MONITORING

What are the way’s of monitoring VMs and Hosts?

vCenter Server provides some exciting new features for monitoring your VMs and hosts.

 Alarms- for proactive monitoring

 Performance graphs and charts-

 Performance information gathering using command-line tools

 Monitor CPU, memory, network, and disk usage by ESXi hosts and VMs

What are the components of setting an alarm?

Scope- Alarm applies to which object. Ex-vCenter, Datacenter, ESXI host.

Monitor objects-Which object to monitor. Ex-Virtual machine

Monitor for (Item-) Monitor object for specific condition or state-  

                         Ex- CPU Usage, Power State etc.  

Trigger type- Which component can trigger the alarm.

                Ex.- VM Snapshot Size

  Condition-  Above or less. Ex- Is Above

Warning value- 500- condition lengths 5 minutes

Alert value-1000- condition lengths 5 minutes

Reporting -      -Range =Threshold + Tolerance level

                 -Frequency value= period of time during which a triggered  

                  alarm is not Reported again

Action-send email, run scripts, SNMP trap

How to Monitor CPU, memory, network, and disk usage by ESXi hosts and VMs?

In particular, using customized performance graphs can expose the right 

information.

How to gather performance information using command-line tools?

For VMware ESXi hosts, resxtop provides real-time information about CPU, memory, network, or disk utilization. You should run resxtop from the VMware vMA. Finally, the vm-support tool can gather performance information that can be played back later using resxtop. 

STORAGE BASICS

What are the storage option available for a ESXi  host?

 Local SAS/SATA/SCSI storage

 Fibre Channel

 Fibre Channel over Ethernet (FCoE)

 iSCSI using software and hardware initiators

 NAS (specifically, NFS)

 InfiniBand

Other than Local Storage, how we can boot ESXi host?

Booting from Fibre Channel/iSCSI SAN

Network-based boot methods like vSphere Auto Deploy

USB boot

What is SAN?

A storage area network (SAN) is a dedicated network that provides access to consolidated, block level data storage. SAN refers to a network topology, not a connection Protocol.

What is fiber channel or FC?

Fibre Channel, or FC, is a high-speed network technology primarily used to connect computer and data storage devices and for interconnecting storage controllers and drives.

Fibre Channel is three times as fast as Small Computer System Interface (SCSI) as the transmission interface between servers and clustered storage devices.

Fibre channel is more flexible; devices can be as far as ten kilometers (about six miles) apart if optical fiber is used as the physical medium.

Optical fiber is not required for shorter distances; however, because Fibre Channel also works using coaxial cable and ordinary telephone twisted pair you can use it in shorter distances.

The Fibre Channel protocol can operate in three modes: point-to-point (FC-P2P), arbitrated loop (FC-AL), and switched (FC-SW). Point-to-point and arbitrated loop are rarely used today for host connectivity, and they generally predate the existence of Fibre Channel switches.

What is SAN, NAS, DAS?

N A S- Network Attached Storage (File level storage) [ex-SMB, NFS]

D A S- Direct Attached Storage (Block level storage) [SATA, PATA]

S A N- Storage Area Network (Block level storage area network)                                                                [ISCSI, FCOE]            What is “World Wide Port No” or “World Wide Node No”?

All the objects (initiators, targets, and LUNs) on a Fibre Channel SAN are identified by a unique 64-bit identifier called a worldwide name (WWN). WWNs can be worldwide port names (a port on a switch) or node names (a port on an endpoint). For anyone unfamiliar with Fibre Channel, this concept is simple. It’s the same technique as Media Access Control (MAC) addresses on Ethernet.

50:00:00:25:b5:01:00:00 20:00:00:25:b5:01:00:0f

Like Ethernet MAC addresses, WWNs have a structure. The most significant two bytes are used by the vendor (the four hexadecimal characters starting on the left) and are unique to the vendor, so there is a pattern for QLogic or Emulex HBAs or array vendors. In the previous example, these are Cisco CNAs connected to an EMC Symmetrix VMAX storage array.  

