This is the week end I move all my existing hosts to vSphere 5, to make way for some other work. Actually, I will migrate 2 of 3 hosts, while leaving one host at vSphere 4, more later on why. While Host Profiles has greatly improved, it is still not sufficient when updating and migrating nodes that use physical virtual NIC devices such as HP Flex-10. Why? Because they want to know the MAC Address when you apply the profile. This is a chicken and the egg sort of approach to Host Profiles.The Process seems simple:
- Install vSphere 5
- Join to vCenter
- Apply Host Profile
Yet it was not that simple. I found that the Host Profile was asking for a Mac Address which I did not know, nor could I discover as it was not just asking for any Mac Address but one produced by ESX for a VMware vmknic. The solution was not obvious but something easily handled.
- Using the dvSwitch Switch Editor add the hosts in by hand.
- Using the Manage Virtual Adapters Editor go to each dvSwitch and add in the appropriate vmkernel devices (I had 4)
Now I thought I was ready to apply the profile, but not yet!
- Present any Storage Devices to the new Node
- Rescan the Storage for LUNs and Datastores
- Change the name of Datastore1 to be hostname:Datastore1 to be in keeping with my naming convention
Now, apply the profile.
There were still a few errors with the profile about a missing LUN, but no LUN is actually missing. Editing the profile to remove the offending LOCAL LUN did not change the behavior. Nor can I use Host Profiles to add my local administrative user anymore.
Following along the next steps are:
- Attach a VMware Upgrade Manager Profile
- Scan for Updates
- Remediate any Updates
So how do you get 100% Host Profile Compliance? I am not sure you can. All the local drives within HP blades actually show up as remote drives, and since they are not the same across the board, the profile can never be compliant. However, the host profile can be adjusted by using the steps in VMware KB 2002488. With this change, my hosts are now compliance once more. However, what this does, is disable both the Pluggable Storage Architecture (PSA) configuration and the Path Selection Policy (PSP) Configuration for all your local and remote devices. Any PSA and PSP changes will now need to either be done by hand or scripted in some fashion.
So why not upgrade all 4 nodes to vSphere 5 at this time? Support and Licensing reasons. I still have customers using vSphere 4, and having at least one node with that level will be helpful. The other is for Licensing reasons, I would need at least two more licenses for the 4th node. But this does lead to other issues. I cannot yet upgrade to VMFS-5, VM Hardware v8, or upgrade VMware Tools yet.
Edward L. Haletky, aka Texiwill, is an author, analyst, developer, technologist, and business owner. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and TVP Strategy where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.