**Disclaimer: I am an EMC employee, this post was not sponsored or in any way required by my employer, it is my experience getting to know this particular product.**
Up until now I went through a basic ViPR SRM installation, getting a basic single VM environment setup. What I want to show in this post is my favorite ViPR SRM feature – topology maps. To understand why these are useful, lets step back and give some scenarios:
You are the personal responsible for supporting the storage within your environment, you may support other things but ultimately when there is a storage related problem your name is called. An application own comes to you and says their application is slow, and that the network team said everything on their end is fine so its probably the storage. Great – now what?
This is where topology maps can be very useful. The topology maps is that end-to-end visualization and monitoring component I mentioned in previous posts. I see from my virtual machine or even some applications such as SQL Server all the way through to the underlying storage, and drill down on each component. Let me shows you some examples.
To access the topology maps, click on Explore >> Hosts – small aside here – host could be any physical or virtual server in the environment discovered by ViPR SRM, not just ESXi hosts. So this could be an ESXi host, a virtual machine, or a physical host running its own OS.
From this report, you can see a list of all the hosts in the environment, which for some could be a very extensive list. I should mention that the filter field is not a search field, so you cannot type the end of a machine name; for example maybe all your VM names end in OS type or some other identifier, you couldn’t just type W2K8 to find a server name myserver-w2k8, you would have to start with myserver, but would then see a list of all servers starting with that string. You can filter on any column that has the funnel icon, so for example I could filter on just physical hosts, or virtual machines by clicking the funnel icon in the host type column;
Using the example above, let’s say an application owner has complained about performance and you need to investigate to see if storage could be the problem. Filter on the host name, in this case I will pick on mhmbd078-W2K8, as you can see below I start typing that name and can select it from a the list or type it in full and hit enter to filter on that one host
Now I just see that specific host, in this case a virtual machine as you can see here with 16GB of memory and 4 vCPU:
This much information is available in just a few clicks, now there are many places you could get this information but as I continue to drill deeper, you will start to see just how much information we have at hand. With just what is available so far, you might be able to say to the application owner who issued the complain that there is not enough memory, for example maybe you know that this particular application needs 32GB of memory, so disk I/O could be a problem if the application and OS are constantly swapping to disk. But, maybe so far everything checks out, if I click on any of the text here, it will take me into the detail of that virtual machine.
Now, this is where it gets interesting; what you see below is the topology map for mbmbd078-w2k8, we can see the host, the datastore it is on, the host it is on, the VSANs it is connected to and the arrays connected to those VSANs. Also, notice to the right we have different reports related to the host, we can see attributes about the host which is show by default, you can also see:
You can click on any element in the map to see details specific to that item, for example if you click on the datastore – DS_Bootcamp_D you can see reports about the datastore, or on the host – you guessed it, reports about the host. You may have also noticed the + icon next to some of the elements, this is because there are additional components, using VSAN0040 as an example, we can click on the + sign to see switches in that VSAN
Now I see two switches, each with their own + icon, I can keep drilling down and see ports on that switch as well. I can expand different elements and hover over different components to see how they are connected. For example I have expanded my host to see my HBAs, I can see that the particular HBA I am interested in is connected to VSAN mptb023 so I have expanded that as well and drilled down to see the switch ports. While I have some limited lab resolution available, you can see here that when I hover over the HBA from the host it highlights the path to the port on the switch – in this case fc1/6 (as shown by the blue highlighted line)
This is just one specific report, and I have only skimmed the surface of the data available in this report. Imagine being able to show this to an application owner as you troubleshoot each component, and explain how/why any particular piece of the infrastructure supporting the application is, or isn’t doing what it is supposed to. For those folks who worked in a silo’d type group, I’d urge you not use this information to punt back over your wall to someone else, but rather be the person to start poking some pinholes in the silo, call up a virtualization, OS, or network person depending on what you might think the problem is and work with them, sharing knowledge and help the application owner be a happy customer. After all, even if you are “internal” IT – you are still providing a service to the business – they are you customers, treat them like it. Silos will only fall if someone starts poking holes, no reason it can’t be you.
