Archive for Certification

Install and Configure VMware ESXi Dump Collector

dumpicon

What is VMware ESXi Dump Collector?

ESXi hosts can be configured to dump the VMkernel memory to a network server rather than to a local disk when the system has encountered a critical failure. The Collector collects the dumps across the network. This is useful for ESXi hosts that are configured by the VMware Auto Deploy process and might not have local storage. A core dump is the state of working memory in the event of host failure.

Prerequisites

  • Verify that you have administrator privileges
  • Verify that the host machine has Windows Installer 3.0 or later.
  • Verify that the host machine has a supported processor and operating system. The Dump Collector supports the same processors and operating systems as vCenter Server. See vCenter Server Software Requirements and vCenter Server and vSphere Client Hardware Requirements.
  • Verify that the host machine has a valid IPv4 address. You can install the Dump Collector on a machine in an IPv4-only or IPv4/IPv6 mixed-mode network environment, but you cannot install the Dump Collector on a machine in an IPv6-only environment.
  • If you are using a network location for the Dump Collector repository, make sure the network location is mounted.

Install and Configure

  • Open the vCenter Installer and select ESXi Dump Collector

Dump1

  • Select your language

Dump2

  • Select Next

dump3

  • Click Next

dump4

  • Click I accept > Next

dump5

  • Select the folder locations you want

dump6

  •  Select the type of installation

dump7

  • Enter the vCenter details

dump8

  • Say Yes to the SSL Cert

dump9

  •  Select the Port

dump10

  • Specify the name on the network

dump11

  • Click Install

dump12

  • You can then see the icon for the VMware ESXi Dump Collector on the Home Page

dumpicon

  • Set  up an ESXi system to use ESXi Dump Collector by running esxcli
    system coredump in the local ESXi shell or by using vCLI
  • Run esxcli system coredump network set –interface-name=vmk0 –server-ipv4=192.168.232.30 –server-port=6500
  • Run esxcli system coredump network set –enable true
  • Run esxcli system coredump network get to check everything is setup as expected

Capture2

  • Under Home > Administration > VMware ESXi Dump Collector, you will now see the following

dump

VMware Dump Collector Doc

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1032051

Configuring and Testing Centralised Logging Configuration

syslog14

Commands for configuring Syslog

logging

Procedure for configuring and Testing Logging

When everything has been installed configured correctly in terms of the Syslog Collector, log files should show up in the Syslog server following the last pieces of config information as per below

  • Log into vCenter
  • Check on each host that the firewall has been adjusted to allow syslog

sysfirewall

  • Go to Home > Administration > Network SysLog Collector
  • You will see information related to the setup and the log file locations

syslog16

  • Open an SSH session on every host and type the following 2 commands
  • Don’t forget to reload the configuration

syslog17

  • You can check if this been set in the hosts Advanced Settings
  • Assuming you are sending logs to a Syslog collector named loghost.company.corp, you would enter one of the following in the Syslog.global.logHost field:
  • udp://loghost.company.corp:514
  • tcp://loghost.company.corp:514
  • ssl://loghost.company.corp:1514

syslog18

  • Go to c:\ProgramData\VMware\VMware Syslog Collector\Data
  • You should be able to see a folder created for each host called the host name

syslog19

  • If you go back to the Network Syslog collector and you are not seeing your hosts but you are getting logs collected in your designated location then log out and into vClient again

Capture

What you will see

  • A folder has been created for every ESXi host, identified by the management IP address;
  • In each folder a single file, named syslog.log, containing entries from the Hostd.log and the Vpxa.log

If logging does not show up, try the following:

  • Check the configuration of the ESXi host, especially the syntax of the loghost
  • Check the configuration of the ESXi firewall, outgoing syslog allowed
  • On the ESXi host, try restarting the Managent Agent. From the DCUI or # /sbin/services.sh restart
  • On the Syslog server, also check the firewall settings, is incoming traffic allowed?
  • Try to connect to the Syslog server using the telnet command, e.g.: > telnet Syslog server> 514
  • In case you use the “Network Syslog Collector”, review the settings
  • Restart the vClient as this sometimes refreshes the Network Syslog Collector View

VMware Doc

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2003322

Installation of Syslog Collector

syslog14

What is Syslog Collector?

