Home > Articles > Operating Systems, Server

This chapter is from the book

Installing vSphere

Installing VMware View starts with the installation of vSphere and related components. With vSphere 5, there are two options for vSphere: installable and embedded. Installable is an installation of vSphere ESXi because vSphere 5 no longer supports ESX native or the version that had the console operating system (COS) for management purposes. You can download the ESXi binaries from VMware at https://my.vmware.com/web/vmware/try-vmware or order the server with the embedded version.

If you download the binaries, it is possible to create a manual embedded version by installing to a USB drive in an internal or external port on the server. The embedded version is supplied by the hardware vendors and incorporates their specific tools to enable greater visibility on the hardware and software layer. For example, you can download an ESXi version from HP, Dell, IBM, and CISCO. One of the drawbacks of the embedded option is that the build from the vendor may not have the latest and greatest utilities or tools. With vSphere 5, this issue is addressed by providing an automated build option that allows you to add OEM packs to the installation. Let’s review the installation:

To install ESXi installable, follow these steps:

  1. Boot from the ISO file. After it boots, the splash screen comes up, and the necessary files to start the installer are loaded, as shown in Figure 3.36.

    Figure 3.36

    Figure 3.36. ESXi splash screen.

  2. You can maneuver around the installer by using the Tab key. To continue the installation, press the Tab key and press Enter on the keyboard, as shown in Figure 3.37.

    Figure 3.37

    Figure 3.37. Select Enter to continue.

  3. Press F11 to accept the license agreement shown in Figure 3.38 and continue.

    Figure 3.38

    Figure 3.38. Press F11 to accept the license agreement.

  4. Select a disk to install or upgrade, as shown in Figure 3.39. It is considered a best practice to install vSphere ESXi first before presenting storage so that you can be assured that you are installing ESXi on the right drive unless you intend to boot from SAN. Once you have selected the drive press Enter.

    Figure 3.39

    Figure 3.39. Select the storage device where you would like to install ESXi.

  5. Select the correct keyboard layout (US Default), as shown in Figure 3.40, and press Enter to continue.

    Figure 3.40

    Figure 3.40. Select the keyboard layout.

  6. Specify a password for the root account, as shown in Figure 3.41, and press Enter.

    Figure 3.41

    Figure 3.41. Specify the password.

  7. Confirm the parameters, as shown in Figure 3.42, and press F11 to begin the installation.

    Figure 3.42

    Figure 3.42. Press F11 to install.

If you are installing ESXi to a USB stick, you need to verify that your server is on the supported Hardware Compatibility List (HCL) and that the USB device is supported by the server vendor. If both conditions are met, the USB device shows up as an installable location. Rather than select a local drive, you can select the USB location to install ESXi. For detailed instructions, refer to VMware’s Knowledge Base article located at http://kb.vmware.com/selfservice/documentLinkInt.do?micrositeID=&popup=true&languageId=&externalID=2004784.

Auto Deploy

One of the other options you have is to use the new Auto Deploy feature, which essentially allows you to provision a vSphere 5 ESXi Server and apply the configurations in an unattended manner through the Configuration Manager to create a truly stateless host. Why would you use Auto Deploy in a VDI environment? VDI is a technology that scales quite quickly. To reduce the time it takes to provision additional capacity, Auto Deploy may be a good option. In addition, it allows you to design the ESXi configuration once and have it consistently applied across the board. It does require extra consideration if you are going to run vCenter in a virtual machine, however.

When you use Auto Deploy, you are creating a major dependency on the service for all hosts that are set up to use it. You therefore need to run two ESXi hosts that are not dependent on Auto Deploy in a cluster. A separate cluster ensures that your vCenter and Auto Deploy Server can reside on a set of hosts that are running vSphere HA with the boot priority properly set on the VMs so that the service is readily available all the time. Before we get too far ahead ourselves, though, let’s look at the requirements and process.

To deploy the Auto Deploy feature, you need a few additional components:

  • PowerShell installed on the vCenter Server
  • The PowerCLI from VMware
  • A TFTP Server for downloading the files
  • The ESXi downloadable files (The files can be downloaded from the VMware website.)

Using the vCenter that you have installed and running, you can add these additional components to take advantage of rapid provisioning of stateless ESXi hosts in the VDI environment.

The architecture of Auto Deploy is made up of the following components, also shown in Figure 3.43:

  • A TFTP Server to store the boot loader files
  • Attributes in the DHCP scope to identify the TFTP Server and boot loader files
  • Rules in the vCenter Server Auto Deploy feature to associate a physical ESXi Server to an image file
  • A software depo where the ESXi installable files are located
Figure 3.43

Figure 3.43. Auto Deploy components.

