Datrium DVX and CVE-2017-5753, CVE-2017-5715 (Spectre), CVE-2017-5754 (Meltdown)

Given the current concerns regarding the latest security flaws regarding Intel and AMD processors Datrium thought it would be a good look to see if there were any issues they needed to address. The short answer is no, the software and the DataNode are unaffected and normal VMware or 3rd party server hardware patching would need to be done, however no DVX patches are needed.

Datrium DVX and CVE-2017-5753, CVE-2017-5715 (Spectre), CVE-2017-5754 (Meltdown)
Datrium has investigated impacts and mitigation options for Spectre, Meltdown, and related issues.
References
Summary
● Datrium DVX software is not directly affected and no action is required.
● Datrium Data Nodes are not affected and no action is required.
● 3rd party servers being used as Compute Nodes likely need to be patched with updated BIOS / firmware.
● Any Compute Nodes (Datrium or 3rd party) running ESXi should be patched with VMware fixes.
● Guest OS instances will likely need to be patched.
3rd Party Compute Nodes
3rd party servers that are being used in a DVX system should be updated based on recommendations from the server vendor. Please contact the server vendor directly for details.
VMware Patches
All Compute Nodes (both Datrium and 3rd Party) in any DVX that are running ESXi should update to the appropriate patches from VMware. For more information, please see the following link:
Guest OS
It is very likely that all guest OS instances running in DVX will need to be patched. Please contact the OS vendor directly for details and recommendations.
Performance Impacts
At this time we are unaware of any significant impact on performance from BIOS and VMware patches. However, based on reported behavior of the various fixes from VMware and server vendors, it is possible that some workloads will exhibit some non-trivial changes in performance related to guest OS patches and updates. We recommend that you work closely with your guest OS vendors to ensure performance concerns are addressed.
Advertisements

Manually adding hosts to Datrium DVX without the vCenter plugin.

I will be doing a full writeup later on my experience with Datrium DVX, but I wanted to make sure that I got this out before I forgot.

DVX 1.1.x does not support VMware 6.0 U3. I found this out of course AFTER I updated my vCenter appliance and the DVX plugin kept erroring and crashing. I needed to add 3 new hosts to my DVX cluster so that we could expand from our POC to our prod environment, but didn’t want to downgrade vCenter. Datrium has an excellent stand alone management console, but the one thing that console can’t do is add new hosts, so how do we do this?

BEFORE WE CONTINUE I HAVE SOME DISCLAIMERS!

  1. This is not the process to add disks to your existing Datrium array. If you already have an array and want to use the dacli to add disks, we will cover that later.
  2. This is NOT a best practice. This is an emergency procedure.
  3. Datrium support is awesome. Just call them and have them work through this with you.

Now that we have that out of the way, if you still want to be self sufficient, and do this on your own here are your steps.

  1. SSH to your ESX host you would like to add to your DVX cluster.
  2. install the DVX vib on that host.
esxcli software vib install -d http://datrium.mgmt.float.ip/static/esxVibHEAD/index.xml --no-sig-check
  1. Set source to /etc/profile
source /etc/profile
  1. Exit and re-enter the SSH session using the “exit” command.
  2. Enter the dacli
da
  1. Run dacli to select all SSDs for use. This will warn you that it will scan all drives in the system, and wipe all SSDs. This is true, however it will ignore any SSDs with the VMware OS partitions on them. So if your host is running ESXi on an SSD, you are safe. Press Y when prompted.
dacli SSD select-all

6a. If no SSDs are found, you will need to wipe the SSD and rebuild them as GPT disks. I had this issue with my Samsung PM863a 960GB drives. I did not have this issue with my Intel DC P3608 4TB AIC. For each disk you wish to add run the following command.

partedUtil setptbl /vmfs/devices/disks/yourdiskidhere gpt

Then once complete you will be able to run dacli SSD select-all

  1. Premount the NFS target
premount datrium.data.float.ip
  1. In VMware vCenter Web Client find the Datrium NFS datastore, select actions, mount to new host, then select your new host you just added.

Screen Shot 2017-04-04 at 12.18.31 PM

Screen Shot 2017-04-04 at 12.18.41 PM

Screen Shot 2017-04-04 at 12.18.55 PM

We mount this way because if you use esxcfg-nas to mount the store, it will duplicate, and you will not be able to live migrate VMs between hosts.

Not too terribly difficult, however, this is a last ditch 4am it’s gotta be up in 2 hours resolution type thing and NOT by any means how you should be adding hosts to your cluster.