Virtualization Pro Tips Blog

Another off-topic post for today, this time on the ever-present problem of successfully eliminating administrator rights.  If you’ve been around IT for any period of time, you know that administrator rights represent one of our biggest security challenges.  Microsoft Windows, for all its greatness, gives us what amounts to an on/off switch for assigning rights to most people:  Either they’re Administrator, or they aren’t. Problem is that the real world knows that on versus off mentality just won’t fly any more.  Its for that reason why I was recently asked to present a webinar (which you can view on-demand here) on exactly these challenges. There were some unfortunate technical difficulties that precluded my helping out with the post-event Q&A.  That that I’m greatly disappointed, because one of the people watching asked this intriguing question: How do you justify to "professionals" (e.g., lawyers, doctors, faculty) the removal of control of "their own" computers? The person who asked this question nailed privilege management’s “people” problem right on its head.  Namely, that all people are reticent to give away rights when they feel a sense of ownership.  If a user’s computer belongs to the company and not them, they’ll argue less when you pull their privileges.  At the very least, they’ve got no leg to stand on when you do. But when that computer is actually owned by its user, pulling their privileges is a lot like taking someone’s car keys away.  They still own the car, but they can’t drive. It is in exactly this situation where the art of privilege management enters one of its most challenging grey areas.  Challenging, because of the obvious ownership issues; grey area, because the good of the public is arguably better served by inconveniencing the good of the individual. There are no technical answers for eliminating administrator rights in this situation.  There’s no script I can suggest you run or box you check in an inte...Read the rest of entry >>

Are you running Hyper-V as your hypervisor, but concerned about performance? It could be your storage. In this podcast, I talk with Mark Davis, CEO of Virsto Software about the thrashing problems with Hyper-V and some interesting solutions for better IOPS. Catch up with @ConcentratdGreg on Twitter!...Read the rest of entry >>

I’m in the middle of constructing a new book for Realtime Publishers titled Private Clouds: Selecting the Right Hardware for a Scalable Virtual Infrastructure.  Four chapters long once its complete, I’m giving it away for free at the Realtime Publishers’ website:  http://nexus.realtimepublishers.com/pcsrh.php. This one’s an interesting new topic for me.  In it I attempt to re-write the conventional wisdom of virtual hardware, focusing people towards the benefits in pre-packaged and pre-engineered virtual hardware.  The concept is a lot like the old “white boxes” of yesteryear.  Back then you at some point realized that building your own servers out of individual pieces and parts was never as good as those you could pick up from a Tier 1 hardware vendor. This book’s argument is that we’ve essentially come to the same inflection point in virtual hardware today.  Rather then constructing your virtual environment out of individual pieces and parts, it makes more sense to purchase pre-packaged and pre-engineered “modules” of processing, networking, and storage.  Only by abstracting hardware into “units of processing” do we finally embrace the otherwise-confusing concept of Private Clouds. To me, its turning into quite the interesting read. Drop on by http://nexus.realtimepublishers.com/pcsrh.php and pick up your free copy.  Chapter 1 is up, with future chapters coming every four weeks or so (following the usual Realtime Publishers model).  Definitely let me know here what you think of the discussion. Here’s the blurb from the site to whet your appetite even more: Private clouds are quickly becoming an effective means of stretching infrastructure to meet growing application needs. But the definition of the term "private cloud" can be somewhat elusive. What exactly is meant by "private cloud"? How do you build one? Once you have a private cloud, what is the benefit for the application consumer? And, finally, how can modular hardware make a cloud ...Read the rest of entry >>