 How different is FCoE from FC?

Aside from discussions of the physical media (Eathernet) and topologies, the concepts for FCoE are almost identical to those of Fibre Channel. This is because FCoE was designed to be seamlessly inter-operable with existing Fiber Channel–based SANs.    

What is VSAN?

Like VLANs, VSANs provide isolation between multiple logical SANs that exist on a common physical platform. This enables SAN administrators greater flexibility and another layer of separation in addition to zoning.          

What is Zoning? Why it is required?

 It ensures that a LUN that is required to be visible to multiple hosts with common visibility needs in a cluster is visible, while the rest of the host in the cluster that should not have visibility to that LUN do not.

 To create fault and error domains on the SAN fabric, where noise, chatter, and errors are not transmitted to all the initiators/targets attached to the switch. Again, it’s somewhat analogous to one of the uses of VLANs to partition very dense Ethernet switches into broadcast domains.      
  
How do you configure ‘Zoing’ in ‘FC’? What are the types of ‘Zoning’ you can configure in FC?

Zoning is configured on the Fibre Channel switches via simple GUIs or CLI tools and can be configured by (I) Port or by (II) WWN:

 Using port-based zoning:- Using port-based zoning, you would zone by configuring your Fibre Channel switch for example “put port 5 and port 10 into a zone that we’ll call zone_5_10.” Any device (and therefore any WWN) you physically plug into port 5 could communicate only to a device (or WWN) physically plugged into port 10.

 Using WWN-based zoning:- Using WWN-based zoning, you would zone by configuring your Fibre Channel switch to “put WWN from this HBA and these array ports into a zone we’ll call ESXi_4_host1_CX_SPA_0.” In this case, if you moved the cables, the zones would move to the ports with the matching WWNs.                                           

Initiator No +Fc Switch Port No + Network Address Authority Identifier=LUN No

What Is LUN Masking?

Zoning should not be confused with LUN masking. Masking is the ability of a host or an array to intentionally ignore WWNs that it can actively see (in other words, that are zoned to it).

Masking is used to further limit what LUNs are presented to a host

What is FCoE?

FCoE was designed to be interoperable and compatible with Fiber Channel. In fact, the FCoE standard is maintained by the same T11 body as Fiber Channel. At the upper layers of the protocol stacks, Fiber Channel and FCoE look identical. It’s at the lower levels of the stack that the protocols diverge.

In FCoE Fiber Channel frames are encapsulated into Ethernet frames, and transmitted in a lossless manner.

What is FCoE CNA’s?

In practice, the debate of iSCSI versus FCoE versus NFS on 10 Gb Ethernet infrastructure is not material. All FCoE adapters are converged adapters, referred to as converged network adapters (CNAs). They support native 10 GbE (and therefore also NFS and iSCSI) as well as FCoE simultaneously, and they appear in the ESXi host as multiple 10 GbE network adapters and multiple Fiber Channel adapters. If you have FCoE support, in effect you have it all. All protocol options are yours.

What is iSCSI?

iSCSI brings the idea of a block storage SAN to customers with no Fiber Channel infrastructure. iSCSI is an IETF standard for encapsulating SCSI control and data in TCP/IP packets, which in turn are encapsulated in Ethernet frames. The following shows how iSCSI is encapsulated in TCP/IP and Ethernet frames. TCP retransmission is used to handle dropped Ethernet frames or significant transmission errors. Storage traffic can be intense relative to most LAN traffic. This makes it important that you minimize retransmits, minimize dropped frames, and ensure that you have “betthe- business” Ethernet infrastructure when using iSCSI.

What is iSCSI Qualified Name?

An iSCSI qualified name (IQN) serves the purpose of the WWN in Fibre Channel SANs; it is the unique identifier for an iSCSI initiator, target, or LUN. The format of the IQN is based on the iSCSI IETF standard.

What is NFS?

