12 months ago I took on a new initiative here at Tripwire focused on virtualization management. The vWire project was a separate line of business from Tripwire Enterprise, entirely focused on solutions to make the VI professional’s life easier. What a ride it has been!
O... Read more »
People make a lot of jokes about "herding cats," and when I decided to video a group of our vWire developers for them to talk about their favorite vWire features, I worried it would be hard to get what are often considered the most introverted demographic in the world in front of... Read more »
We have had OpsCheck and ConfigCheck up over on vWire.com since the site was launched but we have noticed a trend. A little less than half of the people who click on the buttons to get the tools don't actually download it. There has always been a form in front of the download... Read more »
My father recently underwent a stress test to determine how his heart performed under load. The result was that he needed a pacemaker. Tripwire's performance analysis team recently put vWire through a series of stress tests to determine how it would perform under load.
I w... Read more »
On my quest for PowerShell knowledge I was working on a script to rescan HBA’s and then to list the paths to the datastores but, I only wanted the script to run on certain specific hosts at a time. Usually the rule is when you add storage or paths to an ESX host you would do this to all hosts in the cluster at the same time and could use PowerShell to list the members of a cluster to work with but I was exploring the option of creating a list of the ESX hosts that I wanted the script to run on and have that list saved in a file. Using the “get-content” cmdlet, I was able to do just that. The only other things was the “foreach” loop, when reading the content of a file, you need to use “foreach-object” cmdlet. Below is an example of the code to read the serverlist.txt file and then use that information to rescan and then refresh the HBA’s.
There is a very good blog post on the best practices for vSphere (ESX 4) Service Console Partitions by Rich Brambley on the VM /ETC blog. The original article can be found here. In this article he had a very nice chart for custom partitioning.
Custom Partitioning
The following Custom Partitioning Design is recommended:
Mount Point
Type
Size
Purpose
/
ext3
5.0GB
The / (or “root”) partition stores the ESX system and all files not stored in another custom partition. If this partition is filled to capacity, the ESX host could crash. It is imperative to prevent this.
swap
1600MB
The swap partition is used to supplement RAM if the service console runs out of physical memory.
/home
ext3
512MB
The /home partition is created as a failsafe to help prevent / from filling up. Service console accounts (not vCenter) each have an associated /home folder. As a best practice, administrators should not use these folders for storage. If service console accounts are to be used and there are multiple users requiring access, the size of this partition may need to be increased. By default, /home is part of the / partition. By creating a custom partition for it the / partition will be protected if /home fills to capacity.
/tmp
ext3
2.0GB
The /tmp partition is also created as a failsafe to help prevent filling the / partition. /tmp is often used to untar support files, temporarily store copied logs and stage patches. By default, /tmp is part of the / partition. By creating a custom partition for it the / partition will be protected if /tmp fills to capacity.
/vmimages
ext3
512MB
Traditionally, /vmimages was used to store CD-ROM images (.ISOs) and Floppy Disk images (.flp, .img). However, most organizations following best-practices have moved this from each individual host to a single shared-storage location. However, by default ESX creates a /vmimages folder within / . This makes it dangerously easy for an Administrator to mistake it for the shared-storage repository and copy images into it that will fill / . As a failsafe to help prevent this, a small custom /vmimages partition can be created. If the local /vmimages folder is actually used, this size may need to be increased.
/var
ext3
2.0GB
The /var partition stores most system logs. Creating a custom /var partition provides substantial, dedicated log storage space (/var/log) while protecting the / partition from being filled by log files. Normally /var is part of the / partition.
The installer also automatically creates the following partitions without displaying them:
/boot
ext3
260MB
/boot stores the files necessary to boot the service console.
vmkcore
100MB
The vmkcore partition temporarily stores log and error information should the VMkernel crash.
