It was nice to see my blog posts about “Your Organization’s Desktop Virtualization Project – Part 1 and 2” for the first making to the Top 5 Planet V12n blog posts week 45. It was energizing and gave me confidence that I am heading in the right direction with this blog.
This article (vSphere Host Profiles Deep Dive) I posted back in September however at that time the blog was not being listed by Planet V12n and of course the number of hits was not that great. I have revamped the article and added some some additional comments.
Few different new vSphere features have been exhaustively discussed since it was launched back in May’09. I have seen a number of discussions, papers and even blog competitions about Fault Tolerance, Storage Thin Provisioning and vDistributed Switches however not much has been said about Host Profiles.
Host Profiles greatly simplify host configuration management in scale-out deployments through user-defined configuration policies. You can use profile policies to eliminate per-host manual host configuration and efficiently maintain configuration consistency and correctness across the entire datacenter.
A Host Profile policies have the ability to capture the blueprint of a known, validated “golden” configuration and use this to configure networking, storage settings, security settings, and so on for multiple hosts. Host profile policies also monitor compliance to standard host configuration settings across the datacenter.
Using Host Profiles
Profile configurations can be managed via GUI (viClient), vSphere APIs or PowerCLI. Some software and hardware vendors already started to integrate their products with Host Profiles to enhance functionalities such as periodic scans to uncover inconsistencies and provide reporting for Change Management (ITIL) compliance.
Some material have already been published. I’m listing some good links and references.
VMware vSphere 4 – Host Profiles Feature from Xtravirt (Paul Davey)
Host Profiles Official VMware Demo
vSphere Host Profiles by Jason Nash (video)
Managing host profiles with vSpherePowerCLI! by Yavor Boychev (video)
Backup/Restore a Host Profile by Craig from the Malaysia VMware Community
Using Host Profiles for Disaster Recovery bye Eric Sloof
To be able to use Host Profiles your vSphere environment must be licensed with Enterprise Plus package that also allows you to use vNetwork Distributed Switch, and Third Party Multipathing.
It is clear to me based on this post from Eric Siebert that Host Profiles is not one of the hottest features on VMware’s plate however it seems like administrators are considering upgrading their licenses to Enterprise Plus. I believe Host Profiles will be focus of attention when all the hype about other features is over.
This post from Maish Saidel-Keesing explains licensing and pricing in detail.
Host Profiles will not work work properly in a cluster containing ESX and ESXi hosts due to core differences, such as Service Console and Port Networks. The recommendation is that you create different clusters for each type of hosts and maintain a separate host profiles. This drawback by itself could represent a big challenge in Host Profiles adoption however VMware has already stated that only ESXi will be supported and gain new features in the future. I always good to remember that Fault Tolerance also will only work in clusters with similar hypervisors.
– Only a single profile can be applied per cluster
– Logging on the host is to the file “pyVmomiserver.log”
– Host must be in maintenance mode before a profile can be applied.
Things not covered by Host Profiles are:
– vDS policy configuration (you can do non-policy vDS)
Some information provided by Forbes Guthrie post.
My Personal Experience using Host Profiles
(Could Host Profiles be more intelligent?) I came across an interesting situation that I rather prefer to think it is a bug to be fixed than a natural behaviour. In my production environment I created a Host Profile based on a ESX host (A) and the only difference to ESX host (B) was the NIC Teaming order.
When I applied the profile onto ESX host (B) vCenter informed that the only vSwitch and all port groups in use would be deleted and recreated, including the Service Console and vKernel.
I initially thought it is not possible so I manually changed the NIC Teaming order on ESX host (B) and when I requested to Check Compliance on host ESX (B) it was compliant.
In Summary a simple NIC teaming order change will cause Host Profiles to delete ESX vSwitch and all port groups efore creating it again with the correct configuration.
Few other administrators have been trough the same issue and the simply additional NIC to a vswitch would result in deleting vswitch in recreating vswitch0. However this ends with a communication error between vCenter and the ESX host because the management network is not available anymore (due to deleting vswitch0).
1. I have found in many circumstances that the use of Host Profiles will co-exist with unattended installations (scripted) helping administrators to achieve consistency over and further than datacenter boundaries with minimal effort.
2. The initial install of a vSphere hosts can also benefit of host profiles since by default the systems is installed with a full 60-day trial license. Use this grace period to apply your profiles to the new hosts in your cluster.
3. Not really related to Host Profiles but would be nice to see vApps integrated with the host configuration and deciding if that specific configuration or Host Profile applied to the host is adequate for grouped VMs to run on it.
3. Host Profiles is a powerful tool to maintain consistency amongst a large number of ESX hosts and will certainly benefit organizations who can afford the salty price of the Enterprise Plus package.
4. Maybe one day we will be able to use Host profiles integrated with other management tools such as Cisco 6100’s from UCS or Ionix from EMC and vBlock. I don’t think we are close to this day however everything tells me that VCE is heading into this direction.
Other useful resources
Meet the Engineer Series: VMware Host Profiles
You will also find the original post as a document at http://communities.vmware.com/docs/DOC-10850
Any additional comments?