2. 2
Agenda
vCM 5.4 New Feature Overview
vCM New Feature Details
• Changes in platform support
• vCM new feature details
Introduction of Operating System Provisioning (OSP)
Improvements in ESX/ESXi set up and configuration
vCenter data inspections as true data class on WCI framework
VMware Service Manager Integration: vCM updates
CP&C 2010 H2 updates
3. 3
Product Readiness: vCM 5.4 New Feature Overview: Key Points
Introduction of Operating System Provisioning
vCM 5.4 is the first release of vCM that provides Operating System Provisioning (OSP)
features that allow users to install or re-install an operating environment to a bare metal
system or to a VM Guest container in
vCM 5.4 support OSP for Microsoft Windows (2003 R2, Win 7 2008/R2, Red Hat (5.0, 5.2,
5.4, 5.5), SUSE (10.3, 11.1) and VMware ESX (4.0, 4.0 u1, 4.0 u2, 4.1) and ESXi (4.1)
Other:
Platform Support:
• vCM 5.4 Collector now supports Windows 2008 R2 and SQL Server 2008 R2
• Agent: Red Hat 5.5
Improved vCenter /vSphere support (mainly user experience improvements)
Other minor improvements includes preparatory work for VCM VSM integration
(due in Q1 2011)
• Integration will support closed loop change management process and CI exchange
4. 4
Introducing Operating System Provisioning (OSP)
•Manage OS distributions
centrally
• Import vendor supplied OS
distributions into a repository
•Provision and Re-provision OS
on to bare metal or VM
• Discover, Select and Deploy
• Windows/ESX(i)/RHEL/SLES
•Integrated User Experience
• Common UI
5. 5
OSP Basic Feature Set
• A new component called OS provisioning (OSP) server driven from
VCM UI
• Initial provisioning and re-provisioning of OS onto bare metal and
VM (Windows, RHEL, ESX(i) and SLES)
• PXE based mechanism to discover and provision. Manual additions
also allowed.
• All operations driven from VCM UI
• Fingerprint based mechanism to white list supported OS
• Auto install of VCM agent as part of OS provisioning
• Admin level access control to OS provisioning feature
6. 6
OSP Platform Support
Note: Windows and Linux provisioning available for both physical and virtual machines. ESX/ESXi for
physical machines only.
Windows
• 2008 R2 (x86-64
bit)
• 2008 SP1/SP2
(x86-64 and 32
bit)
• 7 Pro (x86-64
and 32 bit)
• 2003 R2 SP2
(x86-64 bit and
32 bit)
Linux
• RHEL 5.0, 5.2,
5.4, 5,5 (32 and
x86-64 bit Server
Editions)
• SLES 11 SP1, 10
SP3 (32 and x86-
64 bit)
VMWare
• ESX 4.1
• ESXi 4.1
• ESX 4.0 u1, u2
7. 7
OSP Server Setup and System Requirements
• OSP server (back end) runs on a separate machine
• OS – RHEL 5.2
• Memory – 4 GB min
• CPU – 2
• Disk – 100GB
• Front end is fully integrated with VCM UI. All OS provisioning operations
are UI driven
• exception - initial step of importing the OS distributions into OSP server.
• Out of box PXE (DHCP and TFTP) server
• External DHCP server is supported.
• PXE based mechanism (for VMs also)
• One to one mapping of VCM collector and OSP server
• May have implications in multi network, multi site scenario
9. 9
Recommended Network Topology
OSP
(as PXE server,
with/without DHCP)
VCM
Collector
DHCP Server
(optional, point to OSP
server as tftp)
Physical Servers or VMs
OSP Server and Managed nodes on same layer two network
10. 10
OS Provisioning Process
1. Machine boots, sends
out DHCP/PXE request
3. Machine gets discovered
in OSP and VCM UI
2. Load microkernel and
gather hardware data
OSP Server
Collector/UI
11. 11
OS Provisioning Process (contd..)
5. Machine reboots, sends
out DHCP/PXE request
4. User selects OS to
deploy on target machine
6. Start OS installation
Collector/UI
OSP Server
12. 12
OS Provisioning Process (contd..)
8. OS provisioning status
update
Collector/UI
OSP Server
7. OS provisioning status
Updates
13. 13
OS Provisioning Process (contd..)
OS plus
VCM Agent
9. Collector starts managing
newly provisioned machine
Collector/UI
OSP Server
Up/down message
14. 14
Configuring OSP Server in VCM UI
• One time set up to associate OSP server with VCM collector
• Periodic exchange of status and other information between collector and OSP (configurable)
15. 15
Importing OS Distributions into OSP Server
• Command line based. Script provided.
