VMware vsphere FAQ Rollup (20)

5.x. ESXi slow boot speed when using soft iSCSI as Storage

Fault Status
1, ESXi 5.0 in the case of the iSCSI Software Initiator is configured to start slowly;
2, in the Sysboot.log file, there is similar to the following information:

1. [01:57:50.925338] Sysboot:software-iscsi

2. [02:28:22.330320] Sysboot:restore-paths

3. After the boot is complete, the Sysboot.log file has the following information:

1. Iscsid:cannot make a connection to 192.168.1.20:3260 (101,network is unreachable)

2. Iscsid:Notice:Reclaimed Channel (H34 T0 C1 oid=3)

3. Iscsid:session Login failed with error 4,retrycount=3

4. Iscsid:login Target failed:iqn.1984-05.com.dell:powervault.md3000i.6002219000a14a2b00000000495e2886 [email Protected] addr=192.168.1.20:3260 (tpgt:1 isid:0xf) err=4

5. Iscsid:login failed:iqn.1984-05.com.dell:powervault.md3000i.6002219000a14a2b00000000495e2886 [email protected] addr=192.168.1.20:3260 (tpgt:1 isid:0xf) reason:00040000 (initiator Connection Failure)

Fault Analysis
This problem usually happens because the ESXi 5.0 host tries to connect to all software ISCSI that are already configured, or can be found, and if the connection fails, the ESXi 5.0 host tries to reconnect 9 times. This can lead to a significant increase in time;
Solution Solutions
The simplest way to deal with this problem is to reduce the number of interfaces and targets:
1, first execute the following command, view the current Networkportal list, confirm the quantity, and then do the deletion:

1. #esxcli iSCSI Networkportal List

The system will output a message similar to the following:

1. Vmhba34:

2. Adapter:vmhba34

3. Vmknic:vmk6

4. MAC Address:00:1b:21:59:16:e8

5. MAC Address Valid:true

6. ipv4:192.168.1.206

7. IPv4 Subnet mask:255.255.255.0

8. IPV6:

9. mtu:1500

Vlan Supported:true

One. Vlan id:10

Reserved ports:63488~65536

Toe:false.

Tso:true.

. TCP Checksum:false

Link Up:true

Current speed:10000

Rx packets:656558

. Tx packets:111264

NIC Driver:ixgbe

NIC Driver Version:2.0.84.8.2-10vmw-napi

NIC Firmware version:0.9-3

Compliant Status:compliant

noncompliant Message:

noncompliant Remedy:

Vswitch:dvswitch0.

portgroup:dvsportset-0.

vswitchuuid:26 C0 CF DF 1e-52 EF AB D7 A2 AB F9

portgroupkey:dvportgroup-78003.

portkey:1731.

Duplex:

. Path status:active

In this case, there is only one vmhba34 adapter;
2. If you want to list the currently running targets, you need to execute the following command:

1. #vmkiscsi-tool-t Vmhba34

191. Troubleshoot installation of vcenter Server 5.x tips: Error 25003 errors

Fault Status:
When you try to install Vcenter Server 5.x, you are prompted with the following error message:

Rror 25003.Setup failed to create the VCenter repository.

As shown:

650) this.width=650; "Style=" border-bottom:0px; border-left:0px; border-top:0px; border-right:0px "title=" clip_image001 "border=" 0 "alt=" clip_image001 "src=" http://s3.51cto.com/wyfs02/M01/53/96/ Wkiol1rsaqst7k3saaah0cjzpgw382.jpg "" 244 "height="/>

Fault Analysis:
1, may be due to the ad, VC and DB time between the synchronization caused;
2, may because the DB chooses the Windows Authentication-based and the SQL Mixed authentication method, the ODBC DSN chooses the mixed authentication option in the default password to contain the complex character;
3, often occurs in the remote database;
Solution Solutions
1, configure the time server, to ensure time synchronization;
2, if the use of mixed authentication, when the ad account to meet the complexity of the need to include a similar [email protected]#$, such as complex symbols, use SA to do the remote access to the VC database;
3. Confirm closing the end-to-end firewall;

192. Cancel Vcops Register uninstalling VCenter Operations Manager

The unregister method is as follows:

Uninstalling VCenter Operations Manager (2036389)

Purpose

This article provides steps to uninstall VCenter Operations Manager.

Resolution

If the Vcenter Operations manager vApp is still deployed and running and vcenter Operations Manager are still registered an D Usable with VCenter Server:

1. Log in to the VCenter Operations Manager Admin UI at Https://UI_VM_IP_Address/admin.

2. In the Registration tab, click Unregister next to the registered VCenter Server.

3. Click Yes. This is a process may take several minutes.

4. Power off the VCenter Operations Manager vApp and then delete it.

If the Vcenter Operations Manager vApp is damaged or removed, you must remove the Vcenter Operations Manager extension and Asset information.

