkBook.Font.Bold = $True
$Row = 2
$RemoveMachine | ForEach-Object {
$Worksheet.Cells.Item($Row, 1) = $_.InputObject
$Row ++
}
#### Adjust Columns
[void]$WorkBook.EntireColumn.AutoFit()
#### Save File
$excelfile.SaveAs("c:\temp\VirtualServerGroup-" + $date.month + "-" +
$date.day + "-" + $date.year + ".xls", 1)
#### Quit Excel
$excel.Quit()
#Disconnect from vCenter Server
$VIServer | Disconnect-VIServer -Confirm:$false
Use datastore resignaturing if you want to retain the data stored on the VMFS datastore copy.
To resignature a mounted datastore copy, first unmount it. Before you resignature a VMFS datastore, perform a storage rescan on your host so that the host updates its view of LUNs presented to it and discovers any LUN copies.
Procedure
- Log in to the vSphere Client and select the server from the inventory panel.
- Click the Configuration tab and click Storage in the Hardware panel.
- Click Add Storage.
- Select the Disk/LUN storage type and click Next.
- From the list of LUNs, select the LUN that has a datastore name displayed in the VMFS Label column and click Next. The name present in the VMFS Label column indicates that the LUN is a copy that contains a copy of an existing VMFS datastore.
- Under Mount Options, select Assign a New Signature and click Next.
- In the Ready to Complete page, review the datastore configuration information and click Finish.
The information for this article was gathered from the ESX Configuration Guide.
vCenter Server provides storage filters to help you avoid storage device corruption or performance degradation
that can be caused by an unsupported use of LUNs. These filters are available by default:
- VMFS Filter - Filters out storage devices, or LUNs, that are already used by a VMFS datastore on any host managed by vCenter Server.
- RDM Filter - Filters out LUNs that are already referenced by an RDM on any host managed by vCenter Server.
- Same Host and Transports Filter - Filters out LUNs ineligible for use as VMFS datastore extents because of host or storage type incompatibility.
- Host Rescan Filter - Automatically rescans and updates VMFS datastores after you perform datastore management operations.
Procedure
- In the vSphere Client, select Administration > vCenter Server Settings.
- In the settings list, select Advanced Settings.
- In the Key text box, type a key.
-
- config.vpxd.filter.vmfsFilter -> VMFS Filter
- config.vpxd.filter.rdmFilter -> RDM Filter
- config.vpxd.filter.SameHostAndTransportsFilter -> Same Host and Transports Filter
- config.vpxd.filter.hostRescanFilter -> Host Rescan Filter
- In the Value text box, type False for the specified key.
- Click Add.
- Click OK.
Information gathered from the ESX Configuration Guide.
Raw device mapping (RDM) is a method for a VM to have direct access to a LUN on a Fibre Channel or iSCSI system. RDM is a mapping file in a separate VMFS volume that acts as a proxy for a raw physical storage device. The RDM allows a virtual machine to directly access and use the storage device. The RDM contains metadata for managing and redirecting disk access to the physical device.
RDM offers several benefits:
- User-Friendly Persistent Names
- Dynamic Name Resolution
- Distributed File Locking
- File Permissions
- File System Operations
- Snapshots
- vMotion
- SAN Management Agents
- N-Port ID Virtualization
Certain limitations exist when you use RDMs:
- Not available for block devices or certain RAID devices
- Available with VMFS-2 and VMFS-3 volumes only
- No snapshots in physical compatibility mode
- No partition mapping
You need to use raw LUNs with RDMs in the following situations:
- When SAN snapshot or other layered applications are run in the virtual machine. The RDM better enables scalable backup offloading systems by using features inherent to the SAN.
- In any MSCS clustering scenario that spans physical hosts — virtual-to-virtual clusters as well as physical-to-virtual clusters. In this case, cluster data and quorum disks should be configured as RDMs rather than as files on a shared VMFS.
Information for this article was gathered from the ESX Configuration Guide.
N-Port ID Virtualization (NPIV) is an ANSI T11 standard that describes how a single Fibre Channel HBA port can register with the fabric using several worldwide port names (WWPNs). This allows a fabric-attached Nport to claim multiple fabric addresses. Each address appears as a unique entity on the Fibre Channel fabric.
Requirements for Using NPIV
The following requirements exist:
- NPIV can be used on virtual machines with RDM disks.
- The HBAs on your ESX/ESX host must support NPIV.
- Your fiber switches in the fabric must be NPIV-aware.
- When configuring a LUN for NPIV access at the storage level, make sure that the NPIV LUN number and NPIV target ID match the physical LUN and Target ID.
- Use the vSphere Client to manipulate virtual machines with WWNs.
When you use ESX/ESXi with NPIV, the following limitations apply:
- Because the NPIV technology is an extension to the FC protocol, it requires an FC switch and does not work on the direct attached FC disks.
- When you clone a virtual machine or template with a WWN assigned to it, the clones do not retain the WWN.