Besides being a good test question is there really any reason not to “just go big”? Most servers now ship with well over 50GBs of local storage. So why not create bigger partitions for the ESX Service console? I would use the local VMFS partition as a temp storage to put some ISO or clones of virtual machines. This would be just a place of temporary storage for me. This conversation becomes mute with ESXi and there are rumors that soon there will be just ESX(i) and the service console becomes a memory. I am not a big fan of losing the service console but not much else I can do except rant a little when I can. By the way, “/boot” has been increased as a “safety net” for future upgrades to ESX(i).
Rich recommended setup is as follow and for the most part I agree completely
Primary:
/ - 5120MB
Swap - 1600MB
Extended Partition:
/var - 4096MB
/home - 2048MB
/opt - 2048MB
/tmp - 2048MB
I might even say to add 1GB to each partition in his example, except for the Swap partition. So what about you? How big is yours?
I had the opportunity recently to try to help a friend on his quest to P2V a Microsoft ISA Server. We tried all sorts of different setting to allow communication between the ISA and in this case both Virtual Center and a Platespin server trying to get either one to be able to discover and migrate the ISA Server. We added the conversion servers to the management group on the ISA box and disable RPC checking and still no dice. We actually got a little further with vConverter by getting it to connect and install the client but it was not getting any further in the conversion process. I am sure if we had more time we could have figured out the ports that needed to be opened but, time was not on our side. Did you know that you can still get a cold clone CD from VMware? I was looking through all the VI install files for all the vConverter files and was coming up empty but I found a blog post with its location and thought it would be worthwhile to re-post the post by Vladan Seget on the www.vladan.fr blog site. The original post “VMware Cold Clone to Convert your Physical Machines, Where to get it?” can be found here.
You cannot do a hot conversion every time. Sometimes you need to perform a cold clone to convert your physical servers. Then you’re asking, where to get the converter cold clone boot CD?
So, there exists the cold-clone disc. This is a bootable CD-ROM disc that you actually boot the physical server from. The disc contains a pre-installed Windows 2003 image that runs a built-in version of Converter. Since you boot from the CD, none of the server’s processes start-up so you can get a good clone of the hard drive.
Make sure that you log-in before you download. This means that you have to have an Store account, that means that you have already bought some product with VMware before.
Today’s topic is going to be about VMware’s Distributed Power Management or otherwise known as VMware DPM. If you have not heard about VMware DPM before, I found an interesting video interview with Anne Holler who works at VMware as a Senior Staff Engineer. I found this interview at Vladan Seget’s ESX Virtualization site here and it is worth checking out. The video is pretty short, only about four minutes in length and gives a pretty good overview of how VMware positions DPM in conjunction with HA and DRS.
In a lot of the environments I have worked in over the years actually had most of the processing power happen at night during the backup process. Actually at one point I had a cluster that was oversubscribed to put it mildly. If you have ever driven a standard transmission then you know about the red line on the tachometer that you should not go over or the engine would blow up. Let’s just say my oversubscribed cluster was riding that line during the day and when the backup schedule kicked off I actually saw CPU% on the individual VMware ESX hosts themselves reach levels of 102%. Just like clockwork ever day when the backup’s kicked off the host would really max out. Pretty cool to watch but I digress. The point is I am not sure I would really think about using VMware DPM in my production environment. Now if I just built a brand new ten node cluster what was designed to cover the growth for x amount of time and I had just gotten started with putting virtual machines on the cluster then sure why not set that up? I would have plenty of resources available that I would feel pretty confident about that but in most places that I have worked or spent any time at there was not really that amount of spare resources and most customers were always trying to cram as much as they can on the clusters.
VMware DPM was actually introduced in Virtual Center 2.5 and VMware ESX 3.x as an “experimental” feature and only had one way of ‘waking’ a server and that was with a magic wake on lan packet. That worked great until you rebooted Virtual Center or restarted the Virtual Center server service for any reason. After the reboot Virtual Center would see the host as down and was not able to bring it back to life. That was one reason why the technology was experimental at the time. Now in vSPhere, VMware DPM actually has three different wake methods it can use to bring the host back up. Along with using wake on lan DPM will also use IPMI wake and ILO wake. One other really cool thing that was added to VMware DPM was the ability to schedule when an ESX host would wake back up. So if you know you were going to have a heavy load at 9am you could schedule the host to wake up at 8am to be pretty for the start of the business day.
