VMware vSphere: Certified Professional

Exam Preparation Workshop

ESX 4.0, ESXi 4.0, and vCenter Server 4.0
Student Manual

VMware® Education Services

VMware, Inc.
education@vmware.com
VMware vSphere: Certified Professional
Exam Preparation Workshop
Part Number EDU-ENG-A-VS4VCP-LECT-STU
Student Manual
Revision A

Copyright/Trademark

Copyright © 2009 VMware, Inc. All rights reserved. This manual and its accompanying materials are
protected by U.S. and international copyright and intellectual property laws. VMware products are covered
by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or
trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names
mentioned herein may be trademarks of their respective companies.

The training material is provided “as is,” and all express or implied conditions, representations, and
warranties, including any implied warranty of merchantability, fitness for a particular purpose or
noninfringement, are disclaimed, even if VMware, Inc., has been advised of the possibility of such claims.
This training material is designed to support an instructor-led training course and is intended to be used for
reference purposes in conjunction with the instructor-led training course. The training material is not a
standalone training tool. Use of the training material for self-study without class attendance is not
recommended.

These materials and the computer programs to which it relates are the property of, and embody trade
secrets and confidential information proprietary to, VMware, Inc., and may not be reproduced, copied,
disclosed, transferred, adapted or modified without the express written approval of VMware, Inc.

education@vmware.com
1
2
3
4
5
6
7
8
9
10
To prepare for your VCP exam, begin by looking at the exam blueprint on
the http://www.vmware.com/certification site, which references the areas you need to focus on and the
white papers you should read at http://www.vmware.com/support/pubs/vs_pubs.html.

In addition, you should read the whole of the vSphere: Install, Configure, Manage
manual, especially if you were trained on previous versions.

11
One of the best study strategies is a two-tiered approach: you study alone at first and study with others
afterward. In the first phase, carefully review your notes and the manual, perhaps creating flash cards
to help you remember definitions, theories, and other important material. When you feel confident of
the material, study with one or more colleagues. If possible, get a group of 5–7 people together as a
study group. During this phase, trade off asking one another questions without allowing the person
who is answering to look at the manual or notes. This kind of studying can help you stay motivated. It
is highly efficient because it allows others to pick the material, thereby exposing gaps in your
knowledge (just as an exam does). Moreover, if the questions people ask are comparable in difficulty
to exam questions,
i you will
ill be
b able
bl to estimate
i your performance
f on the
h upcoming
i exam (f (for example,
l
if you can answer 80 percent of the study questions, you will probably get about 80 percent of the
questions correct on the exam). Group time should be reserved mainly for practice—not for review
and discussion.

Set a schedule for your study. Your schedule will depend on the amount of time available and your
experience.
p Spaced
p practice
p is better than massed practice.
p Late-night
g cramming
g usuallyy leads to ppoor
retention, mental and physical fatigue, and careless mistakes on the exam.

Make sure that you include time for the following:

•Reading time
•Review questions
•Lab time
•Practice answering questions without access to notes

If you don't usually get time on the product, set up a lab and work though some of the exercises in the
install and configure course.
12
13
14
15
16
17
You can find installation best practices at http://kb.vmware.com/kb/1009080.

18
See “Timekeeping in VMware Virtual Machines” at
http://www.vmware.com/pdf/vmware_timekeeping.pdf and VMware vSphere 4: The CPU Scheduler
in VMware ESX 4 at http://www.vmware.com/files/pdf/perf-vsphere-cpu_scheduler.pdf. The
timekeeping document was written for VMware Infrastructure 3 but can be applied to vSphere.

19
20
21
22
23
24
25
26
27
28
29
30
31
32
See FC San Configuration Guide for details.

33
34
See http://www.vmware.com/products/vsphere/buy/editions_comparison.html.

35
36
37
38
39
40
41
42
43
44
45
46
Available NIC teaming policies do not take into account the workload inside the virtual
machine. In many cases, the individual virtual machine workload might differ significantly
among guests. Choosing a preferred uplink for a port group and dividing virtual machines
into separate port groups allows the administrator to balance the workloads across
available uplinks.

