Configuring iSCSI on ESXi using host client GUI

Recently we have implemented a new storage solution by Pure Storage so we were moving from presenting datastore/s via NFS to iSCSI. In the past, it was quite simple to create VMKernel ports for NFS and you just mount the NFS volumes, no need to format disk or create targets, etc. In this post, I will show you the steps using the built in ESXi host client GUI (ESXi 6.0 U2, ESXi 6.5) to create a standard vSwitch, configure the basics of iSCSI and to configure port binding. If you are unsure if you need to use port binding then please refer to this documentation kb2038869. 

First document what you will name the new standard vSwitch and the names of the two physical network cards that you would be used in this vSwitch. You will require two port groups so we will need to have two port group names. We are using port binding so in each port group there will only be one active network card so we will document those and also the IP addresses assigned for each of the physical network cards. Below is how I have documented for reference to use throughout the article.

Note : If you are using ESXi 6.5 please ensure you update your host client to 1.24.0 otherwise you will get errors when you try to add a 2nd physical link

Log in to your ESXi host via your favourite browser https://<host-IP>/ui

Once we have logged in, select “Networking” and then “Physical NICs” tab. In here make sure the network card/s you wish to use for your iSCSI connections are displayed here so my vmnic1 and vmnic2 is displayed

Now select “Virtual Switches” tab and select “Add standard virtual switch”

Give your vSwitch a name, my one is "vSwitch1" as defined in the table above. For “uplink 1” ensure the correct physical network adapter is selected then click on “Add Uplink”

You should see “uplink 2” as a property within the vSwitch properties. Ensure the correct physical network adapter is selected. For MTU size make sure you configure the right size from end to end otherwise you could have problems. For example if you decide to use 9000 make sure all the interface/networking devices all have MTU of 9000 end to end. Once you have made all the changes click “Add”

You should now see the new vSwitch created and can see that there are 2 uplinks

Next steps are to create the VMkernel NICs to be used for our iSCSI so select “VMKernel NICs” tab and click “Add VMKernel NIC”

As we haven't created any port groups yet we can leave "Port group" as “new port group”. Give your port group a name (e.g. "iSCSI-A") and select the vSwitch you have created for iSCSI. Make sure the MTU size is correct. Under “IPv4 Settings” if you are using “DHCP” then you leave that selected but if you have selected “Static” then click the down arrow next to “IPv4 Settings” and enter in the IP address and subnet you wish to assign to this interface. The rest of the settings you can leave as default and click “Create”

You will see that the 1st VMkernel adapter is created. Check that the portgroup and IP address (if assigned static) are correct to your knowledge. Next click “Add VMkernel NIC” to create the 2nd VMkernel adapter

Again as we are creating a new port group you can leave port group as “new port group”. Give your port group a name (e.g. "iSCSI-B") and select the vSwitch you have created for iSCSI which should be the same as the previous step above. Make sure the MTU size is correct. Under “IPv4 Settings” if you are using “DHCP” then you leave that selected but if you have selected “Static” then click the down arrow next to “IPv4 Settings” and enter in the IP address and subnet you wish to assign to this interface. The rest of the settings you can leave as default and click “Create”

You should see the 2nd VMkernel adapted created now. Check that the portgroup and IP address (if assigned static) are correct to your knowledge and also both of them should not be in the same portgroup

Select the “Port Groups” tab and select one of the port groups you created above and select “Edit settings”

Click the down arrow next to “NIC teaming” and change “Override failover order” to “yes”. Under “failover order” select the network card that would NOT be used for this port group based. So for my example I am working on port group "iSCSI-A" and based on the table above "vmnic2" should be unused so I have highlighted this card.  Once the card is selected click “Mark unused”

Now you should see that the network card that you selected has its status changed to “Unused”. Click “Save”

Now select the other port group and click “Edit Settings”

Click down arrow next to “NIC teaming” and change “Override failover order” to “yes”. Under “failover order” select the network card that would NOT be used for this port group. Again with my example I am working on port group "iSCSI-B" and based on the table above "vmnic1" should be unused so I have highlighted this card.  Once the card is selected click “Mark unused”

Now you should see the network card that you selected has its status changed to “Unused”. Click “Save”

