PHD Virtual Monitoring application review – Sponsored Post

I was contact by PHD to test and review their monitoring application. In all honesty I have never really paid much attention to PHD in the past. I had never come across their product in any customers so the need had never come up. But I had seen their ads and hear others discuss them so I was interested when asked. I will not attempt to sell you on the product or convince you otherwise, what I will try to do is give you an honest review of what I thought of the product and let you make your own choice.

The testing for this product was done in my home lab on a couple of hosts. So you might have a difference experience in your environment.

Product pitch:

 PHD Virtual Monitor is a comprehensive virtualization monitoring solution that gives you complete visibility across your entire virtual IT infrastructure at all levels including virtual, physical and application. Only with a complete view can you effectively ensure application availability.

I’m skipping the setup of the product, did not want to focus on that part. The image below shows the dashboard view of all the hosts, VMs and datastores that are being monitored. I think the dashboard was probably one of the things that I like most of the product. Now a dashboard view is not unique to this product, as most products these days offer one. I think PHD has provided a pretty simple to interpret display that lets me know the health of my environment. I can click on the icons for each item to drill down deeper. The information is organized into sections for hosts, virtual machines, storage and networking. I did not setup anything for storage or networking.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

How vShield App updates rules on appliances

While working on a recent project this question came up. If you create new vShield App rules in vShield manager how does it push these rules out to the vShield App appliances?

As an example you have a large environment with several clusters and you create and publish some new rules that affect only a couple of VMs. Will vShield manager push the rules out to every App appliance in the vCenter Datacenter, every cluster or just the cluster or host that has the VMs affected?

The answer is vShield manager only pushes out the rule updates to the vShield appliances that are affected. So only the ones that are protecting the VMs that the new rules apply to. As an example you can create vShield App rules at the datacenter level, cluster level, port group or per vNic. So based on what level the rule was created at and which App appliances are protecting that level determines where the rules are pushed to.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

How to backup ESX and ESXi host configurations

When it comes to protecting your virtual environment there are many things to consider. You need to have backups of your virtual machines and don’t forget about your host configurations.

How to back up your ESXi configuration

There are many reasons that you would want to back up your ESXi configuration, of which the two main ones would be before upgrading to a new versions or for DR reasons.

If you are going to be upgrading an existing ESXi host to ESXi 5 you should backup your host configuration before proceeding. With vSphere 5 upgrades there is no option to roll back like there was with vSphere 4 upgrades. This means that a failed upgrade would require you to install ESXi 4.x and restore the configuration.

To backup an ESXi host you will need the vCLI installed on a server or you can also use the vMA.

# vicfg-cfgbackup –server ESXi_host_ip –-username username –-password password –-s backup_filename

 

How to restore your ESXi configuration

Another really nice thing about ESXi is that it’s just as easy to restore your backed up configuration as it was to grab the backup. Simple install a clean version of ESXi matching the version that the backup was taken from. Connect to the host using vCLI or your vMA appliance as issue the restore command shown below.

# vicfg-cfgbackup –server ESXi_host_ip –-username username –-password password –-r backup_filename

How to back up your ESX configuration

There is not one command to back up an ESX hosts configuration unfortunately.

To accomplish this you will need to back up the following items in a manual fashion.

  • Back up local VMFS files system – templates, VMs * .iso files
  • Back up any custom scripts
  • Back up your .vmx files
  • Back up the files in /etc/passwd, /etc/groups, /etc/shadow and /etc/gshadow directories. The /etc/shadow and /etc/gshadow files might not be present on all installations.

 

How to restore your ESX configuration

If you need to roll back from a failed upgrade or recover from a disaster and need to restore your host follow this short process. First you will need to install ESX 4.x the version level that you were running at the time you backed up your files.

Once you have ESX 4.x installed and running at its previous level you can now restore the files you backed up earlier. This can be done many ways but a couple of simple ways would be to use winSCP or Veeam FastSCP, both are free and easy to use.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

The difference of the Virtual Machine power and reset buttons

This is something that I did not pay much attention to but it’s one of those wacky things that you will notice at 4 AM while working a Disaster Recovery Drill. Anyways it struck me weird that the power controls and reset buttons available in the VM console are different than the ones available by right click the VM in the inventory list. The ones from the VM console require VMware tools to be installed and the ones from the tree list do not.

I really came to this conclusion while working on a DR drill this week for a client and we are using vSphere 4.1 for the drill. I had never ran into this with previous versions of vCenter server so I’ll have to take another look and see if this is something new to 4.1.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

VMware vSphere and security scan false positives on OpenSSH vulnerabilities

This is something that we get on a regular basis from the security team. When doing their regular security scans for compliance and vulnerabilities I always get a long list of ESX hosts. The scans normally come back and complain about an OpenSSH x11 vulnerability or an OpenSSH Memory and Buffer Overflow.

These seem to be False positives from the tool being used to scan the hosts. We always make sure that we have installed the necessary updates related to OpenSSH as VMware releases them. But the tool always comes back with these issues. It seems to stem from the fact that the tool looks at OpenSSH in generic terms and assumes that all vendors implement it in the same way. From the documents listed below VMware indicates that since ESX 3.x VMware no longer included the x11 packages with their products. I would recommend that you make sure you are up to date on your patches and if the scans still come back dirty that you should discuss this results with the Application vendor that created the scanning tool. You might find out that this is common and they are just false positives.

Links:

VMware ESX Server and Security Issues in OpenSSH

Security Response: SSH Version Installed with ESX Server May Be Vulnerable

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More
Page 2 of 41234