#╰・virtualization

ONTAP Tools 9.12 is available now.

The 3.0 storage/clusters api says it needs
ControllerRequestV3 {
host (string, optional),
password (string, optional),
port (integer, optional),
public_certificate (string, optional),
username (string, optional)
}
However, I get the following error (when supplied only host, user and pass):
{
"errorMessage": "public_certificate is required.",
"errorCode": 10005
}
Public certificate seems to be optional when cluster is added in the UI... Being mandatory here would make automating this slightly more complicated. Emphasis being on more, not slightly 😄

@golden plinth , When I tried with swagger, it works fine with just sessionid in headers. Can you please provide more info on which version of ONTAP Tools you are facing issues with? For sample code with Ansible, please refer - https://github.com/NetApp-Automation/ONTAP_Tools_Datastore_Management

Question about Cinder with NFS on openstack, how is the hash formed for /var/lib/cinder/mnt/<hashed_value> from the NFS shares provided to cinder, is there an article that describes this process ? is it a combination of the IP and flexvol name, what if a dynamic DNS name is provided for mount point ?

Anyone running esxi 6.5u3 with ontap 9.12.1?

7.0U3 here with 9.12.1

6.5 specific?

yeah.. ihac w/problems..

I feel like there's another room for this. This isn't my cup of tea but I wonder if the Kubernetes room is better?

That's not very specific. What kind of problems?

I think you’re thinking of OpenSHIFT. OpenStack is virtualization. I just don’t remember who manages those projects these days.

Ah.

All I know is they are kinda similar to Docker in some way or form but a not too much up on it.

Thanks @sinful finch , which room should i use to direct these Openstack + NetApp questions ?

I don't know 😦

#┊・openstack or #1063542514780475493 maybe?

#┊・openstack is archived/locked. Its fine here

Oh ok. I don't know who knows the answer tho.

Any volumes accessed indirectly are dog slow.. from Vmware side, perf stat/analysis on our side says it’s fine..

Get packet traces.

https://kb.netapp.com/onprem/ontap/Performance/Poor_client_performance_but_ONTAP_latency_is_good_-_Resolution_Guide

Cluster update was interrupted by hardware failure.. resuming tomorrow. Mostly looking for a “yes, this configuration generally works” for 6.5U3 + 9.12.1P2 + NFSv3

2009564766 if you’re up for having a second look at what’s been done so far

Just NFSv3, no plugins etc is OK AFAIK. It's not really listed in the IMT.

yeah, that's pretty much my thinking too - we haven't changed NFS in years

No idea Alex. Looks like that case is kinda all over the place a bit.

Incorrect: I see some TCP delays in the ONTAP trace.

I'd get traces from both the ESXi host and ONTAP host at the exact same time.

True facts

When the node hosting the LIFs went to 9.12, everything came good again. Little bit concerning.. should have been supported

But oh well, onwards and upwards

Yes, this one works as it uses /api/rest/2.0/storage/clusters and this is how I had my clusters registered all the time. However in ONTAP tools 9.12 only /api/rest/3.0/storage/clusters is available where things have changed in the body. Swagger says public_certificate is optional field, but then comes with an error that is missing and is mandatory. In fact I use very similar approach to what is in the role above. You should try and register a cluster to 9.12 tools.

This is the error message: {"errorCode": 10005, "errorMessage": "public_certificate is required."}

Ok gang, reaching for straws here, but hoping someone has their ears on!

I powered everything down today to replace my core switches. Cabled everything back up, powered up the first ESXi host, powered on a VM, NOPE. Insufficient permissions. I can vmkping, I can register/unregister, and I can MOVE a VM to a new datastore that I was also able to mount with the same NFS export policy. But no matter what host or what VM, that datastore is not letting me write to it, or power anything on.

Any thoughts?

export rule just r/w 0.0.0.0?

Failed to power on virtual machine DC02. An error occurred while opening configuration file "/vmfs/volumes/a527c25b-9a57c93e/DC02/DC02.vmx": Insufficient permission to access the file.

Was worth a shot.

I bet that the storage isn't even the one denying access here. It's never the storage's fault ;)

At this point, I’ll try anything. I’m half a step away from having to tear it all down and start over. I’ve lost an entire day and night trying to crack this one

if you do a new Datastore?

Could also try and rip everything else out except 0.0.0.0. or create a new one with just 0.0.0.0/0 and change the policy?

packet captures?

New host, no vCenter, standard vSwitches, mounted the datastore, registered VM, same error.

No idea where this is coming from. I am so completely and utterly lost. Tried everything.

It's been boiled down to barebones at this point. It's either something with the vmx config file, or the storage.

Welp, I have no idea wtf was going on, but re-mounting the datastores over NFSv4.1 has allowed the VMs to start booting.

Gonna have to dig deep on this one.

What's the export-policy of the SVM root vol? And on which junction-path is the datastore-volume mounted?

These things sometimes happen when NFS VAAI offloading is not correctly configured.

Also when you're connecting to a datastore via NFSv3 and NFSv4.1 simultaneously.
I remember Veeam suddenly noticing a new datastore and accessing it via NFSv4.1 to scan if any VMs are inside. While all the ESXi hosts used NFSv3. Because of all the NFSv4.1 locks blocking the files ESXi was going crazy... it couldn't figure out why writing to some files was not possible (NFSv3 does not know about NFSv4.1 locks).

Nothing was 4/4.1 enabled prior, No Veeam, but the svm-root vol is interesting. Def wanna peek at that, will report back

Hi. I just searched about ONTAP/HyperV 2022 integration. No much information. I heard SMI-S wouldn't be developed for 2022. What about SMHV? I could not find any CVD/NVA on HV 2022.
Is there anything I missed?

Hey Luc - TMK, we are not planning any future integration w/Hyper-V

SMHV I'm pretty sure is now end-of-life

Give me a few minutes, and i'll get the details and CPQ

sorry for the delay, see CPC-00468

https://mysupport.netapp.com/info/communications/ECMLP2884118.html

More on the topic - when a new VSC 9.12 is deployed and I try to add a cluster manually the thing pops with this error:

Note that the storage system has AD issued certificates. Also note that if I come back a day later or so manual add just works..
Really hope this helps 🙂

Did you happen to "update" the NetApp certificates? are they still valid on the ONTAP side?

Yes, they are and I have them issued by our AD CA..

Many times this is the mtu mismatch. Did you try pinging through with jumbo frames? The mtu mismatch can manifest in different ways. I had a customer recently…they migrated to a vDS and didn’t enable jumbo in the vDS. They saw exactly the same thing.

And are you adding the cluster or the svm to OTV?

The cluster.

This is the error:
"json": {
"errorCode": 10000,
"errorMessage": "An error occurred while adding Storage System. PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
},

Also the OTVs I deployed on Friday now can add the clusters. The ones that were just deployed popped with the error above. Probably all will work tomorrow or something like that.

Aaand for v3.0 API call to register the cluster with OTV public_certificate is a must - either note that in documentation or mak it optional 🙂

One can grab the public certificate of the cluster with "openssl s_client -showcerts -connect ontap.cluster.fqdn:443 </dev/null 2>/dev/null|openssl x509 -outform PEM" - just register that with ansible shell and use its stdout as public_certificate 🙂

@wraith juniper

Can someone help these guys out?
https://community.netapp.com/t5/ONTAP-Discussions/NFS-4-1-multipathing/m-p/446692

I'm trying to think who would be good to help with that.

@wraith juniper

I poked a couple people. I think Chance is going to close the loop on this.

From what I'm told it works but VMware's implementation is still rough but ours is fine as long as you don't expect multi-node trunking.

@fading shard

My understanding is, currently, you can create multiple NFS lifs on a node with same VLAN. Have another set of LIFs on the secondary node with different VLAN.

https://community.netapp.com/t5/Tech-ONTAP-Blogs/The-Top-Five-Reasons-You-Should-Be-Excited-About-NetApp-s-Next-Generation-vVols/ba-p/446808

Noooo, why is it gone? 😭

Closed it too fast but I read something about a version number 10?!

https://tenor.com/view/hype-train-activated-bowser-hype-train-gif-14185403

Since OTV has been linked to ONTAP versioning so far... ONTAP 10 this summer?! Start a Hype train!

@fading shard It's back now 🙂

Woot! Lets goooooo!

You betcha. OTV is turning 10! Actually, the concept of OTV goes back many years, but since it's been completely redesigned from the ground up, we decided to make a clean break from the legacy product's numbering scheme. Especially since it will continue to be supported and patched for quite some time to come.

Meaning, the legacy 9.x generation of OTV will still be around for a while.

“SMVI” “ghettoVCB” #triggerwords

<triggered>

@little hill if we consider the OTV family tree to have started with VIBE, when was that? 2007?

I think SMVI was 2008 and VSC 2009 if my notes are correct.

Yea … ish. I’d have to ask the OG, Matt Robinson, when he first wrote the original script

Wow... VIBE. Was a great starting point for customers that had the ability to manage it. We had sales people pitching it to shops with like 1 or 2 admins and it created some awful experiences.

Anyone remember RCU? 🙂

Sure. Rapid Cloning Utility. But does anyone remember VCB? 😉

Older: Bare Metal Backup: the first version on floppy disk

hm, oldest I remember is Central Point Backup for MS DOS, back in '93 or so? used it with QIC-80 tapes, accessed through the floppy controller. slow as molasses but easier than shipping around hundreds of floppy disks 😄

VCB - VMware Consolidated Backup.

Anyone know when NVMe datastores on VMWare are supported by ONTAP tools for vSphere and SnapCenter plug-in for vSphere? Just upgraded to latest version, and NVMe SVMs/datastores are not even shown in ONTAP tools.... hmm

NVMe/FC is supported already with OTV. You need vSphere 8.0 for that.

With SCV it's not yet supported.

Well just upgraded to OTV 9.13 and it does not see the NVMe over TCP datastore... maybe it's only FC that is supported? (I'm on vSphere 8)

Yes, only NVMe over FC.

So... I upgraded to 9.13.1 in my lab, and decided to let SM enable those anti-ransomware fpolicy rules it keeps nagging me about. They blocked me from making new VMs ><. Turns out .nvram is in the extension blacklist, so maybe don't do that if you keep VMs on an NFS datastore 😉

I wouldn't enable Anti-Ransomware on NFS datastores anyway. Those should only be exported to your ESX servers, and every attacker who gains access to those is probably smart enough to not use any of those well-known extensions 🤷‍♂️

those fpolicy lists try to protect you against automated ransomware tools which encrypt every drive/share they can get their hands on. NFS datastores shouldn't be accessible by clients

NFS datastores for VMware should exclusively be available and exported only to ESXi hosts IP addresses, nothing else.

Would also highly recommend using the NetApp OTV plugin to deploy your datastores via vCenter. It will set all these best practices for you.

sure, I'm just concerned that our UI will guide an unsuspecting customer down an unfortunate path.

@woeful ingot where exactly did the System Manager nag you about these fpolicy rules? I have mine open right now and can't even find where those are configured 😅 (shows that I'm definitely more of a CLI guy 🙈 )

ah, found it, that tile was hidden in the "Insights" tab. Had to (re-)enable it

I mean, the UI asks you to make sure you have verified all the extensions in the list... but tbh, I guess nobody reads through 3000+ extensions in a tiny textbox and finds the nvram extension in there 😄

and it's presented as a "best practice"

yeah, I can see a couple of our customers just hitting "enable" there and then wondering why their VMs won't start anymore 🤔

Same here. Would be great to have some sort of undo button from the Insights actions.

Hi all, I trying to figure out what processes are optimzied when using VaaI with NetApp NFS.
After research I only see a few improvements when deploying a template to the same datastore and cloning a powered-off VM.
Is there some more info available?
Thanks!

See the bottom of this page

https://docs.netapp.com/us-en/nfs-plugin-vmware-vaai/task-install-netapp-nfs-plugin-for-vmware-vaai.html

How about NFS 4.x in VMWare 8, is that fully supported yet? I tried it some versions ago and it had some issues where it went offline if we did failovers on the NetApp Cluster... I think it was VMWare that had the issue... maybe there is a recent Best Practice VMware with NFS paper? Also missing this on NVME over TCP (which works great btw. but not fully supported by other NetApp tools...)

Nvme/TCP is actually block based and works great. You will not see that in any nfs document.

NFSv4.1 was supposed to be supported in 7.0 but I think it took a couple updates to get there.

With that said, everything I’ve heard is that unless you need 4.1, it is generally slower in the way it is implemented between ONTAP and ESXi

Most of the time the convienence of NFS by far overway the performance gains. I still think the way you need volumes for LUNs is an abstraction layer that NetApp should remove as it just makes it harder for the customers to understand what is going on... the classic is that they see available space at four different stages... (aggregate, volume, lun, vmfs) and then of cause there is the ever ongoing issues with unmap 😉 But it looks like they are trying to fix this with the NVME implementation... anyway.. the reason NFS 4 is interesting is of cause the multipathing support.. an annoying issue with NFS3 is that it is "locked" to the IP address is was mapped in ESXi... of you have to move the volume from one controller to the other on the NetApp, you will end up with cross-talk traffic between the controllers...

The additional latency introduced by intracluster traffic is negligible with current platforms.

https://community.netapp.com/t5/Tech-ONTAP-Blogs/Announcing-General-Availability-of-ONTAP-tools-for-VMware-vSphere-10-0/ba-p/447616

awesome..

does ONTAP tools V10 add in the ability to VMware VM snapshots etc.. or do you still need to use SnapCenter Plug-in for VMware vSphere 4.9

Backup & restore is still separated from OTV and I doubt that will get merged again.

anyone done proxmox and ontap? 😄

we have a few customers using it more or less successfully (they mainly do storage via simple NFSv3 mounts AFAIK)

I have a customer using NFSv4.2 with Promox because of DEALLOCATE support

nice!

