Operation Jumbo Frames – MTU 9000 for VMware Networking

Wanted to make a quick post about enabling Jumbo Frames in my VMware environment! My switches (Cisco SG-200 & SG-500) support Jumbo Frames so I thought why not? It would surely help push more data through the network for faster for VSAN and vMotions. I’ll do some speed tests later to compare!

Hardware Requirements:

Before you start out on this quest ensure your physical switch support jumbo frames. When enabling it on my Cisco switches a switch reboot was required:

1 Cisco SG Series - Jumbo Frames

The next step is to ensure the NICs in your servers support jumbo frames. If they are server NICs then they should. My Dell T620/R520 both have Broadcom NetXtreme 5709 which in fact support Jumbo Frames.

2 Dell T620 Physical Network Adapters

Read more…Operation Jumbo Frames – MTU 9000 for VMware Networking

Deploying VMware Update Manager 6.0 Update 2

With the release of vSphere 6.0 Update 2 I needed to update my hosts! VMware Update Manager [VUM] makes updating and patching your environment very easy. It can also be used to upgrade VMTools and VMHardware versions on your virtual machines. In this post I will be installing VUM on Windows Server 2012 R2 VM using the SQL Express database and attaching it to my VCSA 6.0 U2 appliance. Once installed then I will use VUM to update my environment!

VUM Getting Started

Requirements:

  • Must have a vCenter.
  • Software: .NET Framework 3.5 needs to be installed on the VUM server. For two install methods click here and here.
  • Hardware: 2 GB of RAM if separated from vCenter. 8 GB of RAM if installed on a Windows vCenter.
  • Storage: VMware recommends at least 120 GB of free space for the patching repository. Sizing Estimator for vSphere Update Manager 6.0.
  • Database:
    • SQL Express: If you have a small environment (VMware says 5 hosts and 50 virtual machines or less) then the embedded SQL Express database is just fine.
    • External: If you have a larger environment then you will want to use a external database. Click here and here to read more about having a external database.
  • For a full of requirements check out the VMware Update Manager 6.0 Update 2 Release Notes.
  • Click here for all VMware Update Manager documentation.

Read more…Deploying VMware Update Manager 6.0 Update 2

How to setup Microsoft Web Application Proxy

Microsoft Web Application Proxy [WAP] is a new service added in Windows Server 2012 R2 that allows you to access web applications from outside your network. WAP functions as a reverse proxy and an Active Directory Federation Services [AD FS] proxy to pre-authenticate user access.

Web Application Proxy Overview

vBoring Blog Series:

  1. How to setup Microsoft Active Directory Federation Services [AD FS]
  2. How to setup Microsoft Web Application Proxy

Requirements:

  • The only hard requirement of WAP is having an AD FS server. Refer to step 1 for setting that up.
  • WAP cannot be installed on a server that AD FS is installed on. They must be separate servers.

Installing the Web Application Proxy Server Role:

Open Server Manager and click Manage -> Add Roles and Features:

Microsoft Web Application Proxy 1 - Add Roles and Features

Read more…How to setup Microsoft Web Application Proxy

How to setup Microsoft Active Directory Federation Services [AD FS]

In this post I will be installing and configuring the Active Directory Federation Services [AD FS] server role. AD FS is able to provide Single-Sign-On [SSO] capabilities to multiple web application using a single Active Directory account.

vBoring Blog Series:

  1. How to setup Microsoft Active Directory Federation Services [AD FS]
  2. How to setup Microsoft Web Application Proxy

Install the AD FS Server Role:

Open Server Manager and click Manage -> Add Roles and Features:

AD FS 1 - Add Roles and Features

Click Next:

AD FS 2 - Before you Begin

Read more…How to setup Microsoft Active Directory Federation Services [AD FS]

Deploy and Configure WSUS on Server 2012 R2

Windows Server Update Service [WSUS] is a server role that serves as a repository for Microsoft product updates on your network. Instead of every computer on your network downloading updates directly from Microsoft you can deploy a WSUS server so the updates are downloaded once and distributed to your environment from the WSUS server.

In this post I will be deploying WSUS Server 2012 R2 in a domain environment, using the Windows Internal Database (WID), and using Group Policy to have my computers connect to WSUS instead of Microsoft Updates.

Single WSUS Server

Read more…Deploy and Configure WSUS on Server 2012 R2

Updating vCenter Server Appliance 6.0 to Update 1 & 1b

VMware released vSphere 6.0 Update 1 on September 10th, 2015 and Update 1b on January 7th, 2016. In this post i’ll go through how to upgrade VCSA 6.0 to Update 1 & 1b.

