Installation & Configuration
This forum is the best way to get up and running with the Nutanix platform
- 1,184 Topics
- 3,243 Replies
So you have decided to relocate your Nutanix cluster to a different data center. Here are a few things to consider and a brief overview of steps to follow for seamless transition. Caution: This information is only provided to serve as a guide to plan your move. Please engage Nutanix Support if you have any concerns or questions following this process. Before you decide to move: Consider the possibility of incorporating the existing IP address schema into the new infrastructure by reconfiguring the router and switches instead of Nutanix nodes and CVMs. If that is not possible, proceed with this guide. Before you unplug everything:Refer to these guides for the procedure.Doc 1 (CVMs) CHANGING THE CONTROLLER VM IP ADDRESSESDoc 2 (AHV hosts) CHANGING THE IP ADDRESS OF AN ACROPOLIS HOSTDoc 3 (IPMI) CHANGING AN IPMI IP ADDRESS A few things to note:1. Since the cluster is being relocated and the new network will not be able to communicate with the old network, you will need to run through so
NCC alert showed following issue and followed KB 2050 Detailed information for cvm_startup_dependency_check:Node 192.168.x.x:FAIL: Failed to open vmx fileRefer to KB 2050 (http://portal.nutanix.com/kb/2050) for details on cvm_startup_dependency_check Based on observation the datastore name used by node had pre-fix which caused the NCC alert to failsChanged NTNX-local-ds-17FM37420063-B (1) to NTNX-local-ds-17FM37420063-BThis helped to resolve the NCC alert message.
Nutanix VirtIO includes device drivers specifically used by Windows VMs hosted in the Nutanix environment to enhance their stability and performance. This concept is very similar to VMware Tools for ESXi environments.The VirtIO bundles various drivers including:Balloon Driver Ethernet Adapter RNG Device SCSI pass-through controller Serial Driver SCSI ControllerThe VirtIO package is found on the Support Portal under AHV (please select “VirtIO” from the corresponding drop-down menu).To note, the device driver versions contained within the various available Nutanix VirtIO packages may be the same if there have been no updates for the drivers between the package releases. To correlate the driver versions associated with each VirtIO package release, please reference KB 5491 in the Support Portal.Further to note, beginning with VirtIO package release version 1.1.6 all driver versions match the VirtIO package version.
Many users are unaware that network traffic can be segmented (or separated) within a Nutanix cluster for various functions or purposes. For example, backplane traffic can be separated from Management-Plane Traffic so as to allow for even greater available bandwidth for the backplane traffic. Further, as another example, DMZ related traffic could be isolated to specific host uplinks. The four primary means of network segmentation are the following:Isolating Backplane Traffic by using VLANs (Logical Segmentation) Isolating Backplane Traffic Physically (Physical Segmentation) Isolating Service-Specific Traffic Isolating Stargate-to-Stargate traffic over RDMATo note, certain means of segmentation are limited to certain hypervisor versions. For example, the segmentation of management and backplane traffic is supported across the AHV, ESX and Hyper-V (Hyper-V offering logical segmentation only) hypervisors, while service-specific segmentation is supported only by the AHV and ESX hypervisors.
Did you know that AHV hosts can be accelerated by discrete graphics hardware (similar to how home gaming systems are accelerated)? This is especially useful for environments such as Virtual Desktop Infrastructure (VDI) deployments where it is desirable to accelerate individual desktops being shared out to large user communities.The host driver for the discrete graphics hardware can be easily installed on AHV hosts via a single command as executed from just a single CVM of a Nutanix cluster (executing the command from a single CVM will install it across all of the CVMs of the cluster – no need to touch each CVM/host individually). Information regarding this single-command procedure can be found from the INSTALLING NVIDIA GRID VIRTUAL GPU MANAGER (HOST DRIVER) section of the AHV ADMINISTRATION GUIDE.Also, just to note, the host driver can be installed on hosts running an ESX hypervisor using a different procedure. That procedure can be found via the knowledge base article Install NVIDIA
When performing maintenance on a CVM, it is important to not treat it as a regular guest VM. This is because there are crucial services running on each CVM which need to gracefully respond when a CVM goes offline.If you need to shutdown a CVM and are running ESXi, you might otherwise think to simply go to vCenter, right-click on the CVM, and select the “Shut Down Guest OS” option. However, that procedure will not properly shut down the CVM and allow the services to gracefully respond.Instead, in using the cvm_shutdown script, it will first place a necessary HA route in the hypervisor, to redirect storage requests to another CVM, before shutting down the CVM. This will also allow the services to gracefully respond to the CVM being offline.More information and options regarding this script can be found in KB 3270