I'm hoping to get some time over the new year break to build a proxmox lab

What does everyone think about the new licensing for VMware? Does that move more customers to vSAN vs NFS and Block? Does this new licensing model hurt the storage market?

VSAN is a 4-letter word at this point, 10 years in. There's a reason it still has < 10% market share. Situationally, for test beds, it's hella-useful. But if you've already got an enterprise array, you'd be a fool to lean on it for anything other than piddling around.

DISCLAIMER: I'm sure there's a VSAN lover or two out there that adores it, and happy to have that debate.

Oh I know. With part of the new licensing is that they are giving customers free vSAN but anything more than that it’s $210 per TiB. I’m trying to disprove someone that the storage market is going hurt because of this. I disagree with him.

virtual infra architectures are not going to drive the storage industry forward. Next-gen LLMs and AI will.

No Data? No AI.

I don't think it's going to make a huge impact to the storage market. The hypervisor market, on the other hand...

I'm not sure if this is the right category here.... Santa gave me a DS224+, so I finally joined the church of Synology.... I tried to install the ONTAP simulator, but it won't boot ... I see a few "Illegal instruction" and it hangs with "Waiting until daemon ktlsd starts up." wrong CPU (Celeron J4125) in the NAS?

You could try an older version of the Simulator, maybe the newer versions require specific CPU extensions that your Celeron doesn't have

9.11.1 didn't work either, should I go back to even older versions?

Probably.

In ESX you have to upgrade VMDK version as well. That might be a problem. The hypervisor and VM must support the newer CPU versions.

so I should have bought a DS723+ with a Zen1 CPU... looking at the Broadcom deal, I will not start looking into having an ESX host online 24/7 any more, proxmox is good enough

Honestly, I don’t think any of those processors on the NAS devices contain all the elements the cpu needs to run ONTAP sim

Unless the NAS has a full Intel or amd.

my NetApp-SE has a DS1821+ with a 4core-zen1 CPU, toaster-VM works on his machine, but yeah, different CPU type

Does anyone have any advice for me?

I need to virtualize OSx on the M1 chip.

More than two at a time.

I saw GitHub would rather shuck Mac Minis like corn and put them into custom build sleds than deal with virtualization.

That's not a viable solution for me. XD

VMware Fusion an option? They support Apple Silicon in Fusion 13 Pro

Like what are you using as the host machine?

Mac mini with m1.

The VM also needs to be remotely accessible as if it is its own machine to the network just like it would be on ESXi. It's going to talk to remote infrastructure.

I’ve seen posts about this. I had osx running on an Intel windows (workstation pro) for years. I finally switched to an m2 last year. Only thing I can’t do now is run a virtualized version of esxi

did you try the ARM build of ESXi? 😅

(kidding, of course, as that is supposed to run on small SBCs like the Raspberry Pi and the Pine64... but hey, maybe an M2 version is not too far off, who knows)

Actually yes. It 100% is not supported on the M2(yet). The instruction set the m2 uses won’t allow it to boot. M1 will never allow it. Doesn’t have the right stuff for esx virtualization

I am not confident that it will... I have tried so far ESXi, Virtualbox (Apparently it wont work for OSx? I had issues getting it to recognize my input devices) parallels (only runs two at a time, also very slow) and right now my biggest success is with Fusion.

Although I am not certain I can meet my networking goals with Fusion yet.

It needs to lease an IP from DNS, and it needs to be reachable over the network.

I think that should be doable, I just need to bridge it to the hosts NIC. Ive just never done this before, I am used to ESXi.

My coworker wants to take another stab at Mac virtualization with ESXi.

it will all come down to what M series chip is being used. I don't think the M1 has any type of nested virtual support and m2/m3 support ARM 8.4-A nested

We had a disagreement on what chip was in the damn thing (I swore it was M1, my coworker says he explicitly ordered intel) so I am headed in to the office to put eyes on the darn thing. If its M2 I am going to laugh and then pray for Jesus to take me. :V

I'm sure you've already looked at this
https://developer.apple.com/documentation/virtualization/running_macos_in_a_virtual_machine_on_apple_silicon
Details on how to setup virtualization for MacOS on Mac silicon/etc

I did it.

I got ESXi to begin installing.

I had to turn off Secure Boot.

I am completely unfamiliar with macs.

Does anyone know if VMWare prevents you from downloading files?

In what way?

So yesterday while I was beating my head against this task, I downloaded an ESXi ISO for 7.0.X. However as I tried out new stuff I wanted to try a method that required the ESXi offline zip file. However when I went to download it VMWare's website gave me an error stating that I did not have the requisite permissions. Which makes no sense because I had downloaded that file earlier that day.

So does VMWare restrict how many times my account can download their files?

That’s silly, but nothing would surprise me with them lately 😕

I was talking to my team lead about it as I was leaving the office (I am usually last man to leave) and had already wrapped up and had that brain storm as I was leaving, as one does. On Monday I am going to ask them to make a VMWare account and see if it will let them download an offline zip file, and we will specifically choose one to match one of the NVMe Community Apple drivers.

Assuming VMWare wont allow me to download an offline depot myself.

If you have the VMware power cli:

Add-EsxSoftwareDepot -DepotUrl https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
Get-EsxImageProfile| select Name,Version,Vendor | Sort-Object -Property name
$src="use version from output"
$dst="my-use version from output"
New-EsxImageProfile -CloneProfile $src -name $dst -Vendor ForMe

Export-EsxImageProfile -ImageProfile $dst -ExportToBundle -FilePath .$dst.zip
Export-EsxImageProfile -ImageProfile $dst -ExportToIso -FilePath .$dst.iso

That will create both the iso and the zip

Is this downloading from VMWare's website?

Why would this get me the ESXi I need when I cant download from their product download center?

The destination site is vmware.com. This is where vsphere goes for updates. Freely available without a login. Been doing this for years to build custom images for installs.

I download the offline bundle (zip) then add in the Netapp vaai vib and update drivers as needed. Got a whole script to do this.

Ooo nice.

Simple Question: What is the difference between ONTAP tools for VMware vSphere 10.0 and 9.X? Are they used for specific environments? Or is v10 an upgraded version of v9?

OTV v9.X --> OTV with the known 3x features (VSC, VASA-provider, SRA), basically everything written here https://docs.netapp.com/us-en/ontap-tools-vmware-vsphere/concepts/concept_virtual_storage_console_overview.html
OTV v10 --> currently vVol-only, you can deploy 3x of those VMs so you always have a VASA-provider available in case a host dies; currently REST-API only, will get a GUI in the next version; the other two features are also planned to get included in v10
https://community.netapp.com/t5/Tech-ONTAP-Blogs/Announcing-General-Availability-of-ONTAP-tools-for-VMware-vSphere-10-0/ba-p/447616

If you don't use vVols, currently choose OTV v9. This most likely will also get some more updates, like 9.14 or so.
In the future (maybe 6-12 months, mayber more) OTV10 will supersede v9.

I bet the new version will not be 10, I will bet X or AI or something markety (made a word up)

But we already have ontap 10.x ... it is (was) called "ONTAP GX". I still have versions 10.0.3 to 10.0.5 lying around here, just no FAS 3040 anymore to run it on 😄

<@&1131581028138487969> <@&1132034827655336046> <@&1132035203188142211> We know a lot of you depend on VMware and NetApp to run your enterprise environments. With the recent news, shakeups, and licensing changes Broadcom have implemented for the VMware stack, we're seeing lots of customers entertaining alternatives for a variety of reasons; cost and uncertainty being the predominant ones. For what it's worth, we're looking at all of them too, and we're curious which ones have caught your eye and why? We want to insure we provide proper documentation and support for as many as we can. I'm also going to make some content trying each of them out throughout the course of the year. If you would prefer to DM me your response anonymously, please feel free.

**:bar_chart: Are you looking to switch hypervisors? If so, which ones are you evaluating and/or transitioning to? **

https://www.proxmox.com/en/about/media-kit "Proxmox" is the only correct way in how to write the Proxmox name. Neither ProxMox nor proXmoX. 😄

Don't want to be an ass, but I just found it funny cause I read that like yesterday.

At least I got VMware right? And not vmWare or VMWare. 🤣

Thanks for letting me know!

Thats the one where I always have a capitalized W 🙂

If Proxmox starts getting more traction, I'm going to purposely randomize capitalization because tradition

https://tenor.com/view/sabotage-beastie-boys-vandalize-destroy-disrupt-gif-17103274

teh pRoXm0x

prauxmaux

We haven't had much luck, but we also don't have budget atm

I've PoC'd a number of alternatives, including

• oVirt (Redhat Enterprise Virtualization upstream)
• OKD (Redhat OpenShift upstream)
• Apache Cloudstack

They all have issues. oVirt couldn't even get installed, and RHEV is EOL'd. OKD works fine if you just wanted containers, or NAT'd VMs, but the documentation is horrible - they basically copy-paste it from redhat without updating it. For example, 100% of queries, both official documentation and third-party, state to use nmstate in OKD for configuring bridges networks with VMs - and none of them tell you that nmstate requires a redhat subscription so you can't actually use it in OKD

we declined to use Proxmox due to security issue, like all nodes in a proxmox cluster having passwordless root access to other nodes

We are a linux shop, and also don't have much budget - that rules out Hyper-V

If we had to propose something to our customers, likely will be Hyper-V for its Virtual SAN (I prefer it greatly over RDM) and compatibility with Snapmanager :)

Though with Hyper-V and most other hypervisors is compatibility, such as EMC Unity VSA, Netscaler, Check Point Open server appliances etc that ties into VMware - we'd have to come up with something for that

Harvester is currently local hardware only and we vms on 100% external storage, so that rules it out - although a very helpful Project Manager for Harvester informed me that they plan to support 100% vm storage on Netapp Trident around October with 1.4.0, in which case it might be useful for us

I could talk about this for a while - replacing vmware is my current project at work, so I'm knee-deep in it

Some people also recommend verge.io. Might also be worth looking at.

but atm, it's looking like we are opting for basic KVM+Qemu with Cockpit and custom automation for the moment

No clue if it's any good tho.

because the options are very very thin. The majority of solutions are dead, everyone is abandoning hypervisors in favour of containers

and what's more, they are abandoning baremetal

so often I ask these questions and just get the reply "deploy it in the cloud" as if that's always possible

One of the poll options I debated including was "We're out. Refactoring everything to containers" but that opens up a whole other can of worms.

@feral citrus Hai! I think I've seen you around before :)

Yeah. It's not always so simple sadly

not to mention that people forget that 99.999% of container infrastructure requires you to have existing infrastructure in place

What features are you looking for in an alternative, i.e. live migration, HA, REST API? What's the highest priority?

good luck deploying baremetal highly-available kubernetes with no existing infrastructure - DNS, DHCP, NTP, etc.

they have to exist somewhere

meanwhile, none of that is required to deploy a simple VM in KVM

again, you have this chicken and egg problem where everyone develops their products assuming you are deploying it in something like AWS or Azure and can just use their infrastructure

which means you can't use it when it is your infrastructure

I do miss the good ol' days of RHEV.

and it's a waste of resources to just run 1 service per server when all of your servers are multi-unit rack-mount servers with 1TB of RAM and 500+ CPU cores, just to run a single DNS or NTP server

it's the exact reason that virtualization and containerization came to be in the first place

Either way Cisco Hyperflex is moving to Nutanix, fwiw

3 raspberry pi cluster for DNS DHCP and NTP each with failover to the other 🙂

Not sure that's really an answer

me neither

and raises complicated issues too - for example, if it's required that all hardware has a support contract, or SLAs for repair or something, can we get that with raspberry pis? lol

You know I asked this right after the acquisition…

It seems like there just isn't a good answer TBH - as a community, we've completely abandoned VMs and now we are paying for it

the other issue I run into is that so many projects, both mature and fledgling, want to be the diva of your network

they want you to configure your network to play nice with them

which was an issue we had with Apache Cloudstack - we have hundreds of VLANs, but apache cloudstack required that you configure your network just so, in order to play nice with them

which baffles me - why is it so hard to just have a web application that plugs into libvirt to give you details, console access, and live migration, and let you just configure the networking yourself? I've been managing linux for 15 years, I can configure some networking details on virtual machines and manage my own virtual switches

I guess that's why VMware is still the only king in virtualization. They just have a complete package.

Yup

Seen a lot of uptick in Nutanix ever since the acquistion completed and the new sku's came out.

• Doesn't require existing infrastructure to deploy - can be installed as the first server in your environment
• doesn't dictate your network layout, lets you configure it to match your existing network
• Minimum server requirement is 1, and you can deploy HA later

OKD was a pain - the minimum servers to deploy OKD was 8!

• 1 server to provide DNS, DHCP, PXE Booting, Ignition, etc.
• 1 server to act as a bootstrap
• 3 master nodes
• 3 worker nodes
  If you didn't deploy it as HA from the very beginning, you could never make it HA later, you would have to completely reinstall from scratch

That such a big problem? If one of your hypervisors is compromised you already got big problems.

As I hear it, yes. Our InfoSec team is pretty strict. Mentioning it was enough that other people veto'd it for me

I mentioned that I could have a Proxmox cluster deployed and fully functioning for production in a few days since I'm familiar with it, but the option was declined

oVirt is still there..

