• Master It Which products are licensed features within the VMware vSphere suite?
• Master It Which two features of VMware ESXi and VMware vCenter Server together aim to reduce or eliminate downtime due to unplanned hardware failures?
• Solution vSphere HA and vSphere FT are designed to reduce (vSphere HA) and eliminate (vSphere FT) the downtime resulting from unplanned hardware failures.
• Recognize the interaction and dependencies between the products in the vSphere suite. VMware ESXi forms the foundation of the vSphere product suite, but some features require the presence of vCenter Server. Features like vMotion, Storage vMotion, vSphere DRS, vSphere HA, vSphere FT, SIOC, and NIOC require ESXi as well as vCenter Server.
  • Master It Name three features that are supported only when using vCenter Server along with ESXi.
  • Solution All of the following features are available only with vCenter Server: vSphere vMotion, Storage vMotion, vSphere DRS, Storage DRS, vSphere HA, vSphere FT, SIOC, and NIOC.
  • Master It Name two features that are supported without vCenter Server but with a licensed installation of ESXi.
  • Solution Features that are supported by VMware ESXi without vCenter Server include core virtualization features like virtualized networking, virtualized storage, vSphere vSMP, and resource allocation controls.
• Understand how vSphere differs from other virtualization products. VMware vSphere's hypervisor, ESXi, uses a Type 1 bare-metal hypervisor that handles I/O directly within the hypervisor. This means that a host operating system, like Windows or Linux, is not required in order for ESXi to function. Although other virtualization solutions are listed as “Type 1 bare-metal hypervisors,” most other Type 1 hypervisors on the market today require the presence of a “parent partition” or “dom0” through which all VM I/O must travel.
  • Master It One of the administrators on your team asked whether he should install the standard Red Hat Linux (RHEL) deployment on the new servers you purchased for ESXi. What should you tell him, and why?
  • Solution VMware ESXi is a bare-metal hypervisor that does not require the installation of a general-purpose host operating system. Therefore, it’s unnecessary to install Linux on the equipment that was purchased for ESXi.

• Master It You have some older servers onto which you'd like to deploy ESXi. They aren't on the Compatibility Guide. Will they work with ESXi?
• Solution They might, but they won’t be fully supported by VMware. In all likelihood, the CPUs in these older servers don’t support some of the hardware virtualization extensions or don’t support 64-bit operation, both of which would directly impact the ability of ESXi to run on that hardware. You should choose only hardware that is on the Compatibility Guide.

• Master It Name three areas of networking that must be considered in a vSphere design.
• Solution Among other things, networking areas that must be considered include VLAN support, link aggregation, network speed (1 Gbps or 10 Gbps), load-balancing algorithms, and the number of NICs and network ports required.
• Master It What are some of the different types of storage that ESXi can be installed on?
• Solution By far the most common way to boot ESXi is the Local/Direct attached disks, but also supported are USB / SD storage, an isolated SAN boot LUN, and using iSCSI.

• Master It Your manager asks you to provide a copy of the unattended installation script that you will be using when you roll out ESXi using vSphere Auto Deploy. Is this something you can give?
• Solution No. When using vSphere Auto Deploy, there is no installation script. The vSphere Auto Deploy server streams an ESXi image to the physical host as it boots up. Redeployment of an ESXi host with vSphere Auto Deploy can be as simple as a reboot.
• Master It Name two advantages and two disadvantages of using vSphere Auto Deploy to provision ESXi hosts.
• Solution Some advantages include fast provisioning, fast reprovisioning, and the ability to quickly incorporate new ESXi images or updates into the provisioning process. Some disadvantages include additional complexity and dependency on additional infrastructure.

• Master It You've installed ESXi on your server, but the welcome web page is inaccessible, and the server doesn't respond to a ping. What could be the problem?
• Solution More than likely, the wrong NIC was selected for use with the management network or the incorrect VLAN was selected. You’ll need to use the Direct Console User Interface (DCUI) directly at the physical console of the ESXi host in order to reconfigure the management network and restore network connectivity.

• Master It Can you use the VMware installable vSphere client to manage your new ESXi 6.7 hosts?
• Solution No. vSphere 6.7 can not be managed by the legacy installable vSphere clients.

vCenter Server plays a central role in the management of ESXi hosts and VMs. Key features such as vMotion, Storage vMotion, vSphere DRS, vSphere HA, and vSphere FT are all enabled and made possible by vCenter Server. vCenter Server provides scalable authentication and role-based administration based on integration with Active Directory.

• Master It Specifically with regard to authentication, what are three key advantages of using vCenter Server?
• Solution First, vCenter Server centralizes the authentication so that user accounts don’t have to be managed on a per-host basis. Second, vCenter Server eliminates the need to share the root password for hosts or to use complex configurations to allow administrators to perform tasks on the hosts. Third, vCenter Server brings role-based administration for the granular management of hosts and VMs while also providing additional roles above and beyond what stand-alone ESXi offers.