You can install the Syslog Collector on the same machine as the associated vCenter Server, or on a  different machine that has network connection to the vCenter Server. The Syslog Collector service binds to  an IPv4 address for communication with vCenter Server, and does not support IPv6. The vCenter Server can be on a host machine in an IPv4-only, IPv4/IPv6  mixed-mode, or IPv6-only network environment, but the machine that connects to  the vCenter Server through the vSphere Client must have an IPv4 address for the  Syslog Collector service to work

Syslog Collector is included in the vCenter appliance installation by default.

Prerequisites

  • Verify that you have administrator privileges.
  • Verify that the host machine has Windows Installer 3.0 or later.
  • Verify that the host machine has a supported processor and operating system. The Syslog Collector supports the same processors and operating systems as vCenter Server. See vCenter Server Software Requirements and vCenter Server and vSphere Client Hardware Requirements.
  • Determine whether to install the Syslog Collector as a standalone instance or to integrate the Syslog Collector with a vCenter Server.
  • The Syslog Collector is not supported for integration with vCenter Server versions earlier than version 5.0.
  • Verify that the host machine has a valid IPv4 address. You can install the Syslog Collector on a machine in an IPv4-only or IPv4/IPv6 mixed-mode network environment, but you cannot install the Syslog Collector on a machine in an IPv6-only environment

Instructions for Install

  • Put the vCenter installer/iso into the server you want to install the Sys Log Collector on
  • Select VMware vSphere Syslog Collector

syslog1

  • Select you language

syslog2

  • The files will begin to be extracted

syslog3

  • Select Next

syslog4

  • Select Next

syslog5

  • Select I accept

syslog6

  • Select Destination Folder
  • Select vSphere Syslog Collector Configuration

syslog7

  • Select Standalone Installation or VMware vCenter Server Installation. The Integrated method is recommended by VMware

syslog8

  • Type in your vCenter IP, Port, Username and Password

syslog9

  • Click Yes to the Certificate Warning

syslog10

  • Check the Port Information

syslog11

  • Specify how vSphere Syslog collector is identified on the network

syslog12

  • Install

syslog13

  • Finish

Identify Log names and locations for vSphere 5

Using Logs to Troubleshoot

Logs can help you find out what happened if commands do not have the desired results.

  • vCenter Logs
  • ESXi Logs

vCenter Log Files and Names

The vCenter Server logs are placed in a different directory on disk depending on vCenter Server version and the deployed platform

vCenter 5 = <drive>:\ProgramData\VMware\VMware VirtualCenter\Logs

Logs

vCenterlogs

vCenter Server logs are grouped by component and purpose

Note: As each log grows, it is rotated over a series of numbered component-nnn.log files. On some platforms, the rotated logs are compressed.

vCenter2

vCenter Server logs can be viewed from

vCenter3

ESXi Log filenames and locations

ESXILog1

logs

Tools used to view ESXi Logs

ESXiLog2

Logs from vCenter Server Components on ESXi 5.0

When an ESXi 5.0 host is managed by vCenter Server 5.0, two components are installed, each with its own logs:

Esxi3

3rd Party Tools

  • Putty

Logs2

  • WinSCP

Winscp

  • Click OK to the Key Warning

winscp2

  • You can now see your host and your own file system and view/copy files back and forth

winscp3

Generating vCenter and ESXi Log Bundles

  • Go to Home > Administration > System Logs > Export System Logs

EXPORT2

Utilise the Update Manager Manager Utility to reconfigure vUM Manager

images

What is the Update Manager Manager Utility?

The Update Manager Utility is an optional tool for Update Manager that allows you to configure the Update Manager server as well as UMDS after installation.
The Update Manager Utility allows you to reconfigure the following Update Manager settings without the need to reinstall Update Manager and UMDS:

When you install the Update Manager server, the Update Manager Utility is installed on your system as an additional component.

Prerequisites

  • Make sure that you have local administrative credentials for the machine on which the Update Manager server is installed.
  • Stop the Update Manager service.

