[Citrix] XenServer 7.0 released

May 27th, 2016 No comments

XenServer 7 was released in May of 2016.  It was available in pre-release form under the project name of Dundee.  All new XenServer installations should be made using XenServer 7.

Microsoft Technology integration

Citrix has a long history of integrating with, and supporting Microsoft operating systems and infrastructure products, and XenServer 7 is no exception.

  • Automated Microsoft Windows VM driver management
    Do you administer a larger XenServer environment? We currently support up to 1000 VMs per host, and have customers running thousands of hosts, so when time comes to updating the Windows VMs’ XenTools, it can be quite a challenge. Even with smaller infrastructures, the process of updating many Windows VMs can be a headache, something we’ve heard loud and clear from our customers. Our solution? Automation.
    In XenServer 7, it is now possible to let Microsoft Update Services automatically install and/or update the Windows VM I/O drivers contained within those VMs, moving this once cumbersome process into the standard organizational framework for how their Windows machines are updated.
  • Microsoft Server Message Block (SMB) support
    Adding to the wide variety of host storage connectivity, XenServer 7 now includes SMB to enable IT admins to use Windows storage devices running SMB for their XenServer VM’s disks.
  • Docker containers in Windows Server 2016
    In May 2015, XenServer introduced Docker container management for Linux VMs, opening up visibility and management to IT admins, of the containers being used within their XenServer infrastructures. This year for XenServer 7, we are really excited to be supporting Docker containers on Microsoft Windows Server 2016 OS, rounding off our of Docker support across both Linux and Windows, the first and only commercial hypervisor to do so.
  • A new Microsoft System Center Operations Manager (SCOM) management pack is now integrated and licensed in XenServer 7. For customers wanting greater Microsoft SCOM management visibility, this ties in well across the Citrix stack.
  • The Microsoft Active Directory integration within XenServer has been improved, changing the underlying connectivity components, which increases the scalability to support large AD forests, whilst also increasing performance.
  • XenServer 7 includes templates for Microsoft Windows 10 and preview of Windows Server 2016.

Revolutionary Security

Infrastructure security is always a challenge, and whether it’s protection from viruses, malware or hackers, there are a variety of tools and methods used by security vendors to help businesses protect their IT infrastructures from the variety of tools and methods used by the people with malicious intent. A big challenge is how malware and hackers get around, disable, or hide themselves from existing security solutions.

If someone can leverage a software vulnerability to gain access to a system, they tend to work their way up the security chain, seeking to get the highest level of system privileges from where they can disable security software and do the most damage or gain access to the most sensitive data.

XenServer 7 is different.

Working closely with Bitdefender, Citrix is proud to announce XenServer Direct Inspect APIs, which allow integration from third party security software companies to leverage hypervisor memory introspection (HVMI). This uses a privileged security appliance (SVA), one per-host to inspect the memory of VMs running on the host. As introspection is happening from outside the guest VM, there are no agents required within the VMs, and as such, nothing for a virus, piece of malware or hacker to disable within the VM. Should anyone also hack into a VM OS, they would also only be able to see within the boundaries of that VM container, and be completely unaware that a host-based SVA could be monitoring and blocking their activity; we call this “better than physical” protection.


Security products based on virus or malware signatures protect you from known risks, however what about day-zero attacks? How do you protect yourself against something for which there is no known signature? Bitdefender’s integration goes beyond the standard signature checking, by examining the techniques used by viruses or malware rather than their signatures, enabling protection of systems against day-zero attacks.

This solution isn’t targeted at replacing all disk based scanning protection, as the Direct Inspect APIs feature is a memory based solution, yet it extends protection through either a kernel-mode or user-mode (for specific applications), providing protection against a variety of security threats, including existing security products from being disabled. As such it complements existing disk based protection solutions. Find out more from Bitdefender on this blog and data sheet.

Some papers:

More information: Citrix

VMware: RVTools 3.8 is released

March 29th, 2016 1 comment

One of my favorite (freeware) tools for getting information about an vSphere environment is RVTools, is now released in version 3.8.