47
8
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
See the Availability Guide for the interface requirements for HA. Note that FT uses the same interface
as HA.

64
These are the same requirements as in the network design lab in install and configure, with added
requirements for HA and DRS.

Discussion points:
•Solutions could use one vSwitch and port groups to separate traffic or several vSwitches.
•They could be DVS or SS.
ow to isolate
•How so ate VM1
V and
a d 2:: Either
t e they
t ey need
eed to be on
o an
a internal
te a vSwitch
vSw tc or
o a port
po t group
g oup not
ot attac
attached
ed
to a pNIC.
•VM3 needs to be configured to see the internal network and the external one with two vNICs.
•How to isolate IDS traffic
•SC ports required for management – more than one, depending on HA design requiring DAS isolation
response and if software iSCSI initiator requires CHAP
VMK ports required for vMotion and the iSCSI storage if solution is using a software initiator
•VMK
•VM ports required with appropriate VLANs
•Which elements should have NIC teaming? Arrangement of active-standby adapters? Is the HA
heartbeat network redundant? Is the production network redundant?
•IDS requires promiscuous mode.
•VLANs need to be defined.
•Slo er pNIC should
•Slower sho ld be used
sed for management
management. Is vMotion
Motion on a GigE pNIC
pNIC.

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
VMware vSphere™ 4 provides hot virtual disk extend for growing virtual disks.
Previously, it was not possible to increase the size of the underlying datastore to
accommodate the increased virtual disk size. Now, vSphere 4 allows for VMFS Volume
Grow, which can increase the size of an existing datastore. To do this, the underlying
array must support some type of dynamic LUN expansion.

94
28
95
96
97
98
99
100
This exercise is based on the Plan and Design Service Delivery Training.

Hardware requirements vary according to choice of iSCSI or FC.

FC will need to include HBAs, fabrics, SP.
iSCSI will need iSCSI HBA or NIC, switch, targets.
Both will need an array.
NFS can be used for ISOs and templates
templates.

Solutions should identify the risks of placing the high I/O apps on the same LUNs.
Likewise, the domain controllers.
Special requirements for the clustered application include RDMs.

Shared storage:
• Thirty 250GB LUNs for initial storage. This assumes 20GB of space per virtual machine—8GB of
disk space, room for memory swapping and virtual machine snapshots. This gives enough disk storage
for the virtual machines initially planned for the 10 hosts, plus room for virtual machine templates.
• All above LUNs are shared by all hosts to facilitate VMware vMotion™ migration and VMware HA.
• A separate 250GB LUN is reserved for virtual machine templates and media files to keep them
separate from virtual machines to minimize possible contention.
• A separate set of LUNs is created as mapped SAN LUNs for the MSCS virtual machine’s shared
volumes.

101
102
103
104
105
106 4
107
108
109
110
111
112
113
114 12
115
116
117
118
119
120
121
122
123
124
125
Discussion points:

Different roles need to be created on VMware vCenter™ Server for each type of function.
Limited number of roles need to be defined on the VMware® ESX™ host.
Some of the functions map to vCenter Server roles while others, such as RDP, IDS, NAT, and domain
controller, are defined by the guest operating system security.
Should
S ou d tthee S
SAN
N roles
o es be de
defined
ed in vCe
vCenter
te Server,
Se ve , oor in tthee sto
storage
age fabric,
ab c, oor tthee sto
storage
age pprocessor?
ocesso ?

126
127
128
129
130
131
See VMware Tools Installation Guide at
http://www vmware com/pdf/osp install guide pdf
http://www.vmware.com/pdf/osp_install_guide.pdf.