In my environment I have the Platform Services Controller [PSC] embedded with the VCSA. If you deployed an external PSC separately from vCenter then this post will still work for you! The upgrade procedure is the exact same on both the vCenter and PSC just upgrade the PSC first before vCenter.

vCenter Server Appliance 6.o Update 1 Release Notes:

  • Customer Experience Improvement Program: The Customer Experience Improvement Program (CEIP) provides VMware with information that enables VMware to improve the VMware products and services and to fix problems. When you choose to participate in CEIP, VMware will collect technical information listed below about your use of the VMware products and services in CEIP reports on a regular basis. This information does not personally identify you. For more details, see the vSphere Documentation Center.
  • Feature Enhancement: Suite UI is now enabled by default for the vSphere Web Client.
  • Support for SSLv3: Support for SSLv3 has been disabled by default.
  • vCSA Authentication for Active Directory: VMware vCenter Server Virtual Appliance (vCSA) has been modified to only support AES256-CTS/AES128-CTS/RC4-HMAC encryption for Kerberos authentication between vCSA and Active Directory.
  • Hybrid Cloud Manager: Hybrid Cloud Manager has been updated for vSphere, and can be accessed directly from the home page of vSphere Web Client.
  • FT-vSAN Interoperability: vSAN and FT work together.
  • Appliance Management user interface: Appliance Management has a new user interface, written in HTML5.
  • Backup and Restore with external PSC: vCenter Server deployments with external PSC, also called MxN have support for backup and restore.
  • Platform Services Controller UI: The Platform Services Controller now provides UI option to view, renew and replace certificates. For more details see Explore Certificate Stores from the Platform Services Controller Web Interface
  • Installation and Upgrade using HTML 5 installer: The following installation and upgrade scenarios are supported for vCenter Server using HTML 5 installer:
    • Installation using HTML 5 installer and target as vCenter Server is supported
    • Upgrade using HTML 5 installer and target as vCenter Server is not supported
    • Upgrade using command line and target as vCenter Server is supported
  • Resolved Issues: This release of vCenter Server 6.0 Update 1 addresses issues that have been documented in the Resolved Issues section.
  • Full release notes can be found here

vCenter Server Appliance 6.o Update 1b Release Notes:

  • ESXi 6.0 Update 1b enables support for TLS versions 1.1 and 1.2 for most of the vSphere components without breaking the previously supported compatibility/interoperability. Some of the vSphere components that still support only TLS version 1.0 are listed here:
    • vSphere Client
    • Virtual SAN Observer on vCenter Server Appliance (vCSA)
    • Syslog on vCSA
    • Auto Deploy on vCSA
    • Auto Deploy/iPXE

    The ESXi 6.0 Update 1b now supports all TLS versions 1.0, 1.1, and 1.2 with the exceptions listed above. See Knowledge base article 2136185 for the list of supported TLS protocols.

  • Support for the Advanced Encryption Standard (AES) with 128/256-bit key length is added for RPC header authentication in the NFS 4.1 Client.
    Note: See resolved Security Issues section for more information.
  • This release of ESXi 6.0 Update 1b addresses issues that have been documented in the Resolved Issues section.
  • Full release notes can be found here

Read more…Updating vCenter Server Appliance 6.0 to Update 1 & 1b

Setup RD Licensing Role on Windows Server 2012 R2

Once you have an Remote Desktop Services [RDS] environment setup and want to continue using it past the 120 day trial period you will need to setup the RD Licensing role. This blog post will document how to setup the role, activate the license server with Microsoft, add a license key, then configure RDS with the license.

Remote Desktop Serivces - Licensing Role
RDS Architecture

Read more…Setup RD Licensing Role on Windows Server 2012 R2

Setup Remote Desktop Services in Windows Server 2012 R2

Microsoft Remote Desktop Services [RDS] allows users to access centralized applications and workstations in the data center remotely. Microsoft RDS is the new expanded and renamed Microsoft Terminal Services. In this post I will document the implementation of RDS in my home lab using an ‘all-in-one’ configuration.

vBoring Blog Series:

  1. Setup Remote Desktop Services in Windows Server 2012 R2
  2. Setup RD Licensing Role on Windows Server 2012 R2
  3. Setup RD Gateway Role on Windows Server 2012 R2
RDS Architecture
RDS Architecture

Read more…Setup Remote Desktop Services in Windows Server 2012 R2

Deploying the VMware I/O Analyzer Fling

VMware I/O Analyzer is a virtual appliance designed to provide storage performance in a virtual environment. It is offered as a SUSE appliance that provides a web GUI to interact with.

I deployed I/O Analyzer in my vSphere 6.0 environment to see the performance of VSAN 6 compared to my Synology NAS. With this post you should be able to deploy I/O Analyzer in its simplest form and perform performance testing on your storage.

Read more…Deploying the VMware I/O Analyzer Fling