Procedure

  • Log in as an administrator to the machine on which the Update Manager server is installed.
  • Navigate to the Update Manager installation directory.
  • The default location is C:\Program Files (x86)\VMware\Infrastructure\Update Manager.
  • Double-click the VMwareUpdateManagerUtility.exe file.
  • Type the vCenter Server machine IP address or host name and the administrative credentials to the vCenter Server system.
  • Click Login

Capture

  • You successfully logged in to the Update Manager Utility.
  • Now modify any of the following pages that you need
  • Proxy Settings

Capture2

  • Database Settings

Capture3

  •  Re-register to vCenter

Capture4

  • SSL Certificate

Capture5

VMware Guide

http://www.vmware.com/pdf/vsp_vum_41u1_reconfig_guide.pdf

Utilise Update Manager PowerCLI to export baselines for testing

index

Why Export Baselines?

Before you apply patches or extensions to ESX/ESXi hosts, you might want to test the patches and extensions by applying them to hosts in a test environment. You can then use Update Manager PowerCLI to export the tested baselines to another Update Manager server instance and apply the patches and extensions to the other hosts.

Workflow

This workflow describes how to test patches by using one Update Manager instance and how to export the patch baseline containing the tested patches to another Update Manager instance.

Pages are referenced from Installing and Administering VMware vSphere Update Manager

  • Create fixed host patch baselines.

Create fixed patch baselines containing the patches that you want to test. Fixed patch baselines do not change their content when new patches are downloaded into the Update Manager patch repository. You can create a fixed patch baseline from the Baselines and Groups tab of the Update Manager Administration view. For more information and a detailed procedure, see “Create a Fixed Patch Baseline,” on page 85.

  • Attach the patch baselines to a container object containing the hosts that you want to scan or remediate.

The container object can be a folder, cluster, or datacenter. You can attach baselines and baseline groups to objects from the Update Manager Compliance view. For more information about attaching baselines and baseline groups to vSphere objects, see “Attach Baselines and Baseline Groups to Objects,” on page 97.

  • Scan the container object.

After you attach baselines to the selected container object, you must scan it to view the compliance state of the hosts in the container. You can scan selected objects manually to start the scanning immediately. For detailed instructions on how to scan your hosts manually, see “Manually Initiate a Scan of ESX/ESXi Hosts,” on page 101. You can also scan the hosts in the container object at a time convenient for you by scheduling a scan task. For more information and detailed instructions about scheduling a scan, see “Schedule a Scan,” on page 102.

  • Review the scan results displayed in the Update Manager Client Compliance view.

For a detailed procedure about viewing scan results and for more information about compliance states, see “Viewing Scan Results and Compliance States for vSphere Objects,” on page 103.

  • (Optional) Stage the patches in the attached baselines to the hosts that you want to update.

You can stage the patches and copy them from the Update Manager server to the hosts before applying them. Staging patches speeds up the remediation process and helps minimize host downtime during remediation. For a detailed procedure about staging patches and extensions to hosts, see “Stage Patches and Extensions to ESX/ESXi Hosts,” on page 121.

  • Remediate the container object.

Remediate the hosts that are in Non-Compliant state to make them compliant with the attached baselines. For more information about remediating hosts against patch or extension baselines, see “Remediate Hosts

  • Export the patch baselines from the Update Manager server that you used to test the patches, and import them to another Update Manager server.

You can export and import patch baselines from one Update Manager server to another by using an Update Manager PowerCLI script. The example script on Page 156 of Installing and Administering VMware vSphere Update Manager creates a duplicate of the baseline MyBaseline on the $destinationServer.

The script works for fixed and dynamic patch baselines as well as for extension baselines.

Generate Database Reports using MS Excel or MS SQL

images

Generating Common Database Reports

Update Manager uses Microsoft SQL Server and Oracle databases to store information. Update Manager does not provide a reporting capability, but you can use a third-party reporting tool to query the database views to generate reports.