Version 3.8 (March, 2016)

  • VI SDK reference changed from 5.5 to 6.0
  • on vInfo tab page new field: ChangeVersion unique identifier for a given version of the configuration
  • on vInfo tab page new field: HA VM Monitoring status
  • on vInfo tab page new fields: Number of supported monitors and Video RAM in KB.
  • on vInfo tab page new field: Config status.
  • VM config issues are visible on the vHealth tab page
  • on vInfo tab page new field: OS according to the VMware Tools
  • on vTools tab page new fields: App state, App heartbeat status and Kernel crash state
  • on vTools tab page new fields: Operations availability, State change support and Interactive Guest Operations availability
  • on vHost tab page new field: NTPD running state.
  • NTP issues are visible on the vHealth tab page
  • on vHost tab page new field: Config status.
  • Host config issues are visible on the vHealth tab page
  • on vCluster tab page new field: Config status.
  • Cluster config issues are visible on the vHealth tab page
  • on vDatastore tab page new field: Config status.
  • Datastore config issues are visible on the vHealth tab page
  • on vSC+VMK tab page new fields: IP 6 Address and IP 6 Gateway
  • all VM related tab pages now have a VM Object ID and VM UUID columns
  • all VM related tab pages now have powerstate and template columns
  • all tab pages. Now have a vCenter UUID column (= unique identifier for a vCenter Server)
  • all VM related tab pages. The Custom Attributes columns are now ordered alphabetically
  • all tab pages. A select is now a full row select so it is easier to follow the information across many columns
  • bug fix: Refresh data issue on vRP and vCluster tab pages solved
  • bug fix: Filter issue on vCluster tab page solved
  • bug fix: On vInfo tab page the HA information was not filled with cluster default values
  • bug fix: Content Libraries vmdk files are no longer reported as possible zombie files
  • bug fix: msi installer sometimes installs RVTools in root of c:\ drive. This is solved now.


More information: Robware

Categories: Software, VMware Tags: , ,

VMware: VMware vSphere 6.0 Update 2 released

March 25th, 2016 1 comment

VMware has just released vSphere 6.0 Update 2. Together with the Updates, the following product updates were released today:


vSphere 6.0 Update 2 Features

  • High Ethernet Link Speed: ESXi 6.0 Update 2 supports 25 G and 50 G ethernet link speeds.
  • VMware Host Client: The VMware Host Client is a HTML5 client that is used to connect to and manage single ESXi hosts without a vCenter Server. The Host client made it from a Fling to a supported Product. Very nice!
  • vSphere APIs for I/O Filtering (VAIO): Enhancements made to VAIO includes supports for IPv6 and VMIOF versions 1.0 and 1.1.
  • Two-factor authentication for vSphere Web Client: Better Security with RSA SecurID and Smart card authentication.
  • Windows 10 Support for the vSphere Web Client

VMware vCenter Server 6.0 Update 2 Release Notes
VMware ESXi 6.0 Update 2 Release Notes

Supported Hardware for vSphere 6.0 Update 2 (VMware HCL)

Good news from the VMware HCL. Support has not been dropped for any server. All servers that are supported for vSphere 6.0 Update 1 are also supported in vSphere 6.0 Update2.

VMware vRealize Log Insight for vCenter Server

VMware recently announced that all users with a vCenter Server License are entitled to use their vCenter Server License to get a 25-OSI pack for vRealize Log Insight, at no charge. The package is now available. A license key is provided at the Log Insight for vCenter download page. The packet is not limited to vCenter 6.0u2. Every existing and new vCenter Server customer is entitled.

Virtual SAN 6.2
VMware vSphere 6.0 Update 2 contains new features for Virtual SAN including:

  • Deduplication
  • Compression
  • Failure Tolerance methods RAID-5/6
  • Sparse Swap Files for lower disk consumption
  • Quality of Service (IOPS limit for objects)
  • Integrated Performance Metrics (VSAN Observer similar insights for the Web Client)

VMware vCloud Director 8.0.1 released
Together with vSphere 6.0 Update 2, VMware vCloud Director 8.0.1 has been released. vCloud Director orchestrates the provisioning of hybrid/public cloud services as complete virtual data centers that provide virtualized compute, networking, storage, and security capabilities.