• Master It What are some of the advantages and disadvantages of running vCenter Server as a VM?
• Solution Some of the advantages include the ability to easily clone the VM for backup or disaster-recovery purposes, the ability to take snapshots to protect against data loss or data corruption, and the ability to leverage features such as vMotion or Storage vMotion. Some of the disadvantages include the inability to cold-clone the vCenter Server VM, cold-migrate the vCenter Server VM (because vCenter needs to be online to clone or migrate VMs), or edit the virtual hardware of the vCenter Server VM. It can also add additional recovery complexity if an outage occurs on the infrastructure running the vCenter Server VM.
• Master It What are some of the advantages of using the vCenter Server virtual appliance?
• Solution Some of the advantages are a potentially much easier deployment (just use the vCenter Deploment Tool and perform post-deployment configuration instead of installing Windows Server, installing prerequisites, and finally, installing vCenter Server), more services available with a single deployment, and no Windows Server licensing requirements.

• Master It Why is it important to protect the database engine used to support vCenter Server?
• Solution Although vCenter Server uses Microsoft Active Directory for authentication, the majority of the information managed by vCenter Server is stored in the backend database. The loss of the backend database would mean the loss of significant amounts of data that are crucial to the operation of vCenter Server. Organizations should take adequate steps to protect the backend database accordingly.

• Master It After installing vCenter 6.7 and all the appropriate components, you cannot log into the vCenter Server Web Client with your local credentials and gain access to vCenter. What could be missing from the configuration of SSO?
• Solution When configuring SSO, you have the ability to link it to an external directory service such as Active Directory. The other option is to manually configure local accounts within SSO itself. These are local to SSO, not local to the server that SSO is installed on.

• Master It When preparing to install multiple vCenter Servers, are there any concerns about using a single Platform Services Controller versus multiple? Can this be handled later?
• Solution When installing vCenter on Windows, the account just needs administrative permissions on the computer where vCenter Server is being installed. In previous versions, if you were using Microsoft SQL Server with Windows authentication, you had to log on to the computer that was going to run vCenter Server by using the account previously configured with the appropriate permissions on the SQL server and the SQL database. This is because the earlier versions of the vCenter Server Installer did not provide the ability to choose which account to use; it used the currently logged-on account. This is no longer the case for vCenter Server 5.0 and above.

• Master It Your department just merged vSphere environments with another department, and your manager has asked for you to find a way of easily tracking both departments' virtual machines. How would you go about accomplishing that task?
• Solution Provided you have vCenter Server configured with the appropriate tags and categories, a simple search on his requirements should provide enough information for your manager.

• Master It Your manager has asked you why the vCenter Server recently came back on an audit report saying that SSH is enabled. What section in vCenter Server's VAMI will help you in this task?
• Solution The VAMI Access menu has controls to enable or disable SSH logins, the DCUI, the Console CLI, and the Bash Shell.
• Master It You recently added a few more Active Directory domain controllers within your environment after a recent refresh and configured them to replace your older time server. How can you update the NTP servers on your vCenter Servers and Platform Services Controllers?
• Solution The PSC and vCenter VAMI interfaces can be used to configure NTP settings under the Time menu.

• Master It In addition to ensuring that all your ESXi hosts have the latest critical and security patches installed, you need to ensure that all your ESXi hosts have another specific patch installed. This additional patch is noncritical and therefore doesn't get included in the critical patch dynamic baseline. How do you work around this problem?
• Solution Create a baseline group that combines the critical patch dynamic baseline with a fixed baseline that contains the additional patch you want installed on all ESX/ESXi hosts. Attach the baseline group to all your ESX/ESXi hosts. When you perform remediation, VUM will ensure that all the critical patches in the dynamic baseline plus the additional patch in the fixed baseline are applied to the hosts.

• Master It You've just finished upgrading your virtual infrastructure to VMware vSphere. What two additional tasks should you complete?
• Solution Upgrade VMware Tools in the guest OSs and then upgrade the virtual machine hardware to version 14.

• Master It How can you avoid VM downtime when applying patches (for example, remediating) to your ESXi hosts?
• Solution VUM automatically leverages advanced VMware vSphere features like Distributed Resource Scheduler (DRS). If you make sure that your ESX/ESXi hosts are in a fully automated DRS cluster, VUM will leverage vMotion and DRS to move VMs to other ESX/ESXi hosts, avoiding downtime to patch the hosts.

• Master It Which VUM functionality can simplify the process of upgrading vSphere across a large number of hosts and their VMs?
• Solution VUM can take care of these interactions in an automated fashion with what is known as an orchestrated upgrade. An orchestrated upgrade combines several baseline groups that include updates for the hosts and subsequent updates for the VMs’ hardware and VMware Tools. Virtual appliance upgrade baselines can also be included. When combined with fully automated DRS clusters and sufficient redundant capacity, potentially an entire vCenter’s host inventory can be upgraded in one orchestrated task.

• Master It Without using VUM, how else can you upgrade an existing host?
• Solution You can grab the CD install media and run an interactive upgrade on the host. You can also use the inherent command-line tool on the hosts’ themselves: esxcli software vib update (see VMware Knowledge Base article 2008939 for full details) or esxcli software vib install to patch them with individual VIBs.

• Master It You have just started a new job as the vSphere administrator at a company. The company hasn't previously centralized the hosts' core dumps and you decide you want to collect them, and so you want to setup the ESXi Dump Collector tool. How do you go about setting this up on the company's vCSA instance?
• Solution The Syslog Collector and ESXi Dump Collector are already included in vCSA and enabled by default. You should log into the vCSA console and check that the services are running. Also, ensure you adjust the core dump’s repository so it’s large enough for their environment.