IMPORTANT The Update Manager database does not contain information about the objects in the inventory, but contains internal inventory entity IDs. To get the original IDs for virtual machines, virtual appliances, and hosts, you must have access to the vCenter Server system database. From the vCenter Server system database, you can retrieve the ID of the objects that you want to access. To obtain the Update Manager database IDs of the objects, Update Manager adds the prefix vm- (for virtual machines), va- (for virtual appliances), or host- (for hosts)

Generate Common Reports Using Microsoft Office Excel

Using Microsoft Excel, you can connect to the Update Manager database and query the database views to generate a common report.

Prerequisites

You must have an ODBC connection to the Update Manager database.

Procedure for Microsoft SQL Server (Express Procedure below)

Note: I am using Microsoft Office 2010

  • Log in to the computer on which the Update Manager database is set up.
  • From the Windows Start menu, select Programs > Microsoft Office > Microsoft Excel.
  • Click Data > Import External Data > New Database Query.
  • In the Choose Data Source window, select VMware Update Manager and click OK
  • If necessary, in the database query wizard, select the ODBC DSN name and enter the user name and password for the ODBC database connection.
  • In the Query Wizard – Choose Columns window, select the columns of data to include in your query

excel

  • Click Next
  • For example, if you want to get the latest scan results for all objects in the inventory and all patches for an inventory object, select the following database views and their corresponding columns from the Available tables and columns pane:
  • VUMV_UPDATES
  • VUMV_ENTITY_SCAN_RESULTS
  • Click OK in the warning message that the query wizard cannot join the tables in your query.
  • In the Microsoft Query window, drag a column name from the first view to the other column to join the columns in the tables manually.
  • For example, join the META_UID column from the VUMV_UPDATES database view with the UPDATE_METAUID column from the VUMV_ENTITY_SCAN_RESULTS database view.
  • A line between the columns selected indicates that these columns are joined.
  • The data is automatically queried for all inventory objects in the Microsoft Query window.

Procedure for Microsoft SQL Server Express

Note: I am using Microsoft Office 2010

  • Log in to the computer on which the Update Manager database is set up.
  • From the Windows Start menu, select Programs > Microsoft Office > Microsoft Excel.
  • Click Data > From Other Sources > From Microsoft Query

data

  •  Click VMware vSphere Update Manager

excel

  • Choose relevant colums etc
  • For example, if you want to get the latest scan results for all objects in the inventory and all patches for an inventory object, select the following database views and their corresponding columns from the Available tables and columns pane:
  • VUMV_UPDATES
  • VUMV_ENTITY_SCAN_RESULTS

VUM

  • Click OK to the message that they cannot be joined

VUM2

  • In the Microsoft Query window, drag a column name from the first view to the other column to join the columns in the tables manually.
  • For example, join the META_UID column from the VUMV_UPDATES database view with the UPDATE_METAUID column from the VUMV_ENTITY_SCAN_RESULTS database view.
  • A line between the columns selected indicates that these columns are joined.
  • The data is automatically queried for all inventory objects in the Microsoft Query window

join

  • And this is what you will see

metadata

Generate Common Reports Using Microsoft SQL Server Query

Using a Microsoft SQL Server query, you can generate a common report from the Update Manager database.

Procedure

To generate a report containing the latest scan results for all objects in the inventory and for all patches for an inventory object, run the query in Microsoft SQL Client.

excel3

  • The query displays all patches that are applicable to the scanned objects in the inventory.

Troubleshoot Update Manager problem areas or issues

index

Troubleshooting

Problems you may get. Please click on the links to go to the troubleshooting page

Gather Update Manager Log Bundles

You can gather information about recent events on the Update Manager server for diagnostic purposes. When Update Manager and vCenter Server are installed on the same machine, you can also gather the vCenter Server log bundle together with the Update Manager log bundle.

Procedure

  • Log in to the machine on which Update Manager is installed.
  • To obtain the complete set of the logs, you should log in with the user name and password used for
  • installing Update Manager.
  • Select Start > All Programs > VMware > Generate Update Manager log bundle
  • Log files are generated as a ZIP package, which is stored on the current user’s desktop.

Create and Modify Baseline Groups

images

Patch and Extension Baselines

You can remediate hosts against baselines that contain patches or extensions. Depending on the patch criteria you select, patch baselines can be either dynamic or fixed.