But it's the same with vSphere/vCenter. That one component has root access to all hosts.

So for your InfoSec team to allow Proxmox you'd need to have an additional VM with hosts the Management UI...

technically. We spent a week or more trying to get it working. Had a thousand issues trying to deploy it

tried different versions, all kinds of things

does it? Or does it have access to an API or a service user that can privilege escalate?
IMO, proxmox would be better if they had an internal service user that could privilege escalate for specific tasks, like vm migration

@little hill I like your username btw. datacenterdude lol

Thanks! Been my alter-ego since 2011!

Nice!

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-2215AADC-D4CD-49DD-AF92-65BED243D851.html seems like vcenter uses the vpxuser to communicate with the hosts and it has the same permissions but cannot manage users

Anyway, I'm hoping to find some gold here, because it's been a tough road. Someone point out a holy grail that I missed please

That’s the proper way. Principle of least privilege. It would need some obviously, but not just “here, have all”

AFAIK, the final rebate structurings and partner discounts/levels are not even out yet. We had some opp'ties where the Broadcom pricing came out actually cheaper than the previous VMware ones. So we won't rush anything with switching to something else.
If it turns out we need another solutions (e.g. for smaller customers or whatever) it will be tricky. Many engineers/architects in our company are voicing concerns about Hyper-V since it still doesn't work properly, has issues and/or bugs, or is generally not ready for "enterprise" usage, so they do not want to have to support that 😂 In that case we will probably look at Proxmox

ten create RFE for Proxmox? 🙂 I think they are going to listen to "users" now even more, as there will be a lot of new one..

The sheer amount of patents and IP that VMware holds is one of the things that is going to hold the industry back, if I'm being honest.

really? My friend just sent me that new "partner" pricing for them is 7 times more expensive then before 😄

OTOH, even though Proxmox is based on KVM, we have been told by NetApp engineers that the Efficiency Guarantee program (which explicitly lists guarantees for "KVM") does not apply to Proxmox. We're currently trying to figure out what's that all about but it seems to be difficult to get an answer

we have seen different numbers and done some calculations based on list prices but 7x seems a bit far off. The invitations for our partner status/kickoff meeting/whatever it's called is still a few days in the future though (and I'm not directly involved) so yeah, maybe something has changed already

again, we have at least one Opp'ty/quote where the actual price is cheaper (something like 32k€ vs. 40k€ so not even insignificant)

That's interesting

Though prox also lacks proper shared storage, you don't get snapshots with iSCSI and FC / NVMeOF is straight up not supported

Proxmox supports NFS though? And it can do qcow-based snapshots IIRC, so basically all of our scripts from 2008 when NetApp didn't have a product to snapshot ESX datastores will still work I guess (i.e. quiesce VM, trigger snapshot, unquiesce VM)

NFS has its limitations, you could do Ceph but again that would require you to re-architect your storage infra entirely which not all of us can do

yeah, but let's face it, every alternative to VMware will have shortcomings and limitations, so if you have to rely on Proxmox then there will be stuff you're not getting anymore (e..g backup software integration, SnapCenter functionality, etc.)

or rather, the money you don't pay to VMware anymore will go towards hiring a person or otherwise paying someone else to fix/re-engineer all these things. If you factor this in, I guess most of our customers will still stick with VMware 🤷‍♂️

At least for us, it's everything surrounding vSphere that's the problem not vSphere itself, Citrix PVS integration is a hard requirement in addition to a plethera of things

But yea, as you've mentioned unfortunately it'll likely have to all be re-architected

yeah, and re-engineering an entire datacenter virtualization environment will probably cost much more than simply accepting the new Broadcom pricings. I mean there are ways to save there, too (i.e. by using larger CPUs with more cores).

We had a similar situation a few years ago when Oracle massively increased their prices. It was claimed that everyone would move away, e.g. to MS SQL, but this didn't happen (at least not on a larger scale). Why? Because even swapping one SQL database with another is not easy. Now imagine swapping a whole virtualization stack + everything surrounding it? Probably won't happen.

The primary reason we can't use Harvester - we have Netapps, but they don't support 100% external storage. ATM, boot volumes for VMs have to be on local storage, and you can only mount extra volumes from Netapp I guess

you could always boot them from FC SAN, as long as you have HBAs in your server (or are using FlexPod 😉 )

there should be no difference to the OS between a "local" disk and an FCP LUN

Think many customers will consider outsourcing vSphere? I.e. "We don't want to deal with this garbage any more, let's move to AVS/VMC/GCVE and let the hyperscaler deal with the relationship"

When I say "garbage" i mean the rollercoaster that is the Broadcom acquisition but also some of the previous issues that have come about, while it definitely dates me, the vRAM tax comes to mind

What are the limitations of nfs on Proxmox?

That would be complicated, you’d need to attach disks to each node then format them all with longhorn or whatever - idk if it would be worth it

I'm about to find out. I'm hearing there's some issues with NFS on host clusters

I'm gonna start loading it onto my gear soon

It does appear they have early NVMe/TCP support just not through the GUI just yet

https://forum.proxmox.com/threads/proxmox-storage-nvme-over-tcp-nvme-of-support.88438/

I’ve just built a proxmox cluster too. Setup is pretty simple - few minor UI issues, but nothing horrible

I stood up a proxmox cluster when the deal closed since it gets mentioned so much. The good? We can use an NFS datastore as swing space to help move VMs off of broadcom. We can provide primary storage over NFS, iSCSI or presumably FC SAN. My issues with it were getting my lab VMs to boot on it. VSIM hangs loading kernel, even if I tell PVE/KVM to use all VMW device types. OTS also fails to boot because its virtio drivers won't recognize the proxmox variants of the virtio devices, and even if I get could past those initial stumbling blocks, there are other oddball PVE constraints I'll hit, like only supporting one virtual scsi controller, and only allowing 15 virtual disks. It would be fine for click ops installing vanilla linux and windows, but virtual appliances are a no go.

So I'm about ready to declare that one a dead end and spin up XCP-NG.

I’m also looking for engineering opportunities where we can contribute back to some of these projects, similar for how we did with OpenStack 10 years ago

I understand proxmox has a storage plugin framework. That might be worth exploring as they pick up VMW expats

Yup. And if I’m being blunt, at this stage, running VSIM and Select are the last things on my priority list. We’ll get around to that when we get to it

For sure. It’s an abnormally large percentage of my lab vm population. But I’m not a typical user of anything 🙂

I love you testing all this stuff. I wanna put LOD to work and have them put all these things through their paces and see what shakes out. Need to go harass Toby. He’ll love hearing from me. 🤣

That will be interesting to me, since my homelab is a homegrown lab on demand.

In case anyone is just now joining the conversation, please head back up and read the announcement and respond to the poll! #╰・virtualization message

As part of my setup / testing I automated build out of a nested proxmox lab in Ansible. 🙂

I swear if you nested it in VMware… 🤣

I did ><

See GitHub.com/madlabber/labbuilder

Lab blueprint is here:
https://github.com/madlabber/LabBuilder/blob/master/inventories/lab_proxmox81.yml

A DC/jumphost, 3 PVE hosts, and a single node OTS

Sorry about the giant preview box 😆

RHV is EOL in favor of OpenShift Virtualization, but oVirt is still the upstream basis of Oracle Virtualization if you want to play with that.

we couldn't even get oVirt installed, it was such a nightmare

Yeah, I haven't played with it since the early 4.2 days, I was just suggesting that if you wanted to test that product, Oracle and their documentation was the way to do it.

oracle is dangerous to get into bed with. Or to even be in the same bedroom with

if it's only for booting there is no reason to "format it with longhorn" or anything. Just boot from it and use NFS for all the actual data

ah, you misunderstand then - you have to boot the VMS

and as I understand, Harvester doesn't let you store the boot volumes of the VMS on external storage

3rd party storage classes (including those based on Trident) can only be used for non-boot volumes of Harvester VMs.
https://harvesterhci.io/kb/install_netapp_trident_csi/

yes but FC LUNs are not storage classes... they are, to the OS, exactly the same as physical disks. Especially if they're VMs (on, say, a hypervisor like ESX) you can put them on any sort of datastore, especially SAN LUNs or NFS

right - but afaik, you can ONLY use VMs with longhorn storage on Harvester, and nothing else

so you would have to format your LUNs with longhorn as local storage, and it's be a bit of a pain to manage them all that way I'd think

but tbf, I've never managed network storage like that

you're still thinking inside k8s... longhorn, storage classes, etc. that all doesn't matter for the OS

an FC LUN looks exactly like a local SATA disk to the OS

it does if we want to deploy VMs through Harvester, and Harvester will only let us deploy on longhorn

a VMDK on an FC datastore even more so

but you cannot boot your nodes from longhorn, can you?

idc about booting the actual hypervisor, that will be on local storage

I care about booting the vms from external storage

you said you need local storage to boot the VMs from

no, I need external storage to boot the VMs from

but you can only use local storage with Harvester

ATM, boot volumes for VMs have to be on local storage

right, that's the limitation of Harvester, not our requirement

an FC LUN is local storage. Your HBA shows it like a direct attached SAS disk. It shows up as /dev/sda in linux.

I'm aware of this

that's the whole point of an FC san 🙂

what I don't know is how scalable it is to carve a bunch of LUNS per node, then format them as part of the Longhorn distributed storage array vs. just being able to say "here's NFS/Trident/Ceph/etc use it"

Well, everyone I talked to seemed to agree that Longhorn storage is slow as molasses

so I would generally advise against it

right, but longhorn is the only thing you can use with Harvester as far as I'm aware

I have not personally tested it yet, so I can't give first-hand experience tho

so you can't present raw disks or nfs, or ceph, or anything else to Harvester to consume as storage for VMs - only the Harvester-managed longhorn storage array

well that would be bad. I mean if they ripped out the CSI interface from k8s then they're technically not even k8s-compliant anymore 🤷‍♂️

ah wait

no sorry

I mixed something up

they do more than k8s right

but still, if the k8s below has a CSI plugin for storage I don't see why the VMs on top couldn't use that

I think longhorn is what they ship with but I'm pretty sure you can attach/use other storage as well. it would be pretty bad if not

well, I know I've seen some github issues asking why they can't use existing k8s plugins like csi-nfstorage or whatever

I mean we have a customer where we're implementing harvester at the moment, I can check with the team that does it but I'm 99,9% sure they are not using Longhorn because they are the ones who have tested it in the past and got very bad performance from it

the issue we have, is there's no good alternatives, particularly if we can't pay for it

I think there are some more free virtualizers if you absolutely need to go the "free-as-in-beer" route (proxmox for example). But I sure hope you're not running enterprise or business-critical environments on a "free" system without some sort of (paid) support in case something goes wrong

Nope, there's a number of reasons we decided not to use proxmox

we PoC'd OKD and oVirt specifically because there was a route for paid support/upgrading to RHEV/OpenShift, but had way too many issues

but OKD is k8s only, not VMs?

or did they add VM workloads now too?

if you only need k8s there's even more free alternatives (rancher, k3s, kubespray, ...)

no, we need VMs, k8s is just incidental

they tecnically added it...

I explained some of the issue earlier, rather than retype it all 😛
#╰・virtualization message

did you look at opennebula?

that's something we have deployed for self-service VMs in a (small) cloud environment

interesting

I think it can also run on kvm

(we're using it on vmware though because that's what we already have)

I can't find a comparison matrix

is their enterprise version only support and hosting, or is it the standard "you are limited to X CPUs, no ldap, no monitoring, etc" bullcrap lots of products pull?

is it really necessary to censor that word?

IMO, it's stupid because I'm liable to choose solutions for work that I'm familiar with in my homelab. And if you don't suppose LDAP/SSO without paying tens of thousands of dollars a year, I'm not touching it

yeah, well, sadly usually "you get what you pay for" is kinda true... if you can't/won't/don'T spend money on something, you basically have to connect all the bits & pieces yourself. It sucks but that's where we are at 🤷‍♂️

and if you can't justify to your superiors that an investment in a properly-supported base technology for basically your entire datacenter is warranted, well, I don't know what to tell you (but I know that I would leave that place... fast... it's a disaster waiting to happen)

Meh, I agree for some things

but SSO should be a basic, not a $50,000/year add-on
https://sso.tax/

in most cases, there are free libraries in the language of choice available, and some projects even actively reject PRs to include them in the FOSS version, just to keep charging money

I see it a bit more nuanced. SSO can actually be bad for security because it allows a compromised AD account (for example) to take over the virtualization or backup environment. Sometimes, separate users (with different passwords) are actually a good thing, as some sort of air-gap

so yeah, SSO might be nice and all, but I wouldn't put it that high on my list of requirements

maybe, but there's a sliding scale of security and convenience, and manually managing many users across hundreds or thousands of systems is at the very far end of it

not to mention that it generates other security holes

do you really need thousands of users accessing your virtualization infrastructure?

say you have 1000 services, and someone leaves the company, and you remove or disable access to 998 of them

but you forget two

now you have a potential problem

that's certainly not my call

that's easily avoided by security audit tools and/or scripting

anyway I need to sign off for today. see you later!

well, I guess you can go hire the intern to manage all the accounts, because it's not a job I'm signing up for - I'd have stayed in helpdesk if i wanted to do nothing but manage user accounts all day long

Later, thanks for chatting!

Usually disasters is how you secure the funding to build a real datacenter.

looks like he is not only one.. https://www.youtube.com/watch?v=peH4ic7g5yc&

https://www.linkedin.com/feed/update/urn:li:ugcPost:7166132283941269504/

For those of you that participated in the poll here, I invite you to contribute on this one as well! (non-NetApp folks, please)

I would but I don't have a LinkedIn account 🙈 (probably the only one in the world without one)

I think I technically did but I don't use it.

Is it normal for there to be this big of a difference between what Ontap shows versus what vCenter shows? Is there any way to get these closer? I've tried refreshing, rescanning, and increasing storage in vCenter with no results.

Very normal... this can be caused by dedupe/compression of the NetApp volume. If the space is skew the other way (netapp larger than datastore) it is typically because of snapshots. And you might want to lookup "storage unmap" which can also skew things up....

Thanks

Yes. Remember that the file systems are owned by different systems with LUNs. In VMware (or any LUN client OS for that matter), VMFS is the file system it sees. ONTAP sees space usage at the volume level/WAFL. Also, space can be reclaimed using SCSI UNMAP/TRIM/Zeroing (kind of same thing), but if you don't have space utilization issues it's unnecessary

If you have NFS it will report correctly since it's straight from ONTAP.

An interesting read: https://www.reddit.com/r/vmware/comments/1b0ww9b/our_journey_to_proxmox_from_vmware/

to quote George Pamboris: "Relax. Take a deep breath. VMware is not going away"

no, it isn't going away, but it will be unobtainable for a lot of people.

https://tenor.com/view/unobtainium-superconductor-float-gif-7277135923322770612

^Current VMware admins playing with their hosts with a renewal on the horizon, remembering the good times.

The biggest issue i see is all the people (brain drain) leaving VMware, i really doubt there is going to be a lot more active development.. Will NetApp release all their snap tools/plugins for other hypervisors ? word on the street is Veeam will support Proxmox very shorty

I don't think so. I mean the product will stay, it's just the various bundles and add-on possibilities that they're axing. vSphere, NSX, Aria, etc. will probably all continue to exist for quite a while. As for the official statement, I don't think NetApp released anything publicly but my quote from George Pamboris (PM for all ONTAP and FAS/AFF hardware) above was made by him in front of 400+ customers at an event this week. They are not in panic mode to try and support other hypervisors. They're of course watching and evaluating the situation but don't engage in knee-jerk reactions (which is a pretty good approach to the situation IMHO)

most medium to large customers will stay with VMware, and many smaller ones as well. Smaller cloud providers might move away because of the huge entry cost wrt. the core count (3000+ cores minimum IIRC) but those don't usually run SnapCenter anyway

A lot of the folks I've been talking to are still in negotiation mode.. knee jerk reactions aren't really going to pan out cost wise either for lots of shops. But curious if anyone here has had a management team that said yeah we're out and then how you plan to deal with the transition! (maybe to openshift virtualization?)

our team has already been told to make plans and find a replacement, by end of year, when our contract is up

Ooh - that's not a lot of time to move.

Spoke with a team that basically said - to replace everything (not just migrate) is going to take a lot longer than the time left we have on our contract so we'll probably have to renew at least some portion. But that probably depends on how big / complex your environment is.

The data to examine is not which to choose, but the sheer fact that only ~30% of the installed base are no doubt sticking with VMware. The other 70% are some varying levels of “we want out but we’re not sure how”

3x seems to be the a average uplift in pricing from what I’ve read

So if they lose 50% of their customer base, they’ll still be ahead

Yup. That aligns with what I’ve seen reported too. 3x uplift is typical. Renew that 4node 128 core cluster and find a new home for everything that won’t fit in that cluster. Current customers control the bleed but would any new accounts sign up for that? Is this a drain the swamp over 5 years scenario? I think in 5 years we’ll have a good view of the new normal. Between now and then… it’ll be an adventure.

I would guess that's pretty biased towards the upper end, as usually you wouldn't hear a lot from people that get similar or even cheaper prices than before 🤔

Again, we have seen customer quotes (actual orderable quotes) that were in the same ballpark (+/- 20%) than their existing contracts

I think as the dust settles we'll get a better idea. There are huge uplifts in some reports (and I wonder what they're using - really storage heavy maybe?). Definitely tough to find new customers right now but in a few years people will have forgotten/adapted circa Oracle of 2003..

If some product can get a good enough feature set and support it might take off to replace VMware.

for smaller shops i think there are already options out there, for those not using options like vsan/etc, most of the shops I know using VM simply use it because it's the most common thing around and easiest to get somebody to work on because they already know the product.
and, again, many of those shops are hunting alternatives because their cost is going to skyrocket at the end of their contract.
From the few people I've had hitting me up about helping with migrations, so far, are mostly looking to either Nutanix or Scale(new one for me) for a paid solution or Proxmox for *nix shops and Hyper-V for hybrid

it will be interesting to see what solutions other companies start to provide to fill in the gaps they have compared to VMware right now, or what tech partners will start to build out integrations/addons/etc to work with others

https://community.netapp.com/t5/Tech-ONTAP-Blogs/OpenShift-Virtualization-for-vSphere-administrators/ba-p/451333

This might be a good alternative for many customers. RedHat is a company that is comparable to VMware in terms of support, so it's possible. I don't have much Kubernetes experience though to comment effectively on it. I always thought it was like Docker, but maybe not?

great job on this one.

Pretty good job breaking it down there man.

Hey Paul, if you want to find out a little more about OpenShift Virtualization, Red Hat has a learning path set up here: https://cloud.redhat.com/learn/getting-started-red-hat-openshift-virtualization

Thanks Alan. I may check it out at some point but I have enough to keep me busy for now. 🙂

https://www.reddit.com/r/homelab/comments/1bp7jay/new_import_wizard_available_for_migrating_vmware/

I've got my 3 node NUC proxmox cluster up and running some workloads. It's very well documented, and once you get used to some of its.. expectations.. it's quite easy

biggest thing I found was that it treats everything it can as block storage, it makes sense

I've decomm'ed my vsphere management cluster to free up 4 nodes for bare metal alt hypervisor testing. PVE is going first. want to see if there is any way to convince ontap to boot on it.

how many physical test boxes do you have at home @woeful ingot ?

with a name like madlabber, I gotta assume it's a few 🙂

heh.. how many physical boxes... 5 desktops, 3 laptops, 1 frankentop.. laptop with no lcd, 2 cisco 220m4 servers, franken dual asus server, dell T630, dozen or so SBC and a new mini-pc that isn't online yet

😄 My vsphere lab was 7 hosts, now down to 3. I peeled off all the NUCs and collapsed the management domain into the workload domain, which is now 3 hosts, 2 running an OTS HA pair, and with a single node and the deploy VM living on the 3rd. There are several other NUC class hosts, mostly running KVM OTS variants at the moment, and a "travel" lab nuc that is usually in the backpack when I'm on the road. I wish I could make better use of LoD, but I need custom labs, labs that live more than 7 days, and labs that I'm not locked out of if I don't have my corp laptop in hand.

oh, and a DL380 in the garage if I run out of oomph 🙂

Dang, that's impressive @woeful ingot. I only have two Dell R730's now, At one point I had 6 running VSAN as well as iSCSI and NFS from 2 Synology DS1813+ and 1613's. Not currently powered on but when they are, I have a pretty decent environment 🙂

I picked up a couple of 'new old stock' cisco 220m4 units for ~250 shipped. 2 procs, minimum memory, 2 1tb sas disks, etc. and I have a whole lot of v3/v4 xeons sitting around as well as memory, so it was a no brainer to grab them and upgrade my older systems

At one point my lab was a mix of ML and DL series HP, but as impressive as that power bill was, my wife was not amused. I ended up redesigning everything for low power and low noise. So lots of NUCs and XeonD

https://www.techradar.com/pro/broadcom-backs-down-on-vmware-pricing-rules-as-eu-begins-investigation-following-complaints

It's an interesting concession.

Yesterday, I had the privilege of hosting Rich from the 2GuysTek YouTube channel on an episode of NetApp ONAIR. Typically, we have stuck with bringing NetApp people on the NetApp show, but after discovering his extensive evaluation work across a myriad of #VMware alternatives, I selfishly wanted to have a deeper conversation with him about some of his findings.

What we got was a deep, rich conversation full of doubt, hope, and solid recommendations depending on your particular degree of situation you might be in.

My thanks to Rich for not only being on the show, but being vulnerable and willing to discuss his journey and recent work he's done on evaluating Hyper-V, ProxMoxVE, XCP-ng, and several others.

Enjoy the conversation, and if there's any questions, drop them in the comments! 🤘

https://www.youtube.com/watch?v=FApFFOpUbKI

Whatever, call me biased, but that was a good episode. It was relevant and genuine.

I'm still wondering if major vendors (netapp, pure, etc) will start working integrations with other companies outside of vmware. hopefully it will expand well beyond vmware

vmware has the most options, so it's what we've done the most for. There's nothing too magical about plain NFS or block to KVM, proxmox, Nutanix.

could we write a site recovery manager for proxmox using snapmirror or metrocluster? probably. But without demand it's a hard one to show ROI for to do so.

This will happen when customers start moving the needle. The absolute best way to get traction will be for our customers to begin communicating their intentions of migrating to a particular platform (away from VMware) to their account teams and/or VARs. Engineering dollars and prioritization require demand. Exploration into potential partnership with some are in progress. No promises, but we're putting things through their paces internally. Side-note, I'm also standing up a 3-node ProxMoxVE cluster and working on hooking it up to a C250 to start developing some best practices. Ideally, they are the same as what's worked for VMware over the years. At the end of the day, it's NFS. We can likely recommend some host/node settings and configuration practices to help make the best of connected NetApp storage.

Hi there, anyone been using XCP-NG extensively and can provide insights on its stability, performance, and usability within a multi-tenant environment, especially with NetApp NFS. I've been testing XCP-NG for the past 2-3 weeks and have been impressed by its large feature set. I find it quite user friendly and very similar to vSphere in alot of aspects. Pricing doesn't seem to be to bad either.

I’m putting ProxMox through the paces currently, but expect I’ll be landing on XCP next. I’ve got a C250 and (3) HP DL380 gen8’s

I’d like to know how XCP-NG is mounting using NFS. I had a customer using XenServer that had a data center failure (sure handler stopped, everything either shutdown-NetApp-or crashed-Dell). After a restart, they found nearly all the VMs were corrupted in some fashion. I could really only attribute this to the way xen default nfs mounts: SOFT! Worse, they (xen) adjusted the timeout to be only 10 seconds. Hence when the Netapp gracefully shutdown, the xen storage repositories got confused with soft mounts and bad stuff happened.
So if anyone is using xcp-ng, please log into a console and run mount. See if nfs mounts are hard or soft by default

You can set NFS mount options within Xen Orchestrator. Good point though @high forum thanks for highlighting that

I know you can set them. The default, especially these days should be hard! Otherwise it’s simply a ticking time bomb

For Citrix/xen. There was a script to change to hard for default. Not supported though

Just tested, and I can confirm that if you don't specify 'hard' in the mount options, default is soft.

Thanks. That’s really stupid. Especially if you go to the console and just do “man nfs” and find the soft option

Nothing like having holes punched in your data

Being discussed here but no real progress:

• https://github.com/xcp-ng/xcp/issues/334
• https://xcp-ng.org/forum/topic/2496/xcp-ng-nfs-timeout-values-and-storage-node-active-standby-failover

hehe, here I am thinking you're all talking about a new version of NetApp XCP 😂

https://forum.proxmox.com/threads/proxmox-ve-8-2-released.145723/

And there's the VMware import wizard 🙂

I'm hoping we can accelerate the process by adding QEMU commands to convert vmdk's to qcow2's. Stay tuned....

Been playing with making nested ESXi inside proxmox today - wrote this page to help anyone else doing it - https://alexdawson.net/2024/05/creating-nested-esxi-inside-proxmox/

BREAKING: Veeam announces support for ProxMox VE! https://www.veeam.com/news/veeam-extends-data-freedom-for-customers-with-support-for-proxmox-ve.html

TIL - VMWare Certified Professional no longer requires taking a course - https://blogs.vmware.com/learning/2024/05/06/exciting-updates-to-the-vmware-certification-program/

Fantastic !

For once a positive change.

Hi All,

Can a vCenter datastore have more than one IP for performance? Our NetApp that we are using for centralized storage of our VM’s has two port channels leading to the switch that our ESXI hosts/vCenter is connected to, each with their own IP on the NetApp side, however on our datastore we only have 1 of those IPs added. The two port channels on the NetApp do provide redundancy on the NetApp side as the IP can hop to the other port channel if it’s own port channel dies somehow, however I was hoping we could increase throughput and performance. Would appreciate any 2cents. Thanks!

It's quite easy: Use nconnect with NFSv3 on your ESXi-hosts and your throughput will increase.
https://docs.netapp.com/us-en/netapp-solutions/virtualization/vmware-vsphere8-nfsv3-nconnect.html

It's non-disruptive and there are basically no cons.

nice! thank you! i wonder why NFSv3 and not v4/4.1?