Executive SummaryThis document makes recommendations for designing, optimizing, and scaling Microsoft SQL Server deployments on the Nutanix enterprise cloud. Historically, it has been a challenge to virtualize SQL Server because of the high cost of traditional virtualization stacks and the impact that a SAN-based architecture can have on performance. Businesses and their IT departments have constantly fought to balance cost, operational simplicity, and consistent predictable performance.Nutanix removes many of these challenges and makes virtualizing a business-critical application such as SQL Server much easier. The Nutanix distributed storage fabric is a software-defined solution that provides all the features one typically expects in an enterprise SAN, without a SAN’s physical limitations and bottlenecks. SQL Server particularly benefits from the following storage features: Localized I/O and the use of flash for index and key database files to lower operation latency. A highly dist
There are times when working with your environment that one of the Linux guest servers will go unresponsive. Nutanix Support may ask for crash dump files from the Linux VM to further analyze the cause.One such method is to use “sysrq”. This utility found on the Linux Guest OS allows access to several essential kernel commands and allow Nutanix Support to take a more holistic approach in trying to find a root cause.NOTE: If the VM is hung/inaccessible and "sysrq" has not already been activated, you may not be able to generate a core dump with the following method. You can configure the "sysrq" when VM is up and running and wait for the future occurrence.For more information on how to activate this feature, take a look at the KB 9066 on the Support Portal
Are you someone with the following condition? Your Nutanix Cluster has grown so much that it needs to be moved to a different (bigger) network segment (VLAN). You are daunted by the amount of changes that moving a cluster to a different network space could result in. Have no fear!The procedures are documented as per the CLUSTER IP ADDRESS CONFIGURATION section of the ACROPOLIS ADVANCED ADMINISTRATION GUIDE. From a high level, the procedures involve some preliminary verifications along with securing some downtime for the cluster (as the changes need to be made while the cluster is in a “stopped” state). From there, it is simply a matter of changing the IPMI and hypervisor IP addresses followed by the execution of a script called “external_ip_reconfig” which handles the procedures for changing the IP addresses of the CVMs. Follow that up with some post verifications and your existing cluster should be successfully running on a new network segment!
While upgrading the ESXi host. Users can come to the issue of "Installing the bundle on the hypervisor" when the CVM (Controller VM) is trying to SSH into the host; or The SSH connection between the CVM and the host may break after a successful upgrade.The problem when checked from genesis.out log on Controller CVM shows unable to SSH2018-06-18 15:22:25 INFO node_manager.py:4930 Setting up key based SSH access to host hypervisor for the first time...2018-06-18 15:22:25 INFO hypervisor_ssh.py:32 Trying to access hypervisor with provided key...2018-06-18 15:22:25 INFO hypervisor_ssh.py:40 Failed.2018-06-18 15:22:25 INFO hypervisor_ssh.py:44 Trying to access hypervisor with provided password...2018-06-18 15:22:25 INFO hypervisor_ssh.py:52 Failed2018-06-18 15:22:25 ERROR node_manager.py:4935 Failed to set up key based SSH access to hypervisor, most likely because we do not have the correct password cached. Please run fix_host_ssh command manually to fix this problem.User would want to chec
Please consider the possibility of incorporating the existing IP scheme in the new infrastructure. If changing the IP address is the only option we can utilize a script to change the CVM IP address. You can use the external IP address reconfiguration script in the following scenarios: Change the IP addresses of the CVMs in the same subnet. Change the IP addresses of the CVMs to a new or different subnet.In this scenario, the external IP address reconfiguration script works successfully if the new subnet is configured with the required switches and the CVMs can communicate with each other in the new subnet. Change the IP addresses of the CVMs to a new or different subnet if you are moving the cluster to a new physical location.In this scenario, the external IP address reconfiguration script works successfully if the CVMs can still communicate with each other in the old subnet. Following is the summary of steps that you must perform to change the IP addresses on a Nutanix cluster.