  • Upload and download of OVF and Media supported in Chrome
  • Increased vSphere support: vSphere versions 6.0U2, 6.0U1, and 5.5U3
  • Increased NSX support: NSX versions 6.2.2, 6.2.1, 6.1.6, and 6.1.5
  • Increased vCloud Networking and Security support: vCNS versions and
  • Guest customization for Windows 10
  • Increased platform OS support including:
  • Cent OS 7.0 (64 bit)
  • Cent OS 6.7 (64 bit)
  • Cent OS 6.6 (64 bit)
  • Red Hat Enterprise Linux 7.0 (64 bit)
  • Red Hat Enterprise Linux 6.7 (64 bit)
  • Red Hat Enterprise Linux 6.6 (64-bit)


Source: Virten.net

Categories: VMware Tags: , , ,

[Sponsored] ArCycle vmBackup for your DR scenarios

February 25th, 2016 1 comment

For those of you who looking for a modern solution to organize DR scenario for VMware and/or Hyper-V driven virtualized environments ArCycle want to inform you about availability of the version 3.5.5 of ArCycle vmBackup. You can now use flash drives as backup destination. Try the end user solution or unique DR Platform and you will be impressed with the results.

Hyper-V backup: http://www.arcycle.com/arcycle_vmbackup_hyperv

VMware backup: http://www.arcycle.com/arcycle_vmbackup_vmware

ArCycle DR Platform: http://www.arcycle.com/arcycle_platform

If you have any questions please contact ArCycle at: http://www.arcycle.com/contact_us

Categories: VMware Tags: , ,

VMware: Disable HotPlug capability for virtual machines with PowerCLI

January 16th, 2016 2 comments

Last week I had to change VMX files for 500 XenDesktop machines because the users where able to eject removable devices

To mass disable HotPlug capability by editing the .vmx file via PowerCLI I used the following script:

$key = "devices.hotplug"
$value = "false"
get-cluster "CL02.XD" | get-VM -Name 000-CXD* | foreach {
  $vm = Get-View $_.Id
  $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
  $vmConfigSpec.extraconfig += New-Object VMware.Vim.optionvalue

Optional (manual) options:

You can disable HotPlug capability using the vSphere Client or by editing the .vmx file.
Note: You can disable HotPlug capability for PCI devices such as e1000 or vmxnet3 NICs.
To disable HotPlug capability using the vSphere Client:

  1. Connect to the ESXi/ESX host or vCenter Server using the vSphere Client.
  2. Power off the virtual machine.
  3. Right-click the virtual machine and click Edit Settings.
  4. Click the Options tab.
  5. Click General > Configuration Parameters > Add Row.
  6. Insert a new row with the name devices.hotplug and a value of false.
  7. Power on the virtual machine.

To disable HotPlug capability using the vSphere Web Client:

  1. From a web browser, connect to the vSphere Web Client.
  2. Log in with Administrator credentials.
  3. Navigate to the virtual machine you want to modify.
  4. Right-click the virtual machine and select Edit Settings.
  5. Click the VM Options tab.
  6. Click Advanced > Edit Configuration > Add Row.
  7. Insert a new row with the name devices.hotplug and a value of false.
  8. Power on the virtual machine.

To disable HotPlug capability by editing the .vmx file:

  1. Power off the virtual machine.
  2. Access the ESXi/ESX service console using an SSH client.
  3. Open the virtual machine configuration file (.vmx) in a text editor. The default location is:
  4. Add the line:
    devices.hotplug = "false"
    Note: This setting does not interfere with HotPlug CPU/memory.
  5. Save and close the file.
  6. Power on the virtual machine.
    More information:


VMware: Updating vCenter Server Appliance 6.0 to Update 1

December 18th, 2015 3 comments

Current build VMware vCenter Server 6.0.0 2776510, vSphere client 6.0.0 2741530


Note: Supported upgrade paths to VCSA 6.0 U1 include from 5.1 U3 & 5.5.

While on the topic of upgrades, going from VCSA 6.0 to 6.0 U1 is quite simple. First, you’ll need a patch ISO, which can be found on here. You ‘ll notice there are two patch ISOs, FP and TP.

Download VCSA patch from here.


is a full product patch for VC & PSC appliances only.

TP is third party patch spanning multiple products, such as VCSA, vCenter Windows, VUM, PSC appliance and windows.