• Master It What factors contribute to the design of a virtual network and the components involved?
• Solution Many factors contribute to a virtual network design: the number of physical network adapters in each ESXi host, using vSphere Standard Switches versus vSphere Distributed Switches, the presence or use of VLANs in the environment, the existing network topology, requirements for the support of LACP or port mirroring, and the connectivity needs of the VMs in the environment are all factors that will play a role in the final network design. These are some common questions to ask while designing the network:
  • Do you have or need a dedicated network for management traffic, such as for the management of physical switches?
  • Do you have or need a dedicated network for vMotion traffic?
  • Are you using 1 Gb Ethernet or 10 Gb Ethernet?
  • Do you have an IP storage network? Is this IP storage network a dedicated network? Are you running iSCSI or NAS/NFS?
  • Do you need extremely high levels of fault tolerance for VMs?
  • Is the existing physical network composed of VLANs?Do you want to extend the use of VLANs into the virtual switches?

• Master It You've asked a fellow vSphere administrator to create a vSphere Distributed Switch for you, but the administrator can't complete the task because he can't find out how to do this with an ESXi host selected in the vSphere Client. What should you tell this administrator?
• Solution vSphere Distributed Switches aren’t created on a per–ESXi host basis but instead span multiple ESXi hosts at the same time. This is what enables the centralized configuration and management of distributed port groups. Tell the administrator to navigate to the Distributed Switches area of the vSphere Client to create a new vSphere Distributed Switch.

• Master It You'd like to use NIC teaming to make the best use of physical uplinks for both greater redundancy and improved throughput, even under network contention. Which load-balancing policy on the distributed switch should you use?
• Solution Route Based on Physical NIC load ensures that the physical uplinks are utilized efficiently under contention.
• Master It How do you configure both a vSphere Standard Switch and a vSphere Distributed Switch to pass VLAN tags all the way up to a guest OS?
• Solution On a vSphere Standard Switch, you configure Virtual Guest Tagging (VGT, the name of this particular configuration) by setting the VLAN ID for the VM’s port group to 4095.

• Master It You have a networking application that needs to see traffic on the virtual network that is intended for other production systems on the same VLAN. The networking application accomplishes this by using Promiscuous mode. How can you accommodate the needs of this networking application without sacrificing the security of the entire virtual switch?
• Solution Because port groups (or distributed port groups) can override the security policy settings for a virtual switch, and because there can be multiple port groups/distributed port groups that correspond to a VLAN, the best solution involves creating another port group that has all the same settings as the other production port group, including the same VLAN ID. This new port group should allow Promiscuous mode. Assign the VM with the networking application to this new port group, but leave the remainder of the VMs on a port group that rejects Promiscuous mode. This allows the networking application to see the traffic it needs to see without overly compromising the security of the entire virtual switch.
• Master It Another vSphere administrator on your team is trying to configure the security policies on a distributed switch but is having some difficulty. What could be the problem?
• Solution On a vSphere Distributed Switch, all security policies are set at the distributed port group level, not at the distributed switch level. Tell the administrator to modify the properties of the distributed port group(s), not the distributed switch itself. She can also use the Manage Distributed Port Groups command on the Actions menu in the vSphere Client to perform the same task on multiple distributed port groups at the same time.

• Master It Identify examples where each of the protocol choices would be ideal for different vSphere deployments.
• Solution iSCSI would be a good choice for a customer with no existing Fibre Channel SAN and getting started with vSphere. Fibre Channel would be a good choice for a customer with an existing Fibre Channel infrastructure or for those that have VMs with high-bandwidth (200 MBps+) requirements (not in aggregate but individually). NFS would be a good choice where there are many VMs with a low-bandwidth requirement individually (and in aggregate) that is less than a single link’s worth of bandwidth.
• Master It Identify the three storage performance parameters and the primary determinant of storage performance and how to quickly estimate it for a given storage configuration.
• Solution The three factors to consider are bandwidth (MBps), throughput (IOPS), and latency (ms). The maximum bandwidth for a single datastore (or RDM) for Fibre Channel is the HBA speed times the number of HBAs in the system (check the fan-in ratio and number of Fibre Channel ports on the array). The maximum bandwidth for a single datastore (or RDM) for iSCSI is the NIC speed times the number of NICs in the system, up to about 9 Gbps (check the fan-in ratio and number of Ethernet ports on the array). The maximum bandwidth for a single NFS datastore for NFS is the NIC link speed (across multiple datastores, the bandwidth can be balanced across multiple NICs). In all cases, the throughput (IOPS) is primarily a function of the number of spindles (assuming no cache benefit and no RAID loss). A quick rule of thumb is that the total number of IOPS = IOPS × the number of that type of spindle. Latency is in milliseconds, though it can get to tens of milliseconds in cases where the storage array is overtaxed.

• Master It Characterize use cases for vSAN, VMFS datastores, NFS datastores, and RDMs.
• Solution vSAN, VMFS and NFS datastores are shared-container models; they store virtual disks together. VMFS is governed by the block storage stack, and NFS is governed by the network stack. NFS is generally (without use of 10 GbE LANs) best suited to large numbers of low bandwidth (any throughput) VMs. VMFS is suited for a wide range of workloads. RDMs should be used sparingly for cases where the guest must have direct access to a single LUN.
• Master It If you're using VMFS and there's one performance metric to track, what would it be? Configure a monitor for that metric.
• Solution The metric to measure is queue depth. Use esxtop or the Web Client Performance Charts to monitor. The datastore-availability or used-capacity managed datastore alerts are good nonperformance metrics to use.