To remove the vCenter Operations Manager extension and asset information:

1. Log in to VCenter Server with the VSphere Client.

2. Click Home and then click Licensing.

3. Select the Assets option.

4. Right-click VCenter Operations Manager and click Remove Asset.

5. Open a Web browser and connect to Https://VC_IP_Address/mob.

6. Log in as a administrative user when prompted.

7. Click Content.

8. Click Extensionmanager.

9. Click Unregisterextension.

Enter Com.vmware.vcops in the Extensionkey field.

Click the Invoke Method link. A result of Void should be returned.

If the VCenter Operations Manager vApp still exists, power off and then delete it.

193 . Search fails and Hardware Health and health Status Plug-ins is disabled in the VSphere Client (2031053 )

See 184

The VSphere Client does not connect to the inventory service when installed on Windows Server 2003 or Windows XP, and have These symptoms:

• When you try to search for the VSphere Client inventory, you see the error message:
  Login to the query service failed. A communication error occurred while sending data to the server. (The underlying connection was Closed:an unexpected error occurred on a send.)
• While trying to sort by name at the cluster level, you see the error:
  Error when trying to sort:login to query service failed:the underlying connection is Closed:an unexpected error occur Red on a send. Authentication failed because the remote party had closed the transport stream
• Hardware Health and Health Status Plug-ins is disabled and cannot be viewed in the VSphere Client.
• In the Performance overview page, you see the error:
  This program cannot display the webpage

Solution

This issue occurs due to increased security of the cipher strengths which is, by default, used by the VMware Management W EB Services Components. Due to the "introduced" in VSphere 5.1, the host operating system is required-support a higher cipher st Rength to is able to connect to these.

In Windows Vista and Windows Server, the proper cipher strengths is built into the operating system. However, for older Windows operating systems, a Microsoft hotfix must is applied to add the supported cipher strengths.

For more information in the cipher strengths that get added with the hotfix, see the Microsoft knowledge Base article 9489 63.

Note : The preceding link was correct as of November 30, 2012. If you find a link is broken, provide feedback and a VMware employee would update the link.

Resolution

Windows 2003 (64bit Edition)

For Windows Server 2003 (+ bit), apply the appropriate hotfix to the machine on which the VSphere Client are in Stalled.
To download the hotfix for your system, see the Microsoft Knowledge Base article 948963.

Notes:

• You must reboot the applying the hotfix.
• Non-english versions of the hotfixes is also available on the Microsoft site. Click the Show hotfixes for all platforms and languages link on the Hotfix Request page to view the Avai lable versions.

Windows XP (+ bit)

There is no hotfix available for Windows XP (+ bit). Microsoft currently only provides limited support for Windows XP, and as a result of the hotfix have not been released for it. To resolve this issue, you must upgrade your host operating system to Windows Vista or later, which support for the use of HI GH cipher strengths.

If you were unable to upgrade your environment, you could try adding less secure cipher strengths back to the configuration, which allows communication to proceed successfully.

To add less secure cipher strengths back to the configuration:

Caution: A recommended configuration and is provided for backward compatibility purposes only. This isn't extensively tested and is supported on a best effort basis only.