NFS Stands for Network File System. NFS protocol is a standard originally developed by Sun Microsystems to enable remote systems to access a file system on another host as if it were locally attached. vSphere implements a client compliant with NFSv3 using TCP. When NFS datastores are used by vSphere, no local file system (such as VMFS) is used. The file system will be on the remote NFS server. This means that NFS datastores need to handle the same access control and file-locking requirements that vSphere delivers on block storage using the vSphere Virtual Machine File System, or VMFS. NFS servers accomplish this through traditional NFS file locks.

REMEMBER CAREFULLY:-

 (1) ESXi boot from SAN and (2) Raw device mapping (RDM) are not supported in NFS.

MISC interview question collection

What will happen if vCenter server fails?

1:-DRS will not work.

2:-HA works, but we can’t make HA related changes. New powered on VMs will not be protected

3:-FT works for one failure. New secondary vm will not be created

4:-Dvswitch works, but we can’t make changes

5:- vMotion or SvMotion will fail

Where to find different VMware ESXi Host log files?

è/var/log/hostd.log: Host management service logs, including virtual machine and host Task and Events, communication with the vSphere Client and vCenter Server vpxa agent, and SDK connections.

  è/var/log/hostd-probe.log: Host management service responsiveness checker





è/var/log/vmkernel.log: Core VMkernel logs, including device discovery, storage and networking device and driver events, and virtual machine startup.
è/var/log/vmkwarning.log: A summary of Warning and Alert log messages excerpted from the VMkernel logs.
è/var/log/vmksummary.log: A summary of ESXi host startup and shutdown, and an hourly heartbeat with uptime, number of virtual machines running, and service resource consumption

When an ESXi 5.1 / 5.5 host is managed by vCenter Server 5.1 and 5.5, two components are installed, each with its own logs:

è/var/log/vpxa.log: vCenter Server vpxa agent logs, including communication with vCenter Server and the Host Management hostd agent.

è/var/log/fdm.log: vSphere High Availability logs, produced by the fdm service.

è /root/vmkernel-log.date     virtual machine kernel core file

è/var/log/shell.log: ESXi Shell usage logs, including enable/disable and every command entered.

Check VM log:
èvmfs/volume/<vm name> vmware.log

è/var/log/sysboot.log: Early VMkernel startup and module loading.

è/var/log/boot.gz: A compressed file that contains boot log information and can be read using zcat /var/log/boot.gz|more.

è/var/log/syslog.log: Management service initialization, watchdogs, scheduled tasks and DCUI use.

How to troubleshoot following Esxi Host problems?

• An ESXi/ESX host shows as Not Responding in VirtualCenter or vCenter Server
• An ESXi/ESX host shows as Disconnected in vCenter Server
• Cannot connect an ESXi/ESX host to vCenter Server
• Virtual machines on an ESXi/ESX host show as grayed out in vCenter Server
• When attempting to add an ESXi/ESX host to vCenter Server, you see an error similar to:
  
  Unable to access the specified host, either it doesn't exist, the server software is not responding, or there is a network problem

ESXi

1.   Verify that the ESXi host is in a powered ON state.

2.  Verify that the ESXi host can be re-connected, or if reconnecting the ESXi host resolves the issue.

3.  Verify that the ESXi host is able to respond back to vCenter Server at the correct IP address. If vCenter Server does not receive heartbeats from the ESXi host, it goes into a not responding state.

4.  Verify that network connectivity exists from vCenter Server to the ESXi host with the IP and FQDN. 

5. Verify that you can connect from vCenter Server to the ESXi host on TCP/UDP port 902

6.  Verify if restarting the ESXi Management Agents resolves the issue. 

7.  Verify if the hostd process has stopped responding on the affected ESXi host.

8.  The vpxa agent has stopped responding on the affected ESXi host.

9.  Verify if the ESXi host has experienced a Purple Diagnostic Screen

10.            ESXi hosts can disconnect from vCenter Server due to underlying storage issues.

 Remember this while troubleshooting:-

From the Direct Console User Interface (DCUI):

1.   Connect to the console of your ESXi host.

2.  Press F2 to customize the system.

3.  Log in as root.

4.  Use the Up/Down arrows to navigate to Restart Management Agents.

Note: In ESXi 4.1 and ESXi 5.0, 5.1, 5.5 and 6.0 this option is available under Troubleshooting Options.

