Nowadays, many VMware vSphere administrators manage their virtual infrastructures with VMware vCenter Server Appliance 6.5 (vCSA). This solution currently is a full-fledged alternative to the VMware vCenter for Windows which becomes a thing of the past.
For ones who use vCSA not that long, this post provides several procedures which simplify solutions’ daily use. Let’s have a look at how they may come in handy.
1. Reducing the consumed RAM
vCSA 6.5 has increased its RAM demands from 8 GB to 10 GB. That’s pretty much for environments where you test, for example, the vCSA features.
vCSA leverages dynamic memory management mechanism which allows allocating or reducing the available memory among the components of the appliance based on its current configuration. In order to check how much server RAM each component consumes, use cloudvm-ram-size.
The nuance is that services scale up and down dynamically with respect to their RAM utilization. Still, 10 GB always remains the lowest RAM consumption limit. You can always learn vCSA memory utilization limits from the /etc/vmware/service-layout.mfx file.
The only way around is to kill some services in the test environment. Note that you do that at your own risk. Still, terminating these services saves you up to 3 GB of RAM (here, we discuss only the small test environment, where these services are not used):
Service | Memory size (MB) | Description |
vmware-rbd-watchdog | 100 | VMware vSphere Auto Deploy Waiter |
vmware-mbcs | 128 | VMware Message Bus Configuration Service |
vcha | 46 | VMware vCenter High Availability |
vmware-netdumper | 20 | VMware vSphere ESXi Dump Collector |
vmware-vsan-health | 100 | VMware VSAN Health Service |
vmware-sps | 478 | VMware vSphere Profile-Driven Storage Service |
vmware-perfcharts | 357 | VMware Performance Charts |
vmware-content-library | 473 | VMware Content Library Service |
vmware-updatemgr | 164 | VMware Update Manager |
vsphere-ui | 853 | VMware vSphere Client (HTML5) |
In order to stop unnecessary services, go to Administration > Deployment > System Configuration > Services. You need to find the necessary (I’d rather say unnecessary) services there and press “Stop“:
Afterward, disable the autostart of this service in the menu: Actions > Edit Startup Type and change the value to Manual.
2. Backing up VMware vCenter Server Appliance database
VMware has the useful video on this subject:
Let’s briefly describe this procedure.
Backup:
- Run vCenter Server Appliance as root
- Download 2091961_linux_backup_restore.zip by following the link at the end of this article and extract it.
- Make the backup_lin.py script executable.
You can do so by running the following command:
sudo chmod 700 /tmp/backup_lin.py
- Execute the backup_lin.py and specify the path to the backup file:
python /tmp/backup_lin.py -f /tmp/backup_VCDB.bak
In order to restore the database from the backup, follow the steps below:
- Access vCenter Server Appliance as root.
- Download the 2091961_linux_backup_restore.zip package by following the link provided at the end of this article.
- Make the restore_lin.py script executable.
You can do so by running the following command:
chmod 700 /tmp/restore_lin.py
- Stop vmware-vpxd and vmware-vdcs services with the following commands:
service vmware-vpxd stop
service vmware-vdcs stop
- Execute the restore_lin.py script and specify the path to the backup file:
python /tmp/restore_lin.py -f /tmp/backup_VCDB.bak
- Run vmware-vpxd and vmware-vdcs services with the following commands:
service vmware-vpxd start
service vmware-vdcs start
There are also several PowerCLI scripts for backing up and restoring the entire vCSA appliance. These scripts allow restoring not only the vCSA database, but also the appliance configuration. You can find these scripts here and here.
3. The VMware vCSA 6.5 U1 services startup order
Here is the primary vCenter Server Appliance (starting from vCSA 6.5 Update 1) services startup order:
- lwsmd (Likewise Service Manager)
- vmafdd (VMware Authentication Framework)
- vmdird (VMware Directory Service)
- vmcad (VMware Certificate Service)
- vmware-sts-idmd (VMware Identity Management Service)
- vmware-stsd (VMware Security Token Service)
- vmdnsd (VMware Domain Name Service)
- vmware-psc-client (VMware Platform Services Controller Client)
- vmon (VMware Service Lifecycle Manager)
You may wonder where are vmware-vpostgres, vpxd, and some other services. Actually, they run with vmon, the new watchdog-service for administrating vCSA in the vSphere 6.5 environment. It grants the unified access to services with their APIs.
To find out in which order vmon launches the services, restart them on the vCSA server with the following vmon-cli commands:
/usr/lib/vmware-vmon/vmon-cli –batchstop ALL
/usr/lib/vmware-vmon/vmon-cli –batchstart ALL
You will see the following startup order:
- eam (VMware ESX Agent Manager)
- cis-license (VMware License Service)
- rhttpproxy (VMware HTTP Reverse Proxy)
- vmonapi
- statsmonitor
- applmgmt
- sca (VMware Service Control Agent)
- vsphere-client
- cm
- vsphere-ui
- vmware-vpostgres (VMware Postgres)
- vpxd-svcs
- vapi-endpoint
- vpxd (VMware vCenter Server)
- sps (VMware vSphere Profile-Driven Storage Service)
- content-library
- vsm
- updatemgr
- pschealth
- vsan-health
vmon-cli allows stopping and starting services by their name:
/usr/lib/vmware-vmon/vmon-cli -r ServiceName
The following command, for example, restarts the vSphere Client:
/usr/lib/vmware-vmon/vmon-cli -r vsphere-client
4. Identify the “trash” files and change the Log Rotation
Execute the following commands to identify logs that cause the /storage/log directory filling:
du -a /var | sort -n -r | head -n 10
du -a /storage/log | sort -n -r | head -n 10
To reduce consumed storage space, you can change the Log Rotation policy. First, open the folder where the logs are stored:
cd /etc/logrotate.d
Back up all settings:
cp dnsmasq ./dnsmasq.old
Next, open these settings:
vi dnsmasq
Change the value “weekly” to “daily” as it is shown below:
/var/log/dnsmasq.log {
daily
missingok
notifempty
delaycompress
sharedscripts
postrotate
[ ! -f /var/run/dnsmasq.pid ] || kill -USR2 cat /var/run/dnsmasq.pid
endscript
create 0640 dnsmasq dnsmasq
Afterwards, the massive old log file can be deleted, using the following commands:
cd /var/log
rm dnsmasq.log
5. How to reset the Single Sign-On vCenter password for VMware vSphere 6.x
VMware has Single Sign-On (SSO) component that is a part of Platform Service Controller (PSC) module. SSO provides the user with an authorization token, using which he connects to vCenter and use the solutions integrated with it.
If you forget your SSO password, you will be unable to manage PSC and vCenter. Also, you cannot provide users with SSO administrator rights, regardless of their current roles.
Fortunately, there is a way to restore the Single Sign-On password. That can be easily done by using the vCenter Server Appliance. First, access vCSA as root (you still remember your login and password for its root account, right?).
Access shell afterward by running the command:
shell.set –enabled true
Press Enter once you enter the shell command. Run VDC administration-tool then. The result is provided below:
Press the <3> button. Next, specify an account (Account UPN), for which the temporary password will be generated. Enter administrator@vsphere.local:
Eventually, you can enter vCenter Single Sign-On with the recently set password: