3Par Learning Videos

Posted by Justin Vashisht on May 27, 2013 3 comments

I uploaded a bunch of useful 3Par related videos that were shown to me at a 3Par Champions session.  Hope they help out the community! Justin Vashisht – 3cVguy

3PAR – BASIC PROVISIONING AND AUTONOMIC GROUPS

3PAR – DYNAMIC OPTIMIZATION AND SYSTEM TUNE

3PAR – VIRTUAL COPY SNAPSHOTS AND CLONES

3PAR – THIN CONVERSION AND THIN PERSISTENCE

3PAR – REMOTE COPY

3PAR – ADAPTIVE OPTIMIZATION

3PAR – VIRTUAL DOMAIN

3PAR – SYSTEM REPORTER

3PAR –MANAGEMENT PLUGIN AND RECOVERY MANAGER

3PAR – RECOVERY MANAGER FOR SQL

3PAR – PEER MOTION

3PAR – EVA TO 3PAR ONLINE IMPORT

Categories: 3Par. Tags: , , .

3Par StoreServ 7000 Zoning Considerations

Posted by Justin Vashisht on May 26, 2013 2 comments

Since the 7000’s came out I’ve noticed a lot of conflicting information on the way HP recommends zoning to be configured for virtualized environments.  For instance, on page 5 in the HP 3PAR StoreServ Storage and VMware vSphere 5 best practices it is clearly written that on 3.1.2 HP supports both Single Initiator->Single Target and Single Initiator/Multiple Target.  Now, before we go further lets take a look at the difference on a visual level.  Below we have two pictures from the aforementioned document.  Both pictures show a single host with two ports (Two Initiators), a set of Fabrics, and a dual node array with 2 ports each (two targets per node).

image    
*Single Initiator/Single Target (RECOMMENDED)

 

image
*Single Initiator/Multiple Target (AVOID)

Now, looking at this and other HP documents out there one could quickly determine that Single Initiator->Multiple Targets would be the right configuration especially since a line on page 5 reads – “Single initiator to multiple targets per zone (zoning by HBA). This zoning configuration is recommended for HP 3PAR StoreServ Storage. Zoning by HBA is required for coexistence with other HP Storage arrays.”   So, after creating my 7000 Installation post I received some interesting feedback on several people who thought that performing the Single Initiator/Single Target method was always the recommended way from 3Par.  I verified the existence of confusion out there by looking a few 3Par installs and found it interesting that configuration methods were pretty much split 50/50 from Hp techs.  Of course, this creates a bunch of confusion since you would believe that a published HP document on the VMware site would provide the iron clad answer.  With the 7000 being approved for customers to self install I started to get more concerned about possible misconfigurations out in the field.  At this point I engaged two incredibly smart 3Par guys, Ivan Iannacone (Worldwide 3Par Product Manager) and Jorge Mastre, one of New York’s top 3Par Specialist and all around larger than life guy (those who know him will not questions this statement).

Ivan and Jorge pretty much gave the same recommendations and acknowledged the confusion in the field from conflicting documents.  They state HP will support Single Initiator –> Multiple Target but you should not have more than two targets attached to that Single Initiator.  So, if I have a quad/octo controller arrays, zoning all nodes’ targets to a single initiator can cause severe performance issues in certain case when data is coming from many WWN’s.  There are actually many performance related tickets that have been resolved due to this type of configuration.  The consensus is to just use Single Initiator –> Single Target zoning which also reduces RSCN broadcasting that can occur when presenting/removing VLUNS/HOSTS.  Sure, this process takes much longer since you will be creating more zones but this will be a pain to change once you are in production mode.  I have seen configurations where arrays with 4+ controllers are zoned with Single Initiator –> Multiple Targets but staggered.  So, Server 1 will be zoned to controllers 0 and 1 and Server 2 zoned to controllers 2 and 3 and so forth.  This is an interesting concept and seems to work well since we are not going over the 2 target limit.

HP is working on cleaning up the inconsistencies on the article and in the meantime this document seems to be the best one to look at – http://h20195.www2.hp.com/v2/GetDocument.aspx?docname=4AA4-4545ENW&doctype=w

UPDATE – In the comments section a reader asked me on the standard naming convention used for zoning so I will add it here.

Blade Server Alias – a_blade01_port1

3Par Alias – a_CLIENTNAME_3PAR01_C0_S1_P1 (Controller, Slot, Port)

Zone – z_blade01_CLIENTNAME_3PAR01_c0_a

Zone Config – c_CLIENTNAME_a

I hope to receive more feedback from the field on this topic and will update accordingly.

-Justin Vashisht (3cVguy)

Categories: 3Par, HP. Tags: , , , .

An afternoon at the NYC VMUG with Justin King, @vCenterGuy talking about vCenter SSO

Posted by Justin Vashisht on April 16, 2013 No comments

A colleague of mine recently attended the NYC VMUG event held on April 10 which featured Justin King @vCenterGuy.  Brandon Henriquez assembled a nice write-up and wanted to share it with everyone.  This should help people understand the new 5.1 SSO feature set a little more.