You’ll find a new update for VMware Workstation the next time you power it on.  Version 7.1.2 includes a set of fixes for various operating systems, as well as some performance improvements for NAT networking.  I’ve been experiencing problems myself with NATted virtual machines since the 7.1.1 update.  I look forward to seeing if this fixes those problems. Here’s what VMware’s website advertises as the highlights: Added Microsoft Visual Studio 2010 support for Integrated Virtual Debugger’s live debugging mode. Addressed issues with running Windows 7 SP1 Beta, RHEL 6.0 Beta and Fedora 13 in a virtual machine.  Each of these Operating Systems versions are still in development or have known issues, therefore they are not fully supported by VMware. Made several performance improvements to NAT networking. VMware Workstation 7.1.2 has been tested with the new standalone VMware Converter 4.3.  VMware Converter 4.3 now handles Windows 7!  Download VMware Converter for free. Easy Install now supports older versions of CentOS. Added Windows 2008R2 and Apache Server 2.2.15 support for ACE Management Server. Read the VMware Workstation 7.1.2 release notes for more details. Remember that you can always manually check for an update by clicking Help | Check for Software Updates Now inside Workstation. Catch up with @ConcentratdGreg on Twitter!...Read the rest of entry >>

The nice people over at AppAssure asked me not long ago to join them for a webinar.  That webinar essentially asks the question, “What do you do when you need to bring a crashed server back online – literally – in minutes?”  The answers might surprise you. If that’s a capability you wouldn’t mind having, check out this webinar.  I’ll talk about some of the simple and stupid reasons why you won’t get there today, along with some smart alternatives that will make “in minutes” a reality. Here’s a bit more from the webinar’s blurb: Achieving Server Recovery in Minutes through Virtualization Uh oh, your mission critical server is down. What do you do? Look for its last backup on tape, hoping that last night's backup job actually succeeded? Start rebuilding a new server? Look for a new job? Or, simply click the button marked Recover Server, wait a few minutes, and then go about your day? With the right backup solution in place, that second option is an absolute reality. Today's disk-based backup approaches go much further than simply shifting the backup medium off of tape. They enable files, individual emails, and database entries to be restored without restoring volumes, data stores, and databases. They enable fast server recovery to any 15 minute interval in the past. They enable lost servers to be restored in minutes, either onto the same server or even onto an alternate one. And they finally solve the age old problem of what to do when that mission critical server is down. The answer: Recover it in minutes to a virtual server, giving you the breathing room to fix its original hardware without massive downtime. Learn all about how to get there with IT industry analyst and Windows IT Pro blogger Greg Shields. In this quick but informative webcast, Greg will highlight the Seven Requirements Your Backup Solution Doesn't Have, and show you why disk-based backups will better preserve your servers…and your job! Register Today!   Catch up with @Concentratd...Read the rest of entry >>

I love these little, “turn off something we turned on” fixes for common problems.  Surfing through VMware’s recent knowledgebase articles today I found 1027836.  That KB is titled vSphere Client performs slowly on a Windows 7 system. The symptoms suggest that the vSphere Client may experience slow performance when run atop Windows 7, particularly redraws and especially when maximizing the client. The resolution is rather simple.  Right-click the vSphere Client’s shortcut and choose Properties.  Under the Compatibility tab, select Disable desktop composition.  Then give ‘er a try. Catch up with @ConcentratdGreg on Twitter!...Read the rest of entry >>

The web’s full of all kinds of great Visio stencils you can download to make your Hyper-V graphics look snappy.  A quick search pulled up three that are worth a look-see: Get your set of handmade Visio stencils, compliments of IT Consultant Jonathan Cusson, from this URL:  http://www.jonathancusson.com/tag/virtualization-stencil/. Over at the TechNet blogs, TONYSO points you to the Microsoft Office 2007 Professional Add-In for Rack Server Virtualization (Virtual Rack).  His link is http://blogs.technet.com/b/tonyso/archive/2008/07/21/hyper-v-visio-stencils-and-rack-visualization.aspx. If App-V is your game, then check out these nifty App-V stencils from datadr.net:  http://www.datadr.net/index.php?option=com_content&task=view&id=51&Itemid=30. Catch up with @ConcentratdGreg on Twitter!...Read the rest of entry >>

