Notes for FT Part-02

v:* {behavior:url(#default#VML);}
o:* {behavior:url(#default#VML);}
w:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}

For Notes for FT Part-01 click here

What happens when primary VM is powered ON?

·         The entire state of the Primary VM is copied and the Secondary VM is created, placed on a separate compatible host, and powered on if it passes admission control.

·         The Fault Tolerance Status displayed on the virtual machine’s Summary tab in the vSphere Client is Protected.

 

What happens when primary VM is powered OFF?

The Secondary VM is immediately created and registered to a host in the cluster (it might be re-registered to a more appropriate host when it is powered on.)

 

·         The Secondary VM is not powered on until after the Primary VM is powered on.

·         The Fault Tolerance Status displayed on the virtual machine’s Summary tab in the vSphere Client is Not Protected, VM not Running.

 

What happens to memory size when FT is enabled on VM?

When Fault Tolerance is turned on, vCenter Server removes the virtual machine’s memory limit and sets the memory reservation to the memory size of the virtual machine. While Fault Tolerance remains turned on, you cannot change the memory reservation, size, limit, or shares. When Fault Tolerance is turned off, any parameters that were changed are not reverted to their original values.

 

Is it possible to turn on FT on multiple VM in a single click?

No. If you select more than one virtual machine, the Fault Tolerance menu is disabled. You must turn Fault Tolerance on for one virtual machine at a time.

 

Is it possible to disable FT from secondary VM?

You cannot disable Fault Tolerance from the Secondary VM.

 

When does vCenter disables FT?

vCenter Server disables Fault Tolerance after being unable to power on the Secondary VM

 

 

Where to find how many FT enabled primary and secondary VM’s are present on the host?

You can view this information by accessing the host’s Summary tab in the vSphere Client. The Fault Tolerance section of this screen displays the total number of Primary and Secondary VMs residing on the host and the number of those virtual machines that are powered on. If the host is ESX/ESXi 4.1 or greater, this section also displays the Fault Tolerance version the host is running. Otherwise, it lists the host build number.

 

 

Note For two hosts to be compatible they must have matching FT version numbers or matching host build numbers.

 

What is vLockstep interval?

The time interval (displayed in seconds) needed for the Secondary VM to match the current execution state of the Primary VM. Typically, this interval is less than one-half of one second. No state is lost during a failover, regardless of the vLockstep Interval value.

 

What is the impact of hardware power management feature on FT enabled VMs?

Platform power management features that do not adjust based on workload (for example, power capping and enforced low frequency modes to save power) can cause processor frequencies to vary greatly. If Primary and Secondary VMs operate at different processor frequencies, the Secondary VM might be restarted more frequently. If Secondary VMs are being restarted on a regular basis, disable all power management modes on the hosts running fault tolerant virtual machines or ensure that all hosts are running in the same power management modes.

 

What is impact of network partitioned HA Cluster on FT VMs?

In a partitioned vSphere HA cluster, the Primary VM (or its Secondary VM) could end up in a partition managed by a master host that is not responsible for the virtual machine. When a failover is needed, a Secondary VM is restarted only if the Primary VM was in a partition managed by the master host responsible for it.

 

Recommendations

What is the maximum number of FT enabled VM’s recommended on ESXi host?

You should have no more than four fault tolerant virtual machines (primaries or secondaries) on any single host. The number of fault tolerant virtual machines that you can safely run on each host is based on the sizes and workloads of the ESXi host and virtual machines, all of which can vary.

 

What is the maximum number of virtual disks recommended on FT enabled VMs?

It is the maximum of 16 virtual disks per fault tolerant virtual machine

 

How to ensure redundancy and maximum fault tolerance for FT enabled VMs?

To ensure redundancy and maximum Fault Tolerance protection, you should have a minimum of three hosts in the cluster. In a failover situation, this provides a host that can accommodate the new Secondary VM that is created.

 

Recommendations for FT enabled VMs for placing them in a resource pools?

Ensure that a resource pool containing fault tolerant virtual machines has excess memory above the memory size of the virtual machines. The memory reservation of a fault tolerant virtual machine is set to the virtual machine’s memory size when Fault Tolerance is turned on. Without this excess in the resource pool, there might not be any memory available to use as overhead memory

 

 

vSphere HA Security

On what port does HA agents communicates with each other?

vSphere HA uses TCP and UDP port 8182 for agent-to-agent communication. The firewall ports open and close automatically to ensure they are open only when needed

 

Where vSphere HA places log files?

vSphere HA writes to syslog only by default, so logs are placed where syslog is configured to put them. The log file names for vSphere HA are prepended with fdm, fault domain manager, which is a service of vSphere HA.

 

Where vSphere HA stores the configuration files?

vSphere HA stores configuration information on the local storage or on ramdisk if there is no local datastore. These files are protected using file system permissions and they are accessible only to the root user.

 

 

Explain communication between vSphere Agent and vCenter?

All communication between vCenter Server and the vSphere HA agent is done over SSL. Agent-to-agent communication also uses SSL except for election messages, which occur over UDP. Election messages are verified over SSL so that a rogue agent can prevent only the host on which the agent is running from being elected as a master host. In this case, a configuration issue for the cluster is issued so the user is aware of the problem.

 

Which account is used by vSphere HA?

vSphere HA logs onto the vSphere HA agents using a user account, vpxuser, created by vCenter Server. This account is the same account used by vCenter Server to manage the host. vCenter Server creates a random password for this account and changes the password periodically. The time period is set by the

vCenter Server VirtualCenter.VimPasswordExpirationInDays setting. You can change the setting using the Advanced Settings control in the vSphere Client.

 


For Notes for FT Part-01 click here