ESX can do v4.1 but (at least in the past) was quite buggy and not very stable (especially on takeover/giveback) so I'd stay away from it. Also NFSv4.1 session trunking works only on a single node, not with IPs spread across nodes. speed-wise it doesn't make any difference anyway for ESX

Hmmm.. seems I will need to do my research on NFSv3 vs NFSv4.1 for VMware datastores, my predecessor used 4.1 and I am just now doing my first ever build outs for tech upgrades of our stacks

if you use 4.1, at least thoroughly test takeover/givebacks and LIF migrations between nodes to see if it is stable

That seems like a huge flaw in 4.1 for it to be viable, the reliability of LIF failover

I have yet to see 4.1 work reliably every single time (storage takeover and storage giveback or just a node failure in general). More often than not I still see an ESXi host get “stuck” and the only recourse is to hard-reboot it

I have seen it work occasionally but once v4.1 gets under load, all bets for me are off the table (when using VMware)

yeah, that last part is important, I think it works much more reliable and better on Linux, but ESX has always been troublesome with 4.1

Roger that! I’ll relay all this to my VMware counter part, I wonder if there was a reason why my predecessor began using v4.1, we did have some older FAS systems that I saw he was using v3 on

If there’s no sincere reason for me to use v4.1 I would rather stick with the reliable v3 even if it is older

the crux is support. ONTAP supports pNFS which is mutually exclusive from VMwares session Trunking. As has already been indicated, session trunking in ONTAP is limited to a trunking group per node. ONTAP 9.14 does "support" session trunking but until someone can prove to me it works in a multi netap node cluster reliably under load/pressure there is no way I can suggest it

just stick with v3.

Yeah if you find a VMware setup using nfs other than 3, you need to find out if the admin was a nerd knob twiddler who assumed newer = better, or if they had a genuine reason. It’s normally the first

I thought maybe the vSphere STIG that we have implemented may have required it, but I looked through it and didn’t find anything

The stig absolutely does not require it. The only possible reason someone should even think about using v4.1 is to use Kerberos but that just slows performance so no one uses it.

Yeah it’ll be interesting to hear why it was used in our last build outs. Guessing it’s what Alex mentioned above, someone thinking newer = better

Saw the poll Nick did back in February, and noticed that HyperV/Azure was fairly high on the list. Anyone actually follow through with that and are using NetApp in Hyper-V/Azure Stack HCI? Trying to find folks with a similar setup to ours has been a challenge

we're in Azure with 25+ clusters, but it's all CVO

we will be testing Azure Stack in our lab sometime in the next weeks. But so far we have no experience

Hi all, a little confused on the wording from nConnect documentation. The highlighted portion initially seemed contracting to me, however is it just talking about supporting multiple TCP connections across one singular physical connection?

Does that still increase performance? like, if i have one 10gb connection from e0c, but now am able to put more than one NFSv3 data LIF on that e0c and connect both to my datastore, wouldn't that still have a 10gb limit?

thats what this documentation is saying to my smooth brain at least

of course the 10G limit is still there. The benefit is the ability to use the 10G to its fullest. Most things do not fully use a 10G connection. Allowing multiple simultaneous connections allows for more to pass.

Impact of nconnect on total connections
When an NFS mount is established, a single NFS connection ID is used. However, with the new NFS
option nconnect, it is possible to open multiple TCP connections per NFS mount. For instance, using
nconnect=8 with your NFS mount option creates as many as eight NFS connection IDs to the data LIF
in the SVM. Although this can deliver extra performance benefits, it can also use up more connection IDs than expected

If you plan on using nconnect in environments that generate a large number of mounts, be aware of the
connection ID limits per node for your platform, and plan to distribute connections across multiple cluster nodes to balance connections appropriately. In cases where a single node/data LIF is being used for NFS mounts, connection IDs run out much faster than if multiple nodes are used. Connection ID limits should be factored into scale discussions when architecting the solutions.

You should review https://www.netapp.com/pdf.html?item=/media/10720-tr-4067.pdf and read about nconnect

If you use ESXi and are Active Directory joined, Heads Up: https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/

I really really hope nobody does that 🙄

I know more than one tier one university / healthcare org who does do this.

Wanted to share with everyone some efforts that are underway at NetApp around ProxMox VE as an alternative to VMware. If you have any questions, requests, etc, now is the time to get those in!

https://www.reddit.com/r/Proxmox/comments/1ell5dr/netapp_proxmox_ve/

We need a second coming of oncommand shift to deal with this VMware problem… would make mine and my customers’ lives so much better

It’s under way. I can’t share more than that for right now.

Reach out thru your TPM private channels for an update

I’m in RTP today with Brandon Miller and some others at an EBC…

We “kind of” just talked about it 😛

I’d come meet you there today, but I’m in our San Jose office this week.

@white scaffold too bad…

BMilly!

Are there any details on when ONTAP Select will be supported (or "will work", rather) on vSphere 8 u3? IMT still only goes up to u2. A customer tested it recently and the Select VMs either outright crash or don't work properly (as in "no login prompt" but System Manager works, etc)

Contact the IMT team. I bet you could do "report a problem". They used to have a NG back in the day.

Hi! is it possible/supported to use Openshift Virtualization with NetApp Trident (ontap-san) using Snapmirror Active Sync with RWX PVCs?

That’s a lot of moving pieces! @proud kayak is this something you can assist with?

RWX with LUNs is difficult. What filesystem are you intending to use there?

technically it is possible but you need a cluster-aware filesystem on it (GFS2, OCFS2, etc.), but even then the question remains on how/where to run the lock manager that those require

Hey all, at work we are looking to setup Hyper-V. I want to make sure I'm doing this right from the stroage side and looking for input. I have three nodes, each node is connected to 3 LUNs via iscsi using an initiator group. We clustered the three nodes using WSFC and added the LUNs as cluster shared volumes. Does this make sense to do it that way? We are licensed for scvmm and wonder if there is a better way regarding storage.

https://docs.netapp.com/us-en/netapp-solutions/hyperv/hyperv-deploy-considerations.html

Have you been through these yet @drowsy steppe?

for iSCSI LUNs, insure you've got the server feature for MPIO installed.
Add-WindowsFeature Hyper-V, Failover-Clustering, Multipath-IO `-IncludeManagementTools –Restart
^We recommend just running that to insure you have the features all installed

Hi @little hill thanks for the follow up. Yes, after I posted I did another search and found that. I think I’m good

Awesome! Been a while since I've tinkered with H=V but I know the person that writes those docs. Let me know if you run into anything!

That would be great! Bit of a learning curve from VMWare but the basic idea is there. Thanks Nick

It runs great on core if you know your powershell. But SCVMM does most of the heavy lifting anyway from a mgmt host, similar to vcenter

Hi @robust moth , the plan is to install openshift VMs - so the plan is to use RWX Block and the operating system is installing its OS and filesystem.

We plan on going with core, it makes the most sense.

any thoughts from @proud kayak too? thx!

OpenShift Virtualization works perfectly fine with both ONTAP and Trident, and we do recommend RWX block for both performance and in order to support live migration of virtual guests between worker nodes.

I know he's been tagged a few times, but @proud kayak did do a demonstration on some of the Astra business continuity stuff with Snapmirror at Red Hat Summit a few months ago, and I believe the support for protecting VMs in OpenShift is slated for an upcoming release.

Figured this is a good a place as any to ask. We're currently standing on a proxmox cluster to replace our VMWare Cluster and have an ONTAP. Love the storage but we're having tons of NFS issues... Has anyone solved the constant time out? Fwiw we have bonded 25gbps DACs from the new cluster to a Nexus9k and same on the NetApp. Same setup with esxi has zero issues. Ports mentioned are dedicated only to talking to the NetApp.

Make sure the nfs Mount is using v3 and is a hard mount.

Might not hurt to go to the proxmox cli and run “mount “ to show what mount options are being used.

Might need to start using iSCSI?

We've tried 3, 4, 4.1, 4.2. Will check mount options. Would rather run NFS for thin provisioning if possible.

Don’t use 4.x! That is a stateful connection that may be disrupted during takeover/giveback

What are the default mount options for v3? Post them. Educate us

Currently iSCSI is the only IMT-qualified protocol. We expect NFS and FC to be done any time now, followed by some best practices later this year or early next year. I know this doesn't help right now, but we're going thru the paces ourselves to find the best configurations to run PVE on ONTAP.

Also check the MTU on all devices if you are using jumbo frames

Good call although that usually manifests different issues. For instance You can mount, but can’t do anything or the mount will start but hang. I’ve haven’t yet come across an nfs mount with a mtu mismatch with normal working access later misbehave

Hi, I hope everyone is fine today. I'm trying to see if there is anyone who has stumbled over a NFS-Offloading capability outside of VMware API (VAAI). 🙏

only thing I know of is from Chelsio, TOE controllers
https://service.chelsio.com/netapp/index.php
Not sure if that's what you're looking for though

Ah, not quite but thank you. I should have been more specfic. We are trying to see if the NFS-VAAI capability that is provided by VMware proprietary API is found on any of the KVM management providers out there. It may be that we just need to create our own and use the API from Ontap directly in hook from within the management plane.

Not that I’m aware of. I do know that ProxMox is working on a ground up rebuild of their Storage Plugin API that could enable some similar functionality. We’re investigating, but they just started this project in July.

Thank you, for the quick reply. I hope you have a blast at both Insight and the meet up with the community. I hope I can attend next year and meet you again Rockstar 😊

Hey Nick, I think one of my engineers already reached out to you from your post on the Proxmox Forums. We're an enterprise customer going through those paces right now with our Netapp appliance. Up for collaborating to make it the best it can be? I can DM you my info if interested, I'm the Head of our IT Department

That really depends on what your architecture is. We have a dedicated storage network with bonded 25gbps DACs on each server on an isolated VLAN with nothing competing for either the queues or backplane so 4.x is what we use with our current ESXi architecture with zero issues holding the actual VM Disk Images for our production environment with around 70 VMs. Pretty sure we have either 4 or 6 (bonded in pairs) DACs running from the netapp to the same Nexus9k switch.

We would love to hear about your results and any hurdles you might run into.

That can help steer engineering prioritization!

DM Sent

have you ever done a storage failover/giveback on the storage? 😉

the NFS 4.x issues have nothing to do with network speed, cabling or bonding

NFS v4 has no advantages over v3 (at least for ESX/virtualization), especially on dedicated VLANs. It only brings pain

^^^ this!

🤷‍♂️ Never really experienced any pain with it except that it's finnicky to a bad network. 4.2 is pretty solid since they fixed a bunch of the issues from 4.1.

does VMware support 4.2 now? I thought they were stuck with 4.1

but good thing that it works for you. I have never seen an ESX setup that doesn't choke on a lif failover to another node... but maybe it's been improved recently, haven't had any customers using 4.x for a while now

At this point, I do not think I can ever trust ESX with 4.1

If you don’t mind the up-front investment setup, NVMe/TCP with vSphere is sweet

I can second that, NVMe/TCP is really nice and insanely fast, especially on NVMe disks. The upfront investment is also not that big, all you need is a fast network. even on regular SAS SSDs over 10gig Ethernet, you see massive latency reduction in I/Os and a corresponding increase in IOPS

Thank you Alan for the feedback! good to know that is a supported config. pretty cool when VM protection comes along too.
beside of the block only support of Snapmirror Active sync - @wicked lichen you mentioned the performance advantage: why is there any over NFS?
cc @earnest estuary

Too bad NVMe/tcp doesn’t support thin provisioning
Sure you still get dedupe and more on the volume, but unlike a fc/iscsi lun which can be thin, currently any NVMe namespace can only be thick

I more meant the upfront level of effort compared to NFS.

The performance advantage is a bit subjective and may depend on the storage backing the solution, but it essentially comes down to one less layer of filesystem operations required. With block, the volume is directly attached to the pod. With filesystem, there is a disk.img file on top of the filesystem and the disk.img then shows up as the block device in the VM.

I'm not sure that is correct though. If I create a namespace, it does not allocate any space in the volume until I write data into it. So at least to me it looks like it is always thin provisioned? And with 9.16.1 there will be UNMAP support coming (fingers crossed) so you can even reclaim space later

Nope. It’s actually something we tested on.

There is an argument to allow a lun to be thin. Nothing exists yet for nvme. If I recall, it’s not in the spec!

https://kb.netapp.com/on-prem/ontap/da/SAN/SAN-KBs/Nvme_namespace_size_and_volume_size_doesn't_match
and the takeaway there is: As per design. NVMe namespace doesn't support thin provisioning

so why is my volume then not full?

what if I put a dozen 80gb namespaces in a single 100g volume?

It is ONTAP and the VOLUME that you are seeing. the namespace itself doesnt support thin. The underlying volume will still dedupe

the namespace is just a file though

for me this looks exactly like in the LUN case with a non-space-reserved LUN

It's definitely in the spec but ONTAP might still need to implement it: https://nvmexpress.org/wp-content/uploads/NVM-Express-1_4c-2021.06.28-Ratified.pdf

looks like snapshot space reserved

I think the KB you linked to is no longer correct

try to change that option

this only shows what is reported to the client. even if that bit is not set, the backend can still do thin provisioning (i.e. exactly what ONTAP does with a thin provisioned LUN if you don't enable Space Allocation, i.e. the server doesn't "know" the backend is thin provisioned)

why? it is already thin provisioned

"Space Reservation: false" means thin provisioned

the KB says it is fixed to "Space Reservation: true" which is thick provisioned

this is all 9.14, and the KB has not been updated for a year...