5.  Press Enter.

6.  Press F11 to restart the services.

7.  When the service restarts, press Enter.

Press Esc to log out of the system

From the Local Console or SSH:

1.   Log in to SSH or Local console as root.

Run these commands:

/etc/init.d/hostd restart
/etc/init.d/vpxa restart

How to collect core dump file from Esxi 5.x environment?

• Collecting VMkernel coredumps from ESXi 5.x
  
  During startup of an ESXi 5.x host, the startup script /usr/lib/vmware/vmksummary/log-bootstop.sh checks the defined Dump Partition for new contents. If new content is found, an entry is written to the /var/log/vmksummary.log file citing bootstop: Core dump found.
  
  You can collect logs from an ESXi host either by running vm-support at the command line or by using ExportDiagnostic Data from the vSphere Client. Both methods invoke the vm-support script, which checks the defined Dump Partition for new contents. If new content is found, it is temporarily placed in a vmkernel-zdump file in /var/core/ before being compressed in the vm-support output.
  
  Determine the device identifiers for the core partition(s) by running the command:
  
  esxcfg-dumppart –t

1.   Change to a directory with sufficient space to store the core dump file.

For example:

cd /vmfs/volumes/DatastoreName/

Note: A core dump file will normally be between 100 and 300 MB in size. Be sure to select a location with sufficient free space.

2.  Dump the partition contents to a file by running the command:

esxcfg-dumppart --copy --devname "/vmfs/devices/disks/identifier" --zdumpname /vmfs/volumes/datastore1/filename.1

For example:

esxcfg-dumppart --copy --devname "/vmfs/devices/disks/mpx.vmhba2:C0:T0:L0:2" --zdumpname /vmfs/volumes/datastore1/filename.1

VMware P2V conversion checklist using VMware converter?

1.Disable UAC (User access control) for Windows
2.To eliminate DNS problems, use IP addresses instead of host names.
3.Do not choose vendor specific Diagnostic Partitions while conversion. 
4.Convert directly to an ESXi host instead of vCenter Server.






5.Make sure there is at least 500MB of free space on the machine being converted.
6.Shut down any unnecessary services, such as SQL, antivirus programs, and firewalls..
7.Run a check disk on the volumes before running a conversion.
8.  Ensure that these services are enabled:-

o  Workstation Service.

o  Server Service.

o  TCP/IP NetBIOS Helper Service.

o  Volume Shadow Copy Service.

9.Check that the appropriate firewall ports are opened
10.Ensure that you are not using GPT on the disk partition
11.In Windows XP, disable Windows Simple File Sharing. 
12.Unplug any USB, serial/parallel port devices from the source system.





13.NIC's that are statically configured to be at a different speed or duplex
14.  If the source server contains a hard drive or partition larger than 256GB, ensure that the destination datastores block size is 2MB, 4MB, or 8MB, and not the default 1MB size. The 1MB default block size cannot accommodate a file larger than 256GB.
15.Clear any third-party software from the physical machine that could be using the Volume Shadow Copy Service (VSS).

 16.Disable mirrored or striped volumes

How vSphere 5.x Differs from vSphere 4.x?

vSphere 5.x is a major upgrade from vSphere 4.x.

The following changes from vSphere 4.x affect vSphere installation and setup.

1>Service Console is removed.
2>ESXi does not have a graphical installer
3>vSphere Auto Deploy and vSphereESXi Image Builder CLI
4>Changes in the ESXiinstallation and upgrade process
5>Installer caching
6>Changes to partitioning of host disks
7>VMware vCenter Server Appliance
8>vSphere Web Client
9>vCenter Single Sign On

Installing and configuring vCenter server

          Installing and configuring vCenter server

What is vCenter server?

vCenter Server is a Windows/linux-based application that serves as a centralized management tool for ESXi hosts and their respective VMs in a VMware vSphare infrastructure.

