Difference between ESX and ESXi

 ESX 4.1 is the last version availability of ESX server. After vSphere 5, only ESXi is available. 

Capability	ESX	ESXi
Service Console	Present	Removed
Troubleshooting performed via	Service Console	ESXi Shell
Active Director Authentication	Enabled	Enabled
Secure Syslog	Not Supported	Supported
Management Network	Service Console Interface	VMKernel Interface
vSphere web Access	Only experimental	Full managenet capability via vSPhere web client
Major Administration command-line Command	esxcfg-	esxcli
VMkernel Network Used for	vMotion,Fault Tolarance,Stoarge Connectivity	Management Network , vMotion, Fault Tolarance, Stoarge Connectivity, ISCSI port binding

VMware Host Profiles

Host Profiles:

In Larger IT virtualized environment, it is very difficult to keep track of configuration changes and also maintain consistent configuration across all ESX host. Configuring multiple hosts manually will prone to human mistakes and also a time consuming process.

Host Profiles helps us to maintain consistent configuration across the datacenter by using Host Profiles policies and also eliminates Manual host configuration/ Host Profile Policies captures the blue print of well known configured ESX host in environment and it also acts a reference host to configure other hosts in environment.  These policies capture the blueprint of a known, validated reference host configuration which is also called as “Golden Image”. The blue print contains the information about the networking, storage, security and other settings.

What is memory dumping?

Ans.It is a process that writes technical information to the hard disk of a computer has stopped unexpectedly, usually used for debugging purposes. The cause of the memory dump can be problem with device drivers, hardware or software. You can load small memory dump files by using the Dump Check Utility (Dumpchk.exe). You can also use Dumpchk.exe to verify that a memory dump file has been created correctly. You can also read small memory dump files by using the WinDbg tool or the KD.exe tool.

The default location of the dump file is in C:\WINDOWS\Minidump and it is having the extension as .dmp.

What are the steps if ESX not booting ?

1. Make sure that the cpu on the host supports VT (can be enabled in bios) and has 64 bit capabilites.
2. If booting from SAN LUN and LUN connectivity have issue ( in HBA, FC, Switch, SP ).
3. If installed locally then may be disk problem or OS corrupted. Take out the disk and install it on other machine as secondary and primary and check.
4. If any new hardware or s/w installed then remove that.
5. Giving any error on screen or purpole screen error.
6. This issue occurs if the esx.conf file is corrupted.

To repair the file:

1.Select the Troubleshooting or Service Console Only boot option when the GRUB bootloader appears.

2.Log into the terminal as root.

3.Run the commands:

esxcfg-boot -p

esxcfg-boot -b (ESX 3.x only)

esxcfg-boot -r (ESX 3.x only)

4.Reboot the ESX host using the reboot command

Difference between Clone and Template

Clone creates an  exact copy of a running Virtual Machine  at the time of cloning process	Template acts as a baseline image with the predefined configuration  as per organization standards
Cloning a virtual machine creates a exact duplicate copy of the virtual machine with the same configuration and installed software without performing any additional settings.	Create a template to create a master image of a virtual machine from which you can deploy multiple virtual machines
You can create a  clone of existing installed and Configured running virtual machine by right clicking  the VM and Clone.	You can create a template by converting a virtual machine to a template, cloning a virtual machine to a template, or cloning another template
VM clones are best suited in test and development environments where you want to create, test and work with exact copies of production servers without disturbing production servers by creating clone of the production virtual machine.	Templates are best suited for production environments where you want the mass deployment of virtual machines along with the installed OS and basic software, configured policy as per the security policy of your organization as a base Machine. Once template is deployed, you can install software depend on the role of the server like IIS,Database
VM Clones are not suited for mass deployment of Virtual Machines	Templates are best suited for Mass Deployment of Virtual Machines
We Cannot Convert back the Cloned Machine	You can convert the template back to virtual machine to update the base template with the latest released patches and updates and to install or upgrade any software and again convert back to template to be used for deployment of virtual machines with latest patches.
Cloned Virtual Machine Can be powered on	Templates cannot be powered on

VM Configuration Files Location

Auditing User Logins and commands in ESXi

Most of you would have been asked by your auditors during your security audit of your environment. How to track the individual user login and actions performed by the user account in ESXi servers. It was not available in previous versions of vSphere. But with ESXi 5.x, You will be able to login to Shell access using Locally created user account. In previous versions, You have use Su to switch to execute all the commands at ESX or ESXi level but with latest versions you can login and execute all the commands using locally created account by adding them into administrator group. By that you can easily achieve user auditing and when was the last user login and what action was performed by the user during his login.