Show me how you change that option. it is not available on the CLI at all

I don't change it why should I change it?

convert thin/thick

I created a new namespace and this is what it was set to

I don't want to convert thin to thick

Maybe I cannot change it, but that's besides the point 🙂

there isn't even an option to change it to thick provisioned

I have a 9.14 and it defaulted to space res false

yes

that is what I said

That's why I said nvme namespaces are always thin provisioned ("Space Reservation: false"). there is no option to change it to thick provisioned ("Space Reservation: true")

that KB might be old

well guess what: The space guarantee for namespaces is the same as the space guarantee of the containing volume. 🤓
https://docs.netapp.com/us-en/ontap/nvme/support-limitations.html#namespaces

cl1::*> vol show -volume test_og1_* -fields space-guarantee,size,available,used
vserver  volume         size available used    space-guarantee
-------- -------------- ---- --------- ------- ---------------
gw2_NVMe test_og1_thick 1GB  872.1MB   100.7MB volume
gw2_NVMe test_og1_thin  1GB  972.5MB   300KB   none
2 entries were displayed.

cl1::*> vserver nvme namespace show -volume test_og1_* -fields size,is-space-reserved,is-space-reserved-honored
vserver  path                                size  is-space-reserved is-space-reserved-honored
-------- ----------------------------------- ----- ----------------- -------------------------
gw2_NVMe /vol/test_og1_thick/namespace_thick 100MB true              true
gw2_NVMe /vol/test_og1_thin/namespace_thin   100MB false             false
2 entries were displayed.

yeah, makes sense 🤷‍♂️

I wish they would put something like "correct as of ONTAP 9.x" into the KBs so that you know if they still apply... I mean I guess it was different before 9.14 otherwise that KB wouldn't exist, but since we have no older systems anymore (or do we?) it would mean setting up some simulators to check that now 🤔

I have seen that hiccup you mentioned one time when we accidentally pulled power to a node during standup of the recent ESXi Cluster but other than that one hang node failure seems to function and migrate pretty flawlessly.

based on the KB I provided, it is correct based on the setup being used. There should 100% be better clarification in the KB about the space-reserved on nvme namespaces.

moral of this: when creating a nvme namespace, you do not currently have control if the provisioned space is thick or thin, you rely on the underlying volume

I also just did some bit flips. changing the underlying volume from none to/from volume seems to make no change to the space-reservation" flag for the namespace

isn't this what @fading shard just showed above? that when you change the volume, the space-reserved flag of the namespace also changes?

also, can you clarify what you mean by "the KB is correct based on the setup"? because as I see it, the KB is not correct (it shows different values for "space reservation" and "space reservation honored", which I couldn't reproduce: for me those are always in sync, just as OG1 showed in his output above)

No, I did not change the space guarantee of an existing volume. I've created two new volumes, one thick, one thin.
Then I've created two namespaces and depending on the space guarantee of the containing volume the namespace is now also thick or thin.

I guess if you change the space guarantee of the volume, the namespace will not change. At least that's how I understood TMAC. I have not tried that yet.

ah. I misunderstood your above comment then

then it kinda makes sense I guess

right. @fading shard I did the same. thick vol thin vol and the namespaces did as we expected (thin/thick based on volume). When I flipped the volumes to all thick and and all thin, the "-is-space-reserved" did not change, so I think it is possible to get that combination from the KB.

Like I said, it is probably worth putting much more detail into the KB or generate a new KB about nvme namespaces and how thin-provisioning plays

especially that you cannot change it

yeah I think so too

PVs are tied to backend. Even though the Snapmirror active sync keeps the volume in sync and accessible from both source and target, from trident perspective, the backends for source and target will be different. Need to use a load balancer and utilize virtual server to register the backend. Just a thought. Need to validate it doesn't break any other features.

If you are using anything KubeVirt based like OpenShift Virtualization or Rancher, you could use Trident CSI and get similar benefits.

Does ONTAP support this?

Did some additional testing. Moved critical vms off a PVE host and failed it. VMs will still get in a stuck state and not migrate sometimes. Definitely an improvement. Tried the same with our CEPH cluster and had no issues. Assuming NFS issues are not 100% dealt with.

So we're planning to keep VM disks on CEPH and use our NetApp for bulk data storage of our robot generated data.

Anyone played with NVMe/TCP with Proxmox yet? @little hill got my interest piqued and I wanted to see what opinions are.

I’ll get Florian and the guys from Credativ in here for some Q&A

^^He really is the best

I promised my engineering team that I wouldn't dive in to it yet, some Q&A would definitely sate the thirst for performance 😄

https://docs.netapp.com/us-en/netapp-solutions/proxmox/proxmox-ontap.html#lvm-with-nvmetcp

Thanks for that, I see your opinion is of the technical document kind. The question is....provisioning, does PVE support thin provisioning over nVME yet...more research to do 🙂

Thin provisioning? yes. Namespaces on an AFF or ASA are always thin provisioned (as long as the backing volume is thin provisioned, which it always is by default on these systems).

NVMe Unmap/Deallocate? not yet, this will be in ONTAP 9.16.1

I did some preliminary lab testing of using a common NFS/SMB datastore to swing VMs over to Proxmox from ESX, and it worked pretty well. Basically configure NFS volume that both can access, create stub VM in proxmox using VMware device types, single file flex clone the vmdk and -flat.vmdk into the stubs directory, qm rescan -vmid <stub vm ID>, connect disks and power on. Fun stuff. ONTAP is awesome.

you don't even need to flexclone the vmdk descriptor file as that is a few bytes anyway, you can just copy that over. The flat file is the big chunk and there flexclone really helps 👍

So when is oncommand shift officially coming back? I have a potential to wipe out 14 Pure Flasharray XLs but it is contingent on OnCommand shift

why shift specifically? there are other options that will convert

because it is fast like a marsupial and not as janky as say starwind or veeam... It is for a mass conversion to speed time... and vmotioning to a new array and then shifting it to a prebuilt hypervisor is epic... used it successfully the first go round

I’m looking into this for you Ben. There is progress, but I need to see what I can share publicly. Stay tuned.

Oh I get it... I'm all NDA'd up... Just thought since this a change to change a major amount of curtains from orange to blue; this might prime the pump of progress a little more >5 million opportunity

Literally 14 pure flasharrays displaced

Hi there, quick question. Is running Exchange on VMware with NFS Data stores supported?

I'm pretty sure thats an unsupported use Case

supported by who? Microsoft?

I think Exchange only supports block storage, at least that's how it has been in the past. Nevertheless it works just fine on NFS (and has been for almost 20 years now). If you want to be on the safe side, use in-guest iscsi LUNs. If you want an easy solution, use a vmdk on an NFS datastore

Yeah but the easy solution seems to lead in some edge cases to a dirty shutdown DB. At least the Exchange Admins told me that..

Is there an official NetApp statement about Exchange servers? So I can pressure the Exchange Admins to get the setup right..

Don't think I have ever seen that. The SQL server doesn't know or even see it's running on NFS. As long as your ESX has a stable NFS connection to the datastore (and NO NFS 4.1!!) it should all be fine

https://learn.microsoft.com/en-us/exchange/plan-and-deploy/virtualization?view=exchserver-2019

From your perspective, when can I call a NFS Connection stable? During our latest ANDU we saw storage latency around 1500ms during the failover. Is that normal or should I be worried?

but that article talks about mounting the NFS from within the Windows server VM, which is of course not supported. "All storage used by Exchange for storage of Exchange data must be block-level storage" -> a VMDK is block level storage for what the Exchange server is concerned 🙂

check the second one

yeah second article is better:

NAS storage that's presented to the guest as block-level storage via the hypervisor isn't supported.

(nevertheless we have dozens of customers doing exactly that for over 10 years 😂 )

so yeah if you're concerned (or your DBAs are concerned) use in-guest iscsi to be on the safe side

Use iSCSI LUNs. You’ll have a much better experience. I was doing this in 2008 with VMware and NetApp

🙏 thanks for your input @eternal wagon @robust moth @eternal wagon

Correct. If you want to use something like SnapCenter to protect your exchange vm the vm itself can be on an nfs datastore. The exchange should be on a vm attached iscsi lun. I think that exchange also possibly supports using continuously available shares but I don’t that works with SnapCenter

High level overview of VPC with VCF and its integration with ONTAP features. https://community.netapp.com/t5/Tech-ONTAP-Blogs/Private-Cloud-with-VMware-Cloud-Foundation/ba-p/456247

vSphere standard and Enterprise plus is back .. https://news.broadcom.com/cloud/bringing-more-value-and-options-to-the-vmware-cloud-foundation-portfolio

Has anyone heard of a NetApp tool called "VMDC", aka "Virtual Machine Data Collector"? Apparently that is a thing that partners should have access to, but I can't seem to find anything anywhere 🤔

I know of the data collector for vsphere and hyperv, but believe they are part of Data Infrastructure Insights
never heard of a stand alone for it

ah that might be it. thanks

VMDC will be available soon as standalone script right after the shift tool.

Do we have a timeframe we can share here publicly?

What does this tool do? Similar to rvtools?

It's a data collector "plugin" (for lack of a better word) for our Insights observability product

https://www.netapp.com/cloud-services/cloud-insights/

You may also wanna check out this episode with @patent pumice who may be able to fill in the blanks here on some of these questions, since he's in here.

https://youtube.com/live/fxUJqwwhOqg?feature=share

If Data Infrastructure Insights (DII - formerly known as Cloud Insights) is the thing in question, @glossy vortex you could say yes like rvtools in terms of what data it collects, but that's largely where the comparison ends. DII does a lot of AIOps heavy lifting (config change analysis & correlation, custom metadata, heterogeneous compute/storage support by design, ML-powered smarts for minimizing alert nosie, etc. etc.) to make admin/ops life easier - the doc release notes of the last couple months can give you a pretty good idea of what I mean: https://docs.netapp.com/us-en/cloudinsights/concept_whats_new.html That said, it does sound like @wraith mica is talking about something different than what I just described in relation to @robust moth's original question.

I see; yeah we did a poc with oci on-prem some years ago. I really liked the tool but due to costs was scrapped.

ahh that's unfortunate to hear! While it does have a cost, the benefits vs that cost are massive. hopefully next time you get an opportunity to put it into production 🙂

You mean this? https://mysupport.netapp.com/site/tools/tool-eula/vm-data-collector
Looks like it just got released

...maybe? I was just asking here because a coworker asked me about VMDC and I never heard about it 🙂 But this might be it, yeah

Found any documentation about it?

looks interesting so far but I guess it needs a while to populate all the metrics and stuff 😄

Basically: launch the EXE and go to localhost:3000 in a browser, then add your vCenter

Actually, need to use the start_vma.bat file to install as service and use port 3000. Initially it was referred as VM analytics and later renamed to VM data collector.

you don't need to install it as a service, for testing it is sufficient to just run the exe as-is

but yeah once you log off it's gone so if you want to have permanent access, installing as service is better

the topology window sounded interesting but it is still rather empty 🙂

Will be interesting to see what will happen with this tool in the next weeks/months

I just downloaded and tried. It works

oh. interesting....

Maybe I need a different browser, this runs in my test VM with only Edge installed

I'm also used Edge browser. Permission issue?

hm. no idea. The logs show nothing helpful I think. What vSphere version are you running?

or maybe it just takes a while to scan our lab environment with >1000 VMs and >300 networks 😉

I'm running vSphere 8.0.3. I was told VMDC is going out after Shift tool. Let me double check whether we are using the right version.

okay, I tried on both, 8.0.2 and 8.0.3 vcenter.

https://tenor.com/view/south-park-its-gone-gif-4104229

(VMDC download was pulled apparently...)

Hi all,
Just deployed OnTap tools for vSphere 10.2 and added vCenter. vSphere is version 7.0.3
The plugin is deployed and showing up in the menu.
We cannot start the update host data, option is there but not clickable, and everytime we right click on a cluster we get the following message:

Let’s see if we can get @wraith juniper ‘s attention…

I was told, it is not yet officially released. Waiting on documentation to be done and rebranding to VM data collector is still pending..

Anyone?

Just curious using domain account or local sso account for vSphere? Anyhow, both should be supported. Did you contact support? They can collect and look into the logs.

Administrator@vsphere.local

Will contact support

Hi all. We are planning a migration from VMware to Hyper-V at NetApp IT. Currently we use 4 NFS datastores exported to multiple ESX hosts per ESX cluster. We are trying to determine if it would be better from a performance standpoint to use SMB 3.0 or iSCSI for Hyper-V volumes (AFF 700). Any advice is greatly appreciated.

If you use anything past Windows Server 2019 or ONTAP 9.13, you will need a 3rd party backup technology for automated VM or application consistent snapshots. NetApp unfortunately has not continued support for Hyper-V on Server 2022 or Server 2025, or newer versions of ONTAP, with their SnapManager/SnapCenter line. You may want to evaluate this aspect first to see how it impacts your supported storage topology. If I had to pick from the two options you provided, it would be SMB 3.0, as it is more future proof than iSCSI due to possible SMB Direct support, would have less configuration complexity, and would be easier to manage (IMHO), however both SMB and iSCSI support ODX. I would closely evaluate Server 2025's support for the NVMe/TCP flavor of NVMe-oF, using the integrated initiator, with promised future native initiator updates to support RDMA.

Hyper-V has been in a odd place for the last few years with Microsoft telling everyone it was being sunset to push people to Azure, then the VMware acquisition fiasco causing reevaluation and renewed development. Even though Server 2025 is getting modern features, I would wager most of these are likely due to Hyper-V being the hypervisor for Azure Stack HCI, a hypervisor that cuts NetApp out of the storage stack. I am currently a VMware customer on perpetual licensing with dwindling support, and I haven't made a decision yet on which hypervisor to jump ship too, since I am currently supported and waiting for options to shake out and materialize. I can say that every mainstream hypervisor out there has implemented their own storage subsystem, and not all of them even support integrating NetApp. I am hoping NetApp announces renewed support for Hyper-V on Server 2025, with all of the new features, and all of the downline support via SnapCenter.

Thank you for the reply.