Let’s enable and step through each of the components.

PowerShell is included in Windows 2008 R2, but you do have to add it as a feature. PowerShell should be installed on the vCenter Server along with the VMware PowerCLI. To install PowerShell, follow these steps:

  1. To add PowerShell, open Server Manager.
  2. Browse to the Add Features module and right-click Add Feature.
  3. Select the Windows PowerShell Integrated Scripting Environment.
  4. Click Install.
  5. Open a PowerShell script window, browsing to Start\Programs\Administrative tools and opening a Windows PowerShell Module.
  6. Enable the PowerCLI by changing the remote execution policy for scripts by typing Set-ExecutionPolicy RemoteSigned. This allows scripts that are not signed by a vendor to run on the vCenter Server.

You can download the VMware PowerCLI directly from VMware. After downloading it, simply follow these steps to install it properly:

  1. Run the VMware Power CLI executable.
  2. Click Next on the Installer screen.
  3. Click Next on the Patent information screen.
  4. Accept the license agreement and click Next.
  5. Accept the default location and click Next.
  6. Click Install.
  7. Click Finish.

To get the boot loader files, you need to install the plug-in in vCenter for Auto Deploy. You can install the plug-in using the VMware vCenter Installer:

  1. Click the VMware Auto Deploy, as shown in Figure 3.44, and click Install.

    Figure 3.44

    Figure 3.44. Select VMware Auto Deploy.

  2. Choose the setup Language and click OK.
  3. Click Next on the Auto Deploy Installation Wizard.
  4. Click Next on the patent information screen.
  5. Accept the license agreement and click Next.
  6. Accept the default location and set the Auto Deploy Repository location and size. The default repository size is 5 GB. Because Auto Deploy is being used to provide ESXi images, the default size is sufficient.
  7. Enter the IP address or hostname of the server, leave the default HTTP port, and enter the username and password. Then click Next.

  8. The default Auto Deploy Server Port is 6501. Leave this setting and click Next.
  9. Specify how vSphere Auto Deploy should be identified on the network and click Next.

    My recommendation is to use the IP address so that name resolution is not required for the deployment server to run.

  10. Click Install.
  11. Click Finish.

When you reconnect to vCenter, you see a new administration plug-in called Auto Deploy. Launch the Auto Deploy plug-in, which should look similar to the one in Figure 3.45.

Figure 3.45

Figure 3.45. Auto Deploy appears under Administration.

The plug-in displays the boot loader filename, which in this case is undionly.kpxe.vmw-hardwired. The boot loader files can be downloaded from here, as shown in Figure 3.46.

Figure 3.46

Figure 3.46. Download bootloader files.

Now that you have the name of the boot loader file and the zip files containing those files, you can set the attributes for your DHCP scope and unzip the files on your TFTP Server. The files are downloaded as deploy-tftp.zip. When you unzip them, by default, they are placed in a subdirectory of your root folder (deploy-tftp) on your TFTP Server. To ensure you can find the files, unzip them in the root directory of your TFTP Server without the default subdirectory.

It is recommended that you restrict your Auto Deploy process to a service network. This means that your builds should happen on an isolated network segment separate from your production network. By doing so, you ensure that even though the building of an ESXi host involves a very small image file, the downloading and installing do not interfere with production traffic. In addition, DHCP is required for this process to work. From a security perspective, DHCP traffic should not be run on the same network as your ESXi management traffic. If you do not have the flexibility of separating your management and Auto Deploy service network, use nonroutable IP addresses to build the hosts and then apply production IPs afterward. A separate Auto Deploy network may require a dedicated port group on your vSphere ESXi vSwitches, so make sure that you build this into your planning.

When the boot loader files are in place, update options 66 and 67. In a Windows-based DHCP Server, follow these steps:

  1. From the DHCP Management Utility, browse to the scope that you will be using to enable the Auto Deploy process.
  2. Expand the scope and select Options. Then right-click and select Configure Options.
  3. Under Available Options on the General tab, select 066 and add the IP address of your TFTP host under the string value.
  4. Select 067, and under the string value, add the name of the boot loader file, which in this case, is undionly.kpxe.vmw-hardwired.
  5. Click OK.

At this point, you should have the boot loader process running. If you boot a physical server, it gets a DHCP address, contacts the TFTP Server, and downloads the boot loader file. It connects to the Auto Deploy service on the vCenter Server and halts because no rules have been configured to tell the server which image profile is assigned to the host. After downloading the boot loader file, the server contacts the vCenter Server but stops because the image profile has not been assigned to the host yet, as shown in Figure 3.47.