Key features such as vMotion, Storage vMotion, vSphere DRS, vSphere HA, and vSphere FT are all enabled and made possible by vCenter Server.

 vCenter Server also provides scalable authentication service and role-based administration based on integration with Active Directory.

What are the core services of vCenter server-

vCenter Server offers core services in the following areas:

 VM deployment

 VM management

 ESXi host management

 Resource management for ESXi hosts and VMs

 Template management

 Scheduled tasks

 Statistics and logging

 Alarms and event management

vCenter Server Heartbeat:- A product available from VMware. Using vCenter Server Heartbeat will automate both the process of keeping the active and passive vCenter Server instances synchronized and the process of failing over from one to another (and back again).

Can a local user defined in a ESXi host connect to vCenter server using vSphare client-

Although the vSphere Client supports authentication of both vCenter Server and ESXi hosts, organizations should use a consistent method for provisioning user accounts to manage their vSphere infrastructure because local user accounts created on an ESXi host are not reconciled or synchronized with the Windows or Active Directory accounts that vCenter Server uses.

Which version of vCenter Server you will use- What are advantages and disadvantages of using each vCenter server editions-

In vSphere 5 vCenter Server now comes not only as a Windows-based application but also as SuSE Linux-based virtual appliance. There are advantages and disadvantages for each vertions:-

1>Preloaded additional services like Auto Deploy, DHCP, TFTP, Syslog:-

2> Administrators platform familiarities:-

3>Using Microsoft SQL Server for backend database:-

4> Using vCenter server in Linked Mode

5>IPv6 Support:-

6> Running vCenter Server on a physical system:-

7> Using vCenter Heartbeat:-

1>Preloaded additional services like Auto Deploy, DHCP, TFTP, Syslog:-

  The Linux-based virtual appliance comes preloaded with additional services like Auto Deploy , Dynamic Host Configuration Protocol (DHCP), Trivial File Transfer Protocol (TFTP), and Syslog. If you need these services on your network, you can provide these services with a single deployment of the vCenter virtual appliance.

With the Windows Server–based version, these services are separate installations or possibly even require separate VMs (or, worse yet, separate physical servers!).

2> Administrators platform familiarities:-

  If your experience is primarily with Windows Server, the Linux underpinnings of the vCenter virtual appliance are something with which you may not be familiar. This introduces a learning curve that you should consider.

Conversely, if your experience is primarily with Linux, then deploying a Windows Server–based application will require some learning and acclimation for you and/or your staff.

3>Using Microsoft SQL Server for backend database:-

  If you need support for Microsoft SQL Server, the Linux-based vCenter virtual appliance won’t work; you’ll need to deploy the Windows Server–based version of vCenter Server. However, if you are using Oracle or DB2, or if you are a small installation without a separate database server, the vCenter Server virtual appliance will work just fine (it has its own embedded database if you don’t have or don’t need a separate database server).

4> Using vCenter server in Linked Mode:-

 If you need to use linked mode, you must deploy the Windows Server–based version of vCenter Server. The vCenter Server virtual appliance does not support linked mode.

5>IPv6 Support:-

 If you need support for IPv6, the vCenter Server virtual appliance does not provide that support; you must deploy the Windows Server–based version.

6> Running vCenter Server on a physical system:-

 Because the vCenter Server virtual appliance naturally runs only as a VM, you are constrained to that particular design decision. If you want or need to run vCenter Server on a physical system, you cannot use the vCenter Server virtual appliance.

7> Using vCenter Heartbeat:-

 If you want to use vCenter Heartbeat to protect vCenter Server from downtime, you’ll need to use the Windows Server–based version of vCenter Server.

What is the minimum requirement of installing a vCenter server?

Two 64-bit CPUs or a single dual-core 64-bit CPU.

 2 GHz processor or faster.

 3 GB of RAM or more.

 3 GB of free disk space.

A network adapter (Gigabit Ethernet strongly recommended).