As far as I know support for Hyper-V has already be announced but not sure if it's public yet. There should be support for newer Windows versions for SnapManager Hyper-V in the IMT, renewed support for SMI-S in SCVMM and also talks about possible SnapCenter support.

Also a new way to migrate from ESXi to other hypervisors like Hyper-V without needing to copy data (it's converting the disk formats) should be announced very soon (actually I don't know what they're waiting for...)

Are you referring to the zero touch migration from esx to hyper-v?

https://docs.netapp.com/us-en/netapp-solutions/hyperv/hyperv-deploy-considerations.html#migration

Hit me up on Teams, I can connect you with the right engineering resources for an update

Yes. We have reviewed the instructions on this page. Thank you. We were looking to get any feedback on experience with SMB 3.0 vs iSCSI protocols for the Hyper-V CSV.

We have used both for HV over the years and they both work well. It's really a matter of preference. I prefer iSCSI simply because of block and easier for us to manage. We are currently in the process of moving most of our MS SQL iSCSI to SMB because of limitations on the hosts, but again, they both work just fine.

Thank you

For SMB, you can use multichannel, continous availability feature etc. While adding more nodes, the process will be simple. iSCSI can provide you multipathing, igroup, etc. With AFF, you have chocie. If you use ASA, restricted to block protocols.

I see the documentation and VMDC is available to download. We can expect the official announcement soon... https://docs.netapp.com/us-en/netapp-solutions/vmware/vmdc.html

So this was fun. Spun up a new cluster on 9.15.1 to evacuate my old cluster on 9.15.1. OTV (9.13) works fine on the old one, not on the new one. KB for the error was basically, "IDK, remove and reinstall OTV". After much head scratching, it was zapi being disabled on a new install. D'oh. It works now but I should have gone to OTV10.

No man. 10 is not cool for small installs

Just do

set diag
web ONTAP modify -suspended false

Enables ONTAPi

10 requires vasa to be enabled and once you deploy a volume through otv10 it is not trivial to uninstall if needed.

Stick with otv9 if you can. Although with ONTAP 9.15 you may need to use otv10

Deployment should be easier with 10.3

I hope so. 10.1/2 are not “trivial” in as much as you are guessing at some ova template responses since they are not documented well

9.15.1 is working fine with OTV9.13 after turning zapi back on. Will see if it breaks when I go to 9.16.1 later this month. busy with my esxodus for now.

You can install in single node config if vVol is not required.

Shift Toolkit documentation is out https://docs.netapp.com/us-en/netapp-solutions/vm-migrate/migrate-overview.html

Still MUST enable the VASA provider even for traditional volumes. That’s nuts! Once you deploy a single traditional data store over nfs you cannot unregister the plugin!

If you don’t believe me…try it

true you cannot unregister the plugin as long as there is a storage backend registered, and you cannot remove the storage backend if there are volumes that were provisioned through it. It doesn't require you to enable VASA though

From what I’ve tested, I could not deploy any data store until vasa was registered

it works without VASA provider in LOD at least

I guess the unregistrering is some sort of safety or something... I'm sure you can just delete the OTV server and clean up the plugin registration from the vCenter afterwards. Not optimal, but if you absolutely have to get rid of OTV I'm sure there's some way to do that

@wraith juniper Can you confirm the findings here? Is VASA required now?

I'm redeploying my OTV, I think I'll stick with 9 :D.

So I played in the LOD last night. I could not get it to work at all using the stand alone tool (adding vcenter, adding backend storage, associating storage to center). So I removed the association and the storage. Went into vcenter and added the storage. I was able to use it after that. No vasa.

Got more playing to do

OTV 10.2 error trying to deploy a NFS datastore

ONTAP 9.16.1rc1, vSphere 8u3

I get to the point, where you're supposed to decide NFS versions (used to be radio buttons, now it's a dropdown), but the dropdown is empty!

Is this a known bug (didn't find anything related to this behavior)?
A workaround?

Also: the RBAC JSON file to create users is not yet 9.16-compatible (just have to add it in the JSON, though)

Make sure it’s licensed and the NFS server is configured and running. I start with manually adding a user to ONTAP called otv, role admin. For now skip the rbac. Make sure the vserver has
-vstorage enabled
-tcp enabled
-udp disable
-v3 enabled
-v4.0 disabled
-v4.1 disabled
-v3-64-bit enabled
-v4-64-bit enabled
(I usually set all those when I set up a SVM for VMware. Need advanced mode for some options. Enable the 64 bit file handles in case flex groups are used in the future)

I know otv should set it, but start off with a policy for your svm to allow the tax hosts

note that this seems to happen even before selecting the actual storage system (see the steps on the left side) so I would rule out any ONTAP configuration issues at this step...

I was able to provision without VASA. Are you using 10.2?

With ONTAP tools, check the SVM to ensure NFS is enabled. You can confirm from storage registration page on vCenter plugin.

yeah that's basically what I said... you can provision without VASA. See also my screenshot

Sorry, I meant to reply to TMAC

No, VASA is only required if you plan to use vVols. You should be able to use a small (t-shirt size) single-node deployment for most other use cases if you aren't using vVols. Although you will gain some performance benefits with SRA if you scale out to HA.

Generally the issue with not seeing a suitable combination of options like unable to select the desired SVM or unable to select the desired protocol ends up being due to the onboarded storage not being configured in a way that ONTAP tools expects. Like missing NFS server on an onboarded SVM for example, or something along those lines.

guys, that is what I said! You don't need to enable VASA if you don't use VVOLs 🙂 Why is everyone replying to me like I said something else?😂

Here are my top 3 reasons why I will use ONTAP tools 10.x over 9.x

1. Single instance of ONTAP tools can manage multiple instances of vCenter servers. In VCF, just deploy to management domain and workload domains can just consume it.
2. HA option available to support vVol deployments and SRA providing fault tolerance.
3. Ease of deployment of vSphere Metro Storage Cluster using protect cluster feature.

Also NVMe/TCP and FC for VMFS 🙂

yeah, NVMe/TCP is awesome. Too bad most backup tools in use by our customers don't have integration yet 😅 (yes, I know that SnapCenter supports it, but for some reason people often choose another backup solution 🙈 )

I even see some customers use SnapCenter to supplement 3rd party backups. There really is no better way to quickly restore a VM or attach a VMDK from backup than SCV in my somewhat biased opinion.

Unless you’re using SnapCenter to replicate, it’s simply a protection/recovery point. If replicated to another cluster then I might accept it as a backup (second copy)

NFS was enabled (including -vstorage)...

I've got 2 equally configured clusters. On one 1 manually configured an NFS datastore, now the OTV wizard immediately offered me NFS versions (though sometimes in a different sequence - NFS 4.1 above NFS 3) and I can select the 1st cluster to create the datastore. The 2nd cluster/SVM was not offered in the drop-down.
On the 2nd cluster/SVM (no manually created datastore yet), it took forever (I gave up yesterday, but tried again just now), but now it seemed to work, but only a datastore with default settings.
When I try to set QoS settings in the create-datastore wizard, the datastore creation fails.

One possible culprit for the discovery failure: I had created a VSCAdmin with the JSON file offered by OTV and found out, it could not even do a correct discovery of the "Storage Backend". I had to change it back to "admin"...

OTV 10.2 NFS VAAI Plug-In suggestion:

Is it possible to trigger the start of the vaai-nasd service after rolling out the plugin, i.e.
[root@esxi1:~] /etc/init.d/vaai-nasd start

I always have to manually start the service after rolling out the plugin before HW acceleration is recognized...

yeah, the docs say to reboot the server after installation but manually starting the service should work as well

-vstorage enabled
and
-v4.0 disabled
-v4.1 disabled

contradicts one another.

AFAIK VAAI (i.e. "-vstorage") depends on NFSv4 being enabled...

OTV 10.2 NFS 4.1 datastore does not work:

It mentions a Kerberos incompatibility:
But as you can see, the Kerberos setting is "Do NOT use Kerberos" ...
???

Note: if a datastore is currently mounted, You need to reboot (or somehow unmount/remount the datastore).
Otherwise, going to each node and starting vaai-nasd before mounting should also work without a reboot (no mounted datastores)

@merry pumice vstorage DOES NOT require NFSv4 to be enabled at all. What is REQUIRED is the export-policy rule MUST have NFSv4 (I just use protocol=nfs -> this implies v3 and v4)

vstorage uses the "v4 nfs protocol" in the export-policy as essentially a back-door to use vaai calls for NFS. NFSv4 being enabled in the SVM is 100% not required.

I always always turn it off. too many issues/headaches. V3 is easy and works reliably

yeah, if you don't actually need it (for Linux hosts, for example) then I also turn it off ... If only to make sure that the VMware admin doesn't accidentally mount a datastore with 4.1 🙂

A quick question on the "new" Shift software... We have a customer who has some large NFSv3 datastores mapped up to their VMWare environment. They would like to migrate selected VMs from their datastores to Hyper-V... Is it just as easy as setting up CIFS on the SVM to connect to the Hyper-V hosts, and then presenting the existing datastore to Hyper-V? And Shift will then do its magic converting the selected VMs from one to the other? Will you then end up with a "mixed" mess of a datastore where some is VMWare and other is Hyper-V ? Or do you setup a "migration" datastore to avoid this?

Im Not familiar with shift.
But I think Hyper V needs a cifs share with a Ntfs file system.
The nfs volume has Unix file system. Presenting the old datastore to HyperV will not work.

Hyper-V users either iscsi luns or smb continuously available (CA) shares on ntfs. Not NFS.

also you don't need an NTFS filesystem in the backend, WAFL will work just fine 👍 (nitpicking, I know 😉 )

Yeah…I’m not sure that would be supported. Should check IMT

Just use cifs on the backend. Keep it simple. It will work fine. I suspect you may run into user mapping issues possibly other issues using a ca share without cifs.

Just because you can doesn’t me you should.

Ntfs Security Style* 😜

Just use iSCSI and call it a day. It cleans everything up when working with MS and eliminates any locking or availability issues. Been doing this with virtualized MSSQL/Exchange all the way back in 2008. You could also run into MS support discrepancies.

I agree @little hill ! But there are customers out there that just don’t want to do or deal with something new to them (iscsi).

I just helped a customer fully setup Microsoft cluster and hyper-v all on ca-shares. Works perfectly fine.

Heck, way way back, I was asked to setup a Microsoft cluster to support mssql for an old VMware installation. Back then, didn’t have iscsi they bought just NAS protocols. Did cifs and ca-shares. Again, works great if needed!

All depends on risk tolerance. We went through the same stuff when 10GbE NFS was first intro'ed in VMware.

I definitely YOLO'ed my way into 10GbE NFS putting all VMs on a single datastore to maximize dedupe.

Notorious flow control bugs in those early UTAs

But if your vmware is on NFS datastores and you want to go to Hyper-V with iSCSI, Shift will not be able to help you? Isn't the idea with Shift that you don't need to move the data? 😉

There is a oncommand Shift best practice guide. I didn’t read the whole document, just flied a little bit over, but it’s described here which volumes nfs exports and cifs shares are needed.

shift will convert vmdk to vhdx (and eventually vice-versa). So you would still have to copy the vhdx over to the iSCSI LUN somehow after converting it. There are other ways of course, e.g. if your vmdk is a single flat file with external descriptor file, you can lun create -file-path ... to convert that file to an ONTAP LUN that you can then attach to a VM as RDM (or whatever the equivalent is called in Hyper-V)

https://docs.netapp.com/us-en/netapp-solutions/vm-migrate/migrate-overview.html#using-the-gui

if the VMs reside in a SAN environment (iSCSI, FC, FCoE, NVMeFC), then they must be migrated to a NAS environment before conversion.

I got a question which hopefully makes sense regarding configuring SMB and Hyper-V. The netapp docs mention to create two data lifs; one per node
Should we also use these for domain communications or do we create dedicated mgmt lif for that purpose?

Personally, I deal a lot in secure environments.

What I do:
create auth svm
Create one lif, with default-management service policy on e0M (can’t serve data this way), auto revert true, broadcast domain wide failover policy.
Create DNS for svm
Create an active-directory svm
Create the domain-tunnel to the auth svm
Create your domain logins (security login create -auth domain…)

Hyper-V requires SMB 3.0 which is a multipath aware protocol with recovery procedures baked in. The reason you create two data LIFs for an SVM, one for each node, is so that when your sessions are terminated on one node due to maintenance or fault, there is an active path to the SVM from the client to the node that survives. Each LIF requires an IP, so clients will know about both IPs on the data LIF. SMB sessions are stateful and HA takeover drops sessions on LIF migration. A dropped session is a dead session. The management LIF will flow between the nodes. Yes, sessions will be dropped, but the management life does not use protocols that are multipath aware. All SVMs are created with a management LIF, then you should create one data LIF for each node in your cluster. If you had a 2 node cluster, you would have 1 management LIF and 2 data LIFs.

Python script for Proxmox Ontap snapshots..
https://www.credativ.de/en/blog/credativ-inside/ontap-snapshots-for-proxmox-ve/

Will there be some future blog post regarding this VCF Netapp option announcement ?

What would you like to know? @wraith juniper is our resident VMware dude, and can answer any questions you may have.

Here is the solutions document on this use case - https://docs.netapp.com/us-en/netapp-solutions/vmware/vmware_vcf_asa_mgmt_stretchcluster.html#scenario-overview . We are in process of updating the document, so expect some changes in couple of weeks.

Oh maybe you could fix the video in the Proxmox documentation here to not use Mixed security style for SMB please? Every NetApp engineer in the last 15 years has said to not use Mixed security style, now customers start asking us annoying questions about why the official NetApp videos suddenly use Mixed security style 😅

Updated the video.