• List shows up on VCM UI after import
16. 16
Discovered Machines Ready to be Provisioned
• Newly discovered Machines identified by MAC address
• Hardware inspected to identify architecture, CPU, etc
17. 17
Add Machines for Provisioning
• Manual mechanism in place of Discovery/PXE
18. 18
Steps to Set Up Machines to be Provisioned
• Select one or more discovered machines to be provisioned
19. 19
Steps to Set Up Machines to be Provisioned
• Select the OS distribution to be deployed
20. 20
Steps to Set Up Machines to be Provisioned
• Provide OS specific parameters
• For windows, license key, admin credentials, domain information and Interface IP
address mechanism
21. 21
Steps to Set Up Machines to be Provisioned
• For RHEL, SLES and ESX - license key, admin credentials, domain name and
Interface IP address
22. 22
Steps to Set Up Machines to be Provisioned
• Specify hostname and IP address settings
23. 23
Steps to Set Up Machines to be Provisioned
• Define any post install script to be run (for windows, SLES and RHEL only)
24. 24
Steps to Set Up Machines to be Provisioned
• Specify the disk partition size, for windows only
• Only first disk is supported
25. 25
Steps to Set Up Machines to be Provisioned
• Confirm and finish
31. 31
vCM 5.4 Platform support
The vCM 5.4 Server (Collector) is now only supported on:
• Windows 2008 R2 (64 bit)
• SQL Server 2008 R2 (64 bit)
See next slide for migration information
As part of this transition: vCM now also only supports Internet Explorer 7 and 8.
In addition: split installs are no longer an option.
Note: the OSP server is a separate installation that requires Red Hat 5.?
The following platforms and new revisions are now supported by
the vCM Agent(s):
• Red Hat 5.5
Please also see Operating System Provisioning section for OSP platform support
specifics
32. 32
vCM 5.4: Migrating from prior versions
VMware vCM 5.4 supports migration from:
• Configuresoft ECM 4.11.1 or higher
• EMC SCM 5.0 or higher
• VMware vCM 5.3
Basic steps in Migration: if collector is on 32 bit Hardware/OS
1.Detach database and back up
2.Export all custom content
3.Prepare new hardware/SW in accordance with vCM documentation and install vCM
4.Copy and re-attach database then re-import content using vCM I/E from the 5.4 release
Basic steps in Migration: if collector is on 64 bit Hardware/OS
1.Upgrade OS from W2k3 > W2k8R2
2.Upgrade SQL from SQL2k5 > SQL2k8R2
3.Ensure all other pre-requisites are met then upgrade vCM to 5.4
A new Migration section of the Installation and Getting Started Guide provides more details.
Note: there is also a Migration Helper tool ( on the tools download) to help migrate User accounts and Scheduled jobs
33. 33
vCM 5.4: Migrating from prior versions, common questions
Do Agents need to be upgraded? See below
• Older agents are supported
Official support policy is only 2 agent versions back ( 5.3 and 5.2 agents)
• New (5.4) agents are required for:
vCM Collector to support OS Provisioning ( installed by default)
New WCI/PowerShell based vCenter inspections
• VMware vCM 5.4 agents also contain fixes so upgrade is recommended
Does OS Provisioning require additional /new licenses : NO
OSP licensing is EULA based
Does the vSphere Client Plug-in need to be upgraded: See below
ONLY if the vCM URL has changed (for example as a result of new host name for the
migrated server) - IF so then the ‘new’ plugin just needs to re –registered to the
client
Does 5.4 have it’s own Import/Export version: YES
34. 34
vCenter Data Inspection Changes
• Replaces prior Remote Command based
inspections
• RC inspections were run from the collector
against the vCenter instance(s)
• New method uses WCI like collection filters via
Windows Agent on vCenter Server instance(s):
• Changes reflected in vCM Change Log
• Prerequisites on vCenter Server system
• vCM 5.4 agent using HTTP only
• .Net 3.5.1 or higher
• PowerShell 2.0
• Collection
• New Psuedo ‘Data Type’: “vCenter”
• 3 New Collection Filters (locked)
• Filters -In Default Collection Filter Set
• Filters contain the PowerCLI code
• Delta collections now supported
• Note when system is upgraded old data is now
hidden – new collections are required
35. 35
vCM 5.4: VM hosts/vCenter “Data Types”
5.3 5.4
• Data navigation tree has
changed!