- NPIV does not support Storage vMotion.
- Disabling and then re-enabling the NPIV capability on an FC switch while virtual machines are running can cause an FC link to fail and I/O to stop.
You can assign a WWN to a new virtual machine with an RDM disk when you create this virtual machine. You can create from 1 to 16 WWN pairs, which can be mapped to the first 1 to 16 physical HBAs on the host.
Procedure
- Open the New Virtual Machine wizard.
- Select Custom, and click Next.
- Follow all steps required to create a custom virtual machine.
- On the Select a Disk page, select Raw Device Mapping, and click Next.
- From a list of SAN disks or LUNs, select a raw LUN you want your virtual machine to access directly.
- Select a datastore for the RDM mapping file. You can place the RDM file on the same datastore where your virtual machine files reside, or select a different datastore. NOTE If you want to use vMotion for a virtual machine with enabled NPIV, make sure that the RDM file is located on the same datastore where the virtual machine configuration file resides.
- Follow the steps required to create a virtual machine with the RDM.
- On the Ready to Complete page, select the Edit the virtual machine settings before completion check box and click Continue. The Virtual Machine Properties dialog box opens.
- Assign WWNs to the virtual machine.
- Click the Options tab, and select Fibre Channel NPIV.
- Select Generate new WWNs.
- Specify the number of WWNNs and WWPNs.
- A minimum of 2 WWPNs are needed to support failover with NPIV. Typically only 1 WWNN is created for each virtual machine.
- Click Finish.
The host creates WWN assignments for the virtual machine.
This information was gathered from the Fibre Channel SAN Configuration Guide
VMDirectPath allows guest operating systems to directly access an I/O
device, bypassing the virtualization layer. VMDirectPath I/O device
access enhances CPU efficiency in handling workloads that require
constant and frequent access to I/O devices. It enables virtual
machines to directly access underlying hardware devices. Each virtual
machine can connect to up to two passthrough devices, which include
certain networking and storage PCI devices. If your server has support for
device pass-through you may be able to provide USB access to Virtual
Machines.
When using VMDirectPath you lose following features:
- VMotion
- Storage VMotion
- FT
- Device hot add
- Suspend and resume
- Record and replay
Configuring pass-through devices
To configure pass-through devices on an ESX host
- Select an ESX host from the Inventory panel of VMware
Infrastructure (VI) Client.
- On the Configuration tab, click Advanced Settings. The
Pass-through Configuration page lists all available pass-through
devices. Note: A green icon indicates that a device
is enabled and active. An orange icon indicates that the state of the
device has changed and the host must be rebooted before the device can
be used.
- Click Edit.
- Select the devices and click OK. Note: If you
have a chipset with VT-d, when you click Advanced
Settings in VI Client, you can select what devices are
dedicated to the VMDirectPath I/O.
- When the devices are selected, they are marked with an orange icon.
Reboot for the change to take effect. After rebooting, the devices are
marked with a green icon and are enabled. Note: The
configuration changes are saved in the /etc/vmware/esx.conf file. The
parent PCI bridge, and if two devices are under the same PCI bridge,
only one entry is recorded. The PCI slot number where the device was
connected is 00:0b:0. It is recorded as:
/device/000:11.0/owner = “passthru”
To configure a PCI device on a virtual machine
- From the Inventory in VI Client, right-click the virtual machine
and choose Edit Settings.
- Click the Hardware tab.
- Click Add.
- Choose the PCI Device.
- Click Next. Note: When the device is assigned,
the virtual machine must have a memory reservation for the full
configured memory size.
Information was gathered from the following resources:
ESX currently supports 10 unique disk formats.
-zeroedthick - This is the default format when creating a new virtual disk. The space is allocated durng the disk creation but is not zeroed out until the first write from the virtual machine.
-eagerzeroedthick – Same as the above, except the disk is zeroed during the creation process. SInce it does the zeroing at creation this takes longer to create. (Obviously)
-thick – The space is allocated during the creation, but does noto zero out any of the data. This type cannot be created by non-root users.
-thin – The required space is NOT allocated durng the creation, but is allocated and zeroed on demand
-rdm – Virtual compatibility mode for raw disk mapping
-rdmp – Physical compatibility mode for raw disk mapping (pass-through mode)
-raw – Raw device
-2gbsparse – the virtual disk is broken up into a series os files, none of which are larger then 2 GigaBytes in size. You cannot power this format up until you use vmkfstools to reimport it to a compatible format.
-monosparse – monolithic sparse disk
-monoflat – monolithic flat disk
Data obtained from VMware KB 1022242
VMware has announced an additional level of certification to that seems to fit in between VCP and VCDX. It is the VCAP or VMware Certified Advanced Professional. There will be two seperate certifications under this title, the The Datacenter Administrator (DA) and the Datacenter Design (DD). Currently on the exam blueprint fot the DA exam has been released and is available for download. This is exciting as it allows VCP’s to stand out from amongst there peers by advancing to the next step., much like with other vendor certifications.