Now that we have the networking elements configured. We will look to enable the iSCSI software adapter. Go to “Storage” then “adapters” tab, select “Configure iSCSI” 

On the “Configure iSCSI” screen by default it is selected as "Disable"so we need to enable the service so select “enabled”

Make a note of the iSCSI IQN so that you can add/amend for your storage system. Under “Network Port Bindings” click “Add port binding”

Select one of the vmkernel adapters for your iSCSI connection and click “select”. I have selected "vmk1"

You should now see the vmkernel adapter listed under Network Port Bindings. Click “Add port binding” again to add the second adapter

Select the second vmkernel adapter and click “select”. I have selected "vmk2"

Now that you see both vmkernel adapters listed under “Network Port Bindings” you should select “Save configuration”. This will now go off and enable the software iSCSI adapter and create the port bindings

Still under “adapters” tab click on “rescan” followed by “refresh”. You should see your iSCSI software adapter status change to “online”. Click on “Configure iSCSI”. If the adapter still doesn’t come online then click “rescan” and “refresh” before moving on to the next steps as you need the iSCSI adapter online

Down towards the bottom of the iSCSI configuration page you have two options of discovering your iSCSI array, “Static” or “Dynamic”. Choose the one you normally use. In this article I will be covering using “dynamic”

Under “Dynamic targets” click “Add Dynamic Target”. The words “click to add address” should appear. Click within this space to add the target IP of your iSCSI array. If the port number is different from the default of 3260 then again click in the port space to change

Your iSCSI setting page should be similar to the one I have below which has iSCSI enabled, port binding configured and the target iSCSI array address. Click “Save Configuration”

Under “Storage” select “Devices” tab. You may already see your iSCSI Array device showing there already or you would need to click “rescan” and “refresh” which should display the device. From here onwards you can create your vmfs datastore to be used for your ESXi host/s

Some basic troubleshooting tips :

Connectivity - Make sure you can ping between your host and array by using vmkping to ensure there is no issues with the path

MTU sizing - Make sure they are all the same otherwise you could have issues, using vmkping with "-s" to specific a frame size so that you can check if has no issues with MTU sizing. For example "vmkping -s 8972 192.168.171.100" (The IP address is my array address so replace with your one)

IQN Name - Each time you rebuild a ESXi host the IQN name changes so make sure the correct one is on the array otherwise you will not see any of the LUNS

I hope you find this article useful for creating the basic iSCSI connection to your array from using the built in host GUI. This feature is useful as you don't need to use your C# vSphere client anymore to do the configurations. In my next article I will show you how to use powercli to do all the above work which would configure your host in less than 10 minutes saving you time for host deployment.

Suppress ESXi SSH and Shell Warning

By default whenever I build a new ESXi host I tend to enable both SSH and ESXi Shell so that I can troubleshoot my ESXi server via SSH or shell on the console itself if I need to.

As soon as you enable either one of them you will start to get these messages within the web client or vSphere C# client

The host health also changes to give you a heath warning to tell you that it has detected some issues and it is understandable that is should alert you if SSH or Shell access has been enabled.

The manual way to change this is either to selec the "suppress warning" on the error message to disable the warning or via the web client to set the value. First you select the host then go to "Manage > Settings > Advanced System Settings". From there look for "UserVars.SuppressShellWarning" and change the value from "0" to "1".

But as I have already scripted most of my host build I wanted my script to also change this value so that 1) we don't get this warning any more, 2) If I see a warning message on my host after a new build then I know it is something else that is not right on the host.

I am assuming you have powercli installed and also the script is connecting to a single host

#### Variables ####
$ESXHost = "Your ESXi Host Name or IP Address Here" #Put your ESXi host name or IP address
###################
#Connect to your ESX Host
Connect-viserver $ESXHost
#Get the current setting
Get-VMhost $ESXHost | Get-AdvancedSetting - Name UserVars.SuppressShellWarning 
#Set the value to 1 and suppress confirmation of running this command
Get-VMhost $ESXHost | Get-AdvancedSetting - Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 1 -Confirm:$False
#Show the setting
Get-VMhost $ESXHost | Get-AdvancedSetting - Name UserVars.SuppressShellWarning 

The script is here too https://github.com/myvmx/myvmx/blob/master/VMware/SuppressShellWarning.ps1

VMware Software Manager Tool

There is a little free tool from VMware call VMware Software Manager (VSM) which you can use to help download and manage your VMware products installation media files into one central location. It has a simple interface where you can just browse for the product and version of the software that you would like to download which I think is far simpler than at the website.