• Master It What would best identify an oversubscribed VMFS datastore from a performance standpoint? How would you identify the issue? What is it most likely to be? What would be two possible corrective actions you could take?
• Solution An oversubscribed VMFS datastore is best identified by evaluating the queue depth and would manifest as slow VMs. The best way to track this is with ESXTOP, using the QUED (the Queue Depth column). If the queue is full, take any or all of these courses of action: make the queue deeper and increase the Disk.SchedNumReqOutstanding advanced parameter to match; vacate VMs (using Storage vMotion); or add more spindles to the LUN so that it can fulfill the requests more rapidly or move to a faster spindle type.
• Master It A VMFS volume is filling up. What are three possible nondisruptive corrective actions you could take?
• Solution The actions you could take are as follows:
  • Use Storage vMotion to migrate some VMs to another datastore.
  • Grow the backing LUN, and grow the VMFS volume.
  • Add another backing LUN, and add another VMFS extent.
• Master It What would best identify an oversubscribed NFS volume from a performance standpoint? How would you identify the issue? What is it most likely to be? What are two possible corrective actions you could take?
• Solution The workload in the datastore is reaching the maximum bandwidth of a single link. The easiest way to identify the issue would be using the vCenter performance charts and examining the VMkernel NIC’s utilization. If it is at 100 percent, the only options are to upgrade to 10 GbE or to add another NFS datastore, add another VMkernel NIC, follow the load-balancing and high-availability decision tree to determine whether NIC teaming or IP routing would work best, and finally, use Storage vMotion to migrate some VMs to another datastore (remember that the NIC teaming/IP routing works for multiple datastores, not for a single datastore). Remember that using Storage vMotion adds additional work to an already busy datastore, so consider scheduling it during a low I/O period, even though it can be done live.

• Master It Without turning the machine off, convert the virtual disks on a VMFS volume from thin to thick (eager zeroed thick) and back to thin.
• Solution Use Storage vMotion and select the target disk format during the Storage vMotion process.
• Master It Identify where you would use a physical compatibility mode RDM and configure that use case.
• Solution One use case would be a Microsoft Windows cluster. You should download the VMware Microsoft clustering guide and follow that use case. Other valid answers are a case where virtual-to-physical mobility of the LUNs is required or one where a Solutions Enabler VM is needed.

• Master It Quickly estimate the minimum usable capacity needed for 200 VMs with an average VM size of 40 GB. Make some assumptions about vSphere snapshots. What would be the raw capacity needed in the array if you used RAID 10? RAID 5 (4+1)? RAID 6 (10+2)? What would you do to nondisruptively cope if you ran out of capacity?
• Solution Using rule-of-thumb math, 200 × 40 GB = 8 TB × 25 percent extra space (snapshots, other VMware files) = 10 TB. Using RAID 10, you would need at least 20 TB raw. Using RAID 5 (4+1), you would need 12.5 TB. Using RAID 6 (10+2), you would need 12 TB. If you ran out of capacity, you could add capacity to your array and then add datastores and use Storage vMotion. If your array supports dynamic growth of LUNs, you could grow the VMFS or NFS datastores, and if it doesn’t, you could add more VMFS extents.
• Master It Using the configurations in the previous question, what would the minimum amount of raw capacity need to be if the VMs are actually only 20 GB of data in each VM, even though they are provisioning 40 GB and you used thick on an array that didn't support thin provisioning? What if the array did support thin provisioning? What if you used Storage vMotion to convert from thick to thin (both in the case where the array supports thin provisioning and, in the case where it doesn't)?
• Solution If you use thick virtual disks on an array that doesn’t support thin provisioning, the answers are the same as for the previous question. If you use an array that does support thin provisioning, the answers are cut down by 50 percent: 20 TB for RAID 10, 6.25 TB for RAID 5 (4+1), and 6 TB for RAID 6 (10+2). If you use Storage vMotion to convert to thin on the array that doesn’t support thin provisioning, the result is the same, just as it is if you do thin on thin.
• Master It Estimate the number of spindles needed for 100 VMs that drive 200 IOPS each and are 40 GB in size. Assume no RAID loss or cache gain. How many if you use 500 GB SATA 7200 RPM? 300 GB 10K Fibre Channel/SAS? 300 GB 15K Fibre Channel/SAS? 160 GB consumer-grade SSD? 200 GB enterprise flash?
• Solution This exercise highlights the foolishness of looking just at capacity in the server use case. 100 × 40 GB = 4 TB usable × 200 IOPS = 20,000 IOPS. With 500 GB 7200 RPM, that’s 250 drives, which have 125 TB raw (non-optimal). With 300 GB 10K RPM, that’s 167 drives, which have 50 TB raw (non-optimal). With 15K RPM, that’s 111 drives with 16 TB raw (getting closer). With consumer-grade SSD, that’s 20 spindles and 3.2 TB raw (too little). With EFD, that’s 4 spindles and 800 GB raw (too little). The moral of the story is that the 15K RPM 146 GB drive is the sweet spot for this workload. Note that the extra space can’t be used unless you can find a workload that doesn’t need any performance at all; the spindles are working as hard as they can. Also note that the 4 TB requirement was usable, and I was calculating the raw storage capacity. Therefore, in this case, RAID 5, RAID 6, and RAID 10 would all have extra usable capacity in the end. It’s unusual to have all VMs with a common workload, and 200 IOPS (as an average) is relatively high. This exercise also shows why it’s efficient to have several tiers and several datastores for different classes of VMs (put some on SATA, some on Fibre Channel, some on EFD or SSD)—because you can be more efficient.

