Introduction to Abiquo and VMware vCenter

This document refers to VMware hypervisors in private cloud datacenters.

For vCloud Director, see VMware vCloud Director integration.

Abiquo can manage VMware hosts at different levels as:

vCenter server hosts
vCenter clusters

Abiquo can also work with NSX-T to create network configurations such as firewalls, load balancers, and NAT.

Supported versions

Abiquo has been tested with the following latest versions:

Product	Version	Build number	Notes and Known issues
vSphere Client	7.0.1	17004997	vSphere 7 does not support VNC, so you must configure WebMKS remote access WebMKS remote access requires vCenter, so VM remote access will not be available for VMs on ESXi hosts without vCenter
ESXi	7.0.1	16850804
NSX-T	3.1.0		Abiquo 5.4.0+
NSX-V	6.4.6	14819921
NSX NAT	6.4.6	14819921	13252 - Cannot create a firewall on version prior to Abiquo 5.0

ESXi 6.x versions prior to 6.7 are supported by Abiquo.

ESXi 5.x versions are NOT supported in Abiquo 5.1.2 and higher versions.

vCenter clusters as hosts

The platform represents the VMware cluster as a physical machine/hypervisor host, and Abiquo does not track the host entities in vCenter. For more details, see Add VMware vCenter clusters as servers

Advantages of vCenter clusters as hosts:

Uses VMware cluster scheduling: when users deploy VMs, the platform will allocate them to VMware clusters instead of directly to ESXi servers.
VMs within the same cluster are considered to be on the same host.

When you add vCenters to Abiquo:

For vCenter hosts, all hosts must belong to a cluster
Add all the hosts in the same cluster to the same Abiquo datacenter
Abiquo recommends that you use hostnames or IP addresses to discover vCenter hosts, but do not mix hostnames and IP addresses.

ESXi host configurations

These configurations affect ESXi hosts and apply to vCenter hosts and vCenter clusters.

Host networking

On the ESXi host, the vNICs must be attached to a vSwitch. For vCenter clusters, you must use a DVS.

Abiquo will automatically create a port group for the host. If your host has already been configured with another vSwitch, you may need to delete the port group before adding the host in Abiquo

Host datastores

Abiquo supports the following datastore types: VMFS and NFS.

It does not support VSAN
You can use any datastore storage protocol, e.g. iSCSI, NFS, FC, FCoE, or direct attached.

Datastore checks

In Abiquo 5.2+ as part of the infrastructure check, Abiquo will check datastores. It may automatically disable datastores and later re-enable them.

To ensure that it can deploy VMs, Abiquo checks datastores on ESXi hypervisors with the following conditions:

datastore is accessible
datastore is mounted as read/write on all hosts in the cluster or the current host for single host mode
datastore is not in maintenance mode

Abiquo may automatically disable datastores:

If you enabled a datastore but it fails the datastore check, then Abiquo will automatically disable it. If it passes a future check, then Abiquo will automatically enable it again.
If you disabled a datastore and it fails the datastore check, Abiquo will ignore it!

To create, update, and delete datastores, refresh the datastores on the host. You can only delete a datastore if it is empty and not attached to the host. To refresh datastores in Abiquo, edit the host, go to the Datastores page, and click the round arrow refresh button.

Shared datastores or local datastores

For vCenter clusters, you should use shared datastores. This will ensure VMs can be moved within the cluster where all hosts can access all datastores.

When you use a shared datastore, the platform creates a different datastore on each physical machine using the datastore. This means that a shared datastore can be enabled on one host and disabled on another, either as a result of user configuration or an issue (e.g. an NFS communication error on one host).

If you need to work with local datastores, to ensure that VMs can always find a valid local datastore, design a tier with the local datastores of only a specific host, in addition to any shared datastores. Note that you should not create a tier containing local datastores from different hosts.

Troubleshooting datastores

For troubleshooting notes about datastores, see Troubleshoot when you add VMware servers.

Ignore datastores by name

To ignore some datastores:

On the Remote Services server in the abiquo.properties file, set the datastore.ignorebyname property to a Java regular expression string to match the name of the datastores to ignore.
For example, to add an ESXi host or cluster with multiple datastores and ignore two datastores called Backup_1 and Backup_2, set the property as follows.
```
com.abiquo.esxi.discovery.datastore.ignorebyname=Backup_.*
```

Abiquo will not check anything to do with these datastores and the datastores will not be available in the platform.