@wraith mica can correct me if I'm wrong, but as of VCF 5.2.1 IIRC they removed vSAN as a hard requirement for VCF, however to get a management domain deployed without vSAN you basically have to deploy vSphere just like you always have, then you go in and use the VCF import utility. Voila, management domain without vSAN.

Good job Broadcom, all docs.vmware.com links are broken and just points to techdocs.broadcom.com main site 😭
Seems like there's a lot to do for the NetApp Docs team during the next weeks.

We have a customer with Hyper-V who would like to do backups to our setup with SnapMirror and that part is trivial. We do not have any HyperV in our DC, but only VMWare. Can we some how use OnCommand Shift to recover/convert a Hyper-V VM into VMWare? PS: The Hyper-V datastore is CIFS and our VMWare hosts can of cause mount NFS datastores... We have been looking at different tools that can convert Hyper-V to ESX, but it looks like they convert the whole disk and as far as i know OnCommand Shift can do this with only converting the descriptor of the disk? Does anyone know how/if this can be done without Oncommand Shift?

Have you looked into latest Shift toolkit? - https://docs.netapp.com/us-en/netapp-solutions/vm-migrate/migrate-overview.html#usecase

Shift only does ESX -> Hyper-V, not the other way round (at least not yet)

But VCF 5.2 SDDC native deployment still blocks deployment of management domain without vSAN. This is more a workaround where a VCF import tool is used in order to import pre-existing vSphere SAN cluster ?

Is there a work in future that SDDC from start can deploy management on SAN or that ISCSI will be supported ? Since without ISCSI there is no NetApp NFS Ransomware, Netapp FlexGroups etc.

That's right. Currently, (with VCF 5.2) need to use VCF import tool to use with NFS, VMFS over FC. You can have a vSphere environment without VSAN and convert to management domain or import as workload domain. Note: All the clusters in a vCenter environment will be part of same VCF domain. Need to wait on VCF 9 to see what features it brings.

Broadcom documentation on this topic - https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-5-2-and-earlier/5-2/map-for-administering-vcf-5-2/importing-existing-vsphere-environments-admin/supported-scenarios-for-importing-vsphere-infrastructure-to-vmware-cloud-foundation-admin.html

https://docs.netapp.com/us-en/netapp-solutions/hyperv/hyperv-deploy-considerations.html#block-protocol-design-and-consideration

Create a minimum of 8 volumes.

Havent seen this before - any reason why minimum of 8?

Probably something to do with waffinity. The number of affinities per wafl /aggr. 4 volumes per aggregate would be 8 volumes in an ha pair

And the expectation is one lun per volume per the link you sent

Didn’t H-V also drive Continuous Availability (CA) shares? That would lead to multiple redundant constituents underneath

I don’t think as much. The link referred to above was for SAN connections. Going to ca-shares can still use multiple volumes but it is all file based. It suggests enabling odx (offloading). There are a few other tweaks. I’ve run through the ca-shares config one time with a customer. Works great with ms cluster

<@&1131581028138487969> <@&1131580957393166367> <@&1132035203188142211> A year has gone by since we did our [first poll](#╰・virtualization message) on this topic, but we wanted to revisit it a year later and see where you all ended up. Did you make any decisions? Changes? Did you start down a path and revert to VMware after discovering blockers? Fill us in! We're making some product decisions and want to hear from our community about what your priorities are heading into 2025! Check out the poll below and give us your candid feedback about what we can do better to enable you with any of the hypervisors out there!

I was really hoping to see market pressures create some real competition in the virtualization space - but to my knowledge, it hasn't.

One of the biggest flaws I see is that so many virtualization "solutions" are designed by people who forget that lots of software as a service is infrastructure that has to be implemented and managed. E.G. DNS, DHCP, Databases, etc.

Yeah, if you deploy in a cloud, you can just use their SaaS, but not if you deploy baremetal. In lots of companies and environments I've worked in, this is a big strength of vmware - if you have an internally routable IP, and at least one physical server, you can bootstrap your infrastructure. You can even host vsphere on the same infrastructure it manages.

Many other solutions come with a huge list of requirements, hardcoded DNS entries that you have to satisfy, databases you have to provide and connect to that can't be hosted on the virtual infrastructure - it really increases the complexity of their deployments.

what deployments have hardcoded dns or have a list of reqs that are hard to meet, especially one that you cant host on the same infra

OpenShift was a big one:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/installing_on_bare_metal/user-provisioned-infrastructure#installation-dns-user-infra_installing-bare-metal

api.<cluster_name>.<base_domain>.
api-int.<cluster_name>.<base_domain>.
*.apps.<cluster_name>.<base_domain>.
bootstrap.<cluster_name>.<base_domain>.
<control_plane><n>.<cluster_name>.<base_domain>.
<compute><n>.<cluster_name>.<base_domain>.

Of course, OKD (FOSS OpenShift) had a whole host of other issues too, so... that might not be the worst one

Like the fact that OKD just automated the copy and paste of the OpenShift docs, and did zero validation on them - so we built out a cluster on the premise that we can use virtualization with bridged networking, in OKD, since it was seemingly well documented... only to find out after it was deployed, that is relied on an operator that was only available with a paid OpenShift subscription or something, and so unavailable in OKD. And you couldn't just manually create a bridge on the linux host - it's not seen by OKD. It was a mess

Proxmox would be a good alternative, but to date, I haven't found or heard of any solutions for the fact that it uses passwordless root access to all the nodes in a cluster. IMO, they should have been using an API or service account based method that doesn't require root having SSH access to nodes, let alone using passwordless ssh-keys

Expect to see further investment in Shift with more releases this year.

In the mean time, you can use the NetApp PowerShell Toolkit which has Cmdlets to convert VMDK<->VHDX and vice versa. You can even convert them to LUNs so that you can consume them over block protocols.

We may be glued to VMWare but there is a big right-sizing initiative and a big shift for specific workloads to possibly shift to Nutanix

forcing easily a 1/3 reduction in billing to VMWare.

But, we have the time and flex to work with it because we locked in rates//pricing for X years when Broadcom began sniffing out vmware.

I will say, this put a damper on possibly moving off of our Cisco MDS's as well for FC to Brocade, because apprehension.

Hi All. Good Morning. Had a question regarding multi-channel with SMB 3.0 used for the shared storage in Hyper-V. Currently we have 4x SMB shares on 4 different ONTAP nodes, accessed via LIFs local to the node.

There are currently accessed from Hyper-V cluster as below:

\\LIF_node1\SMB_share_node1
\\LIF_node2\SMB_share_node2
\\LIF_node3\SMB_share_node3
\\LIF_node4\SMB_share_node4

Should we instead use a DDNS record with the SVM name pointing to LIFs on all 4 nodes and mount as below ? Please advise...

\\SVM_name\SMB_share_node1
\\SVM_name\SMB_share_node2
\\SVM_name\SMB_share_node3
\\SVM_name\SMB_share_node4

HP has VM essentials - Runs on anything with shared storage capability
Dell has native edge

I've never heard of either of these - got any links?

https://www.hpe.com/us/en/hpe-vm-essentials.html

Thank you! :)

Native edge is very dellish
https://www.dell.com/en-us/dt/solutions/edge-computing/edge-platform.htm?gacd=9650523-1136-5761040-266691960-0&dgc=ST&SA360CID=71700000083909829&gad_source=1&gclid=CjwKCAiAiaC-BhBEEiwAjY99qExYLqnOtNrATTzFaweRRM1hRPW2OdJEEaBdeo5UiuwNvWTBq1Vo6RoCdiUQAvD_BwE&gclsrc=aw.ds#tab0=0&accordion0

Has anyone encountered a Hyper-V SMB issue like this before?

We're working with a customer and have followed the NetApp documentation meticulously. LIF migrations work as expected, and takeover processes seem fine. However, a few minutes after a giveback, the virtual machines enter a paused state and require a reboot to recover.

We've opened a case with NetApp, but I wanted to see if anyone else has experienced this issue or has any insights.

never seen that. I don't remember ever having an SVM pausing, let alone requiring a reboot/restart to serve data

The hyperv vm's on the data store enter a paused state

Hi all,
I deployed 10.3 yesterday in a site with a six-node cluster and running VMware 7.0.3.
Deployement went very smooth and adding vCenter and back-end storage as well.
Did the association.
Opened the plugin, no data present. Did the discovery twice, still no content.
Any ideas?

Proxmox 8.4 released with a new backup API as one of the new features.
https://forum.proxmox.com/threads/proxmox-ve-8-4-released.164821/

Anyone using vvols with ontap and Veeam currently? Any musings? Have an unsatisfied customer with Nimble storage using about 400 vvols and is very pained by the thought of going back to VMFS

We have absolutely no vVol customers afaik. 😬
Over 1000nodes but most are doing NFSv3, some VMFS (especially with the introduction of SM-as, and also some NVMe_oF here and there).

I've always wanted to try vVols but despite the advertised benefits it was always too complicated, too risky (because of the single VASA provider VM we had earlier) or even buggy compared to easy-peasy-NFS datastores. I think I'll give OTV another year before trying again.

Hi Martijn,

If you add the storage backends on ONTAP tools Manager UI, your intention is to share the storage array across multiple vCenter servers with SVM credential . Otherwise add the storage backend using the vCenter Plugin. Refer Global vs Local Scope of storage backends.

You should try vVol with OTV 10.x

Will try!

https://www.proxmox.com/en/about/company-details/press-releases/proxmox-virtual-environment-8-4

I also saw reports from Duncan Epping and William Lam this week that the Free ESXi has returned with an embedded non-expiring license. Looking into the details of what that entails

Did you figure this one out? Don't add the storage backend in the OTV GUi. Add it from the OTV vCenter plugin instead.

This worked, but still no data showing up

Just curious…what user are you registering with for vcenter? Is it possible the user doesn’t have the correct permissions?

Another “test”… if you have aiqum installed, use the same user to have aiqum check in with vcenter. After it scans it should at least see the VMs and if not it may be a role issue

And I’m not saying this is the issue. Just think something it could be

administrator@vsphere.local. Did not want any issues there. Use a different account later

Do you have AIQUM? Did you try scanning from there?

Wil try tomorrow

Did you create a datastore using the vCenter Plugin? Any VMs hosted on that datastore?

AIQUM works fine with the same data

No

Check the video on the following link - https://docs.netapp.com/us-en/netapp-solutions/vmware/vmw-vcf-mgmt-supplemental-fc.html#video-demo-for-this-solution

Hi, Thanks for your reply! watched the video. We do not use VCF, nor FC (NFS only). So it only works for storage created with the OTV plugin? I thought it would do some sort of inventary as well.

Yes, I know for sure, it shows the datastore created by ONTAP tools. You can inspect the SVM details including logical network interface, etc. under the storage backend.

Ok, will try to create a new datastore (NFS) tomorrow.

Hey All - it's been about... 4/5 months since any mention of SMI-S and SCVMM had happened for Hyper-V.. Nothing was publically posted from Ignite as expected.. There was mention of it being "Announced internally but not publically"... Has anything changed? I'm still not seeing anything available for download regarding new SMI-S Provider releases or updates for WUHU, SnapManager for Hyper-V, etc anywhere.. Just some toolchain around migrations (I think it's called Shift?)

Guess not?

Sorry, @boreal thunder, was traveling all last week and missed that one. Let me go check with engineering and get back to you.

@boreal thunder you might want to visit the Netapp support site today. SMI-S 5.2.7 was released

This release is not compatible with Windows Server 2012 or System Center Virtual Machine Manager (SCVMM) 2012.

•SMI-S Provider 5.2.7 supports Windows Server 2025, Windows Server 2022, Windows Server 2019, Windows Server 2016, SCVMM 2025, SCVMM 2022, SCVMM 2019 and SCVMM 2016.

TMAC beat me to it! SMI-S landed yesterday.

• Docs
• Download

For SMHV, contact your NetApp rep or VAR/Partner and we can work thru them to get something approved.

Shift toolkit is currently in Preview with an expected GA soon in Q2

Woo!

awesome been waiting for this as well

Huh - Interesting differences between this and the previous release. Can't install this on my SCVMM server anymore - requires a separate server to host just the SMI-S Provider

But otherwise, the release notes don't list any changes beyond what OS's are supported

Some wickedly old OpenSSL/Libxml2 vulns I guess

https://www.redhat.com/rhdc/managed-files/vi-state-of-virtualization-ebook-2155723OM-202505-en.pdf

https://learn.microsoft.com/en-us/system-center/vmm/supported-arrays?view=sc-vmm-2025

NetApp added to SCVMM 2025

Note: Requires ONTAP 9.15+ and SMI-S v5.2.7

This makes me excited ^_^ @little hill any chance you know or can find out why SMI-S Provider needs to be on a separate server than SCVMM now?

Hrm - guess not

lol

@little hill 🙂

Let me dig in to this and get back to ya

Anyone have any good experiences with migrating from OTV 9. 13 to OTV 10.4 using SRM, I notice documentation talks you thro migrating but not so much on the cleanup of the old 9.13 plugin etc. Interested to hear experiences.

@wraith juniper

You really only need to do the data migration if you are using vVols. If you aren't using vVols, you can just do a clean install. Let me see if I can dig up the instructions on how to rip out the old OTV.

https://kb.netapp.com/data-mgmt/OTV/VSC_Kbs/ONTAP_Tools___How_to_resolve_display_issues_with_the_vSphere_Client_when_using_OTV_9_12_and_later will give you all the information you need on removing 9.13.