July 2010

You are currently browsing the monthly archive for July 2010.

Changing RDP Settings in VMware View Open Client for Mac

Wednesday, July 21, 2010 in Macintosh, Virtualization by slowe | 2 comments

I’ve been using the VMware View Open Client for Mac OS X for a few weeks now, ever since I was approved to participate in EMC’s pilot VDI program. The one thing that I don’t like about the View Open Client is how it leverages the Mac-native Remote Desktop Connection application to make connections to the View hosted desktops. It does so in a way that makes it impossible to customize the behavior of the RDP session—or so I thought.

It turns out there there is a way, after all, to customize the behavior of the RDP session that the View Open Client leverages. The View Open Client has an .RDP file, containing all the saved settings for RDP connections generated through the View Open Client, embedded inside the client itself. And because applications on Mac OS X are nothing more than specially-treated folders, it’s possible to crack open the client and actually customize the session parameters.

Here’s how:

  1. Open the Applications folder on your Mac (or wherever you installed the VMware View Open Client).
  2. Right-click (or Ctrl-Click) on the VMware View Open Client and select Show Package Contents.
  3. Open the Contents folder, then open the Resources folder.
  4. In the Resources folder, you’ll see a file named vmware-view.rdp. This is the template the View Open Client uses to generate new RDP connections. By modifying this file, you can modify the behavior of the RDP sessions that View creates.
  5. Open the vmware-view.rdp file in a text editor and make any desired changes. When you attempt to save the changes, you will most likely be prompted for authentication (because you are modifying the contents of an application in the Applications folder).

That’s it! It’s actually a lot easier than it might seem. For example, I didn’t like the fact that the EMC corporate VDI connection played that stupid Windows logon sound, so I modified the vmware-view.rdp file to change the value of the AudioRedirectionMode parameter so that it wouldn’t play music when I logged into a VDI image. All I had to do was change the integer value of the AudioRedirectionMode parameter to two, like this:

<key>AudioRedirectionMode</key>
<integer>2</integer>

Voila! No more sounds being sent across my RDP connection. I haven’t yet found a comprehensive breakdown of all the parameters, although this page is a good start.

The key drawback to this mechanism is, of course, that you can’t selectively apply these settings to different VDI connections. For example, I might not want to bring sound across for my corporate VDI session, but what if I’m connecting to a partner’s VDI environment and I want sound for that session? By modifying the template vmware-view.rdp file inside the View Open Client itself, the changes you make apply to all sessions. Perhaps a future revision of the View Open Client will give us some per-session granular control over these settings? (Hey, I can dream!)

Have a better way of accomplishing this? Let me know in the comments! Courteous and professional comments are welcome.

Tags: , , ,

Help Me Out

Wednesday, July 21, 2010 in General, Personal by slowe | 5 comments

Can I ask a favor? In the spirit of transparency and honesty, I want to point out that this is a request for my own benefit, but it shouldn’t take more than a couple of minutes of your time. You see, a local EMC partner named eGroup (here’s their web site) is running this contest to win an iPad. The contest involves taking pictures of an “I love eGroup” sticker in various and interesting places. Since I recently traveled to Cork, Ireland, to support some of EMC’s European partners, I took a few photos while I was in Ireland and I submitted them to the contest.

Now, you might be saying, “But Scott, I thought you already have an iPad?” You’re right, I do. But I want to get one for Crystal, who could really use it with her online classes (she’s working toward a degree in education). So, if I can win this iPad, then I’ll have one for Crystal to use. (OK, so maybe it’s not entirely for my own benefit after all!)

Here’s what I need you to do:

  1. Log into Facebook.
  2. Go the eGroup Facebook page and “Like” the page.
  3. Go to the eGroup Official Photo Contest Entries page (here’s the URL).
  4. Vote for my photos by “Liking” the photos. I have two of them: one with me in the stocks at the Cork City Gaol (Jail), and another one of two wax figurines playing cards and one of the figures has an eGroup sticker as his “trump card”. You’ll need to be sure to actually click on the photo and then “Like” the photo in order for the vote to count!

That’s all! See, I told you it would only take a couple of minutes. Besides, we all know you’re probably going to log into Facebook sometime today anyway, so why not take a minute and help me out? Thanks!