  • Dynamic patch baselines contain a set of patches, which updates automatically according to patch availability and the criteria that you specify.
  • Fixed baselines contain only patches that you select, regardless of new patch downloads.
  • Extension baselines contain additional software modules for ESX/ESXi hosts. This additional software might be VMware software or third-party software. You can install additional modules by using extension baselines, and update the installed modules by using patch baselines.

If your vCenter Server system is part of a connected group in vCenter Linked Mode, and you have more than one Update Manager instance, patch and extension baselines that you create are not applicable to all inventory objects managed by other vCenter Server systems in the group. Baselines are specific for the Update Manager instance you select.

Create a Fixed Patch Baseline

Fixed baselines consist of a specific set of patches that do not change as patch availability changes.

Prerequisites

Connect the vSphere Client to a vCenter Server system with which Update Manager is registered, and on the Home page, click Update Manager under Solutions and Applications. If your vCenter Server system is part of a connected group in vCenter Linked Mode, you must specify the Update Manager instance to use, by selecting the name of the corresponding vCenter Server system in the navigation bar.

Procedure

  • On the Baselines and Groups tab, click Create above the Baselines pane.
  • Type a name, and optionally, a description of the baseline.
  • Under Baseline Type, select Host Patch, and click Next.

Baseline1

  • Select Fixed for the type of baseline and click Next.

Baseline2

  • Select individual patches to include and click the down arrow to add them to the Fixed Patches to Add list.

Baseline3

  • (Optional) Click Advanced to find specific patches to include in the baseline.
  • Click Next

Baseline4

  • On the Ready to Complete page, click Finish.
  • The new baseline is displayed in the Baselines pane of the Baselines and Groups tab.

Create a Dynamic Patch Baseline

Dynamic baselines consist of a set of patches that meet certain criteria. The contents of a dynamic baseline varies as the available patches change. You can also exclude or add specific patches. Patches you select to add or exclude do not change with new patch downloads.

Prerequisites

Connect the vSphere Client to a vCenter Server system with which Update Manager is registered, and on the Home page, click Update Manager under Solutions and Applications. If your vCenter Server system is part of a connected group in vCenter Linked Mode, you must specify the Update Manager instance to use, by selecting the name of the corresponding vCenter Server system in the navigation bar.

Procedure

  • On the Baselines and Groups tab, click Create above the Baselines pane.
  • Type a name, and optionally, a description of the baseline.
  • Under Baseline Type select Host Patch, and click Next.

Baseline1

  • Select Dynamic as the type of baseline, and click Next.

Baseline5

  • On the Dynamic Baseline Criteria page, specify criteria to define the patches to include, and then click Next.

Baseline6

  • For example, when you select a product and severity option, the patches are restricted to the ones that are applicable for the selected product and are of the specified severity level
  • (Optional) On the Patches to Exclude page, select one or more patches in the list and click the down arrow to permanently exclude them from the baseline.
  • (Optional) Click Advanced to search for specific patches to exclude from the baseline.

Baseline7

  • Click Next.
  • (Optional) On the Other Patches to Add page, select individual patches to include in the baseline and click the down arrow to move them into the Fixed Patches to Add list.

Baseline8

  • The patches you add to the dynamic baseline stay in the baseline regardless of the new downloaded patches.
  • (Optional) Click Advanced to search for specific patches to include in the baseline.
  • Click Next.
  • On the Ready to Complete page, click Finish.

Baseline9

The new baseline is displayed in the Baselines pane of the Baselines and Groups tab

Create a Host Extension Baseline

Extension baselines contain additional software for ESX/ESXi hosts. This additional software might be VMware software or third-party software. You create host extension baselines using the New Baseline wizard.

Extensions can provide additional features, updated drivers for hardware, Common Information Model (CIM) providers for managing third-party modules on the host, improvements to the performance or usability of existing host features, and so on.

Host extension baselines that you create are always fixed. You must carefully select the appropriate extensions for the ESX/ESXi hosts in your environment.