You can also use this property to ignore datastores that are already in the platform. After you restart the Remote Services server, the platform will detect that the datastores are not present on the hypervisor, but you can still use them outside of the platform.

VM disk configurations

This section describes how the platform manages VM disks (on datastores) and volumes (on external storage).

If you are using external storage volumes via NFS, set the RDM property. See Abiquo Configuration Properties#esxi

Provisioning of VM disks

When an administrator creates or edits a VM template disk, they can set the Allocation type for the disk. And a user with the privilege to Manage allocation when attaching a disk can select the Allocation type for disks before they deploy the VM. If no allocation type is selected, the default is thin provisioning. Note that disks of captured VMs may use thick provisioning.

VM Disk Controllers

The default controllers for ESXi are:

IDE drivers for non-persistent primary disks because they are compatible with almost all operating systems and hypervisors.
SCSI drivers for persistent disks (persistent primary disks and data volumes) for performance reasons.

Abiquo also supports SATA controllers.

SCSI controllers for VM volumes

Abiquo requires iSCSI adapters on ESXi. You should check that the appropriate iSCSI adapters were enabled as part of the ESXi installation process. Abiquo recommends that you install the drivers for the appropriate SCSI controllers when preparing VM templates that will be uploaded to the Abiquo platform.

The supported disk controllers are listed in the following table. If there is no menu for controller selection, users can enter the values in the ResourceSubType value column.

ResourceSubType value	diskController saved in template and created on VMware
contains "bus"	VirtualBusLogicController
contains "paravirtual"	ParaVirtualSCSIController
contains "sas"	VirtualLsiLogicSASController
other (default value)	VirtualLsiLogicController

The priority for the selection of the controllers is:

User selection

The default configuration set by the administrator in the abiquo.properties file

# Default VirtualSCSIController implementation when diskController is not 
# specified. Range [lsilogic, paravirtual, bus, sas]
#abiquo.esxi.scsicontroller=lsilogic

LSI Logic Parallel SCSI controller

Notes:

If the user does not set the controller before deployment, Abiquo attaches SCSI disks to the default controller
Users can set multiple controllers but only ONE of each type (e.g. you cannot set two LSI Logic controllers)
Users can change the controller type after it is set

SATA controllers for VM disks

The configuration of SATA controllers is described at: Configure SATA for VMware hypervisors

This includes details of:

How to make SATA ISOs the default for cloud-init
How to make SATA the default controller for ISO
How to disable SATA controllers
Limitations and notes about SATA support.

Make SATA the default controller

To make SATA the default controller:

Edit the abiquo.properties file on the Remote Services server
Set the pluginmetadata disk controller properties for VMware
```
abiquo.pluginmetadata.{hypervisor_type}.diskControllers=SATA,SCSI,IDE
```
For each hypervisor type to configure, set the property value, replacing hypervisor_type in the property key with one of the following codes:
1. "esx" for ESXi hosts
2. "vmx_04" for vCenter
3. "vcenter_cluster" for vCenter clusters
Restart the Tomcat server

To move a VM from an IDE controller to a SATA controller, you must first power off the VM.

Resize VM disks on ESXi

To resize disks of VMs running on ESXi using Abiquo:

The disks must be:
- SCSI disks on SCSI controller or SATA disks on SATA controllers
- Thin provisioned disks
and the VM must not have any VMware snapshots.

Also note that:

You cannot modify disk size and position at the same time.
You cannot resize the primary disk of a VM that is not allocated (not deployed)

See VMware knowledge base article

Advanced VM configuration

See Advanced configuration of VMs on ESXi

Capture VMs

To prepare and onboard existing VMs into the platform, see How to import and capture VMs.

The page also describes how to configure Abiquo to onboard VMs with volumes on external storage

Remote access to VMs

The platform supports remote access through VNC and WebMKS.

WebMKS remote access with a WebMKS proxy
- Install WebMKS proxy
- Optionally brand WebMKS. See Branding WMKS
- Configure WebMKS with system properties. See Configure WebMKS for vCenter
  OR if you are already using VNC, to change to WebMKS, see Enable WebMKS for vCenter

VNC remote access through Guacamole
- Default configuration for VMs deployed in Abiquo (until 5.2) and for VMs created in the hypervisor before vSphere 6.5
- Not available in vSphere 7.x
- For configurations of vCenter hosts and vCenter cluster, see Detect vCenter management IPs
- Abiquo can capture VNC configuration, see Import and Capture Virtual Machines
- Limitation: you cannot change the password with hot-reconfigure; you must reboot to update the VNC password for the VM