UPDATE: It turns out you need to “Like” the main eGroup Facebook page as well. Be sure to click the photo that you want to vote for in order for the vote to count. I’ve updated the instructions, and thanks for your help!

Tags:

Enabling RAID 1 on a Mac Mini Server

Saturday, July 17, 2010 in Macintosh, Storage by slowe | 36 comments

Today I bought a new Mac Mini running Mac OS X Server to replace an aging home-built Linux server that supports my home network. You might recall that in early 2009 I wrote an article about how I had worked to provide some Ubuntu-Mac integration on the home network. Although the integration has worked well since that time, many of the functions that the Ubuntu server was providing have since been taken over by an Iomega ix4-200d NAS box. It’s the Iomega that now handles all my Time Machine backups and CIFS/AFP file sharing. In addition, I’ve been looking for a way to create a “master” iTunes library for the entire house, and the Linux server with Firefly Media Server, while powerful, just wasn’t doing what I needed it to do. So I figured I’d replace it with an Intel-based Mac Mini running Mac OS X Server. The network services the Linux server is now providing would either be replaced by the Mac Mini or by VMs running on the Mac Mini vis VMware Fusion.

After I bought the Mac mini and brought it home, I was dismayed to find that Apple hadn’t enabled RAID 1 on the dual 500GB hard drives in the system. Unfortunately, enabling RAID 1 mirroring on the hard drives wasn’t as simple as using Disk Utility. I did find a way, and in the interest of helping others, here are the steps that I followed. As I type this, my Mac Mini server is downstairs rebuilding it’s RAID 1 mirror set.

Here are the steps to follow to enable RAID 1 on the drives in your Mac Mini Server:

  1. First, you’ll need to boot from some source other than one of the internal hard drives. I chose to use the Mac OS X Remote Install application, found in the Utilities folder. This allows your Mac Mini server, which doesn’t have an optical drive, to boot from the optical drive on another Mac on your network (that’s assuming, of course, you have another Mac on your network). The procedure for booting remotely using the Remote Install application are already well documented, so I won’t bother to include them again here.
  2. Once you’ve booted remotely, open a Terminal window and use this command to list the disks and volumes in your system:
     
    diskutil list
     
    In all the online guides to this process, the “Server HD” volume was always listed as disk0s2; on my system, it was listed as disk1s2. Just be sure to note the device names so that you can use them later.
  3. Use this command to convert the existing “Server HD” volume to a RAID 1 mirror:
     
    diskutil appleRAID enable mirror <device name for "Server HD">
     
    Mac OS X will convert the existing “Server HD” volume into a RAID 1 mirror with only one member. From what I can tell, this process is instantaneous and takes effect immediately.
  4. Use the diskutil list command again to get the device name for the new RAID set. On my system, it was referenced as disk9, but this will vary from system to system.
  5. Next, add the second hard disk as a member to the RAID 1 set:
     
    diskutil appleRAID add member <device name for second hard disk> <device name for RAID set>
     
    For example, on my system the second hard disk was actually disk0s2 and the RAID set was disk9, so the command looked like this:
     
    diskutil appleRAID add member disk0s2 disk9
     
    And that should do it! Mac OS X will add the second drive to the RAID 1 set and begin the rebuilding process. If you do this right after unboxing your new Mac Mini, it will minimize the amount of time required.

I’m still waiting on my Mac Mini to finish the rebuilding process, so I’ll update this post if I discover something unusual or find that some additional steps are necessary to make everything work.

Tags: ,

vMotion Practicality

Monday, July 12, 2010 in Networking, Virtualization by slowe | 33 comments

About a month ago I posted an article titled The vMotion Reality. In that article, I challenged the assertion that vMotion was a myth, not widely implemented in data centers today due to networking complexity and networking limitations.

In a recent comment to that article, a reader again mentions networking limitations—in this instance, the realistic limits of a large Layer 2 broadcast domain—as a gating factor for vMotion and limiting its “practical use” in today’s data centers. Based on the original article’s assertions and the arguments found in this comment, I’m beginning to believe that a lot of people have a basic misunderstanding of the Layer 2 adjacency requirements for vMotion and what that really means. In this post, I’m going to discuss vMotion’s Layer 2 requirements and how they interact (and don’t interact) with other VMware networking functionality. My hope is that this article will provide a greater understanding of this topic.

