I had the pleasure of getting invited to have a speaking engagement at the Dallas VMUG UserCon back on August 11th , 2020. I was asked to be a speaker on August 4th and they wanted everything done by the 7th. that gave me only 3 days to put together a presentation and record a video. Needless to say it was rushed a little as I did not have a presentation ready. HA.
https://www.vmug.com/events2/vmug-usercon/2020-dallas-usercon
The presentation I put together was named, " It's the basics that build a better foundation to a better environment". This session we will be getting back to the basics of vSphere and going over some of the best practices and what they mean to your environment and how they can be deter mental to performance of your infrastructure.
-Cluster Configs
Plan for server failure (HA)
An important consideration for cluster design is planning for server failure, or planned maintenance.
- N+1 Design
Ref. https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/vcat/architecting-a-vmware-vsphere-compute-platform.pdf
DRS to balance workloads
-Host General Settings
Disconnect or disable any physical hardware devices that you will not be using. These might include devices such as:
COM ports
LPT ports
USB controllers
Floppy drives
Optical drives (that is, CD or DVD drives)
Network interfaces
Storage controllers
Disabling hardware devices (typically done in BIOS) can free interrupt resources
- DNS and NTP settings…
Scratch Configs
It's recommended by VMware to have a persistent scratch location for VMkernel logs in case that ESXi is installed on USB stick or SD card.
Remember to redirect the scratch partition, if applicable. In a design that employs SD/USB or boot from SAN as the installation destination, the host installer does not allow for the creation of a scratch partition during the initial setup process. ( ramdisk )
- Separate vMotion traffic and management traffic onto separate NIC’s
- Keep hosts Firmware updated
- Update ESX with Vendor ISO’s from Vmware
- Verify Firmware and drivers with Vmware HCL
-Host storage Settings
General ESXi Storage Recommendations.
The number of LUNs in a storage array, and the way virtual machines are distributed across those LUNs, can affect performance:
Provisioning more LUNs, with fewer virtual machines on each one, can enable the ESXi servers to simultaneously present more I/O requests to the array.
On the other hand provisioning too many LUNs, especially when many ESXi servers are connected to a single array, can allow the ESXi hosts to simultaneously send so many I/O requests that they fill the array queue and the array returns QFULL/BUSY errors. This can reduce performance due to the need to retry the rejected I/O requests.
Queue Depth for HBA’s ( VMware KB 1267)
If the performance of your (HBAs) is unsatisfactory, you can adjust your ESXi hosts' maximum queue depth values.
When you lower this value, it throttles the ESXi host's throughput and alleviates SAN
VMware recommends keeping the HBA Vendors uniform across all hosts participating in a cluster.
If you often observe QFULL/BUSY errors, enabling and configuring queue depth throttling might improve storage performance.
https://www.codyhosterman.com/2017/02/understanding-vmware-esxi-queuing-and-the-flasharray/
- iSCSI and NFS Recommendations
For iSCSI and NFS it’s sometimes beneficial to create a VLAN, if the network infrastructure supports it. This minimizes network interference from other packet sources.
Best practice is to have a dedicated LAN for iSCSI traffic and not share the network with other network traffic. It is also best practice not to oversubscribe the dedicated LAN.
VMkernel NICs can be placed into teaming configurations. VMware recommendation is to use port binding rather than NIC teaming. iSCSI can leverage VMkernel multipath capabilities such as failover on SCSI errors and Round Robin path policy for performance.
Aim to configure as few as possible hardware segments between the servers in a cluster. to limit single points of failure, which is best achieved through simplicity. In addition, too many network hops can cause networking packet delays for heartbeat traffic and increase the possible points of failure.
-Host Security Settings
ESXi Host Hardening
To provide an ESXi security baseline, consider the requirements for hardening the hypervisor.
VMware guidance on security hardening and the recommendation level depends on the rating that corresponds to the operational environment in which it is to be applied. Each service provider will need make their own determination as to the applicability of each level.
Lockdown Mode
Enable lockdown mode to increase security of ESXi hosts and to further mitigate the risk of unauthorized access to the ESXi console by limiting it to only the appropriate operational team through vCenter Server
-VM Settings
Remove unused and unnecessary virtual and/or physical hardware from the VM
By disabling devices you are freeing up interrupt resources.
You also will get an increase in performance by disabling devices that consume extra resources due to polling such as USB adapters and PCI devices which reserve blocks of memory for their operation.
Also, when using Windows guests be sure to disable optical drives as Windows constantly polls them which can cause issues especially when multiple guests are doing so simultaneously.
Keep VMware tools updated.
- The Paravirtual SCSI (PVSCSI) controller should be used on guest VMs for high performance.
The Paravirtual SCSI (PVSCSI) controller should be used on guest VMs for high performance. It is important that users choose the correct PVSCSI controller, because choosing the wrong controller can adversely affect performance.
Use multiple SCSI adapters on a VM ( max 4 ) and spread the I/O across those SCSI controllers.
Try not to use Paravirtualized for the OS disks.
If need more I/O than the default PVSCSI Queue Depth refer to this:
Large-scale workloads with intensive I/O patterns might require queue depths significantly greater than Paravirtual SCSI default values (VMware KB 2053145)
- Snapshots ( are not backups !! ☺ )
Delete old backups
The session went well there were a few questions from viewers, so all in all I guess it went OK.. I have not received any negative feedback from VMUG or anything as of this post.
