Wednesday, October 30, 2013

Top 6 features of Hyper-V 2012 R2...

...that the vSphere Admin thought were already there.

I'm not getting into a feature debate. Too much marketing on either side. Yes, VMware's licensing is complicated. AGREED.
What I'm talking about here is when I go through the "New Features" articles of Hyper-V 2012 R2 and see things that I ASSUMED WERE THERE FROM DAY ONE. Day one being ~2008. ESXi 3.5 came out in ~2007.
However, day one from Hyper-V didn't have "live migration" just "quick <cough power off cough> migration" so maybe I was expecting too much from VMware's competition out the gate.
Anyway, here's my list:

6) PXE Boot. Your Hyper-V hypervisor is now going to get out of the way of your virtual network adapter. Move out of the way. Available in ESX since probably the beginning or close to it as the generic virtual ethernet is Intel e1000 in ESX(i) and the VM traffic stack is separated from the management stack. Restricted to Gen2 VMs.

5) Online virtual HDD resizing. This feature in ESX(i) has been saving my butt since ESX(i) 3.5 (or 4.0, but I'm pretty sure 3.5). Windows Server introduced live resizing of the boot partition in Server 2008, 2003 you could only live resize non-boot partitions (shutdown, gparted, start). This was a function that the Windows Server team that got it right. Awesome feature. Because Hyper-V Gen1 VMs are IDE, you couldn't use this OS feature. Unbelievable. Oh, the fine print on the Hyper-V shrink HDD is that is has to be unpartitioned. That's reasonable. Restricted to Gen2 VMs.

5b) Clarification in that Gen1 VM boot partitions were restricted to being IDE. Other added disks could be SCSI (although I'm not sure if live resizing was available. Looks like no).

4) Live Migrate from Hyper-V 2012 server to 2012 R2. AKA, non-disruptive vMotion onto latest version. This is one-way onto 2012 R2, no clusters of different versions for any period of time. This has been available since at least ESX 3.5 circa 2007, probably before.

3) Clone a running VM. Available since at least ESX 3.5 with VMware. Again.

2) Virtual SCSI HDD boot disk. What? You mean Hyper-V guests have been running on virtual IDE? Yuck. Restricted to Gen2 VMs.

1) "VM Direct Connect" aka Virtual Console! You know that thing that happens when you screw up the network mask or IP and lock yourself out. Or maybe you had a security breach and want to keep the machine running without it being on the network. Well now you can! Introduced in the first version of VMware's hypervisor circa 2001 now coming to Hyper-V 2012 R2.

0) Restricted to Gen2 VMs. This is Windows Server 2012 and Windows 8 only. ONLY. Though if you're using the Hyper-V equivalent of vCenter (VMM) it can't see Gen2 VMs. Doh!

Other bits:

- Dynamic memory of Linux. If you set this too low you will break your Linux VM (see FYI).
- SMB over RDMA (RoCE). Shared memory between physical servers. Like HPC infiniband solutions. While a very cool idea I think most Hyper-V deployments won't be shucking the dollars for this architecture.
- NVGRE is cool. At least Ivan thinks so.

vCSA 5.1u1b Login Timeouts

Had an interesting thing happen in an environment. Not sure which knob I tweaked did the actual fix so I thought I would point out the problem and all three modifications.
  • vCSA pointing directly to a Windows 2008 R2 AD DC/GC.
  • SysAdmins add a Windows 2012 AD DC/GC into the domain.
  • Timeouts on vSphere logins suddenly start: "The command has timed out as the remote server is taking too long to respond."
Frequently with the C# client but also with the web client. There are so many chatty logs that damned if I wasn't going to be able to figure out what was going on by log checking. Trial and error was the quickest way to a solution.

Fix 1) We have a main *.domain.com and a *.ad.domain.com. Turns out that while my primary DNS servers and hostname for the VM at hostname.domain.com was all well and good, some part of ldap  (/var/log/ldapmessages) was trying to contact hostname.ad.domain.com which did not have an A record. A record created in subdomain.

Fix 2) Swapped URL from port 636 (LDAPS) to 3269 (Secure Global Catalog). Same 2008 AD DC.

Fix 3) Bumped client timeout from default 30 seconds to 60 seconds.

Now, if you look at the readme for 5.1u1b it states pretty close to the top of the page that they've fixed timeout issues. Har. It was probably the LDAPS to SGC port change that fixed the issue, so if you are reading this I would start there.

Also, while you're looking through the readme files, look at 5.1u1c. How many items are fixed? 1.
How many known issues are there? 99. How many of those known issues are listed as new? 2/99.  Make your own choice if you want to update to 5.1u1c or just wait for an upgrade that actually does something.

Wednesday, October 2, 2013

Update to latest 5.1 build on vCSA

Thanks to Virtual Aspects for a smooth second attempt at updating to the latest build of the 5.1 vCSA. My search term of vami-sfcb was surprisingly good. After watching vami-sfcb fumble in the logs repeatedly I was just trying to find out what the service did.. but there was the fix.