 A supported version of Windows (Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, or Windows Server 2008 R2); vCenter Server 5 requires a 64-bit version of Windows.

What are the databases supported by vCenter server-

Although vCenter Server is the application that performs the management of your ESXi hosts and VMs, vCenter Server uses a database for storing all of its configuration, permissions, statistics, and other data.

vCenter server supports following databases:-

 IBM DB2- 9.5, 9.7

 Oracle 10g R2-- 11g R1-- 11g R2

 Microsoft SQL Server 2008 R2 Express (bundled with vCenter Server)

 Microsoft SQL Server 2005- 2008

 Microsoft SQL Server 2008 R2

vCenter server Linked Mode Group:-

Multiple instances of vCenter Server that share information among them.

In what situation you need a separate database server for vCenter?

 [a single (1) vCenter Server with fewer than five (5) Esxi hosts or fewer than 50 VMs],

What are the services installed to facilitate the operation of vCenter Server-

 vCenter Inventory Service.

 VMware vCenter Orchestrator Configuration (supports the Orchestrator workflow engine.

 VMware VirtualCenter Management Web services.

 VMware VirtualCenter Server is the core of vCenter Server and provides centralized management of ESX/ESXi hosts and VMs.

 VMware vSphere Profile-Driven Storage Service.

 VMwareVCMSDS is the Microsoft ADAM instance that supports multiple vCenter Server instances in a linked mode group and is used for storing roles and permissions. Note that ADAM is used for storing roles and permissions both in stand-alone installations as well as installations with a linked mode group.

What are the limitations of Using SQL Server 2008 Express Edition?

SQL Server 2008 Express Edition is the minimum database available as a backend to the Windows Server–based version of vCenter Server.

Microsoft SQL Server 2008 Express Edition has physical limitations that include the following:

 One CPU maximum

 1 GB maximum of addressable RAM

 4 GB database maximum

How do you protect vCenter server and make it highly available-

First> vCenter Server Heartbeat:-

Second> Standby physical vCenter server:-

Third> keep the standby vCenter Server system as a VM:-

First> vCenter Server Heartbeat:-

A product available from VMware. Using vCenter Server Heartbeat will automate both the process of keeping the active and passive vCenter Server instances synchronized and the process of failing over from one to another (and back again).

Second> Standby physical vCenter server:-

If the vCenter Server computer is a physical server, one way to provide availability is to create a standby vCenter Server system that you can turn on in the event of a failure of the online vCenter Server computer. After failure, you bring the standby server online and attach it to the existing SQL Server database, and then the hosts can be added to the new vCenter Server computer. In this approach, you’ll need to find mechanisms to keep the primary and secondary/standby vCenter Server systems synchronized.

Third> keep the standby vCenter Server system as a VM:-

A variation on that approach is to keep the standby vCenter Server system as a VM. You can use physical-to-virtual (P2V) conversion tools to regularly “back up” the physical vCenter Server instance to a standby VM. This method reduces the amount of physical hardware required and leverages the P2V process as a way of keeping the two vCenter Servers synchronized. Obviously, this sort of approach is viable for a Windows Server–based installation on a physical system but not applicable to the virtual appliance version of vCenter Server.

How to protect “vCenter” backend database server-

1ST) Database Cluster:-

2ND) SQL log shipping to create a database replica on separate system:-

3RD) Daily backup strategy which includes full, differential and transaction log backup:-

                                    Protecting Backend database server-

1ST) Database Cluster:- The heart of the vCenter Server content is stored in a backend database. Any good disaster-recovery or business-continuity plan must also include instructions on how to handle data loss or corruption in the backend database, and the separate database server (if running on a separate physical computer or in a separate VM) should be designed and deployed in a resilient and highly available fashion. This is especially true in larger environments. You can configure the backend database on a cluster.

2ND) SQL log shipping to create a database replica:-

Other options might include using SQL log shipping to create a database replica on a separate system.