There are some pre-requisites before starting this:

• Plenty of disk space if you have a lot of VMware products and need various version of them 
• Using one of the following operating system for where you will be installing this product; 
• Windows 8.1 (Pro or Enterprise edition) 64-bit 
• Windows 7 SP1 (Professional or Enterprise edition) 64-bit 
• Windows Server 2012 R2 (Standard, Enterprise, or Datacenter edition) 64-bit
• Windows Server 2008 R2 SP1 (Standard, Enterprise, or Datacenter edition) 64-bit  

• The following browsers are supported and one of them needs to be installed where software manager is installed;  
• Internet Explorer 10 or 11 
• Firefox 40 or 41 
• Google Chrome 45 or 46 
• I am pretty sure newer versions of the browsers will still work but may not be tested

• The browser used must allow the use of cookies, JavaScript, and DOM storage. The supported browsers allow the use of these features by default 
• Incoming port TCP 8000 bounded to the localhost only where you are running Software Manager 
• Outbound TCP ports to allow Software Manager to communicate to VMware download site to the following addresses and port numbers; 
• depot.vmware.com - port 443 
• download2.vmware.com - port 443 
• download3.vmware.com - port 443

• An “My VMware” registered account which permits you to download products

1) Go to https://my.vmware.com/en/group/vmware/info?slug=datacenter_cloud_infrastructure/vmware_software_manager/1_5 and you will be prompted to login with your registered VMware account.

2) Select which version to download and at the time of writing this was version 1.5 and then click “Download.

3) You will be taken to the next screen to show the available files to be downloaded. Select your preferred way of downloading and you will be greeted with the End User License Agreement which you must tick and accept before download will proceed.

4) On the PC that you are going to install Software Manager create a new directory where you will be downloading VMware products to. My one is “C:\download”.

5) Once downloaded execute the installer on the PC you wish to run Software Manager from. The version I have used in this example is 1.5.0.4322026.

6) Click “Next” at the first installer screen.

7) Tick box “I accept the terms in the License Agreement” and click “Next.

8) If you need to change the install location of Software Manager do so here. For the “Depot Location” change it to the one you want otherwise the default would be “C:\depot”. Click “Next”.

9) Click “Install” to install the product.

10) Once installed by default “Open Download Service web application” is ticked which will run the application once you click “Finish”.

11) Your default web browser will fire open to the url of http://localhost:8000. You have three choices on how you would like to connect to “My VMware”. I used my email address and password that I have registered with “My VMware”. Click connect once you have filled in your details.

12)  It will attempt to connect to VMware site with your credentials to start bringing down the catalogue of software that you can download. You would possibly see this message as below.

If after 5 minutes the screen doesn’t change then try to refresh the page (F5). If you get this screen then we would need to apply the fixes below before moving to step 13.

There seems to be a bug with the software at the moment where some files looks to be removed from the repository but they have not been removed them from the configuration files which causes Software Manager from working. With the help of the community thread https://communities.vmware.com/thread/568541 I have written the steps below in case there are more files that needs to be amended.

a) Shutdown the services for Software Manager. Go to the task bar of Windows and right-select Software Manager Icon which would bring up a menu. Select “Quit”. Make sure you do this step before proceeding on. 

b) Once you have quit the application you will now need to browse to the following location "c:\users\%CurrentLoggedInUser%\appdata\roaming\vmware\software manager\download service\logs". %CurrentLoggedInUser% is the username you are currently loggedin as to rn this application. 

c) You will see a list of log files and the one we are after is “stdout-vapi_server”. If you did not do “step a” then this file will be empty until you stop quit the application. Open the file to find which depot slot you are currently using. Then look for the text “failed to load:” which should highlight which file has failed and make a note of it.

d) The community thread has highlighted which file we should be modifying “dlg_ESXI60U3A.xhtml” so go to “C:\Users\%CurrentLoggedInUser%\AppData\Roaming\VMware\Software Manager\Download Service\Data\”%DepotSlot%\channel\” (%DepotSlot% is the slot directory information from previous step). Use your favourite text editor which I have used Notepad++ to open up “dlg_ESXI60U3A.xhtml".

e) We now need to find and remove the file that has failed to load from “Step c” so we either use the find function or find the name which will be between <li title=”associated-channels”></li> (about 6-8 lines down from the file).  