Configure VMware specific properties

Log in to the Abiquo Remote Services server (or for a Monolithic installation, log in to the Abiquo Server) and set the appropriate properties for your system to appropriate values in the /opt/abiquo/config/abiquo.properties file:

abiquo.esxi.datastoreRdm
abiquo.esxi.datastoreVmFile
abiquo.esxi.scsicontroller

abiquo.pluginmetadata.{hypervisor_type}.diskControllers

com.abiquo.virtualfactory.esxi.timeoutConnectionMs
com.abiquo.virtualfactory.esxi.timeoutReadMs

abiquo.dvs.portgroup.loadsharingmechanism
abiquo.dvs.portgroup.maxsize

abiquo.vcenter.port.connection

abiquo.esxi.forcehardwareversion

NSX-V connection to vCenter

For vCenter hosts, to use NSX-V when it will connect to vCenter, Abiquo will require valid administration credentials and the port if you are not using the default of TCP 443.

Configure the port in the /opt/abiquo/config/abiquo.properties file on the Remote Services servers:

abiquo.vcenter.port.connection = <Port No.>

Configure the firewall to allow access from the Remote Services server to the appropriate port.

Notes: Check VMware password character restrictions

Configure VNC remote access

This section applies to versions of VMware before vSphere 7.x, which does not support VNC remote access.

Click here to show/hide the VNC configuration

For vCenter hosts and vCenter clusters, see Detect vCenter management IPs.

Define the range of VNC ports for Abiquo, so that it will allocate available ports. Define these ports with Abiquo Configuration Properties#vncport properties.

Log in to the Abiquo Server and add these properties to the abiquo.properties file:

abiquo.vncport.min
abiquo.vncport.max

Log in to the Remote Services server and optionally add this property to the abiquo.properties file:

RemoteDisplay.vnc.keyMap

For the VNC connection to VMs through the eye icon (or console icon), add a custom firewall rule to define the ports that will be available to users, which should be the same as the ports configured with vncport properties.

You cannot add a VNC firewall rule through the VMware console. Follow the steps below to add the firewall rule with the CLI (using SSH).

The following example shows how to add a custom firewall rule under ESXi 5 for ports 5900 to 5964.
(Credit vInfrastructure Blog)

1. Log in to the CLI for the ESXi as root user
2. Create the XML file

~ # vi /etc/vmware/firewall/Abiquo-vnc.xml

3. Add these lines (copy/paste) to the VI and save the file.

<!-- Firewall Rule for Abiquo VNC Console -->
<ConfigRoot>
 <service>         
  <id>Abiquo-VNC</id>   
  <rule id = '0000'>
    <direction>inbound</direction>
    <protocol>tcp</protocol>  
    <porttype>dst</porttype>    
    <port>      
      <begin>5900</begin>       
      <end>5964</end>          
    </port>              
  </rule>                 
  <rule id = '0001'>                       
   <direction>outbound</direction>  
   <protocol>tcp</protocol>      
   <porttype>dst</porttype>           
   <port>               
     <begin>5900</begin>                   
     <end>5964</end>                         
    </port>                                
  </rule>                                    
  <enabled>true</enabled>
  </service>             
</ConfigRoot>

4. Refresh the rules and check it has been added;

~ # esxcli network firewall refresh
~ # esxcli network firewall ruleset list | grep Abiquo-VNC

Abiquo-VNC                    true

5. Optional step - Add a specific IP address to the rule for added security;

Set the status of the allowedAll flag to false

/etc/vmware/firewall # esxcli network firewall ruleset set --ruleset-id Abiquo-VNC --allowed-all false

Add the list of allowed IP addresses

/etc/vmware/firewall # esxcli network firewall ruleset allowedip add --ruleset-id Abiquo-VNC --ip-address 10.81.2.20/24

Features

This page describes the VMware ESXi features supported by Abiquo. You can manage VMware technology at the following levels: vCenter, ESXi, vCloud Director.