So to recap, I am not sure that VMware DPM would be something I would setup and use on a regular basis. I have also worked in certain environments that the Change Control Board would literally lay an egg if they knew that hosts could and would shut down for any reason.
That is my take on this. So what’s your take on VMware DPM and are you using it currently in your environments? I would really like to what you all have to say and think on this? Inquiring minds want to know.
Within the past few weeks I have received two sales calls from vendors. This in itself isn’t too unusual because when I attend industry conferences I often sign up to get additional information. I never indicate that I have BANT (Budget, Authority, Need, or Timing) so my requests always go to the bottom of the follow-up list. Thankfully, I am rarely called by a sales person so I don’t have to explain that I am in product management and will never purchase one of their products. Read more…
This week we released OpsCheck on vWire.com for free - a tool to help ensure “VMotionability”. A number of people have come to get it which is great. Some of those people are starting to share their findings in the community.
Alan’s is one of my personal favorites because of the way he stated it originally on Twitter.
What I find interesting about this product is the wide range of need for this product. There are some people who are fairly advanced in their environments and have a pretty good handle on things. They are finding things they were not aware of before.
Then there are people who have possibly never gotten VMotion to work. You may be reading this thinking– that can’t be right – but we have talked to people that virtualization is part of their job and they have had issues for the past year getting VMotion to work. OpsCheck can help these people quickly identify what issues that are preventing VMotion and giving them the troubleshooting guidance to correct those things. One of the main technologies that sets VMWare apart from the rest currently is VMotiion. OpsCheck is a tool that should be in every VI Professionals toolbox because you should not be spending time in training or dollars on consulting for what should be a foundational piece of your VMWare deployment. Use those dollars wisely on things that should be being built upon this foundation.
Our goal at Tripwire in these free tools is to provide value where it matters. ConfigCheck and OpsCheck are the first two tools we have released because we have heard a need for these things and we have the skills to produce them quickly.
For some time now here at Tripwire there has been a team working on what has been known internally as Project Spitfire. You have seen part of this team here at the Virtual Black Hole but today is a significant coming out party for the entire team. What we announced today is the first phase of a new initiative here at Tripwire focused on virtualization management known as vWire. This is a separate line of business from Tripwire Enterprise and is entirely focused on solutions to make the VI professional’s life easier.
As part of this, today we announced that OpsCheck is now available at www.vWire.com. OpsCheck is a free tool that helps you ensure your VMotion is operational. We also today announced a new community for VI professionals. There are already lots of great discussions about OpsCheck and virtual infrastructure management within the vWire community.
Last June we released ConfigCheck to allow you to test your VI configurations agains the VMWare hardening guidelines. This great free tool is also available at vwire.com. ConfigCheck was recently rated one of the top 10 free VMWare tools over on VM/ETC.
There is lots more to come but this is a big day for us. We hope you enjoy the free tools, website and community as they have been designed in an effort to help with problems that we have been hearing from VI Professionals.
People make a lot of jokes about “herding cats,” and when I decided to video a group of our vWire developers for them to talk about their favorite vWire features, I worried it would be hard to get what are often considered the most introverted demographic in the world in front of a camera.
Not so with these guys, however. They were eager and happy to talk about the product they had spent the last several months pouring their hearts and souls into. So far, I’ve recorded three, and the first is live here: http://community.vwire.com/message/1671#1671. In this video, lead vWire developer Andrew Wagner talks about his experience with Tripwire, and how he leveraged what he knew about monitoring infrastructure from a compliance and security perspective, and how he applied this knowledge to managing virtual infrastructure in vWire. He gives a brief introduction and a short demo of what vWire monitors (which, by the way, is extraordinarily comprehensive compared to what and how virtual infrastructure is typically monitored).
