1

Enforcing a vSphere Cluster DesignUsing PowerCLI Automation

Who is Duncan Epping?

WriterAuthorAuthor

JobVMware

Social

@ Yellow-Bricks.comof Essential Virtual SANof Clustering DeepdiveChief Technologist @ VMwareVCDX@DuncanYB (twitter)

Who is @ChrisWahl?

WriterHost

InstructorEvangelistMicrosoft

VMware

@ WahlNetwork.com@ DatanautsPodcast.com@ Pluralsight.com@ Rubrik.comMVP (PowerShell)VCDX (DCV & NV)

4

Agenda

• vSphere Cluster Design Basics• Crafting Declarative Configurations• Infrastructure as Code• An Introduction to the Vester project

vSphere Cluster Design

5

Vision

Design

PlanTransition

Manage

Governance

Architecture Methodology

It is all about the app

App

What are the things we need to think about?

Consistency is the key to success

• Compute– DNS / NTP / TPS

• Storage– Protocol / Limits / Resiliency

• Networking– vMotion / Management / Storage / VMs

• vSphere HA and DRS

9

Brief intro to vSphere Clusters

vSphere HA Basics

• Configured through vCenter Server• Each host has an agent (FDM) for monitoring state• HA restarts VMs when a failure impacts those VMs

FDM SlaveFDM Master

FDM Slave

10

Brief intro to vSphere Clusters

vSphere HA Specifics

• One of the hosts is elected as master• Heartbeats via network and storage

– Management network (or)– VSAN network (if VSAN is enabled)

• It can reserve resources for restarts (Admission Control)

11

Brief intro to vSphere Clusters

vSphere DRS Basics

• DRS provides load balancing and initial placement– To keep VMs happy and maximize cluster

utilization• DRS is the broker of resources between

producers and consumers• DRS goal is to provide the resources the

virtual machine demands

12

Brief intro to vSphere Clusters

vSphere DRS Specifics

• DRS provides cluster management – Maintenance Mode– Affinity / anti-affinity rules– VM-Host groups– Resource Pools

13

And then there is compute

Many things to think about during install / config

• Gateway / DNS• NTP• NUMA• Syslog + Scratch Partition• TPS enabled or disabled?

– If enabled, how?• Security?

– Lock down enabled?

14

Storage, you got an hour or two?

iSCSI, FC, FCoE or maybe VSAN

• Many different storage systems• Many different design considerations

– And also implications on for instance vSphere HA

– PDL / APD– Stretched? Replication? Sync / Async?

• Resignature? Mount? Orchestration of DR?• Number of Paths, Number of LUNs• Performance aspects – RAID Types –

Flash vs Hybrid

15

It is always the networkYes, we usually do blame others… Reality is, many issues arise from inconsistency...

• Distributed Switch vs normal vSwitch?• Consistency in configuration of

network segments– VLANs / Portgroups– MTU (end to end)

• Load Balancing– Load based teaming– Virtual Port ID– IP Hash / LACP

Crafting Declarative Configurations

17

Imperative Declarative

Where’s the Value?

20

Avoids Building by Handstatements become actionable

21

Repeatable Processesconsistency is your friend

22

Force Multiplierthe entire team is now empowered

23

Annihilate Tribal Knowledgedocumentation is stale upon creationconfigurations are self documenting

Infrastructure as Code

26

Abstract End State from Configurationdon’t store declarative configuration inside the endpoint

Where do Objects Live?

But I already have a vSphere environment!

• How do I pull the config out of it?• Leverage PowerCLI as a starting point …

– DRS Rules (affinity, anti-affinity, vm-to-host)– VDS and Port Group configs– Resource pools– Generic cluster configs– VSAN & SPBM policies

Get-DrsRule

31

Export-VDSwitch & Export-VDPortGroupNote! Import-Module VMware.VimAutomation.Vds

32

http://blogs.vmware.com/PowerCLI/2013/03/vds-exportimport-with-powercli.html

Get-ResourcePool

33

Get-SpbmStoragePolicy &Get-VsanDisk / Get-VsanDiskGroup

34

35

Conversational Configurationtracking, logging, and implementation in a single system

Ops Collaboration

38

Gathering Objects with PowerCLI

• Get information on the cluster– HA, NTP, SSH, DRS, DNS, so forth

• Compare with declarative configuration• Inspect results

– Validate always– Remediate optional

• Report metrics

Vester

41

Interesting Projects

• Vester– https://github.com/WahlNetwork/Vester

• vSphereDSC– https://github.com/lucdekens/vSphereDSC

• Operation Validation Framework (OVF)– https://github.com/PowerShell/Operation-Validation-Framework

• Watchmen– https://github.com/devblackops/watchmen

• vSphere HA Deepdive– https://ha.yellow-bricks.com (Free ebook!)

• PoshSpec– https://github.com/Ticketmaster/poshspec

Thank you!Duncan Epping – Chief Technologist, VMwareChris Wahl – Technical Evangelist, Rubrik