Once you find the text delete it from that line. If the text happens to be the last one like the one shown then make sure you remove the “,” from the last file name as well then save the file.

f) Below I have listed the files that I had to remove to get it working from “dlg_ESXI60U3A.xhtml” which should help you edit the file all at one go. I have also hosted the "dlg_ESXI60U3A.xhtml file at github which you can download to replace https://github.com/myvmx/myvmx/tree/master/VMware/vsm

• dlg_DT_ESXI60_ADAPTEC_SAS_AACRAID_12152040 
• dlg_DT_ESXI60_EMULEX_BE2ISCSI_112119717 
• dlg_DT_ESX60_EMULEX_LPFC_1123200 
• dlg_DT_ESXI60_HITACHI_HFCNDD_104220152 
• dlg_DT_ESX60_INTEL_NIC_IXGBEN_153 
• dlg_DT_ESXI60_MELLANOX_NMLX5_CORE_415103 
• dlg_DT_ESXI60_PMCS_SMARTPQI_1001060 
• dlg_DT_ESXI60_STRATUS_NIC_FTSYS_I40E_650100 
• dlg_ESXI60U3A_OSS
  

Once you have removed all the entries and saved the file. Start Download Manager from the icon on your desktop and login with your “My VMware” credentials. If after a few minutes you refresh the page and get the same errors shown at step 12 then you will need to repeat the above from “step a”. Hopefully you will get the home screen as shown in step 13 and can proceed.

13) You should now be presented with a view of all the VMware software that is currently available and they will be grouped into sections. On the right hand side of the web page you have addition options such as including drivers, custom ISOs such as hardware vendor custom built from the likes of HPE, Dell.

If you click on the “cards” themselves then you get a brief description about the product.

If you see an “>” it means that you can drill further into the product itself to find what you want to download. We will just do a basic download so we would select “VMware vSphere” and click on “>”.

15) This will drill down to the versions that you can download so we will select VMware vSphere 6.5 and click on “>”.

16) Now you have to decide on which edition you would like to download. From this screen you can see that there is “>” as well as download icon. You will notice the disk space required if you was to click on the download icon at this point. You would be wondering why on earth it would need around 37GB? Click on the card itself and it will tell you what you would be downloading if you clicked on the download icon from this page.

As I don’t want to download everything I will be clicking on “>” to drill further down

17) You can select the sub products that you wish to download. For each of the product you can now see the number of files it will download and the total space required for the download. If you want to see what files will be downloaded then click on the card and it will tell you.  We will select “ESXI65U1” and click on the download button to start the download.

18) You will see that the card icon will change and also a progress bar at the bottom of thw web page. At this point you could close the browser or come back later while it is downloading. If you was to close the browser then you will need to just browse back to http://localhost:8000 to bring the page up.

19) Once the download is completed the card will change to show a folder icon. If you click on the folder icon it will take you to the source files that you have downloaded to the specified directory. Now that you have the files available locally you can use your chosen method to perform your VMware software installation.

Please note VMware Software Manager is not set to auto-start when Windows starts. Unless you want to check if there are any new software updates it is not necessary to start the software as you can browse to the download depot to retrieve the media files that you have downloaded previously.

At the time of writing my account has allowed me to download all the software available which is good for me to testing and a great way to easily build up my software repository of VMware software. It saves the headache of trying to locate the download pages on the website and finding if there are new updates.

References :

Release Notes 

• http://pubs.vmware.com/Release_Notes/en/vsm-download-service/15/software-manager-download-service-15-relnotes.html

User Guide but only version 1.3 I could find

• http://pubs.vmware.com/vmware-software-manager/topic/com.vmware.ICbase/PDF/vmware-software-manager-download-service-13-users-guide.pdf