ESXI feature support

Multiple SCSI controllers
Change of SCSI controller after configuration
Property to specify downgrade of hardwareVersion for new virtual machines
UEFI or BIOS boot
Hot-add and hot-reconfigure options set in template and available in the Abiquo UI
Deploy of VMDK_STREAM_OPTIMIZED disks.
Support in VM template for latest GuestOsIdentifier from vSphere. See Modify a VM Template#Operating system and OS version
Detect all HostProxySwitch as DVS without requiring a naming convention
Deprecated abiquo.dvs.enabled property

Feature	Description
vCenter Server	Add vCenter as a master hypervisor with the appropriate credentials, and then add individual hypervisors or clusters as hosts
dvSwitch	Abiquo will use the vCenter credentials. User must have access to vCenter
High Availability	Abiquo supports vSphere HA
Fault Tolerance	Abiquo does not support fault tolerance because it requires two VMs with the same name to be present in a cluster at the same time.
Replication	Abiquo supports replication with Zerto. Replicated VMs must be a in a separate cluster.
Clusters	For vCenter hosts, the platform automatically detects clusters and displays them on the racks with the physical machines. Compute load level rules can also be set at the Cluster level For vCenter clusters as hosts, set the compute load level rules at the Server level
VM Live Migration	For vCenter clusters as hosts, after VM moves, the VM is still effectively on the same host, so Abiquo does not need to control the results of live migrations Abiquo supports vMotion of VMs, including those between hosts with different versions of ESXi. Abiquo supports vMotion between machines with different network service types if they are connected to a dvSwitch
Storage Live Migration	Abiquo detects storage vMotion on all datastores
Templates	VMDK fixed ( default format) VMDK sparse VMDK stream optimized (deployed directly)
DVD	The DVD feature was replaced by the ISO feature but CD-ROM configurations may be supported on imported VMs with IDE and SATA controllers
Remote Access	VNC using Guacamole. WebMKS - configure the WebMKS proxy, and set the abiquo.property to enable WebMKS. WebMKS will always be available. See Remote access documentation After you configure WebMKS, you can enable it by removing VNC configuration (in the UI, Edit VM and disable VM remote access)
Network Drivers	E1000 PCNet32 VMXNET3
Boot	BIOS UEFI with supported guest operating system and firmware, for virtual hardware versions 13 or later. The user can mark supported templates
CPU hot-add RAM hot-add	With supported guest operating system. The user can mark supported templates and perform hot-add
Disks hot-reconfigure NICs hot-reconfigure Remote Access hot-reconfigure	With supported guest operating system. The user can mark supported templates and perform hot-reconfigure
SDN using NSX	Abiquo supports SDN using NSX with gateway, ECMP, and NAT configurations. See Configure the NSX integration

Storage features

Feature	Description
Datastores	VMFS NFS
Disk Controllers	Abiquo recommends that you configure disks to use SCSI controllers In the Abiquo UI and API, you can configure controller type and controller for VM templates and VMs By default the primary system disk will be mounted on an IDE controller By default the auxiliary hard disks on the ESXi datastore are mounted on an IDE controller Abiquo can also detect the SCSI controller from the OVF file On VMware hypervisors Abiquo supports more than one type of SCSI controller Abiquo supports SATA controllers, see Configure SATA for VMware hypervisors Override default and allowed controllers with Abiquo Configuration Properties#pluginmetadata
SCSI Controllers	Default value: VirtualLsiLogicController Configure with one of the valid controllers in abiquo.properties (See Abiquo Configuration Properties#esxi) OR with appropriate privileges, user can select from pull-down list or enter text containing one of the following values: "paravirtual": ParaVirtualSCSIController "bus": VirtualBusLogicController "sas": VirtualLsiLogicSASController If no controller is supplied at deploy time, and no default controller is set in properties, the platform will use its default lsilogic controller Abiquo allows you to set more than one type of SCSI controller Abiquo allows you to change the SCSI controller before or after you deploy the VM
System disks	By default, for VMs deployed on ESX/ESXi hypervisors: If disks are deployed from VMDK Sparse templates, they will be in Sparse format If disks are deployed from VMDK templates or conversions from formats other than VMDK Sparse, they will be in flat/fixed formats with thin provisioning enabled
Persistent Virtual Machines	By default persistent VM disks are mounted on IDE controllers Abiquo recommends that you configure disks to use SCSI controllers In the Abiquo UI and API, you can configure controller type and controller for VM templates and VMs. See Modify a VM Template Abiquo can also detect the SCSI controller from the OVF file. See Extended OVF Support and Template Definition If using only persistent disks, set an esxi property to supply a datastore for VM definitions (datastoreVmFile)
Disk Resize	System disk resize Hard disk resize Disks must be: thin provisioned SCSI or SATA disks the VM must not have VMware snapshots
Storage Live Migration	Abiquo detects storage vMotion on all datastores