• Master It Specifically with regard to Windows clustering in a virtual environment, what are three different types of cluster configurations that you can have?
• Solution The first is a cluster in a box, which is mainly used for testing or in a development environment where both nodes of a Windows cluster run on the same ESXi host. The second is the cluster across boxes, which is the most common form of clustering in a virtual environment. In this configuration, you can use Windows clustering on VMs that are running on different physical hosts. The third is the physical-to-virtual configuration, where you have the best of both the physical and virtual worlds by having a Windows clustering node on both a physical server and a virtual server.
• Master It What is the key difference between NLB clusters and Windows failover clusters?
• Solution Network load balancing (NLB) clusters are used primarily for scaling performance. Windows failover clusters are primarily used for high availability and redundancy.

• Master It What are the two types of high-availability options that VMware provides in vSphere, and how are they different?
• Solution VMware provides two forms of high availability in vSphere. vSphere HA provides a form of high availability by giving you the ability to restart any VMs that were running on a host that crashes. vSphere SMP Fault Tolerance (FT) uses Checkpoint technology to send the result of processed inputs to a secondary VM on another host in the cluster. Failover from the primary VM to the secondary VM is without any downtime. vSphere HA restarts the VM in the event of failure; vSphere SMP-FT does not need to restart the VM because the secondary VM is kept in sync with the primary and can take over immediately in the event of a failure.

• Master It Name one advantage of a hypervisor-based high-availability solution over an OS-level solution.
• Solution Because a hypervisor-based solution would operate beneath the guest OS level, it would operate independently of the guest OS and could therefore potentially support any number of different guest OSs. Depending on the implementation, hypervisor-based solutions might be simpler than OS-level solutions. For example, vSphere HA is generally less complex and easier to set up or configure than Windows failover clustering.

• Master It What are three methods to replicate your data to a secondary location, and what is the golden rule for any continuity plan?
• Solution First, you have the backup and restore method from tape. It is a best practice to keep backup tapes off site and, when they are needed after a disaster, have them shipped to the secondary site. Second, you can replicate your data by using replication at the SAN level. This gives you the ability to replicate data over both short and long distances. Third, you can use a disk-to-disk backup appliance, such as vSphere Replication, that also offers offsite replication to another location. This method offers shorter backup windows as well as the benefits of offsite backups. Finally, the golden rule for any successful continuity design is to test, test, and test again.

• Master It You've asked an administrator on your team to create some accounts on an ESXi host. The administrator is uncomfortable with the command line and is having a problem figuring out how to create the users. Is there another way for this administrator to perform this task?

• Master It Describe the differences between a role, a privilege, and a permission in the ESXi/vCenter Server security model.
• Solution A role is a combination of privileges; a role is assigned to a user or group. Privileges are specific actions (like power on a VM, power off a VM, configure a VM’s CD/DVD drive, and take a snapshot) that a role is allowed to perform. You combine privileges into a role. Permissions are created when you assign a role (with its associated privileges) to an inventory object within ESXi or vCenter Server.

• Master It Describe how you can use the ESXi firewall to limit traffic to a specific source IP address.
• Solution In the Firewall Properties dialog box, click the Firewall button and specify a source IP address or source IP subnet.

• Master It You've just installed a new ESXi host into your vSphere environment and you are trying to configure the host to enable integration with your Active Directory environment. For some reason, though, it doesn't seem to work. What could be the problem?
• Solution A couple different issues could be at work here. First, the ESXi host needs to be able to resolve the domain name of the Active Directory domain via DNS. The ESXi host also needs to be able to locate the Active Directory domain controllers via DNS. This usually involves configuring the ESXi host to use the same DNS servers as the domain controllers. Second, there could be network connectivity issues; verify that the ESXi host has connectivity to the Active Directory domain controllers. If there are any firewalls between the ESXi host and the domain controllers, verify that the correct ports are open between the ESXi host and the domain controllers.

• Master It You've been tasked by your boss with deploying vTPM2.0 devices to all of your Windows 10 workloads for the upcoming updates being pushed from Microsoft. What prerequisites do you need to have in place before you can start adding these devices to your workloads?
• Solution The following must be configured before adding vTMP2.0
  • A Key Management Server (KMS) must be configured.
  • Each VM must be turned off to add vTPM2.0.
  • The ESXi hosts running in your environment must be ESXi 6.7 or later.
  • The virtual machine must use EFI firmware.

• Master It Create two VMs, one intended to run Windows Server 2012 and a second intended to run SLES 11 (64-bit). Make a list of the differences in the configuration that are suggested by the Create New Virtual Machine Wizard.
• Solution vCenter Server suggests 1 GB of RAM, an LSI Logic parallel SCSI controller, and a 16 GB virtual disk for 64-bit SLES 11; for Windows Server 2012, the recommendations are 4 GB of RAM, an LSI Logic SAS controller, and a 40 GB virtual disk.