Anyway, check it out, and drop Andrew a line in the community about his fantastic performance in this short (less than ten minutes) video.
For some time now here at Tripwire there has been a team working on what has been known internally as Project Spitfire. You have seen part of this team here at the Virtual Black Hole but today is a significant coming out party for the entire team. What we announced today is the first phase of a new initiative here at Tripwire focused on virtualization management known as vWire. This is a separate line of business from Tripwire Enterprise and is entirely focused on solutions to make the VI professional’s life easier.
As part of this, today we announced that OpsCheck is now available at www.vWire.com. OpsCheck is a free tool that helps you ensure your VMotion is operational. We also today announced a new community for VI professionals. There are already lots of great discussions about OpsCheck and virtual infrastructure management within the vWire community.
Last June we released ConfigCheck to allow you to test your VI configurations agains the VMWare hardening guidelines. This great free tool is also available at vwire.com. ConfigCheck was recently rated one of the top 10 free VMWare tools over on VM/ETC.
There is lots more to come but this is a big day for us. We hope you enjoy the free tools, website and community as they have been designed in an effort to help with problems that we have been hearing from VI Professionals.
Some free t-shirts are cool, and some are for polishing your car. I’ve been working with a design firm on a t-shirt that falls into the former category, so that when we pass out t-shirts at VMworld Cannes, it’ll be swag that you actually want to keep. The t-shirts will be black, they’ll have the logo for our new community that we’re building, they’ll relate to virtualization, and they’ll have some words that are so frackin’ clever people won’t be able to help themselves and they’ll have to wear them. At least, that’s the goal.
We came close to “All your VM are belong to us,” which started this huge debate as to whether this reference was too “done.” I personally think it’s timeless, and was about to make this a done deal until Dwayne Melancon gave me his idea. I won’t tell you what it was, just that it was hilarious, because Dwayne’s sense of humor tops all. To find out for yourself what t-shirt we are going with, you can get one by visiting our community (once it’s live) (be patient) (it’s coming very soon) or by visiting us at the Tripwire booth in Cannes.
AND… I’m still on the lookout for ideas! If you have any ideas for a fantastic and hilarious virtualization-themed t-shirt, drop me a line. Otherwise, uh, all your t-shirt are belong to me. And I’m not all that clever.
For some time now here at Tripwire there has been a team working on what has been known internally as Project Spitfire. You have seen part of this team here at the Virtual Black Hole but today is a significant coming out party for the entire team. What we announced today is the first phase of a new initiative here at Tripwire focused on virtualization management known as vWire. This is a separate line of business from Tripwire Enterprise and is entirely focused on solutions to make the VI professional’s life easier.
As part of this, today we announced that OpsCheck is now available at www.vWire.com. OpsCheck is a free tool that helps you ensure your VMotion is operational. We also today announced a new community for VI professionals. There are already lots of great discussions about OpsCheck and virtual infrastructure management within the vWire community.
Last June we released ConfigCheck to allow you to test your VI configurations agains the VMWare hardening guidelines. This great free tool is also available at vwire.com. ConfigCheck was recently rated one of the top 10 free VMWare tools over on VM/ETC.
There is lots more to come but this is a big day for us. We hope you enjoy the free tools, website and community as they have been designed in an effort to help with problems that we have been hearing from VI Professionals.
Virtualization has been tagged in many lists of an item that will do well in 2009 because it is cost effective in how you can use your IT dollars. For most companies, a recession or down economy does not mean that you stop spending but you spend on the most important items. Read more…
People make a lot of jokes about “herding cats,” and when I decided to video a group of our vWire developers for them to talk about their favorite vWire features, I worried it would be hard to get what are often considered the most introverted demographic in the world in front of a camera.