There are cases where we forget the password for "nutanix" user which is used to login to Move Web GUI console. Nutanix user is a Move app user and not a user on the Move-vm. Therefore, "passwd nutanix" does not work and to reset it we need to follow the manual process mentioned in the below KB article: How to reset nutanix user password in move for Web GUI accessThe procedure mentioned in the above article is to reset the password for "nutanix" user only and not admin (cli) user. Password reset of "admin" who is a user on the move-vm would not be possible as it is the only user exposed on the move-vm. Allowing to reset the "admin" password externally would cause security violations in case of malicious actions. The only way in this case would be to re-deploy the Move appliance. The following documentation includes the step by step process of deploying a new Move VM: Move Deployment
Many users try to periodically execute the NCC health checks as a good offensive tactic against any issues that might appear within their cluster, which is a great idea! However, rather than writing that down as a reminder somewhere or simply trying to remember to do so, many do not realize that this task can be scheduled right from within Prism.The task can be configured to execute as per the following schedules: Every 4 hours Every Day Every Week When choosing the every day or week options, you are also presented options to configure the execution according to a specific time of the day and specific days of the week respectively.What happens with the results when the scheduled NCC checks are executed? An email is sent to the email recipients configured within the Alert Email Configuration settings of the cluster.For more information, including the specific procedures for configuring this feature, please refer to the Scheduling and Automatically Emailing NCC Results section of the
As companies become more security aware, third party security tools are being utilized more heavily than ever before. One such tool is a security scanner which can review open network ports within an environment and report back on certain vulnerabilities (CVEs). This includes the open ports of Nutanix specific components such as the IPMI.While it is important to keep the IPMI/BMC upgraded to the latest version so as to integrate the latest security patches, there are CVEs that will still report as failed by scanners based upon the default IPMI configuration. This is due to the virtual media port (623) and the iKVM port (5900) being opened by default.The virtual media port allows the user to open a remote session to the host console and the iKVM port allows the hosts to query information from the BMC.The specific CVEs affected by these two ports being open can be found in KB 2555. NOTE: If these features are disabled, you will be unable to query any BMC info nor able to open a remote co
There could be many reasons why an administrator would want to perform a factory reset of the IPMI/BMC module. Whatever the reason maybe, knowing the different options and its differences is important.Using ipmitool, we can perform 3 types of resets each with its own implication. Reset BMC Partial factory reset (IPMI and BMC reset but will preserve Network settings) Full factory Default reset (Potential to lose IPMI network settings)Before you execute any of these commands, note the IP_Addr, Net mask and GW IP_Addr for the IPMI. ipmitool lan printUsage note: On VMware ESXi hypervisor, place a leading "/" in front of "ipmitool", for example, "/ipmitool". The executable is located at the top-level root directory.Check out the KB-8123 for detailed instructions.
Ubuntu Cloud Images are pre-installed disk images that are customized by Ubuntu engineering to provide Ubuntu Certified Images, Openstack, LXD, and other features in public cloud environments.Due to the pre-built image and customization the OS requires specific virtual hardware such as a serial port that AHV does not include by default. When trying to boot a VM on AHV from any of the Ubuntu Cloud images, the boot process stalls after loading the Btrfs module as the hardware is not there.This can be helped by customizing the VM manually using a combination of Prism and aCLI commands or by leveraging API calls.Download Ubuntu cloud image in .img format Upload as Disk to Prism Image Services Create a new VM and attach the disk created in step 2 as Type: "Disk", Operation: "Clone from Image Service", Bus: "SCSI" and for Image select the name of the uploaded image and then click "Add" Select "Custom Script" at bottom of the window (AOS 5.10.6 and later) and in "Type Or Paste Script" paste t
Cluster creation or initialization is a process of bootstrapping the cluster by configuring the unconfigured nodes, load some node information into Zeus configuration file and start the services. Let's break it down. What is an Unconfigured node? Node which are factory shipped. Node which was removed from an existing cluster. These nodes are typically Pre-installed with CVM/HypervisorNO IPv4 address is configured But IPv6 link local address configured on eth0. This will always remain on a host. Before you begin to create a cluster with your brand-new nodes,You Must Have IPv4 Address configuration IPMI IP address Hypervisor IP address CVM IP address DNS/NTP IP address (Required while creating cluster via foundation) Hypervisor and CVM should be installed. What are the methods of Cluster initialization? Foundation: One click process for cluster creation Re-Images multiple nodes Assigns IP address on each node Manual Manual Hypervisor inst
Many users will create a Linux VM on their Nutanix AHV cluster using default installation options, then configure and install any appropriate applications or services within the VM, and then move onto other tasks. While this approach is certainly acceptable, many users are unaware that there are additional modifications that can be made to the Linux VM OS which can enhance the performance or the overall functionality of the VM.For example, there are several Linux kernel parameters which can be configured including “vm.overcommit_memory” and “vm.swappiness”. If leveraging iSCSI connectivity, there are several parameters that can be modified within the iscsid.conf file which can increase performance.Regarding disk usage, volume group striping can be employed using LVM to further increase throughput. There are further parameters that can be employed when mounting disks, and accessing disks can be assisted via a max_sector_kb parameter.You can find more information regarding these modifica
Typically, while deploying a new Windows VM on AHV, the VirtIO driver ISO needs to be mounted to allow the Windows Setup to discover the associated vDisk. Therefore, for each VM that needs to be created, 2 ISOs need to be mounted (the Windows installation ISO and VirtIO ISO).In order to simplify and expedite the deployment process, the VirIO drivers can be injected into the Windows installation ISO to create a single customized ISO.The prerequisites for this process are the following tools/files:PowerShell Windows ADK (Deployment and Imaging Tools Environment) Windows installation ISO Nutanix VirtIO driver package (It is recommended to use the latest version which can be downloaded from Support Portal) Administrative privileges on your Windows workstation.For detailed steps and screenshots regarding this process, please review KB 10290 in the Nutanix Support Portal.