With this new feature, You will be able to easily provide the auditing information for ESXi logins to your auditor. You will be saved during your IT audit.

Let’s take a step by step look to understand this feature.

1. Create a local user account in ESXi server by login to ESXI directly using vSphere Client

2. Add the user account into Administrator Group 

3. Login to ESXi via SSH using the newly created user account called “Mohammed”

4. Execute the below commands with user “Mohammed” Login
  
This command to list the vSwitch connected to this ESXi host

      esxcli network vswitch standard list

This command to list the Number of CPU’s and its details

       esxcli hardware cpu list

5. Now We will verify the  ”/Var/log/shell.log” to audit the actions performed by user called “Mohammed”

It lists the login information and all the commands executed by the user called “Mohammed” and also logs information about all User logins and tasks performed by users.

What is server hardening?

Ans. Server Hardening is the process of enhancing server security through a variety of means resulting in a much more secure server operating environment which is due to the advanced security measures that are put in place during the server hardening process.

Install all Service Packs/Hotfixes, etc.

Disable all unnecessary services/devices/accounts

 Enable appropriate password settings (esp. Service Accounts!)

Enable appropriate logging/auditing

Use the concept of “Least Privilege”

Admin Accounts (esp. Service Accounts!)

User Rights (Beware the “Everyone” Group!)

Enable “extra” security settings (e.g. Warning Banners)

Tighten NTFS/Registry permissions

Implement Time Synchronization

What are the different types of Partitions in ESX server?

/ -root
Swap
/var
/Var/core
/opt
/home
/tmp

What are the basic commands to troubleshoot  connectivity between vSphere Client /vCenter to ESX server?

servicemgmt-vmware restart  (restarts host agent(vmware-hostd) on vmwareesx server)

servicevmware-vpxa restrat (restarts Vcenter agent service)

service network restart (restarts management networks on ESX)

Memory Ballooning in Vmware

Memory Ballooning

The first thing to be clear about is that Memory Ballooning is a technique that is only engaged when the host is running low on physical memory.  If you have a host with 60 GB of physical memory available and the virtual machines are only allocated a total of 30 GB of memory, then you may never need to know what memory ballooning is all about.  However if you are over committing your hosts then this is an important topic to review.

Memory that is allocated to a virtual machine might not all be actively used.  Think about it, if 4 GB is assigned to a machine, the applications may only be using 2 GB of it actively.  As far as an ESXi host is concerned though, 4 GB of memory is basically off limits because it’s assigned it to a VM.  VMware ballooning basically consists of the host asking for some of that memory back.

Remember that one of the things we like most about virtualization is that the host doesn't know what the guest OS is doing.  At the same time, the guest OS doesn't realize that it’s running inside of a virtual machine either.  In order for the host to request memory back from the guest OS it needs to use the balloon driver (vmmemctl.sys) to communicate this information.

When the ESXi host runs low on memory it uses the balloon driver to determine what memory the virtual machines can give up to prevent the host from paging to disk.

What is SAHF and LAHF

What is SAHF and LAHF and why do I need it to install vSphere 5.1?

Hardware Requirements for ESXi 5.5

ESXi 5.1 will install and run only on servers with 64-bit x86 CPUs

ESXi 5.1 requires a host machine with at least two cores

ESXi 5.1 supports only LAHF and SAHF CPU instructions

ESXi 5.1 requires the NX/XD bit to be enabled for the CPU in the BIOS

Most of the requirements are fairly straightforward, the 64-bit CPU requirement has been there since vSphere 4 was introduced, but many people probably don’t know what NX/XD & LAHF/SAHF are. The NX/XD bit is a CPU feature called Never eXecute, hence the NX name. What the NX bit does is enable the ability to mark certain areas of memory as non-executable with a flag. When this happens the processor will then refuse to execute any code that resides in those areas of memory. Any attempt to execute code from a page that is marked as no execute will result in a memory access violation. This feature adds a layer of security to a computer by providing a protected area against malicious code such as viruses and buffer overflow attacks.

any virtualization admins know what NX/XD is but LAHF & SAHF CPU instructions are a processor function that you have probably never heard of. LAHF stands for Load AH from Flags and SAHF stands for Store AH into Flags. LAHF & SAHF are used to load and store instructions for certain status flags. Instructions are basic commands composed of one or more symbols that that are passed to a CPU as input. These instructions related to LAHF & SAHF are used for virtualization and floating-point condition handling. You really don’t need to understand how they work as they are related to the core CPU architecture but if you want to understand them better you can read more about them here.

