On Thursday, January 13th I had my first Ask Harley Session. This was a session where I answered virtualization and VMware related questions on Twitter. I received a lot of great questions during this session. Thank you to all who participated. Below are the questions and their answers in case you missed them on Twitter.
Ask Harley: Question 1 – What common issues or mistakes do you see with your customers who have setup VMware infrastructure or are looking to setup VMware?
What common issues or mistakes do you see with your customers who have setup VMware infrastructure or are looking to setup VMware?
Most of the issues in an initial deployment occur from a lack of capacity, application, and infrastructure planning.
Consider the 4 core (CPU, RAM, DISK, NET) resources from a capacity standpoint. Consider application requirements (MS Clustering, Dongles, Vendor Support, Etc.).
Consider scalability and ease of management from the infrastructure standpoint. Infrastructure item examples: Scale up vs scale out(more hosts = more DRS opportunities,Less hosts = more risk).
Details. Details. Details. Example- Do I have enough space for VMDK and Swap files? Do I have a syslog server for ESXi?
Keep it simple. Avoid Resource Pools, Reservations, and Limits unless they are needed.
Resource pools are NOT for organization. That’s worth repeating. Resource pools are NOT for organization. Folders are.
There is more involved in a virtualization design / deployment than clicking next.
Ask Harley: Question 2 – Why would you use Virtual Port-ID NLB instead of IP-Hash NLB?
Why would you use Virtual Port-ID NLB instead of IP-Hash NLB?
The summary answer would be simplicity. Port-ID is the default load balancing and good in a wide range of use cases.
Port-ID Advantage: Simple, effective. Port-ID Disadvantage: Only egress traffic is load balanced as it depends on the source virtual port id
IP-Hash has an upstream dependency on 802.3ad static link aggregation. An example is etherchannel on Cisco Switches. Even if the dependency is met. You may not be load balancing as efficiently as you think. You need MANY destinations in order for IP-Hash maximum effectiveness.
Why? Because IP-Hash algorithm uses an Xor of source and destination IP using the least significant byte (LSB) of both addresses. Then, the modulo of the Xor result is computed over the number of physical NICs.
Formula- (“LSB of Source IP of VM” xor “LSB of Destination IP”) mod “Number of Physical NICs in the team” = Modulo. If the Modulo is the same among two VM’s they will choose the same physical NIC for traffic. If the Modulo is different, they will choose different physical NICs.
IP-Hash Advantage: Ingress and Egress load balancing. IP-Hash Disadvantage: Upstream dependencies. More complexity and planning involved.
For further detail beyond Twitter see Ken Cline’s excellent post on Network Load Balancing here -> http://bit.ly/e7eVK0
Ask Harley: Question 3 – What are some of the most difficult parts of the journey to becoming a VCDX?
What are some of the most difficult parts of the journey to becoming a VCDX?
I can only speak from my experience on the VCDX journey.
If you are well prepared and study the written portion of the tests (and to some extent the lab), while challenging are nothing compared to the application and defense.
The application and design submission itself requires a significant amount of work.
Whatever you calculate the work effort to be, you may want to double or quadruple it.
I spent about four weeks worth of man-hours on my application and design.
Make sure you meet the application requirements in your design documentation and then go beyond. Leave nothing blank.
Know your design for the defense. This is worth repeating. Know your design cold for the defense. Nothing can prepare you for the defense other than knowing your design and significant field experience.
You don’t know what the panelists will throw at you, so you must have a breadth of knowledge.
By far the most challenging of all may be getting a handle on your nerves during the panel defense.
My detailed experience is here -> http://goo.gl/Y0tPD
There is also a nice roundup of experiences here -> http://bit.ly/eeycor
Ask Harley: Question 4 – Are there significant performance advantages on ESXi using Dell Equalogic MPIO drivers over native VMware Round Robin drivers?
Are there significant performance advantages on ESXi using Dell Equalogic MPIO drivers over native VMware Round Robin drivers?
I have not tested the performance of the Dell Equalogic MPIO drivers and a quick search did not net any official benchmarks. In general, a properly implemented and tested third party MPIO solution like the Equalogic MEM or Powerpath VE should be better at making path selections.
The storage vendor should be more familiar with its array than VMware. I have experience with Powerpath VE and the installation is fairly easy. Once it is installed there is very little management besides just updating the software from time to time.
Any other third party plugin should have a similar ease of use / management story.Consult the vendor.
I did find one unofficial performance testing post here -> http://bit.ly/hkbFv8
Ask Harley: Question 5 – What about using multiple vendor MPIO drivers, have you ever experienced issues in a mixed environment?
What about using multiple vendor MPIO drivers, have you ever experienced issues in a mixed environment?
I have not tested using multiple MPIO drivers.
However, I would not recommend that scenario as a host can only have one path selection policy.
If you have multiple hosts using different path selection policies, then performance or availability can be impacted. You should always use the same path selection policy for all of the hosts in a cluster to avoid path confusion.
Consistency is the key in a virtual infrastructure
Ask Harley: Question 6: With Cisco load balancers in places, do I still specify direct URL’s to the two security servers for #VMwareView or use LB URL?
With Cisco load balancers in places, do I still specify direct URL’s to the two security servers for #VMwareView or use LB URL?
With Cisco load balancers in front of the view security servers, you would specify the load balancer URL.