Not so with these guys, however. They were eager and happy to talk about the product they had spent the last several months pouring their hearts and souls into. So far, I’ve recorded three, and the first is live here: http://community.vwire.com/message/1671#1671. In this video, lead vWire developer Andrew Wagner talks about his experience with Tripwire, and how he leveraged what he knew about monitoring infrastructure from a compliance and security perspective, and how he applied this knowledge to managing virtual infrastructure in vWire. He gives a brief introduction and a short demo of what vWire monitors (which, by the way, is extraordinarily comprehensive compared to what and how virtual infrastructure is typically monitored).
Anyway, check it out, and drop Andrew a line in the community about his fantastic performance in this short (less than ten minutes) video.
When we launched OpsChecka few weeks ago, we decided to include a short registration form that had to be filled out in order to complete the download. The form didn’t ask for much, but we did want to capture some information so we could (a) learn more about the people interested in OpsCheck, and (b) deliver product-related updates to users of OpsCheck. However, only about half the number of people who clicked to download OpsCheck actually filled out the form — meaning we lost 50% of the people who expressed an interest.
We knew when we started this project that people don’t like forms (heck,Idon’t like to fill out forms either, and I’m in marketing!), but it turns out… people who might use OpsCheck REALLY REALLY don’t like forms — so much so that they would forgo the download of a useful free tool to avoid completing a form.
And you know what? That’s fair. Although it would be a marketer’s dream to know who’s downloading our tools, it’s far more important to simply get our tools out there, which is why we will be taking down the form and actually putting our free tools on free download sites as well. Honestly, if I could drop OpsCheck and ConfigCheck CDs from a plane I would do it.
There’s a balance between driving awareness and capture names/market data. And honestly, at this point for vWire - a startup within Tripwire — we need all the awareness we can get. And we won’t get much from behind a registration form.
I’m finally back from a whirlwind week at VMworld! What an incredible adventure - full of fun, new friends, also eye-opening bits of feedback in terms of what we’re doing with OpsCheck and the vWire project. Regarding OpsCheck, (besides the typical “Cool, I’ll check it out”) there were two comments at the booth that really stood out:
1. “I don’t have any problems with VMotion so why should I use OpsCheck?”
2. “I tried OpsCheck and was shocked to find I had a couple of things misconfigured.”
Both comments speak to the same thing: overconfidence! But, couple statement #1 with statement #2, and the need for something like OpsCheck really stands out, especially since VMotion is so critical to virtual environments.
Therefore, I challenge those who are confident about their VMotion configurations to test out OpsCheck anyway. OpsCheck takes just a short while to run. As one person joked at our booth… “he likes to move it move it… he likes to move it move it.” And if you like to move it, better make sure you actually can. : )
Earlier this week, I convened our product advisory team to get their input on terminology used in our upcoming product and on general usability. Their feedback was very valuable, which reconfirmed my belief that continual user feedback is essential. I was surprised to hear one member say that they are still using alpha software that we provided in late February. The product has evolved so much since then that I now consider the alpha software to be pretty limited. However, this one member says his team uses it consistently and it has cut some of their tasks down from hour to minutes.
I can’t wait to be able to blog about the final product.
Within the past few weeks I have received two sales calls from vendors. This in itself isn’t too unusual because when I attend industry conferences I often sign up to get additional information. I never indicate that I have BANT (Budget, Authority, Need, or Timing) so my requests always go to the bottom of the follow-up list. Thankfully, I am rarely called by a sales person so I don’t have to explain that I am in product management and will never purchase one of their products. Read more…
The March 2, 2009 issue of Fortune magazine got me thinking about the various types of cloud computing. Prior to reading it, I thought of the Cloud much as VMware describes it; an on-demand computing resource that can be transparently used when needed. However, Forture defined the Cloud as “centralized computing services that are delivered over the internet.” I have always thought of this model as Software as a Service (SaaS), and I am not sure I agree with the “centralized” part. Fortune mentioned salesforce.com as an example of a company leveraging cloud computing. Another article in the same issue described how Kenworth trucks “took advantage of cloud computing” because they rented time on a supercomputer thousands of mile away. Finally, a sidebar article implied that cloud computing is “applications housed remotely and delivered via the net.