3RD) Daily backup strategy which includes full, differential and transaction log backup:-

You should strengthen your database backup strategy to support easy recovery in the event of data loss or corruption. Using the native SQL Server tools, you can create a backup strategy that combines full, differential, and transaction log backups. This strategy allows you to restore data up to the minute when the loss or corruption occurred.

What is "Simple Recovery" model and what is "Full Recovery" model-

Simple recovery-delete transaction logs.

Full recovery-keeps transaction logs for full database recovery

If your SQL Server database is configured for the Full recovery model, the installer suggests reconfiguring the vCenter Server database into the Simple recovery model. What the warning does not tell you is that doing this means that you will lose the ability to back up transaction logs for the vCenter Server database. If you leave the database set to Full recovery, be sure to work with the database administrator to routinely back up and truncate the transaction logs. By having transaction log backups from a database in Full recovery, you have the option to restore to an exact point in time. if any type of data corruption occur. If you alter the recovery model as suggested, be sure you are making consistent full backups of the database, but understand that you will be able to recover only to the point of the last full backup because transaction logs will be unavailable.

Do we need IIS on vCenter server-

Despite the fact that vCenter Server is accessible via a web browser, it is not necessary to install Internet Information Services on the vCenter Server computer. vCenter Server is accessed via a browser that relies on the Apache Tomcat web service and that is installed as part of the vCenter Server installation. IIS should be uninstalled because it can cause conflicts with Apache Tomcat.

  

What are the memory requirement of vCenter server-

Host profile:- Host profile is a collection of all the various configuration settings available for an ESXi host. By attaching a host profile to an ESXi host, you can (i) compare the compliance or non-compliance of that host with the settings outlined in the host profile. It provides administrators with a way to not only to verify consistent settings across all the ESXi hosts but also to (ii) quickly and easily apply settings to new ESXi hosts.

What is SSO- Single Sign On is an authentication and identity management service. It allows administrators and the various vSphere software components to communicate with each other through a secure token exchange mechanism, instead of requiring each component to authenticate a user separately with a directory service like Active Directory.

VMware Lookup Service:- The vCenter Sign-On installer also deploys the "VMware Lookup Service" on the same address and port. This Lookup Service enables different components of vSphere to find one another in a secure way.

                                In Details:-

What is vCenter server Linked Mode Group-

Multiple instances of vCenter Server that share information among them are referred to as a "linked mode group".

If you need more ESXi hosts or more VMs than a single vCenter Server

instance can handle, or if for whatever other reason you need more than one instance of vCenter Server, you can install multiple instances of vCenter Server and have those instances share inventory and configuration information for a centralized view of all the virtualized resources across the enterprise.

In a linked mode environment, there are multiple vCenter Server instances, and each of the instances has its own set of hosts, clusters, and VMs. However, when a user logs into a vCenter Server instance using the vSphere Client, that user sees all the vCenter Server instances where he or she has permissions assigned. This allows a user to perform actions on any ESXi host managed by any vCenter Server within the linked mode group.

vCenter Server linked mode uses Microsoft ADAM to replicate information between the instances. The replicated information includes the following:

 Connection information (IP addresses and ports)

 Certificates and thumbprints

 Licensing information

 User roles and permissions

In a linked mode environment, the vSphere Client shows all the vCenter Server instances for which a user has permission

What are the prerequisites of installing vCenter server in a linked mode group-

Before you install additional vCenter Server instances, you must verify the following prerequisites:-

 Link mode servers should be Member of same domain or a trusted domain:-

 DNS name must match with the vcenter servers server name-

 Lonked mode servers Cannot be DC or terminal server:-

 Cannot combine with earlier versions of vcenter vertions:-

 Must have its own backend database:-

 Member of same domain or a trusted domain:-All computers that will run vCenter Server in a linked mode group must be members of a domain. The servers can exist in different domains only if a two-way trust relationship exists between the domains.

 DNS name must match with the vCenter server name:- DNS must be operational. Also, the DNS name of the servers must match the server name.