• Master It What are the three ways in which a guest OS can access data on a CD/DVD, and what are the advantages of each approach?
• Solution The three ways to access a CD/DVD are as follows:
  • Client device: This has the advantage of being very easy to use; VMware administrators can put a CD/DVD into their local workstation and map it into the VM.
  • Host device: The CD/DVD is physically placed into the optical drive of the ESXi host. This keeps the CD/DVD traffic off the network, which may be advantageous in some situations.
  • An ISO image on a shared library/datastore: This is the fastest method and has the advantage of being able to have multiple VMs access the same ISO image at the same time. A bit more work may be required up front to create the ISO image.
• Install VMware Tools. For maximum performance of the guest OS, it needs to have virtualization-optimized drivers that are specially written for and designed to work with the ESXi hypervisor. VMware Tools provides these optimized drivers as well as other utilities focused on better operation in virtual environments.
  • Master It A fellow administrator contacts you and is having a problem installing VMware Tools. This administrator has selected the Install/Upgrade VMware Tools command, but nothing seems to be happening inside the VM. What could be the cause of the problem?
  • Solution There could be any number of potential issues. First, a guest OS must be installed before VMware Tools can be installed. Second, if the VM is running Windows, AutoPlay may have been disabled. Finally, it’s possible—although unlikely—that the source ISO images for VMware Tools installation have been damaged or deleted and need to be replaced on the host.
• Manage virtual machines. Once a VM has been created, the vSphere Client makes it easy to manage. Virtual floppy images and CD/DVD drives can be mounted or unmounted as necessary. vSphere provides support for initiating an orderly shutdown of the guest OS in a VM, although this requires that VMware Tools be installed. VM snapshots allow you to take a point-in-time “picture” of a VM so that administrators can roll back changes if needed.
  • Master It What is the difference between the Shut Down Guest command and the Power Off command?
  • Solution The Shut Down Guest command uses VMware Tools to initiate an orderly shutdown of the guest OS. This ensures that the guest OS file system is consistent and that applications running in the guest OS are properly terminated. The Power Off command simply “yanks” the power from the VM, much like pulling the power cord out of the back of a physical system.
• Modify virtual machines. vSphere offers a number of features to make it easy to modify VMs after they have been created. Administrators can hot-add certain types of hardware, like virtual hard disks and network adapters, and some guest OSs also support hot-adding virtual CPUs or memory, although this feature must be enabled first.
  • Master It Which method is preferred for modifying the configuration of a VM: editing the VMX file or using the vSphere Client?
  • Solution Although it is possible to edit the VMX file to make changes, that method is error prone and is not recommended. Using the vSphere Client is the recommended method.
  • Master It Name the types of hardware that cannot be added while a VM is running.
  • Solution The following types of virtual hardware cannot be added while a VM is running: serial port, parallel port, floppy drive, CD/DVD drive, vTMP, and PCI device.

• Master It Where and when can customization specifications be created in the vSphere Client?
• Solution You can create customization specifications using the Customization Specification Manager, available from the vSphere Client home screen. You can also create customization specifications while cloning VMs or deploying from templates by supplying answers to the Guest Customization Wizard and saving those answers as a customization specification.
• Master It A fellow administrator comes to you and wants you to help streamline the process of deploying Solaris x86 VMs in your VMware vSphere environment. What do you tell him?
• Solution You can use cloning inside vCenter Server to help clone VMs that are running Solaris x86, and that will help speed up the process of deploying new VMs. However, the Solaris administrator(s) will be responsible for customizing the configuration of the cloned VMs because vCenter Server is unable to customize a Solaris guest OS installation as part of the cloning process.

• Master It Of the following tasks, which are appropriate to be performed on a VM running Windows Server 2016 that will eventually be turned into a template?
  1. Align the guest OS's file system to a 64 KB boundary.
  2. Join the VM to Active Directory.
  3. Perform some application-specific configurations and tweaks.
  4. Install all patches from the operating system vendor.
• Solution The answers are as follows:
  1. Yes. This is an appropriate task but unnecessary because Windows Server 2016 installs already aligned to a 64 KB boundary. Ensuring alignment ensures that all VMs then cloned from this template will also have their file systems properly aligned.
  2. No. This should be done by the vSphere Client Guest Customization Wizard or a customization specification.
  3. No. Templates shouldn’t have any application-specific files, tweaks, or configurations unless you are planning on creating multiple application-specific templates.
  4. Yes. This helps reduce the amount of patching and updating required on any VMs cloned from this template.

• Master It Another VMware vSphere administrator in your environment starts the wizard for deploying a new VM from a template. She has a customization specification she'd like to use, but there is one setting in the specification she wants to change. Does she have to create an all-new customization specification?
• Solution No. She can select the customization specification she wants to use and then select Use The Customization Wizard To Customize This Specification to supply the alternate values she wants to use for this particular VM deployment. She also has the option of cloning the existing customization specification and then changing the one setting within this new clone. This can be a useful option if these alternate parameters will be used on other clones or templates in the future.