——————–

Earlier this week, I went to my first VMware User Group meeting at the New York Times Building near Port Authority. Allow me to briefly describe the building…It’s AWESOME. The exterior architecture, the interior design, and general layout of the building have a very modern and elegant feel. I should point out that after exiting the elevator I did quickly get lost attempting to find the actual meeting, but I located another VMUG member who, with our powers combined, we located the main conference room and slightly more importantly the food.

Enough about my initial foray into the building, it’s time to get to the meat and potatoes about my visit, VMware VCenter Server 5.1. The illustrious VCenter Guru, Justin King (of course his name was Justin), was the main speaker for the meeting and he is considered a widely renowned and respected resource for the VMware community. He came to discuss the changes in VMware VCenter Server 5.1 and primarily discussed VCenter Single Sign On Server (SSO). VCenter is being developed as a framework of common services, one of those being SSO.

SSO creates an authentication domain that users are authenticated through in order to access available resources. This allows the functionality of not having to log in to multiple VCenter and VSphere servers separately with separate credentials, similar to the application Single Sign On application Microsoft uses for its BPOS suite. SSO allows the ability to have multiple Active Directories attached as well as OpenLDAP, allowing you to move across different domains freely. SSO works by providing Secure Token Exchange (SAML 2.0). After logging in through the web client a token is issued, which is then authenticated through whichever Active Directory/OpenLDAP accounts have the proper permissions (it should be noted that you can create a SSO user and give it admin rights which would be similar to having the root user in VSphere). Once approved, the token is issued back to the web client and access is given to all the appropriate VCenters and VSphere servers.

There are some limitations and requirements to SSO, such as it should be the first VMware installation when setting up VCenter. It also requires its own database which preferably should be on it’s own server (you can technically use this database server for the VCenter server database as well). Linked mode would no longer be required for unified views of local VCenter servers however would be required for sharing permissions, roles and licenses. Lastly, SSO should not be configured for use over WAN without some assistance through VMware support and even then it’s not the “best solution.” Since SSO is consistently reaching out to Active Directories and OpenLDAP authentication, if the WAN were to drop, you would be left without a way to access the SSO (unless you have a SSO specific user configured). In addition, you may lose the ability to access the SSO altogether.

There are several different types of “setups” used when building out a VCenter Single Sign On Server. The most basic is actually the most recommended setup as stated by Justin King himself. The reason being is that it’s not made more complex than it has to be and is kept very simple. On one host server (or VM server) you place the following servers: a Single Sign On server, a VCenter server, an Inventory Service server, a Web Client server and a database server. To briefly touch on the Inventory Service (IS) and Web Client (WC) servers, the IS server provides a query service into VPXD for keeping track and tagging specific virtual devices. The WC server is to mainly maintain the Web Client, which is supported on IE, Firefox and Chrome and has a “Work in Progress” mode where your last inputs would be saved until you can come back to the client to finish what was started.

The three other setups include configuring a VCenter Single Sign On server as a “Primary” and setting up another as a “Backup” essentially allowing redundancy but there are limitations. The first and more prominent limitation is that there can only be 1 Primary SSO and only the Primary can manage the SSO. This means that if the Primary SSO goes down, the Backup SSO wont be able to make changes to the SSO setup at all, making it essentially not a “true backup” and instead a active/passive solution. The other setups are also more complex by either involving other protocols, devices, or manually input that all take away from the purpose of the SSO, which is to have a single sign on point.

Before time ran out, Justin shared little bits of information that I am eager to share. The first being that the next update to VMware will be a minor update, expect a 5.2 before the end of the year. This update will most likely see the return of cluster databases. For the near future, Update 1 should be out within the next couple of months, bringing with it a more stable SSO and lots of minor fixes including a Update Manager update. For the next Major release, which is slated for next year, expect the Desktop client to be…NON-EXISTENT! VMware is planning on moving towards a Web-only client, which is definitely big news. In addition, they are working to have a physical VCenter Appliance box to be purchased, which will come all preconfigured and be able to put up “up to 500 hosts/5000 VM’s “. I’m really excited to see how that turns out.

VMware VCenter 5.1 is definitely making some defining moves and on it’s way to becoming a true services framework.  SSO sounds very good, but after some research I found that it is very hard to get up and running properly. In addition, it requires a hefty load of hardware in terms of RAM and processing power to get up and running. Also, the Web Client and Inventory Services are works in progress at best and are more of a after-thought for the time being (but will definitely become prominent services in future revisions of VCenter). Overall, the whole VCenter package just doesn’t seem appealing enough to start deploying just yet but there are moves that are being made in the right direction. I can, however, see it being the go to VMware management services package in the near future!

-Brandon H.

——————–

-Justin Vashisht (3cVguy)

Categories: VMware. Tags: , , .
 « Previous Posts