Figure 3.47

Figure 3.47. The server contacts vCenter.

To complete the Auto Deploy configuration, you must run some PowerCLI scripts from the vCenter Server to specify a software depo. Extract the ESXi downloadable images into the software depo and create a rule to associate the image with an image profile. The final step is to make this the default image profile.

Log in to your vCenter Server and start the PowerCLI interface. If you get an error message, it is likely that you have not set the execution policy properly in PowerShell. In this instance, run PowerShell and set the execution policy, as shown in Figure 3.48:

"Set-ExecutionPolicy RemoteSigned"

Figure 3.48

Figure 3.48. Set the execution policy to unsigned.

This command allows code that has not been signed by a trusted publisher such as Microsoft to run.

Run vSphere PowerCLI and connect to your vCenter Server by typing Connect-VIServer [servername], which results in the output shown in Figure 3.49.

Figure 3.49

Figure 3.49. Connect to your vCenter Server.

After you are connected, you need to create a software or repository. You do this by running the Add-EsxSoftwareDepot command along with the path to your ESXi downloadable files. For example:

Add-EsxSoftwareDepot S:\Depo\VMware-ESXi-5.0.0-469512-depot.zip

After creating the software depo, you should verify it is set up properly by running the Get-EsxImageProfile command. The command should return information on the image profiles available in the software depository, like those shown in Figure 3.50.

Figure 3.50

Figure 3.50. Image profiles.

Although the initial images are fine for a proof of concept, you need the vSphere HA modules for production deployment. These modules are part of the Auto Deploy software depot and can be added by running Add-EsxSoftwareDepot http://vCenterServer/vSphere-HA-depot. The output is shown in Figure 3.51.

Figure 3.51

Figure 3.51. Add the software depository URL.

To add the HA options, add the HA software depot on the vCenter Server, as shown in Figure 3.52.

Figure 3.52

Figure 3.52. Add HA to your ESXi image.

After adding the HA files, you need to create a copy of the existing images so that you can add the new files to it. To take one of the existing images and clone it, run the following command:

PowerCLI> New-EsxImageProfile -CloneProfile ESXi-5.0.0-469512-standard -Name "ESXi-5.0.0-469512-HA"

In this example, you are taking the ESXi-5.0.0-469512-standard image and copying it to one called ESXi-5.0.0-469512-HA, shown in Figure 3.53 (Note that the HA components were not included in the original ESX software depo zip files, but now they are).

Figure 3.53

Figure 3.53. Make a copy of the original image.

If you rerun the Get-EsxImageProfile command, you see an additional image profile. You still need to add the vmware-fdm or HA package to the image. You do this by running the following command:

PowerCLI> Add-EsxSoftwarePackage -ImageProfile "ESXi-5.0.0-469512-HA"
-SoftwarePackage vmware-fdm

After verifying that the software depository is working and that you have images available, you can create a deployment rule. The syntax for creating a deployment rule is

New-Deployment—Name "Name of Rule"—Item "Image Name"

You have the option of pattern matching or making this image file available as the default by adding switches. The –Allhosts switch applies the rule to any server, and the –pattern switch allows you to specify specific attributes to match, such as vendor=VMware, Inc. You can concatenate multiple patterns by separating each with a comma. Perhaps the most useful of the patterns is specifying an IP range. If you have separated your build network and use a set range of IP addresses, you can restrict the build process to that range.

The syntax used in this example is as follows (see Figure 3.54):

PowerCLI> New-DeployRule -Name "ESXi Default Build v.01" -Item "ESXi-5.0.0-
469512-HA" -Pattern "ipv4=192.169.9.0-192.169.9.255"
Figure 3.54

Figure 3.54. Associate the image to an IP pattern.

After creating the build rule, you must activate it. The command to activate it is Add-DeployRule –DeployRule “Name”, as in this example:

Add-DeployRule –DeployRule "ESXi Default Build v.01"

One point to keep in mind with Auto Deploy is that the deployment can generate a significant load on the Auto Deploy service. Because the location of the image file is essentially a web server, it is possible to use reverse proxies to offload some of the overhead. A reverse proxy can also store the image file. It is possible to redistribute the load to the reverse proxy by editing one of the boot loader files. If you go into the TFTP root directory and edit a file called tramp, you can specify alternate locations. If you open the tramp file, you can easily specify alternate locations, as shown in Figure 3.55.

Figure 3.55

Figure 3.55. Edit the tramp file.