Many users are unaware that there are additional (beyond what is displayed through the Prism web user-interface) configurable security-related options which can be used to increase the security settings of the controller VMs (CVMs) themselves. These options are modified using the Nutanix Command Line Interface (nCLI) of the CVMs and include some of the following items: Enablement of an Advanced Intrusion Detection Environment (AIDE) Enforcement of a strong password policy Enablement of a defense knowledge consent banner Restriction to allow only SNMP version 3 You can find more information regarding these options, including the procedures to enable/disable them, within the Hardening Controller VM section of the AOS Security Guide. Also to note, there are similar options available for Acropolis Hypervisor (AHV) hosts which are configured using the same procedures. You can find more information regarding those options within the Hardening AHV section of this same guide.
Citrix Diagnostic Facility (CDF)CDF collects and traces the messages generated by various Citrix services running on the Delivery Controller. CDF helps discover and debug the root cause and related issues. Configure and Use CDFDownload the tool in a ZIP file from: http://support.citrix.com/article/CTX111961 Extract the ZIP file and run the extracted CDFControl.exe file. Go to Tools > Options and ensure that Enable real-time viewing while capturing trace is selected. This allows you to view the real time logs while the scripts run. Go to Tools → Options → Trace File Path and set the path for log collection. Check the following modules to enable plugin specific log collection. BrokerHostingManagementBrokerHostingPluginHostServiceHCLHostServiceLogHostServiceLoggingHostSnapInMachineCreationLogMachineCreationLoggingMachineCreationServiceHCLMachineCreationSnapIn Before running the script, click Start Tracing. It will start capturing the traces while PoSH script executes.Once you encounter
With the new release of Objects (Objects) 2.2, now you can assign a quota policy to a user which enables Objects to set soft thresholds on the number of buckets created by the user within an object store.Release notes - https://portal.nutanix.com/page/documents/details/?targetId=Release-Notes-Objects-v2_2%3Av22-whats-new-r.htmlDocumented steps -https://portal.nutanix.com/page/documents/details?targetId=Objects-v2_2:v22-assign-quota-policy-t.htmlIf you want to know more about Objectshttps://portal.nutanix.com/page/documents/details?targetId=Objects-v2_0:Objects-v2_0ENABLING OBJECTS https://portal.nutanix.com/page/documents/details?targetId=Objects-v2_0:v20-enable-objects-t.html#ntask_t1y_mzc_4hb
You have the option of adding a Witness to a Metro Availability configuration (see Data Protection Guidelines (Metro Availability)). A "Witness" is a special VM that monitors the Metro Availability configuration health. The Witness resides in a separate failure domain to provide an outside view that can distinguish a site failure from a network interruption between the Metro Availability sites. The goal of the Witness is to automate failovers in case of site failures or inter-site network failures. The main functions of a Witness include: Making a failover decision in the event of a site or inter-site network failure. Avoiding a split brain condition where the same storage container is active on both sites due to (for example) a WAN failure. Handling situations where a single storage or network domain fails. Metro Availability Failure Process (no Witness)In the event of either a primary site failure (the site where the Metro storage container is currently active) or the link betwee
http://runahv.com Check in with Mission Control to get the most out of Invisible Virtualization.Mission Control is a curated set of short vidoes covering a set of topics from day 0 setup and deployment, migration from other hypervisors, and advanced management. Check it out and let us know what you think. If there’s content you’re interested in, let us know in this thread.
Nutanix AHV uses Open vSwitch(OVS) to connect to the CVM, the hypervisor and the user VMs to each other and to the physical network on each node. The CVM manages the OVS inside the AHV host. Since the OVS is an open source software switch that behaves like a layer-2 learning switch, it maintains a MAC address table. Each AHV server maintains an OVS instance, managed as a single logical switch through Prism. Bonds:When multiple uplinks are used they are added to a bond acting as a single logical interface, to which the bridge is connected. Open vSwitch (OVS) does not support bonds with single uplink and as workaround we directly connect bridge to single uplink.WARNING:Avoid the use of a single uplink configuration and do not attempt to modify a single uplink configuration using manage_ovs if the version of AOS is 5.10.x prior to 5.10.4. Warning:Updating uplinks can cause short network disconnect. It is strongly recommended performing network changes on a single node at the time after ma
Login to the community
Login with your account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.