First, I’d like to use a diagram to help explain what we’re discussing here. In the diagram below, there is a single ESX/ESXi host with a management interface, a vMotion interface, and a couple of network interfaces dedicated to virtual machine (VM) traffic.

VLAN Behaviors with VMware ESX/ESXi

As you can see from this highly-simplified diagram, there are three basic types of network interfaces that ESX/ESXi uses: management interfaces, VMkernel interfaces, and VM networking interfaces. Each of them is configured separately and, in many configurations, quite differently.

For example, the management interface (in VMware ESX this is the Service Console interface, in VMware ESXi this is a separate instance of a VMkernel interface) is typically configured to connect to an access port with access to a single VLAN. In Cisco switch configurations, the interface configuration would look something like this:

interface GigabitEthernet 1/1
  switchport mode access
  switchport access vlan 27
  spanning-tree portfast

There might be other commands present, but these are the basic recommended settings. This makes the management interfaces on an ESX/ESXi host act, look, feel, and behave just exactly like the network interfaces on pretty much every other system in the data center. Although VMware HA/DRS cluster design considerations might lead you toward certain Layer 2 boundaries, there’s nothing stopping you from putting management interfaces from different VMware ESX/ESXi hosts in different Layer 3 VLANs and still conducting vMotion operations between them.

So, if it’s not the management interfaces that are gating the practicality of vMotion in today’s data centers, it must be the VM networking interfaces, right? Not exactly. Although the voices speaking up against vMotion in this online discussion often cite Layer 3 VLAN concerns as the primary problem with vMotion—stating, rightfully so, that the IP address of a migrated virtual machine cannot and should not change—these individuals are overlooking the recommended configuration for VM networking interfaces in a VMware ESX/ESXi environment.

Physical network interfaces in a VMware ESX/ESXi host that will be used for VM networking traffic are most commonly configured to act as 802.1Q VLAN trunks. For example, the Cisco switch configuration for a port connected to a network interface being used for VM networking traffic would look something like this:

interface GigabitEthernet1/10
  switchport trunk encapsulation dot1q
  switchport mode trunk
  switchport trunk allowed vlan 1-499
  switchport trunk native vlan 499
  spanning-tree portfast trunk

As before, some commands might be missing or some additional commands might be present, but this gives you the basic configuration. In this configuration, the VM networking interfaces are actually capable of supporting multiple VLANs simultaneously. (More information on the configuration of VLANs with VMware ESX/ESXi can be found in this aging but still very applicable article.)

In practical use what this means is that any given VMware ESX/ESXi host could have VMs running on it that exist on a completely different and separate VLAN than the management interface. In fact, any given VMware ESX/ESXi host might have multiple VMs running across multiple separate and distinct VLANs. And as long as the ESX/ESXi hosts are properly configured to support the same VLANs, you can easily vMotion VMs between ESX/ESXi hosts when those VMs are in different VLANs. So, the net effect is that ESX/ESXi can easily support multiple VLANs at the same time for VM networking traffic, and this means that vMotion’s practical use isn’t gated by some inherent limitation of the VM networking interfaces themselves.

Where in the world, then, does this Layer 2 adjacency thing keep coming from? If it’s not management interfaces (it isn’t), and it’s not VM networking interfaces (it isn’t), then what is it? It’s the VMkernel interface that is configured to support vMotion. In order to vMotion a VM from one ESX/ESXi host to another, each host’s vMotion-enabled VMkernel interface has to be in the same IP subnet (i.e., in the same Layer 2 VLAN or broadcast domain). Going back to Cisco switch configurations, a vMotion-enabled VMkernel port will be configured very much like a management interface:

interface GigabitEthernet 1/5
  switchport mode access
  switchport access vlan 37
  spanning-tree portfast

This means that the vMotion-enabled VMkernel port is just an access port (no 802.1Q trunking) in a single VLAN.

Is this really a limitation on the practical use of vMotion? Hardly. In my initial rebuttal of the claims against vMotion, I pointed out that because it is only the VMkernel interface that must share Layer 2 adjacency, all this really means is that a vMotion domain is limited to the number of vMotion-enabled VMkernel interfaces you can put into a single Layer 2 VLAN/broadcast domain. VMs are unaffected, as you saw earlier, as long as the VM networking interfaces are correctly configured to support the appropriate VLAN tags, and the management interfaces do not, generally speaking, have any significant impact.

