Setting the coredump partition when using vSAN

I was designing a customer vSAN deployment and I came across the guidelines and formula for calculating the required ESXi Coredump partition size: https://kb.vmware.com/s/article/2147881

Right away, I started working the formula for my customers deployment, when it occurred to me; this is WAY more complicated than it needs to be!

VMware actually wants you to take a number (the size of SSD in GB), divide by 100, multiply by 0.181 and then multiply by 0.25. Ridiculous!

  • Why not just multiply by 0.0045, it is exactly the same thing!

Continue reading “Setting the coredump partition when using vSAN”

Virtual Machine Hardware Version does make a difference

For years, I have dismissed Virtual Machine Hardware version as unimportant. In fact, in this very blog, I may have advocated for leaving VM Hardware Version set at 8, to maintain full compatibility with both the vSphere C# Client and the vSphere Web Client.

Unfortunately, thanks to Spectre and Meltdown, things have changed. Updating your VM Hardware Version also updates the VM BIOS, and that’s an important part in the remediation of Speculative Execution Vulnerabilities, specifically: CVE-2017-5715 ‘Spectre Variant 2’. Continue reading “Virtual Machine Hardware Version does make a difference”

Invalid Snapshot Configuration

Invalid snapshot configurations happen. Mostly, they occur because of problems with storage arrays during snapshot creation/consolidation, but they can also occur if certain process become interrupted (like replication) mid-snapshot.

The more heavily you rely on snapshots, the more likely it is you will come across a problem with snapshots. Specifically if you use a product like Veeam, which leverages a VMware Snapshot to quiesce data, you may see an Invalid Snapshot Configuration from time to time.The more often you protect your data, the more often you create and remove snapshots. This is NOT to sat that there is a problem with Veeam; Veeam is awesome, however it is subject to events on the underlying infrastructure and possible on VPN/MPLS links between sites Continue reading “Invalid Snapshot Configuration”

Spectre, Meltdown and VMware vSphere

Many people are under the incorrect belief that it is hardware-level firmware updates from companies like HPE and Dell that will protect our Virtual Machines from Speculative Execution Vulnerabilities. This is NOT TRUE.

  • As far as your VMs are concerned, the VM BIOS and Hypervisor are the hardware!

Continue reading “Spectre, Meltdown and VMware vSphere”

The VMware vSphere Web Client is fixed (sort of – until next time)

As we are all aware, recent updates to Shockwave Flash caused the vSphere Web Client to crash on most browser platforms. The interim solution was to install an outdated version of Shockwave Flash, just to access the Web Client. More recently, Adobe Shockwave Flash version 27.0.0.183 was pushed out in updates to Google Chrome (and other browser platforms) that fixes the problem.

  • Gone is the choice between “Allow Flash” and “Ask First,”
  • Now there is the choice between “Ask First” and “Block sites from running Flash.”
  • What’s new is the ability to add allowed sites, including the use of wildcard characters, where Shockwave Flash will run unprompted.

Continue reading “The VMware vSphere Web Client is fixed (sort of – until next time)”

Setting static IP for Photon OS

Photon OS installs by default with DHCP enabled. This is perfect for building and distributing Photon OS OS as a Virtual Appliance, but for most practical applications, you’ll want to set a static IP address.

Changing the IP of Photon OS involves a newer, albeit standardized procedure of editing files located in: /etc/systemd/network that will be unfamiliar to many RHEL and Debian users. Continue reading “Setting static IP for Photon OS”

Enabling SSH access for Photon OS

For some users, whether you should or shouldn’t use SSH is a matter for debate. Rather than be hypocritical, I simply acknowledge that most admins will access Linux systems using SSH, and prefer to suggest that using strong passwords or passphrases and secure Management Networks is a more realistic approach to Linux administration. Continue reading “Enabling SSH access for Photon OS”