To update/patch your vCenter 6.0 Appliance, please follow the below steps:

  1. Connect directly to vSphere host which running vCenter Appliance
  2. Take a snapshot of VCSA
  3. Connect downloaded ISO file to the VCSA VM
  4. Log in to the VCSA via SSH
  5. Run the following command
    To mount ISO and accept EULA:

software-packages stage –iso –acceptEulas



To stage ISO:

software-packages install –iso



To see  the staged content:

software-packages list –staged



To  install the staged rpms:

software-packages install –staged



shutdown reboot –r patching





New buildnumber: VMware vCenter Server 6.0.0 3018523


More information: VMware

VMware: Toggling the vCenter Server Appliance 6.x default shell

December 18th, 2015 No comments

This article provides vSphere Administrators steps to toggle between default shells available on the vCentrer Server Appliance (vCSA). 

Currently, the vCSA is bundled with these supported shells:

  • Appliance Shell
  • BASH Shell
    Today I tried to upgrade vCenter Appliance 6.0.0 to Update 1, after runnning command “software-packages stage –iso –acceptEulas” I receiver message:

    -bash: software-packages: command not found



Switching the vCenter Server Appliance 6.x to Appliance Shell


  1. Log in to the vCenter Server Appliance via SSH.
  2. Run this command to change from using the BASH Shell to the Appliance Shell:

    chsh -s /bin/appliancesh root

  3. Log out from the BASH Shell and re-log in for this to take affect.




After restart the SSH sessoin I was able to run commands in bash shell



More information: VMware

VMware: Perf Charts service experienced an internal error

December 16th, 2015 No comments

A few weeks ago a customer asked me to take a look at the following warning message in VMware vCenter when the Performance Tab in the vSphere client is being opened.


Perf Charts service experienced an internal error.

Message: Report application initialization is not completed successfully. Retry in 60 seconds


Troubleshooting time

Global checks:

  • The Windows Event logs are clean
  • VMware vSphere (web-) services are started with normal credentials
  • I was able to restart service accounts with domain based credentials (no locking)
  • Windows Firewall was enabled but no drops in the logging
  • No recent installed Windows Updates
  • No unplanned restarts or crashes
  • The installed certificate was not expired
  • The installed certificate was 2048 bit
  • No conflicting webserver ports at the vCenter server
    ..some more troubleshooting

I checked the wrapper.log and stas.log files located at the following location:

Path: C:\ProgramData\VMware\VMware VirtualCenter\Logs\






































Hmm, he logging shows that there are problems with the installed vCenter SSL certificate:

Error constructing private key..

..Error decrypting password

After some troubleshooting I saw that every time I open the Performance tab a new webserver SSL private key decrypting error was written in the stats.log.

I already had checked the expire date of the installed SSL certificate, it was a normal 2048 bit wildcard certificate.. oh, eh, wildcard..?? Let’s see if it is supported:

“The use of wildcard certificates are not supported with vCenter Server and its related services. Each service must have its own unique certificate”

Nope, it is not! Maybe this is the root cause.

After checking the SSL requirements at the VMware KB  I found the SSL format which is needed to generate the certificate: OpenSSL Version 0.9.8 must be used. If you do not use this version, the SSL implementation fails. <– I couldn’t check this because there was no documentation of the SSL generation



The customer used a wildcard SSL certificate which is not supported

More information: VMware

VMware: NLVMUG UserCon 2016

November 26th, 2015 No comments

Blokkeer je agenda alvast voor  17 maart 2016 – dan is het tijd voor de NLVMUG UserCon. De NLVMUG UserCon is het grote jaarlijke usergroup evenement van de Nederlandse VMUG.

Kom op 17 maart naar conferentiecentrum 1931 in Den Bosch en krijg antwoord op je vragen én leer van tips en adviezen van experts, mede vmugers, VMware en de aanwezige sponsors. We gaan wederom voor een gevarieerd programma met voor ieder wat wils!

Wil je er bij zijn? Inschrijven kan nu al! Ga naar www.nlvmug.com. Wij maken in januari de opening keynote en eerste sprekers bekend.

Wij zien er naar uit u op donderdag 17 maart 2016 te ontvangen.




17 Maart 2016

8:00 – 17:00

Conferentiecentrum 1931
Oude Engelenseweg 1
5222 AA ’s-Hertogenbosch

Categories: VMware Tags: , , , ,