VMware Configuration

Terminology

VM Host

• A VM host is a physical computer running a VMware hypervisor
• A VCL computer entry must be added for each VM host (Manage Computers > Edit Computer Information)
• After the computer has been added to VCL, it is designated as a VM host by changing the computer state to vmhostinuse (Manage Computers > Computer Utilities)

VM

• A VM is a virtual machine managed by VCL
• A computer entry must be added to VCL for each VM (Manage Computers > Edit Computer Information)
• Each VM must be assigned to a VM host (Virtual Hosts > VM Hosts tab > Configure Host)
• VMs do not need to be created manually in VMware, VCL automatically creates and deletes VMs

VM Host Profile

• A VM host profile contains several parameters which describe how a VM host is configured so that VCL knows how to manage it
• Each VM host is assigned a VM host profile
• A VM host profile may be assigned to multiple VM hosts if they are configured identically
• VM host profiles may be added or modified via Virtual Hosts > VM Host Profiles tab

VMware Products Supported

• VMware Server 2.x
• VMware ESX 3.5 - 4.x
• VMware ESXi 4.x
• VMware ESXi 5.x

VM Host Management Options

 The VCL management node must be able to control the VM host and the VMs running on it.  VMware provides several different ways of doing this.  VCL currently supports the following methods for remote VM host management:

• VMware vSphere SDK
• Use SSH to execute commands directly on the VM (not officially supported by VMware)

The vSphere SDK can only be used if management is not restricted due to the VMware license key installed on the host.  This mainly affects hosts running the free version of ESXi.  Remote management using any of the methods supported by VMware is restricted once a free license key is entered.

If remote management is restricted, the VM host can be managed if SSH is enabled on it.  VCL will execute vim-cmd and other commands on the VM host via SSH. 

How to enable SSH on the VM host:

VMware Server 2.x

Enable the SSH daemon and configure identity key authentication according to the underlying VM host OS

ESX/ESXi 3.5 & 4.0

• Connect to the console of the ESX/ESXi host
• Press ALT-F1 - you should see a black screen with the VMware product name at the top
• Type the word unsupported and press Enter (you won't see the letters appear as you type them)
• You should see a password prompt, type in the root password and press Enter
• Edit the file: vi /etc/inetd.conf
• Uncomment the first line beginning with #ssh by deleting the # character
• Save the file - press Esc and then :wq
• Kill the inetd process
  • Determine the PID of the inetd process: ps | grep inetd
    You should see a line that looks like: 5065 5065 busybox inetd
  • Kill the process (enter the PID from the output of the previous command): kill -HUP 5065

ESXi 4.1

Beginning with ESXi 4.1, SSH can be enabled using the vSphere Client:

• Select the ESXi host
• Select the Configuration tab
• Select Security Profile under Software
• Click Properties
• Select Remote Tech Support (SSH)
• Click Options
• Select Start automatically
• Click Start
• Click OK

ESX 4.1

In the case of ESX 4.1, SSH  is enabled as the default. Using the vSphere Client, you can confirm it:

• Select the ESXi host
• Select the Configuration tab
• Select Security Profile under Software
• Click Properties
• Select SSH Server
• Click Options
• Confirm that Start automatically is selected
• Click OK

How to configure ESX/ESXi to use SSH identity key authentication:

SSH identity key authentication must be configured if SSH is used to manage the VM host.

• Create an SSH key pair on the management node (or use a key you previously created):

  ssh-keygen -t rsa -f /etc/vcl/vcl.key -N '' -b 1024 -C 'VCL root account'

• Log into the ESX host via SSH (password authentication should work) and create the directory:

  ssh <ESXi host> 'mkdir /.ssh'

• Copy the public key to the ESXi host:

  scp /etc/vcl/vcl.key.pub <ESXi host>:/.ssh/authorized_keys

• Test making an SSH connection using the key:

  ssh -i /etc/vcl/vcl.key <ESXi host>

IMPORTANT: Under ESXi 4.x, the authorized_keys file is erased when the ESXi VM host is rebooted. Complete the following steps to make the authorized_keys file persistent:

Note: VCL will perform these steps automatically when the 1st reservation assigned to the host is processed.

• Create a compressed tarball file containing the /.ssh directory:

  tar -C / -czf bootbank/vcl.tgz .ssh

• Edit the /bootbank/boot.cfg file and append ' --- vcl.tgz' to modules line as shown in the following example:

  kernel=b.z
  kernelopt=
  modules=k.z — s.z — c.z — oem.tgz — license.tgz — m.z — state.tgz — vcl.tgz
  build=4.1.0-260247
  updated=2
  bootstate=0

  Optionally you can run the following two commands:
  tar -C / -czf vcl.tgz .ssh
  BootModuleConfig.sh --add=vcl.tgz --verbose

VM host profile parameters:

• Name - descriptive name of the VM host profile
• Type - deprecated, ignore
• Image - VCL image installed on the VM host computers
  • VCL has the ability to install a hypervisor image on bare-metal computers if xCAT is installed and configured (Note: xCAT is not required if VM hosts are installed manually)
  • The image configured in the VM host profile is installed using xCAT when a computer's state is changed to vmhostinuse via Manage Computers > Computer Utilities
  • If xCAT is not used, select "No Image"
• Repository Path (optional)
  • Path where master copies of images images are stored
  • VMs do not run directly off of the images stored in the repository
  • Images stored in the repository are only used to transfer images to VM host datastores or to repositories of other management nodes:
    • If a reservation is assigned to a host but the image does not exist in that host's datastore path, it is copied from the repository to the datastore path when the VM is loaded
    • If the VCL environment contains multiple management nodes and the image does not exist in the repository or the host's datastore, the image will be retrieved from another management node by copying it via SCP
  • Setting the Repository Path parameter determines whether or not an additional copy of an image is created when an image is captured
    • If repository path is not configured then only a single copy of the image will exist in the VM host's datastore after an image is captured
    • If repository path is configured then two copies of the image will exist after an image is captured - one in the datastore and one in the repository
  • Images in the repository are stored in the 2 GB sparse vmdk format
    • The size of the vmdk files will approximately be equal to the amount of actual data saved in the image regardless of the size of the VM's hard drive
    • Storing images in the 2 GB sparse format is necessary to allow images to be transferred via SCP without having to transfer data equal to the entire size of the VM's hard drive
    • Example: A Linux image contains is allocated a 30 GB hard drive but only 800 MB is actually used. A copy of the image is stored in both the datastore (thin vmdk) and repository (2 GB sparse vmdk).  Each of these locations is mounted via NFS on the VM host and management node.
      • The size of the 2 GB sparse vmdk files will be approximately equal to the actual amount of data used according to both the ls and du commands from the management node:

        [root@vcl-mn vmwarelinux-RHEL54Small2251-v0]# ls -lh
        -rwxr-xr-x 1 root root 880M Apr 22  2011 vmwarelinux-RHEL54Small2251-v0-s001.vmdk
        ...
        -rwxr-xr-x 1 root root 1.5K Apr 22  2011 vmwarelinux-RHEL54Small2251-v0.vmdk
        total 798M
        [root@vcl-mn vmwarelinux-RHEL54Small2251-v0]# du -ch *.vmdk
        406M    vmwarelinux-RHEL54Small2251-v0-s001.vmdk
        ...
        16K     vmwarelinux-RHEL54Small2251-v0-s016.vmdk
        8.0K    vmwarelinux-RHEL54Small2251-v0.vmdk
        798M    total

      • The size of the thin vmdk file will be equal to the size of the VM's hard drive according to the ls command from the management node:

        [root@vcl-mn vmwarelinux-RHEL54Small2251-v0]# ls -lh
        total 953M
        rw------ 1 root root 30G Aug  1  2011 vmwarelinux-RHEL54Small2251-v0-flat.vmdk
        rw------ 1 root root 540 Aug  2  2011 vmwarelinux-RHEL54Small2251-v0.vmdk

      • The size of the thin vmdk file will be approximately equal to the actual amount of data used according to the du command from the management node:

        [root@vcl-mn vmwarelinux-RHEL54Small2251-v0]# du -ch *.vmdk
        953M    vmwarelinux-RHEL54Small2251-v0-flat.vmdk
        8.0K    vmwarelinux-RHEL54Small2251-v0.vmdk
        953M    total

      • Copy the thin vmdk via SCP - the amount of data copied is equal to the size of the VM's hard drive (30 GB):

        [root@vcl-mn nfs-datastore1]# scp -r vmwarelinux-RHEL54Small2251-v0 matilda:/install/thin
        vmwarelinux-RHEL54Small2251-v0-flat.vmdk                                                      7% 2261MB  25.3MB/s   18:45 ETA

      • Copy the 2 GB sparse vmdk via SCP - the amount of data copied is approximately equal to the actual amount of data used:

        [root@vcl-mn vmware_images]# scp -r vmwarelinux-RHEL54Small2251-v0 matilda:/install/2gbsparse
        vmwarelinux-RHEL54Small2251-v0-s001.vmdk                                                    100%  880MB  25.9MB/s   00:34
        ...
        vmwarelinux-RHEL54Small2251-v0-s016.vmdk                                                    100%   64KB  64.0KB/s   00:00
        vmwarelinux-RHEL54Small2251-v0.vmdk                                                         100% 1444     1.4KB/s   00:00

  • Image files are copied using SCP from the VM host to the Repository Path on the management node during the image capture process if the VM Disk parameter is set to localdisk
  • If the requested image does not reside in the Data Store Path on the VM host when a reservation is made, it is copied from the Repository Path on the management node to the VM host using SCP

• Data Store Path - Path on VM host where virtual disk (.vmdk) files are stored
  • VCL creates a directory under the Data Store Path directory on the VM host for each image used on the VM host
  • The image directories are named after the VCL images:
    <os name><image name><image revision>
  • Example: vmwarewin7-enterprise156-v2
• VM Path - Path on VM host where running VM files are stored (.vmx, .vswp, nvram...)
  • VCL creates a directory under the VM Path directory on the VM host for each VM it creates on the VM host
  • The VM directories are named using a combination of the VM computer and image name:
    <computer name>_<image id>-<image revision>
  • Example: vclvm-53_156-v0
• Virtual Switch - network names configured in VMware
  Virtual Switch 0 - private VCL management networ
  Virtual Switch 1 - public network used by user making reservation to access the VMs
  • For ESXi, the Virtual Switch parameters must match the Virtual Machine Port Group Network Labels configured in the vSphere Client
  • For VMware Server 2.x, the Virtual Switch parameters must match the Network Names configured by running vmware-config.pl
• VM Disk - Defines the type of storage used on the VM host to store the VCL images
  • localdisk - Select localdisk if separate storage is used by each VM host to store images and storage is available on the management node, configured by the Repository Path parameter
    • Images are copied from the VM host to the Repository Path on the management node during the image capture process
    • Images are copied from the Repository Path on the management node to the Data Store Path on the VM host during the image load process if the image does not already reside on the VM host
  • network - Select network if the same network-based storage is used by all of the VM hosts
    • Images are not copied to the Repository Path on the management node when during the image capture process
• Generate eth0/eth1 MAC - not used
• Username/Password - Name and password of the administrative or root user residing on the VM host
  • This account is used to manage the VM host and VMs assigned to the host
  • The username and password are currently only used if the vSphere SDK is used to manage the VM host and VMs