132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
•Templates required for Windows and UNIX
•Customization scripts for different types of application
•Virtual machines and templates organized within folders and naming convention to distinguish
application types
•Is the number of virtual machines within the supported range for vCenter Server?
•Which types of virtual machines can be snapshotted? Which ones should have independent disks? For
example, should Active Directory be allowed to be snapshotted?
•Is four hours sufficient to do a P2V migration, or should the virtual machines be built from scratch
and the data migrated?
•Should Active Directory be moved in a different way?

151
152
153
154
155
156
44
157
158
159
160
161
162
163
164
12
165
3
166
167
168
169
170
171
172
173
174
VMware vCenter™ Server:
•Create and remove VMware High Availability clusters.
•Configure and manage VMware HA clusters.
•Orchestrates the install of VMware HA agents
•Maintains virtual machine power states to VMware HA agents
•Enforces admission controls
Nodes:
•First five VMware® ESX™ hosts that join the VMware HA cluster will be primary nodes.
•The remaining nodes are secondary nodes.
•Secondary nodes:
• Propagate state information to primaries
• Respond to failover directives and detect their isolation
• The primary nodes take care of the VMware HA clusters functions.
• It is important that all hosts can communicate with each other regardless of their role.
Processes:
•vCenter Server communicates with vpxa.
•vpxa sends metadata VMap.
•VMap translates instructions to the AAM agents.
•vpxa also communicates with virtual machines.

Network:
•The
Th AAM agents
t communicates
i t independently
i d d tl off vCenter
C t Server.
S
•If a node cannot communicate with other nodes and isolation address, the node will be network isolated.

Storage:
•Successful failover in VMware HA requires that a virtual machine can be started on any ESX host.
•Shared storage must exist for each node.
175
176
177
178
179
180
181
182
183
184
On hardware without hyperthreading, each virtual CPU (vCPU) is mapped to a physical CPU core
( CPU) On
(pCPU). O hhyperthreaded
th d d hhardware,
d eachh vCPU
CPU iis mapped d tto a llogical
i l CPU (h
(hardware
d execution
ti
context). Whenever a virtual machine’s monitor, which is a process running in the VMkernel,
determines that the virtual machine’s virtual CPU needs to be scheduled on the pCPU to execute
specific commands, it sends a request to the VMkernel. If the pCPU is available, the vCPU is
immediately serviced and consequently runs the required commands. However, if the pCPU is busy,
the vCPU has to wait until the VMkernel grants the request.
Whenever a vCPU is ready to be scheduled to execute commands but has to wait, the amount of time
p waitingg is referred to as CPU ready
spent y time ((that is,, ready
y to execute but forced to wait).
) Readyy
time is the clearest indicator of processor contention.
The service console, which is the management component and provides all administration and
monitoring-related services, can run only on CPU 0. It is never migrated to other processor cores.
The VMkernel reevaluates the current mapping of vNICs to pNICs every 20 milliseconds and makes
any changes it deems necessary to improve the load balance and minimized ready time accumulation.
For more details, see vSphere Resource Management Guide at
p p p
http://www.vmware.com/pdf/vsphere4/r40/vsp p_40_resource_mgmt.pdf.g p
For multiprocessor (multi-vCPU) virtual machines, whenever one vCPU is scheduled, a best effort
will be made to schedule all vCPUs simultaneously. Relaxed co-scheduling provides some flexibility
if workloads must be adjusted to schedule SMP based VMs.

185
When a virtual machine is running, the VMkernel grants a specific amount of physical RAM that
must be at least as much as the virtual machine’s reservation and no greater than its limit. The
VMkernel attempts to grant enough RAM to meet the immediate needs of the virtual machine
without needlessly overcommitting or wasting RAM. The VMkernel tends to grant all physical RAM
that is configured for the virtual machine as it boots, then reclaims some of the RAM as the virtual
machine runs.

In order to reduce the amount of used physical RAM,

RAM the VMkernel provides transparent page
sharing, which facilitates identical virtual RAM pages from multiple virtual machines to
simultaneously point to the same physical page of RAM. In the example, the two virtual machines on
the right contain the identical page of virtual RAM, and the virtual machine on the left contains the
same page twice. All four instances point to the same physical page. If one virtual machine needs to
update the page, it will first be copied and its pointer will then be moved.