 Cannot be DC or terminal server:-The servers that will run vCenter Server cannot be domain controllers or terminal servers.

 Cannot combine with earlier versions:- You cannot combine vCenter Server 5 instances in a linked mode group with earlier versions of vCenter Server.

 Must have its own backend database:- Each vCenter Server instance must have its own backend database, and each database must be configured as outlined earlier with the correct permissions. The databases can all reside on the same database server, or each database can reside on its own database server.

How do you modify vCenter server linked mode configuration?

1. Log into the vCenter Server computer as an administrative user, and run vCenter Server Linked Mode Configuration from the Start=>All Programs=>VMware Menu.

2. Click Next at the Welcome To The Installation wizard For VMware vCenter Server screen.

3. Select Modify Linked Mode Configuration, and click Next.

What is host profile-  

A host profile is essentially a collection of all the various configuration settings for an ESXi host. This includes settings such as NIC assignments, virtual switches, storage configuration, date and time, and more. By attaching a host profile to an ESXi host, you can then compare the compliance of that host with the settings outlined in the host profile. If the host is compliant, then you know its settings are the same as the settings in the host profile. If the host is not compliant, then you can enforce the settings in the host profile to make it compliant. This provides administrators with a way not only to verify consistent settings across ESXi hosts but also to quickly and easily apply settings to new ESXi hosts.

To create a new profile, you must either create one from an existing host or import a profile that was already created somewhere else. Creating a new profile from an existing host requires only that you select the reference host for the new profile. vCenter Server will then compile the host profile based on that host’s configuration.

Host profiles don’t do anything until they are attached to ESXi hosts. So attach the host profile to the new ESXi host. Then Check Compliance with the host. If an ESXi host is found noncompliant with the settings in a host profile, you can then place the host in maintenance mode and apply the host profile. When you apply the host profile, the settings found in the host profile are enforced on that ESXi host to bring it into compliance.

What are the configuration requirements of using SQL server as a backend database of vCenter server-

Connecting vCenter Server to a Microsoft SQL Server database, like the Oracle implementation, requires a few specific configuration tasks, as follows:-

 Both Windows and mixed mode authentication are supported:-

 A new database for each vCenter Server:-

 SQL login that has full access to the database:-

 Appropriate permissions by mapping the SQL login to the dbo user:-

 SQL login must also be set as the owner of the database:-

 Must also have dbo (db_owner) privileges on the MSDB database when installing:-

Your manager has asked you to prepare an overview of the virtualized environment. What tools in vCenter Server will help you in this task-

vCenter Server can export topology maps in a variety of graphics formats. The topology maps, coupled with the data found on the Storage Views, Hardware Status, and Summary tabs should provide enough information for your manager

What is SSO? what are its role in vCenter server-

The vCenter Single Sign On is an authentication and identity management service which makes the VMware cloud infrastructure platform more secure. It allows administrators and the various vSphere software components to communicate with each other through a secure token exchange mechanism, instead of requiring each component to authenticate a user separately with a directory service like Active Directory.

Roles:-

For the first installation of vCenter Server with vCenter Single Sign-On, you must install all three components, Single Sign-On Server, Inventory Service, and vCenter Server, in the vSphere environment. In subsequent installations of vCenter Server in your environment, you do not need to install Single Sign-On. One Single Sign-On server can serve your entire vSphere environment. After you install vCenter Single Sign-On once, you can connect all new vCenter Server instances to the same authentication server. However, you must install a Inventory Service instance for each vCenter Server instance.

The vCenter Sign-On installer also deploys the VMware Lookup Service on the same address and port. The Lookup Service enables different components of vSphere to find one another in a secure way. When you install vCenter Server components after vCenter Single Sign-On, you must provide the Lookup Service URL. The Inventory Service and the vCenter Server installers ask for the Lookup Service URL and then contact the Lookup Service to find vCenter Single Sign-On. After installation, the Inventory Service and vCenter Server are registered in Lookup Service so other vSphere components, like the vSphere Web Client, can find them.