On April 23, 2012, our security team became aware of the public posting of a single file from the VMware ESX source code dating back to 2004, and the possibility that more files may be posted in the near future. Ensuring customer security is our top priority. As a matter of best practices with respect to security, VMware strongly encourages all customers to apply the latest product updates and security patches made available for their specific environment. As part of its regular program of providing patches for security and other issues, VMware has accelerated the delivery of a set of software patches for specific product releases that may be exposed to increased risk. We encourage all customers to view the following link to determine if appropriate patches are available for products in their environment: http://kb.vmware.com/kb/2019941.

By applying the combination of the most current product updates and the relevant security patches, we believe our customer environments will be best protected. As is our practice, VMware will continue to assess any further security risks, and will continue to provide updates and patches as appropriate.

As always, we welcome any security-related concerns to be shared with VMware via the following channels:

• Support requests – http://www.vmware.com/support

• Community forums – communities.vmware.com

• Twitter – @VMwarecares

• Calling Customer Service at 1-877-486-9273 (option 4) or https://www.vmware.com/support/us_support.html for global numbers

Frequenty Asked Questions:

1. Are these software patches related to source code associated with the April 23rd incident?
VMware has consistently provided software updates and patches to help customers maintain the most reliable and secure environment. In light of the current circumstances, we have accelerated our most recent security patches and applied them to all affected currently supported products.

2. Is my environment at risk if I do not apply these latest patches?
VMware provides security updates and patches from time to time to mitigate known security issues that may put customer environments at risk. As a matter of best practice, we encourage customers to always apply the latest software updates and patches relevant to their environment. We encourage all customers to view the following link to determine if appropriate patches are available for products in their environment: http://kb.vmware.com/kb/2019941.

3. What does VMware do on a regular basis to secure its information?
VMware has a comprehensive Information Security Program in place. The Information Security Team is focused on effectively safeguarding VMware’s information, intellectual property, infrastructure, and users. The VMware Information Security Team effectively assesses and manages security risks across the enterprise based on the evolving landscape of threats, laws, regulations, and industry practices.

4.What does VMware do to ensure a secure customer virtual environment?

VMware uses a number of techniques during its software development cycle to improve upon the security of its products. These standard techniques include Threat Modeling, Static Code Analysis, Incident Response Planning, and Penetration Testing using both internal and external security expertise. VMware has an established security engineering group that integrates these techniques into the software development cycle, provides security expertise, guidance on the latest security threats and defensive techniques, and training within the development organization. This group is also responsible for driving VMware products through external security accreditations and certifications.

5. How are you keeping customers informed?

VMware will continue to update our public security blog with up-to-date communications and instructions, as well as inform customers through the VMware Product Support Center.

Source: VMware

Last week I was migrating some servers from ESX 3.02 to a vSphere 5 cluster, after importing the the exported VM’s I received this error message:

The device or operation specified at index ’2′ is not supported for the current virtual machine version ‘vmx-04′.  A minimum version of ‘vmx-06′ is required for this operation to succeed.

A general system error occurred: Invalid fault

Solution:

The VMware Converter I used was version 4.3.0 build-292238

After installing VMware Converter 5.0.0 build-470252 I was able to start the import virtual machine in the new vSphere 5 cluster

The import finished successfully

I am very honored and very pleased to be awarded the VMware vExpert Award for the third time! Thanks to VMware for continuing this award. Also congratulations to all new vExperts 2012 and again welcome to earlier vExperts!

vExpert program:

The annual VMware vExpert title is given to individuals who have significantly contributed to the community of VMware users over the past year. The title is awarded to individuals (not employers) for their commitment to sharing their knowledge and passion for VMware technology above and beyond their job requirements

This year, VMware created three different paths to becoming a vExpert, yet as in the years prior, there will remain a single vExpert designation. As always, the common theme for the established and the new vExpert paths will be going above and beyond your day job to help others be successful with VMware solutions.

Evangelist Path – The Evangelist Path includes book authors, bloggers, tool builders, public speakers, and other IT professionals who share their knowledge and passion with others with the leverage of a personal public platform to reach many people. Employees of VMware can also apply via the Evangelist path.

Customer Path – The Customer Path is for internal evangelists and community leaders from VMware customer organizations. They have contributed to success stories, customer references, or public interviews and talks, or were active community contributors, such as VMUG leaders.

VPN (VMware Partner Network) Path – The VPN Path is for employees of our partner companies who lead with passion and by example, who are committed to continuous learning and to making their technical knowledge and expertise available to many. This can take shape of event participation, video, IP generation, as well as public speaking engagements.

More information: VMware
Announcing vExpert 2012 Title Holders: VMware

Today I was importing some virtual machines (delivered by a 3rd party company) to the new vSphere 5 environment of a customer, the import was successful but after a vMotion I received this warning:

Module Migrate power on failed.
vMotion migration [168099940:1334234558581378] failed. The checkpoint data length (16384 bytes) or the offset (16776528 bytes) exceeds the maximum checkpoint data length (16777216 byte).