• New “sub data types”:
• Under VM Hosts ( now collected
from ESX/ESXi)
• Users
• Groups
• Under vCenter (uses WCI)
• Host Profiles
• Host Status
• Inventory *
• Data Center
• Folders
• Hosts System
• Resource Pool
• Virtual Machines
*Inventory items are subdivided showing only
the appropriate attributes for each type
36. 36
VM Hosts: Users View
• User configuration per VM Host
• Attributes:
• Machine Name: VM Host name
• Username: vCenter defined user name
• Full Name: Assigned textual user name
• ID: vCenter assigned user ID
• Shell Access: indicates if user is granted shell access to the host
• Group: vCenter Group(s) assigned to user
• Last Updated: The last updated date and time of the collected entry
37. 37
VM Hosts: Groups View
• Group configuration per VM Host
• Attributes:
• Machine Name: VM Host name
• Group: vCenter Group name
• ID: vCenter assigned Group ID
• Username: User name(s) assigned to Group (missing in this build)
• Last Updated: The last updated date and time of the collected entry
38. 38
vCenter: Host Profile View
• Host Profiles as defined in the vCenter instance
• Note this NOT the host profile configuration data
• Attributes:
• Machine Name: vCenter Instance Machine Name
• Name: Host Profile Name
• Reference Host ID: The Host ID of the reference host
• Description: Textual description of the Host Profile
• Last Updated: The last updated date and time of the collected entry
39. 39
vCenter: Host Status View
• Host Status as defined in the vCenter instance
• Attributes:
• Machine Name: vCenter Instance Machine Name
• Name: Host Name
• Overall Status: overall host status as indicated by color: green, yellow or red
• Config Status: host configuration status as indicated by color: green, yellow
or red
• Alarm Actions Enabled: indicates if Alarms are enabled (true) or not (false)
• vCenter:
• Product Name: Indicates the VM Host product type e.g.: ESX /ESXi
• Last Updated: The last updated date and time of the collected entry
40. 40
vCenter: Inventory View
• vCenter Inventory as defined in the vCenter Server instance
• Provides the same view as per vCM 5.3 – this has now been
sub-divided by type to help with data navigation:
• Data Center
• Folders
• Hosts System
• Resource Pool
• Virtual Machines
41. 41
vCenter: Inventory | Datacenter View
• vCenter Inventory filtered by Datacenter
• Attributes:
• Machine Name : vCenter Instance Machine Name
• Type: Filtered Inventory type (in this instance Datacenter)
• Name: Datacenter Name
• ID: vCenter assigned ID
• Last Updated: The last updated date and time of the collected entry
42. 42
vCenter: Inventory | Folder View
• vCenter Inventory filtered by Folder
• Attributes:
• Machine Name : vCenter Instance Machine Name
• Type: Filtered Inventory type (in this instance Folder
• Name: Folder Name
• ID: vCenter assigned ID
• Last Updated: The last updated date and time of the collected entry
43. 43
vCenter: Inventory | Host System View
• vCenter Inventory filtered by Hosts
• Attributes:
• Machine Name: vCenter Instance Machine Name
• Name: ESX/ESXi host name as managed by the vCenter instance
• ID: vCenter assigned ID
• VM Swapfile Policy: indicated if the VM Swapfile is inherited from host or VM
• State: Indicates the state of the Host <> vCenter communications
• Power State: Indicates the state of the Host
• CPUs: # CPUs in the ESX hosts
• Last Updated: The last updated date and time of the collected entry
44. 44
vCenter: Inventory | Resource Pool View
• vCenter Inventory filtered by Resource pool
• Attributes:
• Machine Name: vCenter Instance Machine Name
• Type: Inventory object type
• Name: Assigned Resource Pool name
• Id: vCenter assigned ID
• CPU Shares Level: Indicates the assignment type for CPU shares
• CPU Shares: # CPU Shares
• CPU Reservation MHz: Maximum Reservation for CPU in MHz
• Memory Shares Level: Indicates the assignment type for Memory shares
• Memory Shares: Indicates the assignment type for CPU shares
• Memory Reservation: Maximum Reservation for CPU in Mb
• CPU Expandable Reservation: indicates if VMs can exceed CPU reservation
• CPU Limit MHz: Maximum available CPU Mhz available