I situations
In i i where
h allll the
h virtual
i l machines
hi use Win2x
Wi 2 guest operating
i systems, the
h reduction
d i off
utilized physical RAM has been measured up to as much as 30 percent.

186
187
188
189
190
191
192
193
vMotion migration is initiated and completed in five broad steps:

1. Validation: vCenter Server determines whether vMotion migration can happen. Otherwise, it
stops the attempt to perform the vMotion migration.
2. A copy of the original virtual machine's configuration files is used to provision a new virtual
machine on the target host. The original virtual machine's configuration state is captured in a
snapshot and is copied to the newly provisioned virtual machine. The configuration state
i l d application
includes li ti state,
t t driver
di state,
t t BIOS settings,
tti andd CPU registers.
it
3. The virtual machine is suspended on esx01. Memory that is changed as indicated by the bitmap
is copied to esx02.
4. The virtual machine on esx02 is started, and users begin to access the new virtual machine.
5. esx01 is shut down and deleted on esx01.

Key thing to remember: Memory and CPU state is copied from source to target. This includes the
BIOS, apps, data, operating system, and libraries that apps use. These are copied as is from esx01 to
esx02—hence the requirement for compatible CPUs.

194
195
196
197
198
199
200
201
What is the number of hosts that can fit on one cluster?

Given the number of critical applications, should additional hosts be acquired?

Should any virtual machines be excluded from the cluster? The payroll virtual machine will be tied to
the host that has the parallel port unless it is replaced with an IP-parallel converter. However, this
might represent a security risk for the customer.

The Microsoft Cluster Service cluster will need to be excluded.

The clusterwide resource pool needs to be defined for the critical applications. Though there is not
enough information to decide what limits, reservations, and shares should be, make sure that the
student designs are coherent and appropriate.

Active Directory domain controllers might require anti-affinity settings if they are all the same domain.

Startup priority might be important for security applications like Active Directory and the IDS in
addition to vCenter Server—but lower for the staging servers.

202
203
204
205
206
207
208
209
210
211
212
9
213
214
215
216
217
218
219
220
221
222
223
224
If a load imbalance is present, more information can be gathered by viewing the
resource distribution chart. This chart shows both CPU and memory load balances
for each of the hosts in the cluster. The Hosts tab can be checked for a comparison
of all the hosts in the cluster.

225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
When diagnosing a network-related performance problem, a key indicator is
dropped packets. Dropped packets indicate that the link in use is oversubscribed.
This metric can be accessed under Performance Charts, but only for the overall
uplink, not for the individual virtual machines. esxtop can be used to provide this
level of detail.

240
37
If a virtual machine is experiencing a disk constraint, examine the following:

• Increased latency – An increase in read or write latency, particularly write latency,

is an indication that the datastore containing the virtual machine is in contention.
This could be due to a large amount of activity from multiple virtual machines in the
same datastore.

• Queue depth – If disk activity is unable to reach the storage array, it will queue
back to the ESX host. This particular metric is not exposed in the vSphere Client
but can be viewed using esxtop/resxtop.

• Disk performance characteristics – To prevent disk contention, consider measuring

the capabilities of new LUNs before creating a VMFS datastore on themthem. This can
be done using a load-generating tool like Iometer, a freely available performance
measuring tool that can be found on the Internet. Using a tool like Iometer, you can
measure the I/O and response time characteristics of a LUN before placing it into
production.

241
38
Overview charts are displayed in a single panel. The charts are viewed by
selecting the object, which can be clusters, datacenters, datastores,
hosts, resource pools and virtual machines. Both real-time and historic
data can be viewed, and links exist between parent and child objects.

242
Advanced performance charts provide the ability to select combinations of
metrics in a customized format that can be exported, saved, or printed. If
this is the preferred chart type, you can set it by editing the client setting
and setting the default value to Advanced Performance Charts.

243
244
245
246