• Master It A vendor has given you a zip file that contains a VM they are calling a virtual appliance. Upon looking inside the zip file, you see several VMDK files and a VMX file. Will you be able to use vCenter Server's Deploy OVF Template functionality to import this VM? If not, how can you get this VM into your infrastructure?
• Solution You will not be able to use vCenter Server’s Deploy OVF Template feature; this requires that the virtual appliance be provided with an OVF file that supplies the information that vCenter Server is expecting to find. However, you can use vCenter Converter to perform a V2V conversion to bring this VM into the VMware vSphere environment, assuming it is coming from a compatible source environment.

• Master It You are preparing to export a VM to an OVF template. You want to ensure that the OVF template is easy to transport via a USB key or portable hard drive. Which format is most appropriate, OVF or OVA? Why?
• Solution The OVA format is probably a better option here. OVA distributes the entire OVF template as a single file, making it easy to copy to a USB key or portable hard drive for transport. Using OVF would mean keeping several files together instead of working with only a single file.

• Master It List the file types that cannot be added to Content Libraries for synchronization.
• Solution Any file type can be uploaded to a Content Library. All files will be synchronized as configured without changes. VM templates not in OVF format will be converted to OVF format as they are being uploaded, however.

• Master It Name two ways to add VMs to a vApp.
• Solution There are four ways to add VMs to a vApp: create a new VM in the vApp, clone an existing VM into a new VM in the vApp, deploy a VM into the vApp from a template, and drag and drop an existing VM into the vApp.

• Master It To guarantee levels of performance, your IT Director believes that all VMs must be configured with at least 8 GB of memory. However, you know that many of your applications rarely use this much memory. What might be an acceptable compromise to help ensure performance?
• Solution One way would be to configure the VMs with 8 GB of RAM and specify a reservation of only 2 GB. VMware ESXi will guarantee that every VM will get 2 GB of RAM, including preventing additional VMs from being powered on if there isn’t enough RAM to guarantee 2 GB of RAM to that new VM. However, RAM greater than 2 GB is not guaranteed and, if it is not being used, will be reclaimed by the host for use elsewhere. If plenty of memory is available to the host, the ESXi host will grant what is requested; otherwise, it will arbitrate the allocation of that memory according to the share values of the VMs.
• Master It You are configuring a new large-scale virtual desktop infrastructure environment, but you are worried that the cluster hosts will not have enough memory to handle the expected load. Which advanced memory management technique will ensure that your virtual desktops have enough memory without having to use the swap file?
• Solution Transparent page sharing (TPS) ensures that if you have multiple VMs with the same blocks of memory, you allocate it only once. This can almost be thought of as “de-duplication for RAM.” Within virtual desktop environments, many VMs are run as “clones” with their operating system and applications all identical—a perfect case for TPS to take advantage of.

• Master It A fellow vSphere administrator is concerned about the use of CPU reservations. She is worried that using CPU reservations will “strand” CPU resources, preventing those reserved but unused resources from being used by other VMs. Are the concerns of the administrator well founded?
• Solution For CPU reservations, no. Although it is true that VMware must have enough unreserved CPU capacity to satisfy a CPU reservation when a VM is powered on, reserved CPU capacity is not “locked” to a VM. If a VM has reserved but unused capacity, that capacity can and will be used by other VMs on the same host. The other administrator’s concerns could be valid, however, for memory reservations.

• Master It Your organization runs both development workloads and production workloads on the same hardware. How can you help ensure that development workloads do not consume too many resources and impact the performance of production workloads?
• Solution Create a resource pool and place all the test/development VMs in that resource pool. Configure the resource pool to have a CPU limit and a lower CPU shares value. This ensures that the test/development VMs will never consume more CPU time than specified in the limit and that, in times of CPU contention, the test/development environment will have a lower priority on the CPU than production workloads.

• Master It Name two limitations of Network I/O Control.
• Solution Network I/O Control works only with vSphere Distributed Switches and it requires vCenter Server in order to operate. Another limitation is that system network resource pools cannot be assigned to user-created port groups.
• Master It What are the requirements for using Storage I/O Control?
• Solution All datastores and ESXi hosts that will participate in Storage I/O Control must be managed by the same vCenter Server instance. In addition, raw device mappings (RDMs) are not supported. Datastores must have only a single extent; datastores with multiple extents are not supported.

• Master It A vendor has just released a series of patches for some of the guest OSs in your virtualized infrastructure. You request an outage window from your supervisor, but your supervisor says to just use vMotion to prevent downtime. Is your supervisor correct? Why or why not?
• Solution Your supervisor is incorrect. vMotion can be used to move running VMs from one physical host to another, but it does not address outages within a guest OS because of reboots or other malfunctions. If you had been requesting an outage window to apply updates to the host, the supervisor would have been correct—you could use vMotion to move all the VMs to other hosts within the environment and then patch the first host. There would be no end-user downtime in that situation.
• Master It Is vMotion a solution to prevent unplanned downtime?
• Solution No. vMotion is a solution to address planned downtime of the ESXi hosts on which VMs are running, as well as to manually load-balance CPU and memory utilization across multiple ESXi hosts. Both the source and destination ESXi hosts must be up and running and accessible across the network in order for vMotion to succeed.