A single network connection won't get you far in ESXi. It'll absolutely get you network connectivity, but you'll quickly lose that connectivity should you lose the NIC. Learn how to team network connections in ESXi and vCenter Server 4.1 in this Video Training Tiplet.   Transcript: Hey, this is Greg Shields with another Windows IT Pro Video Training Tiplet, this time on Teaming and Load Balancing ESXi Server NICs in vCenter Server version 4.1. So you’ve completed the installation of ESXi and you’ve probably got your vCenter Server up and running, and the next thing you probably want to do is team some of the network connections so your virtual machines have a redundant connection to the production network. Now when you team those connections, you’ve got a couple of different options for how you team them. First is failover teaming, which essentially means that one NIC will pick up when the other one fails, or you can also do load balancing teaming which uses the 802.3ad link aggregation protocol on the network switch side to actually go through and complete load balancing so that both of the NICs are in use at all times. Now the way that you go about doing that involves a couple of steps. The first thing that you need to do is obviously here inside of the vSphere Client. You’ll see that I have two servers that are currently attached to Our DataCenter. And for this server, 221, I’m actually looking at its configuration tab here under Networking. You’re probably familiar with the virtual networking configuration of ESX. Here on the left-hand side we have the virtual half of the equation. Here are our Virtual Machine Port Groups and also the VMkernel port that is being used for the management network. In the middle we have our grey box that references the virtual switch. And on the right-hand side we have the physical adapters that plug into that virtual switch. Adding an additional physical adapter starts by clicking the Properties button. When you click the ...Read the rest of entry >>

I’ve always been a big fan of network storage over traditional Ethernet.  With iSCSI’s long history and the new technologies we’re seeing in Fibre Channel over Ethernet (FCoE), storage technologies are pretty obviously making a push towards using the copper infrastructure you already have.  If you haven’t made iSCSI connections yet in ESX 4.1, I’ll show you the steps to set up a simple one in this video.   Transcript: Hey, this is Greg Shields with another Windows IT Pro Video Training Tiplet. Today, we’re connecting an ESX server version 4.1 to iSCSI storage inside vCenter Server. Let’s say that you’ve completed the installation of your ESX server, and you’ve got some of the networking done but what you want to do is connect that ESX server to a little bit of shared storage where you’re going to put your virtual machines. We start that process here inside of the vSphere Client. Now let’s assume that we’ve already created a volume and exposed that LUN to this ESX server. You’ll see here 192.168.0.221. On this server we have two port groups and one physical adapter that are both connected in to the virtual switch. What we want to do is make a connection between this ESX server and that iSCSI storage. We start the process by going here under Add Networking and creating a VMkernel connection type. This connection type is used for things like vMotion, iSCSI, NFS, and even host management. In this case, because we’re doing iSCSI, this is the type of connection we want to create. We have two options here, one for creating a virtual switch or one for using the existing virtual switch. In our case, we’re going to use that existing virtual switch. I choose the Next button, and I have the option of creating a network label, which I’ll just call iSCSI. This is just a friendly name for that port group. You’ll notice three options down here for whether we want to use that port group for vMotion, for Fault Tolerance, or for management traffic. Now because this is a stora...Read the rest of entry >>

These are not necessarily virtualization-focused, but they’re useful nonetheless. I was recently introduced to two new Microsoft RSS feeds that you might add to your watch list.  These two highlight a set of most-commonly seen support issues at Microsoft Support along with a set of possible fixes.  All are tutorials that step you through potential solutions, those that you’ll probably be asked about upon calling Microsoft Support.  Some are fairly simplistic, while others highlight “scientific method” ideas that you might not have thought about. Add these two to your RSS feed to keep abreast of new tutorials as Microsoft releases them: Windows Server:  http://support.microsoft.com/rss/winsrv.xml Windows Client:  http://support.microsoft.com/rss/winclient.xml   Catch up with @ConcentratdGreg on Twitter...Read the rest of entry >>