I’ve had a couple of questions about interesting issues from students in the Deploy Secure Analyse course I’m teaching in Sydney this week. They’re interesting so I’ve decided to post them here as well as discussing them in the class.
The first was about identifying which process was locking a file on a VMFS datastore, this comes up when a VM fails to shutdown properly on an ESX server. The information is in this document posting on the VMTN web site, it’s not a simple process but it is doable.
The second question was about performance of Exchange on ESX servers, my favourite note is about having 16,000 mailboxes on a single ESX host from the VROOM! blog. The same blog also has information about scaling web server loads. The other reference area for Exchange on ESX is on VMWare’s main site
For those who are interested there is a white paper on SQL performance on ESX that is good reading.
The other good web site I mentioned and regularly follow is XtraVirt, I especially like the look of their two node clustered iSCSI target using local storage on the ESX server. The question in the class was about setting difficult to set advanced config settings on ES servers from the service console, the latest tool in ESX 3.5 is mentioned in this blog post.
The final question that came up on day one was about Jumbo Frames support with iSCSI on ESX 3.5 update 1, as far as I could see in the release notes it’s not there, nor is 10GBE for IP storage.
A further question has come up, that of VLAN security. As you may know I’m a big fan of VLANs so I went looking for some information about VLAN security. The summary seems to be that the default configuration is not secure and you need to follow some instructions like those in this Cisco white paper.
© 2008 – 2009, Alastair. All rights reserved.