• Master It Can you change the EVC level for a cluster while there are VMs running on hosts in the cluster?
• Solution No, you cannot. Changing the EVC level means that you must calculate and apply new CPU masks. CPU masks can be applied only when VMs are powered off, so you can’t change the EVC level on a cluster when there are powered-on VMs in that cluster.

• Master It Name two features of Storage vMotion that would help you cope with storage-related changes in your vSphere environment.
• Solution You can use Storage vMotion to facilitate no-downtime storage migrations from one storage array to a new storage array, greatly simplifying the migration process. Storage vMotion can also migrate between different types of storage (FC to NFS, iSCSI to FC or FCoE), which helps you cope with changes in how the ESXi hosts access the storage. Finally, Storage vMotion allows you to convert VMDKs between thick and thin, to give you the flexibility to use whichever VMDK format is most effective for you.

• Master It A fellow administrator is trying to migrate a VM to a different datastore and a different host while it is running and wishes to complete the task as quickly and as simply as possible. Which migration option should she choose?
• Solution Storage vMotion, like vMotion, can operate while a VM is running. However, choosing to perform both migrations together will not only allow the VM to stay powered on, it also turns what is regularly a two-step process into a single step.

• Master It You want to take advantage of DRS to provide some load balancing of virtual workloads within your environment. However, because of business constraints, you have a few workloads that should not be automatically moved to other hosts using vMotion. Can you use DRS? If so, how can you prevent these specific workloads from being affected by DRS?
• Solution Yes, you can use DRS. Enable DRS on the cluster, and set the DRS automation level appropriately. For those VMs that should not be automatically migrated by DRS, configure a VM Override set to Manual. This will allow DRS to make recommendations on migrations for these workloads but it will not actually perform the migrations.

• Master It Name the two ways in which an administrator is notified that an SDRS recommendation has been generated.
• Solution On the Storage DRS tab of a datastore cluster, the recommendation(s) will be listed with an option to apply the recommendations. In addition, on the Alarms tab of the datastore cluster, an alarm will be triggered to indicate that a Storage DRS recommendation exists.
• Master It What is a potential disadvantage of using drag-and-drop to add a datastore to a datastore cluster?
• Solution When you use drag-and-drop to add a datastore to a datastore cluster, the user is not notified if the datastore isn’t accessible to all the hosts that are currently connected to the datastore cluster. This introduces the possibility that one or more ESXi hosts could be “stranded” from a VM’s virtual disks if Storage DRS migrates them onto a datastore that is not accessible from that host.

• Master It What are the questions you should ask before creating a custom alarm?
• Solution You should ask yourself several questions before you create a custom alarm:
  • Does an existing alarm meet my needs?
  • What is the proper scope for this alarm? Do I need to create it at the datacenter level so that it affects all objects of a particular type within the datacenter or at some lower point?
  • What are the values this alarm needs to use?
  • What actions, if any, should this alarm take when it is triggered? Does it need to send an email or trigger an SNMP trap?

• Master It You find yourself using the Chart Options link in the Advanced layout of the Performance tab to set up the same chart over and over again. Is there a way to save yourself some time and effort so that you don't have to keep re-creating the custom chart?
• Solution Yes. After using the Chart Options dialog box to configure the performance chart to show the desired counters, use the Save Chart Settings button to save these settings for future use. The next time you need to access these same settings, they will be available from the Switch To drop-down list on the Advanced view of the Performance tab.

• Master It Explain how to run esxtop from the shell of an ESXi host.
• Solution On the ESXi shell, Enter the command vm-support -p -i 10 -d 180. This creates a resxtop snapshot, capturing data every 10 seconds, for the duration of 180 seconds.

• Master It A junior vSphere administrator is trying to resolve a performance problem with a VM. You've asked this administrator to see if it is a CPU problem, and the junior administrator keeps telling you that the VM needs more CPU capacity because the CPU utilization is high within the VM. Is the junior administrator correct, based on the information available to you?
• Solution Based on the available information, not necessarily. A VM may be using all of the cycles being given to it, but because the overall ESXi host is CPU constrained, the VM isn’t getting enough cycles to perform acceptably. In this case, adding CPU capacity to the VM wouldn’t necessarily fix the problem. If the host is indeed constrained, migrating VMs to other hosts or changing the shares or the CPU limits for the VMs on this host may help alleviate the problem.

• Master It Explore these and additional options for vSphere automation tools by VMware and third-party providers that leverage the vSphere Automation SDKs.
• Solution For SDK and API examples, browse: https://code.vmware.com.

• Master It Practice installing PowerShell and VMware PowerCLI on each platform. From each OS, grow your scripting to more complex scenarios to make common, repetitive, and often error-prone tasks a breeze. Use Microsoft Visual Code with an integrated shell and plug-ins for a common development interface.
• Solution PowerCLI 10 introduced multi-platform support by adding macOS and Linux support with PowerShell Core after the Microsoft PowerShell Team open-sourced the PowerShell base code with the release of PowerShell 6.0. PowerShell and PowerCLI can now run on Windows, macOS, and Linux.

• Master It If you are familiar with other scripting languages, what would be the biggest hurdle in learning to use PowerShell and PowerCLI, other than syntax?
• Solution Everything in PowerShell and PowerCLI is object based. Thus, when a command outputs results, those results are objects. This means you have to be careful to properly match object types between the output of one command and the input of the next command.