Host Profiles

After you set up Auto Deploy, essentially you have ESXi Servers that are running, but they do not yet have a production configuration applied to them. The other component to vCenter that you need to integrate is host profiles.

Host profiles allow you to create a set of configurations that can be consistently applied across the environment. They eliminate the manual configuration of ESXi hosts on an individual basis. Host profiles also allow you to force compliancy across your environment because after a host profile is associated, any changes made are identified and remediated. Because Auto Deploy essentially creates an installed ESXi, you need to use host profiles to apply a consistent production configuration. There are two ways to configure a host profile: You can import an existing profile through the vCenter console or create one from an existing ESXi host. Unless you have a company standard (and this should be adjusted for a VMware View environment), the easiest way is to just configure an ESXi host as you would like and create one from the host. A host profile assumes that the EXi hosts are configured the same way, so it is important to have everything configured properly on your reference ESXi Server.

Using host profiles is a four-step process:

  1. Create a reference profile from an ESXi host.
  2. Attach the profile to an existing host or cluster.
  3. Run a comparison against the hosts assigned to the profile and the profile itself.
  4. Apply the profile to fix any differences between the assigned hosts and the profile.

The actual process is as follows:

  1. From vCenter, navigate to Home, Management and Host Profiles.
  2. Click the Create Profile button and provide a name and description for the profile, as shown in Figure 3.56. Then click Next.

    Figure 3.56

    Figure 3.56. Create a host profile.

  3. You can edit the profile to make any additional changes. Simply open the profile and expand the profile policies to update the settings, as shown in Figure 3.57.

    Figure 3.57

    Figure 3.57. Expand the profile policies to edit settings.

  4. You can select to attach the profile to an ESXi host or cluster.
  5. After attaching the profile, click Check Compliance.
  6. If anything is noncompliant, click Apply Profile to have the changes made.

At this point, you have deployed vCenter and have the ESXi hosts coming online. Now make sure that the reference server is properly configured before you build your host profile. For an ESXi Server, you should ensure that the storage is properly attached and that key features such as VMotion and DRS are set up and working. Let’s review each of the technologies and the configuration so that the reference server is representative of what you want in production.

VMotion allows the virtual machine to be hot migrated from one ESXi host to another. To set up VMotion properly, you must make sure that any ESXi host you are migrating to and from has access to the same storage. ESXi supports just about every type of shared storage configuration out there, whether it is Fiber Channel (FC), iSCSI, or NFS.

VMware View environments are unique in that you have two kinds of I/O to contend with: operational I/O and burst I/O. Operational I/O is essentially the storage throughput requirement while the virtual desktop is on, whereas burst I/O, or “boot storms,” is typically experienced when multiple virtual machines are being created. We look at the design principles in Chapter 12, “Performance and Monitoring,” when we review performance, but for now let’s talk mechanics. Rather than go into every aspect regarding storage considerations and configurations, let’s stick to a few important considerations in setting up storage.

No matter which storage solution you select for your VMware View installation, you should understand and have calculated your throughput requirement. In addition, your storage connections from the ESXi host to the storage solution should use multipathing. Multipathing allows you to segregate the storage paths on isolated networks and ensure there are redundant paths to the same storage pool.

Storage Connectivity

vSphere 5 has simplified the setting up of multipathing using the iSCSI software initiator. In vSphere 5, a new graphical interface allows you to set up multipathing. You therefore can set up multiple VMkernel ports quickly and easily. You can now bind multiple VMkernel ports to the iSCSI software initiator. After you do so, however, the iSCSI traffic must be restricted to layer 2 traffic or nonroutable. If you use a single VMkernel port, you can route iSCSI traffic. In addition, if you have both VMkernel ports on the same vSwitch with two uplinks, one must be active and the other passive. Let’s look at the configuration to understand how this works.

If you want two active paths to your iSCSI storage device, you need to create two separate vSwitches with two separate VMkernel ports with one active uplink each. This configuration has a separate management network and two separate paths to the iSCSI appliance, as you can see in Figure 3.58.

Figure 3.58

Figure 3.58. Two separate paths to the iSCSI appliance.

When you have the networking configuration in place, you can bind the second VMkernel port to the software initiator using the following process:

  1. Log in to the vCenter.
  2. Select the Configuration tab from the ESXi host.
  3. Select Storage Adapters and the properties of the software iSCSI initiator.
  4. Under the Network Configuration tab, add the second VMkernel port.

After the second VMkernel port is added, check the paths to ensure you have the appropriate number of paths, as shown in Figure 3.59:

Figure 3.59

Figure 3.59. Check to ensure you have multiple paths.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020