• Memory Expandable Reservation: indicates if VMs can exceed memory reservation
• Memory Limit: Maximum Limit to which VMs can exceed reservation in Mb
• Last Updated: The last updated date and time of the collected entry
45. 45
vCenter: Inventory | Virtual Machines View
• vCenter Inventory filtered by VM
• Attributes:
• Machine Name: vCenter Instance Machine Name
• Type: Inventory object type
• Name: Assigned Virtual machine name( Not host name)
• Id: vCenter assigned VM ID
• VM Swapfile Policy: indicated if the VM Swapfile is inherited from host or VM
• Power State: shows if a VM is powered up, off or on a transitional state
• CPUs: # assigned CPUs
• Memory: Memory reservation for VM
• CD Drives: internal (ESX/ESXi) name(s) assigned to CD/DVD drive(s), may be null
• Floppy Drives: internal (ESX/ESXi) name(s) assigned to Floppy drive(s) may be null
• Hard Disks: internal (ESX/ESXi) name(s) assigned to HD drive(s)
Network Adapters: internal (ESX/ESXi) name(s) assigned to network adpter(s)
• Host: Host name for VM
• Host Id: vCenter assigned host ID
• Last Updated: The last updated date and time of the collected entry
46. 46
Enhanced ESX/ESXi Setup for Data Inspection
• Goal: Improve user experience with ESX/ESXi setup
• What is being delivered with 5.4 is:
• DB Discovery ( leverages new vCenter inspection data to discover
Hosts)
• Workflow improvements: New Manage Hosts wizard in vCenter
Inventory view with export to deployment tool
• Deployment tool now shipped with 5.4
47. 47
ESX/ESXi Set Up: DB Discovery
• Utilizes data from vCenter Inventory |
Host System View
• New Discovery Rule option
• Potential for future extension
• Auto license hosts
• Does not ‘install’ agent
• Does not configure agent proxy
• Collector is by default fully
configured to be an agent proxy
• Agent Proxy install same as
before
48. 48
Manage Hosts: Wizard Changes
• Add option for ‘Ignore untrusted
SSL Certificate”
• Aids set up for ESXi where
‘invalid’ certs are deployed by
default
• Removed option for
vCenter/Virtual Center set up for
ESX 2.5
• Can still set up via the VCM DB
if needed
• Exports to XML file to be used
by Deployment tool for final set
up steps
49. 49
Deployment Utility: use of XML file
• Open XML file generated by
Manage Hosts process
• Do not use Import option
• Complete set up using
Deployment Utility
50. 50
CP&C Update : Planned for release by end 2010
• Patching support for:
• Adobe Reader 9.4
• Java JRE 6 Update 22 x86
• Java JRE 6 Update 22 x64
• CIS SQL 2005
• PCI DSS 2.0 (under development)
• Windows 7 Service Pack 1 Toolkit (under development)
New
• VMware vSphere Hardening Toolkit (May 2010 edition)
Enhanced/Updated
Editor's Notes
1
2
3
4
Because Windows Server 2008 is based on the Windows NT 6.0 Service Pack 1 kernel, the RTM release is considered to be Service Pack 1; accordingly, the first service pack is
called Service Pack 2.
On May 26, 2009, Service Pack 2 was ready for release. It is now available in Windows Update.
· Windows 2008 R2 - x64 - Std, Ent, Web, DC, StdCore, EntCore, WebCore, DCCore
· Windows 2008 SP1 - i386 - Std, Ent, DC, StdCore, EntCore, DCCore
· Windows 2008 SP1 - x64 - Std, Ent, DC, StdCore, EntCore, DCCore
· Windows 2008 SP2 - i386 - Std, Ent, DC, StdCore, EntCore, DCCore
· Windows 2008 SP2 - x64 - Std, Ent, DC, StdCore, EntCore, DCCore
· Windows 2003 R2 SP2 - i386 - Std, Ent
· Windows 2003 R2 SP2 - x64 - Std, Ent
· Windows 7 Pro - i386
· Windows 7 Pro - x64
Gsoap – when managed node goes down or comes up. For all OS except Esx/Esxi.
TFTP downloads the bootup kernel (hardware discovery – mini kernel and the installation program) – bootstrap code
http (port 80) for ASM deployments (SLES, ESX/ESXi)
http (11080) for Homebase deployments (Windows, RHEL)
Gsoap is between OSP and message client (either during provisioning to tell OSP that we started provisioning or later on for startup/shutdown)
Mesgd (server, 21310 non secure and 40610 secure) and Fsrepod (server 40607) runs on OSP server
For Homebase deployments they do their own communication and we read of homebase database
For our homegrown version, we use message client to communicate when deployment starts/finishes