2. Log in as a administrator to the server where VCenter Server 5.1 is installed.
4. Navigate to the Tomcat configuration directory.
   Note: By default, this directory was located at C:\Program files\vmware\infrastructure\tomcat\conf\. In VCenter Server Appliance, the file is located at/ur/lib.vmware-vpx/tomcat/conf.
6. Open the Server.xml file using a text editor.
7. Change the Connector text to add support for weaker ciphers by changing it from:
   <connector sslenabled= "true" acceptcount= "ciphers=" Tls_ecdhe_ecdsa_with_aes_256_cbc_sha, TLS_ECDHE_RSA_ With_aes_256_cbc_sha, Tls_ecdh_ecdsa_with_aes_256_cbc_sha, Tls_ecdh_rsa_with_aes_256_cbc_sha, TLS_DHE_RSA_WITH_ Aes_256_cbc_sha, Tls_dhe_dss_with_aes_256_cbc_sha, Tls_dh_rsa_with_aes_256_cbc_sha, TLS_DH_DSS_WITH_AES_256_CBC_ SHA, Tls_rsa_with_aes_256_cbc_sha, Tls_dhe_rsa_with_aes_128_cbc_sha,tls_rsa_with_aes_128_cbc_sha, TLS_DHE_DSS_ With_aes_128_cbc_sha, Tls_dh_rsa_with_aes_128_cbc_sha, Tls_dh_dss_with_aes_128_cbc_sha "connectionTimeout=" 20000 " Executor= "Tomcatthreadpool" keystorefile= "${bio-vmssl.keyfile.name}" keystorepass= "${bio-vmssl". Ssl.password} "keystoretype=" PKCS12 "maxkeepaliverequests=" [port= "${bio-vmssl.https.port}" protocol= "HTTP/1.1" Redirectport= "${bio-vmssl.https.port}" scheme= "https" secure= "true" ></Connector>
   To:
   <connector sslenabled= "true" acceptcount= "ciphers=" Tls_ecdhe_ecdsa_with_aes_256_cbc_sha, TLS_ECDHE_RSA_ With_aes_256_cbc_sha, Tls_ecdh_ecdsa_with_aes_256_cbc_sha, Tls_ecdh_rsa_with_aes_256_cbc_sha, TLS_DHE_RSA_WITH_ Aes_256_cbc_sha, Tls_dhe_dss_with_aes_256_cbc_sha, Tls_dh_rsa_with_aes_256_cbc_sha, TLS_DH_DSS_WITH_AES_256_CBC_ SHA, Tls_rsa_with_aes_256_cbc_sha, Tls_dhe_rsa_with_aes_128_cbc_sha,tls_rsa_with_aes_128_cbc_sha, TLS_DHE_DSS_ With_aes_128_cbc_sha, Tls_dh_rsa_with_aes_128_cbc_sha, Tls_dh_dss_with_aes_128_cbc_sha,Ssl_rsa_with_rc4_128_md5, Ssl_rsa_with_rc4_128_sha, Ssl_rsa_with_3des_ede_cbc_sha, Ssl_dhe_rsa_with_3des_ede_cbc_sha, SSL_DHE_DSS_WITH_ 3des_ede_cbc_sha"connectiontimeout=" 20000 "executor=" Tomcatthreadpool "keystorefile=" ${bio-vmssl.keyfile.name} "keystorePass=" ${ Bio-vmssl. Ssl.password} "keystoretype=" PKCS12 "maxkeepaliverequests=" [port= "${bio-vmssl.https.port}" protocol= "HTTP/1.1" Redirectport= "${bio-vmssl.https.port}" scheme= "https" secure= "true" ></Connector>
   Note: Add only the red text as indicated and does not change any other options. This adds back support for less secure cipher strengths for backward compatibility purposes.
9. Restart the VMware virtualcenter Management Web Services service.

194 . vsphere5.x Some advanced setup options describe

Das.ignoreinsufficienthbdatastore -5.x– suppresses the host configuration data store with a heartbeat count of less than das.heartbeatdsperhost. The default value is "false" and can be configured as "True" Or "false"

das.heartbeatdsperhost -5.x– The number of heartbeats required for each host data store, the default value is 2, the value should be between 2~5, and HA must reconfigure all hosts before the change affects

das.maskcleanshutdownenabled –5.0 u1/5.1– whether to clear the Turn off identity defaults to false when idle or intentionally shutting down a virtual machine if the virtual machine's primary datastore is inaccessible Turning on this option will trigger a virtual machine failover.

das.maxvmrestartcount –5.x–ha The maximum number of attempts to restart a virtual machine, the default is 5.

das.maxvmrestartperiod -5.x–ha The maximum cumulative time (in seconds) to try to restart the virtual machine, no Limit by default

Das.config.fdm.isolationPolicyDelaySec -5.1– Once the quarantine host is determined, the time to wait when the quarantine policy is executed, the minimum value is 30, if the setting value is less than 30, the delay is 30

Das.isolationaddress[x] -4.x/5.x– when no heartbeat is received, the ESXi host's IP address is used to detect isolation, [X]=0-9.ha will use the default gateway as the isolation address, while providing additional value detection. When the second network can be used, we recommend adding additional addresses for redundancy, the first one defined as "Das.isolationaddress0"

The das.usedefaultisolationaddress -4.x/5.x– value can be "True" or "flase", and the default gateway must be false, and the default isolation address cannot and should not be used for this purpose. In other words, if the default gateway is an address that cannot be ping, set "Das.isolationaddress0" to a ping address and disable the availability of the default gateway by setting "False"

das.isolationshutdowntimeout -4.x/5.x– initialization of the client system after the shutdown of the virtual power supply waiting time, before the focus power off, the default is 300 seconds