Solution:

The owner of the template installed the OS with a 1920 x 1080 resolution, after changing the resolution to 1280 x 1024 the GFX memory usage degraded to normal (under 30 MB).

After changing the resolution I was able to migrate the virtual machines,

Read more…

Last week I created a little “how-to” for some system engineers to install/upgrade VMware Tools in their test environment. Here’s the translated (public) version:

- VM Summary: VMware Tools – Running (unsupported)

- Select VM > Guest > VMware Tools Install. The Infrastructure Client will mount VMware Tools ISO inside the VM

- Create a directory, type in: mkdir /mnt/cdrom next you need to mount the CD-Rom drive, type in:

mount /dec/cdrom /mnt/cdrom

Read more…

Few weeks ago I received from my sponsor PHD Virtual licenses to install and review the Backup and Replication v5.4.. after I installed this software in my vSphere 5 test lab I was exited how easy I can backup and restore virtual machines.

After installing the PHDVBA appliance, configured a static ip-address I installed the PHD Virtual Backup Console to start the configuration. The first startup the software discovered (subnet discover) the PHDVBA appliance,

Appliance and Backup Console configuration:

First I connected the software to my vCenter server, created the storage type as backup destination (in my case I used "Attached virtual disk"). If you chose this functionality you only need to add a new .vmdk file to the appliance:

After I added the 50 gb .vmdk file the appliance auto detect the new storage without rebooting.. nice!

Other backup destination options are:

Read more…

Today I was installing VMware vSphere ESXi 4.1 at some brand new BL460 G7’s.. after creating a new array I started the installation, after F11 to “Accept and continue” I received this error message:

vmkctl.hostctlexception: unable to load module /usr/lib/vmware/vmkmod/vmfs3: failure

Solution:

To resolve this issue, download the ESXi 4.1 HP build from HP at https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPVM06.

• This issue has been observed on these servers: 
  • HP BL 685c G7
  • HP BL 680c G7
  • HP BL 495c G5
  • HP BL 465c G7
  • HP BL 460c G7
  • HP BL 490c G7

After I Installed the HP version (always recommended but this customer installed the other hosts with the original installer) the setup completed!

More information from HP:

The Broadcom bnx2x VMware ESX Driver Version 1.54 does not function with HP Virtual Connect Device Control Channel (DCC) and SmartLink features on ProLiant and Integrity server blades configured with the NC532m or the NC532i adapter running firmware version 2.2.6. After installing or upgrading VMware ESX/ESXi 4.1 the following functionality is either not installed or is lost:

1. New installation – DCC and SmartLink functionality is unavailable in an HP Virtual Connect environment with the NC532m or NC532i Network Adapters after installing VMware ESX/ESXi 4.1.
2. Upgrade installation – If the bnx2x Asynchronous Driver Update CD version 1.52 was previously installed on a VMware ESX/ESXi 4.0 host, DCC/SmartLink capabilities will be lost after upgrading to VMware ESX/ESXi 4.1, which will overwrite the bnx2x driver version 1.52 with version 1.54 that is included with the base VMware ESX/ESXi 4.1operating system.
3. Network failover – ProLiant and Integrity server blades hosting VMware ESX/ESXi 4.1 may lose network failover capabilities that use the VMware ESX NIC teaming failover policy (vSwitch setting) "Link Status only."

Read more…

I tried to install Windows 8 at my vSphere 5 patch 1 environment, but after starting the VM I received a warning:

Your computer ran into a problem and needs to restart.

If you’d like to know more, you can search online later for this code: HAL_INITIALIZATION_FAILED

It’s collecting error info and will restart in: 0 seconds

Solution:

Only you have to do is add the new guest OS in you’re .vmx file, re-add the file to your vSphere inventory and start the VM. Guest OS you need to add:

guestOS = "windows8srv-32"
guestOS = "windows8srv-64"

Note: if you’re running vSphere 5 without Update 1 you need to install Patch 02

Read more…

Today I’ve updated my vSphere 5 hosts witch patch 1 released one week ago. Before I started the build number was VMware ESXi 5.0.0 469512:

To update the host I used PowerCLI, the code:

Get-VMHost esx02.vmpros.lan | Set-VMHost -State Maintenance
$DataStore = Get-VMHost esx02.vmpros.lan | Get-Datastore ESX02_VMFS01
Copy-DatastoreItem C:\vmpros\patch1\ $DataStore.DatastoreBrowserPath -Recurse
Get-VMHost esx02.vmpros.lan | Install-VMHostPatch -Hostpath "/vmfs/volumes/ESX02_VMFS01/patch1/metadata.zip"

The script will upload the content of the update-from-esxi5.0-5.0_update01.zip located at your local computer (which running  PowerCLI) to the selected datastore. Then the update installation will start.

Update installation process:

WARNING: The update completed successfully, but the system needs to be rebooted for the changes to be effective.

Read more…