Published on

vsphere optimise and scale

Table of Contents

On Demand Content

https://learning.customerconnect.vmware.com/oltpublish/site/coursePlayer.do?dispatch=show&courseSessionId=38b84aa5-b77c-11ea-9f48-0cc47adeb5f8

Module 2: Network Scalability

Creating vSphere Distributed Switches

  • Standard switches are host based

  • Distributed switches are data center based

  • Change in a distributed switch propagated to all connected hosts as opposed to every single host

  • Traffic rules

    • Action -> Allow, Drop, Tag
    • Traffic Direction -> Ingress, Egress, Ingress/Egress

  • Can mark traffic witha Class of Service (CoS) tag in layer 2, or a Differentiated Serviced Code Point (DSCP) tag in layer 3

    • Tag important traffic so the physical network doesn't drop these packets during congestion

Managing vSphere Distributed Switches

  • Can run a health check to show any incorrectly configured settings

  • Rollback enabled by default

Using Network I/O Control in Distributed Switches

  • Can allocate network bandwidth to business-critical applications and to resolve situations where several types of traffic compete for common resources

  • Allocation done over distributed switches by using a network resource pool for VM and system traffic

  • Can set shares

    • Low -> 25
    • Normal -> 50
    • High -> 100
    • Custom -> 1 to 100

  • Reservations -> Minimum bandwidth in Mbps, that must be guaranteed on a single physical adapter

  • Limits -> The maximum bandwidth in Mbps or Gbps, that a system traffic type can consume on a single physical adapter

  • Max reservation is 75% of total network bandwidth

NetFlow in Distributed Switches

  • NetFlow -> Profiling, intrusion detection, prevention, networking forensics and compliance

  • Internal flow -> intrahost VM traffic

  • External flow -> VM intrahost traffic and physical machine-to-VM traffic

Port Mirroring in Distributed Switches

  • Duplicates network packets from a source to a destination

  • Helps with

    • Troubleshooting
    • Network analysis

Module 3: Storage Scalability

VMFS Datastores

  • Small files stored/divided into subblocks

  • Max virtual disk size is 62 TB

  • Cannot directly upgrade from VMFS 5 to 6

vSphere Storage APIs - Array Integration (vAAI)

  • Hardware acceleration APIs allow the ESXi host to offload specifc VM and storage management operations to the storage hardware
    • Significantly reduces the CPU overhead on the host
    • Block storage devices, such as Fibre Channel and iSCSI devices support hardware acceleration
    • Several operations supported
      • Fully copy -> Clones blocks (XCOPY) -> e.g. vSphere vMotion
      • Block zeroing -> Creaing eager-zeroed thick virtual disks
      • Hardware-assisted locking -> Performance improvement for VMFS metadata changes

Storage Awareness (VASA)

  • APIs for storage to advertise storage to vSphere
    • Different from vAAI as it allows offloading of tasks as opposed to information transfer

I/O Filtering (VAIO)

  • Creating and implementing I/O filters in a VM data stream

  • Using VAIO, VMware and third-party vendors can create data services such as caching and replication

  • I/O Filters (Also order of filters)

    • Replication -> Replicates write I/O operations to external target location
    • Encryption -> Encryption for VMs
    • Caching -> Cache for virtual disk data
    • Storage I/O Control -> Prioritizes storage I/O that is allocated to VMs during periods of I/O contention

Storage Policty Based Management Overview

  • Storage policy guarantees a specified level of capacity, performance, availability or redundancy

  • Categorize datastores based on certain levels

  • Policy rules

    • Capability-based placement rules
      • RAID level
      • Failures to tolerate
    • Tag-based placement rules
      • e.g. Gold, Silver, Bronze
    • Data service rules
      • Caching
      • Replication

  • Policy components are created and can then be reused

    • Can be defined for one specific type and grade of service

Virtual Volume Policies

  • Include

    • Virtual Volumes storage providers
    • Protocol endpoints
    • Storage containers
    • Virtual volumes datastores
    • Virtual volumes

  • Objects of the VM

  • Not preprovisioned but automatically created when you perform virtual management operations

Storage I/O Control

  • Ensure important VMs get adequate I/O resources even during times of congestion

  • Disabled by default

  • Can define number of shares, upper limit for IOPS, and reserved IOPS

  • Automatic threshold detection

    • Sets threshold to 90% of max

Datastore Clusters and vSphere Storage DRS

Affinity Rules

  • Intra-VM VMDK Affinity Rule (Default) -> Keep VM VMDKs together, maximise VM availability

  • Intra-VM VMDK Anti-Affinity Rule -> Keep VM VMDKs on different datastores

  • VM Anti-Affinity Rule -> Keep VMs on different datastores

Module 4: Host and Management Scalability

VMware Certificate Management

  • VMware Endpoint Certificate Store (VECS)

  • Certificate types

    • CA certificates
    • Solution user certificates
    • Machine certificates
      • ESXi
      • vCenter Server

  • Chain of trust

  • CA modes

    • Root CA -> VMware CA acts as the root
    • Subordinate CA -> VMware CA is subordinate to an existing CA
    • Hybrid -> VMware CA acts as a root CA for all vSphere components except vCenter Servers

vCenter Server Identity Federation

  • IDP Federation -> Requires AD and ADFS + certificate should be signed by a trusted CA

vSphere Trust Authority

  • If trusted start fails, sever will not be booted up -> True hardware trust