Das.allownetwork[x] -4.x/5.x–ha Open the port group name used to control the network, [x] is a number between 0-9, there can be set in the network configuration of the value "Service Console 2" or " Management Network "As the name of the port group, these networks must be compatible with HA, please note that the number [X] is not related to the network, it just gives you an option in a multi-network environment, and after the options are set and changed, ha must recognize the impact of all hosts. To detect Ha

Das.bypassnetcompatcheck -4.x/5.x– disable "compatible networking" when introducing ESX3.5 U2 to detect ha, disabling this check will be configured to turn on HA in the cluster, including hosts of different subnets, so called incompatible networks, The default value is "False"; setting it to "True" disables detection

das.ignoreredundantnetwarning -4.x/5.x– When you do not have redundant management network connections, remove the error ID and information from vcenter, the default is "False" setting it to "True" disables the warning, When this option is set, HA must be reconfigured

DAS.VMMEMORYMINMB -4.x/5.x– The default minimum slot specification is used to calculate the capacity of the failover, and higher values will reserve more space for failover, not to be confused with "DAS.SLOTMEMINMB".

Das.vmcpuminmhz -4.x/5.x– The default minimum slot specification is used to calculate the capacity of the failover, and higher values will reserve more space for failover, not to be confused with "Das.slotcpuinmhz".

DAS.SLOTMEMINMB -4.x/5.x– Select the smallest slot specification as the memory value, when the large memory virtual machine is scheduled with a symmetric slot specification, use this advanced setting, and will result in a more conservative number of available slots

Das.slotcpuinmhz -4.x/5.x– selects the smallest slot specification as the CPU value, when the virtual machine of the large CPU is predetermined with a symmetric slot specification, this advanced setting is used, and will result in a more conservative number of available slots

das.sensorpollingfreq -4.x– set the HA status update time, VSphere 4.1, when the default value is set to 10, it can be configured as 1~30, but it is not recommended to reduce this value, possibly because of the cost of state updates resulting in a decrease in stability

das.perhostconcurrentfailoverslimit -4.x/5.x– by default, HA processes 32 parallel VMS per host, which controls the number of VMs that are restarted at the same time as the host machine. Setting a large value will allow more VMS to be restarted at the same time, but will increase the average latency of the recovery while giving the host and storage more pressure

das.maxftvmsperhost -4.x/5.x– Maximum number of FT virtual machines on a single host, default is 4

Das. Includeftcompliancechecks -5.x– determines if ft correlates cluster file compatibility check, default is "True"

Das.maxftvmrestartcount -5.x– host on FT supports the number of virtual machines enabled, default is 4, note 0 and 1 means unlimited

das.config.log.outputToFiles -5.0 u1– Open file-based log for 5.0 host, default is False, turn on set to "True" and configure Das.config.Log.MaxFileNum to 2

Das.config.log.maxFileNum -5.0 u1-maximum number of log files, default is 0

Virtual machine and application monitoring

Das.iostatsinterval -4.x/5.x– If any disk and network activity occurs on the virtual machine, the I/O statistics interval is 120 seconds by default

Das.failureinterval -4.x– failed polling interval, default value of 30 seconds

das.minuptime -4.x– minimum uptime, default of 120 seconds, before virtual machine monitoring is turned on for polling

das.maxfailures -4.x– The maximum number of virtual machine failures "Das.maxfailurewindow", if this number is reached, virtual machine monitoring does not automatically restart the virtual machine, default to 3

Das.maxfailurewindow -4.x– The shortest time between failures, the default is 3,600 seconds, virtual machine monitoring does not restart the virtual machine if a virtual machine fails over the "das.maxfailures" for 3,600 seconds

das.vmfailoverenabled -4.x– If set to "True", virtual machine monitoring is turned on and when set to "False", virtual machine monitoring is disabled.

195 . Reinstalling the VCenter single sign-on node indefinitely pauses at the "Configure SSO Components ..." section. (5.5)

Fault Status:

Re-install VCenter Single sign-on the node pauses indefinitely at " Configuration SSO Components ... " Place. You can install multiple instances (nodes) of VCenter single sign-on 5.5. When one of the nodes is unloaded, the VMware directory service that is replicated in all nodes is not automatically cleaned up. When you reinstall the node, replicating VMware directory service information prevents Setup from completing the installation and pointing the node to an existing VCenter single sign-on instance. The installation will be suspended indefinitely.

Solution:

Change the hostname of the VCenter single sign-on server and clear the defunct Windows registry key. See the solutions section of VMware Knowledge Base article 2059131.

VMware vsphere FAQ Rollup (20)