When I first read the articles I thought, “Fortune doesn’t get it. That isn’t cloud computing.” Upon further reflection I wondered if maybe my definition is too restrictive. Maybe cloud computing is a category that includes multiple types of computing, including SaaS. I wonder if it is time for someone to define a cloud computing taxonomy.
12 months ago I took on a new initiative here at Tripwire focused on virtualization management. The vWire project was a separate line of business from Tripwire Enterprise, entirely focused on solutions to make the VI professional’s life easier. What a ride it has been!
Over the past year I had the opportunity to work on something that has automation built in as a base function and as most of you know automation has truly been my passion when working with virtual environments. It has been a great honor and privilege to be a part of something new and have the opportunity to have input to help design and build a new application to help the virtualization administrators find and resolve issues before those issues really become nightmares. I really think the vWire team, here at Tripwire, built a fantastic product that has such a great deal of potential to make a difference to the administrators working in the trenches.
After careful consideration Tripwire has decided to permanently discontinue the vWire product, effective immediately. Why is vWire being discontinued? Tripwire has been highly successful in security and compliance and we want to focus all of our efforts on this in 2010. As we looked at vWire, it is just not inline with that strategic goal and as a result this decision was necessary.
Thanks to your loyalty and input into the vWire community, we have learned a great deal and are excited to explore how to focus the vWire technology into future projects. Look for great things in 2010.
The entire vWire team sincerely appreciates your support.
On my quest for PowerShell knowledge I was working on a script to rescan HBA’s and then to list the paths to the datastores but, I only wanted the script to run on certain specific hosts at a time. Usually the rule is when you add storage or paths to an ESX host you would do this to all hosts in the cluster at the same time and could use PowerShell to list the members of a cluster to work with but I was exploring the option of creating a list of the ESX hosts that I wanted the script to run on and have that list saved in a file. Using the “get-content” cmdlet, I was able to do just that. The only other things was the “foreach” loop, when reading the content of a file, you need to use “foreach-object” cmdlet. Below is an example of the code to read the serverlist.txt file and then use that information to rescan and then refresh the HBA’s.
I had the opportunity recently to try to help a friend on his quest to P2V a Microsoft ISA Server. We tried all sorts of different setting to allow communication between the ISA and in this case both Virtual Center and a Platespin server trying to get either one to be able to discover and migrate the ISA Server. We added the conversion servers to the management group on the ISA box and disable RPC checking and still no dice. We actually got a little further with vConverter by getting it to connect and install the client but it was not getting any further in the conversion process. I am sure if we had more time we could have figured out the ports that needed to be opened but, time was not on our side. Did you know that you can still get a cold clone CD from VMware? I was looking through all the VI install files for all the vConverter files and was coming up empty but I found a blog post with its location and thought it would be worthwhile to re-post the post by Vladan Seget on the www.vladan.fr blog site. The original post “VMware Cold Clone to Convert your Physical Machines, Where to get it?” can be found here.
You cannot do a hot conversion every time. Sometimes you need to perform a cold clone to convert your physical servers. Then you’re asking, where to get the converter cold clone boot CD?
So, there exists the cold-clone disc. This is a bootable CD-ROM disc that you actually boot the physical server from. The disc contains a pre-installed Windows 2003 image that runs a built-in version of Converter. Since you boot from the CD, none of the server’s processes start-up so you can get a good clone of the hard drive.
Make sure that you log-in before you download. This means that you have to have an Store account, that means that you have already bought some product with VMware before.
Tripwire's solutions for virtual and physical infrastructures provide comprehensive configuration management, improving availability, security, and compliance.
All Entries
Follow Steve on Twitter
Subscribe to Steve's RSS feed