If you haven’t done so, chat with your EMC rep (they can likey get you in touch with an SE who can help if you have any setup questions) and head over to support.emc.com to sign up for an account and download ViPR SRM which comes with a 30 day license.
I was going to do a post on NFS versus iSCSI, to be honest that is such old hat in my opinion it doesn’t really matter. Whether you use iSCSI or NFS is up to you, your application and business requirements along with any constraints in your infrastructure that may force you to lean one way or another. Since I am an NFS networking ninja, clearly I am going to go the NFS route. Let’s get started on setting up NFS, if you are not already log into your Synology DSM.
Next I need to connect to my NFS share from the ESXi hosts. Typically I’d have NFS on its on VLAN, but sans a switch in my home lab to VLANs it will be riding with all my other network traffic.
The datastore should now be available on both hosts (Click on the host >> related objects >> datastores) as seen below. Repeat for the gold datastore.
Now that the datastores are created, I am going to create an “ISO” folder on the silver datastore to hold my linux ISOs and build virtual machines in vCenter.
Posted in Tech Tagged with: datastore, ESXI, Home, home lab, lab, Lab Series, NAS, nested esxi, network, NFS, nfs datastore, Shared, Storage, Synology, synology nfs datastore vmware, Synology Setup Series, Technology, Training, vcenter, vcsa, Vendors, Virtualization, VMware, vpshere, vSphere, web client
In order to provide shared storage to my home lab, I am going to use a Synology DS1513+. In my lab I have my DS1513+ connected to a switch, which is connected to my home router, this allows me to use http://find.synology.com to start configuring my DS1513+.
My Synolog is configured with 2x 120GB SSD Corsair Neutron drives and 3x 2TB Seagate SATA drives. On the https://find.synology.com page, click on the Connect button to get started.
My Corsair drives do not seem to be compatible with Synology SSD cache, I don’t have the option to create it even though I should have enough memory for at least a portion of the SSDs to be used as cache. In any case, give what I had for parts I’ll just use the 2x SSDs as an all flash volume for my hosts and the 3x SATA drives as another.
If your Synology ships with drives already, it likely had a volume created which is now unavailable because you removed two of the drives. In that scenario remove any existing volumes. If it was ordered with no drives, then I believe as older models did for me you can just create the new volumes and do not need to delete anything.
And there you have it, Synology volumes are created. Up next, iSCSi or NFS? (Hint I passed the Chris Wahl NFS Ninja training at the Boston VMUG)
I just got a Synology DS1513+ and wanted to try out the SSD cache. Having never powered it on I pulled two of the 2TB Seagate drives and installed 2x Corsair SSDs. Once I powered on the device, it started beeping and wouldn’t stop. Turns out that when shipped with drives there is an existing volume already created. The beeping was an error because I basically broke the volume removing the two 2TB drives. To turn off the beeping, do the following:
Having purchased other Synology’s with no drives in them I didn’t expect the volume to already exist. If your Synology is beeping, log in and check it out!
I was setting up ViPR to use Active Directory to authenticate users and one option was a bit unclear. You use the Search Base and Search Scope options to define which AD users ViPR will authenticate. The Search Scope option provides two choices: One Level and Subtree. I was a bit confused by One Level, would it search just the specified OU/CN or would it search up to one level below?
One Level will search JUST the specified base DN, so for example to allow only users in ou=corp,dc=domain,dc=local you would use that as the search base and set the search scope to one level. If you wanted users in all OU’s under corp you would just set the search scope to Subtree.
There is another very useful option when setting up the Authentication Provider; Group Whitelist. You can populate the Group Whitelist with only those groups (and thus group members that you want to be able to log in. Say for example you wanted all users except sales to have access to log into ViPR, and sales was in an OU nested under corp. If you set your search base to ou=corp,dc=domain,dc=local and search scope to subtree they could log in. However, if you added/created in AD group that did NOT include sales and placed it in the group whitelist field those user accounts that were not in the group, in this case sales, would not be able to authenticate.
There you go, easy peasy AD integration in ViPR!
Posted in Tech Tagged with: active directory, authentication, dn, EMC, group whitelist, Home, NAS, NFS, Reviews, SAN, search, search base, search scope, Shared, software, Software Defined, software defined storage, Storage, Technology, ViPR, whitelist