Support for LAHF and SAHF instructions appeared shortly after NX/XD was introduced. AMD introduced support for the instructions with their Athlon 64, Opteron and Turion 64 revision D processors in March 2005 and Intel introduced support for the instructions with the Pentium 4 G1 stepping in December 2005. So again most most servers built after 2006 should have CPUs that support LAHF/SAHF. Similar to NX/XD which can be enabled or disabled in the server BIOS, support for LAHF/SAHF is typically tied into the Virtualization Technology (VT) option in a server BIOS which is often referred to Intel VT or AMD-V which is their respective support for virtualization CPU technology. The option to enable this on a HP Proliant BIOS is shown below:

So how do you know if your server’s CPUs support NX/XD & LAHF/SAHF? As I said before if you’ve purchased a server in the last 5 or so years, it most likely will support it. If it doesn’t support it the ESXi installer will warn you when you install it as shown below:

VMFS (Virtual Machine File System)

VMware VMFS (Virtual Machine File System) is a cluster file system that facilitates storage virtualization for multiple installations of VMware ESX Server, a hypervisor that partitions physical servers into multiple virtual machines. 

Raw device mapping (RDM) in Vmware

Raw device mapping (RDM) is method to provide direct access to a LUN on a iscsi or fibre channel storage system for a virtual machine. RDM is basically a Mapping file acts as a proxy for a raw physical storage device placed in a VMFS volume. Virtual Machine can directly  access the storage device using RDM and RDM contains metadata which controls the disk access to the physical device.

What is ILO port

What is ILO port? what you can do from ILO?

The ILO is the integrated lights out component on the server. This is a card which is integrated to the board which allows you to connect to the server remotely and even if Windows or Linux doesn’t work. It has it’s own network connection, and through it you can view the IML (integrated management logs), you can view what’s on the screen and use it just like terminal services, reboot or power cycle the server.

you will see the four tabs with the different options, server status, remote console, administration etc, all controlling different parts of the ILO function, by that I mean, you click server status to see information like if the server is powered on, what the serial number is, who’s logged in; remote console is the terminal services (remote desktop like) screen where you can access the server just like you’re standing in front of it; administration is where you can add new users, change the IP addresses etc

VMware Tools

Overview of VMware Tools

VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine. Without VMware Tools installed in your guest operating system, guest performance lacks important functionality. Installing VMware Tools eliminates or improves the following issues:

1. Low video resolution

1. Inadequate color depth

1. Incorrect display of network speed

1. Restricted movement of the mouse

1. Inability to copy and paste and drag-and-drop files

1. Missing sound

VMware Tools includes these components:

• VMware Tools service

• VMware device drivers

• VMware user process

• VMware Tools control panel

ESXi 5.5 host Hardware Requirements

ESXi Hardware Requirements

Make sure the host meets the minimum hardware configurations supported by ESXi 5.5.

Hardware and System Resources

To install and use ESXi 5.5, your hardware and system resources must meet the following requirements:

■	ESXi 5.5 will install and run only on servers with 64-bit x86 CPUs.
■	ESXi 5.5 requires a host machine with at least two cores.
■	ESXi 5.5 supports only LAHF and SAHF CPU instructions.
■	ESXi 5.5 requires the NX/XD bit to be enabled for the CPU in the BIOS.
■	ESXi supports a broad range of x64 multicore processors. For a complete list of supported processors.
■	ESXi requires a minimum of 4GB of physical RAM. Provide at least 8GB of RAM to take full advantage of ESXi features and run virtual machines in typical production environments.
■	To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD RVI) must be enabled on x64 CPUs.
■	One or more Gigabit or 10Gb Ethernet controllers. For a list of supported network adapter models.
■	Any combination of one or more of the following controllers: ■ Basic SCSI controllers. Adaptec Ultra-160 or Ultra-320, LSI Logic Fusion-MPT, or most NCR/Symbios SCSI. ■ RAID controllers. Dell PERC (Adaptec RAID or LSI MegaRAID), HP Smart Array RAID, or IBM (Adaptec) ServeRAID controllers.
■	SCSI disk or a local, non-network, RAID LUN with unpartitioned space for the virtual machines.
■	For Serial ATA (SATA), a disk connected through supported SAS controllers or supported on-board SATA controllers.