To perform the initial installation of an extension, you must use an extension baseline. After the extension is installed on the host, you can update the extension module with either patch or extension baselines.
Note

When applying extension baselines by using Update Manager, you must be aware of the functional implications of new modules to the host. Extension modules might alter the behavior of ESX/ESXi hosts. During installation of extensions, Update Manager only performs the checks and verifications expressed at the package level.

Prerequisites

Connect the vSphere Client to a vCenter Server system with which Update Manager is registered, and on the Home page, click Update Manager under Solutions and Applications. If your vCenter Server system is part of a connected group in vCenter Linked Mode, you must specify the Update Manager instance to use, by selecting the name of the corresponding vCenter Server system in the navigation bar.

Procedure

  • On the Baselines and Groups tab, click Create above the Baselines pane.
  • Type a name, and optionally, a description of the baseline.
  • Under Baseline Type, select Host Extension and click Next.

Baseline10

  • On the Extensions page, select individual extensions to include in the baseline and click the down arrow to add them to the Included Extensions list.
  • (Optional) Click Advanced to filter the extensions to include specific extensions in the baseline

Baseline11

  • Click Next.
  • On the Ready to Complete page, click Finish.

Baseline12

  • The new baseline is displayed in the Baselines pane of the Baselines and Groups tab.

Baseline Groups

A baseline group is a collection of patch, upgrade, and/or extension baselines.

Procedure for Host Upgrade Baseline Group

  • Login to the vCenter server using vSphere client
  • Navigate to Home > Solutions and Applications > Update Manager
  • Click Create
  • Select Host Baseline Group, provide a name for the new baseline group

Baseline1

  •  Click Next
  • At the upgrade screen you can select a Host Upgrade Baseline or optionally Click the blue link at the bottom of the screen to Create a new Host Upgrade Baseline

Baseline2

  • Select Patch Baselines

Baseline3

  • Select Extension Baseline

Baseline4

Procedure for creating a Baseline Group for Virtual Machines and Virtual Appliances

  • Click Create

Baseline5

  • Add one upgrade baseline per type in this group

Baseline6

  • Finish

Perform orchestrated vSphere upgrades

index

Orchestrated Upgrades of Hosts and Virtual Machines

You can perform orchestrated upgrades of hosts or virtual machines in your vSphere inventory by using baseline groups. Baseline groups contain baselines for either hosts or virtual machines.

You can perform an orchestrated upgrade at the level of a container object or an individual object.

  • Orchestrated Upgrade of Hosts

Orchestrated upgrades let you apply upgrades, patches, and extensions to hosts in your inventory by using a single host baseline group.

If the baseline group contains an upgrade baseline, Update Manager first upgrades the hosts and then applies the patch or extension baselines. Because the upgrade runs first and patches are applicable to a specific host version, the orchestrated workflow ensures that patches are not lost during the upgrade.

  • Orchestrated Upgrade of Virtual Machines

You can use an orchestrated upgrade to upgrade the virtual machine hardware and VMware Tools of all the virtual machines in the vSphere inventory at the same time, using baseline groups containing the following baselines:

  • VM Hardware Upgrade to Match Host
  • VMware Tools Upgrade to Match Host

Upgrading the virtual hardware of the virtual machines exposes new devices and capabilities to the guest operating systems. You must upgrade VMware Tools before upgrading the virtual hardware version so that all required drivers are updated in the guest. You cannot upgrade the virtual hardware of the virtual machines if VMware Tools is not installed, is out of date, or is managed by third-party tools.

When you upgrade virtual machines against a baseline group containing the VM Hardware Upgrade to Match Host baseline and the VMware Tools Upgrade to Match Host baseline, Update Manager sequences the upgrade operations in the correct order, and VMware Tools is upgraded first.

During the upgrade of VMware Tools, the virtual machines must be powered on. If a virtual machine is in the powered off or suspended state before remediation, Update Manager powers it on. After the upgrade completes, Update Manager restarts the machine and restores the original power state of the virtual machine.

During the virtual hardware upgrade, the virtual machines must be shut down. If a virtual machine is powered on, Update Manager powers the machine off, upgrades the virtual hardware, and then powers the virtual machine on.