Factoring in the consolidation ratio, as I did in my earlier post, and you’ll see that it’s possible to support very large numbers of VMs spread across as many different VLANs as you want with a small number of ESX/ESXi hosts. Consider 200 ESX/ESXi hosts—whose vMotion-enabled VMkernel interfaces would have to share a broadcast domain—with a consolidation ratio of 12:1. That’s 2,400 VMs that can be supported across as many different VLANs simultaneously as we care to configure. Do you want 400 of those VMs in one VLAN while 300 are in a different VLAN? No problem, you only need to configure the physical switches and the virtual switches appropriately.

Let’s summarize the key points here:

  1. Only the vMotion-enabled VMkernel interface needs to have Layer 2 adjacency within a data center.
  2. Neither management interfaces nor VM networking interfaces require Layer 2 adjacency.
  3. VM networking interfaces are easily capable of supporting multiple VLANs at the same time.
  4. When the VM networking interfaces on multiple ESX/ESXi hosts are identically configured, VMs on different VLANs can be migrated with no network disruption even though the ESX/ESXi hosts themselves might all be in the same VLAN.
  5. Consolidation ratios multiply the number of VMs that can be supported with Layer 2-adjacent vMotion interfaces.

Based on this information, I hope it’s clearer that vMotion is, in fact, quite practical for today’s data centers. Yes, there are design considerations that come into play, especially when it comes to long-distance vMotion (which requires stretched VLANs between multiple sites). However, this is still an emerging use case; the far broader use case is within a single data center. Within a single data center, all the key points I provided to you apply, and there is no practical restriction to leveraging vMotion.

If you still disagree (or even if you agree!), feel free to speak up in the comments. Courteous and professional comments (with full disclosure, where applicable) are always welcome.

Tags: , , , , ,

Spouse Activities: Back for Another Year!

Monday, July 12, 2010 in Virtualization by slowe | No comments

Have you ever attended a technology conference and had your spouse go with you? More than likely, your spouse just sat around the hotel room, bored, waiting for you to get back after a long day of sessions and lectures and labs. Then, when you’re tired and just want to relax, your spouse wants to go out on the town, explore, and see some cool stuff. Does that sound familiar?

Since 2008, my wife (Crystal, @crystal_lowe on Twitter) has organized a fix for this very problem, at least for one technology conference: VMworld spouse activities. Now back for a third year (see information for 2008 activities and 2009 activities), spouse activities—or Spousetivities as it’s informally known—is bigger and better than ever. Backed by corporate sponsors, Crystal is now able to offer more planned excursions, free activities, and lots of goodies for attending spouses. To help streamline communications, she’s even launched a spouse activities-focused website at http://spousetivities.com and a dedicated Twitter account (@Spousetivites). If you aren’t following either of these resources, you should be!

Here’s a sneak peek of some of the great stuff that Crystal has planned for this year:

  • Free Spousetivities T-shirt for the first 250 registered attendees (last year’s shirts were hilarious—wait until you see this year!)
  • Free welcome breakfast on Monday, August 30, for the first 150 registered attendees
  • Discounted tours to the Wine Country, Muir Woods, and the San Francisco Bay islands
  • A tour of privately-owned “trophy houseboats” in Sausalito
  • A fabulous pre-VMworld couples activity that includes Monterey, Carmel, and Hearst Castle

These freebies and discounts are all due to the generous corporate sponsors who helped Crystal make it happen. If you’re interested in registering, see here.

In addition to these organized activities, Crystal will be helping smaller groups self-organize for activities like shopping, sight-seeing, or exploring the city on your own.

As you can see, Crystal has put a ton of work into this year’s activities. If you are planning on attending, you should definitely bring your spouse and get her (or him!) enrolled and registered.

Oh, and did I mention that she’s planning activities for VMworld EMEA, too? That’s right—for those of you that can’t make it to San Francisco but will be in Copenhagen, Crystal is planning some activities there too. Keep your eyes open for more details on the EMEA activities.

Visit the Spousetivities website or follow Spousetivities on Twitter for more details and regular updates.

Tags: , ,